The advent of quantum computing poses a significant challenge to traditional cryptographic protocols,particularly those used in SecureMultiparty Computation(MPC),a fundamental cryptographic primitive for privacypreser...The advent of quantum computing poses a significant challenge to traditional cryptographic protocols,particularly those used in SecureMultiparty Computation(MPC),a fundamental cryptographic primitive for privacypreserving computation.Classical MPC relies on cryptographic techniques such as homomorphic encryption,secret sharing,and oblivious transfer,which may become vulnerable in the post-quantum era due to the computational power of quantum adversaries.This study presents a review of 140 peer-reviewed articles published between 2000 and 2025 that used different databases like MDPI,IEEE Explore,Springer,and Elsevier,examining the applications,types,and security issues with the solution of Quantum computing in different fields.This review explores the impact of quantum computing on MPC security,assesses emerging quantum-resistant MPC protocols,and examines hybrid classicalquantum approaches aimed at mitigating quantum threats.We analyze the role of Quantum Key Distribution(QKD),post-quantum cryptography(PQC),and quantum homomorphic encryption in securing multiparty computations.Additionally,we discuss the challenges of scalability,computational efficiency,and practical deployment of quantumsecure MPC frameworks in real-world applications such as privacy-preserving AI,secure blockchain transactions,and confidential data analysis.This review provides insights into the future research directions and open challenges in ensuring secure,scalable,and quantum-resistant multiparty computation.展开更多
Owing to the development of communication technologies and control systems,the integration of numerous Internet of Things(IoT)nodes into the power grid has become increasingly prevalent.These nodes are deployed to gat...Owing to the development of communication technologies and control systems,the integration of numerous Internet of Things(IoT)nodes into the power grid has become increasingly prevalent.These nodes are deployed to gather operational data from various distributed energy sources and monitor real-time energy consumption,thereby transforming the traditional power grid into a smart grid(SG).However,the openness of wireless communication channels introduces vulnerabilities,as it allows potential eavesdroppers to intercept sensitive information.This poses threats to the secure and efficient operation of the IoT-driven smart grid.To address these challenges,we propose a novel scenario that incorporates an Unmanned Aerial Vehicle(UAV)as a relay gateway for multiple authorized smart meters.This scenario is further enhanced by the integration of Reconfigurable Intelligent Surface(RIS)technology,which dynamically adjusts the direction of information transmission.Our objective is to maximize the secure rate within this UAV-RIS-aided system with multiple authorized smart meters and an eavesdropper based on physical layer security(PLS)techniques.We formulate the problem of secure rate maximization by jointly optimizing the active beamforming of the UAV,the passive beamforming of the RIS,and the UAV’s trajectory.To solve this complex optimization problem,we introduce the Twin Soft Actor-Critic(TSAC)algorithm.This algorithm employs a dual-agent framework,where Agent 1 focuses on optimizing the beamforming for both the UAV and the RIS,while Agent 2 concurrently searches for the optimal trajectory of the UAV.Simulation results demonstrate the TSAC algorithm significantly enhances the secure rate of the system,achieving faster convergence and higher rewards under the worst communication conditions.The TSAC algorithm consistently outperforms the Twin Deep Deterministic Policy Gradient(TDDPG)and Twin Delayed Deep Deterministic Policy Gradient(TTD3)algorithms.Furthermore,the TSAC algorithm exhibits robust performance when the distribution of smart meters follows a Gaussian distribution,further validating its practical applicability and effectiveness in real-world scenarios.展开更多
The increased connectivity and reliance on digital technologies have exposed smart transportation systems to various cyber threats,making intrusion detection a critical aspect of ensuring their secure operation.Tradit...The increased connectivity and reliance on digital technologies have exposed smart transportation systems to various cyber threats,making intrusion detection a critical aspect of ensuring their secure operation.Traditional intrusion detection systems have limitations in terms of centralized architecture,lack of transparency,and vulnerability to single points of failure.This is where the integration of blockchain technology with signature-based intrusion detection can provide a robust and decentralized solution for securing smart transportation systems.This study tackles the issue of database manipulation attacks in smart transportation networks by proposing a signaturebased intrusion detection system.The introduced signature facilitates accurate detection and systematic classification of attacks,enabling categorization according to their severity levels within the transportation infrastructure.Through comparative analysis,the research demonstrates that the blockchain-based IDS outperforms traditional approaches in terms of security,resilience,and data integrity.展开更多
Although Named Entity Recognition(NER)in cybersecurity has historically concentrated on threat intelligence,vital security data can be found in a variety of sources,such as open-source intelligence and unprocessed too...Although Named Entity Recognition(NER)in cybersecurity has historically concentrated on threat intelligence,vital security data can be found in a variety of sources,such as open-source intelligence and unprocessed tool outputs.When dealing with technical language,the coexistence of structured and unstructured data poses serious issues for traditional BERT-based techniques.We introduce a three-phase approach for improved NER inmulti-source cybersecurity data that makes use of large language models(LLMs).To ensure thorough entity coverage,our method starts with an identification module that uses dynamic prompting techniques.To lessen hallucinations,the extraction module uses confidence-based self-assessment and cross-checking using regex validation.The tagging module links to knowledge bases for contextual validation and uses SecureBERT in conjunction with conditional random fields to detect entity boundaries precisely.Our framework creates efficient natural language segments by utilizing decoderbased LLMs with 10B parameters.When compared to baseline SecureBERT implementations,evaluation across four cybersecurity data sources shows notable gains,with a 9.4%–25.21%greater recall and a 6.38%–17.3%better F1-score.Our refined model matches larger models and achieves 2.6%–4.9%better F1-score for technical phrase recognition than the state-of-the-art alternatives Claude 3.5 Sonnet,Llama3-8B,and Mixtral-7B.The three-stage architecture identification-extraction-tagging pipeline tackles important cybersecurity NER issues.Through effective architectures,these developments preserve deployability while setting a new standard for entity extraction in challenging security scenarios.The findings show how specific enhancements in hybrid recognition,validation procedures,and prompt engineering raise NER performance above monolithic LLM approaches in cybersecurity applications,especially for technical entity extraction fromheterogeneous sourceswhere conventional techniques fall short.Because of itsmodular nature,the framework can be upgraded at the component level as new methods are developed.展开更多
Practical applications of smart cities and the Internet of Things(IoT)have multiplied,posing many difficulties in network performance,dependability,and security.Concerns of accessibility,reliability,sustainability,and...Practical applications of smart cities and the Internet of Things(IoT)have multiplied,posing many difficulties in network performance,dependability,and security.Concerns of accessibility,reliability,sustainability,and security too have arisen correspondingly because of the decentralized character of the smart city and IoT systems.Fog computing offers a foundation for various applications,including cognitive support,health and social services,intelligent transportation systems,and pervasive computing and communications.Fog computing can help enhance these apps'productivity and lower the end-to-end delay experienced by such time-sensitive applications.In this research,we propose a reliable and secure service delivery strategy at the network edge for smart cities.To improve the availability and dependability,along with the security of smart city applications,the approach employs a combined method uniting distributed fog servers in addition to mist servers with the help of an intrusion detection system.Simulation findings suggest a reduction of 40.3%in the delay incurred by each service request for highly dense areas and 60.6%for moderately dense environments.Furthermore,the system has low false-negative rates and high detection and accuracy rates,decreasing service requests 2%.展开更多
Elliptic curve(EC)based cryptosystems gained more attention due to enhanced security than the existing public key cryptosystems.A substitution box(S-box)plays a vital role in securing modern symmetric key cryptosystem...Elliptic curve(EC)based cryptosystems gained more attention due to enhanced security than the existing public key cryptosystems.A substitution box(S-box)plays a vital role in securing modern symmetric key cryptosystems.However,the recently developed EC based algorithms usually trade off between computational efficiency and security,necessitating the design of a new algorithm with the desired cryptographic strength.To address these shortcomings,this paper proposes a new scheme based onMordell elliptic curve(MEC)over the complex field for generating distinct,dynamic,and highly uncorrelated S-boxes.Furthermore,we count the exact number of the obtained S-boxes,and demonstrate that the permuted version of the presented S-box is statistically optimal.The nonsingularity of the presented algorithm and the injectivity of the resultant output are explored.Rigorous theoretical analysis and experimental results demonstrate that the proposedmethod is highly effective in generating a large number of dynamic S-boxes with adequate cryptographic properties,surpassing current state-of-the-art S-box generation algorithms in terms of security.Apart fromthis,the generated S-box is benchmarked using side-channel attacks,and its performance is compared with highly nonlinear S-boxes,demonstrating comparable results.In addition,we present an application of our proposed S-box generator by incorporating it into an image encryption technique.The encrypted and decrypted images are tested by employing extensive standard security metrics,including the Number of Pixel Change Rate,the Unified Average Changing Intensity,information entropy,correlation coefficient,and histogram analysis.Moreover,the analysis is extended beyond conventional metrics to validate the new method using advanced tests,such as the NIST statistical test suite,robustness analysis,and noise and cropping attacks.Experimental outcomes show that the presented algorithm strengthens the existing encryption scheme against various well-known cryptographic attacks.展开更多
Cognitive unmanned aerial vehicle(UAV)is promising to tackle the spectrum scarcity problem faced by UAV communications.However,the secure information transmission is challenging due to the open nature of the spectrum ...Cognitive unmanned aerial vehicle(UAV)is promising to tackle the spectrum scarcity problem faced by UAV communications.However,the secure information transmission is challenging due to the open nature of the spectrum sharing.In order to tackle this issue,a cognitive UAV network with cooperative jamming is studied in this paper.A robust resource allocation and trajectory joint optimization problem is formulated by considering the practical case that the channel state information(CSI)cannot be accurately obtained.An iterative algorithm is proposed to address this challenging non-convex problem.Simulation results demonstrate that the worst case robust resource allocation design can realize the secure communications even under the imperfect CSI.Moreover,compared with other benchmark schemes,the proposed scheme can achieve secure performance improvement.展开更多
The growing developments in 5G and 6G wireless communications have revolutionized communications technologies,providing faster speeds with reduced latency and improved connectivity to users.However,it raises significa...The growing developments in 5G and 6G wireless communications have revolutionized communications technologies,providing faster speeds with reduced latency and improved connectivity to users.However,it raises significant security challenges,including impersonation threats,data manipulation,distributed denial of service(DDoS)attacks,and privacy breaches.Traditional security measures are inadequate due to the decentralized and dynamic nature of next-generation networks.This survey provides a comprehensive review of how Federated Learning(FL),Blockchain,and Digital Twin(DT)technologies can collectively enhance the security of 5G and 6G systems.Blockchain offers decentralized,immutable,and transparent mechanisms for securing network transactions,while FL enables privacy-preserving collaborative learning without sharing raw data.Digital Twins create virtual replicas of network components,enabling real-time monitoring,anomaly detection,and predictive threat analysis.The survey examines major security issues in emerging wireless architectures and analyzes recent advancements that integrate FL,Blockchain,and DT to mitigate these threats.Additionally,it presents practical use cases,synthesizes key lessons learned,and identifies ongoing research challenges.Finally,the survey outlines future research directions to support the development of scalable,intelligent,and robust security frameworks for next-generation wireless networks.展开更多
Federated Learning(FL)enables joint training over distributed devices without data exchange but is highly vulnerable to attacks by adversaries in the form of model poisoning and malicious update injection.This work pr...Federated Learning(FL)enables joint training over distributed devices without data exchange but is highly vulnerable to attacks by adversaries in the form of model poisoning and malicious update injection.This work proposes Secured-FL,a blockchain-based defensive framework that combines smart contract-based authentication,clustering-driven outlier elimination,and dynamic threshold adjustment to defend against adversarial attacks.The framework was implemented on a private Ethereum network with a Proof-of-Authority consensus algorithm to ensure tamper-resistant and auditable model updates.Large-scale simulation on the Cyber Data dataset,under up to 50%malicious client settings,demonstrates Secured-FL achieves 6%-12%higher accuracy,9%-15%lower latency,and approximately 14%less computational expense compared to the PPSS benchmark framework.Additional tests,including confusion matrices,ROC and Precision-Recall curves,and ablation tests,confirm the interpretability and robustness of the defense.Tests for scalability also show consistent performance up to 500 clients,affirming appropriateness to reasonably large deployments.These results make Secured-FL a feasible,adversarially resilient FL paradigm with promising potential for application in smart cities,medicine,and other mission-critical IoT deployments.展开更多
ABSTRACT:Federated Learning(FL)enables collaborative medical model training without sharing sensitive patient data.However,existing FL systems face increasing security risks from post quantum adversaries and often inc...ABSTRACT:Federated Learning(FL)enables collaborative medical model training without sharing sensitive patient data.However,existing FL systems face increasing security risks from post quantum adversaries and often incur nonnegligible computational and communication overhead when encryption is applied.At the same time,training high performance AI models requires large volumes of high quality data,while medical data such as patient information,clinical records,and diagnostic reports are highly sensitive and subject to strict privacy regulations,including HIPAA and GDPR.Traditional centralized machine learning approaches therefore pose significant challenges for cross institutional collaboration in healthcare.To address these limitations,Federated Learning was introduced to allow multiple institutions to jointly train a global model while keeping local data private.Nevertheless,conventional cryptographicmechanisms,such as RSA,are increasingly inadequate for privacy sensitive FL deployments,particularly in the presence of emerging quantum computing threats.Homomorphic encryption,which enables computations to be performed directly on encrypted data,provides an effective solution for preserving data privacy in federated learning systems.This capability allows healthcare institutions to securely perform collaborative model training while remaining compliant with regulatory requirements.Among homomorphic encryption techniques,NTRU,a lattice based cryptographic scheme defined over polynomial rings,offers strong resistance against quantum attacks by relying on the hardness of the Shortest Vector Problem(SVP).Moreover,NTRU supports limited homomorphic operations that are sufficient for secure aggregation in federated learning.In this work,we propose an NTRU enhanced federated learning framework specifically designed for medical and healthcare applications.Experimental results demonstrate that the proposed approach achieves classification performance comparable to standard federated learning,with final accuracy consistently exceeding 0.93.The framework introduces predictable encryption latency on the order of hundreds of milliseconds per training round and a fixed ciphertext communication overhead per client under practical deployment settings.In addition,the proposed systemeffectivelymitigatesmultiple security threats,including quantum computing attacks,by ensuring robust encryption throughout the training process.By integrating the security and homomorphic properties of NTRU,this study establishes a privacy preserving and quantumresistant federated learning framework that supports the secure,legal,and efficient deployment of AI technologies in healthcare,thereby laying a solid foundation for future intelligent healthcare systems.展开更多
As healthcare systems increasingly embrace digitalization,effective management of electronic health records(EHRs)has emerged as a critical priority,particularly in inpatient settings where data sensitivity and realtim...As healthcare systems increasingly embrace digitalization,effective management of electronic health records(EHRs)has emerged as a critical priority,particularly in inpatient settings where data sensitivity and realtime access are paramount.Traditional EHR systems face significant challenges,including unauthorized access,data breaches,and inefficiencies in tracking follow-up appointments,which heighten the risk of misdiagnosis and medication errors.To address these issues,this research proposes a hybrid blockchain-based solution for securely managing EHRs,specifically designed as a framework for tracking inpatient follow-ups.By integrating QR codeenabled data access with a blockchain architecture,this innovative approach enhances privacy protection,data integrity,and auditing capabilities,while facilitating swift and real-time data retrieval.The architecture adheres to Role-Based Access Control(RBAC)principles and utilizes robust encryption techniques,including SHA-256 and AES-256-CBC,to secure sensitive information.A comprehensive threat model outlines trust boundaries and potential adversaries,complemented by a validated data transmission protocol.Experimental results demonstrate that the framework remains reliable in concurrent access scenarios,highlighting its efficiency and responsiveness in real-world applications.This study emphasizes the necessity for hybrid solutions in managing sensitive medical information and advocates for integrating blockchain technology and QR code innovations into contemporary healthcare systems.展开更多
In today’s rapidly evolving digital landscape,web application security has become paramount as organizations face increasingly sophisticated cyber threats.This work presents a comprehensive methodology for implementi...In today’s rapidly evolving digital landscape,web application security has become paramount as organizations face increasingly sophisticated cyber threats.This work presents a comprehensive methodology for implementing robust security measures in modern web applications and the proof of the Methodology applied to Vue.js,Spring Boot,and MySQL architecture.The proposed approach addresses critical security challenges through a multi-layered framework that encompasses essential security dimensions including multi-factor authentication,fine-grained authorization controls,sophisticated session management,data confidentiality and integrity protection,secure logging mechanisms,comprehensive error handling,high availability strategies,advanced input validation,and security headers implementation.Significant contributions are made to the field of web application security.First,a detailed catalogue of security requirements specifically tailored to protect web applications against contemporary threats,backed by rigorous analysis and industry best practices.Second,the methodology is validated through a carefully designed proof-of-concept implementation in a controlled environment,demonstrating the practical effectiveness of the security measures.The validation process employs cutting-edge static and dynamic analysis tools for comprehensive dependency validation and vulnerability detection,ensuring robust security coverage.The validation results confirm the prevention and avoidance of security vulnerabilities of the methodology.A key innovation of this work is the seamless integration of DevSecOps practices throughout the secure Software Development Life Cycle(SSDLC),creating a security-first mindset from initial design to deployment.By combining proactive secure coding practices with defensive security approaches,a framework is established that not only strengthens application security but also fosters a culture of security awareness within development teams.This hybrid approach ensures that security considerations are woven into every aspect of the development process,rather than being treated as an afterthought.展开更多
Industrial intelligence and secure interconnection serve as the foundational platform and critical information infrastructure for new industrialization,carrying significant strategic importance.They not only function ...Industrial intelligence and secure interconnection serve as the foundational platform and critical information infrastructure for new industrialization,carrying significant strategic importance.They not only function as the core engine driving the transformation and upgrading of the manufacturing sector and ensuring stable socioeconomic operation but are also vital to enhancing national technological competitiveness and safeguarding industrial security.展开更多
The secured access is studied in this paper for the network of the image remote sensing.Each sensor in this network encounters the information security when uploading information of the images wirelessly from the sens...The secured access is studied in this paper for the network of the image remote sensing.Each sensor in this network encounters the information security when uploading information of the images wirelessly from the sensor to the central collection point.In order to enhance the sensing quality for the remote uploading,the passive reflection surface technique is employed.If one eavesdropper that exists nearby this sensor is keeping on accessing the same networks,he may receive the same image from this sensor.Our goal in this paper is to improve the SNR of legitimate collection unit while cut down the SNR of the eavesdropper as much as possible by adaptively adjust the uploading power from this sensor to enhance the security of the remote sensing images.In order to achieve this goal,the secured energy efficiency performance is theoretically analyzed with respect to the number of the passive reflection elements by calculating the instantaneous performance over the channel fading coefficients.Based on this theoretical result,the secured access is formulated as a mathematical optimization problem by adjusting the sensor uploading power as the unknown variables with the objective of the energy efficiency maximization while satisfying any required maximum data rate of the eavesdropper sensor.Finally,the analytical expression is theoretically derived for the optimum uploading power.Numerical simulations verify the design approach.展开更多
Continuous-variable quantum secure direct communication(CVQSDC)with Gaussian modulation(GM)demands a considerable quantity of random numbers during the preparation process and encodes them separately on the quadrature...Continuous-variable quantum secure direct communication(CVQSDC)with Gaussian modulation(GM)demands a considerable quantity of random numbers during the preparation process and encodes them separately on the quadrature components of the quantum states.Hence,high-speed random number generators are required to satisfy this demand,which is difficult to implement in practical applications.CVQSDC with discrete modulation(DM),correspondingly,employs a finite number of quantum states to achieve encoding,which can circumvent the shortcomings of the GM scheme.Based on the advantages of DM,the issue of attaining the most optimal secrecy capacity and communication distance remains to be resolved.Here,we propose a CVQSDC protocol based on N-symbol amplitude phase shift keying(N-APSK),which exploits the Boltzmann-Maxwell distribution assisted probability shaping technique.In comparison with the uniform distribution,according to 32-APSK CVQSDC,the proposed scheme extends the communication distance by about 38%,while obtaining a higher secrecy capacity at the same communication distance.Furthermore,increasing the value of N will concurrently increase the quantity of rings in the constellation,thereby facilitating enhancements of communication distance.This work incorporates the modulation approaches prevalently employed in classical communication into the realm of quantum communication,attaining gratifying advancements in communication distance and secrecy capacity,and concurrently facilitating the integrated development of quantum communication and classical communication.展开更多
Unmanned Aerial Vehicle(UAV)-aided communication holds great potential to enhance the transmission performance.However,the information security remains a fundamental requirement due to the high possibilities of line-o...Unmanned Aerial Vehicle(UAV)-aided communication holds great potential to enhance the transmission performance.However,the information security remains a fundamental requirement due to the high possibilities of line-of-sight links and the broadcast nature.展开更多
The dynamics of chaotic memristor-based systems offer promising potential for secure communication.However,existing solutions frequently suffer from drawbacks such as slow synchronization,low key diversity,and poor no...The dynamics of chaotic memristor-based systems offer promising potential for secure communication.However,existing solutions frequently suffer from drawbacks such as slow synchronization,low key diversity,and poor noise resistance.To overcome these issues,a novel fractional-order chaotic system incorporating a memristor emulator derived from the Shinriki oscillator is proposed.The main contribution lies in the enhanced dynamic complexity and flexibility of the proposed architecture,making it suitable for cryptographic applications.Furthermore,the feasibility of synchronization to ensure secure data transmission is demonstrated through the validation of two strategies:an active control method ensuring asymptotic convergence,and a finite-time control method enabling faster stabilization.The robustness of the scheme is confirmed by simulation results on a color image:χ^(2)=253/237/267(R/G/B);entropy≈7.993;correlations between adjacent pixels in all directions are close to zero(e.g.,-0.0318 vertically);and high number of pixel change rate and unified average changing intensity(e.g.,33.40%and 99.61%,respectively).Peak signal-to-noise ratio analysis shows that resilience to noise and external disturbances is maintained.It is shown that multiple fractional orders further enrich the chaotic behavior,increasing the systems suitability for secure communication in embedded environments.These findings highlight the relevance of fractional-order chaotic memristive systems for lightweight secure transmission applications.展开更多
Applying non-orthogonal multiple access(NOMA)to the mobile edge computing(MEC)network supported by unmanned aerial vehicles(UAVs)can improve spectral efficiency and achieve massive user access on the basis of solving ...Applying non-orthogonal multiple access(NOMA)to the mobile edge computing(MEC)network supported by unmanned aerial vehicles(UAVs)can improve spectral efficiency and achieve massive user access on the basis of solving computing resource constraints and coverage problems.However,the UAV-enabled network has a serious risk of information leakage on account of the openness of wireless channel.This paper considers a UAV-MEC secure network based on NOMA technology,which aims to minimize the UAV energy consumption.To achieve the purpose while meeting the security and users’latency requirements,we formulate an optimization problem that jointly optimizes the UAV trajectory and the allocation of network resources.Given that the original problem is non-convex and multivariate coupled,we proposed an effective algorithm to decouple the nonconvex problem into independent user relation coefficients and subproblems based on successive convex approximation(SCA)and block coordinate descent(BCD).The simulation results showcase the performance of our optimization scheme across various parameter settings and confirm its superiority over other benchmarks with respect to energy consumption.展开更多
文摘The advent of quantum computing poses a significant challenge to traditional cryptographic protocols,particularly those used in SecureMultiparty Computation(MPC),a fundamental cryptographic primitive for privacypreserving computation.Classical MPC relies on cryptographic techniques such as homomorphic encryption,secret sharing,and oblivious transfer,which may become vulnerable in the post-quantum era due to the computational power of quantum adversaries.This study presents a review of 140 peer-reviewed articles published between 2000 and 2025 that used different databases like MDPI,IEEE Explore,Springer,and Elsevier,examining the applications,types,and security issues with the solution of Quantum computing in different fields.This review explores the impact of quantum computing on MPC security,assesses emerging quantum-resistant MPC protocols,and examines hybrid classicalquantum approaches aimed at mitigating quantum threats.We analyze the role of Quantum Key Distribution(QKD),post-quantum cryptography(PQC),and quantum homomorphic encryption in securing multiparty computations.Additionally,we discuss the challenges of scalability,computational efficiency,and practical deployment of quantumsecure MPC frameworks in real-world applications such as privacy-preserving AI,secure blockchain transactions,and confidential data analysis.This review provides insights into the future research directions and open challenges in ensuring secure,scalable,and quantum-resistant multiparty computation.
基金supported by State Grid Shanxi Electric Power Company’s Science and Technology Projects(No.52051C230102).
文摘Owing to the development of communication technologies and control systems,the integration of numerous Internet of Things(IoT)nodes into the power grid has become increasingly prevalent.These nodes are deployed to gather operational data from various distributed energy sources and monitor real-time energy consumption,thereby transforming the traditional power grid into a smart grid(SG).However,the openness of wireless communication channels introduces vulnerabilities,as it allows potential eavesdroppers to intercept sensitive information.This poses threats to the secure and efficient operation of the IoT-driven smart grid.To address these challenges,we propose a novel scenario that incorporates an Unmanned Aerial Vehicle(UAV)as a relay gateway for multiple authorized smart meters.This scenario is further enhanced by the integration of Reconfigurable Intelligent Surface(RIS)technology,which dynamically adjusts the direction of information transmission.Our objective is to maximize the secure rate within this UAV-RIS-aided system with multiple authorized smart meters and an eavesdropper based on physical layer security(PLS)techniques.We formulate the problem of secure rate maximization by jointly optimizing the active beamforming of the UAV,the passive beamforming of the RIS,and the UAV’s trajectory.To solve this complex optimization problem,we introduce the Twin Soft Actor-Critic(TSAC)algorithm.This algorithm employs a dual-agent framework,where Agent 1 focuses on optimizing the beamforming for both the UAV and the RIS,while Agent 2 concurrently searches for the optimal trajectory of the UAV.Simulation results demonstrate the TSAC algorithm significantly enhances the secure rate of the system,achieving faster convergence and higher rewards under the worst communication conditions.The TSAC algorithm consistently outperforms the Twin Deep Deterministic Policy Gradient(TDDPG)and Twin Delayed Deep Deterministic Policy Gradient(TTD3)algorithms.Furthermore,the TSAC algorithm exhibits robust performance when the distribution of smart meters follows a Gaussian distribution,further validating its practical applicability and effectiveness in real-world scenarios.
基金supported by the National Research Foundation(NRF),Republic of Korea,under project BK21 FOUR(4299990213939).
文摘The increased connectivity and reliance on digital technologies have exposed smart transportation systems to various cyber threats,making intrusion detection a critical aspect of ensuring their secure operation.Traditional intrusion detection systems have limitations in terms of centralized architecture,lack of transparency,and vulnerability to single points of failure.This is where the integration of blockchain technology with signature-based intrusion detection can provide a robust and decentralized solution for securing smart transportation systems.This study tackles the issue of database manipulation attacks in smart transportation networks by proposing a signaturebased intrusion detection system.The introduced signature facilitates accurate detection and systematic classification of attacks,enabling categorization according to their severity levels within the transportation infrastructure.Through comparative analysis,the research demonstrates that the blockchain-based IDS outperforms traditional approaches in terms of security,resilience,and data integrity.
文摘Although Named Entity Recognition(NER)in cybersecurity has historically concentrated on threat intelligence,vital security data can be found in a variety of sources,such as open-source intelligence and unprocessed tool outputs.When dealing with technical language,the coexistence of structured and unstructured data poses serious issues for traditional BERT-based techniques.We introduce a three-phase approach for improved NER inmulti-source cybersecurity data that makes use of large language models(LLMs).To ensure thorough entity coverage,our method starts with an identification module that uses dynamic prompting techniques.To lessen hallucinations,the extraction module uses confidence-based self-assessment and cross-checking using regex validation.The tagging module links to knowledge bases for contextual validation and uses SecureBERT in conjunction with conditional random fields to detect entity boundaries precisely.Our framework creates efficient natural language segments by utilizing decoderbased LLMs with 10B parameters.When compared to baseline SecureBERT implementations,evaluation across four cybersecurity data sources shows notable gains,with a 9.4%–25.21%greater recall and a 6.38%–17.3%better F1-score.Our refined model matches larger models and achieves 2.6%–4.9%better F1-score for technical phrase recognition than the state-of-the-art alternatives Claude 3.5 Sonnet,Llama3-8B,and Mixtral-7B.The three-stage architecture identification-extraction-tagging pipeline tackles important cybersecurity NER issues.Through effective architectures,these developments preserve deployability while setting a new standard for entity extraction in challenging security scenarios.The findings show how specific enhancements in hybrid recognition,validation procedures,and prompt engineering raise NER performance above monolithic LLM approaches in cybersecurity applications,especially for technical entity extraction fromheterogeneous sourceswhere conventional techniques fall short.Because of itsmodular nature,the framework can be upgraded at the component level as new methods are developed.
基金co-funded by the European Union under the REFRESH-Research Excellence For REgion Sustainability and High-tech Industries project number CZ.10.03.01/00/22_003/0000048 via the Operational Programme Just Transitionsupported by the Ministry of Education,Youth and Sports of the Czech Republic conducted by VSB-Technical University of Ostrava,Czechia,under Grants SP2025/021 and SP2025/039。
文摘Practical applications of smart cities and the Internet of Things(IoT)have multiplied,posing many difficulties in network performance,dependability,and security.Concerns of accessibility,reliability,sustainability,and security too have arisen correspondingly because of the decentralized character of the smart city and IoT systems.Fog computing offers a foundation for various applications,including cognitive support,health and social services,intelligent transportation systems,and pervasive computing and communications.Fog computing can help enhance these apps'productivity and lower the end-to-end delay experienced by such time-sensitive applications.In this research,we propose a reliable and secure service delivery strategy at the network edge for smart cities.To improve the availability and dependability,along with the security of smart city applications,the approach employs a combined method uniting distributed fog servers in addition to mist servers with the help of an intrusion detection system.Simulation findings suggest a reduction of 40.3%in the delay incurred by each service request for highly dense areas and 60.6%for moderately dense environments.Furthermore,the system has low false-negative rates and high detection and accuracy rates,decreasing service requests 2%.
文摘Elliptic curve(EC)based cryptosystems gained more attention due to enhanced security than the existing public key cryptosystems.A substitution box(S-box)plays a vital role in securing modern symmetric key cryptosystems.However,the recently developed EC based algorithms usually trade off between computational efficiency and security,necessitating the design of a new algorithm with the desired cryptographic strength.To address these shortcomings,this paper proposes a new scheme based onMordell elliptic curve(MEC)over the complex field for generating distinct,dynamic,and highly uncorrelated S-boxes.Furthermore,we count the exact number of the obtained S-boxes,and demonstrate that the permuted version of the presented S-box is statistically optimal.The nonsingularity of the presented algorithm and the injectivity of the resultant output are explored.Rigorous theoretical analysis and experimental results demonstrate that the proposedmethod is highly effective in generating a large number of dynamic S-boxes with adequate cryptographic properties,surpassing current state-of-the-art S-box generation algorithms in terms of security.Apart fromthis,the generated S-box is benchmarked using side-channel attacks,and its performance is compared with highly nonlinear S-boxes,demonstrating comparable results.In addition,we present an application of our proposed S-box generator by incorporating it into an image encryption technique.The encrypted and decrypted images are tested by employing extensive standard security metrics,including the Number of Pixel Change Rate,the Unified Average Changing Intensity,information entropy,correlation coefficient,and histogram analysis.Moreover,the analysis is extended beyond conventional metrics to validate the new method using advanced tests,such as the NIST statistical test suite,robustness analysis,and noise and cropping attacks.Experimental outcomes show that the presented algorithm strengthens the existing encryption scheme against various well-known cryptographic attacks.
基金National Key R&D Program of China under Grant 2020YFB1807602the National Natural Science Foundation of China under Grant 62222107,Grant 62071223,Grant 62031012Young Elite Scientist Sponsorship Program by CAST。
文摘Cognitive unmanned aerial vehicle(UAV)is promising to tackle the spectrum scarcity problem faced by UAV communications.However,the secure information transmission is challenging due to the open nature of the spectrum sharing.In order to tackle this issue,a cognitive UAV network with cooperative jamming is studied in this paper.A robust resource allocation and trajectory joint optimization problem is formulated by considering the practical case that the channel state information(CSI)cannot be accurately obtained.An iterative algorithm is proposed to address this challenging non-convex problem.Simulation results demonstrate that the worst case robust resource allocation design can realize the secure communications even under the imperfect CSI.Moreover,compared with other benchmark schemes,the proposed scheme can achieve secure performance improvement.
基金derived from a research grant“Cybersecurity Research and Innovation Pioneers Grants Initiative”funded by The National Program for RDI in Cybersecurity(National Cybersecurity Authority)-Kingdom of Saudi Arabia-with grant number(CRPG-25-3168)supported by EIAS Data Science and Blockchain Lab,CCIS,Prince Sultan University.
文摘The growing developments in 5G and 6G wireless communications have revolutionized communications technologies,providing faster speeds with reduced latency and improved connectivity to users.However,it raises significant security challenges,including impersonation threats,data manipulation,distributed denial of service(DDoS)attacks,and privacy breaches.Traditional security measures are inadequate due to the decentralized and dynamic nature of next-generation networks.This survey provides a comprehensive review of how Federated Learning(FL),Blockchain,and Digital Twin(DT)technologies can collectively enhance the security of 5G and 6G systems.Blockchain offers decentralized,immutable,and transparent mechanisms for securing network transactions,while FL enables privacy-preserving collaborative learning without sharing raw data.Digital Twins create virtual replicas of network components,enabling real-time monitoring,anomaly detection,and predictive threat analysis.The survey examines major security issues in emerging wireless architectures and analyzes recent advancements that integrate FL,Blockchain,and DT to mitigate these threats.Additionally,it presents practical use cases,synthesizes key lessons learned,and identifies ongoing research challenges.Finally,the survey outlines future research directions to support the development of scalable,intelligent,and robust security frameworks for next-generation wireless networks.
文摘Federated Learning(FL)enables joint training over distributed devices without data exchange but is highly vulnerable to attacks by adversaries in the form of model poisoning and malicious update injection.This work proposes Secured-FL,a blockchain-based defensive framework that combines smart contract-based authentication,clustering-driven outlier elimination,and dynamic threshold adjustment to defend against adversarial attacks.The framework was implemented on a private Ethereum network with a Proof-of-Authority consensus algorithm to ensure tamper-resistant and auditable model updates.Large-scale simulation on the Cyber Data dataset,under up to 50%malicious client settings,demonstrates Secured-FL achieves 6%-12%higher accuracy,9%-15%lower latency,and approximately 14%less computational expense compared to the PPSS benchmark framework.Additional tests,including confusion matrices,ROC and Precision-Recall curves,and ablation tests,confirm the interpretability and robustness of the defense.Tests for scalability also show consistent performance up to 500 clients,affirming appropriateness to reasonably large deployments.These results make Secured-FL a feasible,adversarially resilient FL paradigm with promising potential for application in smart cities,medicine,and other mission-critical IoT deployments.
文摘ABSTRACT:Federated Learning(FL)enables collaborative medical model training without sharing sensitive patient data.However,existing FL systems face increasing security risks from post quantum adversaries and often incur nonnegligible computational and communication overhead when encryption is applied.At the same time,training high performance AI models requires large volumes of high quality data,while medical data such as patient information,clinical records,and diagnostic reports are highly sensitive and subject to strict privacy regulations,including HIPAA and GDPR.Traditional centralized machine learning approaches therefore pose significant challenges for cross institutional collaboration in healthcare.To address these limitations,Federated Learning was introduced to allow multiple institutions to jointly train a global model while keeping local data private.Nevertheless,conventional cryptographicmechanisms,such as RSA,are increasingly inadequate for privacy sensitive FL deployments,particularly in the presence of emerging quantum computing threats.Homomorphic encryption,which enables computations to be performed directly on encrypted data,provides an effective solution for preserving data privacy in federated learning systems.This capability allows healthcare institutions to securely perform collaborative model training while remaining compliant with regulatory requirements.Among homomorphic encryption techniques,NTRU,a lattice based cryptographic scheme defined over polynomial rings,offers strong resistance against quantum attacks by relying on the hardness of the Shortest Vector Problem(SVP).Moreover,NTRU supports limited homomorphic operations that are sufficient for secure aggregation in federated learning.In this work,we propose an NTRU enhanced federated learning framework specifically designed for medical and healthcare applications.Experimental results demonstrate that the proposed approach achieves classification performance comparable to standard federated learning,with final accuracy consistently exceeding 0.93.The framework introduces predictable encryption latency on the order of hundreds of milliseconds per training round and a fixed ciphertext communication overhead per client under practical deployment settings.In addition,the proposed systemeffectivelymitigatesmultiple security threats,including quantum computing attacks,by ensuring robust encryption throughout the training process.By integrating the security and homomorphic properties of NTRU,this study establishes a privacy preserving and quantumresistant federated learning framework that supports the secure,legal,and efficient deployment of AI technologies in healthcare,thereby laying a solid foundation for future intelligent healthcare systems.
基金funded by Multimedia University,Cyberjaya,Selangor,Malaysia(Grant Number:PostDoc(MMUI/240029)).
文摘As healthcare systems increasingly embrace digitalization,effective management of electronic health records(EHRs)has emerged as a critical priority,particularly in inpatient settings where data sensitivity and realtime access are paramount.Traditional EHR systems face significant challenges,including unauthorized access,data breaches,and inefficiencies in tracking follow-up appointments,which heighten the risk of misdiagnosis and medication errors.To address these issues,this research proposes a hybrid blockchain-based solution for securely managing EHRs,specifically designed as a framework for tracking inpatient follow-ups.By integrating QR codeenabled data access with a blockchain architecture,this innovative approach enhances privacy protection,data integrity,and auditing capabilities,while facilitating swift and real-time data retrieval.The architecture adheres to Role-Based Access Control(RBAC)principles and utilizes robust encryption techniques,including SHA-256 and AES-256-CBC,to secure sensitive information.A comprehensive threat model outlines trust boundaries and potential adversaries,complemented by a validated data transmission protocol.Experimental results demonstrate that the framework remains reliable in concurrent access scenarios,highlighting its efficiency and responsiveness in real-world applications.This study emphasizes the necessity for hybrid solutions in managing sensitive medical information and advocates for integrating blockchain technology and QR code innovations into contemporary healthcare systems.
文摘In today’s rapidly evolving digital landscape,web application security has become paramount as organizations face increasingly sophisticated cyber threats.This work presents a comprehensive methodology for implementing robust security measures in modern web applications and the proof of the Methodology applied to Vue.js,Spring Boot,and MySQL architecture.The proposed approach addresses critical security challenges through a multi-layered framework that encompasses essential security dimensions including multi-factor authentication,fine-grained authorization controls,sophisticated session management,data confidentiality and integrity protection,secure logging mechanisms,comprehensive error handling,high availability strategies,advanced input validation,and security headers implementation.Significant contributions are made to the field of web application security.First,a detailed catalogue of security requirements specifically tailored to protect web applications against contemporary threats,backed by rigorous analysis and industry best practices.Second,the methodology is validated through a carefully designed proof-of-concept implementation in a controlled environment,demonstrating the practical effectiveness of the security measures.The validation process employs cutting-edge static and dynamic analysis tools for comprehensive dependency validation and vulnerability detection,ensuring robust security coverage.The validation results confirm the prevention and avoidance of security vulnerabilities of the methodology.A key innovation of this work is the seamless integration of DevSecOps practices throughout the secure Software Development Life Cycle(SSDLC),creating a security-first mindset from initial design to deployment.By combining proactive secure coding practices with defensive security approaches,a framework is established that not only strengthens application security but also fosters a culture of security awareness within development teams.This hybrid approach ensures that security considerations are woven into every aspect of the development process,rather than being treated as an afterthought.
文摘Industrial intelligence and secure interconnection serve as the foundational platform and critical information infrastructure for new industrialization,carrying significant strategic importance.They not only function as the core engine driving the transformation and upgrading of the manufacturing sector and ensuring stable socioeconomic operation but are also vital to enhancing national technological competitiveness and safeguarding industrial security.
基金supported in part by Jiangsu Province High Level“333”Program (0401206044)National Natural Science Foundation of China (61801243,62072255)+4 种基金Program for Scientific Research Foundation for Talented Scholars of Jinling Institute of Technology (JIT-B-202031)University Incubator Foundation of Jinling Institute of Technology (JIT-FHXM-202110)Open Project of Fujian Provincial Key Lab.of Network Security and Cryptology (NSCL-KF2021-02)Open Foundation of National Railway Intelligence Transportation System Engineering Tech.Research Center (RITS2021KF02)China Postdoctoral Science Foundation (2019M651914)。
文摘The secured access is studied in this paper for the network of the image remote sensing.Each sensor in this network encounters the information security when uploading information of the images wirelessly from the sensor to the central collection point.In order to enhance the sensing quality for the remote uploading,the passive reflection surface technique is employed.If one eavesdropper that exists nearby this sensor is keeping on accessing the same networks,he may receive the same image from this sensor.Our goal in this paper is to improve the SNR of legitimate collection unit while cut down the SNR of the eavesdropper as much as possible by adaptively adjust the uploading power from this sensor to enhance the security of the remote sensing images.In order to achieve this goal,the secured energy efficiency performance is theoretically analyzed with respect to the number of the passive reflection elements by calculating the instantaneous performance over the channel fading coefficients.Based on this theoretical result,the secured access is formulated as a mathematical optimization problem by adjusting the sensor uploading power as the unknown variables with the objective of the energy efficiency maximization while satisfying any required maximum data rate of the eavesdropper sensor.Finally,the analytical expression is theoretically derived for the optimum uploading power.Numerical simulations verify the design approach.
基金Project supported by the National Natural Science Foundation of China(Grant Nos.62071381 and 62301430)Shaanxi Fundamental Science Research Project for Mathematics and Physics(Grant No.23JSY014)+1 种基金Scientific Research Plan Project of Shaanxi Education Department Natural Science Special Project(Grant No.23JK0680)Young Talent Fund of Xi’an Association for Science and Technology(Grant No.959202313011)。
文摘Continuous-variable quantum secure direct communication(CVQSDC)with Gaussian modulation(GM)demands a considerable quantity of random numbers during the preparation process and encodes them separately on the quadrature components of the quantum states.Hence,high-speed random number generators are required to satisfy this demand,which is difficult to implement in practical applications.CVQSDC with discrete modulation(DM),correspondingly,employs a finite number of quantum states to achieve encoding,which can circumvent the shortcomings of the GM scheme.Based on the advantages of DM,the issue of attaining the most optimal secrecy capacity and communication distance remains to be resolved.Here,we propose a CVQSDC protocol based on N-symbol amplitude phase shift keying(N-APSK),which exploits the Boltzmann-Maxwell distribution assisted probability shaping technique.In comparison with the uniform distribution,according to 32-APSK CVQSDC,the proposed scheme extends the communication distance by about 38%,while obtaining a higher secrecy capacity at the same communication distance.Furthermore,increasing the value of N will concurrently increase the quantity of rings in the constellation,thereby facilitating enhancements of communication distance.This work incorporates the modulation approaches prevalently employed in classical communication into the realm of quantum communication,attaining gratifying advancements in communication distance and secrecy capacity,and concurrently facilitating the integrated development of quantum communication and classical communication.
文摘Unmanned Aerial Vehicle(UAV)-aided communication holds great potential to enhance the transmission performance.However,the information security remains a fundamental requirement due to the high possibilities of line-of-sight links and the broadcast nature.
文摘The dynamics of chaotic memristor-based systems offer promising potential for secure communication.However,existing solutions frequently suffer from drawbacks such as slow synchronization,low key diversity,and poor noise resistance.To overcome these issues,a novel fractional-order chaotic system incorporating a memristor emulator derived from the Shinriki oscillator is proposed.The main contribution lies in the enhanced dynamic complexity and flexibility of the proposed architecture,making it suitable for cryptographic applications.Furthermore,the feasibility of synchronization to ensure secure data transmission is demonstrated through the validation of two strategies:an active control method ensuring asymptotic convergence,and a finite-time control method enabling faster stabilization.The robustness of the scheme is confirmed by simulation results on a color image:χ^(2)=253/237/267(R/G/B);entropy≈7.993;correlations between adjacent pixels in all directions are close to zero(e.g.,-0.0318 vertically);and high number of pixel change rate and unified average changing intensity(e.g.,33.40%and 99.61%,respectively).Peak signal-to-noise ratio analysis shows that resilience to noise and external disturbances is maintained.It is shown that multiple fractional orders further enrich the chaotic behavior,increasing the systems suitability for secure communication in embedded environments.These findings highlight the relevance of fractional-order chaotic memristive systems for lightweight secure transmission applications.
基金supported in part by the National Natural Science Foundation of China under Grant 61971474in part by the National Natural Science Foundation of China under Grant 62301594+2 种基金in part by the Special Funds of the National Natural Science Foundation of China under Grant 62341112in part by the Beijing Nova Program under Grant Z201100006820121in part by the Beijing Municipal Science and Technology Project under Grant Z181100003218015.
文摘Applying non-orthogonal multiple access(NOMA)to the mobile edge computing(MEC)network supported by unmanned aerial vehicles(UAVs)can improve spectral efficiency and achieve massive user access on the basis of solving computing resource constraints and coverage problems.However,the UAV-enabled network has a serious risk of information leakage on account of the openness of wireless channel.This paper considers a UAV-MEC secure network based on NOMA technology,which aims to minimize the UAV energy consumption.To achieve the purpose while meeting the security and users’latency requirements,we formulate an optimization problem that jointly optimizes the UAV trajectory and the allocation of network resources.Given that the original problem is non-convex and multivariate coupled,we proposed an effective algorithm to decouple the nonconvex problem into independent user relation coefficients and subproblems based on successive convex approximation(SCA)and block coordinate descent(BCD).The simulation results showcase the performance of our optimization scheme across various parameter settings and confirm its superiority over other benchmarks with respect to energy consumption.
