Purpose-Amidst an increasingly severe cybersecurity landscape,the widespread adoption of Xinchuang endpoints has become a strategic imperative.Governments and enterprises have established terminal localization as a cr...Purpose-Amidst an increasingly severe cybersecurity landscape,the widespread adoption of Xinchuang endpoints has become a strategic imperative.Governments and enterprises have established terminal localization as a critical objective,aiming for comprehensive indigenous replacement through rapid technological iteration.Consequently,Xinchuang systems and Windows platforms are expected to coexist over an extended period.This study seeks to establish an automated verification framework for multi-version operating systems and validate the efficacy of baseline hardening in mitigating security risks.Design/methodology/approach-Based on the Classified Protection 2.0 framework and relevant national standards for endpoint security,this study proposes an endpoint security baseline verification scheme applicable to multiple operating systems.The scheme addresses divergent security policies and implementation methodologies across heterogeneous environments.It automates the inspection of core baselines,including account password complexity,default shared service status and patch installation status.Furthermore,a comprehensive scoring model is established by incorporating differentiated weights for account security,patch management and log auditing,ultimately generating visualized risk reports to facilitate remediation prioritization.Findings-This study reveals that baseline configuration serves as the fundamental prerequisite in endpoint security practices.Through a scalable detection engine and quantitative scoring model,the system can promptly identify and remediate potential risks,thereby reducing the attack surface and mitigating intrusion risks.However,on certain domestic chip architectures,compatibility issues persist in detecting specific configuration items.Further improvement in hardware-software co-adaptation for domestic platforms is required to advance the development of localized security protection systems.Originality/value-Through in-depth research on security baseline configurations across multiple operating systems,this study implements an automated and visualized baseline verification methodology.This approach significantly strengthens the security posture of domestic operating systems and supports the establishment of a more robust,national-level cybersecurity defense framework.展开更多
The rapid digitalization of urban infrastructure has made smart cities increasingly vulnerable to sophisticated cyber threats.In the evolving landscape of cybersecurity,the efficacy of Intrusion Detection Systems(IDS)...The rapid digitalization of urban infrastructure has made smart cities increasingly vulnerable to sophisticated cyber threats.In the evolving landscape of cybersecurity,the efficacy of Intrusion Detection Systems(IDS)is increasingly measured by technical performance,operational usability,and adaptability.This study introduces and rigorously evaluates a Human-Computer Interaction(HCI)-Integrated IDS with the utilization of Convolutional Neural Network(CNN),CNN-Long Short Term Memory(LSTM),and Random Forest(RF)against both a Baseline Machine Learning(ML)and a Traditional IDS model,through an extensive experimental framework encompassing many performance metrics,including detection latency,accuracy,alert prioritization,classification errors,system throughput,usability,ROC-AUC,precision-recall,confusion matrix analysis,and statistical accuracy measures.Our findings consistently demonstrate the superiority of the HCI-Integrated approach utilizing three major datasets(CICIDS 2017,KDD Cup 1999,and UNSW-NB15).Experimental results indicate that the HCI-Integrated model outperforms its counterparts,achieving an AUC-ROC of 0.99,a precision of 0.93,and a recall of 0.96,while maintaining the lowest false positive rate(0.03)and the fastest detection time(~1.5 s).These findings validate the efficacy of incorporating HCI to enhance anomaly detection capabilities,improve responsiveness,and reduce alert fatigue in critical smart city applications.It achieves markedly lower detection times,higher accuracy across all threat categories,reduced false positive and false negative rates,and enhanced system throughput under concurrent load conditions.The HCIIntegrated IDS excels in alert contextualization and prioritization,offering more actionable insights while minimizing analyst fatigue.Usability feedback underscores increased analyst confidence and operational clarity,reinforcing the importance of user-centered design.These results collectively position the HCI-Integrated IDS as a highly effective,scalable,and human-aligned solution for modern threat detection environments.展开更多
Improving the quality assurance (QA) processes and acquiring accreditation are top priorities for academic programs. The learning outcomes (LOs)assessment and continuous quality improvement represent core components o...Improving the quality assurance (QA) processes and acquiring accreditation are top priorities for academic programs. The learning outcomes (LOs)assessment and continuous quality improvement represent core components ofthe quality assurance system (QAS). Current assessment methods suffer deficiencies related to accuracy and reliability, and they lack well-organized processes forcontinuous improvement planning. Moreover, the absence of automation, andintegration in QA processes forms a major obstacle towards developing efficientquality system. There is a pressing need to adopt security protocols that providerequired security services to safeguard the valuable information processed byQAS as well. This research proposes an effective methodology for LOs assessment and continuous improvement processes. The proposed approach ensuresmore accurate and reliable LOs assessment results and provides systematic wayfor utilizing those results in the continuous quality improvement. This systematicand well-specified QA processes were then utilized to model and implement automated and secure QAS that efficiently performs quality-related processes. Theproposed system adopts two security protocols that provide confidentiality, integrity, and authentication for quality data and reports. The security protocols avoidthe source repudiation, which is important in the quality reporting system. This isachieved through implementing powerful cryptographic algorithms. The QASenables efficient data collection and processing required for analysis and interpretation. It also prepares for the development of datasets that can be used in futureartificial intelligence (AI) researches to support decision making and improve thequality of academic programs. The proposed approach is implemented in a successful real case study for a computer science program. The current study servesscientific programs struggling to achieve academic accreditation, and gives rise tofully automating and integrating the QA processes and adopting modern AI andsecurity technologies to develop effective QAS.展开更多
This paper explores the issue of secure synchronization control in piecewise-homogeneous Markovian jump delay neural networks affected by denial-of-service(DoS)attacks.Initially,a novel memory-based adaptive event-tri...This paper explores the issue of secure synchronization control in piecewise-homogeneous Markovian jump delay neural networks affected by denial-of-service(DoS)attacks.Initially,a novel memory-based adaptive event-triggered mechanism(MBAETM)is designed based on sequential growth rates,focusing on event-triggered conditions and thresholds.Subsequently,from the perspective of defenders,non-periodic DoS attacks are re-characterized,and a model of irregular DoS attacks with cyclic fluctuations within time series is further introduced to enhance the system's defense capabilities more effectively.Additionally,considering the unified demands of network security and communication efficiency,a resilient memory-based adaptive event-triggered mechanism(RMBAETM)is proposed.A unified Lyapunov-Krasovskii functional is then constructed,incorporating a loop functional to thoroughly consider information at trigger moments.The master-slave system achieves synchronization through the application of linear matrix inequality techniques.Finally,the proposed methods'effectiveness and superiority are confirmed through four numerical simulation examples.展开更多
As smart grid technology rapidly advances,the vast amount of user data collected by smart meter presents significant challenges in data security and privacy protection.Current research emphasizes data security and use...As smart grid technology rapidly advances,the vast amount of user data collected by smart meter presents significant challenges in data security and privacy protection.Current research emphasizes data security and user privacy concerns within smart grids.However,existing methods struggle with efficiency and security when processing large-scale data.Balancing efficient data processing with stringent privacy protection during data aggregation in smart grids remains an urgent challenge.This paper proposes an AI-based multi-type data aggregation method designed to enhance aggregation efficiency and security by standardizing and normalizing various data modalities.The approach optimizes data preprocessing,integrates Long Short-Term Memory(LSTM)networks for handling time-series data,and employs homomorphic encryption to safeguard user privacy.It also explores the application of Boneh Lynn Shacham(BLS)signatures for user authentication.The proposed scheme’s efficiency,security,and privacy protection capabilities are validated through rigorous security proofs and experimental analysis.展开更多
The emergence of next generation networks(NextG),including 5G and beyond,is reshaping the technological landscape of cellular and mobile networks.These networks are sufficiently scaled to interconnect billions of user...The emergence of next generation networks(NextG),including 5G and beyond,is reshaping the technological landscape of cellular and mobile networks.These networks are sufficiently scaled to interconnect billions of users and devices.Researchers in academia and industry are focusing on technological advancements to achieve highspeed transmission,cell planning,and latency reduction to facilitate emerging applications such as virtual reality,the metaverse,smart cities,smart health,and autonomous vehicles.NextG continuously improves its network functionality to support these applications.Multiple input multiple output(MIMO)technology offers spectral efficiency,dependability,and overall performance in conjunctionwithNextG.This article proposes a secure channel estimation technique in MIMO topology using a norm-estimation model to provide comprehensive insights into protecting NextG network components against adversarial attacks.The technique aims to create long-lasting and secure NextG networks using this extended approach.The viability of MIMO applications and modern AI-driven methodologies to combat cybersecurity threats are explored in this research.Moreover,the proposed model demonstrates high performance in terms of reliability and accuracy,with a 20%reduction in the MalOut-RealOut-Diff metric compared to existing state-of-the-art techniques.展开更多
The simultaneous transmitting and reflecting reconfigurable intelligent surface(STAR-RIS)can independently adjust surface’s reflection and transmission coefficients so as to enhance space coverage.For a multiple-inpu...The simultaneous transmitting and reflecting reconfigurable intelligent surface(STAR-RIS)can independently adjust surface’s reflection and transmission coefficients so as to enhance space coverage.For a multiple-input multiple-output(MIMO)communication system with a STAR-RIS,a base station(BS),an eavesdropper,and multiple users,the system security rate is studied.A joint design of the power allocation at the transmitter and phase shift matrices for reflection and transmission at the STAR-RIS is conducted,in order to maximize the worst achievable security data rate(ASDR).Since the problem is nonconvex and hence challenging,a particle swarm optimization(PSO)based algorithm is developed to tackle the problem.Both the cases of continuous and discrete phase shift matrices at the STAR-RIS are considered.Simulation results demonstrate the effectiveness of the proposed algorithm and shows the benefits of using STAR-RIS in MIMO mutliuser systems.展开更多
In today’s rapidly evolving digital landscape,web application security has become paramount as organizations face increasingly sophisticated cyber threats.This work presents a comprehensive methodology for implementi...In today’s rapidly evolving digital landscape,web application security has become paramount as organizations face increasingly sophisticated cyber threats.This work presents a comprehensive methodology for implementing robust security measures in modern web applications and the proof of the Methodology applied to Vue.js,Spring Boot,and MySQL architecture.The proposed approach addresses critical security challenges through a multi-layered framework that encompasses essential security dimensions including multi-factor authentication,fine-grained authorization controls,sophisticated session management,data confidentiality and integrity protection,secure logging mechanisms,comprehensive error handling,high availability strategies,advanced input validation,and security headers implementation.Significant contributions are made to the field of web application security.First,a detailed catalogue of security requirements specifically tailored to protect web applications against contemporary threats,backed by rigorous analysis and industry best practices.Second,the methodology is validated through a carefully designed proof-of-concept implementation in a controlled environment,demonstrating the practical effectiveness of the security measures.The validation process employs cutting-edge static and dynamic analysis tools for comprehensive dependency validation and vulnerability detection,ensuring robust security coverage.The validation results confirm the prevention and avoidance of security vulnerabilities of the methodology.A key innovation of this work is the seamless integration of DevSecOps practices throughout the secure Software Development Life Cycle(SSDLC),creating a security-first mindset from initial design to deployment.By combining proactive secure coding practices with defensive security approaches,a framework is established that not only strengthens application security but also fosters a culture of security awareness within development teams.This hybrid approach ensures that security considerations are woven into every aspect of the development process,rather than being treated as an afterthought.展开更多
Industrial intelligence and secure interconnection serve as the foundational platform and critical information infrastructure for new industrialization,carrying significant strategic importance.They not only function ...Industrial intelligence and secure interconnection serve as the foundational platform and critical information infrastructure for new industrialization,carrying significant strategic importance.They not only function as the core engine driving the transformation and upgrading of the manufacturing sector and ensuring stable socioeconomic operation but are also vital to enhancing national technological competitiveness and safeguarding industrial security.展开更多
Attribute-based Encryption(ABE)enhances the confidentiality of Electronic Health Records(EHR)(also known as Personal Health Records(PHR))by binding access rights not to individual identities,but to user attribute sets...Attribute-based Encryption(ABE)enhances the confidentiality of Electronic Health Records(EHR)(also known as Personal Health Records(PHR))by binding access rights not to individual identities,but to user attribute sets such as roles,specialties,or certifications.This data-centric cryptographic paradigm enables highly fine-grained,policydriven access control,minimizing the need for identity management and supporting scalable multi-user scenarios.This paper presents a comprehensive and critical survey of ABE schemes developed specifically for EHR/PHR systems over the past decade.It explores the evolution of these schemes,analyzing their design principles,strengths,limitations,and the level of granularity they offer in access control.The review also evaluates the security guarantees,efficiency,and practical applicability of these schemes in real-world healthcare environments.Furthermore,the paper outlines the current state of ABE as a mechanism for safeguarding EHR data and managing user access,while also identifying the key challenges that remain.Open issues such as scalability,revocation mechanisms,policy updates,and interoperability are discussed in detail,providing valuable insights for researchers and practitioners aiming to advance the secure management of health information systems.展开更多
Unmanned Aerial Vehicle(UAV)-aided communication holds great potential to enhance the transmission performance.However,the information security remains a fundamental requirement due to the high possibilities of line-o...Unmanned Aerial Vehicle(UAV)-aided communication holds great potential to enhance the transmission performance.However,the information security remains a fundamental requirement due to the high possibilities of line-of-sight links and the broadcast nature.展开更多
The dynamics of chaotic memristor-based systems offer promising potential for secure communication.However,existing solutions frequently suffer from drawbacks such as slow synchronization,low key diversity,and poor no...The dynamics of chaotic memristor-based systems offer promising potential for secure communication.However,existing solutions frequently suffer from drawbacks such as slow synchronization,low key diversity,and poor noise resistance.To overcome these issues,a novel fractional-order chaotic system incorporating a memristor emulator derived from the Shinriki oscillator is proposed.The main contribution lies in the enhanced dynamic complexity and flexibility of the proposed architecture,making it suitable for cryptographic applications.Furthermore,the feasibility of synchronization to ensure secure data transmission is demonstrated through the validation of two strategies:an active control method ensuring asymptotic convergence,and a finite-time control method enabling faster stabilization.The robustness of the scheme is confirmed by simulation results on a color image:χ^(2)=253/237/267(R/G/B);entropy≈7.993;correlations between adjacent pixels in all directions are close to zero(e.g.,-0.0318 vertically);and high number of pixel change rate and unified average changing intensity(e.g.,33.40%and 99.61%,respectively).Peak signal-to-noise ratio analysis shows that resilience to noise and external disturbances is maintained.It is shown that multiple fractional orders further enrich the chaotic behavior,increasing the systems suitability for secure communication in embedded environments.These findings highlight the relevance of fractional-order chaotic memristive systems for lightweight secure transmission applications.展开更多
Applying non-orthogonal multiple access(NOMA)to the mobile edge computing(MEC)network supported by unmanned aerial vehicles(UAVs)can improve spectral efficiency and achieve massive user access on the basis of solving ...Applying non-orthogonal multiple access(NOMA)to the mobile edge computing(MEC)network supported by unmanned aerial vehicles(UAVs)can improve spectral efficiency and achieve massive user access on the basis of solving computing resource constraints and coverage problems.However,the UAV-enabled network has a serious risk of information leakage on account of the openness of wireless channel.This paper considers a UAV-MEC secure network based on NOMA technology,which aims to minimize the UAV energy consumption.To achieve the purpose while meeting the security and users’latency requirements,we formulate an optimization problem that jointly optimizes the UAV trajectory and the allocation of network resources.Given that the original problem is non-convex and multivariate coupled,we proposed an effective algorithm to decouple the nonconvex problem into independent user relation coefficients and subproblems based on successive convex approximation(SCA)and block coordinate descent(BCD).The simulation results showcase the performance of our optimization scheme across various parameter settings and confirm its superiority over other benchmarks with respect to energy consumption.展开更多
As industrialization and informatization in China deeply integrate and the Internet of Things rapidly develops,industrial control systems are facing increasingly severe information security challenges.The industrial c...As industrialization and informatization in China deeply integrate and the Internet of Things rapidly develops,industrial control systems are facing increasingly severe information security challenges.The industrial control system of the gas extraction plant is characterized by numerous points and centralized operations,with a strong reliance on the system and stringent real-time requirements.展开更多
In wireless Energy Harvesting(EH)cooperative networks,we investigate the problem of secure energy-saving resource allocation for downlink physical layer security transmission.Initially,we establish a model for a multi...In wireless Energy Harvesting(EH)cooperative networks,we investigate the problem of secure energy-saving resource allocation for downlink physical layer security transmission.Initially,we establish a model for a multi-relay cooperative network incorporating wireless energy harvesting,spectrum sharing,and system power constraints,focusing on physical layersecurity transmission in the presence of eavesdropping nodes.In this model,the source node transmits signals while injecting Artificial Noise(AN)to mitigate eavesdropping risks,and an idle relay can act as a jamming node to assist in this process.Based on this model,we formulate an optimization problem for maximizing system secure harvesting energy efficiency,this problem integrates constraints on total power,bandwidth,and AN allocation.We proceed by conducting a mathematical analysis of the optimization problem,deriving optimal solutions for secure energy-saving resource allocation,this includes strategies for power allocation at the source and relay nodes,bandwidth allocation among relays,and power splitting for the energy harvesting node.Thus,we propose a secure resource allocation algorithm designed to maximize secure harvesting energy efficiency.Finally,we validate the correctness of the theoretical derivation through Monte Carlo simulations,discussing the impact of parameters such as legitimate channel gain,power splitting factor,and the number of relays on secure harvesting energy efficiency of the system.The simulation results show that the proposed secure energy-saving resource allocation algorithm effectively enhances the security performance of the system.展开更多
Unmanned aerial vehicle(UAV)swarm network consisting of a collection of micro UAVs can be used for many applications.It is well established that packet routing is a fundamental problem to achieve UAV collaboration.How...Unmanned aerial vehicle(UAV)swarm network consisting of a collection of micro UAVs can be used for many applications.It is well established that packet routing is a fundamental problem to achieve UAV collaboration.However,the highly dynamic nature of UAVs,frequently changing network topologies and security issues,poses significant challenges to packet forwarding in UAV networks.The existing topology-based routing protocols are not well suited in UAV network due to their high controlling overhead or excessive end-to-end delay.Geographic routing is regarded as a promising solution,as it only requires local information.In order to enhance the accuracy and security of geographic routing in highly dynamic UAV network,in this paper,we propose a new predictive geographic(PGeo)routing strategy with location verification.First,a detection mechanism is adopted to recognize malicious UAVs falsifying their location.Then,an accurate average service time of a packet in the medium access control(MAC)layer is derived to assist location prediction.The proposed delay model can provide a theoretical basis for future work,and our simulation results reveal that PGeo outstrips the existing geographic routing protocols in terms of packet delivery ratio in the presence of location spoofing behavior.展开更多
In this paper,the application of Non-Orthogonal Multiple Access(NOMA)is investigated in a multiple-input single-output network consisting of multiple legitimate users and a potential eavesdropper.To support secure tra...In this paper,the application of Non-Orthogonal Multiple Access(NOMA)is investigated in a multiple-input single-output network consisting of multiple legitimate users and a potential eavesdropper.To support secure transmissions from legitimate users,two NOMA Secrecy Sum Rate Transmit Beam Forming(NOMA-SSR-TBF)schemes are proposed to maximise the SSR of a Base Station(BS)with sufficient and insufficient transmit power.For BS with sufficient transmit power,an artificial jamming beamforming design scheme is proposed to disrupt the potential eavesdropping without impacting the legitimate transmissions.In addition,for BS with insufficient transmit power,a modified successive interference cancellation decoding sequence is used to reduce the impact of artificial jamming on legitimate transmissions.More specifically,iterative algorithm for the successive convex approximation are provided to jointly optimise the vectors of transmit beamforming and artificial jamming.Experimental results demonstrate that the proposed NOMA-SSR-TBF schemes outperforms the existing works,such as the maximized artificial jamming power scheme,the maximized artificial jamming power scheme with artificial jamming beamforming design and maximized secrecy sum rate scheme without artificial jamming beamforming design.展开更多
Non-Orthogonal Multiple Access(NOMA)in Unmanned Aerial Vehicle(UAV)-assisted communications is a promising technique in future wireless networks.However,for UAV-assisted communication systems,secure and covert communi...Non-Orthogonal Multiple Access(NOMA)in Unmanned Aerial Vehicle(UAV)-assisted communications is a promising technique in future wireless networks.However,for UAV-assisted communication systems,secure and covert communication is crucial for maintaining confidentiality in battlefield environments.This study focuses on a novel two-way relaying system assisted by the UAV,leveraging Power Domain NOMA(PD-NOMA),trajectory design,and power allocation strategies to enhance secure communication rates.A PD-NOMA scheme is proposed for the half-duplex two-way UAV relay,utilizing the advantage of Air-to-Ground(A2G)channel.The covert communication scheme is proposed based on the proposed NOMA scheme.A method using permutation matrices is proposed to dynamically adjust the NOMA decoding order based on the UAV trajectory and communication power levels,to reduce complexity while ensuring information causality constraints.A low-interference jamming strategy is proposed for the system for covertness communication.Because of the non-convexity of the problem,the power allocation and trajectory design problem are solved with Difference of Convex(DC)programming and Successive Convex Approximation(SCA).The schemes of jointly designing the NOMA order,allocating the communication power,and designing the trajectory are proposed to maximize the minimum secure communication data rate.Simulation results show that the proposed NOMA-UAV secure communication schemes outperform the benchmarks of the conventional Orthogonal Multiple Access(OMA)method.展开更多
基金supported by scientific research projects of China Academy of Railway Sciences Co.,Ltd.(grant no.2024YJ117).
文摘Purpose-Amidst an increasingly severe cybersecurity landscape,the widespread adoption of Xinchuang endpoints has become a strategic imperative.Governments and enterprises have established terminal localization as a critical objective,aiming for comprehensive indigenous replacement through rapid technological iteration.Consequently,Xinchuang systems and Windows platforms are expected to coexist over an extended period.This study seeks to establish an automated verification framework for multi-version operating systems and validate the efficacy of baseline hardening in mitigating security risks.Design/methodology/approach-Based on the Classified Protection 2.0 framework and relevant national standards for endpoint security,this study proposes an endpoint security baseline verification scheme applicable to multiple operating systems.The scheme addresses divergent security policies and implementation methodologies across heterogeneous environments.It automates the inspection of core baselines,including account password complexity,default shared service status and patch installation status.Furthermore,a comprehensive scoring model is established by incorporating differentiated weights for account security,patch management and log auditing,ultimately generating visualized risk reports to facilitate remediation prioritization.Findings-This study reveals that baseline configuration serves as the fundamental prerequisite in endpoint security practices.Through a scalable detection engine and quantitative scoring model,the system can promptly identify and remediate potential risks,thereby reducing the attack surface and mitigating intrusion risks.However,on certain domestic chip architectures,compatibility issues persist in detecting specific configuration items.Further improvement in hardware-software co-adaptation for domestic platforms is required to advance the development of localized security protection systems.Originality/value-Through in-depth research on security baseline configurations across multiple operating systems,this study implements an automated and visualized baseline verification methodology.This approach significantly strengthens the security posture of domestic operating systems and supports the establishment of a more robust,national-level cybersecurity defense framework.
基金funded and supported by the Ongoing Research Funding program(ORF-2025-314),King Saud University,Riyadh,Saudi Arabia.
文摘The rapid digitalization of urban infrastructure has made smart cities increasingly vulnerable to sophisticated cyber threats.In the evolving landscape of cybersecurity,the efficacy of Intrusion Detection Systems(IDS)is increasingly measured by technical performance,operational usability,and adaptability.This study introduces and rigorously evaluates a Human-Computer Interaction(HCI)-Integrated IDS with the utilization of Convolutional Neural Network(CNN),CNN-Long Short Term Memory(LSTM),and Random Forest(RF)against both a Baseline Machine Learning(ML)and a Traditional IDS model,through an extensive experimental framework encompassing many performance metrics,including detection latency,accuracy,alert prioritization,classification errors,system throughput,usability,ROC-AUC,precision-recall,confusion matrix analysis,and statistical accuracy measures.Our findings consistently demonstrate the superiority of the HCI-Integrated approach utilizing three major datasets(CICIDS 2017,KDD Cup 1999,and UNSW-NB15).Experimental results indicate that the HCI-Integrated model outperforms its counterparts,achieving an AUC-ROC of 0.99,a precision of 0.93,and a recall of 0.96,while maintaining the lowest false positive rate(0.03)and the fastest detection time(~1.5 s).These findings validate the efficacy of incorporating HCI to enhance anomaly detection capabilities,improve responsiveness,and reduce alert fatigue in critical smart city applications.It achieves markedly lower detection times,higher accuracy across all threat categories,reduced false positive and false negative rates,and enhanced system throughput under concurrent load conditions.The HCIIntegrated IDS excels in alert contextualization and prioritization,offering more actionable insights while minimizing analyst fatigue.Usability feedback underscores increased analyst confidence and operational clarity,reinforcing the importance of user-centered design.These results collectively position the HCI-Integrated IDS as a highly effective,scalable,and human-aligned solution for modern threat detection environments.
基金Author extends his appreciation to the Deanship of Scientific Research at Imam Mohammad Ibn Saud Islamic University for funding and supporting this work through Graduate Student Research Support Program.
文摘Improving the quality assurance (QA) processes and acquiring accreditation are top priorities for academic programs. The learning outcomes (LOs)assessment and continuous quality improvement represent core components ofthe quality assurance system (QAS). Current assessment methods suffer deficiencies related to accuracy and reliability, and they lack well-organized processes forcontinuous improvement planning. Moreover, the absence of automation, andintegration in QA processes forms a major obstacle towards developing efficientquality system. There is a pressing need to adopt security protocols that providerequired security services to safeguard the valuable information processed byQAS as well. This research proposes an effective methodology for LOs assessment and continuous improvement processes. The proposed approach ensuresmore accurate and reliable LOs assessment results and provides systematic wayfor utilizing those results in the continuous quality improvement. This systematicand well-specified QA processes were then utilized to model and implement automated and secure QAS that efficiently performs quality-related processes. Theproposed system adopts two security protocols that provide confidentiality, integrity, and authentication for quality data and reports. The security protocols avoidthe source repudiation, which is important in the quality reporting system. This isachieved through implementing powerful cryptographic algorithms. The QASenables efficient data collection and processing required for analysis and interpretation. It also prepares for the development of datasets that can be used in futureartificial intelligence (AI) researches to support decision making and improve thequality of academic programs. The proposed approach is implemented in a successful real case study for a computer science program. The current study servesscientific programs struggling to achieve academic accreditation, and gives rise tofully automating and integrating the QA processes and adopting modern AI andsecurity technologies to develop effective QAS.
文摘This paper explores the issue of secure synchronization control in piecewise-homogeneous Markovian jump delay neural networks affected by denial-of-service(DoS)attacks.Initially,a novel memory-based adaptive event-triggered mechanism(MBAETM)is designed based on sequential growth rates,focusing on event-triggered conditions and thresholds.Subsequently,from the perspective of defenders,non-periodic DoS attacks are re-characterized,and a model of irregular DoS attacks with cyclic fluctuations within time series is further introduced to enhance the system's defense capabilities more effectively.Additionally,considering the unified demands of network security and communication efficiency,a resilient memory-based adaptive event-triggered mechanism(RMBAETM)is proposed.A unified Lyapunov-Krasovskii functional is then constructed,incorporating a loop functional to thoroughly consider information at trigger moments.The master-slave system achieves synchronization through the application of linear matrix inequality techniques.Finally,the proposed methods'effectiveness and superiority are confirmed through four numerical simulation examples.
基金supported by the National Key R&D Program of China(No.2023YFB2703700)the National Natural Science Foundation of China(Nos.U21A20465,62302457,62402444,62172292)+4 种基金the Fundamental Research Funds of Zhejiang Sci-Tech University(Nos.23222092-Y,22222266-Y)the Program for Leading Innovative Research Team of Zhejiang Province(No.2023R01001)the Zhejiang Provincial Natural Science Foundation of China(Nos.LQ24F020008,LQ24F020012)the Foundation of State Key Laboratory of Public Big Data(No.[2022]417)the“Pioneer”and“Leading Goose”R&D Program of Zhejiang(No.2023C01119).
文摘As smart grid technology rapidly advances,the vast amount of user data collected by smart meter presents significant challenges in data security and privacy protection.Current research emphasizes data security and user privacy concerns within smart grids.However,existing methods struggle with efficiency and security when processing large-scale data.Balancing efficient data processing with stringent privacy protection during data aggregation in smart grids remains an urgent challenge.This paper proposes an AI-based multi-type data aggregation method designed to enhance aggregation efficiency and security by standardizing and normalizing various data modalities.The approach optimizes data preprocessing,integrates Long Short-Term Memory(LSTM)networks for handling time-series data,and employs homomorphic encryption to safeguard user privacy.It also explores the application of Boneh Lynn Shacham(BLS)signatures for user authentication.The proposed scheme’s efficiency,security,and privacy protection capabilities are validated through rigorous security proofs and experimental analysis.
基金funding from King Saud University through Researchers Supporting Project number(RSP2024R387),King Saud University,Riyadh,Saudi Arabia.
文摘The emergence of next generation networks(NextG),including 5G and beyond,is reshaping the technological landscape of cellular and mobile networks.These networks are sufficiently scaled to interconnect billions of users and devices.Researchers in academia and industry are focusing on technological advancements to achieve highspeed transmission,cell planning,and latency reduction to facilitate emerging applications such as virtual reality,the metaverse,smart cities,smart health,and autonomous vehicles.NextG continuously improves its network functionality to support these applications.Multiple input multiple output(MIMO)technology offers spectral efficiency,dependability,and overall performance in conjunctionwithNextG.This article proposes a secure channel estimation technique in MIMO topology using a norm-estimation model to provide comprehensive insights into protecting NextG network components against adversarial attacks.The technique aims to create long-lasting and secure NextG networks using this extended approach.The viability of MIMO applications and modern AI-driven methodologies to combat cybersecurity threats are explored in this research.Moreover,the proposed model demonstrates high performance in terms of reliability and accuracy,with a 20%reduction in the MalOut-RealOut-Diff metric compared to existing state-of-the-art techniques.
文摘The simultaneous transmitting and reflecting reconfigurable intelligent surface(STAR-RIS)can independently adjust surface’s reflection and transmission coefficients so as to enhance space coverage.For a multiple-input multiple-output(MIMO)communication system with a STAR-RIS,a base station(BS),an eavesdropper,and multiple users,the system security rate is studied.A joint design of the power allocation at the transmitter and phase shift matrices for reflection and transmission at the STAR-RIS is conducted,in order to maximize the worst achievable security data rate(ASDR).Since the problem is nonconvex and hence challenging,a particle swarm optimization(PSO)based algorithm is developed to tackle the problem.Both the cases of continuous and discrete phase shift matrices at the STAR-RIS are considered.Simulation results demonstrate the effectiveness of the proposed algorithm and shows the benefits of using STAR-RIS in MIMO mutliuser systems.
文摘In today’s rapidly evolving digital landscape,web application security has become paramount as organizations face increasingly sophisticated cyber threats.This work presents a comprehensive methodology for implementing robust security measures in modern web applications and the proof of the Methodology applied to Vue.js,Spring Boot,and MySQL architecture.The proposed approach addresses critical security challenges through a multi-layered framework that encompasses essential security dimensions including multi-factor authentication,fine-grained authorization controls,sophisticated session management,data confidentiality and integrity protection,secure logging mechanisms,comprehensive error handling,high availability strategies,advanced input validation,and security headers implementation.Significant contributions are made to the field of web application security.First,a detailed catalogue of security requirements specifically tailored to protect web applications against contemporary threats,backed by rigorous analysis and industry best practices.Second,the methodology is validated through a carefully designed proof-of-concept implementation in a controlled environment,demonstrating the practical effectiveness of the security measures.The validation process employs cutting-edge static and dynamic analysis tools for comprehensive dependency validation and vulnerability detection,ensuring robust security coverage.The validation results confirm the prevention and avoidance of security vulnerabilities of the methodology.A key innovation of this work is the seamless integration of DevSecOps practices throughout the secure Software Development Life Cycle(SSDLC),creating a security-first mindset from initial design to deployment.By combining proactive secure coding practices with defensive security approaches,a framework is established that not only strengthens application security but also fosters a culture of security awareness within development teams.This hybrid approach ensures that security considerations are woven into every aspect of the development process,rather than being treated as an afterthought.
文摘Industrial intelligence and secure interconnection serve as the foundational platform and critical information infrastructure for new industrialization,carrying significant strategic importance.They not only function as the core engine driving the transformation and upgrading of the manufacturing sector and ensuring stable socioeconomic operation but are also vital to enhancing national technological competitiveness and safeguarding industrial security.
文摘Attribute-based Encryption(ABE)enhances the confidentiality of Electronic Health Records(EHR)(also known as Personal Health Records(PHR))by binding access rights not to individual identities,but to user attribute sets such as roles,specialties,or certifications.This data-centric cryptographic paradigm enables highly fine-grained,policydriven access control,minimizing the need for identity management and supporting scalable multi-user scenarios.This paper presents a comprehensive and critical survey of ABE schemes developed specifically for EHR/PHR systems over the past decade.It explores the evolution of these schemes,analyzing their design principles,strengths,limitations,and the level of granularity they offer in access control.The review also evaluates the security guarantees,efficiency,and practical applicability of these schemes in real-world healthcare environments.Furthermore,the paper outlines the current state of ABE as a mechanism for safeguarding EHR data and managing user access,while also identifying the key challenges that remain.Open issues such as scalability,revocation mechanisms,policy updates,and interoperability are discussed in detail,providing valuable insights for researchers and practitioners aiming to advance the secure management of health information systems.
文摘Unmanned Aerial Vehicle(UAV)-aided communication holds great potential to enhance the transmission performance.However,the information security remains a fundamental requirement due to the high possibilities of line-of-sight links and the broadcast nature.
文摘The dynamics of chaotic memristor-based systems offer promising potential for secure communication.However,existing solutions frequently suffer from drawbacks such as slow synchronization,low key diversity,and poor noise resistance.To overcome these issues,a novel fractional-order chaotic system incorporating a memristor emulator derived from the Shinriki oscillator is proposed.The main contribution lies in the enhanced dynamic complexity and flexibility of the proposed architecture,making it suitable for cryptographic applications.Furthermore,the feasibility of synchronization to ensure secure data transmission is demonstrated through the validation of two strategies:an active control method ensuring asymptotic convergence,and a finite-time control method enabling faster stabilization.The robustness of the scheme is confirmed by simulation results on a color image:χ^(2)=253/237/267(R/G/B);entropy≈7.993;correlations between adjacent pixels in all directions are close to zero(e.g.,-0.0318 vertically);and high number of pixel change rate and unified average changing intensity(e.g.,33.40%and 99.61%,respectively).Peak signal-to-noise ratio analysis shows that resilience to noise and external disturbances is maintained.It is shown that multiple fractional orders further enrich the chaotic behavior,increasing the systems suitability for secure communication in embedded environments.These findings highlight the relevance of fractional-order chaotic memristive systems for lightweight secure transmission applications.
基金supported in part by the National Natural Science Foundation of China under Grant 61971474in part by the National Natural Science Foundation of China under Grant 62301594+2 种基金in part by the Special Funds of the National Natural Science Foundation of China under Grant 62341112in part by the Beijing Nova Program under Grant Z201100006820121in part by the Beijing Municipal Science and Technology Project under Grant Z181100003218015.
文摘Applying non-orthogonal multiple access(NOMA)to the mobile edge computing(MEC)network supported by unmanned aerial vehicles(UAVs)can improve spectral efficiency and achieve massive user access on the basis of solving computing resource constraints and coverage problems.However,the UAV-enabled network has a serious risk of information leakage on account of the openness of wireless channel.This paper considers a UAV-MEC secure network based on NOMA technology,which aims to minimize the UAV energy consumption.To achieve the purpose while meeting the security and users’latency requirements,we formulate an optimization problem that jointly optimizes the UAV trajectory and the allocation of network resources.Given that the original problem is non-convex and multivariate coupled,we proposed an effective algorithm to decouple the nonconvex problem into independent user relation coefficients and subproblems based on successive convex approximation(SCA)and block coordinate descent(BCD).The simulation results showcase the performance of our optimization scheme across various parameter settings and confirm its superiority over other benchmarks with respect to energy consumption.
文摘As industrialization and informatization in China deeply integrate and the Internet of Things rapidly develops,industrial control systems are facing increasingly severe information security challenges.The industrial control system of the gas extraction plant is characterized by numerous points and centralized operations,with a strong reliance on the system and stringent real-time requirements.
基金supported by the National Natural Science Foundation of China(NSFC)[grant numbers 62171188]the Guangdong Provincial Key Laboratory of Human Digital Twin[Grant 2022B1212010004].
文摘In wireless Energy Harvesting(EH)cooperative networks,we investigate the problem of secure energy-saving resource allocation for downlink physical layer security transmission.Initially,we establish a model for a multi-relay cooperative network incorporating wireless energy harvesting,spectrum sharing,and system power constraints,focusing on physical layersecurity transmission in the presence of eavesdropping nodes.In this model,the source node transmits signals while injecting Artificial Noise(AN)to mitigate eavesdropping risks,and an idle relay can act as a jamming node to assist in this process.Based on this model,we formulate an optimization problem for maximizing system secure harvesting energy efficiency,this problem integrates constraints on total power,bandwidth,and AN allocation.We proceed by conducting a mathematical analysis of the optimization problem,deriving optimal solutions for secure energy-saving resource allocation,this includes strategies for power allocation at the source and relay nodes,bandwidth allocation among relays,and power splitting for the energy harvesting node.Thus,we propose a secure resource allocation algorithm designed to maximize secure harvesting energy efficiency.Finally,we validate the correctness of the theoretical derivation through Monte Carlo simulations,discussing the impact of parameters such as legitimate channel gain,power splitting factor,and the number of relays on secure harvesting energy efficiency of the system.The simulation results show that the proposed secure energy-saving resource allocation algorithm effectively enhances the security performance of the system.
基金co-supported by the National Key Research and Development Program of China(No.2024YFE0107900)the National Natural Science Foundation of China(No.62222105)+1 种基金the Natural Science Foundation of Guangdong Province,China(No.2024A1515010235)the 2024 China Unicom Guangdong low-altitude communication and sensing key technology research and digital twin platform research and development project(No.20241890).
文摘Unmanned aerial vehicle(UAV)swarm network consisting of a collection of micro UAVs can be used for many applications.It is well established that packet routing is a fundamental problem to achieve UAV collaboration.However,the highly dynamic nature of UAVs,frequently changing network topologies and security issues,poses significant challenges to packet forwarding in UAV networks.The existing topology-based routing protocols are not well suited in UAV network due to their high controlling overhead or excessive end-to-end delay.Geographic routing is regarded as a promising solution,as it only requires local information.In order to enhance the accuracy and security of geographic routing in highly dynamic UAV network,in this paper,we propose a new predictive geographic(PGeo)routing strategy with location verification.First,a detection mechanism is adopted to recognize malicious UAVs falsifying their location.Then,an accurate average service time of a packet in the medium access control(MAC)layer is derived to assist location prediction.The proposed delay model can provide a theoretical basis for future work,and our simulation results reveal that PGeo outstrips the existing geographic routing protocols in terms of packet delivery ratio in the presence of location spoofing behavior.
基金supported in part by the Natural Science Foundation of Fujian Province under Grant 2022J01169the Local Science and Technology Development of Fujian Province under Grant 2021L3010+3 种基金the Key Project of Science and Technology Innovation of Fujian Province under Grant 2021G02006the National Natural Science Foundation of China under Grants 61971360 and 62271420the National Natural Science Foundation of China under Grant 62071247the Urban Carbon Neutral Science and Technology Innovation Fund Project of Beijing University of Technology ($040000514122607$)。
文摘In this paper,the application of Non-Orthogonal Multiple Access(NOMA)is investigated in a multiple-input single-output network consisting of multiple legitimate users and a potential eavesdropper.To support secure transmissions from legitimate users,two NOMA Secrecy Sum Rate Transmit Beam Forming(NOMA-SSR-TBF)schemes are proposed to maximise the SSR of a Base Station(BS)with sufficient and insufficient transmit power.For BS with sufficient transmit power,an artificial jamming beamforming design scheme is proposed to disrupt the potential eavesdropping without impacting the legitimate transmissions.In addition,for BS with insufficient transmit power,a modified successive interference cancellation decoding sequence is used to reduce the impact of artificial jamming on legitimate transmissions.More specifically,iterative algorithm for the successive convex approximation are provided to jointly optimise the vectors of transmit beamforming and artificial jamming.Experimental results demonstrate that the proposed NOMA-SSR-TBF schemes outperforms the existing works,such as the maximized artificial jamming power scheme,the maximized artificial jamming power scheme with artificial jamming beamforming design and maximized secrecy sum rate scheme without artificial jamming beamforming design.
基金supported in part by the National Natural Science Foundation of China(No.62171154)in part by the Fundamental Research Funds for the Central Universities,China(No.HIT.OCEF.2023030).
文摘Non-Orthogonal Multiple Access(NOMA)in Unmanned Aerial Vehicle(UAV)-assisted communications is a promising technique in future wireless networks.However,for UAV-assisted communication systems,secure and covert communication is crucial for maintaining confidentiality in battlefield environments.This study focuses on a novel two-way relaying system assisted by the UAV,leveraging Power Domain NOMA(PD-NOMA),trajectory design,and power allocation strategies to enhance secure communication rates.A PD-NOMA scheme is proposed for the half-duplex two-way UAV relay,utilizing the advantage of Air-to-Ground(A2G)channel.The covert communication scheme is proposed based on the proposed NOMA scheme.A method using permutation matrices is proposed to dynamically adjust the NOMA decoding order based on the UAV trajectory and communication power levels,to reduce complexity while ensuring information causality constraints.A low-interference jamming strategy is proposed for the system for covertness communication.Because of the non-convexity of the problem,the power allocation and trajectory design problem are solved with Difference of Convex(DC)programming and Successive Convex Approximation(SCA).The schemes of jointly designing the NOMA order,allocating the communication power,and designing the trajectory are proposed to maximize the minimum secure communication data rate.Simulation results show that the proposed NOMA-UAV secure communication schemes outperform the benchmarks of the conventional Orthogonal Multiple Access(OMA)method.
