The increased connectivity and reliance on digital technologies have exposed smart transportation systems to various cyber threats,making intrusion detection a critical aspect of ensuring their secure operation.Tradit...The increased connectivity and reliance on digital technologies have exposed smart transportation systems to various cyber threats,making intrusion detection a critical aspect of ensuring their secure operation.Traditional intrusion detection systems have limitations in terms of centralized architecture,lack of transparency,and vulnerability to single points of failure.This is where the integration of blockchain technology with signature-based intrusion detection can provide a robust and decentralized solution for securing smart transportation systems.This study tackles the issue of database manipulation attacks in smart transportation networks by proposing a signaturebased intrusion detection system.The introduced signature facilitates accurate detection and systematic classification of attacks,enabling categorization according to their severity levels within the transportation infrastructure.Through comparative analysis,the research demonstrates that the blockchain-based IDS outperforms traditional approaches in terms of security,resilience,and data integrity.展开更多
The simultaneous transmitting and reflecting reconfigurable intelligent surface(STAR-RIS)can independently adjust surface’s reflection and transmission coefficients so as to enhance space coverage.For a multiple-inpu...The simultaneous transmitting and reflecting reconfigurable intelligent surface(STAR-RIS)can independently adjust surface’s reflection and transmission coefficients so as to enhance space coverage.For a multiple-input multiple-output(MIMO)communication system with a STAR-RIS,a base station(BS),an eavesdropper,and multiple users,the system security rate is studied.A joint design of the power allocation at the transmitter and phase shift matrices for reflection and transmission at the STAR-RIS is conducted,in order to maximize the worst achievable security data rate(ASDR).Since the problem is nonconvex and hence challenging,a particle swarm optimization(PSO)based algorithm is developed to tackle the problem.Both the cases of continuous and discrete phase shift matrices at the STAR-RIS are considered.Simulation results demonstrate the effectiveness of the proposed algorithm and shows the benefits of using STAR-RIS in MIMO mutliuser systems.展开更多
The dynamics of chaotic memristor-based systems offer promising potential for secure communication.However,existing solutions frequently suffer from drawbacks such as slow synchronization,low key diversity,and poor no...The dynamics of chaotic memristor-based systems offer promising potential for secure communication.However,existing solutions frequently suffer from drawbacks such as slow synchronization,low key diversity,and poor noise resistance.To overcome these issues,a novel fractional-order chaotic system incorporating a memristor emulator derived from the Shinriki oscillator is proposed.The main contribution lies in the enhanced dynamic complexity and flexibility of the proposed architecture,making it suitable for cryptographic applications.Furthermore,the feasibility of synchronization to ensure secure data transmission is demonstrated through the validation of two strategies:an active control method ensuring asymptotic convergence,and a finite-time control method enabling faster stabilization.The robustness of the scheme is confirmed by simulation results on a color image:χ^(2)=253/237/267(R/G/B);entropy≈7.993;correlations between adjacent pixels in all directions are close to zero(e.g.,-0.0318 vertically);and high number of pixel change rate and unified average changing intensity(e.g.,33.40%and 99.61%,respectively).Peak signal-to-noise ratio analysis shows that resilience to noise and external disturbances is maintained.It is shown that multiple fractional orders further enrich the chaotic behavior,increasing the systems suitability for secure communication in embedded environments.These findings highlight the relevance of fractional-order chaotic memristive systems for lightweight secure transmission applications.展开更多
The performance of traditional regular Intelligent Reflecting Surface(IRS)improves as the number of IRS elements increases,but more reflecting elements lead to higher IRS power consumption and greater overhead of chan...The performance of traditional regular Intelligent Reflecting Surface(IRS)improves as the number of IRS elements increases,but more reflecting elements lead to higher IRS power consumption and greater overhead of channel estimation.The Irregular Intelligent Reflecting Surface(IIRS)can enhance the performance of the IRS as well as boost the system performance when the number of reflecting elements is limited.However,due to the lack of radio frequency chain in IRS,it is challenging for the Base Station(BS)to gather perfect Channel State Information(CSI),especially in the presence of Eavesdroppers(Eves).Therefore,in this paper we investigate the minimum transmit power problem of IIRS-aided Simultaneous Wireless Information and Power Transfer(SWIPT)secure communication system with imperfect CSI of BS-IIRS-Eves links,which is subject to the rate outage probability constraints of the Eves,the minimum rate constraints of the Information Receivers(IRs),the energy harvesting constraints of the Energy Receivers(ERs),and the topology matrix constraints.Afterward,the formulated nonconvex problem can be efficiently tackled by employing joint optimization algorithm combined with successive refinement method and adaptive topology design method.Simulation results demonstrate the effectiveness of the proposed scheme and the superiority of IIRS.展开更多
There has been significant recent research on secure control problems that arise from the open and complex realworld industrial environments.This paper focuses on addressing the issue of secure consensus control in mu...There has been significant recent research on secure control problems that arise from the open and complex realworld industrial environments.This paper focuses on addressing the issue of secure consensus control in multi-agent systems(MASs)under malicious attacks,utilizing the practical Byzantine fault tolerance(PBFT)and Raft consensus algorithm in blockchain.Unlike existing secure consensus control algorithms that have strict requirements for topology and high communication costs,our approach introduces a node grouping methodology based on system topology.Additionally,we utilize the PBFT consensus algorithm for intergroup leader identity verification,effectively reducing the communication complexity of PBFT in large-scale networks.Furthermore,we enhance the Raft algorithm through cryptographic validation during followers’log replication,which enhances the security of the system.Our proposed consensus process not only identifies the identities of malicious agents but also ensures consensus among normal agents.Through extensive simulations,we demonstrate robust convergence,particularly in scenarios with the relaxed topological requirements.Comparative experiments also validate the algorithm’s lower consensus latency and improved efficiency compared to direct PBFT utilization for identity verification and classical secure consensus control method mean subsequence reduced(MSR)algorithm.展开更多
Dear Editor,The attacker is always going to intrude covertly networked control systems(NCSs)by dynamically changing false data injection attacks(FDIAs)strategy,while the defender try their best to resist attacks by de...Dear Editor,The attacker is always going to intrude covertly networked control systems(NCSs)by dynamically changing false data injection attacks(FDIAs)strategy,while the defender try their best to resist attacks by designing defense strategy on the basis of identifying attack strategy,maintaining stable operation of NCSs.To solve this attack-defense game problem,this letter investigates optimal secure control of NCSs under FDIAs.First,for the alterations of energy caused by false data,a novel attack-defense game model is constructed,which considers the changes of energy caused by the actions of the defender and attacker in the forward and feedback channels.展开更多
In secure communications,lightweight encryption has become crucial,particularly for resource-constrained applications such as embedded devices,wireless sensor networks,and the Internet of Things(IoT).As these systems ...In secure communications,lightweight encryption has become crucial,particularly for resource-constrained applications such as embedded devices,wireless sensor networks,and the Internet of Things(IoT).As these systems proliferate,cryptographic approaches that provide robust security while minimizing computing overhead,energy consumption,and memory usage are becoming increasingly essential.This study examines lightweight encryption techniques utilizing chaotic maps to ensure secure data transmission.Two algorithms are proposed,both employing the Logistic map;the first approach utilizes two logistic chaotic maps,while the second algorithm employs a single logistic chaotic map.Algorithm 1,including a two-stage mechanism that uses chaotic maps for both transposition and key generation,is distinguished by its robustness,guaranteeing a secure encryption method.The second techniqueutilized a single logistic chaoticmapeliminating the secondchaoticmapdecreases computing complexity while maintaining security.The efficacy of both algorithms was evaluated by subjecting them to NIST randomness tests following testing on text files of varying sizes.The findings demonstrate that the double chaotic map method regularly achieves elevated unpredictability and resilience.Conversely,the singular chaotic algorithm markedly lowers the duration necessary for encryption and decryption.These data suggest that while both algorithms are effective,their choice may be contingent upon specific security and processing speed requirements in practical applications.展开更多
The complexity of cloud environments challenges secure resource management,especially for intrusion detection systems(IDS).Existing strategies struggle to balance efficiency,cost fairness,and threat resilience.This pa...The complexity of cloud environments challenges secure resource management,especially for intrusion detection systems(IDS).Existing strategies struggle to balance efficiency,cost fairness,and threat resilience.This paper proposes an innovative approach to managing cloud resources through the integration of a genetic algorithm(GA)with a“double auction”method.This approach seeks to enhance security and efficiency by aligning buyers and sellers within an intelligent market framework.It guarantees equitable pricing while utilizing resources efficiently and optimizing advantages for all stakeholders.The GA functions as an intelligent search mechanism that identifies optimal combinations of bids from users and suppliers,addressing issues arising from the intricacies of cloud systems.Analyses proved that our method surpasses previous strategies,particularly in terms of price accuracy,speed,and the capacity to manage large-scale activities,critical factors for real-time cybersecurity systems,such as IDS.Our research integrates artificial intelligence-inspired evolutionary algorithms with market-driven methods to develop intelligent resource management systems that are secure,scalable,and adaptable to evolving risks,such as process innovation.展开更多
The advent of quantum computing poses a significant challenge to traditional cryptographic protocols,particularly those used in SecureMultiparty Computation(MPC),a fundamental cryptographic primitive for privacypreser...The advent of quantum computing poses a significant challenge to traditional cryptographic protocols,particularly those used in SecureMultiparty Computation(MPC),a fundamental cryptographic primitive for privacypreserving computation.Classical MPC relies on cryptographic techniques such as homomorphic encryption,secret sharing,and oblivious transfer,which may become vulnerable in the post-quantum era due to the computational power of quantum adversaries.This study presents a review of 140 peer-reviewed articles published between 2000 and 2025 that used different databases like MDPI,IEEE Explore,Springer,and Elsevier,examining the applications,types,and security issues with the solution of Quantum computing in different fields.This review explores the impact of quantum computing on MPC security,assesses emerging quantum-resistant MPC protocols,and examines hybrid classicalquantum approaches aimed at mitigating quantum threats.We analyze the role of Quantum Key Distribution(QKD),post-quantum cryptography(PQC),and quantum homomorphic encryption in securing multiparty computations.Additionally,we discuss the challenges of scalability,computational efficiency,and practical deployment of quantumsecure MPC frameworks in real-world applications such as privacy-preserving AI,secure blockchain transactions,and confidential data analysis.This review provides insights into the future research directions and open challenges in ensuring secure,scalable,and quantum-resistant multiparty computation.展开更多
The increasing interconnection of modern industrial control systems(ICSs)with the Internet has enhanced operational efficiency,but alsomade these systemsmore vulnerable to cyberattacks.This heightened exposure has dri...The increasing interconnection of modern industrial control systems(ICSs)with the Internet has enhanced operational efficiency,but alsomade these systemsmore vulnerable to cyberattacks.This heightened exposure has driven a growing need for robust ICS security measures.Among the key defences,intrusion detection technology is critical in identifying threats to ICS networks.This paper provides an overview of the distinctive characteristics of ICS network security,highlighting standard attack methods.It then examines various intrusion detection methods,including those based on misuse detection,anomaly detection,machine learning,and specialised requirements.This paper concludes by exploring future directions for developing intrusion detection systems to advance research and ensure the continued security and reliability of ICS operations.展开更多
Purpose-Amidst an increasingly severe cybersecurity landscape,the widespread adoption of Xinchuang endpoints has become a strategic imperative.Governments and enterprises have established terminal localization as a cr...Purpose-Amidst an increasingly severe cybersecurity landscape,the widespread adoption of Xinchuang endpoints has become a strategic imperative.Governments and enterprises have established terminal localization as a critical objective,aiming for comprehensive indigenous replacement through rapid technological iteration.Consequently,Xinchuang systems and Windows platforms are expected to coexist over an extended period.This study seeks to establish an automated verification framework for multi-version operating systems and validate the efficacy of baseline hardening in mitigating security risks.Design/methodology/approach-Based on the Classified Protection 2.0 framework and relevant national standards for endpoint security,this study proposes an endpoint security baseline verification scheme applicable to multiple operating systems.The scheme addresses divergent security policies and implementation methodologies across heterogeneous environments.It automates the inspection of core baselines,including account password complexity,default shared service status and patch installation status.Furthermore,a comprehensive scoring model is established by incorporating differentiated weights for account security,patch management and log auditing,ultimately generating visualized risk reports to facilitate remediation prioritization.Findings-This study reveals that baseline configuration serves as the fundamental prerequisite in endpoint security practices.Through a scalable detection engine and quantitative scoring model,the system can promptly identify and remediate potential risks,thereby reducing the attack surface and mitigating intrusion risks.However,on certain domestic chip architectures,compatibility issues persist in detecting specific configuration items.Further improvement in hardware-software co-adaptation for domestic platforms is required to advance the development of localized security protection systems.Originality/value-Through in-depth research on security baseline configurations across multiple operating systems,this study implements an automated and visualized baseline verification methodology.This approach significantly strengthens the security posture of domestic operating systems and supports the establishment of a more robust,national-level cybersecurity defense framework.展开更多
Industrial Cyber-Physical Systems(ICPSs)play a vital role in modern industries by providing an intellectual foundation for automated operations.With the increasing integration of information-driven processes,ensuring ...Industrial Cyber-Physical Systems(ICPSs)play a vital role in modern industries by providing an intellectual foundation for automated operations.With the increasing integration of information-driven processes,ensuring the security of Industrial Control Production Systems(ICPSs)has become a critical challenge.These systems are highly vulnerable to attacks such as denial-of-service(DoS),eclipse,and Sybil attacks,which can significantly disrupt industrial operations.This work proposes an effective protection strategy using an Artificial Intelligence(AI)-enabled Smart Contract(SC)framework combined with the Heterogeneous Barzilai-Borwein Support Vector(HBBSV)method for industrial-based CPS environments.The approach reduces run time and minimizes the probability of attacks.Initially,secured ICPSs are achieved through a comprehensive exchange of views on production plant strategies for condition monitoring using SC and blockchain(BC)integrated within a BC network.The SC executes the HBBSV strategy to verify the security consensus.The Barzilai-Borwein Support Vectorized algorithm computes abnormal attack occurrence probabilities to ensure that components operate within acceptable production line conditions.When a component remains within these conditions,no security breach occurs.Conversely,if a component does not satisfy the condition boundaries,a security lapse is detected,and those components are isolated.The HBBSV method thus strengthens protection against DoS,eclipse,and Sybil attacks.Experimental results demonstrate that the proposed HBBSV approach significantly improves security by enhancing authentication accuracy while reducing run time and authentication time compared to existing techniques.展开更多
This paper presents an intelligent patrol and security robot integrating 2D LiDAR and RGB-D vision sensors to achieve semantic simultaneous localization and mapping(SLAM),real-time object recognition,and dynamic obsta...This paper presents an intelligent patrol and security robot integrating 2D LiDAR and RGB-D vision sensors to achieve semantic simultaneous localization and mapping(SLAM),real-time object recognition,and dynamic obstacle avoidance.The system employs the YOLOv7 deep-learning framework for semantic detection and SLAM for localization and mapping,fusing geometric and visual data to build a high-fidelity 2D semantic map.This map enables the robot to identify and project object information for improved situational awareness.Experimental results show that object recognition reached 95.4%mAP@0.5.Semantic completeness increased from 68.7%(single view)to 94.1%(multi-view)with an average position error of 3.1 cm.During navigation,the robot achieved 98.0%reliability,avoided moving obstacles in 90.0%of encounters,and replanned paths in 0.42 s on average.The integration of LiDAR-based SLAMwith deep-learning–driven semantic perception establishes a robust foundation for intelligent,adaptive,and safe robotic navigation in dynamic environments.展开更多
Although Named Entity Recognition(NER)in cybersecurity has historically concentrated on threat intelligence,vital security data can be found in a variety of sources,such as open-source intelligence and unprocessed too...Although Named Entity Recognition(NER)in cybersecurity has historically concentrated on threat intelligence,vital security data can be found in a variety of sources,such as open-source intelligence and unprocessed tool outputs.When dealing with technical language,the coexistence of structured and unstructured data poses serious issues for traditional BERT-based techniques.We introduce a three-phase approach for improved NER inmulti-source cybersecurity data that makes use of large language models(LLMs).To ensure thorough entity coverage,our method starts with an identification module that uses dynamic prompting techniques.To lessen hallucinations,the extraction module uses confidence-based self-assessment and cross-checking using regex validation.The tagging module links to knowledge bases for contextual validation and uses SecureBERT in conjunction with conditional random fields to detect entity boundaries precisely.Our framework creates efficient natural language segments by utilizing decoderbased LLMs with 10B parameters.When compared to baseline SecureBERT implementations,evaluation across four cybersecurity data sources shows notable gains,with a 9.4%–25.21%greater recall and a 6.38%–17.3%better F1-score.Our refined model matches larger models and achieves 2.6%–4.9%better F1-score for technical phrase recognition than the state-of-the-art alternatives Claude 3.5 Sonnet,Llama3-8B,and Mixtral-7B.The three-stage architecture identification-extraction-tagging pipeline tackles important cybersecurity NER issues.Through effective architectures,these developments preserve deployability while setting a new standard for entity extraction in challenging security scenarios.The findings show how specific enhancements in hybrid recognition,validation procedures,and prompt engineering raise NER performance above monolithic LLM approaches in cybersecurity applications,especially for technical entity extraction fromheterogeneous sourceswhere conventional techniques fall short.Because of itsmodular nature,the framework can be upgraded at the component level as new methods are developed.展开更多
Elliptic curve(EC)based cryptosystems gained more attention due to enhanced security than the existing public key cryptosystems.A substitution box(S-box)plays a vital role in securing modern symmetric key cryptosystem...Elliptic curve(EC)based cryptosystems gained more attention due to enhanced security than the existing public key cryptosystems.A substitution box(S-box)plays a vital role in securing modern symmetric key cryptosystems.However,the recently developed EC based algorithms usually trade off between computational efficiency and security,necessitating the design of a new algorithm with the desired cryptographic strength.To address these shortcomings,this paper proposes a new scheme based onMordell elliptic curve(MEC)over the complex field for generating distinct,dynamic,and highly uncorrelated S-boxes.Furthermore,we count the exact number of the obtained S-boxes,and demonstrate that the permuted version of the presented S-box is statistically optimal.The nonsingularity of the presented algorithm and the injectivity of the resultant output are explored.Rigorous theoretical analysis and experimental results demonstrate that the proposedmethod is highly effective in generating a large number of dynamic S-boxes with adequate cryptographic properties,surpassing current state-of-the-art S-box generation algorithms in terms of security.Apart fromthis,the generated S-box is benchmarked using side-channel attacks,and its performance is compared with highly nonlinear S-boxes,demonstrating comparable results.In addition,we present an application of our proposed S-box generator by incorporating it into an image encryption technique.The encrypted and decrypted images are tested by employing extensive standard security metrics,including the Number of Pixel Change Rate,the Unified Average Changing Intensity,information entropy,correlation coefficient,and histogram analysis.Moreover,the analysis is extended beyond conventional metrics to validate the new method using advanced tests,such as the NIST statistical test suite,robustness analysis,and noise and cropping attacks.Experimental outcomes show that the presented algorithm strengthens the existing encryption scheme against various well-known cryptographic attacks.展开更多
The integration of machine learning(ML)technology with Internet of Things(IoT)systems produces essential changes in healthcare operations.Healthcare personnel can track patients around the clock thanks to healthcare I...The integration of machine learning(ML)technology with Internet of Things(IoT)systems produces essential changes in healthcare operations.Healthcare personnel can track patients around the clock thanks to healthcare IoT(H-IoT)technology,which also provides proactive statistical findings and precise medical diagnoses that enhance healthcare performance.This study examines how ML might support IoT-based health care systems,namely in the areas of prognostic systems,disease detection,patient tracking,and healthcare operations control.The study looks at the benefits and drawbacks of several machine learning techniques for H-IoT applications.It also examines the fundamental problems,such as data security and cyberthreats,as well as the high processing demands that these systems face.Alongside this,the essay discusses the advantages of all the technologies,including machine learning,deep learning,and the Internet of Things,as well as the significant difficulties and problems that arise when integrating the technology into healthcare forecasts.展开更多
The growing developments in 5G and 6G wireless communications have revolutionized communications technologies,providing faster speeds with reduced latency and improved connectivity to users.However,it raises significa...The growing developments in 5G and 6G wireless communications have revolutionized communications technologies,providing faster speeds with reduced latency and improved connectivity to users.However,it raises significant security challenges,including impersonation threats,data manipulation,distributed denial of service(DDoS)attacks,and privacy breaches.Traditional security measures are inadequate due to the decentralized and dynamic nature of next-generation networks.This survey provides a comprehensive review of how Federated Learning(FL),Blockchain,and Digital Twin(DT)technologies can collectively enhance the security of 5G and 6G systems.Blockchain offers decentralized,immutable,and transparent mechanisms for securing network transactions,while FL enables privacy-preserving collaborative learning without sharing raw data.Digital Twins create virtual replicas of network components,enabling real-time monitoring,anomaly detection,and predictive threat analysis.The survey examines major security issues in emerging wireless architectures and analyzes recent advancements that integrate FL,Blockchain,and DT to mitigate these threats.Additionally,it presents practical use cases,synthesizes key lessons learned,and identifies ongoing research challenges.Finally,the survey outlines future research directions to support the development of scalable,intelligent,and robust security frameworks for next-generation wireless networks.展开更多
Federated Learning(FL)enables joint training over distributed devices without data exchange but is highly vulnerable to attacks by adversaries in the form of model poisoning and malicious update injection.This work pr...Federated Learning(FL)enables joint training over distributed devices without data exchange but is highly vulnerable to attacks by adversaries in the form of model poisoning and malicious update injection.This work proposes Secured-FL,a blockchain-based defensive framework that combines smart contract-based authentication,clustering-driven outlier elimination,and dynamic threshold adjustment to defend against adversarial attacks.The framework was implemented on a private Ethereum network with a Proof-of-Authority consensus algorithm to ensure tamper-resistant and auditable model updates.Large-scale simulation on the Cyber Data dataset,under up to 50%malicious client settings,demonstrates Secured-FL achieves 6%-12%higher accuracy,9%-15%lower latency,and approximately 14%less computational expense compared to the PPSS benchmark framework.Additional tests,including confusion matrices,ROC and Precision-Recall curves,and ablation tests,confirm the interpretability and robustness of the defense.Tests for scalability also show consistent performance up to 500 clients,affirming appropriateness to reasonably large deployments.These results make Secured-FL a feasible,adversarially resilient FL paradigm with promising potential for application in smart cities,medicine,and other mission-critical IoT deployments.展开更多
As healthcare systems increasingly embrace digitalization,effective management of electronic health records(EHRs)has emerged as a critical priority,particularly in inpatient settings where data sensitivity and realtim...As healthcare systems increasingly embrace digitalization,effective management of electronic health records(EHRs)has emerged as a critical priority,particularly in inpatient settings where data sensitivity and realtime access are paramount.Traditional EHR systems face significant challenges,including unauthorized access,data breaches,and inefficiencies in tracking follow-up appointments,which heighten the risk of misdiagnosis and medication errors.To address these issues,this research proposes a hybrid blockchain-based solution for securely managing EHRs,specifically designed as a framework for tracking inpatient follow-ups.By integrating QR codeenabled data access with a blockchain architecture,this innovative approach enhances privacy protection,data integrity,and auditing capabilities,while facilitating swift and real-time data retrieval.The architecture adheres to Role-Based Access Control(RBAC)principles and utilizes robust encryption techniques,including SHA-256 and AES-256-CBC,to secure sensitive information.A comprehensive threat model outlines trust boundaries and potential adversaries,complemented by a validated data transmission protocol.Experimental results demonstrate that the framework remains reliable in concurrent access scenarios,highlighting its efficiency and responsiveness in real-world applications.This study emphasizes the necessity for hybrid solutions in managing sensitive medical information and advocates for integrating blockchain technology and QR code innovations into contemporary healthcare systems.展开更多
基金supported by the National Research Foundation(NRF),Republic of Korea,under project BK21 FOUR(4299990213939).
文摘The increased connectivity and reliance on digital technologies have exposed smart transportation systems to various cyber threats,making intrusion detection a critical aspect of ensuring their secure operation.Traditional intrusion detection systems have limitations in terms of centralized architecture,lack of transparency,and vulnerability to single points of failure.This is where the integration of blockchain technology with signature-based intrusion detection can provide a robust and decentralized solution for securing smart transportation systems.This study tackles the issue of database manipulation attacks in smart transportation networks by proposing a signaturebased intrusion detection system.The introduced signature facilitates accurate detection and systematic classification of attacks,enabling categorization according to their severity levels within the transportation infrastructure.Through comparative analysis,the research demonstrates that the blockchain-based IDS outperforms traditional approaches in terms of security,resilience,and data integrity.
文摘The simultaneous transmitting and reflecting reconfigurable intelligent surface(STAR-RIS)can independently adjust surface’s reflection and transmission coefficients so as to enhance space coverage.For a multiple-input multiple-output(MIMO)communication system with a STAR-RIS,a base station(BS),an eavesdropper,and multiple users,the system security rate is studied.A joint design of the power allocation at the transmitter and phase shift matrices for reflection and transmission at the STAR-RIS is conducted,in order to maximize the worst achievable security data rate(ASDR).Since the problem is nonconvex and hence challenging,a particle swarm optimization(PSO)based algorithm is developed to tackle the problem.Both the cases of continuous and discrete phase shift matrices at the STAR-RIS are considered.Simulation results demonstrate the effectiveness of the proposed algorithm and shows the benefits of using STAR-RIS in MIMO mutliuser systems.
文摘The dynamics of chaotic memristor-based systems offer promising potential for secure communication.However,existing solutions frequently suffer from drawbacks such as slow synchronization,low key diversity,and poor noise resistance.To overcome these issues,a novel fractional-order chaotic system incorporating a memristor emulator derived from the Shinriki oscillator is proposed.The main contribution lies in the enhanced dynamic complexity and flexibility of the proposed architecture,making it suitable for cryptographic applications.Furthermore,the feasibility of synchronization to ensure secure data transmission is demonstrated through the validation of two strategies:an active control method ensuring asymptotic convergence,and a finite-time control method enabling faster stabilization.The robustness of the scheme is confirmed by simulation results on a color image:χ^(2)=253/237/267(R/G/B);entropy≈7.993;correlations between adjacent pixels in all directions are close to zero(e.g.,-0.0318 vertically);and high number of pixel change rate and unified average changing intensity(e.g.,33.40%and 99.61%,respectively).Peak signal-to-noise ratio analysis shows that resilience to noise and external disturbances is maintained.It is shown that multiple fractional orders further enrich the chaotic behavior,increasing the systems suitability for secure communication in embedded environments.These findings highlight the relevance of fractional-order chaotic memristive systems for lightweight secure transmission applications.
基金supported in part by the Shenzhen Basic Research Program under Grant JCYJ20220531103008018,and Grants 20231120142345001 and 20231127144045001the Natural Science Foundation of China under Grant U20A20156.
文摘The performance of traditional regular Intelligent Reflecting Surface(IRS)improves as the number of IRS elements increases,but more reflecting elements lead to higher IRS power consumption and greater overhead of channel estimation.The Irregular Intelligent Reflecting Surface(IIRS)can enhance the performance of the IRS as well as boost the system performance when the number of reflecting elements is limited.However,due to the lack of radio frequency chain in IRS,it is challenging for the Base Station(BS)to gather perfect Channel State Information(CSI),especially in the presence of Eavesdroppers(Eves).Therefore,in this paper we investigate the minimum transmit power problem of IIRS-aided Simultaneous Wireless Information and Power Transfer(SWIPT)secure communication system with imperfect CSI of BS-IIRS-Eves links,which is subject to the rate outage probability constraints of the Eves,the minimum rate constraints of the Information Receivers(IRs),the energy harvesting constraints of the Energy Receivers(ERs),and the topology matrix constraints.Afterward,the formulated nonconvex problem can be efficiently tackled by employing joint optimization algorithm combined with successive refinement method and adaptive topology design method.Simulation results demonstrate the effectiveness of the proposed scheme and the superiority of IIRS.
基金supported by the Fundamental Research Funds for the Central Universities(NS2024021)the Science and Technology Development Fund of Macao SAR(0145/2023/RIA3,0093/2023/RIA2,0050/2020/A1)the National Natural Science Foundation of China(62103411).
文摘There has been significant recent research on secure control problems that arise from the open and complex realworld industrial environments.This paper focuses on addressing the issue of secure consensus control in multi-agent systems(MASs)under malicious attacks,utilizing the practical Byzantine fault tolerance(PBFT)and Raft consensus algorithm in blockchain.Unlike existing secure consensus control algorithms that have strict requirements for topology and high communication costs,our approach introduces a node grouping methodology based on system topology.Additionally,we utilize the PBFT consensus algorithm for intergroup leader identity verification,effectively reducing the communication complexity of PBFT in large-scale networks.Furthermore,we enhance the Raft algorithm through cryptographic validation during followers’log replication,which enhances the security of the system.Our proposed consensus process not only identifies the identities of malicious agents but also ensures consensus among normal agents.Through extensive simulations,we demonstrate robust convergence,particularly in scenarios with the relaxed topological requirements.Comparative experiments also validate the algorithm’s lower consensus latency and improved efficiency compared to direct PBFT utilization for identity verification and classical secure consensus control method mean subsequence reduced(MSR)algorithm.
基金supported in part by the National Science Foundation of China(62373240,62273224,U24A20259).
文摘Dear Editor,The attacker is always going to intrude covertly networked control systems(NCSs)by dynamically changing false data injection attacks(FDIAs)strategy,while the defender try their best to resist attacks by designing defense strategy on the basis of identifying attack strategy,maintaining stable operation of NCSs.To solve this attack-defense game problem,this letter investigates optimal secure control of NCSs under FDIAs.First,for the alterations of energy caused by false data,a novel attack-defense game model is constructed,which considers the changes of energy caused by the actions of the defender and attacker in the forward and feedback channels.
文摘In secure communications,lightweight encryption has become crucial,particularly for resource-constrained applications such as embedded devices,wireless sensor networks,and the Internet of Things(IoT).As these systems proliferate,cryptographic approaches that provide robust security while minimizing computing overhead,energy consumption,and memory usage are becoming increasingly essential.This study examines lightweight encryption techniques utilizing chaotic maps to ensure secure data transmission.Two algorithms are proposed,both employing the Logistic map;the first approach utilizes two logistic chaotic maps,while the second algorithm employs a single logistic chaotic map.Algorithm 1,including a two-stage mechanism that uses chaotic maps for both transposition and key generation,is distinguished by its robustness,guaranteeing a secure encryption method.The second techniqueutilized a single logistic chaoticmapeliminating the secondchaoticmapdecreases computing complexity while maintaining security.The efficacy of both algorithms was evaluated by subjecting them to NIST randomness tests following testing on text files of varying sizes.The findings demonstrate that the double chaotic map method regularly achieves elevated unpredictability and resilience.Conversely,the singular chaotic algorithm markedly lowers the duration necessary for encryption and decryption.These data suggest that while both algorithms are effective,their choice may be contingent upon specific security and processing speed requirements in practical applications.
文摘The complexity of cloud environments challenges secure resource management,especially for intrusion detection systems(IDS).Existing strategies struggle to balance efficiency,cost fairness,and threat resilience.This paper proposes an innovative approach to managing cloud resources through the integration of a genetic algorithm(GA)with a“double auction”method.This approach seeks to enhance security and efficiency by aligning buyers and sellers within an intelligent market framework.It guarantees equitable pricing while utilizing resources efficiently and optimizing advantages for all stakeholders.The GA functions as an intelligent search mechanism that identifies optimal combinations of bids from users and suppliers,addressing issues arising from the intricacies of cloud systems.Analyses proved that our method surpasses previous strategies,particularly in terms of price accuracy,speed,and the capacity to manage large-scale activities,critical factors for real-time cybersecurity systems,such as IDS.Our research integrates artificial intelligence-inspired evolutionary algorithms with market-driven methods to develop intelligent resource management systems that are secure,scalable,and adaptable to evolving risks,such as process innovation.
文摘The advent of quantum computing poses a significant challenge to traditional cryptographic protocols,particularly those used in SecureMultiparty Computation(MPC),a fundamental cryptographic primitive for privacypreserving computation.Classical MPC relies on cryptographic techniques such as homomorphic encryption,secret sharing,and oblivious transfer,which may become vulnerable in the post-quantum era due to the computational power of quantum adversaries.This study presents a review of 140 peer-reviewed articles published between 2000 and 2025 that used different databases like MDPI,IEEE Explore,Springer,and Elsevier,examining the applications,types,and security issues with the solution of Quantum computing in different fields.This review explores the impact of quantum computing on MPC security,assesses emerging quantum-resistant MPC protocols,and examines hybrid classicalquantum approaches aimed at mitigating quantum threats.We analyze the role of Quantum Key Distribution(QKD),post-quantum cryptography(PQC),and quantum homomorphic encryption in securing multiparty computations.Additionally,we discuss the challenges of scalability,computational efficiency,and practical deployment of quantumsecure MPC frameworks in real-world applications such as privacy-preserving AI,secure blockchain transactions,and confidential data analysis.This review provides insights into the future research directions and open challenges in ensuring secure,scalable,and quantum-resistant multiparty computation.
文摘The increasing interconnection of modern industrial control systems(ICSs)with the Internet has enhanced operational efficiency,but alsomade these systemsmore vulnerable to cyberattacks.This heightened exposure has driven a growing need for robust ICS security measures.Among the key defences,intrusion detection technology is critical in identifying threats to ICS networks.This paper provides an overview of the distinctive characteristics of ICS network security,highlighting standard attack methods.It then examines various intrusion detection methods,including those based on misuse detection,anomaly detection,machine learning,and specialised requirements.This paper concludes by exploring future directions for developing intrusion detection systems to advance research and ensure the continued security and reliability of ICS operations.
基金supported by scientific research projects of China Academy of Railway Sciences Co.,Ltd.(grant no.2024YJ117).
文摘Purpose-Amidst an increasingly severe cybersecurity landscape,the widespread adoption of Xinchuang endpoints has become a strategic imperative.Governments and enterprises have established terminal localization as a critical objective,aiming for comprehensive indigenous replacement through rapid technological iteration.Consequently,Xinchuang systems and Windows platforms are expected to coexist over an extended period.This study seeks to establish an automated verification framework for multi-version operating systems and validate the efficacy of baseline hardening in mitigating security risks.Design/methodology/approach-Based on the Classified Protection 2.0 framework and relevant national standards for endpoint security,this study proposes an endpoint security baseline verification scheme applicable to multiple operating systems.The scheme addresses divergent security policies and implementation methodologies across heterogeneous environments.It automates the inspection of core baselines,including account password complexity,default shared service status and patch installation status.Furthermore,a comprehensive scoring model is established by incorporating differentiated weights for account security,patch management and log auditing,ultimately generating visualized risk reports to facilitate remediation prioritization.Findings-This study reveals that baseline configuration serves as the fundamental prerequisite in endpoint security practices.Through a scalable detection engine and quantitative scoring model,the system can promptly identify and remediate potential risks,thereby reducing the attack surface and mitigating intrusion risks.However,on certain domestic chip architectures,compatibility issues persist in detecting specific configuration items.Further improvement in hardware-software co-adaptation for domestic platforms is required to advance the development of localized security protection systems.Originality/value-Through in-depth research on security baseline configurations across multiple operating systems,this study implements an automated and visualized baseline verification methodology.This approach significantly strengthens the security posture of domestic operating systems and supports the establishment of a more robust,national-level cybersecurity defense framework.
文摘Industrial Cyber-Physical Systems(ICPSs)play a vital role in modern industries by providing an intellectual foundation for automated operations.With the increasing integration of information-driven processes,ensuring the security of Industrial Control Production Systems(ICPSs)has become a critical challenge.These systems are highly vulnerable to attacks such as denial-of-service(DoS),eclipse,and Sybil attacks,which can significantly disrupt industrial operations.This work proposes an effective protection strategy using an Artificial Intelligence(AI)-enabled Smart Contract(SC)framework combined with the Heterogeneous Barzilai-Borwein Support Vector(HBBSV)method for industrial-based CPS environments.The approach reduces run time and minimizes the probability of attacks.Initially,secured ICPSs are achieved through a comprehensive exchange of views on production plant strategies for condition monitoring using SC and blockchain(BC)integrated within a BC network.The SC executes the HBBSV strategy to verify the security consensus.The Barzilai-Borwein Support Vectorized algorithm computes abnormal attack occurrence probabilities to ensure that components operate within acceptable production line conditions.When a component remains within these conditions,no security breach occurs.Conversely,if a component does not satisfy the condition boundaries,a security lapse is detected,and those components are isolated.The HBBSV method thus strengthens protection against DoS,eclipse,and Sybil attacks.Experimental results demonstrate that the proposed HBBSV approach significantly improves security by enhancing authentication accuracy while reducing run time and authentication time compared to existing techniques.
基金supported by the National Science and Technology Council of under Grant NSTC 114-2221-E-130-007.
文摘This paper presents an intelligent patrol and security robot integrating 2D LiDAR and RGB-D vision sensors to achieve semantic simultaneous localization and mapping(SLAM),real-time object recognition,and dynamic obstacle avoidance.The system employs the YOLOv7 deep-learning framework for semantic detection and SLAM for localization and mapping,fusing geometric and visual data to build a high-fidelity 2D semantic map.This map enables the robot to identify and project object information for improved situational awareness.Experimental results show that object recognition reached 95.4%mAP@0.5.Semantic completeness increased from 68.7%(single view)to 94.1%(multi-view)with an average position error of 3.1 cm.During navigation,the robot achieved 98.0%reliability,avoided moving obstacles in 90.0%of encounters,and replanned paths in 0.42 s on average.The integration of LiDAR-based SLAMwith deep-learning–driven semantic perception establishes a robust foundation for intelligent,adaptive,and safe robotic navigation in dynamic environments.
文摘Although Named Entity Recognition(NER)in cybersecurity has historically concentrated on threat intelligence,vital security data can be found in a variety of sources,such as open-source intelligence and unprocessed tool outputs.When dealing with technical language,the coexistence of structured and unstructured data poses serious issues for traditional BERT-based techniques.We introduce a three-phase approach for improved NER inmulti-source cybersecurity data that makes use of large language models(LLMs).To ensure thorough entity coverage,our method starts with an identification module that uses dynamic prompting techniques.To lessen hallucinations,the extraction module uses confidence-based self-assessment and cross-checking using regex validation.The tagging module links to knowledge bases for contextual validation and uses SecureBERT in conjunction with conditional random fields to detect entity boundaries precisely.Our framework creates efficient natural language segments by utilizing decoderbased LLMs with 10B parameters.When compared to baseline SecureBERT implementations,evaluation across four cybersecurity data sources shows notable gains,with a 9.4%–25.21%greater recall and a 6.38%–17.3%better F1-score.Our refined model matches larger models and achieves 2.6%–4.9%better F1-score for technical phrase recognition than the state-of-the-art alternatives Claude 3.5 Sonnet,Llama3-8B,and Mixtral-7B.The three-stage architecture identification-extraction-tagging pipeline tackles important cybersecurity NER issues.Through effective architectures,these developments preserve deployability while setting a new standard for entity extraction in challenging security scenarios.The findings show how specific enhancements in hybrid recognition,validation procedures,and prompt engineering raise NER performance above monolithic LLM approaches in cybersecurity applications,especially for technical entity extraction fromheterogeneous sourceswhere conventional techniques fall short.Because of itsmodular nature,the framework can be upgraded at the component level as new methods are developed.
文摘Elliptic curve(EC)based cryptosystems gained more attention due to enhanced security than the existing public key cryptosystems.A substitution box(S-box)plays a vital role in securing modern symmetric key cryptosystems.However,the recently developed EC based algorithms usually trade off between computational efficiency and security,necessitating the design of a new algorithm with the desired cryptographic strength.To address these shortcomings,this paper proposes a new scheme based onMordell elliptic curve(MEC)over the complex field for generating distinct,dynamic,and highly uncorrelated S-boxes.Furthermore,we count the exact number of the obtained S-boxes,and demonstrate that the permuted version of the presented S-box is statistically optimal.The nonsingularity of the presented algorithm and the injectivity of the resultant output are explored.Rigorous theoretical analysis and experimental results demonstrate that the proposedmethod is highly effective in generating a large number of dynamic S-boxes with adequate cryptographic properties,surpassing current state-of-the-art S-box generation algorithms in terms of security.Apart fromthis,the generated S-box is benchmarked using side-channel attacks,and its performance is compared with highly nonlinear S-boxes,demonstrating comparable results.In addition,we present an application of our proposed S-box generator by incorporating it into an image encryption technique.The encrypted and decrypted images are tested by employing extensive standard security metrics,including the Number of Pixel Change Rate,the Unified Average Changing Intensity,information entropy,correlation coefficient,and histogram analysis.Moreover,the analysis is extended beyond conventional metrics to validate the new method using advanced tests,such as the NIST statistical test suite,robustness analysis,and noise and cropping attacks.Experimental outcomes show that the presented algorithm strengthens the existing encryption scheme against various well-known cryptographic attacks.
文摘The integration of machine learning(ML)technology with Internet of Things(IoT)systems produces essential changes in healthcare operations.Healthcare personnel can track patients around the clock thanks to healthcare IoT(H-IoT)technology,which also provides proactive statistical findings and precise medical diagnoses that enhance healthcare performance.This study examines how ML might support IoT-based health care systems,namely in the areas of prognostic systems,disease detection,patient tracking,and healthcare operations control.The study looks at the benefits and drawbacks of several machine learning techniques for H-IoT applications.It also examines the fundamental problems,such as data security and cyberthreats,as well as the high processing demands that these systems face.Alongside this,the essay discusses the advantages of all the technologies,including machine learning,deep learning,and the Internet of Things,as well as the significant difficulties and problems that arise when integrating the technology into healthcare forecasts.
基金derived from a research grant“Cybersecurity Research and Innovation Pioneers Grants Initiative”funded by The National Program for RDI in Cybersecurity(National Cybersecurity Authority)-Kingdom of Saudi Arabia-with grant number(CRPG-25-3168)supported by EIAS Data Science and Blockchain Lab,CCIS,Prince Sultan University.
文摘The growing developments in 5G and 6G wireless communications have revolutionized communications technologies,providing faster speeds with reduced latency and improved connectivity to users.However,it raises significant security challenges,including impersonation threats,data manipulation,distributed denial of service(DDoS)attacks,and privacy breaches.Traditional security measures are inadequate due to the decentralized and dynamic nature of next-generation networks.This survey provides a comprehensive review of how Federated Learning(FL),Blockchain,and Digital Twin(DT)technologies can collectively enhance the security of 5G and 6G systems.Blockchain offers decentralized,immutable,and transparent mechanisms for securing network transactions,while FL enables privacy-preserving collaborative learning without sharing raw data.Digital Twins create virtual replicas of network components,enabling real-time monitoring,anomaly detection,and predictive threat analysis.The survey examines major security issues in emerging wireless architectures and analyzes recent advancements that integrate FL,Blockchain,and DT to mitigate these threats.Additionally,it presents practical use cases,synthesizes key lessons learned,and identifies ongoing research challenges.Finally,the survey outlines future research directions to support the development of scalable,intelligent,and robust security frameworks for next-generation wireless networks.
文摘Federated Learning(FL)enables joint training over distributed devices without data exchange but is highly vulnerable to attacks by adversaries in the form of model poisoning and malicious update injection.This work proposes Secured-FL,a blockchain-based defensive framework that combines smart contract-based authentication,clustering-driven outlier elimination,and dynamic threshold adjustment to defend against adversarial attacks.The framework was implemented on a private Ethereum network with a Proof-of-Authority consensus algorithm to ensure tamper-resistant and auditable model updates.Large-scale simulation on the Cyber Data dataset,under up to 50%malicious client settings,demonstrates Secured-FL achieves 6%-12%higher accuracy,9%-15%lower latency,and approximately 14%less computational expense compared to the PPSS benchmark framework.Additional tests,including confusion matrices,ROC and Precision-Recall curves,and ablation tests,confirm the interpretability and robustness of the defense.Tests for scalability also show consistent performance up to 500 clients,affirming appropriateness to reasonably large deployments.These results make Secured-FL a feasible,adversarially resilient FL paradigm with promising potential for application in smart cities,medicine,and other mission-critical IoT deployments.
基金funded by Multimedia University,Cyberjaya,Selangor,Malaysia(Grant Number:PostDoc(MMUI/240029)).
文摘As healthcare systems increasingly embrace digitalization,effective management of electronic health records(EHRs)has emerged as a critical priority,particularly in inpatient settings where data sensitivity and realtime access are paramount.Traditional EHR systems face significant challenges,including unauthorized access,data breaches,and inefficiencies in tracking follow-up appointments,which heighten the risk of misdiagnosis and medication errors.To address these issues,this research proposes a hybrid blockchain-based solution for securely managing EHRs,specifically designed as a framework for tracking inpatient follow-ups.By integrating QR codeenabled data access with a blockchain architecture,this innovative approach enhances privacy protection,data integrity,and auditing capabilities,while facilitating swift and real-time data retrieval.The architecture adheres to Role-Based Access Control(RBAC)principles and utilizes robust encryption techniques,including SHA-256 and AES-256-CBC,to secure sensitive information.A comprehensive threat model outlines trust boundaries and potential adversaries,complemented by a validated data transmission protocol.Experimental results demonstrate that the framework remains reliable in concurrent access scenarios,highlighting its efficiency and responsiveness in real-world applications.This study emphasizes the necessity for hybrid solutions in managing sensitive medical information and advocates for integrating blockchain technology and QR code innovations into contemporary healthcare systems.
