Purpose-Amidst an increasingly severe cybersecurity landscape,the widespread adoption of Xinchuang endpoints has become a strategic imperative.Governments and enterprises have established terminal localization as a cr...Purpose-Amidst an increasingly severe cybersecurity landscape,the widespread adoption of Xinchuang endpoints has become a strategic imperative.Governments and enterprises have established terminal localization as a critical objective,aiming for comprehensive indigenous replacement through rapid technological iteration.Consequently,Xinchuang systems and Windows platforms are expected to coexist over an extended period.This study seeks to establish an automated verification framework for multi-version operating systems and validate the efficacy of baseline hardening in mitigating security risks.Design/methodology/approach-Based on the Classified Protection 2.0 framework and relevant national standards for endpoint security,this study proposes an endpoint security baseline verification scheme applicable to multiple operating systems.The scheme addresses divergent security policies and implementation methodologies across heterogeneous environments.It automates the inspection of core baselines,including account password complexity,default shared service status and patch installation status.Furthermore,a comprehensive scoring model is established by incorporating differentiated weights for account security,patch management and log auditing,ultimately generating visualized risk reports to facilitate remediation prioritization.Findings-This study reveals that baseline configuration serves as the fundamental prerequisite in endpoint security practices.Through a scalable detection engine and quantitative scoring model,the system can promptly identify and remediate potential risks,thereby reducing the attack surface and mitigating intrusion risks.However,on certain domestic chip architectures,compatibility issues persist in detecting specific configuration items.Further improvement in hardware-software co-adaptation for domestic platforms is required to advance the development of localized security protection systems.Originality/value-Through in-depth research on security baseline configurations across multiple operating systems,this study implements an automated and visualized baseline verification methodology.This approach significantly strengthens the security posture of domestic operating systems and supports the establishment of a more robust,national-level cybersecurity defense framework.展开更多
Andrew Wangota,a 48-year-old Ugandan farmer,has been using agrivoltaics technology,a solar technology that uses agricultural land for both food production and solar power generation,on his farm in Bunashimolo Parish,B...Andrew Wangota,a 48-year-old Ugandan farmer,has been using agrivoltaics technology,a solar technology that uses agricultural land for both food production and solar power generation,on his farm in Bunashimolo Parish,Bukyiende Subcounty in Uganda where he has been cultivating plantain,coffee and Irish potatoes for the past 16 years.展开更多
The advent of quantum computing poses a significant challenge to traditional cryptographic protocols,particularly those used in SecureMultiparty Computation(MPC),a fundamental cryptographic primitive for privacypreser...The advent of quantum computing poses a significant challenge to traditional cryptographic protocols,particularly those used in SecureMultiparty Computation(MPC),a fundamental cryptographic primitive for privacypreserving computation.Classical MPC relies on cryptographic techniques such as homomorphic encryption,secret sharing,and oblivious transfer,which may become vulnerable in the post-quantum era due to the computational power of quantum adversaries.This study presents a review of 140 peer-reviewed articles published between 2000 and 2025 that used different databases like MDPI,IEEE Explore,Springer,and Elsevier,examining the applications,types,and security issues with the solution of Quantum computing in different fields.This review explores the impact of quantum computing on MPC security,assesses emerging quantum-resistant MPC protocols,and examines hybrid classicalquantum approaches aimed at mitigating quantum threats.We analyze the role of Quantum Key Distribution(QKD),post-quantum cryptography(PQC),and quantum homomorphic encryption in securing multiparty computations.Additionally,we discuss the challenges of scalability,computational efficiency,and practical deployment of quantumsecure MPC frameworks in real-world applications such as privacy-preserving AI,secure blockchain transactions,and confidential data analysis.This review provides insights into the future research directions and open challenges in ensuring secure,scalable,and quantum-resistant multiparty computation.展开更多
Malnutrition remains a significant global challenge,particularly in developing countries.Policymakers have increasingly focused on improving household food security and nutrition through farm production diversity(FPD)...Malnutrition remains a significant global challenge,particularly in developing countries.Policymakers have increasingly focused on improving household food security and nutrition through farm production diversity(FPD).While research indicates that FPD correlates positively with reduced malnutrition,other studies emphasize the importance of market access for improved nutritional outcomes.However,this evidence varies by region and remains inconsistent.To address this knowledge gap,this study analyzed survey data from 450 smallholder farmers in Punjab,Pakistan,using regression models to examine the relationship between FPD and dietary diversity,as well as the underlying impact pathways.The findings demonstrate that FPD significantly correlates with increased household dietary diversity score(HDDS).FPD influences dietary diversification through both own-farm production and market food consumption pathways,with the ownfarm production pathway showing greater impact.The increase in food expenditure through own-farm production yielded a marginal return of 8% in household dietary diversity compared to 5.3% through marketing.Gender differences emerged as significant,with male-headed households showing relatively lower dietary diversity.These findings have substantial implications for countries with smallholder farming systems,providing valuable insights for the formation of agricultural policies,resource optimization,and rural development initiatives.展开更多
The Middle East has long been in turmoil,and the new round of the Palestinian-Israeli conflict has further highlighted the urgency of security governance in the region.The Global Security Initiative(GSI)proposed by Ch...The Middle East has long been in turmoil,and the new round of the Palestinian-Israeli conflict has further highlighted the urgency of security governance in the region.The Global Security Initiative(GSI)proposed by China provides theoretical guidance and practical paths for China’s participation in Middle East security governance.China’s engagement in Middle East security governance not only meets the expectations of Middle East countries but also fully demonstrates its responsibility as a major country,which is of great significance for China to explore participation in global security governance and address the global security deficit.展开更多
Sea lines of communication(SLOCs)security has long been a strategic concern for major powers.Following the establishment of the People’s Republic of China,the country’s focus was on the traditional security aspects ...Sea lines of communication(SLOCs)security has long been a strategic concern for major powers.Following the establishment of the People’s Republic of China,the country’s focus was on the traditional security aspects of its SLOCs.Since the reform and opening-up era-and especially after the end of the Cold War-China has shifted its emphasis toward economic security.China’s SLOCs security bears on multiple dimensions of a holistic approach to national security,encompassing economic security,the safety of its citizens.展开更多
This paper presents an intelligent patrol and security robot integrating 2D LiDAR and RGB-D vision sensors to achieve semantic simultaneous localization and mapping(SLAM),real-time object recognition,and dynamic obsta...This paper presents an intelligent patrol and security robot integrating 2D LiDAR and RGB-D vision sensors to achieve semantic simultaneous localization and mapping(SLAM),real-time object recognition,and dynamic obstacle avoidance.The system employs the YOLOv7 deep-learning framework for semantic detection and SLAM for localization and mapping,fusing geometric and visual data to build a high-fidelity 2D semantic map.This map enables the robot to identify and project object information for improved situational awareness.Experimental results show that object recognition reached 95.4%mAP@0.5.Semantic completeness increased from 68.7%(single view)to 94.1%(multi-view)with an average position error of 3.1 cm.During navigation,the robot achieved 98.0%reliability,avoided moving obstacles in 90.0%of encounters,and replanned paths in 0.42 s on average.The integration of LiDAR-based SLAMwith deep-learning–driven semantic perception establishes a robust foundation for intelligent,adaptive,and safe robotic navigation in dynamic environments.展开更多
Recently,the 2025 Central Conference on Work Related to Neighboring Countries was held in Beijing.As an important theoretical innovation,the conference emphasized for the first time pursuing“the model of security for...Recently,the 2025 Central Conference on Work Related to Neighboring Countries was held in Beijing.As an important theoretical innovation,the conference emphasized for the first time pursuing“the model of security for Asia that features sharing weal and woe,seeking common ground while shelving differences,and prioritizing dialogue and consultation.”1 This fully demonstrates that China prioritizes neighborhood on its diplomatic agenda,regards security and stability in its neighborhood as a core strategic support,and is ready to collaborate with neighboring countries for a future of shared peace,development,and prosperity.展开更多
Security is the cor nerstone of a country's peace and stability and the prerequisite for its survival and development.All countries around the world regard security as their top priority.Since most Asian countries...Security is the cor nerstone of a country's peace and stability and the prerequisite for its survival and development.All countries around the world regard security as their top priority.Since most Asian countries suffered from colonial aggression and plundering for a long time in history,they as a whole attach special importance to national security.展开更多
In response to the current gaps in ef-fective proactive defense methods within applica-tion security and the limited integration of security components with applications,this paper proposes a biomimetic security model...In response to the current gaps in ef-fective proactive defense methods within applica-tion security and the limited integration of security components with applications,this paper proposes a biomimetic security model,called NeuroShield,specifically designed for web applications.Inspired by the“perception-strategy-effect-feedback”mechanism of the human nervous control system,the model inte-grates biomimetic elements akin of neural receptors and effectors into applications.This integration fa-cilitates a multifaceted approach to security:enabling data introspection for detailed perception and regula-tion of application behavior,providing proactive de-fense capabilities to detect and block security risks in real-time,and incorporating feedback optimization to continuously adjust and enhance security strategies based on prevailing conditions.Experimental results affirm the efficacy of this neural control mechanism-based biomimetic security model,demonstrating a proactive defense success rate exceeding 95%,thereby offering a theoretical and structural foundation for biomimetic immunity in web applications.展开更多
The national grid and other life-sustaining critical infrastructures face an unprecedented threat from prolonged blackouts,which could last over a year and pose a severe risk to national security.Whether caused by phy...The national grid and other life-sustaining critical infrastructures face an unprecedented threat from prolonged blackouts,which could last over a year and pose a severe risk to national security.Whether caused by physical attacks,EMP(electromagnetic pulse)events,or cyberattacks,such disruptions could cripple essential services like water supply,healthcare,communication,and transportation.Research indicates that an attack on just nine key substations could result in a coast-to-coast blackout lasting up to 18 months,leading to economic collapse,civil unrest,and a breakdown of public order.This paper explores the key vulnerabilities of the grid,the potential impacts of prolonged blackouts,and the role of AI(artificial intelligence)and ML(machine learning)in mitigating these threats.AI-driven cybersecurity measures,predictive maintenance,automated threat response,and EMP resilience strategies are discussed as essential solutions to bolster grid security.Policy recommendations emphasize the need for hardened infrastructure,enhanced cybersecurity,redundant power systems,and AI-based grid management to ensure national resilience.Without proactive measures,the nation remains exposed to a catastrophic power grid failure that could have dire consequences for society and the economy.展开更多
In 2024, as the world underwent profound political changes, global security faced increasing instabilities and uncertainties. Traditional and non-traditional security threats interacted and overlapped, and the risk of...In 2024, as the world underwent profound political changes, global security faced increasing instabilities and uncertainties. Traditional and non-traditional security threats interacted and overlapped, and the risk of turmoil increased. Strategic trust among major powers continued to erode, leading to heightened insecurity and intensified competition.展开更多
In recent years,China and Indonesia have made notable progress in multiple areas of security cooperation,and their collaboration in this respect has continued to deepen under the leadership of both countries.In Novemb...In recent years,China and Indonesia have made notable progress in multiple areas of security cooperation,and their collaboration in this respect has continued to deepen under the leadership of both countries.In November 2024,China and Indonesia issued a joint statement during Indonesian President Prabowo Subianto’s visit to China.It was his first overseas trip after his inauguration.In the statement,the two countries agreed to add security cooperation as the fifth pillar of their partnership,marking an upgrade of bilateral ties.展开更多
The 5G-R network is on the verge of entering the construction stage.Given that the dedicated network for railways is closely linked to train operation safety,there are extremely high requirements for network security....The 5G-R network is on the verge of entering the construction stage.Given that the dedicated network for railways is closely linked to train operation safety,there are extremely high requirements for network security.As a result,there is an urgent need to conduct research on 5G-R network security.To comprehensively enhance the end-to-end security protection of the 5G-R network,this study summarized the security requirements of the GSM-R network,analyzed the security risks and requirements faced by the 5G-R network,and proposed an overall 5G-R network security architecture.The security technical schemes were detailed from various aspects:5G-R infrastructure security,terminal access security,networking security,operation and maintenance security,data security,and network boundary security.Additionally,the study proposed leveraging the 5G-R security situation awareness system to achieve a comprehensive upgrade from basic security technologies to endogenous security capabilities within the 5G-R system.展开更多
As artificial Intelligence(AI)continues to expand exponentially,particularly with the emergence of generative pre-trained transformers(GPT)based on a transformer’s architecture,which has revolutionized data processin...As artificial Intelligence(AI)continues to expand exponentially,particularly with the emergence of generative pre-trained transformers(GPT)based on a transformer’s architecture,which has revolutionized data processing and enabled significant improvements in various applications.This document seeks to investigate the security vulnerabilities detection in the source code using a range of large language models(LLM).Our primary objective is to evaluate the effectiveness of Static Application Security Testing(SAST)by applying various techniques such as prompt persona,structure outputs and zero-shot.To the selection of the LLMs(CodeLlama 7B,DeepSeek coder 7B,Gemini 1.5 Flash,Gemini 2.0 Flash,Mistral 7b Instruct,Phi 38b Mini 128K instruct,Qwen 2.5 coder,StartCoder 27B)with comparison and combination with Find Security Bugs.The evaluation method will involve using a selected dataset containing vulnerabilities,and the results to provide insights for different scenarios according to the software criticality(Business critical,non-critical,minimum effort,best effort)In detail,the main objectives of this study are to investigate if large language models outperform or exceed the capabilities of traditional static analysis tools,if the combining LLMs with Static Application Security Testing(SAST)tools lead to an improvement and the possibility that local machine learning models on a normal computer produce reliable results.Summarizing the most important conclusions of the research,it can be said that while it is true that the results have improved depending on the size of the LLM for business-critical software,the best results have been obtained by SAST analysis.This differs in“NonCritical,”“Best Effort,”and“Minimum Effort”scenarios,where the combination of LLM(Gemini)+SAST has obtained better results.展开更多
The rapid digitalization of urban infrastructure has made smart cities increasingly vulnerable to sophisticated cyber threats.In the evolving landscape of cybersecurity,the efficacy of Intrusion Detection Systems(IDS)...The rapid digitalization of urban infrastructure has made smart cities increasingly vulnerable to sophisticated cyber threats.In the evolving landscape of cybersecurity,the efficacy of Intrusion Detection Systems(IDS)is increasingly measured by technical performance,operational usability,and adaptability.This study introduces and rigorously evaluates a Human-Computer Interaction(HCI)-Integrated IDS with the utilization of Convolutional Neural Network(CNN),CNN-Long Short Term Memory(LSTM),and Random Forest(RF)against both a Baseline Machine Learning(ML)and a Traditional IDS model,through an extensive experimental framework encompassing many performance metrics,including detection latency,accuracy,alert prioritization,classification errors,system throughput,usability,ROC-AUC,precision-recall,confusion matrix analysis,and statistical accuracy measures.Our findings consistently demonstrate the superiority of the HCI-Integrated approach utilizing three major datasets(CICIDS 2017,KDD Cup 1999,and UNSW-NB15).Experimental results indicate that the HCI-Integrated model outperforms its counterparts,achieving an AUC-ROC of 0.99,a precision of 0.93,and a recall of 0.96,while maintaining the lowest false positive rate(0.03)and the fastest detection time(~1.5 s).These findings validate the efficacy of incorporating HCI to enhance anomaly detection capabilities,improve responsiveness,and reduce alert fatigue in critical smart city applications.It achieves markedly lower detection times,higher accuracy across all threat categories,reduced false positive and false negative rates,and enhanced system throughput under concurrent load conditions.The HCIIntegrated IDS excels in alert contextualization and prioritization,offering more actionable insights while minimizing analyst fatigue.Usability feedback underscores increased analyst confidence and operational clarity,reinforcing the importance of user-centered design.These results collectively position the HCI-Integrated IDS as a highly effective,scalable,and human-aligned solution for modern threat detection environments.展开更多
This study investigates the critical intersection of cyberpsychology and cybersecurity policy development in small and medium-sized enterprises (SMEs). Through a mixed-methods approach incorporating surveys of 523 emp...This study investigates the critical intersection of cyberpsychology and cybersecurity policy development in small and medium-sized enterprises (SMEs). Through a mixed-methods approach incorporating surveys of 523 employees across 78 SMEs, qualitative interviews, and case studies, the research examines how psychological factors influence cybersecurity behaviors and policy effectiveness. Key findings reveal significant correlations between psychological factors and security outcomes, including the relationship between self-efficacy and policy compliance (r = 0.42, p β = 0.37, p < 0.001). The study identifies critical challenges in risk perception, policy complexity, and organizational culture affecting SME cybersecurity implementation. Results demonstrate that successful cybersecurity initiatives require the integration of psychological principles with technical solutions. The research provides a framework for developing human-centric security policies that address both behavioral and technical aspects of cybersecurity in resource-constrained environments.展开更多
Software-related security aspects are a growing and legitimate concern,especially with 5G data available just at our palms.To conduct research in this field,periodic comparative analysis is needed with the new techniq...Software-related security aspects are a growing and legitimate concern,especially with 5G data available just at our palms.To conduct research in this field,periodic comparative analysis is needed with the new techniques coming up rapidly.The purpose of this study is to review the recent developments in the field of security integration in the software development lifecycle(SDLC)by analyzing the articles published in the last two decades and to propose a way forward.This review follows Kitchenham’s review protocol.The review has been divided into three main stages including planning,execution,and analysis.From the selected 100 articles,it becomes evident that need of a collaborative approach is necessary for addressing critical software security risks(CSSRs)through effective risk management/estimation techniques.Quantifying risks using a numeric scale enables a comprehensive understanding of their severity,facilitating focused resource allocation and mitigation efforts.Through a comprehensive understanding of potential vulnerabilities and proactive mitigation efforts facilitated by protection poker,organizations can prioritize resources effectively to ensure the successful outcome of projects and initiatives in today’s dynamic threat landscape.The review reveals that threat analysis and security testing are needed to develop automated tools for the future.Accurate estimation of effort required to prioritize potential security risks is a big challenge in software security.The accuracy of effort estimation can be further improved by exploring new techniques,particularly those involving deep learning.It is also imperative to validate these effort estimation methods to ensure all potential security threats are addressed.Another challenge is selecting the right model for each specific security threat.To achieve a comprehensive evaluation,researchers should use well-known benchmark checklists.展开更多
This study presents a methodology to evaluate and prevent security vulnerabilities issues for web applications.The analysis process is based on the use of techniques and tools that allow to perform security assessment...This study presents a methodology to evaluate and prevent security vulnerabilities issues for web applications.The analysis process is based on the use of techniques and tools that allow to perform security assessments of white box and black box,to carry out the security validation of a web application in an agile and precise way.The objective of the methodology is to take advantage of the synergies of semi-automatic static and dynamic security analysis tools and manual checks.Each one of the phases contemplated in the methodology is supported by security analysis tools of different degrees of coverage,so that the results generated in one phase are used as feed for the following phases in order to get an optimized global security analysis result.The methodology can be used as part of other more general methodologies that do not cover how to use static and dynamic analysis tools in the implementation and testing phases of a Secure Software Development Life Cycle(SSDLC).A practical application of the methodology to analyze the security of a real web application demonstrates its effectiveness by obtaining a better optimized vulnerability detection result against the true and false positive metrics.Dynamic analysis with manual checking is used to audit the results,24.6 per cent of security vulnerabilities reported by the static analysis has been checked and it allows to study which vulnerabilities can be directly exploited externally.This phase is very important because it permits that each reported vulnerability can be checked by a dynamic second tool to confirm whether a vulnerability is true or false positive and it allows to study which vulnerabilities can be directly exploited externally.Dynamic analysis finds six(6)additional critical vulnerabilities.Access control analysis finds other five(5)important vulnerabilities such as Insufficient Protected Passwords or Weak Password Policy and Excessive Authentication Attacks,two vulnerabilities that permit brute force attacks.展开更多
基金supported by scientific research projects of China Academy of Railway Sciences Co.,Ltd.(grant no.2024YJ117).
文摘Purpose-Amidst an increasingly severe cybersecurity landscape,the widespread adoption of Xinchuang endpoints has become a strategic imperative.Governments and enterprises have established terminal localization as a critical objective,aiming for comprehensive indigenous replacement through rapid technological iteration.Consequently,Xinchuang systems and Windows platforms are expected to coexist over an extended period.This study seeks to establish an automated verification framework for multi-version operating systems and validate the efficacy of baseline hardening in mitigating security risks.Design/methodology/approach-Based on the Classified Protection 2.0 framework and relevant national standards for endpoint security,this study proposes an endpoint security baseline verification scheme applicable to multiple operating systems.The scheme addresses divergent security policies and implementation methodologies across heterogeneous environments.It automates the inspection of core baselines,including account password complexity,default shared service status and patch installation status.Furthermore,a comprehensive scoring model is established by incorporating differentiated weights for account security,patch management and log auditing,ultimately generating visualized risk reports to facilitate remediation prioritization.Findings-This study reveals that baseline configuration serves as the fundamental prerequisite in endpoint security practices.Through a scalable detection engine and quantitative scoring model,the system can promptly identify and remediate potential risks,thereby reducing the attack surface and mitigating intrusion risks.However,on certain domestic chip architectures,compatibility issues persist in detecting specific configuration items.Further improvement in hardware-software co-adaptation for domestic platforms is required to advance the development of localized security protection systems.Originality/value-Through in-depth research on security baseline configurations across multiple operating systems,this study implements an automated and visualized baseline verification methodology.This approach significantly strengthens the security posture of domestic operating systems and supports the establishment of a more robust,national-level cybersecurity defense framework.
文摘Andrew Wangota,a 48-year-old Ugandan farmer,has been using agrivoltaics technology,a solar technology that uses agricultural land for both food production and solar power generation,on his farm in Bunashimolo Parish,Bukyiende Subcounty in Uganda where he has been cultivating plantain,coffee and Irish potatoes for the past 16 years.
文摘The advent of quantum computing poses a significant challenge to traditional cryptographic protocols,particularly those used in SecureMultiparty Computation(MPC),a fundamental cryptographic primitive for privacypreserving computation.Classical MPC relies on cryptographic techniques such as homomorphic encryption,secret sharing,and oblivious transfer,which may become vulnerable in the post-quantum era due to the computational power of quantum adversaries.This study presents a review of 140 peer-reviewed articles published between 2000 and 2025 that used different databases like MDPI,IEEE Explore,Springer,and Elsevier,examining the applications,types,and security issues with the solution of Quantum computing in different fields.This review explores the impact of quantum computing on MPC security,assesses emerging quantum-resistant MPC protocols,and examines hybrid classicalquantum approaches aimed at mitigating quantum threats.We analyze the role of Quantum Key Distribution(QKD),post-quantum cryptography(PQC),and quantum homomorphic encryption in securing multiparty computations.Additionally,we discuss the challenges of scalability,computational efficiency,and practical deployment of quantumsecure MPC frameworks in real-world applications such as privacy-preserving AI,secure blockchain transactions,and confidential data analysis.This review provides insights into the future research directions and open challenges in ensuring secure,scalable,and quantum-resistant multiparty computation.
基金appreciation to the National Natural Science Foundation of China(72071074)Natural Science Foundation of Hunan Province,China(2025JJ30031)for their financial support。
文摘Malnutrition remains a significant global challenge,particularly in developing countries.Policymakers have increasingly focused on improving household food security and nutrition through farm production diversity(FPD).While research indicates that FPD correlates positively with reduced malnutrition,other studies emphasize the importance of market access for improved nutritional outcomes.However,this evidence varies by region and remains inconsistent.To address this knowledge gap,this study analyzed survey data from 450 smallholder farmers in Punjab,Pakistan,using regression models to examine the relationship between FPD and dietary diversity,as well as the underlying impact pathways.The findings demonstrate that FPD significantly correlates with increased household dietary diversity score(HDDS).FPD influences dietary diversification through both own-farm production and market food consumption pathways,with the ownfarm production pathway showing greater impact.The increase in food expenditure through own-farm production yielded a marginal return of 8% in household dietary diversity compared to 5.3% through marketing.Gender differences emerged as significant,with male-headed households showing relatively lower dietary diversity.These findings have substantial implications for countries with smallholder farming systems,providing valuable insights for the formation of agricultural policies,resource optimization,and rural development initiatives.
文摘The Middle East has long been in turmoil,and the new round of the Palestinian-Israeli conflict has further highlighted the urgency of security governance in the region.The Global Security Initiative(GSI)proposed by China provides theoretical guidance and practical paths for China’s participation in Middle East security governance.China’s engagement in Middle East security governance not only meets the expectations of Middle East countries but also fully demonstrates its responsibility as a major country,which is of great significance for China to explore participation in global security governance and address the global security deficit.
文摘Sea lines of communication(SLOCs)security has long been a strategic concern for major powers.Following the establishment of the People’s Republic of China,the country’s focus was on the traditional security aspects of its SLOCs.Since the reform and opening-up era-and especially after the end of the Cold War-China has shifted its emphasis toward economic security.China’s SLOCs security bears on multiple dimensions of a holistic approach to national security,encompassing economic security,the safety of its citizens.
基金supported by the National Science and Technology Council of under Grant NSTC 114-2221-E-130-007.
文摘This paper presents an intelligent patrol and security robot integrating 2D LiDAR and RGB-D vision sensors to achieve semantic simultaneous localization and mapping(SLAM),real-time object recognition,and dynamic obstacle avoidance.The system employs the YOLOv7 deep-learning framework for semantic detection and SLAM for localization and mapping,fusing geometric and visual data to build a high-fidelity 2D semantic map.This map enables the robot to identify and project object information for improved situational awareness.Experimental results show that object recognition reached 95.4%mAP@0.5.Semantic completeness increased from 68.7%(single view)to 94.1%(multi-view)with an average position error of 3.1 cm.During navigation,the robot achieved 98.0%reliability,avoided moving obstacles in 90.0%of encounters,and replanned paths in 0.42 s on average.The integration of LiDAR-based SLAMwith deep-learning–driven semantic perception establishes a robust foundation for intelligent,adaptive,and safe robotic navigation in dynamic environments.
文摘Recently,the 2025 Central Conference on Work Related to Neighboring Countries was held in Beijing.As an important theoretical innovation,the conference emphasized for the first time pursuing“the model of security for Asia that features sharing weal and woe,seeking common ground while shelving differences,and prioritizing dialogue and consultation.”1 This fully demonstrates that China prioritizes neighborhood on its diplomatic agenda,regards security and stability in its neighborhood as a core strategic support,and is ready to collaborate with neighboring countries for a future of shared peace,development,and prosperity.
文摘Security is the cor nerstone of a country's peace and stability and the prerequisite for its survival and development.All countries around the world regard security as their top priority.Since most Asian countries suffered from colonial aggression and plundering for a long time in history,they as a whole attach special importance to national security.
基金The Fundamental Research Funds for the Central Universities(No.2242022k60005)Purple Mountain Laboratories for Network and Communication Security,and National Science Foundation(No.62233003).
文摘In response to the current gaps in ef-fective proactive defense methods within applica-tion security and the limited integration of security components with applications,this paper proposes a biomimetic security model,called NeuroShield,specifically designed for web applications.Inspired by the“perception-strategy-effect-feedback”mechanism of the human nervous control system,the model inte-grates biomimetic elements akin of neural receptors and effectors into applications.This integration fa-cilitates a multifaceted approach to security:enabling data introspection for detailed perception and regula-tion of application behavior,providing proactive de-fense capabilities to detect and block security risks in real-time,and incorporating feedback optimization to continuously adjust and enhance security strategies based on prevailing conditions.Experimental results affirm the efficacy of this neural control mechanism-based biomimetic security model,demonstrating a proactive defense success rate exceeding 95%,thereby offering a theoretical and structural foundation for biomimetic immunity in web applications.
文摘The national grid and other life-sustaining critical infrastructures face an unprecedented threat from prolonged blackouts,which could last over a year and pose a severe risk to national security.Whether caused by physical attacks,EMP(electromagnetic pulse)events,or cyberattacks,such disruptions could cripple essential services like water supply,healthcare,communication,and transportation.Research indicates that an attack on just nine key substations could result in a coast-to-coast blackout lasting up to 18 months,leading to economic collapse,civil unrest,and a breakdown of public order.This paper explores the key vulnerabilities of the grid,the potential impacts of prolonged blackouts,and the role of AI(artificial intelligence)and ML(machine learning)in mitigating these threats.AI-driven cybersecurity measures,predictive maintenance,automated threat response,and EMP resilience strategies are discussed as essential solutions to bolster grid security.Policy recommendations emphasize the need for hardened infrastructure,enhanced cybersecurity,redundant power systems,and AI-based grid management to ensure national resilience.Without proactive measures,the nation remains exposed to a catastrophic power grid failure that could have dire consequences for society and the economy.
文摘In 2024, as the world underwent profound political changes, global security faced increasing instabilities and uncertainties. Traditional and non-traditional security threats interacted and overlapped, and the risk of turmoil increased. Strategic trust among major powers continued to erode, leading to heightened insecurity and intensified competition.
文摘In recent years,China and Indonesia have made notable progress in multiple areas of security cooperation,and their collaboration in this respect has continued to deepen under the leadership of both countries.In November 2024,China and Indonesia issued a joint statement during Indonesian President Prabowo Subianto’s visit to China.It was his first overseas trip after his inauguration.In the statement,the two countries agreed to add security cooperation as the fifth pillar of their partnership,marking an upgrade of bilateral ties.
文摘The 5G-R network is on the verge of entering the construction stage.Given that the dedicated network for railways is closely linked to train operation safety,there are extremely high requirements for network security.As a result,there is an urgent need to conduct research on 5G-R network security.To comprehensively enhance the end-to-end security protection of the 5G-R network,this study summarized the security requirements of the GSM-R network,analyzed the security risks and requirements faced by the 5G-R network,and proposed an overall 5G-R network security architecture.The security technical schemes were detailed from various aspects:5G-R infrastructure security,terminal access security,networking security,operation and maintenance security,data security,and network boundary security.Additionally,the study proposed leveraging the 5G-R security situation awareness system to achieve a comprehensive upgrade from basic security technologies to endogenous security capabilities within the 5G-R system.
文摘As artificial Intelligence(AI)continues to expand exponentially,particularly with the emergence of generative pre-trained transformers(GPT)based on a transformer’s architecture,which has revolutionized data processing and enabled significant improvements in various applications.This document seeks to investigate the security vulnerabilities detection in the source code using a range of large language models(LLM).Our primary objective is to evaluate the effectiveness of Static Application Security Testing(SAST)by applying various techniques such as prompt persona,structure outputs and zero-shot.To the selection of the LLMs(CodeLlama 7B,DeepSeek coder 7B,Gemini 1.5 Flash,Gemini 2.0 Flash,Mistral 7b Instruct,Phi 38b Mini 128K instruct,Qwen 2.5 coder,StartCoder 27B)with comparison and combination with Find Security Bugs.The evaluation method will involve using a selected dataset containing vulnerabilities,and the results to provide insights for different scenarios according to the software criticality(Business critical,non-critical,minimum effort,best effort)In detail,the main objectives of this study are to investigate if large language models outperform or exceed the capabilities of traditional static analysis tools,if the combining LLMs with Static Application Security Testing(SAST)tools lead to an improvement and the possibility that local machine learning models on a normal computer produce reliable results.Summarizing the most important conclusions of the research,it can be said that while it is true that the results have improved depending on the size of the LLM for business-critical software,the best results have been obtained by SAST analysis.This differs in“NonCritical,”“Best Effort,”and“Minimum Effort”scenarios,where the combination of LLM(Gemini)+SAST has obtained better results.
基金funded and supported by the Ongoing Research Funding program(ORF-2025-314),King Saud University,Riyadh,Saudi Arabia.
文摘The rapid digitalization of urban infrastructure has made smart cities increasingly vulnerable to sophisticated cyber threats.In the evolving landscape of cybersecurity,the efficacy of Intrusion Detection Systems(IDS)is increasingly measured by technical performance,operational usability,and adaptability.This study introduces and rigorously evaluates a Human-Computer Interaction(HCI)-Integrated IDS with the utilization of Convolutional Neural Network(CNN),CNN-Long Short Term Memory(LSTM),and Random Forest(RF)against both a Baseline Machine Learning(ML)and a Traditional IDS model,through an extensive experimental framework encompassing many performance metrics,including detection latency,accuracy,alert prioritization,classification errors,system throughput,usability,ROC-AUC,precision-recall,confusion matrix analysis,and statistical accuracy measures.Our findings consistently demonstrate the superiority of the HCI-Integrated approach utilizing three major datasets(CICIDS 2017,KDD Cup 1999,and UNSW-NB15).Experimental results indicate that the HCI-Integrated model outperforms its counterparts,achieving an AUC-ROC of 0.99,a precision of 0.93,and a recall of 0.96,while maintaining the lowest false positive rate(0.03)and the fastest detection time(~1.5 s).These findings validate the efficacy of incorporating HCI to enhance anomaly detection capabilities,improve responsiveness,and reduce alert fatigue in critical smart city applications.It achieves markedly lower detection times,higher accuracy across all threat categories,reduced false positive and false negative rates,and enhanced system throughput under concurrent load conditions.The HCIIntegrated IDS excels in alert contextualization and prioritization,offering more actionable insights while minimizing analyst fatigue.Usability feedback underscores increased analyst confidence and operational clarity,reinforcing the importance of user-centered design.These results collectively position the HCI-Integrated IDS as a highly effective,scalable,and human-aligned solution for modern threat detection environments.
文摘This study investigates the critical intersection of cyberpsychology and cybersecurity policy development in small and medium-sized enterprises (SMEs). Through a mixed-methods approach incorporating surveys of 523 employees across 78 SMEs, qualitative interviews, and case studies, the research examines how psychological factors influence cybersecurity behaviors and policy effectiveness. Key findings reveal significant correlations between psychological factors and security outcomes, including the relationship between self-efficacy and policy compliance (r = 0.42, p β = 0.37, p < 0.001). The study identifies critical challenges in risk perception, policy complexity, and organizational culture affecting SME cybersecurity implementation. Results demonstrate that successful cybersecurity initiatives require the integration of psychological principles with technical solutions. The research provides a framework for developing human-centric security policies that address both behavioral and technical aspects of cybersecurity in resource-constrained environments.
文摘Software-related security aspects are a growing and legitimate concern,especially with 5G data available just at our palms.To conduct research in this field,periodic comparative analysis is needed with the new techniques coming up rapidly.The purpose of this study is to review the recent developments in the field of security integration in the software development lifecycle(SDLC)by analyzing the articles published in the last two decades and to propose a way forward.This review follows Kitchenham’s review protocol.The review has been divided into three main stages including planning,execution,and analysis.From the selected 100 articles,it becomes evident that need of a collaborative approach is necessary for addressing critical software security risks(CSSRs)through effective risk management/estimation techniques.Quantifying risks using a numeric scale enables a comprehensive understanding of their severity,facilitating focused resource allocation and mitigation efforts.Through a comprehensive understanding of potential vulnerabilities and proactive mitigation efforts facilitated by protection poker,organizations can prioritize resources effectively to ensure the successful outcome of projects and initiatives in today’s dynamic threat landscape.The review reveals that threat analysis and security testing are needed to develop automated tools for the future.Accurate estimation of effort required to prioritize potential security risks is a big challenge in software security.The accuracy of effort estimation can be further improved by exploring new techniques,particularly those involving deep learning.It is also imperative to validate these effort estimation methods to ensure all potential security threats are addressed.Another challenge is selecting the right model for each specific security threat.To achieve a comprehensive evaluation,researchers should use well-known benchmark checklists.
文摘This study presents a methodology to evaluate and prevent security vulnerabilities issues for web applications.The analysis process is based on the use of techniques and tools that allow to perform security assessments of white box and black box,to carry out the security validation of a web application in an agile and precise way.The objective of the methodology is to take advantage of the synergies of semi-automatic static and dynamic security analysis tools and manual checks.Each one of the phases contemplated in the methodology is supported by security analysis tools of different degrees of coverage,so that the results generated in one phase are used as feed for the following phases in order to get an optimized global security analysis result.The methodology can be used as part of other more general methodologies that do not cover how to use static and dynamic analysis tools in the implementation and testing phases of a Secure Software Development Life Cycle(SSDLC).A practical application of the methodology to analyze the security of a real web application demonstrates its effectiveness by obtaining a better optimized vulnerability detection result against the true and false positive metrics.Dynamic analysis with manual checking is used to audit the results,24.6 per cent of security vulnerabilities reported by the static analysis has been checked and it allows to study which vulnerabilities can be directly exploited externally.This phase is very important because it permits that each reported vulnerability can be checked by a dynamic second tool to confirm whether a vulnerability is true or false positive and it allows to study which vulnerabilities can be directly exploited externally.Dynamic analysis finds six(6)additional critical vulnerabilities.Access control analysis finds other five(5)important vulnerabilities such as Insufficient Protected Passwords or Weak Password Policy and Excessive Authentication Attacks,two vulnerabilities that permit brute force attacks.
