The surge in smishing attacks underscores the urgent need for robust,real-time detection systems powered by advanced deep learning models.This paper introduces PhishNet,a novel ensemble learning framework that integra...The surge in smishing attacks underscores the urgent need for robust,real-time detection systems powered by advanced deep learning models.This paper introduces PhishNet,a novel ensemble learning framework that integrates transformer-based models(RoBERTa)and large language models(LLMs)(GPT-OSS 120B,LLaMA3.370B,and Qwen332B)to enhance smishing detection performance significantly.To mitigate class imbalance,we apply synthetic data augmentation using T5 and leverage various text preprocessing techniques.Our system employs a duallayer voting mechanism:weighted majority voting among LLMs and a final ensemble vote to classify messages as ham,spam,or smishing.Experimental results show an average accuracy improvement from 96%to 98.5%compared to the best standalone transformer,and from 93%to 98.5%when compared to LLMs across datasets.Furthermore,we present a real-time,user-friendly application to operationalize our detection model for practical use.PhishNet demonstrates superior scalability,usability,and detection accuracy,filling critical gaps in current smishing detection methodologies.展开更多
In recent years,with the rapid advancement of artificial intelligence,object detection algorithms have made significant strides in accuracy and computational efficiency.Notably,research and applications of Anchor-Free...In recent years,with the rapid advancement of artificial intelligence,object detection algorithms have made significant strides in accuracy and computational efficiency.Notably,research and applications of Anchor-Free models have opened new avenues for real-time target detection in optical remote sensing images(ORSIs).However,in the realmof adversarial attacks,developing adversarial techniques tailored to Anchor-Freemodels remains challenging.Adversarial examples generated based on Anchor-Based models often exhibit poor transferability to these new model architectures.Furthermore,the growing diversity of Anchor-Free models poses additional hurdles to achieving robust transferability of adversarial attacks.This study presents an improved cross-conv-block feature fusion You Only Look Once(YOLO)architecture,meticulously engineered to facilitate the extraction ofmore comprehensive semantic features during the backpropagation process.To address the asymmetry between densely distributed objects in ORSIs and the corresponding detector outputs,a novel dense bounding box attack strategy is proposed.This approach leverages dense target bounding boxes loss in the calculation of adversarial loss functions.Furthermore,by integrating translation-invariant(TI)and momentum-iteration(MI)adversarial methodologies,the proposed framework significantly improves the transferability of adversarial attacks.Experimental results demonstrate that our method achieves superior adversarial attack performance,with adversarial transferability rates(ATR)of 67.53%on the NWPU VHR-10 dataset and 90.71%on the HRSC2016 dataset.Compared to ensemble adversarial attack and cascaded adversarial attack approaches,our method generates adversarial examples in an average of 0.64 s,representing an approximately 14.5%improvement in efficiency under equivalent conditions.展开更多
An attack-resilient distributed Nash equilibrium(NE) seeking problem is addressed for noncooperative games of networked systems under malicious cyber-attacks,i.e.,false data injection(FDI) attacks.Different from many ...An attack-resilient distributed Nash equilibrium(NE) seeking problem is addressed for noncooperative games of networked systems under malicious cyber-attacks,i.e.,false data injection(FDI) attacks.Different from many existing distributed NE seeking works,it is practical and challenging to get resilient adaptively distributed NE seeking under unknown and unbounded FDI attacks.An attack-resilient NE seeking algorithm that is distributed(i.e.,independent of global information on the graph's algebraic connectivity,Lipschitz and monotone constants of pseudo-gradients,or number of players),is presented by means of incorporating the consensus-based gradient play with a distributed attack identifier so as to achieve simultaneous NE seeking and attack identification asymptotically.Another key characteristic is that FDI attacks are allowed to be unknown and unbounded.By exploiting nonsmooth analysis and stability theory,the global asymptotic convergence of the developed algorithm to the NE is ensured.Moreover,we extend this design to further consider the attack-resilient NE seeking of double-integrator players.Lastly,numerical simulation and practical experiment results are presented to validate the developed algorithms' effectiveness.展开更多
Load frequency control(LFC)is a critical function to balance the power consumption and generation.Thegrid frequency is a crucial indicator for maintaining balance.However,the widely used information and communication ...Load frequency control(LFC)is a critical function to balance the power consumption and generation.Thegrid frequency is a crucial indicator for maintaining balance.However,the widely used information and communication infrastructure for LFC increases the risk of being attacked by malicious actors.The dynamic load altering attack(DLAA)is a typical attack that can destabilize the power system,causing the grid frequency to deviate fromits nominal value.Therefore,in this paper,we mathematically analyze the impact of DLAA on the stability of the grid frequency and propose the network parameter regulation(NPR)to mitigate the impact.To begin with,the dynamic LFC model is constructed by highlighting the importance of the network parameter.Then,we model the DLAA and analyze its impact on LFC using the theory of second-order dynamic systems.Finally,we model the NPR and prove its effect in mitigating the DLAA.Besides,we construct a least-effort NPR considering its infrastructure cost and aim to reduce the operation cost.Finally,we carry out extensive simulations to demonstrate the impact of the DLAA and evaluate the mitigation performance of NPR.The proposed cost-benefit NPR approach can not only mitigate the impact of DLAA with 100%and also save 41.18$/MWh in terms of the operation cost.展开更多
Orthogonal Frequency Division Multiplexing(OFDM)enables efficient Dynamic Spectrum Access(DSA)but suffers from high sidelobe that causes excessive out-of-band(OOB)emissions and expose the system to spectrum-layer cybe...Orthogonal Frequency Division Multiplexing(OFDM)enables efficient Dynamic Spectrum Access(DSA)but suffers from high sidelobe that causes excessive out-of-band(OOB)emissions and expose the system to spectrum-layer cyberattacks such as man-in-the-middle(MITM),eavesdropping,and primary user emulation(PUE)attacks.To address both spectral leakage and its security implications,this paper introduces a secure and intelligent hybrid optimization strategy that combinesan Eigenspace-based Generalized Sidelobe Canceller(ES-GSC)with a Genetic Algorithm(GA),to derive optimally weighted cancellation carriers.The proposed method jointly suppresses sidelobes and reinforces resistance to leakage-based attacks.MATLAB Simulation demonstrate considerable reductions in OOB emissions and higher resilience against spectrum-layer threats compared with existing techniques.展开更多
This paper addresses the consensus problem of nonlinear multi-agent systems subject to external disturbances and uncertainties under denial-ofservice(DoS)attacks.Firstly,an observer-based state feedback control method...This paper addresses the consensus problem of nonlinear multi-agent systems subject to external disturbances and uncertainties under denial-ofservice(DoS)attacks.Firstly,an observer-based state feedback control method is employed to achieve secure control by estimating the system's state in real time.Secondly,by combining a memory-based adaptive eventtriggered mechanism with neural networks,the paper aims to approximate the nonlinear terms in the networked system and efficiently conserve system resources.Finally,based on a two-degree-of-freedom model of a vehicle affected by crosswinds,this paper constructs a multi-unmanned ground vehicle(Multi-UGV)system to validate the effectiveness of the proposed method.Simulation results show that the proposed control strategy can effectively handle external disturbances such as crosswinds in practical applications,ensuring the stability and reliable operation of the Multi-UGV system.展开更多
Dear Editor,This letter investigates the optimal denial-of-service(DoS)attack scheduling targeting state estimation in cyber-Physical systems(CPSs)with the two-hop multi-channel network.CPSs are designed to achieve ef...Dear Editor,This letter investigates the optimal denial-of-service(DoS)attack scheduling targeting state estimation in cyber-Physical systems(CPSs)with the two-hop multi-channel network.CPSs are designed to achieve efficient,secure and adaptive operation by embedding intelligent and autonomous decision-making capabilities in the physical world.As a key component of the CPSs,the wireless network is vulnerable to various malicious attacks due to its openness[1].DoS attack is one of the most common attacks,characterized of simple execution and significant destructiveness[2].To mitigate the economic losses and environmental damage caused by DoS attacks,it is crucial to model and investigate data transmissions in CPSs.展开更多
As the density of wireless networks increases globally, the vulnerability of overlapped dense wireless communications to interference by hidden nodes and denial-of-service (DoS) attacks is becoming more apparent. Ther...As the density of wireless networks increases globally, the vulnerability of overlapped dense wireless communications to interference by hidden nodes and denial-of-service (DoS) attacks is becoming more apparent. There exists a gap in research on the detection and response to attacks on Medium Access Control (MAC) mechanisms themselves, which would lead to service outages between nodes. Classifying exploitation and deceptive jamming attacks on control mechanisms is particularly challengingdue to their resemblance to normal heavy communication patterns. Accordingly, this paper proposes a machine learning-based selective attack mitigation model that detects DoS attacks on wireless networks by monitoring packet log data. Based on the type of detected attack, it implements effective corresponding mitigation techniques to restore performance to nodes whose availability has been compromised. Experimental results reveal that the accuracy of the proposed model is 14% higher than that of a baseline anomaly detection model. Further, the appropriate mitigation techniques selected by the proposed system based on the attack type improve the average throughput by more than 440% compared to the case without a response.展开更多
This paper investigates the problem of optimal secure control for networked control systems under hybrid attacks.A control strategy based on the Stackelberg game framework is proposed,which differs from conventional m...This paper investigates the problem of optimal secure control for networked control systems under hybrid attacks.A control strategy based on the Stackelberg game framework is proposed,which differs from conventional methods by considering both denial-of-service(DoS)and false data injection(FDI)attacks simultaneously.Additionally,the stability conditions for the system under these hybrid attacks are established.It is technically challenging to design the control strategy by predicting attacker actions based on Stcakelberg game to ensure the system stability under hybrid attacks.Another technical difficulty lies in establishing the conditions for mean-square asymptotic stability due to the complexity of the attack scenarios Finally,simulations on an unstable batch reactor system under hybrid attacks demonstrate the effectiveness of the proposed strategy.展开更多
Dear Editor,The attacker is always going to intrude covertly networked control systems(NCSs)by dynamically changing false data injection attacks(FDIAs)strategy,while the defender try their best to resist attacks by de...Dear Editor,The attacker is always going to intrude covertly networked control systems(NCSs)by dynamically changing false data injection attacks(FDIAs)strategy,while the defender try their best to resist attacks by designing defense strategy on the basis of identifying attack strategy,maintaining stable operation of NCSs.To solve this attack-defense game problem,this letter investigates optimal secure control of NCSs under FDIAs.First,for the alterations of energy caused by false data,a novel attack-defense game model is constructed,which considers the changes of energy caused by the actions of the defender and attacker in the forward and feedback channels.展开更多
Dear Editor,This letter studies the stabilization control issue of cyber-physical systems with time-varying delays and aperiodic denial-of-service(DoS)attacks.To address the calculation overload issue caused by networ...Dear Editor,This letter studies the stabilization control issue of cyber-physical systems with time-varying delays and aperiodic denial-of-service(DoS)attacks.To address the calculation overload issue caused by networked predictive control(NPC)approach,an event-based NPC method is proposed.Within the proposed method,the negative effects of time-varying delays and DoS attacks on system performance are compensated.Then,sufficient and necessary conditions are derived to ensure the stability of the closed-loop system.In the end,simulation results are provided to demonstrate the validity of presented method.展开更多
Wireless Sensor Networks(WSN)have gained significant attention over recent years due to their extensive applications in various domains such as environmentalmonitoring,healthcare systems,industrial automation,and smar...Wireless Sensor Networks(WSN)have gained significant attention over recent years due to their extensive applications in various domains such as environmentalmonitoring,healthcare systems,industrial automation,and smart cities.However,such networks are inherently vulnerable to different types of attacks because they operate in open environments with limited resources and constrained communication capabilities.Thepaper addresses challenges related to modeling and analysis of wireless sensor networks and their susceptibility to attacks.Its objective is to create versatile modeling tools capable of detecting attacks against network devices and identifying anomalies caused either by legitimate user errors or malicious activities.A proposed integrated approach for data collection,preprocessing,and analysis in WSN outlines a series of steps applicable throughout both the design phase and operation stage.This ensures effective detection of attacks and anomalies within WSNs.An introduced attackmodel specifies potential types of unauthorized network layer attacks targeting network nodes,transmitted data,and services offered by the WSN.Furthermore,a graph-based analytical framework was designed to detect attacks by evaluating real-time events from network nodes and determining if an attack is underway.Additionally,a simulation model based on sequences of imperative rules defining behaviors of both regular and compromised nodes is presented.Overall,this technique was experimentally verified using a segment of a WSN embedded in a smart city infrastructure,simulating a wormhole attack.Results demonstrate the viability and practical significance of the technique for enhancing future information security measures.Validation tests confirmed high levels of accuracy and efficiency when applied specifically to detecting wormhole attacks targeting routing protocols in WSNs.Precision and recall rates averaged above the benchmark value of 0.95,thus validating the broad applicability of the proposed models across varied scenarios.展开更多
This paper introduces a robust Distributed Denial-of-Service attack detection framework tailored for Software-Defined Networking based Internet of Things environments,built upon a novel,syntheticmulti-vector dataset g...This paper introduces a robust Distributed Denial-of-Service attack detection framework tailored for Software-Defined Networking based Internet of Things environments,built upon a novel,syntheticmulti-vector dataset generated in a Mininet-Ryu testbed using real-time flow-based labeling.The proposed model is based on the XGBoost algorithm,optimized with Principal Component Analysis for dimensionality reduction,utilizing lightweight flowlevel features extracted from Open Flow statistics to classify attacks across critical IoT protocols including TCP,UDP,HTTP,MQTT,and CoAP.The model employs lightweight flow-level features extracted from Open Flow statistics to ensure low computational overhead and fast processing.Performance was rigorously evaluated using key metrics,including Accuracy,Precision,Recall,F1-Score,False Alarm Rate,AUC-ROC,and Detection Time.Experimental results demonstrate the model’s high performance,achieving an accuracy of 98.93%and a low FAR of 0.86%,with a rapid median detection time of 1.02 s.This efficiency validates its superiority in meeting critical Key Performance Indicators,such as Latency and high Throughput,necessary for time-sensitive SDN-IoT systems.Furthermore,the model’s robustness and statistically significant outperformance against baseline models such as Random Forest,k-Nearest Neighbors,and Gradient Boosting Machine,validating through statistical tests using Wilcoxon signed-rank test and confirmed via successful deployment in a real SDN testbed for live traffic detection and mitigation.展开更多
The implementation of Countermeasure Techniques(CTs)in the context of Network-On-Chip(NoC)based Multiprocessor System-On-Chip(MPSoC)routers against the Flooding Denial-of-Service Attack(F-DoSA)falls under Multi-Criter...The implementation of Countermeasure Techniques(CTs)in the context of Network-On-Chip(NoC)based Multiprocessor System-On-Chip(MPSoC)routers against the Flooding Denial-of-Service Attack(F-DoSA)falls under Multi-Criteria Decision-Making(MCDM)due to the three main concerns,called:traffic variations,multiple evaluation criteria-based traffic features,and prioritization NoC routers as an alternative.In this study,we propose a comprehensive evaluation of various NoC traffic features to identify the most efficient routers under the F-DoSA scenarios.Consequently,an MCDM approach is essential to address these emerging challenges.While the recent MCDM approach has some issues,such as uncertainty,this study utilizes Fuzzy-Weighted Zero-Inconsistency(FWZIC)to estimate the criteria weight values and Fuzzy Decision by Opinion Score Method(FDOSM)for ranking the routers with fuzzy Single-valued Neutrosophic under names(SvN-FWZIC and SvN-FDOSM)to overcome the ambiguity.The results obtained by using the SvN-FWZIC method indicate that the Max packet count has the highest importance among the evaluated criteria,with a weighted score of 0.1946.In contrast,the Hop count is identified as the least significant criterion,with a weighted score of 0.1090.The remaining criteria fall within a range of intermediate importance,with enqueue time scoring 0.1845,packet count decremented and traversal index scoring 0.1262,packet count incremented scoring 0.1124,and packet count index scoring 0.1472.In terms of ranking,SvN-FDOSM has two approaches:individual and group.Both the individual and group ranking processes show that(Router 4)is the most effective router,while(Router 3)is the lowest router under F-DoSA.The sensitivity analysis provides a high stability in ranking among all 10 scenarios.This approach offers essential feedback in making proper decisions in the design of countermeasure techniques in the domain of NoC-based MPSoC.展开更多
The sinkhole attack is one of the most damaging threats in the Internet of Things(IoT).It deceptively attracts neighboring nodes and initiates malicious activity,often disrupting the network when combined with other a...The sinkhole attack is one of the most damaging threats in the Internet of Things(IoT).It deceptively attracts neighboring nodes and initiates malicious activity,often disrupting the network when combined with other attacks.This study proposes a novel approach,named NADSA,to detect and isolate sinkhole attacks.NADSA is based on the RPL protocol and consists of two detection phases.In the first phase,the minimum possible hop count between the sender and receiver is calculated and compared with the sender’s reported hop count.The second phase utilizes the number of DIO messages to identify suspicious nodes and then applies a fuzzification process using RSSI,ETX,and distance measurements to confirm the presence of a malicious node.The proposed method is extensively simulated in highly lossy and sparse network environments with varying numbers of nodes.The results demonstrate that NADSA achieves high efficiency,with PDRs of 68%,70%,and 73%;E2EDs of 81,72,and 60 ms;TPRs of 89%,83%,and 80%;and FPRs of 24%,28%,and 33%.NADSA outperforms existing methods in challenging network conditions,where traditional approaches typically degrade in effectiveness.展开更多
Federated Graph Neural Networks (FedGNNs) have achieved significant success in representation learning for graph data, enabling collaborative training among multiple parties without sharing their raw graph data and so...Federated Graph Neural Networks (FedGNNs) have achieved significant success in representation learning for graph data, enabling collaborative training among multiple parties without sharing their raw graph data and solving the data isolation problem faced by centralized GNNs in data-sensitive scenarios. Despite the plethora of prior work on inference attacks against centralized GNNs, the vulnerability of FedGNNs to inference attacks has not yet been widely explored. It is still unclear whether the privacy leakage risks of centralized GNNs will also be introduced in FedGNNs. To bridge this gap, we present PIAFGNN, the first property inference attack (PIA) against FedGNNs. Compared with prior works on centralized GNNs, in PIAFGNN, the attacker can only obtain the global embedding gradient distributed by the central server. The attacker converts the task of stealing the target user’s local embeddings into a regression problem, using a regression model to generate the target graph node embeddings. By training shadow models and property classifiers, the attacker can infer the basic property information within the target graph that is of interest. Experiments on three benchmark graph datasets demonstrate that PIAFGNN achieves attack accuracy of over 70% in most cases, even approaching the attack accuracy of inference attacks against centralized GNNs in some instances, which is much higher than the attack accuracy of the random guessing method. Furthermore, we observe that common defense mechanisms cannot mitigate our attack without affecting the model’s performance on mainly classification tasks.展开更多
Deep neural networks(DNNs)have found extensive applications in safety-critical artificial intelligence systems,such as autonomous driving and facial recognition systems.However,recent research has revealed their susce...Deep neural networks(DNNs)have found extensive applications in safety-critical artificial intelligence systems,such as autonomous driving and facial recognition systems.However,recent research has revealed their susceptibility to backdoors maliciously injected by adversaries.This vulnerability arises due to the intricate architecture and opacity of DNNs,resulting in numerous redundant neurons embedded within the models.Adversaries exploit these vulnerabilities to conceal malicious backdoor information within DNNs,thereby causing erroneous outputs and posing substantial threats to the efficacy of DNN-based applications.This article presents a comprehensive survey of backdoor attacks against DNNs and the countermeasure methods employed to mitigate them.Initially,we trace the evolution of the concept from traditional backdoor attacks to backdoor attacks against DNNs,highlighting the feasibility and practicality of generating backdoor attacks against DNNs.Subsequently,we provide an overview of notable works encompassing various attack and defense strategies,facilitating a comparative analysis of their approaches.Through these discussions,we offer constructive insights aimed at refining these techniques.Finally,we extend our research perspective to the domain of large language models(LLMs)and synthesize the characteristics and developmental trends of backdoor attacks and defense methods targeting LLMs.Through a systematic review of existing studies on backdoor vulnerabilities in LLMs,we identify critical open challenges in this field and propose actionable directions for future research.展开更多
This study proposes an efficient traffic classification model to address the growing threat of distributed denial-of-service(DDoS)attacks in 5th generation technology standard(5G)slicing networks.The proposed method u...This study proposes an efficient traffic classification model to address the growing threat of distributed denial-of-service(DDoS)attacks in 5th generation technology standard(5G)slicing networks.The proposed method utilizes an ensemble of encoder components from multiple autoencoders to compress and extract latent representations from high-dimensional traffic data.These representations are then used as input for a support vector machine(SVM)-based metadata classifier,enabling precise detection of attack traffic.This architecture is designed to achieve both high detection accuracy and training efficiency,while adapting flexibly to the diverse service requirements and complexity of 5G network slicing.The model was evaluated using the DDoS Datasets 2022,collected in a simulated 5G slicing environment.Experiments were conducted under both class-balanced and class-imbalanced conditions.In the balanced setting,the model achieved an accuracy of 89.33%,an F1-score of 88.23%,and an Area Under the Curve(AUC)of 89.45%.In the imbalanced setting(attack:normal 7:3),the model maintained strong robustness,=achieving a recall of 100%and an F1-score of 90.91%,demonstrating its effectiveness in diverse real-world scenarios.Compared to existing AI-based detection methods,the proposed model showed higher precision,better handling of class imbalance,and strong generalization performance.Moreover,its modular structure is well-suited for deployment in containerized network function(NF)environments,making it a practical solution for real-world 5G infrastructure.These results highlight the potential of the proposed approach to enhance both the security and operational resilience of 5G slicing networks.展开更多
The Internet of Things(IoT)is an innovation that combines imagined space with the actual world on a single platform.Because of the recent rapid rise of IoT devices,there has been a lack of standards,leading to a massi...The Internet of Things(IoT)is an innovation that combines imagined space with the actual world on a single platform.Because of the recent rapid rise of IoT devices,there has been a lack of standards,leading to a massive increase in unprotected devices connecting to networks.Consequently,cyberattacks on IoT are becoming more common,particularly keylogging attacks,which are often caused by security vulnerabilities on IoT networks.This research focuses on the role of transfer learning and ensemble classifiers in enhancing the detection of keylogging attacks within small,imbalanced IoT datasets.The authors propose a model that combines transfer learning with ensemble classification methods,leading to improved detection accuracy.By leveraging the BoT-IoT and keylogger_detection datasets,they facilitate the transfer of knowledge across various domains.The results reveal that the integration of transfer learning and ensemble classifiers significantly improves detection capabilities,even in scenarios with limited data availability.The proposed TRANS-ENS model showcases exceptional accuracy and a minimal false positive rate,outperforming current deep learning approaches.The primary objectives include:(i)introducing an ensemble feature selection technique to identify common features across models,(ii)creating a pre-trained deep learning model through transfer learning for the detection of keylogging attacks,and(iii)developing a transfer learning-ensemble model dedicated to keylogging detection.Experimental findings indicate that the TRANS-ENS model achieves a detection accuracy of 96.06%and a false alarm rate of 0.12%,surpassing existing models such as CNN,RNN,and LSTM.展开更多
Vehicular Ad Hoc Networks(VANETs)are central to Intelligent Transportation Systems(ITS),especially for real-time communication involving emergency vehicles.Yet,Distributed Denial of Service(DDoS)attacks can disrupt sa...Vehicular Ad Hoc Networks(VANETs)are central to Intelligent Transportation Systems(ITS),especially for real-time communication involving emergency vehicles.Yet,Distributed Denial of Service(DDoS)attacks can disrupt safety-critical channels and undermine reliability.This paper presents a robust,scalable framework for detecting DDoS attacks in highway VANETs.We construct a new dataset with Network Simulator 3(NS-3)and Simulation of Urban Mobility(SUMO),enriched with real mobility traces from Germany’s A81 highway(OpenStreetMap).Three traffic classes are modeled:DDoS,Voice over IP(VoIP),and Transmission Control Protocol Based(TCP-based)video streaming(VideoTCP).The pipeline includes normalization,feature selection with SHapley Additive exPlanations(SHAP),and class balancing via Synthetic Minority Over-sampling Technique(SMOTE).Eleven classifiers are benchmarked—including eXtreme Gradient Boosting(XGBoost),Categorical Boosting(CatBoost),Adaptive Boosting(AdaBoost),Gradient Boosting(GB),and an Artificial Neural Network(ANN)—using stratified 5-fold cross-validation.XGBoost,GB,CatBoost and ANN achieve the highest performance(weighted F1-score=97%).To assess robustness under non-ideal conditions,we introduce an adversarial evaluation with packet-loss and traffic-jitter(small-sample deformation);the top models retain strong performance,supporting real-time applicability.Collectively,these results demonstrate that the proposed highway-focused framework is accurate,resilient,and well-suited for deployment in VANET security for emergency communications.展开更多
基金funded by the Deanship of Scientific Research(DSR)at King Abdulaziz University,Jeddah,under Grant No.(GPIP:1074-612-2024).
文摘The surge in smishing attacks underscores the urgent need for robust,real-time detection systems powered by advanced deep learning models.This paper introduces PhishNet,a novel ensemble learning framework that integrates transformer-based models(RoBERTa)and large language models(LLMs)(GPT-OSS 120B,LLaMA3.370B,and Qwen332B)to enhance smishing detection performance significantly.To mitigate class imbalance,we apply synthetic data augmentation using T5 and leverage various text preprocessing techniques.Our system employs a duallayer voting mechanism:weighted majority voting among LLMs and a final ensemble vote to classify messages as ham,spam,or smishing.Experimental results show an average accuracy improvement from 96%to 98.5%compared to the best standalone transformer,and from 93%to 98.5%when compared to LLMs across datasets.Furthermore,we present a real-time,user-friendly application to operationalize our detection model for practical use.PhishNet demonstrates superior scalability,usability,and detection accuracy,filling critical gaps in current smishing detection methodologies.
文摘In recent years,with the rapid advancement of artificial intelligence,object detection algorithms have made significant strides in accuracy and computational efficiency.Notably,research and applications of Anchor-Free models have opened new avenues for real-time target detection in optical remote sensing images(ORSIs).However,in the realmof adversarial attacks,developing adversarial techniques tailored to Anchor-Freemodels remains challenging.Adversarial examples generated based on Anchor-Based models often exhibit poor transferability to these new model architectures.Furthermore,the growing diversity of Anchor-Free models poses additional hurdles to achieving robust transferability of adversarial attacks.This study presents an improved cross-conv-block feature fusion You Only Look Once(YOLO)architecture,meticulously engineered to facilitate the extraction ofmore comprehensive semantic features during the backpropagation process.To address the asymmetry between densely distributed objects in ORSIs and the corresponding detector outputs,a novel dense bounding box attack strategy is proposed.This approach leverages dense target bounding boxes loss in the calculation of adversarial loss functions.Furthermore,by integrating translation-invariant(TI)and momentum-iteration(MI)adversarial methodologies,the proposed framework significantly improves the transferability of adversarial attacks.Experimental results demonstrate that our method achieves superior adversarial attack performance,with adversarial transferability rates(ATR)of 67.53%on the NWPU VHR-10 dataset and 90.71%on the HRSC2016 dataset.Compared to ensemble adversarial attack and cascaded adversarial attack approaches,our method generates adversarial examples in an average of 0.64 s,representing an approximately 14.5%improvement in efficiency under equivalent conditions.
基金supported in part by the National Natural Science Foundation of China(62373022,U2241217,62141604)Beijing Natural Science Foundation(4252043,JQ23019)+4 种基金the Fundamental Research Funds for the Central Universities(JKF-2025037448805,JKF-2025086098295)the Aeronautical Science Fund(2023Z034051001)the Academic Excellence Foundation of BUAA for Ph.D. Studentsthe Science and Technology Innovation2030—Key Project of New Generation Artificial Intelligence(2020AAA0108200)the National Key Research and Development Program of China(2022YFB3305600)。
文摘An attack-resilient distributed Nash equilibrium(NE) seeking problem is addressed for noncooperative games of networked systems under malicious cyber-attacks,i.e.,false data injection(FDI) attacks.Different from many existing distributed NE seeking works,it is practical and challenging to get resilient adaptively distributed NE seeking under unknown and unbounded FDI attacks.An attack-resilient NE seeking algorithm that is distributed(i.e.,independent of global information on the graph's algebraic connectivity,Lipschitz and monotone constants of pseudo-gradients,or number of players),is presented by means of incorporating the consensus-based gradient play with a distributed attack identifier so as to achieve simultaneous NE seeking and attack identification asymptotically.Another key characteristic is that FDI attacks are allowed to be unknown and unbounded.By exploiting nonsmooth analysis and stability theory,the global asymptotic convergence of the developed algorithm to the NE is ensured.Moreover,we extend this design to further consider the attack-resilient NE seeking of double-integrator players.Lastly,numerical simulation and practical experiment results are presented to validate the developed algorithms' effectiveness.
基金supported by the project Major Scientific and Technological Special Project of Guizhou Province([2024]014).
文摘Load frequency control(LFC)is a critical function to balance the power consumption and generation.Thegrid frequency is a crucial indicator for maintaining balance.However,the widely used information and communication infrastructure for LFC increases the risk of being attacked by malicious actors.The dynamic load altering attack(DLAA)is a typical attack that can destabilize the power system,causing the grid frequency to deviate fromits nominal value.Therefore,in this paper,we mathematically analyze the impact of DLAA on the stability of the grid frequency and propose the network parameter regulation(NPR)to mitigate the impact.To begin with,the dynamic LFC model is constructed by highlighting the importance of the network parameter.Then,we model the DLAA and analyze its impact on LFC using the theory of second-order dynamic systems.Finally,we model the NPR and prove its effect in mitigating the DLAA.Besides,we construct a least-effort NPR considering its infrastructure cost and aim to reduce the operation cost.Finally,we carry out extensive simulations to demonstrate the impact of the DLAA and evaluate the mitigation performance of NPR.The proposed cost-benefit NPR approach can not only mitigate the impact of DLAA with 100%and also save 41.18$/MWh in terms of the operation cost.
文摘Orthogonal Frequency Division Multiplexing(OFDM)enables efficient Dynamic Spectrum Access(DSA)but suffers from high sidelobe that causes excessive out-of-band(OOB)emissions and expose the system to spectrum-layer cyberattacks such as man-in-the-middle(MITM),eavesdropping,and primary user emulation(PUE)attacks.To address both spectral leakage and its security implications,this paper introduces a secure and intelligent hybrid optimization strategy that combinesan Eigenspace-based Generalized Sidelobe Canceller(ES-GSC)with a Genetic Algorithm(GA),to derive optimally weighted cancellation carriers.The proposed method jointly suppresses sidelobes and reinforces resistance to leakage-based attacks.MATLAB Simulation demonstrate considerable reductions in OOB emissions and higher resilience against spectrum-layer threats compared with existing techniques.
基金The National Natural Science Foundation of China(W2431048)The Science and Technology Research Program of Chongqing Municipal Education Commission,China(KJZDK202300807)The Chongqing Natural Science Foundation,China(CSTB2024NSCQQCXMX0052).
文摘This paper addresses the consensus problem of nonlinear multi-agent systems subject to external disturbances and uncertainties under denial-ofservice(DoS)attacks.Firstly,an observer-based state feedback control method is employed to achieve secure control by estimating the system's state in real time.Secondly,by combining a memory-based adaptive eventtriggered mechanism with neural networks,the paper aims to approximate the nonlinear terms in the networked system and efficiently conserve system resources.Finally,based on a two-degree-of-freedom model of a vehicle affected by crosswinds,this paper constructs a multi-unmanned ground vehicle(Multi-UGV)system to validate the effectiveness of the proposed method.Simulation results show that the proposed control strategy can effectively handle external disturbances such as crosswinds in practical applications,ensuring the stability and reliable operation of the Multi-UGV system.
文摘Dear Editor,This letter investigates the optimal denial-of-service(DoS)attack scheduling targeting state estimation in cyber-Physical systems(CPSs)with the two-hop multi-channel network.CPSs are designed to achieve efficient,secure and adaptive operation by embedding intelligent and autonomous decision-making capabilities in the physical world.As a key component of the CPSs,the wireless network is vulnerable to various malicious attacks due to its openness[1].DoS attack is one of the most common attacks,characterized of simple execution and significant destructiveness[2].To mitigate the economic losses and environmental damage caused by DoS attacks,it is crucial to model and investigate data transmissions in CPSs.
基金supported by the Ministry of Trade,Industry and Energy(MOTIE)under Training Industrial Security Specialist for High-Tech Industry(RS-2024-00415520)supervised by the Korea Institute for Advancement of Technology(KIAT)the Ministry of Science and ICT(MSIT)under the ICT Challenge and Advanced Network of HRD(ICAN)Program(No.IITP-2022-RS-2022-00156310)supervised by the Institute of Information&Communication Technology Planning&Evaluation(IITP).
文摘As the density of wireless networks increases globally, the vulnerability of overlapped dense wireless communications to interference by hidden nodes and denial-of-service (DoS) attacks is becoming more apparent. There exists a gap in research on the detection and response to attacks on Medium Access Control (MAC) mechanisms themselves, which would lead to service outages between nodes. Classifying exploitation and deceptive jamming attacks on control mechanisms is particularly challengingdue to their resemblance to normal heavy communication patterns. Accordingly, this paper proposes a machine learning-based selective attack mitigation model that detects DoS attacks on wireless networks by monitoring packet log data. Based on the type of detected attack, it implements effective corresponding mitigation techniques to restore performance to nodes whose availability has been compromised. Experimental results reveal that the accuracy of the proposed model is 14% higher than that of a baseline anomaly detection model. Further, the appropriate mitigation techniques selected by the proposed system based on the attack type improve the average throughput by more than 440% compared to the case without a response.
基金supported in part by Shanghai Rising-Star Program,China under grant 22QA1409400in part by National Natural Science Foundation of China under grant 62473287 and 62088101in part by Shanghai Municipal Science and Technology Major Project under grant 2021SHZDZX0100.
文摘This paper investigates the problem of optimal secure control for networked control systems under hybrid attacks.A control strategy based on the Stackelberg game framework is proposed,which differs from conventional methods by considering both denial-of-service(DoS)and false data injection(FDI)attacks simultaneously.Additionally,the stability conditions for the system under these hybrid attacks are established.It is technically challenging to design the control strategy by predicting attacker actions based on Stcakelberg game to ensure the system stability under hybrid attacks.Another technical difficulty lies in establishing the conditions for mean-square asymptotic stability due to the complexity of the attack scenarios Finally,simulations on an unstable batch reactor system under hybrid attacks demonstrate the effectiveness of the proposed strategy.
基金supported in part by the National Science Foundation of China(62373240,62273224,U24A20259).
文摘Dear Editor,The attacker is always going to intrude covertly networked control systems(NCSs)by dynamically changing false data injection attacks(FDIAs)strategy,while the defender try their best to resist attacks by designing defense strategy on the basis of identifying attack strategy,maintaining stable operation of NCSs.To solve this attack-defense game problem,this letter investigates optimal secure control of NCSs under FDIAs.First,for the alterations of energy caused by false data,a novel attack-defense game model is constructed,which considers the changes of energy caused by the actions of the defender and attacker in the forward and feedback channels.
基金supported by the National Natural Science Foundation of China(61433003,60904003,11602019).
文摘Dear Editor,This letter studies the stabilization control issue of cyber-physical systems with time-varying delays and aperiodic denial-of-service(DoS)attacks.To address the calculation overload issue caused by networked predictive control(NPC)approach,an event-based NPC method is proposed.Within the proposed method,the negative effects of time-varying delays and DoS attacks on system performance are compensated.Then,sufficient and necessary conditions are derived to ensure the stability of the closed-loop system.In the end,simulation results are provided to demonstrate the validity of presented method.
基金the International Scientific Complex“Astana”was funded by the Committee of Science of the Ministry of Science and Higher Education of the Republic of Kazakhstan(Grant No.AP19680345).
文摘Wireless Sensor Networks(WSN)have gained significant attention over recent years due to their extensive applications in various domains such as environmentalmonitoring,healthcare systems,industrial automation,and smart cities.However,such networks are inherently vulnerable to different types of attacks because they operate in open environments with limited resources and constrained communication capabilities.Thepaper addresses challenges related to modeling and analysis of wireless sensor networks and their susceptibility to attacks.Its objective is to create versatile modeling tools capable of detecting attacks against network devices and identifying anomalies caused either by legitimate user errors or malicious activities.A proposed integrated approach for data collection,preprocessing,and analysis in WSN outlines a series of steps applicable throughout both the design phase and operation stage.This ensures effective detection of attacks and anomalies within WSNs.An introduced attackmodel specifies potential types of unauthorized network layer attacks targeting network nodes,transmitted data,and services offered by the WSN.Furthermore,a graph-based analytical framework was designed to detect attacks by evaluating real-time events from network nodes and determining if an attack is underway.Additionally,a simulation model based on sequences of imperative rules defining behaviors of both regular and compromised nodes is presented.Overall,this technique was experimentally verified using a segment of a WSN embedded in a smart city infrastructure,simulating a wormhole attack.Results demonstrate the viability and practical significance of the technique for enhancing future information security measures.Validation tests confirmed high levels of accuracy and efficiency when applied specifically to detecting wormhole attacks targeting routing protocols in WSNs.Precision and recall rates averaged above the benchmark value of 0.95,thus validating the broad applicability of the proposed models across varied scenarios.
文摘This paper introduces a robust Distributed Denial-of-Service attack detection framework tailored for Software-Defined Networking based Internet of Things environments,built upon a novel,syntheticmulti-vector dataset generated in a Mininet-Ryu testbed using real-time flow-based labeling.The proposed model is based on the XGBoost algorithm,optimized with Principal Component Analysis for dimensionality reduction,utilizing lightweight flowlevel features extracted from Open Flow statistics to classify attacks across critical IoT protocols including TCP,UDP,HTTP,MQTT,and CoAP.The model employs lightweight flow-level features extracted from Open Flow statistics to ensure low computational overhead and fast processing.Performance was rigorously evaluated using key metrics,including Accuracy,Precision,Recall,F1-Score,False Alarm Rate,AUC-ROC,and Detection Time.Experimental results demonstrate the model’s high performance,achieving an accuracy of 98.93%and a low FAR of 0.86%,with a rapid median detection time of 1.02 s.This efficiency validates its superiority in meeting critical Key Performance Indicators,such as Latency and high Throughput,necessary for time-sensitive SDN-IoT systems.Furthermore,the model’s robustness and statistically significant outperformance against baseline models such as Random Forest,k-Nearest Neighbors,and Gradient Boosting Machine,validating through statistical tests using Wilcoxon signed-rank test and confirmed via successful deployment in a real SDN testbed for live traffic detection and mitigation.
文摘The implementation of Countermeasure Techniques(CTs)in the context of Network-On-Chip(NoC)based Multiprocessor System-On-Chip(MPSoC)routers against the Flooding Denial-of-Service Attack(F-DoSA)falls under Multi-Criteria Decision-Making(MCDM)due to the three main concerns,called:traffic variations,multiple evaluation criteria-based traffic features,and prioritization NoC routers as an alternative.In this study,we propose a comprehensive evaluation of various NoC traffic features to identify the most efficient routers under the F-DoSA scenarios.Consequently,an MCDM approach is essential to address these emerging challenges.While the recent MCDM approach has some issues,such as uncertainty,this study utilizes Fuzzy-Weighted Zero-Inconsistency(FWZIC)to estimate the criteria weight values and Fuzzy Decision by Opinion Score Method(FDOSM)for ranking the routers with fuzzy Single-valued Neutrosophic under names(SvN-FWZIC and SvN-FDOSM)to overcome the ambiguity.The results obtained by using the SvN-FWZIC method indicate that the Max packet count has the highest importance among the evaluated criteria,with a weighted score of 0.1946.In contrast,the Hop count is identified as the least significant criterion,with a weighted score of 0.1090.The remaining criteria fall within a range of intermediate importance,with enqueue time scoring 0.1845,packet count decremented and traversal index scoring 0.1262,packet count incremented scoring 0.1124,and packet count index scoring 0.1472.In terms of ranking,SvN-FDOSM has two approaches:individual and group.Both the individual and group ranking processes show that(Router 4)is the most effective router,while(Router 3)is the lowest router under F-DoSA.The sensitivity analysis provides a high stability in ranking among all 10 scenarios.This approach offers essential feedback in making proper decisions in the design of countermeasure techniques in the domain of NoC-based MPSoC.
文摘The sinkhole attack is one of the most damaging threats in the Internet of Things(IoT).It deceptively attracts neighboring nodes and initiates malicious activity,often disrupting the network when combined with other attacks.This study proposes a novel approach,named NADSA,to detect and isolate sinkhole attacks.NADSA is based on the RPL protocol and consists of two detection phases.In the first phase,the minimum possible hop count between the sender and receiver is calculated and compared with the sender’s reported hop count.The second phase utilizes the number of DIO messages to identify suspicious nodes and then applies a fuzzification process using RSSI,ETX,and distance measurements to confirm the presence of a malicious node.The proposed method is extensively simulated in highly lossy and sparse network environments with varying numbers of nodes.The results demonstrate that NADSA achieves high efficiency,with PDRs of 68%,70%,and 73%;E2EDs of 81,72,and 60 ms;TPRs of 89%,83%,and 80%;and FPRs of 24%,28%,and 33%.NADSA outperforms existing methods in challenging network conditions,where traditional approaches typically degrade in effectiveness.
基金supported by the National Natural Science Foundation of China(Nos.62176122 and 62061146002).
文摘Federated Graph Neural Networks (FedGNNs) have achieved significant success in representation learning for graph data, enabling collaborative training among multiple parties without sharing their raw graph data and solving the data isolation problem faced by centralized GNNs in data-sensitive scenarios. Despite the plethora of prior work on inference attacks against centralized GNNs, the vulnerability of FedGNNs to inference attacks has not yet been widely explored. It is still unclear whether the privacy leakage risks of centralized GNNs will also be introduced in FedGNNs. To bridge this gap, we present PIAFGNN, the first property inference attack (PIA) against FedGNNs. Compared with prior works on centralized GNNs, in PIAFGNN, the attacker can only obtain the global embedding gradient distributed by the central server. The attacker converts the task of stealing the target user’s local embeddings into a regression problem, using a regression model to generate the target graph node embeddings. By training shadow models and property classifiers, the attacker can infer the basic property information within the target graph that is of interest. Experiments on three benchmark graph datasets demonstrate that PIAFGNN achieves attack accuracy of over 70% in most cases, even approaching the attack accuracy of inference attacks against centralized GNNs in some instances, which is much higher than the attack accuracy of the random guessing method. Furthermore, we observe that common defense mechanisms cannot mitigate our attack without affecting the model’s performance on mainly classification tasks.
基金supported in part by the National Natural Science Foundation of China under Grants No.62372087 and No.62072076the Research Fund of State Key Laboratory of Processors under Grant No.CLQ202310the CSC scholarship.
文摘Deep neural networks(DNNs)have found extensive applications in safety-critical artificial intelligence systems,such as autonomous driving and facial recognition systems.However,recent research has revealed their susceptibility to backdoors maliciously injected by adversaries.This vulnerability arises due to the intricate architecture and opacity of DNNs,resulting in numerous redundant neurons embedded within the models.Adversaries exploit these vulnerabilities to conceal malicious backdoor information within DNNs,thereby causing erroneous outputs and posing substantial threats to the efficacy of DNN-based applications.This article presents a comprehensive survey of backdoor attacks against DNNs and the countermeasure methods employed to mitigate them.Initially,we trace the evolution of the concept from traditional backdoor attacks to backdoor attacks against DNNs,highlighting the feasibility and practicality of generating backdoor attacks against DNNs.Subsequently,we provide an overview of notable works encompassing various attack and defense strategies,facilitating a comparative analysis of their approaches.Through these discussions,we offer constructive insights aimed at refining these techniques.Finally,we extend our research perspective to the domain of large language models(LLMs)and synthesize the characteristics and developmental trends of backdoor attacks and defense methods targeting LLMs.Through a systematic review of existing studies on backdoor vulnerabilities in LLMs,we identify critical open challenges in this field and propose actionable directions for future research.
基金supported by an Institute of Information&Communications Technology Planning&Evaluation(IITP)grant funded by the Korean government(MSIT)(RS-2024-00438156,Development of Security Resilience Technology Based on Network Slicing Services in a 5G Specialized Network).
文摘This study proposes an efficient traffic classification model to address the growing threat of distributed denial-of-service(DDoS)attacks in 5th generation technology standard(5G)slicing networks.The proposed method utilizes an ensemble of encoder components from multiple autoencoders to compress and extract latent representations from high-dimensional traffic data.These representations are then used as input for a support vector machine(SVM)-based metadata classifier,enabling precise detection of attack traffic.This architecture is designed to achieve both high detection accuracy and training efficiency,while adapting flexibly to the diverse service requirements and complexity of 5G network slicing.The model was evaluated using the DDoS Datasets 2022,collected in a simulated 5G slicing environment.Experiments were conducted under both class-balanced and class-imbalanced conditions.In the balanced setting,the model achieved an accuracy of 89.33%,an F1-score of 88.23%,and an Area Under the Curve(AUC)of 89.45%.In the imbalanced setting(attack:normal 7:3),the model maintained strong robustness,=achieving a recall of 100%and an F1-score of 90.91%,demonstrating its effectiveness in diverse real-world scenarios.Compared to existing AI-based detection methods,the proposed model showed higher precision,better handling of class imbalance,and strong generalization performance.Moreover,its modular structure is well-suited for deployment in containerized network function(NF)environments,making it a practical solution for real-world 5G infrastructure.These results highlight the potential of the proposed approach to enhance both the security and operational resilience of 5G slicing networks.
基金the Deanship of Graduate Studies and Scientific Research at Najran University for supporting the research project through the Group Research,with the project code NU/GP/SERC/13/712。
文摘The Internet of Things(IoT)is an innovation that combines imagined space with the actual world on a single platform.Because of the recent rapid rise of IoT devices,there has been a lack of standards,leading to a massive increase in unprotected devices connecting to networks.Consequently,cyberattacks on IoT are becoming more common,particularly keylogging attacks,which are often caused by security vulnerabilities on IoT networks.This research focuses on the role of transfer learning and ensemble classifiers in enhancing the detection of keylogging attacks within small,imbalanced IoT datasets.The authors propose a model that combines transfer learning with ensemble classification methods,leading to improved detection accuracy.By leveraging the BoT-IoT and keylogger_detection datasets,they facilitate the transfer of knowledge across various domains.The results reveal that the integration of transfer learning and ensemble classifiers significantly improves detection capabilities,even in scenarios with limited data availability.The proposed TRANS-ENS model showcases exceptional accuracy and a minimal false positive rate,outperforming current deep learning approaches.The primary objectives include:(i)introducing an ensemble feature selection technique to identify common features across models,(ii)creating a pre-trained deep learning model through transfer learning for the detection of keylogging attacks,and(iii)developing a transfer learning-ensemble model dedicated to keylogging detection.Experimental findings indicate that the TRANS-ENS model achieves a detection accuracy of 96.06%and a false alarm rate of 0.12%,surpassing existing models such as CNN,RNN,and LSTM.
文摘Vehicular Ad Hoc Networks(VANETs)are central to Intelligent Transportation Systems(ITS),especially for real-time communication involving emergency vehicles.Yet,Distributed Denial of Service(DDoS)attacks can disrupt safety-critical channels and undermine reliability.This paper presents a robust,scalable framework for detecting DDoS attacks in highway VANETs.We construct a new dataset with Network Simulator 3(NS-3)and Simulation of Urban Mobility(SUMO),enriched with real mobility traces from Germany’s A81 highway(OpenStreetMap).Three traffic classes are modeled:DDoS,Voice over IP(VoIP),and Transmission Control Protocol Based(TCP-based)video streaming(VideoTCP).The pipeline includes normalization,feature selection with SHapley Additive exPlanations(SHAP),and class balancing via Synthetic Minority Over-sampling Technique(SMOTE).Eleven classifiers are benchmarked—including eXtreme Gradient Boosting(XGBoost),Categorical Boosting(CatBoost),Adaptive Boosting(AdaBoost),Gradient Boosting(GB),and an Artificial Neural Network(ANN)—using stratified 5-fold cross-validation.XGBoost,GB,CatBoost and ANN achieve the highest performance(weighted F1-score=97%).To assess robustness under non-ideal conditions,we introduce an adversarial evaluation with packet-loss and traffic-jitter(small-sample deformation);the top models retain strong performance,supporting real-time applicability.Collectively,these results demonstrate that the proposed highway-focused framework is accurate,resilient,and well-suited for deployment in VANET security for emergency communications.
