Zero-click attacks represent an advanced cybersecurity threat,capable of compromising devices without user interaction.High-profile examples such as Pegasus,Simjacker,Bluebugging,and Bluesnarfing exploit hidden vulner...Zero-click attacks represent an advanced cybersecurity threat,capable of compromising devices without user interaction.High-profile examples such as Pegasus,Simjacker,Bluebugging,and Bluesnarfing exploit hidden vulnerabilities in software and communication protocols to silently gain access,exfiltrate data,and enable long-term surveillance.Their stealth and ability to evade traditional defenses make detection and mitigation highly challenging.This paper addresses these threats by systematically mapping the tactics and techniques of zero-click attacks using the MITRE ATT&CK framework,a widely adopted standard for modeling adversarial behavior.Through this mapping,we categorize real-world attack vectors and better understand how such attacks operate across the cyber-kill chain.To support threat detection efforts,we propose an Active Learning-based method to efficiently label the Pegasus spyware dataset in alignment with the MITRE ATT&CK framework.This approach reduces the effort of manually annotating data while improving the quality of the labeled data,which is essential to train robust cybersecurity models.In addition,our analysis highlights the structured execution paths of zero-click attacks and reveals gaps in current defense strategies.The findings emphasize the importance of forward-looking strategies such as continuous surveillance,dynamic threat profiling,and security education.By bridging zero-click attack analysis with the MITRE ATT&CK framework and leveraging machine learning for dataset annotation,this work provides a foundation for more accurate threat detection and the development of more resilient and structured cybersecurity frameworks.展开更多
Transformer-based models have significantly advanced binary code similarity detection(BCSD)by leveraging their semantic encoding capabilities for efficient function matching across diverse compilation settings.Althoug...Transformer-based models have significantly advanced binary code similarity detection(BCSD)by leveraging their semantic encoding capabilities for efficient function matching across diverse compilation settings.Although adversarial examples can strategically undermine the accuracy of BCSD models and protect critical code,existing techniques predominantly depend on inserting artificial instructions,which incur high computational costs and offer limited diversity of perturbations.To address these limitations,we propose AIMA,a novel gradient-guided assembly instruction relocation method.Our method decouples the detection model into tokenization,embedding,and encoding layers to enable efficient gradient computation.Since token IDs of instructions are discrete and nondifferentiable,we compute gradients in the continuous embedding space to evaluate the influence of each token.The most critical tokens are identified by calculating the L2 norm of their embedding gradients.We then establish a mapping between instructions and their corresponding tokens to aggregate token-level importance into instructionlevel significance.To maximize adversarial impact,a sliding window algorithm selects the most influential contiguous segments for relocation,ensuring optimal perturbation with minimal length.This approach efficiently locates critical code regions without expensive search operations.The selected segments are relocated outside their original function boundaries via a jump mechanism,which preserves runtime control flow and functionality while introducing“deletion”effects in the static instruction sequence.Extensive experiments show that AIMA reduces similarity scores by up to 35.8%in state-of-the-art BCSD models.When incorporated into training data,it also enhances model robustness,achieving a 5.9%improvement in AUROC.展开更多
The exponential growth of the Internet of Things(IoT)has introduced significant security challenges,with zero-day attacks emerging as one of the most critical and challenging threats.Traditional Machine Learning(ML)an...The exponential growth of the Internet of Things(IoT)has introduced significant security challenges,with zero-day attacks emerging as one of the most critical and challenging threats.Traditional Machine Learning(ML)and Deep Learning(DL)techniques have demonstrated promising early detection capabilities.However,their effectiveness is limited when handling the vast volumes of IoT-generated data due to scalability constraints,high computational costs,and the costly time-intensive process of data labeling.To address these challenges,this study proposes a Federated Learning(FL)framework that leverages collaborative and hybrid supervised learning to enhance cyber threat detection in IoT networks.By employing Deep Neural Networks(DNNs)and decentralized model training,the approach reduces computational complexity while improving detection accuracy.The proposed model demonstrates robust performance,achieving accuracies of 94.34%,99.95%,and 87.94%on the publicly available kitsune,Bot-IoT,and UNSW-NB15 datasets,respectively.Furthermore,its ability to detect zero-day attacks is validated through evaluations on two additional benchmark datasets,TON-IoT and IoT-23,using a Deep Federated Learning(DFL)framework,underscoring the generalization and effectiveness of the model in heterogeneous and decentralized IoT environments.Experimental results demonstrate superior performance over existing methods,establishing the proposed framework as an efficient and scalable solution for IoT security.展开更多
This paper addresses the consensus problem of nonlinear multi-agent systems subject to external disturbances and uncertainties under denial-ofservice(DoS)attacks.Firstly,an observer-based state feedback control method...This paper addresses the consensus problem of nonlinear multi-agent systems subject to external disturbances and uncertainties under denial-ofservice(DoS)attacks.Firstly,an observer-based state feedback control method is employed to achieve secure control by estimating the system's state in real time.Secondly,by combining a memory-based adaptive eventtriggered mechanism with neural networks,the paper aims to approximate the nonlinear terms in the networked system and efficiently conserve system resources.Finally,based on a two-degree-of-freedom model of a vehicle affected by crosswinds,this paper constructs a multi-unmanned ground vehicle(Multi-UGV)system to validate the effectiveness of the proposed method.Simulation results show that the proposed control strategy can effectively handle external disturbances such as crosswinds in practical applications,ensuring the stability and reliable operation of the Multi-UGV system.展开更多
Watermarking is embedding visible or invisible data within media to verify its authenticity or protect copyright.The watermark is embedded in significant spatial or frequency features of the media to make it more resi...Watermarking is embedding visible or invisible data within media to verify its authenticity or protect copyright.The watermark is embedded in significant spatial or frequency features of the media to make it more resistant to intentional or unintentional modification.Some of these features are important perceptual features according to the human visual system(HVS),which means that the embedded watermark should be imperceptible in these features.Therefore,both the designers of watermarking algorithms and potential attackers must consider these perceptual features when carrying out their actions.The two roles will be considered in this paper when designing a robust watermarking algorithm against the most harmful attacks,like volumetric scaling,histogram equalization,and non-conventional watermarking attacks like the Denoising Convolution Neural Network(DnCNN),which must be considered in watermarking algorithm design due to its rising role in the state-of-the-art attacks.The DnCNN is initialized and trained using watermarked image samples created by our proposed Covert and Severe Attacks Resistant Watermarking Algorithm(CSRWA)to prove its robustness.For this algorithm to satisfy the robustness and imperceptibility tradeoff,implementing the Dither Modulation(DM)algorithm is boosted by utilizing the Just Noticeable Distortion(JND)principle to get an improved performance in this sense.Sensitivity,luminance,inter and intra-block contrast are used to adjust the JND values.展开更多
Ballet is one of the finalists of the block cipher project in the 2019 National Cryptographic Algorithm Design Competition.This study aims to conduct a comprehensive security evaluation of Ballet from the perspective ...Ballet is one of the finalists of the block cipher project in the 2019 National Cryptographic Algorithm Design Competition.This study aims to conduct a comprehensive security evaluation of Ballet from the perspective of differential-linear(DL)cryptanalysis.Specifically,we present an automated search for the DL distinguishers of Ballet based on MILP/MIQCP.For the versions with block sizes of 128 and 256 bits,we obtain 16 and 22 rounds distinguishers with estimated correlations of 2^(-59.89)and 2^(-116.80),both of which are the publicly longest distinguishers.In addition,this study incorporates the complexity information of key-recovery attacks into the automated model,to search for the optimal key-recovery attack structures based on DL distinguishers.As a result,we mount the key-recovery attacks on 16-round Ballet-128/128,17-round Ballet-128/256,and 21-round Ballet-256/256.The data/time complexities for these attacks are 2^(108.36)/2^(120.36),2^(115.90)/2^(192),and 2^(227.62)/2^(240.67),respectively.展开更多
Dear Editor,The attacker is always going to intrude covertly networked control systems(NCSs)by dynamically changing false data injection attacks(FDIAs)strategy,while the defender try their best to resist attacks by de...Dear Editor,The attacker is always going to intrude covertly networked control systems(NCSs)by dynamically changing false data injection attacks(FDIAs)strategy,while the defender try their best to resist attacks by designing defense strategy on the basis of identifying attack strategy,maintaining stable operation of NCSs.To solve this attack-defense game problem,this letter investigates optimal secure control of NCSs under FDIAs.First,for the alterations of energy caused by false data,a novel attack-defense game model is constructed,which considers the changes of energy caused by the actions of the defender and attacker in the forward and feedback channels.展开更多
This paper investigates the problem of optimal secure control for networked control systems under hybrid attacks.A control strategy based on the Stackelberg game framework is proposed,which differs from conventional m...This paper investigates the problem of optimal secure control for networked control systems under hybrid attacks.A control strategy based on the Stackelberg game framework is proposed,which differs from conventional methods by considering both denial-of-service(DoS)and false data injection(FDI)attacks simultaneously.Additionally,the stability conditions for the system under these hybrid attacks are established.It is technically challenging to design the control strategy by predicting attacker actions based on Stcakelberg game to ensure the system stability under hybrid attacks.Another technical difficulty lies in establishing the conditions for mean-square asymptotic stability due to the complexity of the attack scenarios Finally,simulations on an unstable batch reactor system under hybrid attacks demonstrate the effectiveness of the proposed strategy.展开更多
This paper introduces a robust Distributed Denial-of-Service attack detection framework tailored for Software-Defined Networking based Internet of Things environments,built upon a novel,syntheticmulti-vector dataset g...This paper introduces a robust Distributed Denial-of-Service attack detection framework tailored for Software-Defined Networking based Internet of Things environments,built upon a novel,syntheticmulti-vector dataset generated in a Mininet-Ryu testbed using real-time flow-based labeling.The proposed model is based on the XGBoost algorithm,optimized with Principal Component Analysis for dimensionality reduction,utilizing lightweight flowlevel features extracted from Open Flow statistics to classify attacks across critical IoT protocols including TCP,UDP,HTTP,MQTT,and CoAP.The model employs lightweight flow-level features extracted from Open Flow statistics to ensure low computational overhead and fast processing.Performance was rigorously evaluated using key metrics,including Accuracy,Precision,Recall,F1-Score,False Alarm Rate,AUC-ROC,and Detection Time.Experimental results demonstrate the model’s high performance,achieving an accuracy of 98.93%and a low FAR of 0.86%,with a rapid median detection time of 1.02 s.This efficiency validates its superiority in meeting critical Key Performance Indicators,such as Latency and high Throughput,necessary for time-sensitive SDN-IoT systems.Furthermore,the model’s robustness and statistically significant outperformance against baseline models such as Random Forest,k-Nearest Neighbors,and Gradient Boosting Machine,validating through statistical tests using Wilcoxon signed-rank test and confirmed via successful deployment in a real SDN testbed for live traffic detection and mitigation.展开更多
As the density of wireless networks increases globally, the vulnerability of overlapped dense wireless communications to interference by hidden nodes and denial-of-service (DoS) attacks is becoming more apparent. Ther...As the density of wireless networks increases globally, the vulnerability of overlapped dense wireless communications to interference by hidden nodes and denial-of-service (DoS) attacks is becoming more apparent. There exists a gap in research on the detection and response to attacks on Medium Access Control (MAC) mechanisms themselves, which would lead to service outages between nodes. Classifying exploitation and deceptive jamming attacks on control mechanisms is particularly challengingdue to their resemblance to normal heavy communication patterns. Accordingly, this paper proposes a machine learning-based selective attack mitigation model that detects DoS attacks on wireless networks by monitoring packet log data. Based on the type of detected attack, it implements effective corresponding mitigation techniques to restore performance to nodes whose availability has been compromised. Experimental results reveal that the accuracy of the proposed model is 14% higher than that of a baseline anomaly detection model. Further, the appropriate mitigation techniques selected by the proposed system based on the attack type improve the average throughput by more than 440% compared to the case without a response.展开更多
Federated Graph Neural Networks (FedGNNs) have achieved significant success in representation learning for graph data, enabling collaborative training among multiple parties without sharing their raw graph data and so...Federated Graph Neural Networks (FedGNNs) have achieved significant success in representation learning for graph data, enabling collaborative training among multiple parties without sharing their raw graph data and solving the data isolation problem faced by centralized GNNs in data-sensitive scenarios. Despite the plethora of prior work on inference attacks against centralized GNNs, the vulnerability of FedGNNs to inference attacks has not yet been widely explored. It is still unclear whether the privacy leakage risks of centralized GNNs will also be introduced in FedGNNs. To bridge this gap, we present PIAFGNN, the first property inference attack (PIA) against FedGNNs. Compared with prior works on centralized GNNs, in PIAFGNN, the attacker can only obtain the global embedding gradient distributed by the central server. The attacker converts the task of stealing the target user’s local embeddings into a regression problem, using a regression model to generate the target graph node embeddings. By training shadow models and property classifiers, the attacker can infer the basic property information within the target graph that is of interest. Experiments on three benchmark graph datasets demonstrate that PIAFGNN achieves attack accuracy of over 70% in most cases, even approaching the attack accuracy of inference attacks against centralized GNNs in some instances, which is much higher than the attack accuracy of the random guessing method. Furthermore, we observe that common defense mechanisms cannot mitigate our attack without affecting the model’s performance on mainly classification tasks.展开更多
Dear Editor,The letter deals with the distributed state and fault estimation of the whole physical layer for cyber-physical systems(CPSs) when the cyber layer suffers from DoS attacks. With the advancement of embedded...Dear Editor,The letter deals with the distributed state and fault estimation of the whole physical layer for cyber-physical systems(CPSs) when the cyber layer suffers from DoS attacks. With the advancement of embedded computing, communication and related hardware technologies, CPSs have attracted extensive attention and have been widely used in power system, traffic network, refrigeration system and other fields.展开更多
In this paper, the attack detection problem is investigated for a class of closed-loop systems subjected to unknownbutbounded noises in the presence of stealthy attacks. The measurement outputs from the sensors are qu...In this paper, the attack detection problem is investigated for a class of closed-loop systems subjected to unknownbutbounded noises in the presence of stealthy attacks. The measurement outputs from the sensors are quantized before transmission.A specific type of perfect stealthy attack, which meets certain rather stringent conditions, is taken into account. Such attacks could be injected by adversaries into both the sensor-toestimator and controller-to-actuator channels, with the aim of disrupting the normal data flow. For the purpose of defending against these perfect stealthy attacks, a novel scheme based on watermarks is developed. This scheme includes the injection of watermarks(applied to data prior to quantization) and the recovery of data(implemented before the data reaches the estimator).The watermark-based scheme is designed to be both timevarying and hidden from adversaries through incorporating a time-varying and bounded watermark signal. Subsequently, a watermark-based attack detection strategy is proposed which thoroughly considers the characteristics of perfect stealthy attacks,thereby ensuring that an alarm is activated upon the occurrence of such attacks. An example is provided to demonstrate the efficacy of the proposed mechanism for detecting attacks.展开更多
Dear Editor,This letter deals with the stabilization of a resilient model predictive control(MPC)algorithm with a dynamic event-triggered mechanism subject to Denial-of-Service(Do S)attacks.Different from previous wor...Dear Editor,This letter deals with the stabilization of a resilient model predictive control(MPC)algorithm with a dynamic event-triggered mechanism subject to Denial-of-Service(Do S)attacks.Different from previous works,this letter is based on the designed threshold function to dynamically trigger and gives the upper bound conditions for intersampling intervals with attack and attack-free scenarios to converge.展开更多
The Industrial Internet of Things(IIoT)is increasingly vulnerable to sophisticated cyber threats,particularly zero-day attacks that exploit unknown vulnerabilities and evade traditional security measures.To address th...The Industrial Internet of Things(IIoT)is increasingly vulnerable to sophisticated cyber threats,particularly zero-day attacks that exploit unknown vulnerabilities and evade traditional security measures.To address this critical challenge,this paper proposes a dynamic defense framework named Zero-day-aware Stackelberg Game-based Multi-Agent Distributed Deep Deterministic Policy Gradient(ZSG-MAD3PG).The framework integrates Stackelberg game modeling with the Multi-Agent Distributed Deep Deterministic Policy Gradient(MAD3PG)algorithm and incorporates defensive deception(DD)strategies to achieve adaptive and efficient protection.While conventional methods typically incur considerable resource overhead and exhibit higher latency due to static or rigid defensive mechanisms,the proposed ZSG-MAD3PG framework mitigates these limitations through multi-stage game modeling and adaptive learning,enabling more efficient resource utilization and faster response times.The Stackelberg-based architecture allows defenders to dynamically optimize packet sampling strategies,while attackers adjust their tactics to reach rapid equilibrium.Furthermore,dynamic deception techniques reduce the time required for the concealment of attacks and the overall system burden.A lightweight behavioral fingerprinting detection mechanism further enhances real-time zero-day attack identification within industrial device clusters.ZSG-MAD3PG demonstrates higher true positive rates(TPR)and lower false alarm rates(FAR)compared to existing methods,while also achieving improved latency,resource efficiency,and stealth adaptability in IIoT zero-day defense scenarios.展开更多
Federated Learning(FL),a practical solution that leverages distributed data across devices without the need for centralized data storage,which enables multiple participants to jointly train models while preserving dat...Federated Learning(FL),a practical solution that leverages distributed data across devices without the need for centralized data storage,which enables multiple participants to jointly train models while preserving data privacy and avoiding direct data sharing.Despite its privacy-preserving advantages,FL remains vulnerable to backdoor attacks,where malicious participants introduce backdoors into local models that are then propagated to the global model through the aggregation process.While existing differential privacy defenses have demonstrated effectiveness against backdoor attacks in FL,they often incur a significant degradation in the performance of the aggregated models on benign tasks.To address this limitation,we propose a novel backdoor defense mechanism based on differential privacy.Our approach first utilizes the inherent out-of-distribution characteristics of backdoor samples to identify and exclude malicious model updates that significantly deviate from benign models.By filtering out models that are clearly backdoor-infected before applying differential privacy,our method reduces the required noise level for differential privacy,thereby enhancing model robustness while preserving performance.Experimental evaluations on the CIFAR10 and FEMNIST datasets demonstrate that our method effectively limits the backdoor accuracy to below 15%across various backdoor scenarios while maintaining high main task accuracy.展开更多
Attribute-based encryption(ABE)is a cryptographic framework that provides flexible access control by allowing encryption based on user attributes.ABE is widely applied in cloud storage,file sharing,e-Health,and digita...Attribute-based encryption(ABE)is a cryptographic framework that provides flexible access control by allowing encryption based on user attributes.ABE is widely applied in cloud storage,file sharing,e-Health,and digital rightsmanagement.ABE schemes rely on hard cryptographic assumptions such as pairings and others(pairingfree)to ensure their security against external and internal attacks.Internal attacks are carried out by authorized users who misuse their access to compromise security with potentially malicious intent.One common internal attack is the attribute collusion attack,in which users with different attribute keys collaborate to decrypt data they could not individually access.This paper focuses on the ciphertext-policy ABE(CP-ABE),a type of ABE where ciphertexts are produced with access policies.Our firstwork is to carry out the attribute collusion attack against several existing pairingfree CP-ABE schemes.As a main contribution,we introduce a novel attack,termed the anonymous key-leakage attack,concerning the context in which users could anonymously publish their secret keys associated with certain attributes on public platforms without the risk of detection.This kind of internal attack has not been defined or investigated in the literature.We then show that several prominent pairing-based CP-ABE schemes are vulnerable to this attack.We believe that this work will contribute to helping the community evaluate suitable CP-ABE schemes for secure deployment in real-life applications.展开更多
Among the four candidate algorithms in the fourth round of NIST standardization,the BIKE(Bit Flipping Key Encapsulation)scheme has a small key size and high efficiency,showing good prospects for application.However,th...Among the four candidate algorithms in the fourth round of NIST standardization,the BIKE(Bit Flipping Key Encapsulation)scheme has a small key size and high efficiency,showing good prospects for application.However,the BIKE scheme based on QC-MDPC(Quasi Cyclic Medium Density Parity Check)codes still faces challenges such as the GJS attack and weak key attacks targeting the decoding failure rate(DFR).This paper analyzes the BGF decoding algorithm of the BIKE scheme,revealing two deep factors that lead to DFR,and proposes a weak key optimization attack method for the BGF decoding algorithm based on these two factors.The proposed method constructs a new weak key set,and experiment results eventually indicate that,considering BIKE’s parameter set targeting 128-bit security,the average decryption failure rate is lowerly bounded by.This result not only highlights a significant vulnerability in the BIKE scheme but also provides valuable insights for future improvements in its design.By addressing these weaknesses,the robustness of QC-MDPC code-based cryptographic systems can be enhanced,paving the way for more secure post-quantum cryptographic solutions.展开更多
Deep neural networks(DNNs)have found extensive applications in safety-critical artificial intelligence systems,such as autonomous driving and facial recognition systems.However,recent research has revealed their susce...Deep neural networks(DNNs)have found extensive applications in safety-critical artificial intelligence systems,such as autonomous driving and facial recognition systems.However,recent research has revealed their susceptibility to backdoors maliciously injected by adversaries.This vulnerability arises due to the intricate architecture and opacity of DNNs,resulting in numerous redundant neurons embedded within the models.Adversaries exploit these vulnerabilities to conceal malicious backdoor information within DNNs,thereby causing erroneous outputs and posing substantial threats to the efficacy of DNN-based applications.This article presents a comprehensive survey of backdoor attacks against DNNs and the countermeasure methods employed to mitigate them.Initially,we trace the evolution of the concept from traditional backdoor attacks to backdoor attacks against DNNs,highlighting the feasibility and practicality of generating backdoor attacks against DNNs.Subsequently,we provide an overview of notable works encompassing various attack and defense strategies,facilitating a comparative analysis of their approaches.Through these discussions,we offer constructive insights aimed at refining these techniques.Finally,we extend our research perspective to the domain of large language models(LLMs)and synthesize the characteristics and developmental trends of backdoor attacks and defense methods targeting LLMs.Through a systematic review of existing studies on backdoor vulnerabilities in LLMs,we identify critical open challenges in this field and propose actionable directions for future research.展开更多
This paper proposes a model-based control framework for vehicle platooning systems with secondorder nonlinear dynamics operating over switching signed networks,time-varying delays,and deception attacks.The study inclu...This paper proposes a model-based control framework for vehicle platooning systems with secondorder nonlinear dynamics operating over switching signed networks,time-varying delays,and deception attacks.The study includes two configurations:a leaderless structure using Finite-Time Non-Singular Terminal Bipartite Consensus(FNTBC)and Fixed-Time Bipartite Consensus(FXTBC),and a leader—follower structure ensuring structural balance and robustness against deceptive signals.In the leaderless model,a bipartite controller based on impulsive control theory,gauge transformation,and Markovian switching Lyapunov functions ensures mean-square stability and coordination under deception attacks and communication delays.The FNTBC achieves finite-time convergence depending on initial conditions,while the FXTBC guarantees fixed-time convergence independent of them,providing adaptability to different operating states.In the leader—follower case,a discontinuous impulsive control law synchronizes all followers with the leader despite deceptive attacks and switching topologies,maintaining robust coordination through nonlinear corrective mechanisms.To validate the approach,simulations are conducted on systems of five and seventeen vehicles in both leaderless and leader—follower configurations.The results demonstrate that the proposed framework achieves rapid consensus,strong robustness,and high resistance to deception attacks,offering a secure and scalable model-based control solution for modern vehicular communication networks.展开更多
文摘Zero-click attacks represent an advanced cybersecurity threat,capable of compromising devices without user interaction.High-profile examples such as Pegasus,Simjacker,Bluebugging,and Bluesnarfing exploit hidden vulnerabilities in software and communication protocols to silently gain access,exfiltrate data,and enable long-term surveillance.Their stealth and ability to evade traditional defenses make detection and mitigation highly challenging.This paper addresses these threats by systematically mapping the tactics and techniques of zero-click attacks using the MITRE ATT&CK framework,a widely adopted standard for modeling adversarial behavior.Through this mapping,we categorize real-world attack vectors and better understand how such attacks operate across the cyber-kill chain.To support threat detection efforts,we propose an Active Learning-based method to efficiently label the Pegasus spyware dataset in alignment with the MITRE ATT&CK framework.This approach reduces the effort of manually annotating data while improving the quality of the labeled data,which is essential to train robust cybersecurity models.In addition,our analysis highlights the structured execution paths of zero-click attacks and reveals gaps in current defense strategies.The findings emphasize the importance of forward-looking strategies such as continuous surveillance,dynamic threat profiling,and security education.By bridging zero-click attack analysis with the MITRE ATT&CK framework and leveraging machine learning for dataset annotation,this work provides a foundation for more accurate threat detection and the development of more resilient and structured cybersecurity frameworks.
基金supported by Key Laboratory of Cyberspace Security,Ministry of Education,China。
文摘Transformer-based models have significantly advanced binary code similarity detection(BCSD)by leveraging their semantic encoding capabilities for efficient function matching across diverse compilation settings.Although adversarial examples can strategically undermine the accuracy of BCSD models and protect critical code,existing techniques predominantly depend on inserting artificial instructions,which incur high computational costs and offer limited diversity of perturbations.To address these limitations,we propose AIMA,a novel gradient-guided assembly instruction relocation method.Our method decouples the detection model into tokenization,embedding,and encoding layers to enable efficient gradient computation.Since token IDs of instructions are discrete and nondifferentiable,we compute gradients in the continuous embedding space to evaluate the influence of each token.The most critical tokens are identified by calculating the L2 norm of their embedding gradients.We then establish a mapping between instructions and their corresponding tokens to aggregate token-level importance into instructionlevel significance.To maximize adversarial impact,a sliding window algorithm selects the most influential contiguous segments for relocation,ensuring optimal perturbation with minimal length.This approach efficiently locates critical code regions without expensive search operations.The selected segments are relocated outside their original function boundaries via a jump mechanism,which preserves runtime control flow and functionality while introducing“deletion”effects in the static instruction sequence.Extensive experiments show that AIMA reduces similarity scores by up to 35.8%in state-of-the-art BCSD models.When incorporated into training data,it also enhances model robustness,achieving a 5.9%improvement in AUROC.
基金supported by Princess Nourah bint Abdulrahman University Researchers Supporting Project Number(PNURSP2025R97)Princess Nourah bint Abdulrahman University,Riyadh,Saudi Arabia.
文摘The exponential growth of the Internet of Things(IoT)has introduced significant security challenges,with zero-day attacks emerging as one of the most critical and challenging threats.Traditional Machine Learning(ML)and Deep Learning(DL)techniques have demonstrated promising early detection capabilities.However,their effectiveness is limited when handling the vast volumes of IoT-generated data due to scalability constraints,high computational costs,and the costly time-intensive process of data labeling.To address these challenges,this study proposes a Federated Learning(FL)framework that leverages collaborative and hybrid supervised learning to enhance cyber threat detection in IoT networks.By employing Deep Neural Networks(DNNs)and decentralized model training,the approach reduces computational complexity while improving detection accuracy.The proposed model demonstrates robust performance,achieving accuracies of 94.34%,99.95%,and 87.94%on the publicly available kitsune,Bot-IoT,and UNSW-NB15 datasets,respectively.Furthermore,its ability to detect zero-day attacks is validated through evaluations on two additional benchmark datasets,TON-IoT and IoT-23,using a Deep Federated Learning(DFL)framework,underscoring the generalization and effectiveness of the model in heterogeneous and decentralized IoT environments.Experimental results demonstrate superior performance over existing methods,establishing the proposed framework as an efficient and scalable solution for IoT security.
基金The National Natural Science Foundation of China(W2431048)The Science and Technology Research Program of Chongqing Municipal Education Commission,China(KJZDK202300807)The Chongqing Natural Science Foundation,China(CSTB2024NSCQQCXMX0052).
文摘This paper addresses the consensus problem of nonlinear multi-agent systems subject to external disturbances and uncertainties under denial-ofservice(DoS)attacks.Firstly,an observer-based state feedback control method is employed to achieve secure control by estimating the system's state in real time.Secondly,by combining a memory-based adaptive eventtriggered mechanism with neural networks,the paper aims to approximate the nonlinear terms in the networked system and efficiently conserve system resources.Finally,based on a two-degree-of-freedom model of a vehicle affected by crosswinds,this paper constructs a multi-unmanned ground vehicle(Multi-UGV)system to validate the effectiveness of the proposed method.Simulation results show that the proposed control strategy can effectively handle external disturbances such as crosswinds in practical applications,ensuring the stability and reliable operation of the Multi-UGV system.
文摘Watermarking is embedding visible or invisible data within media to verify its authenticity or protect copyright.The watermark is embedded in significant spatial or frequency features of the media to make it more resistant to intentional or unintentional modification.Some of these features are important perceptual features according to the human visual system(HVS),which means that the embedded watermark should be imperceptible in these features.Therefore,both the designers of watermarking algorithms and potential attackers must consider these perceptual features when carrying out their actions.The two roles will be considered in this paper when designing a robust watermarking algorithm against the most harmful attacks,like volumetric scaling,histogram equalization,and non-conventional watermarking attacks like the Denoising Convolution Neural Network(DnCNN),which must be considered in watermarking algorithm design due to its rising role in the state-of-the-art attacks.The DnCNN is initialized and trained using watermarked image samples created by our proposed Covert and Severe Attacks Resistant Watermarking Algorithm(CSRWA)to prove its robustness.For this algorithm to satisfy the robustness and imperceptibility tradeoff,implementing the Dither Modulation(DM)algorithm is boosted by utilizing the Just Noticeable Distortion(JND)principle to get an improved performance in this sense.Sensitivity,luminance,inter and intra-block contrast are used to adjust the JND values.
基金National Natural Science Foundation of China(62272147,12471492,62072161,12401687)Shandong Provincial Natural Science Foundation(ZR2024QA205)+1 种基金Science and Technology on Communication Security Laboratory Foundation(6142103012207)Innovation Group Project of the Natural Science Foundation of Hubei Province of China(2023AFA021)。
文摘Ballet is one of the finalists of the block cipher project in the 2019 National Cryptographic Algorithm Design Competition.This study aims to conduct a comprehensive security evaluation of Ballet from the perspective of differential-linear(DL)cryptanalysis.Specifically,we present an automated search for the DL distinguishers of Ballet based on MILP/MIQCP.For the versions with block sizes of 128 and 256 bits,we obtain 16 and 22 rounds distinguishers with estimated correlations of 2^(-59.89)and 2^(-116.80),both of which are the publicly longest distinguishers.In addition,this study incorporates the complexity information of key-recovery attacks into the automated model,to search for the optimal key-recovery attack structures based on DL distinguishers.As a result,we mount the key-recovery attacks on 16-round Ballet-128/128,17-round Ballet-128/256,and 21-round Ballet-256/256.The data/time complexities for these attacks are 2^(108.36)/2^(120.36),2^(115.90)/2^(192),and 2^(227.62)/2^(240.67),respectively.
基金supported in part by the National Science Foundation of China(62373240,62273224,U24A20259).
文摘Dear Editor,The attacker is always going to intrude covertly networked control systems(NCSs)by dynamically changing false data injection attacks(FDIAs)strategy,while the defender try their best to resist attacks by designing defense strategy on the basis of identifying attack strategy,maintaining stable operation of NCSs.To solve this attack-defense game problem,this letter investigates optimal secure control of NCSs under FDIAs.First,for the alterations of energy caused by false data,a novel attack-defense game model is constructed,which considers the changes of energy caused by the actions of the defender and attacker in the forward and feedback channels.
基金supported in part by Shanghai Rising-Star Program,China under grant 22QA1409400in part by National Natural Science Foundation of China under grant 62473287 and 62088101in part by Shanghai Municipal Science and Technology Major Project under grant 2021SHZDZX0100.
文摘This paper investigates the problem of optimal secure control for networked control systems under hybrid attacks.A control strategy based on the Stackelberg game framework is proposed,which differs from conventional methods by considering both denial-of-service(DoS)and false data injection(FDI)attacks simultaneously.Additionally,the stability conditions for the system under these hybrid attacks are established.It is technically challenging to design the control strategy by predicting attacker actions based on Stcakelberg game to ensure the system stability under hybrid attacks.Another technical difficulty lies in establishing the conditions for mean-square asymptotic stability due to the complexity of the attack scenarios Finally,simulations on an unstable batch reactor system under hybrid attacks demonstrate the effectiveness of the proposed strategy.
文摘This paper introduces a robust Distributed Denial-of-Service attack detection framework tailored for Software-Defined Networking based Internet of Things environments,built upon a novel,syntheticmulti-vector dataset generated in a Mininet-Ryu testbed using real-time flow-based labeling.The proposed model is based on the XGBoost algorithm,optimized with Principal Component Analysis for dimensionality reduction,utilizing lightweight flowlevel features extracted from Open Flow statistics to classify attacks across critical IoT protocols including TCP,UDP,HTTP,MQTT,and CoAP.The model employs lightweight flow-level features extracted from Open Flow statistics to ensure low computational overhead and fast processing.Performance was rigorously evaluated using key metrics,including Accuracy,Precision,Recall,F1-Score,False Alarm Rate,AUC-ROC,and Detection Time.Experimental results demonstrate the model’s high performance,achieving an accuracy of 98.93%and a low FAR of 0.86%,with a rapid median detection time of 1.02 s.This efficiency validates its superiority in meeting critical Key Performance Indicators,such as Latency and high Throughput,necessary for time-sensitive SDN-IoT systems.Furthermore,the model’s robustness and statistically significant outperformance against baseline models such as Random Forest,k-Nearest Neighbors,and Gradient Boosting Machine,validating through statistical tests using Wilcoxon signed-rank test and confirmed via successful deployment in a real SDN testbed for live traffic detection and mitigation.
基金supported by the Ministry of Trade,Industry and Energy(MOTIE)under Training Industrial Security Specialist for High-Tech Industry(RS-2024-00415520)supervised by the Korea Institute for Advancement of Technology(KIAT)the Ministry of Science and ICT(MSIT)under the ICT Challenge and Advanced Network of HRD(ICAN)Program(No.IITP-2022-RS-2022-00156310)supervised by the Institute of Information&Communication Technology Planning&Evaluation(IITP).
文摘As the density of wireless networks increases globally, the vulnerability of overlapped dense wireless communications to interference by hidden nodes and denial-of-service (DoS) attacks is becoming more apparent. There exists a gap in research on the detection and response to attacks on Medium Access Control (MAC) mechanisms themselves, which would lead to service outages between nodes. Classifying exploitation and deceptive jamming attacks on control mechanisms is particularly challengingdue to their resemblance to normal heavy communication patterns. Accordingly, this paper proposes a machine learning-based selective attack mitigation model that detects DoS attacks on wireless networks by monitoring packet log data. Based on the type of detected attack, it implements effective corresponding mitigation techniques to restore performance to nodes whose availability has been compromised. Experimental results reveal that the accuracy of the proposed model is 14% higher than that of a baseline anomaly detection model. Further, the appropriate mitigation techniques selected by the proposed system based on the attack type improve the average throughput by more than 440% compared to the case without a response.
基金supported by the National Natural Science Foundation of China(Nos.62176122 and 62061146002).
文摘Federated Graph Neural Networks (FedGNNs) have achieved significant success in representation learning for graph data, enabling collaborative training among multiple parties without sharing their raw graph data and solving the data isolation problem faced by centralized GNNs in data-sensitive scenarios. Despite the plethora of prior work on inference attacks against centralized GNNs, the vulnerability of FedGNNs to inference attacks has not yet been widely explored. It is still unclear whether the privacy leakage risks of centralized GNNs will also be introduced in FedGNNs. To bridge this gap, we present PIAFGNN, the first property inference attack (PIA) against FedGNNs. Compared with prior works on centralized GNNs, in PIAFGNN, the attacker can only obtain the global embedding gradient distributed by the central server. The attacker converts the task of stealing the target user’s local embeddings into a regression problem, using a regression model to generate the target graph node embeddings. By training shadow models and property classifiers, the attacker can infer the basic property information within the target graph that is of interest. Experiments on three benchmark graph datasets demonstrate that PIAFGNN achieves attack accuracy of over 70% in most cases, even approaching the attack accuracy of inference attacks against centralized GNNs in some instances, which is much higher than the attack accuracy of the random guessing method. Furthermore, we observe that common defense mechanisms cannot mitigate our attack without affecting the model’s performance on mainly classification tasks.
基金supported by the National Natural Science Foundation of China(62303273,62373226)the National Research Foundation,Singapore through the Medium Sized Center for Advanced Robotics Technology Innovation(WP2.7)
文摘Dear Editor,The letter deals with the distributed state and fault estimation of the whole physical layer for cyber-physical systems(CPSs) when the cyber layer suffers from DoS attacks. With the advancement of embedded computing, communication and related hardware technologies, CPSs have attracted extensive attention and have been widely used in power system, traffic network, refrigeration system and other fields.
基金supported in part by the National Natural Science Foundation of China(61933007,62273087,62273088,U21A2019)the Shanghai Pujiang Program of China(22PJ1400400)+2 种基金the Hainan Province Science and Technology Special Fund of China(ZDYF2022SHFZ105)the Royal Society of U.K.the Alexander von Humboldt Foundation of Germany
文摘In this paper, the attack detection problem is investigated for a class of closed-loop systems subjected to unknownbutbounded noises in the presence of stealthy attacks. The measurement outputs from the sensors are quantized before transmission.A specific type of perfect stealthy attack, which meets certain rather stringent conditions, is taken into account. Such attacks could be injected by adversaries into both the sensor-toestimator and controller-to-actuator channels, with the aim of disrupting the normal data flow. For the purpose of defending against these perfect stealthy attacks, a novel scheme based on watermarks is developed. This scheme includes the injection of watermarks(applied to data prior to quantization) and the recovery of data(implemented before the data reaches the estimator).The watermark-based scheme is designed to be both timevarying and hidden from adversaries through incorporating a time-varying and bounded watermark signal. Subsequently, a watermark-based attack detection strategy is proposed which thoroughly considers the characteristics of perfect stealthy attacks,thereby ensuring that an alarm is activated upon the occurrence of such attacks. An example is provided to demonstrate the efficacy of the proposed mechanism for detecting attacks.
文摘Dear Editor,This letter deals with the stabilization of a resilient model predictive control(MPC)algorithm with a dynamic event-triggered mechanism subject to Denial-of-Service(Do S)attacks.Different from previous works,this letter is based on the designed threshold function to dynamically trigger and gives the upper bound conditions for intersampling intervals with attack and attack-free scenarios to converge.
基金funded in part by the Humanities and Social Sciences Planning Foundation of Ministry of Education of China under Grant No.24YJAZH123National Undergraduate Innovation and Entrepreneurship Training Program of China under Grant No.202510347069the Huzhou Science and Technology Planning Foundation under Grant No.2023GZ04.
文摘The Industrial Internet of Things(IIoT)is increasingly vulnerable to sophisticated cyber threats,particularly zero-day attacks that exploit unknown vulnerabilities and evade traditional security measures.To address this critical challenge,this paper proposes a dynamic defense framework named Zero-day-aware Stackelberg Game-based Multi-Agent Distributed Deep Deterministic Policy Gradient(ZSG-MAD3PG).The framework integrates Stackelberg game modeling with the Multi-Agent Distributed Deep Deterministic Policy Gradient(MAD3PG)algorithm and incorporates defensive deception(DD)strategies to achieve adaptive and efficient protection.While conventional methods typically incur considerable resource overhead and exhibit higher latency due to static or rigid defensive mechanisms,the proposed ZSG-MAD3PG framework mitigates these limitations through multi-stage game modeling and adaptive learning,enabling more efficient resource utilization and faster response times.The Stackelberg-based architecture allows defenders to dynamically optimize packet sampling strategies,while attackers adjust their tactics to reach rapid equilibrium.Furthermore,dynamic deception techniques reduce the time required for the concealment of attacks and the overall system burden.A lightweight behavioral fingerprinting detection mechanism further enhances real-time zero-day attack identification within industrial device clusters.ZSG-MAD3PG demonstrates higher true positive rates(TPR)and lower false alarm rates(FAR)compared to existing methods,while also achieving improved latency,resource efficiency,and stealth adaptability in IIoT zero-day defense scenarios.
文摘Federated Learning(FL),a practical solution that leverages distributed data across devices without the need for centralized data storage,which enables multiple participants to jointly train models while preserving data privacy and avoiding direct data sharing.Despite its privacy-preserving advantages,FL remains vulnerable to backdoor attacks,where malicious participants introduce backdoors into local models that are then propagated to the global model through the aggregation process.While existing differential privacy defenses have demonstrated effectiveness against backdoor attacks in FL,they often incur a significant degradation in the performance of the aggregated models on benign tasks.To address this limitation,we propose a novel backdoor defense mechanism based on differential privacy.Our approach first utilizes the inherent out-of-distribution characteristics of backdoor samples to identify and exclude malicious model updates that significantly deviate from benign models.By filtering out models that are clearly backdoor-infected before applying differential privacy,our method reduces the required noise level for differential privacy,thereby enhancing model robustness while preserving performance.Experimental evaluations on the CIFAR10 and FEMNIST datasets demonstrate that our method effectively limits the backdoor accuracy to below 15%across various backdoor scenarios while maintaining high main task accuracy.
文摘Attribute-based encryption(ABE)is a cryptographic framework that provides flexible access control by allowing encryption based on user attributes.ABE is widely applied in cloud storage,file sharing,e-Health,and digital rightsmanagement.ABE schemes rely on hard cryptographic assumptions such as pairings and others(pairingfree)to ensure their security against external and internal attacks.Internal attacks are carried out by authorized users who misuse their access to compromise security with potentially malicious intent.One common internal attack is the attribute collusion attack,in which users with different attribute keys collaborate to decrypt data they could not individually access.This paper focuses on the ciphertext-policy ABE(CP-ABE),a type of ABE where ciphertexts are produced with access policies.Our firstwork is to carry out the attribute collusion attack against several existing pairingfree CP-ABE schemes.As a main contribution,we introduce a novel attack,termed the anonymous key-leakage attack,concerning the context in which users could anonymously publish their secret keys associated with certain attributes on public platforms without the risk of detection.This kind of internal attack has not been defined or investigated in the literature.We then show that several prominent pairing-based CP-ABE schemes are vulnerable to this attack.We believe that this work will contribute to helping the community evaluate suitable CP-ABE schemes for secure deployment in real-life applications.
基金funded by Beijing Institute of Electronic Science and Technology Postgraduate Excellence Demonstration Course Project(20230002Z0452).
文摘Among the four candidate algorithms in the fourth round of NIST standardization,the BIKE(Bit Flipping Key Encapsulation)scheme has a small key size and high efficiency,showing good prospects for application.However,the BIKE scheme based on QC-MDPC(Quasi Cyclic Medium Density Parity Check)codes still faces challenges such as the GJS attack and weak key attacks targeting the decoding failure rate(DFR).This paper analyzes the BGF decoding algorithm of the BIKE scheme,revealing two deep factors that lead to DFR,and proposes a weak key optimization attack method for the BGF decoding algorithm based on these two factors.The proposed method constructs a new weak key set,and experiment results eventually indicate that,considering BIKE’s parameter set targeting 128-bit security,the average decryption failure rate is lowerly bounded by.This result not only highlights a significant vulnerability in the BIKE scheme but also provides valuable insights for future improvements in its design.By addressing these weaknesses,the robustness of QC-MDPC code-based cryptographic systems can be enhanced,paving the way for more secure post-quantum cryptographic solutions.
基金supported in part by the National Natural Science Foundation of China under Grants No.62372087 and No.62072076the Research Fund of State Key Laboratory of Processors under Grant No.CLQ202310the CSC scholarship.
文摘Deep neural networks(DNNs)have found extensive applications in safety-critical artificial intelligence systems,such as autonomous driving and facial recognition systems.However,recent research has revealed their susceptibility to backdoors maliciously injected by adversaries.This vulnerability arises due to the intricate architecture and opacity of DNNs,resulting in numerous redundant neurons embedded within the models.Adversaries exploit these vulnerabilities to conceal malicious backdoor information within DNNs,thereby causing erroneous outputs and posing substantial threats to the efficacy of DNN-based applications.This article presents a comprehensive survey of backdoor attacks against DNNs and the countermeasure methods employed to mitigate them.Initially,we trace the evolution of the concept from traditional backdoor attacks to backdoor attacks against DNNs,highlighting the feasibility and practicality of generating backdoor attacks against DNNs.Subsequently,we provide an overview of notable works encompassing various attack and defense strategies,facilitating a comparative analysis of their approaches.Through these discussions,we offer constructive insights aimed at refining these techniques.Finally,we extend our research perspective to the domain of large language models(LLMs)and synthesize the characteristics and developmental trends of backdoor attacks and defense methods targeting LLMs.Through a systematic review of existing studies on backdoor vulnerabilities in LLMs,we identify critical open challenges in this field and propose actionable directions for future research.
基金Deanship of Research and Graduate Studies at King Khalid University for funding this work through Large Research Project under grant number RGP.2/103/46”Deanship of Scientific Research at Northern Border University,Arar,Saudi Arabia for funding this research work through project number“NBU-FFR-2025-871-15”funding from Prince Sattam bin Abdulaziz University project number(PSAU/2025/R/1447).
文摘This paper proposes a model-based control framework for vehicle platooning systems with secondorder nonlinear dynamics operating over switching signed networks,time-varying delays,and deception attacks.The study includes two configurations:a leaderless structure using Finite-Time Non-Singular Terminal Bipartite Consensus(FNTBC)and Fixed-Time Bipartite Consensus(FXTBC),and a leader—follower structure ensuring structural balance and robustness against deceptive signals.In the leaderless model,a bipartite controller based on impulsive control theory,gauge transformation,and Markovian switching Lyapunov functions ensures mean-square stability and coordination under deception attacks and communication delays.The FNTBC achieves finite-time convergence depending on initial conditions,while the FXTBC guarantees fixed-time convergence independent of them,providing adaptability to different operating states.In the leader—follower case,a discontinuous impulsive control law synchronizes all followers with the leader despite deceptive attacks and switching topologies,maintaining robust coordination through nonlinear corrective mechanisms.To validate the approach,simulations are conducted on systems of five and seventeen vehicles in both leaderless and leader—follower configurations.The results demonstrate that the proposed framework achieves rapid consensus,strong robustness,and high resistance to deception attacks,offering a secure and scalable model-based control solution for modern vehicular communication networks.
