Dear Editor,The letter deals with the distributed state and fault estimation of the whole physical layer for cyber-physical systems(CPSs) when the cyber layer suffers from DoS attacks. With the advancement of embedded...Dear Editor,The letter deals with the distributed state and fault estimation of the whole physical layer for cyber-physical systems(CPSs) when the cyber layer suffers from DoS attacks. With the advancement of embedded computing, communication and related hardware technologies, CPSs have attracted extensive attention and have been widely used in power system, traffic network, refrigeration system and other fields.展开更多
Dear Editor,This letter studies the stabilization control issue of cyber-physical systems with time-varying delays and aperiodic denial-of-service(DoS)attacks.To address the calculation overload issue caused by networ...Dear Editor,This letter studies the stabilization control issue of cyber-physical systems with time-varying delays and aperiodic denial-of-service(DoS)attacks.To address the calculation overload issue caused by networked predictive control(NPC)approach,an event-based NPC method is proposed.Within the proposed method,the negative effects of time-varying delays and DoS attacks on system performance are compensated.Then,sufficient and necessary conditions are derived to ensure the stability of the closed-loop system.In the end,simulation results are provided to demonstrate the validity of presented method.展开更多
In this paper, the containment control problem in nonlinear multi-agent systems(NMASs) under denial-of-service(DoS) attacks is addressed. Firstly, a prediction model is obtained using the broad learning technique to t...In this paper, the containment control problem in nonlinear multi-agent systems(NMASs) under denial-of-service(DoS) attacks is addressed. Firstly, a prediction model is obtained using the broad learning technique to train historical data generated by the system offline without DoS attacks. Secondly, the dynamic linearization method is used to obtain the equivalent linearization model of NMASs. Then, a novel model-free adaptive predictive control(MFAPC) framework based on historical and online data generated by the system is proposed, which combines the trained prediction model with the model-free adaptive control method. The development of the MFAPC method motivates a much simpler robust predictive control solution that is convenient to use in the case of DoS attacks. Meanwhile, the MFAPC algorithm provides a unified predictive framework for solving consensus tracking and containment control problems. The boundedness of the containment error can be proven by using the contraction mapping principle and the mathematical induction method. Finally, the proposed MFAPC is assessed through comparative experiments.展开更多
针对车联网中拒绝服务(denial of service,DoS)攻击难以防范且现有监督学习方法无法有效检测零日攻击的问题,提出了一种混合DoS攻击入侵检测系统.首先,对数据集进行预处理,提高数据的质量;其次,利用特征选择滤除冗余特征,旨在获得代表...针对车联网中拒绝服务(denial of service,DoS)攻击难以防范且现有监督学习方法无法有效检测零日攻击的问题,提出了一种混合DoS攻击入侵检测系统.首先,对数据集进行预处理,提高数据的质量;其次,利用特征选择滤除冗余特征,旨在获得代表性更强的特征;再次,采用集成学习方法将5种基于树结构的监督分类器堆叠集成用于检测已知DoS攻击;最后,提出了一种无监督异常检测方法,将卷积去噪自动编码器与注意力机制相结合来建立正常行为模型,用于检测堆叠集成模型漏报的未知DoS攻击.实验结果表明,对于已知DoS攻击检测,所提系统在Car-Hacking数据集和CICIDS2017数据集上的检测准确率分别为100%和99.967%;对于未知DoS攻击检测,所提系统在上述两个数据集上的检测准确率分别为100%和83.953%,并且在两个数据集上的平均测试时间分别为0.072 ms和0.157 ms,验证了所提系统的有效性和可行性.展开更多
This paper investigates the event-triggered security consensus problem for nonlinear multi-agent systems(MASs)under denial-of-service(Do S)attacks over an undirected graph.A novel adaptive memory observer-based anti-d...This paper investigates the event-triggered security consensus problem for nonlinear multi-agent systems(MASs)under denial-of-service(Do S)attacks over an undirected graph.A novel adaptive memory observer-based anti-disturbance control scheme is presented to improve the observer accuracy by adding a buffer for the system output measurements.Meanwhile,this control scheme can also provide more reasonable control signals when Do S attacks occur.To save network resources,an adaptive memory event-triggered mechanism(AMETM)is also proposed and Zeno behavior is excluded.It is worth mentioning that the AMETM's updates do not require global information.Then,the observer and controller gains are obtained by using the linear matrix inequality(LMI)technique.Finally,simulation examples show the effectiveness of the proposed control scheme.展开更多
This paper designs a decentralized resilient H_(∞)load frequency control(LFC)scheme for multi-area cyber-physical power systems(CPPSs).Under the network-based control framework,the sampled measurements are transmitte...This paper designs a decentralized resilient H_(∞)load frequency control(LFC)scheme for multi-area cyber-physical power systems(CPPSs).Under the network-based control framework,the sampled measurements are transmitted through the communication networks,which may be attacked by energylimited denial-of-service(DoS)attacks with a characterization of the maximum count of continuous data losses(resilience index).Each area is controlled in a decentralized mode,and the impacts on one area from other areas via their interconnections are regarded as the additional load disturbance of this area.Then,the closed-loop LFC system of each area under DoS attacks is modeled as an aperiodic sampled-data control system with external disturbances.Under this modeling,a decentralized resilient H_(∞)scheme is presented to design the state-feedback controllers with guaranteed H∞performance and resilience index based on a novel transmission interval-dependent loop functional method.When given the controllers,the proposed scheme can obtain a less conservative H_(∞)performance and resilience index that the LFC system can tolerate.The effectiveness of the proposed LFC scheme is evaluated on a one-area CPPS and two three-area CPPSs under DoS attacks.展开更多
Dear Editor,This letter is concerned with distributed resilient platoon control of multiple vehicles subject to denial-of-service(DoS)attacks.In order to accommodate the effects of DoS attacks,a fully resilient distri...Dear Editor,This letter is concerned with distributed resilient platoon control of multiple vehicles subject to denial-of-service(DoS)attacks.In order to accommodate the effects of DoS attacks,a fully resilient distributed control strategy is presented by designing an adaptive control gain,where any global information of communication topology is no longer required.Then,the conditions of time duration rates and frequency of DoS attacks on stability of vehicular platoons can be characterized.Finally,a numerical simulation example is given to validate the obtained results.展开更多
This paper characterizes the joint effects of plant uncertainty,Denial-of-Service(DoS)attacks,and fading channel on the stabilization problem of networked control systems(NCSs).It is assumed that the controller remote...This paper characterizes the joint effects of plant uncertainty,Denial-of-Service(DoS)attacks,and fading channel on the stabilization problem of networked control systems(NCSs).It is assumed that the controller remotely controls the plant and the control input is transmitted over a fading channel.Meanwhile,considering the sustained attack cycle and frequency of DoS attacks are random,the packet-loss caused by DoS attacks is modelled by a Markov process.The sampled-data NCS is transformed into a stochastic form with Markov jump and uncertain parameter.Then,based on Lyapunov functional method,linear matrix inequality(LMI)-based sufficient conditions are presented to ensure the stability of uncertain NCSs.The main contribution of this article lies in the construction of NCSs based on DoS attacks into Markov jump system(MJS)and the joint consideration of fading channel and plant uncertainty.展开更多
Dear Editor,This letter investigates the output tracking control issue of networked control systems(NCSs)with communication constraints and denial-of-service(DoS)attacks in the sensor-to-controller channel,both of whi...Dear Editor,This letter investigates the output tracking control issue of networked control systems(NCSs)with communication constraints and denial-of-service(DoS)attacks in the sensor-to-controller channel,both of which would induce random network delays.展开更多
The increasing prevalence of Internet of Things(IoT)devices has introduced a new phase of connectivity in recent years and,concurrently,has opened the floodgates for growing cyber threats.Among the myriad of potential...The increasing prevalence of Internet of Things(IoT)devices has introduced a new phase of connectivity in recent years and,concurrently,has opened the floodgates for growing cyber threats.Among the myriad of potential attacks,Denial of Service(DoS)attacks and Distributed Denial of Service(DDoS)attacks remain a dominant concern due to their capability to render services inoperable by overwhelming systems with an influx of traffic.As IoT devices often lack the inherent security measures found in more mature computing platforms,the need for robust DoS/DDoS detection systems tailored to IoT is paramount for the sustainable development of every domain that IoT serves.In this study,we investigate the effectiveness of three machine learning(ML)algorithms:extreme gradient boosting(XGB),multilayer perceptron(MLP)and random forest(RF),for the detection of IoTtargeted DoS/DDoS attacks and three feature engineering methods that have not been used in the existing stateof-the-art,and then employed the best performing algorithm to design a prototype of a novel real-time system towards detection of such DoS/DDoS attacks.The CICIoT2023 dataset was derived from the latest real-world IoT traffic,incorporates both benign and malicious network traffic patterns and after data preprocessing and feature engineering,the data was fed into our models for both training and validation,where findings suggest that while all threemodels exhibit commendable accuracy in detectingDoS/DDoS attacks,the use of particle swarmoptimization(PSO)for feature selection has made great improvements in the performance(accuracy,precsion recall and F1-score of 99.93%for XGB)of the ML models and their execution time(491.023 sceonds for XGB)compared to recursive feature elimination(RFE)and randomforest feature importance(RFI)methods.The proposed real-time system for DoS/DDoS attack detection entails the implementation of an platform capable of effectively processing and analyzing network traffic in real-time.This involvesemploying the best-performing ML algorithmfor detection and the integration of warning mechanisms.We believe this approach will significantly enhance the field of security research and continue to refine it based on future insights and developments.展开更多
为无人驾驶系统设计了一种新型的攻击-防御框架。首先,从攻击者的角度提出了一种新的拒绝服务(denial of service,DoS)攻击机制,称为基于重要数据(important-databased,IDB)的DoS攻击策略,以增强攻击的破坏性。与现有的大多数DoS攻击策...为无人驾驶系统设计了一种新型的攻击-防御框架。首先,从攻击者的角度提出了一种新的拒绝服务(denial of service,DoS)攻击机制,称为基于重要数据(important-databased,IDB)的DoS攻击策略,以增强攻击的破坏性。与现有的大多数DoS攻击策略不同,该策略可以拦截输出数据,识别数据的重要程度,并仅对重要数据发起攻击。这样,提出的IDB DoS攻击策略将对无人驾驶系统造成更大的破坏。其次,为了应对IDB DoS攻击策略带来的负面影响,构造了一种新的弹性H_(∞)控制技术来减轻攻击损害。最后,仿真结果表明:①与一些现有的DoS攻击模型相比,所提出的IDB DoS攻击策略对系统具有更大的破坏性;②设计的弹性H_(∞)控制器可以有效地减轻所提出的IDB DoS攻击策略所带来的攻击破坏性。展开更多
For years, rumors have circulated that the code for the original DOS operating system created by Microsoft for the IBM personal computer is actually copied from the CP/M operating system developed by Digital Research ...For years, rumors have circulated that the code for the original DOS operating system created by Microsoft for the IBM personal computer is actually copied from the CP/M operating system developed by Digital Research Incorporated. In this paper, scientifically tested and accepted forensic analysis mathematical techniques, step-by-step processes, and advanced software code comparison tools are used to compare early versions of the two code bases. The conclusion is reached that no copying of code takes place1.展开更多
基金supported by the National Natural Science Foundation of China(62303273,62373226)the National Research Foundation,Singapore through the Medium Sized Center for Advanced Robotics Technology Innovation(WP2.7)
文摘Dear Editor,The letter deals with the distributed state and fault estimation of the whole physical layer for cyber-physical systems(CPSs) when the cyber layer suffers from DoS attacks. With the advancement of embedded computing, communication and related hardware technologies, CPSs have attracted extensive attention and have been widely used in power system, traffic network, refrigeration system and other fields.
基金supported by the National Natural Science Foundation of China(61433003,60904003,11602019).
文摘Dear Editor,This letter studies the stabilization control issue of cyber-physical systems with time-varying delays and aperiodic denial-of-service(DoS)attacks.To address the calculation overload issue caused by networked predictive control(NPC)approach,an event-based NPC method is proposed.Within the proposed method,the negative effects of time-varying delays and DoS attacks on system performance are compensated.Then,sufficient and necessary conditions are derived to ensure the stability of the closed-loop system.In the end,simulation results are provided to demonstrate the validity of presented method.
基金supported in part by the National Natural Science Foundation of China(62403396,62433018,62373113)the Guangdong Basic and Applied Basic Research Foundation(2023A1515011527,2023B1515120010)the Postdoctoral Fellowship Program of CPSF(GZB20240621)
文摘In this paper, the containment control problem in nonlinear multi-agent systems(NMASs) under denial-of-service(DoS) attacks is addressed. Firstly, a prediction model is obtained using the broad learning technique to train historical data generated by the system offline without DoS attacks. Secondly, the dynamic linearization method is used to obtain the equivalent linearization model of NMASs. Then, a novel model-free adaptive predictive control(MFAPC) framework based on historical and online data generated by the system is proposed, which combines the trained prediction model with the model-free adaptive control method. The development of the MFAPC method motivates a much simpler robust predictive control solution that is convenient to use in the case of DoS attacks. Meanwhile, the MFAPC algorithm provides a unified predictive framework for solving consensus tracking and containment control problems. The boundedness of the containment error can be proven by using the contraction mapping principle and the mathematical induction method. Finally, the proposed MFAPC is assessed through comparative experiments.
文摘针对车联网中拒绝服务(denial of service,DoS)攻击难以防范且现有监督学习方法无法有效检测零日攻击的问题,提出了一种混合DoS攻击入侵检测系统.首先,对数据集进行预处理,提高数据的质量;其次,利用特征选择滤除冗余特征,旨在获得代表性更强的特征;再次,采用集成学习方法将5种基于树结构的监督分类器堆叠集成用于检测已知DoS攻击;最后,提出了一种无监督异常检测方法,将卷积去噪自动编码器与注意力机制相结合来建立正常行为模型,用于检测堆叠集成模型漏报的未知DoS攻击.实验结果表明,对于已知DoS攻击检测,所提系统在Car-Hacking数据集和CICIDS2017数据集上的检测准确率分别为100%和99.967%;对于未知DoS攻击检测,所提系统在上述两个数据集上的检测准确率分别为100%和83.953%,并且在两个数据集上的平均测试时间分别为0.072 ms和0.157 ms,验证了所提系统的有效性和可行性.
基金supported by the National Natural Science Foundation of China(61773056)the Scientific and Technological Innovation Foundation of Shunde Graduate School,University of Science and Technology Beijing(USTB)(BK19AE018)+2 种基金the Fundamental Research Funds for the Central Universities of USTB(FRF-TP-20-09B,230201606500061,FRF-DF-20-35,FRF-BD-19-002A)supported by Zhejiang Natural Science Foundation(LD21F030001)supported by the National Research Foundation of Korea(NRF)grant funded by the Korea government(Ministry of Science and Information and Communications Technology)(NRF-2020R1A2C1005449)。
文摘This paper investigates the event-triggered security consensus problem for nonlinear multi-agent systems(MASs)under denial-of-service(Do S)attacks over an undirected graph.A novel adaptive memory observer-based anti-disturbance control scheme is presented to improve the observer accuracy by adding a buffer for the system output measurements.Meanwhile,this control scheme can also provide more reasonable control signals when Do S attacks occur.To save network resources,an adaptive memory event-triggered mechanism(AMETM)is also proposed and Zeno behavior is excluded.It is worth mentioning that the AMETM's updates do not require global information.Then,the observer and controller gains are obtained by using the linear matrix inequality(LMI)technique.Finally,simulation examples show the effectiveness of the proposed control scheme.
基金supported by the National Natural Science Foundation(NNSF)of China(62003037,61873303)。
文摘This paper designs a decentralized resilient H_(∞)load frequency control(LFC)scheme for multi-area cyber-physical power systems(CPPSs).Under the network-based control framework,the sampled measurements are transmitted through the communication networks,which may be attacked by energylimited denial-of-service(DoS)attacks with a characterization of the maximum count of continuous data losses(resilience index).Each area is controlled in a decentralized mode,and the impacts on one area from other areas via their interconnections are regarded as the additional load disturbance of this area.Then,the closed-loop LFC system of each area under DoS attacks is modeled as an aperiodic sampled-data control system with external disturbances.Under this modeling,a decentralized resilient H_(∞)scheme is presented to design the state-feedback controllers with guaranteed H∞performance and resilience index based on a novel transmission interval-dependent loop functional method.When given the controllers,the proposed scheme can obtain a less conservative H_(∞)performance and resilience index that the LFC system can tolerate.The effectiveness of the proposed LFC scheme is evaluated on a one-area CPPS and two three-area CPPSs under DoS attacks.
基金supported by the National Natural Science Foundation of China(NSFC)(62073171,62173181)the Natural Science Foundation of Jiangsu Province(BK20200744,BK20180455)+3 种基金Jiangsu Specially-Appointed Professor(RK043 STP19001)1311 Talent Plan of Nanjing University of Posts and Telecommunications,the Fundamental Research Funds for the Central Universities(30920032203)the Natural Science Foundation of Tianjin(20JCQNJC00390)Graduate Scientific Research Innovation Project of Tianjin(2021YJSO2S31).
文摘Dear Editor,This letter is concerned with distributed resilient platoon control of multiple vehicles subject to denial-of-service(DoS)attacks.In order to accommodate the effects of DoS attacks,a fully resilient distributed control strategy is presented by designing an adaptive control gain,where any global information of communication topology is no longer required.Then,the conditions of time duration rates and frequency of DoS attacks on stability of vehicular platoons can be characterized.Finally,a numerical simulation example is given to validate the obtained results.
基金supported in part by the National Natural Science Foundation of China(Nos.62173206,62103229)the China Postdoctoral Science Foundation(Nos.2021M691849,2021M692024)+1 种基金the Natural Science Foundation of Shandong Province(Nos.ZR2021ZD13,ZR2021QF026)the National Key R&D Program of China(No.2021YFE0193900)。
文摘This paper characterizes the joint effects of plant uncertainty,Denial-of-Service(DoS)attacks,and fading channel on the stabilization problem of networked control systems(NCSs).It is assumed that the controller remotely controls the plant and the control input is transmitted over a fading channel.Meanwhile,considering the sustained attack cycle and frequency of DoS attacks are random,the packet-loss caused by DoS attacks is modelled by a Markov process.The sampled-data NCS is transformed into a stochastic form with Markov jump and uncertain parameter.Then,based on Lyapunov functional method,linear matrix inequality(LMI)-based sufficient conditions are presented to ensure the stability of uncertain NCSs.The main contribution of this article lies in the construction of NCSs based on DoS attacks into Markov jump system(MJS)and the joint consideration of fading channel and plant uncertainty.
基金supported by the National Natural Science Foundation of China(62173002,62403010,52301408)the Beijing Natural Science Foundation(4222045)+1 种基金the Yuxiu Innovation Project of North China University of Technology(2024NC UTYXCX111)the China Postdoctoral Science Foundation(2024M750192)。
文摘Dear Editor,This letter investigates the output tracking control issue of networked control systems(NCSs)with communication constraints and denial-of-service(DoS)attacks in the sensor-to-controller channel,both of which would induce random network delays.
文摘The increasing prevalence of Internet of Things(IoT)devices has introduced a new phase of connectivity in recent years and,concurrently,has opened the floodgates for growing cyber threats.Among the myriad of potential attacks,Denial of Service(DoS)attacks and Distributed Denial of Service(DDoS)attacks remain a dominant concern due to their capability to render services inoperable by overwhelming systems with an influx of traffic.As IoT devices often lack the inherent security measures found in more mature computing platforms,the need for robust DoS/DDoS detection systems tailored to IoT is paramount for the sustainable development of every domain that IoT serves.In this study,we investigate the effectiveness of three machine learning(ML)algorithms:extreme gradient boosting(XGB),multilayer perceptron(MLP)and random forest(RF),for the detection of IoTtargeted DoS/DDoS attacks and three feature engineering methods that have not been used in the existing stateof-the-art,and then employed the best performing algorithm to design a prototype of a novel real-time system towards detection of such DoS/DDoS attacks.The CICIoT2023 dataset was derived from the latest real-world IoT traffic,incorporates both benign and malicious network traffic patterns and after data preprocessing and feature engineering,the data was fed into our models for both training and validation,where findings suggest that while all threemodels exhibit commendable accuracy in detectingDoS/DDoS attacks,the use of particle swarmoptimization(PSO)for feature selection has made great improvements in the performance(accuracy,precsion recall and F1-score of 99.93%for XGB)of the ML models and their execution time(491.023 sceonds for XGB)compared to recursive feature elimination(RFE)and randomforest feature importance(RFI)methods.The proposed real-time system for DoS/DDoS attack detection entails the implementation of an platform capable of effectively processing and analyzing network traffic in real-time.This involvesemploying the best-performing ML algorithmfor detection and the integration of warning mechanisms.We believe this approach will significantly enhance the field of security research and continue to refine it based on future insights and developments.
文摘For years, rumors have circulated that the code for the original DOS operating system created by Microsoft for the IBM personal computer is actually copied from the CP/M operating system developed by Digital Research Incorporated. In this paper, scientifically tested and accepted forensic analysis mathematical techniques, step-by-step processes, and advanced software code comparison tools are used to compare early versions of the two code bases. The conclusion is reached that no copying of code takes place1.
