This paper proposes a threat assessment framework for non-cooperative satellites by analyzing their motion characteristics,developing a quantitative evaluation methodology,and demonstrating its effectiveness via repre...This paper proposes a threat assessment framework for non-cooperative satellites by analyzing their motion characteristics,developing a quantitative evaluation methodology,and demonstrating its effectiveness via representative scenarios with neural network acceleration.The framework first establishes a threat evaluation model that integrates three core parameters:capability,opportunity,and hidden values.Subsequently,this research systematically investigates the critical role of transfer windows in threat quantification and introduces a transfer window-based threat assessment approach.The proposed methodology is validated through multiple representative scenarios,with simulation results demonstrating superior performance compared to conventional methods relying solely on optimal transfer windows or minimum distance metrics,enabling more nuanced threat ranking in scenarios where traditional techniques prove inadequate.To address computational demands,a neural networkbased approximation system is implemented to achieve a 25,200×speedup(0.005 s vs.baseline 126 s per 1000-sample batch)through parallel processing,maintaining 99.3%accuracy.Finally,the study explores the framework's extensibility to diverse NCS objectives.It identifies discrepancies between intention inference models and threat evaluation paradigms,providing methodological insights for next-generation space domain awareness systems.展开更多
The rapidly evolving cybersecurity threat landscape exposes a critical flaw in traditional educational programs where static curricula cannot adapt swiftly to novel attack vectors.This creates a significant gap betwee...The rapidly evolving cybersecurity threat landscape exposes a critical flaw in traditional educational programs where static curricula cannot adapt swiftly to novel attack vectors.This creates a significant gap between theoretical knowledge and the practical defensive capabilities needed in the field.To address this,we propose TeachSecure-CTI,a novel framework for adaptive cybersecurity curriculumgeneration that integrates real-time Cyber Threat Intelligence(CTI)with AI-driven personalization.Our framework employs a layered architecture featuring a CTI ingestion and clusteringmodule,natural language processing for semantic concept extraction,and a reinforcement learning agent for adaptive content sequencing.Bydynamically aligning learningmaterialswithboththe evolving threat environment and individual learner profiles,TeachSecure-CTI ensures content remains current,relevant,and tailored.A 12-week study with 150 students across three institutions demonstrated that the framework improves learning gains by 34%,significantly exceeding the 12%–21%reported in recent literature.The system achieved 84.8%personalization accuracy,85.9%recognition accuracy for MITRE ATT&CK tactics,and a 31%faster competency development rate compared to static curricula.These findings have implications beyond academia,extending to workforce development,cyber range training,and certification programs.By bridging the gap between dynamic threats and static educational materials,TeachSecure-CTI offers an empirically validated,scalable solution for cultivating cybersecurity professionals capable of responding to modern threats.展开更多
The increasing number of interconnected devices and the incorporation of smart technology into contemporary healthcare systems have significantly raised the attack surface of cyber threats.The early detection of threa...The increasing number of interconnected devices and the incorporation of smart technology into contemporary healthcare systems have significantly raised the attack surface of cyber threats.The early detection of threats is both necessary and complex,yet these interconnected healthcare settings generate enormous amounts of heterogeneous data.Traditional Intrusion Detection Systems(IDS),which are generally centralized and machine learning-based,often fail to address the rapidly changing nature of cyberattacks and are challenged by ethical concerns related to patient data privacy.Moreover,traditional AI-driven IDS usually face challenges in handling large-scale,heterogeneous healthcare data while ensuring data privacy and operational efficiency.To address these issues,emerging technologies such as Big Data Analytics(BDA)and Federated Learning(FL)provide a hybrid framework for scalable,adaptive intrusion detection in IoT-driven healthcare systems.Big data techniques enable processing large-scale,highdimensional healthcare data,and FL can be used to train a model in a decentralized manner without transferring raw data,thereby maintaining privacy between institutions.This research proposes a privacy-preserving Federated Learning–based model that efficiently detects cyber threats in connected healthcare systems while ensuring distributed big data processing,privacy,and compliance with ethical regulations.To strengthen the reliability of the reported findings,the resultswere validated using cross-dataset testing and 95%confidence intervals derived frombootstrap analysis,confirming consistent performance across heterogeneous healthcare data distributions.This solution takes a significant step toward securing next-generation healthcare infrastructure by combining scalability,privacy,adaptability,and earlydetection capabilities.The proposed global model achieves a test accuracy of 99.93%±0.03(95%CI)and amiss-rate of only 0.07%±0.02,representing state-of-the-art performance in privacy-preserving intrusion detection.The proposed FL-driven IDS framework offers an efficient,privacy-preserving,and scalable solution for securing next-generation healthcare infrastructures by combining adaptability,early detection,and ethical data management.展开更多
This paper examines how cybersecurity is developing and how it relates to more conventional information security. Although information security and cyber security are sometimes used synonymously, this study contends t...This paper examines how cybersecurity is developing and how it relates to more conventional information security. Although information security and cyber security are sometimes used synonymously, this study contends that they are not the same. The concept of cyber security is explored, which goes beyond protecting information resources to include a wider variety of assets, including people [1]. Protecting information assets is the main goal of traditional information security, with consideration to the human element and how people fit into the security process. On the other hand, cyber security adds a new level of complexity, as people might unintentionally contribute to or become targets of cyberattacks. This aspect presents moral questions since it is becoming more widely accepted that society has a duty to protect weaker members of society, including children [1]. The study emphasizes how important cyber security is on a larger scale, with many countries creating plans and laws to counteract cyberattacks. Nevertheless, a lot of these sources frequently neglect to define the differences or the relationship between information security and cyber security [1]. The paper focus on differentiating between cybersecurity and information security on a larger scale. The study also highlights other areas of cybersecurity which includes defending people, social norms, and vital infrastructure from threats that arise from online in addition to information and technology protection. It contends that ethical issues and the human factor are becoming more and more important in protecting assets in the digital age, and that cyber security is a paradigm shift in this regard [1].展开更多
1.Introduction Data inference(DInf)is a data security threat in which critical information is inferred from low-sensitivity data.Once regarded as an advanced professional threat limited to intelligence analysts,DInf h...1.Introduction Data inference(DInf)is a data security threat in which critical information is inferred from low-sensitivity data.Once regarded as an advanced professional threat limited to intelligence analysts,DInf has become a widespread risk in the artificial intelligence(AI)era.展开更多
Throughout the lifespan,an animal can encounter predators frequently,thus the ability to avoid attacks from predators is crucial for its survival.The chances of evading danger can be greatly improved if the animal can...Throughout the lifespan,an animal can encounter predators frequently,thus the ability to avoid attacks from predators is crucial for its survival.The chances of evading danger can be greatly improved if the animal can respond immediately to the threat.Therefore,when an animal detects a threat through its visual system,it must quickly direct its gaze and attention toward the source of danger,assess the threat level,and take appropriate action.展开更多
The fast increase of online communities has brought about an increase in cyber threats inclusive of cyberbullying, hate speech, misinformation, and online harassment, making content moderation a pressing necessity. Tr...The fast increase of online communities has brought about an increase in cyber threats inclusive of cyberbullying, hate speech, misinformation, and online harassment, making content moderation a pressing necessity. Traditional single-modal AI-based detection systems, which analyze both text, photos, or movies in isolation, have established useless at taking pictures multi-modal threats, in which malicious actors spread dangerous content throughout a couple of formats. To cope with these demanding situations, we advise a multi-modal deep mastering framework that integrates Natural Language Processing (NLP), Convolutional Neural Networks (CNNs), and Long Short-Term Memory (LSTM) networks to become aware of and mitigate online threats effectively. Our proposed model combines BERT for text class, ResNet50 for photograph processing, and a hybrid LSTM-3-d CNN community for video content material analysis. We constructed a large-scale dataset comprising 500,000 textual posts, 200,000 offensive images, and 50,000 annotated motion pictures from more than one platform, which includes Twitter, Reddit, YouTube, and online gaming forums. The system became carefully evaluated using trendy gadget mastering metrics which include accuracy, precision, remember, F1-score, and ROC-AUC curves. Experimental outcomes demonstrate that our multi-modal method extensively outperforms single-modal AI classifiers, achieving an accuracy of 92.3%, precision of 91.2%, do not forget of 90.1%, and an AUC rating of 0.95. The findings validate the necessity of integrating multi-modal AI for actual-time, high-accuracy online chance detection and moderation. Future paintings will have consciousness on improving hostile robustness, enhancing scalability for real-world deployment, and addressing ethical worries associated with AI-driven content moderation.展开更多
The current global cybersecurity landscape, characterized by the increasing scale and sophistication of cyberattacks, underscores the importance of integrating Cyber Threat Intelligence (CTI) into Land Administration ...The current global cybersecurity landscape, characterized by the increasing scale and sophistication of cyberattacks, underscores the importance of integrating Cyber Threat Intelligence (CTI) into Land Administration Systems (LAS). LAS services involve requests and responses concerning public and private cadastral data, including credentials of parties, ownership, and spatial parcels. This study explores the integration of CTI in LAS to enhance cyber resilience, focusing on the unique vulnerabilities of LAS, such as sensitive data management and interconnection with other critical systems related to spatial data uses and changes. The approach employs a case study of a typical country-specific LAS to analyse structured vulnerabilities and their attributes to determine the degree of vulnerability of LAS through a quantitative inductive approach. The analysis results indicate significant improvements in identifying and mitigating potential threats through CTI integration, thus enhancing cyber resilience. These findings are crucial for policymakers and practitioners to develop robust cybersecurity strategies for LAS.展开更多
As an emerging environmental contaminant,antibiotic resistance genes(ARGs)in tap water have attracted great attention.Although studies have provided ARG profiles in tap water,research on their abundance levels,composi...As an emerging environmental contaminant,antibiotic resistance genes(ARGs)in tap water have attracted great attention.Although studies have provided ARG profiles in tap water,research on their abundance levels,composition characteristics,and potential threat is still insufficient.Here,9 household tap water samples were collected from the Guangdong-Hong Kong-Macao Greater Bay Area(GBA)in China.Additionally,75 sets of environmental sample data(9 types)were downloaded from the public database.Metagenomics was then performed to explore the differences in the abundance and composition of ARGs.221 ARG subtypes consisting of 17 types were detected in tap water.Although the ARG abundance in tap water was not significantly different from that found in drinking water plants and reservoirs,their composition varied.In tap water samples,the three most abundant classes of resistance genes were multidrug,fosfomycin and MLS(macrolide-lincosamidestreptogramin)ARGs,and their corresponding subtypes ompR,fosX and macB were also the most abundant ARG subtypes.Regarding the potential mobility,vanS had the highest abundance on plasmids and viruses,but the absence of key genes rendered resistance to vancomycin ineffective.Generally,the majority of ARGs present in tap water were those that have not been assessed and are currently not listed as high-threat level ARG families based on the World Health Organization Guideline.Although the current potential threat to human health posed by ARGs in tap water is limited,with persistent transfer and accumulation,especially in pathogens,the potential danger to human health posed by ARGs should not be ignored.展开更多
Given the unique challenges facing the railway industry, cybersecurity is a crucial issue that must be addressed proactively. This paper aims to provide a systematic review of cybersecurity threats that could impact t...Given the unique challenges facing the railway industry, cybersecurity is a crucial issue that must be addressed proactively. This paper aims to provide a systematic review of cybersecurity threats that could impact the safety and operations of rolling stock, the privacy and security of passengers and employees, and the public in general. The systematic literature review revealed that cyber threats to the railway industry can take many forms, including attacks on operational technology systems, data breaches, theft of sensitive information, and disruptions to train services. The consequences of these threats can be severe, leading to operational disruptions, financial losses, and loss of public trust in the railway system. To address these threats, railway organizations must adopt a proactive approach to security and implement robust cybersecurity measures tailored to the industry’s specific needs and challenges. This includes regular testing of systems for vulnerabilities, incident response plans, and employee training to identify and respond to cyber threats. Ensuring the system remains available, reliable, and maintainable is fundamental given the importance of railways as critical infrastructure and the potential harm that can be caused by cyber threats.展开更多
Cyber threat detection is a crucial aspect of contemporary cybersecurity due to the depth and complexity of cyberattacks.It is the identification of malicious activity,unauthorized access,and possible intrusions in ne...Cyber threat detection is a crucial aspect of contemporary cybersecurity due to the depth and complexity of cyberattacks.It is the identification of malicious activity,unauthorized access,and possible intrusions in networks and systems.Modern detection methods employ artificial intelligence and machine learning to study vast amounts of data,learn patterns,and anticipate potential threats.Real-time monitoring and anomaly detection improve the capacity to react to changing threats more rapidly.Cyber threat detection systems aim to reduce false positives and provide complete coverage against the broadest possible attacks.This research advocates for proactive measures and adaptive technologies in defending digital environments.Improvements in detection ability by organizations will assist in safeguarding assets and integrity in operations in this increasingly digital world.This paper draws on the categorization of cyber threat detection methods using hesitant bipolar fuzzy Frank operators.Categorization is a step that is necessary for systematic comparison and assessment of detection methods so that the most suitable method for particular cybersecurity requirements is chosen.Furthermore,this research manages uncertainty and vagueness that exists in decision-making by applying hesitant bipolar fuzzy logic.The importance of the work lies in how it fortifies cybersecurity architectures with a formal method of discovering optimal detection measures and improving responsiveness,resulting in holistic protection against dynamic threats.展开更多
Beyond-visual-range(BVR)air combat threat assessment has attracted wide attention as the support of situation awareness and autonomous decision-making.However,the traditional threat assessment method is flawed in its ...Beyond-visual-range(BVR)air combat threat assessment has attracted wide attention as the support of situation awareness and autonomous decision-making.However,the traditional threat assessment method is flawed in its failure to consider the intention and event of the target,resulting in inaccurate assessment results.In view of this,an integrated threat assessment method is proposed to address the existing problems,such as overly subjective determination of index weight and imbalance of situation.The process and characteristics of BVR air combat are analyzed to establish a threat assessment model in terms of target intention,event,situation,and capability.On this basis,a distributed weight-solving algorithm is proposed to determine index and attribute weight respectively.Then,variable weight and game theory are introduced to effectively deal with the situation imbalance and achieve the combination of subjective and objective.The performance of the model and algorithm is evaluated through multiple simulation experiments.The assessment results demonstrate the accuracy of the proposed method in BVR air combat,indicating its potential practical significance in real air combat scenarios.展开更多
Advanced Persistent Threats(APTs)represent one of the most complex and dangerous categories of cyber-attacks characterised by their stealthy behaviour,long-term persistence,and ability to bypass traditional detection ...Advanced Persistent Threats(APTs)represent one of the most complex and dangerous categories of cyber-attacks characterised by their stealthy behaviour,long-term persistence,and ability to bypass traditional detection systems.The complexity of real-world network data poses significant challenges in detection.Machine learning models have shown promise in detecting APTs;however,their performance often suffers when trained on large datasets with redundant or irrelevant features.This study presents a novel,hybrid feature selection method designed to improve APT detection by reducing dimensionality while preserving the informative characteristics of the data.It combines Mutual Information(MI),Symmetric Uncertainty(SU)and Minimum Redundancy Maximum Relevance(mRMR)to enhance feature selection.MI and SU assess feature relevance,while mRMR maximises relevance and minimises redundancy,ensuring that the most impactful features are prioritised.This method addresses redundancy among selected features,improving the overall efficiency and effectiveness of the detection model.Experiments on a real-world APT datasets were conducted to evaluate the proposed method.Multiple classifiers including,Random Forest,Support Vector Machine(SVM),Gradient Boosting,and Neural Networks were used to assess classification performance.The results demonstrate that the proposed feature selection method significantly enhances detection accuracy compared to baseline models trained on the full feature set.The Random Forest algorithm achieved the highest performance,with near-perfect accuracy,precision,recall,and F1 scores(99.97%).The proposed adaptive thresholding algorithm within the selection method allows each classifier to benefit from a reduced and optimised feature space,resulting in improved training and predictive performance.This research offers a scalable and classifier-agnostic solution for dimensionality reduction in cybersecurity applications.展开更多
The dynamic,heterogeneous nature of Edge computing in the Internet of Things(Edge-IoT)and Industrial IoT(IIoT)networks brings unique and evolving cybersecurity challenges.This study maps cyber threats in Edge-IoT/IIoT...The dynamic,heterogeneous nature of Edge computing in the Internet of Things(Edge-IoT)and Industrial IoT(IIoT)networks brings unique and evolving cybersecurity challenges.This study maps cyber threats in Edge-IoT/IIoT environments to the Adversarial Tactics,Techniques,and Common Knowledge(ATT&CK)framework by MITRE and introduces a lightweight,data-driven scoring model that enables rapid identification and prioritization of attacks.Inspired by the Factor Analysis of Information Risk model,our proposed scoring model integrates four key metrics:Common Vulnerability Scoring System(CVSS)-based severity scoring,Cyber Kill Chain–based difficulty estimation,Deep Neural Networks-driven detection scoring,and frequency analysis based on dataset prevalence.By aggregating these indicators,the model generates comprehensive risk profiles,facilitating actionable prioritization of threats.Robustness and stability of the scoring model are validated through non-parametric correlation analysis using Spearman’s and Kendall’s rank correlation coefficients,demonstrating consistent performance across diverse scenarios.The approach culminates in a prioritized attack ranking that provides actionable guidance for risk mitigation and resource allocation in Edge-IoT/IIoT security operations.By leveraging real-world data to align MITRE ATT&CK techniques with CVSS metrics,the framework offers a standardized and practically applicable solution for consistent threat assessment in operational settings.The proposed lightweight scoring model delivers rapid and reliable results under dynamic cyber conditions,facilitating timely identification of attack scenarios and prioritization of response strategies.Our systematic integration of established taxonomies with data-driven indicators strengthens practical risk management and supports strategic planning in next-generation IoT deployments.Ultimately,this work advances adaptive threat modeling for Edge/IIoT ecosystems and establishes a robust foundation for evidence-based prioritization in emerging cyber-physical infrastructures.展开更多
Social behaviors,including social support and mating,play a critical role in survival and reproduction.Animals must make adaptive social decisions based on internal states and external contexts[1].The sex of a social ...Social behaviors,including social support and mating,play a critical role in survival and reproduction.Animals must make adaptive social decisions based on internal states and external contexts[1].The sex of a social partner is a crucial factor that shapes social decision-making,as oppositesex interactions are vital for fulfilling reproductive needs,whereas same-sex interactions are essential for both collaborative support and competitive behaviors.Under normal circumstances,mice typically exhibit a variety of prosocial behaviors that strengthen social bonds within their groups.展开更多
Inflammatory bowel disease(IBD),encompassing Crohn’s disease and ulcerative colitis,manifests as a chronic,recurrent,and refractory intestinal inflammatory condition significantly impacting patients’quality of life....Inflammatory bowel disease(IBD),encompassing Crohn’s disease and ulcerative colitis,manifests as a chronic,recurrent,and refractory intestinal inflammatory condition significantly impacting patients’quality of life.Despite ongoing research,its etiology and pathogenesis remain incompletely understood.Recent advancements in medical research highlight the critical role of drug combination therapies in managing IBD.This paper employs the strengths,weaknesses,opportunities,and threats framework to evaluate the four strategic elements(strengths,weaknesses,opportunities,and threats)pertaining to combination therapies for IBD.Among the strengths,the paper underscores the efficacy of multi-targeted strategies,the advancement of personalized medicine,and the mitigation of drug resistance.Nonetheless,the analysis identifies significant weaknesses,including the prohibitive cost of treatment,issues with patient compliance,and the necessity for comprehensive long-term safety data.The paper also delineates opportunities to augment therapeutic success through the incorporation of biomarkers,the application of artificial intelligence,and extensive international collaborative efforts.In contrast,the paper does not shy away from addressing the threats,which include the potential for therapeutic resistance and the logistical challenges inherent in global therapy deployment.These initiatives aim to refine future therapeutic practices,fostering safer,more effective,and personalized treatment paradigms for IBD patients.展开更多
Recently,with the normalization of non-face-to-face online environments in response to the COVID-19 pandemic,the possibility of cyberattacks through endpoints has increased.Numerous endpoint devices are managed meticu...Recently,with the normalization of non-face-to-face online environments in response to the COVID-19 pandemic,the possibility of cyberattacks through endpoints has increased.Numerous endpoint devices are managed meticulously to prevent cyberattacks and ensure timely responses to potential security threats.In particular,because telecommuting,telemedicine,and teleeducation are implemented in uncontrolled environments,attackers typically target vulnerable endpoints to acquire administrator rights or steal authentication information,and reports of endpoint attacks have been increasing considerably.Advanced persistent threats(APTs)using various novel variant malicious codes are a form of a sophisticated attack.However,conventional commercial antivirus and anti-malware systems that use signature-based attack detectionmethods cannot satisfactorily respond to such attacks.In this paper,we propose a method that expands the detection coverage inAPT attack environments.In this model,an open-source threat detector and log collector are used synergistically to improve threat detection performance.Extending the scope of attack log collection through interworking between highly accessible open-source tools can efficiently increase the detection coverage of tactics and techniques used to deal with APT attacks,as defined by MITRE Adversarial Tactics,Techniques,and Common Knowledge(ATT&CK).We implemented an attack environment using an APT attack scenario emulator called Carbanak and analyzed the detection coverage of Google Rapid Response(GRR),an open-source threat detection tool,and Graylog,an open-source log collector.The proposed method expanded the detection coverage against MITRE ATT&CK by approximately 11%compared with that conventional methods.展开更多
Cyber Threat Intelligence(CTI)has gained massive attention to collect hidden knowledge for a better understanding of the various cyber-attacks and eventually paving the way for predicting the future of such attacks.Th...Cyber Threat Intelligence(CTI)has gained massive attention to collect hidden knowledge for a better understanding of the various cyber-attacks and eventually paving the way for predicting the future of such attacks.The information exchange and collaborative sharing through different platforms have a significant contribution towards a global solution.While CTI and the information exchange can help a lot in focusing and prioritizing on the use of the large volume of complex information among different organizations,there exists a great challenge ineffective processing of large count of different Indicators of Threat(IoT)which appear regularly,and that can be solved only through a collaborative approach.Collaborative approach and intelligence sharing have become the mandatory element in the entire world of processing the threats.In order to covet the complete needs of having a definite standard of information exchange,various initiatives have been taken in means of threat information sharing platforms like MISP and formats such as SITX.This paper proposes a scoring model to address information decay,which is shared within TISP.The scoring model is implemented,taking the use case of detecting the Threat Indicators in a phishing data network.The proposed method calculates the rate of decay of an attribute through which the early entries are removed.展开更多
The integration of organisation’s information security policy into threat modeling enhances effectiveness of security strategies for information security management. These security policies are the ones which define ...The integration of organisation’s information security policy into threat modeling enhances effectiveness of security strategies for information security management. These security policies are the ones which define the sets of security issues, controls and organisation’s commitment for seamless integration with knowledge based platforms in order to protect critical assets and data. Such platforms are needed to evaluate and share violations which can create security loop-hole. The lack of rules-based approaches for discovering potential threats at organisation’s context, poses a challenge for many organisations in safeguarding their critical assets. To address the challenge, this paper introduces a Platform for Organisation Security Threat Analytic and Management (POSTAM) using rule-based approach. The platform enhances strategies for combating information security threats and thus improves organisations’ commitment in protecting their critical assets. R scripting language for data visualization and java-based scripts were used to develop a prototype to run on web protocol. MySQL database management system was used as back-end for data storage during threat analytic processes.展开更多
As cyber threats keep changing and business environments adapt, a comprehensive approach to disaster recovery involves more than just defensive measures. This research delves deep into the strategies required to respo...As cyber threats keep changing and business environments adapt, a comprehensive approach to disaster recovery involves more than just defensive measures. This research delves deep into the strategies required to respond to threats and anticipate and mitigate them proactively. Beginning with understanding the critical need for a layered defense and the intricacies of the attacker’s journey, the research offers insights into specialized defense techniques, emphasizing the importance of timely and strategic responses during incidents. Risk management is brought to the forefront, underscoring businesses’ need to adopt mature risk assessment practices and understand the potential risk impact areas. Additionally, the value of threat intelligence is explored, shedding light on the importance of active engagement within sharing communities and the vigilant observation of adversary motivations. “Beyond Defense: Proactive Approaches to Disaster Recovery and Threat Intelligence in Modern Enterprises” is a comprehensive guide for organizations aiming to fortify their cybersecurity posture, marrying best practices in proactive and reactive measures in the ever-challenging digital realm.展开更多
基金supported by the National Key R&D Programof China:Gravitational Wave Detection Project(Grant Nos.2021YFC2026,2021YFC2202601,2021YFC2202603)the Na-tional Natural Science Foundation of China(Grant Nos.12172288and 12472046)。
文摘This paper proposes a threat assessment framework for non-cooperative satellites by analyzing their motion characteristics,developing a quantitative evaluation methodology,and demonstrating its effectiveness via representative scenarios with neural network acceleration.The framework first establishes a threat evaluation model that integrates three core parameters:capability,opportunity,and hidden values.Subsequently,this research systematically investigates the critical role of transfer windows in threat quantification and introduces a transfer window-based threat assessment approach.The proposed methodology is validated through multiple representative scenarios,with simulation results demonstrating superior performance compared to conventional methods relying solely on optimal transfer windows or minimum distance metrics,enabling more nuanced threat ranking in scenarios where traditional techniques prove inadequate.To address computational demands,a neural networkbased approximation system is implemented to achieve a 25,200×speedup(0.005 s vs.baseline 126 s per 1000-sample batch)through parallel processing,maintaining 99.3%accuracy.Finally,the study explores the framework's extensibility to diverse NCS objectives.It identifies discrepancies between intention inference models and threat evaluation paradigms,providing methodological insights for next-generation space domain awareness systems.
文摘The rapidly evolving cybersecurity threat landscape exposes a critical flaw in traditional educational programs where static curricula cannot adapt swiftly to novel attack vectors.This creates a significant gap between theoretical knowledge and the practical defensive capabilities needed in the field.To address this,we propose TeachSecure-CTI,a novel framework for adaptive cybersecurity curriculumgeneration that integrates real-time Cyber Threat Intelligence(CTI)with AI-driven personalization.Our framework employs a layered architecture featuring a CTI ingestion and clusteringmodule,natural language processing for semantic concept extraction,and a reinforcement learning agent for adaptive content sequencing.Bydynamically aligning learningmaterialswithboththe evolving threat environment and individual learner profiles,TeachSecure-CTI ensures content remains current,relevant,and tailored.A 12-week study with 150 students across three institutions demonstrated that the framework improves learning gains by 34%,significantly exceeding the 12%–21%reported in recent literature.The system achieved 84.8%personalization accuracy,85.9%recognition accuracy for MITRE ATT&CK tactics,and a 31%faster competency development rate compared to static curricula.These findings have implications beyond academia,extending to workforce development,cyber range training,and certification programs.By bridging the gap between dynamic threats and static educational materials,TeachSecure-CTI offers an empirically validated,scalable solution for cultivating cybersecurity professionals capable of responding to modern threats.
文摘The increasing number of interconnected devices and the incorporation of smart technology into contemporary healthcare systems have significantly raised the attack surface of cyber threats.The early detection of threats is both necessary and complex,yet these interconnected healthcare settings generate enormous amounts of heterogeneous data.Traditional Intrusion Detection Systems(IDS),which are generally centralized and machine learning-based,often fail to address the rapidly changing nature of cyberattacks and are challenged by ethical concerns related to patient data privacy.Moreover,traditional AI-driven IDS usually face challenges in handling large-scale,heterogeneous healthcare data while ensuring data privacy and operational efficiency.To address these issues,emerging technologies such as Big Data Analytics(BDA)and Federated Learning(FL)provide a hybrid framework for scalable,adaptive intrusion detection in IoT-driven healthcare systems.Big data techniques enable processing large-scale,highdimensional healthcare data,and FL can be used to train a model in a decentralized manner without transferring raw data,thereby maintaining privacy between institutions.This research proposes a privacy-preserving Federated Learning–based model that efficiently detects cyber threats in connected healthcare systems while ensuring distributed big data processing,privacy,and compliance with ethical regulations.To strengthen the reliability of the reported findings,the resultswere validated using cross-dataset testing and 95%confidence intervals derived frombootstrap analysis,confirming consistent performance across heterogeneous healthcare data distributions.This solution takes a significant step toward securing next-generation healthcare infrastructure by combining scalability,privacy,adaptability,and earlydetection capabilities.The proposed global model achieves a test accuracy of 99.93%±0.03(95%CI)and amiss-rate of only 0.07%±0.02,representing state-of-the-art performance in privacy-preserving intrusion detection.The proposed FL-driven IDS framework offers an efficient,privacy-preserving,and scalable solution for securing next-generation healthcare infrastructures by combining adaptability,early detection,and ethical data management.
文摘This paper examines how cybersecurity is developing and how it relates to more conventional information security. Although information security and cyber security are sometimes used synonymously, this study contends that they are not the same. The concept of cyber security is explored, which goes beyond protecting information resources to include a wider variety of assets, including people [1]. Protecting information assets is the main goal of traditional information security, with consideration to the human element and how people fit into the security process. On the other hand, cyber security adds a new level of complexity, as people might unintentionally contribute to or become targets of cyberattacks. This aspect presents moral questions since it is becoming more widely accepted that society has a duty to protect weaker members of society, including children [1]. The study emphasizes how important cyber security is on a larger scale, with many countries creating plans and laws to counteract cyberattacks. Nevertheless, a lot of these sources frequently neglect to define the differences or the relationship between information security and cyber security [1]. The paper focus on differentiating between cybersecurity and information security on a larger scale. The study also highlights other areas of cybersecurity which includes defending people, social norms, and vital infrastructure from threats that arise from online in addition to information and technology protection. It contends that ethical issues and the human factor are becoming more and more important in protecting assets in the digital age, and that cyber security is a paradigm shift in this regard [1].
基金supported by the National Key Research and Development Program of China(2022YFB2703503)the National Natural Science Foundation of China(62293501,62525210,and 62293502)the China Scholarship Council(202306280318).
文摘1.Introduction Data inference(DInf)is a data security threat in which critical information is inferred from low-sensitivity data.Once regarded as an advanced professional threat limited to intelligence analysts,DInf has become a widespread risk in the artificial intelligence(AI)era.
基金supported by the National Natural Science Foundation of China(32471055 and 82171090)Shanghai Municipal Science and Technology Major Project(2018SHZDZX01)ZJLab,Shanghai Center for Brain Science and Brain-Inspired Technology,the Lingang Laboratory(LG-QS-202203-12).
文摘Throughout the lifespan,an animal can encounter predators frequently,thus the ability to avoid attacks from predators is crucial for its survival.The chances of evading danger can be greatly improved if the animal can respond immediately to the threat.Therefore,when an animal detects a threat through its visual system,it must quickly direct its gaze and attention toward the source of danger,assess the threat level,and take appropriate action.
文摘The fast increase of online communities has brought about an increase in cyber threats inclusive of cyberbullying, hate speech, misinformation, and online harassment, making content moderation a pressing necessity. Traditional single-modal AI-based detection systems, which analyze both text, photos, or movies in isolation, have established useless at taking pictures multi-modal threats, in which malicious actors spread dangerous content throughout a couple of formats. To cope with these demanding situations, we advise a multi-modal deep mastering framework that integrates Natural Language Processing (NLP), Convolutional Neural Networks (CNNs), and Long Short-Term Memory (LSTM) networks to become aware of and mitigate online threats effectively. Our proposed model combines BERT for text class, ResNet50 for photograph processing, and a hybrid LSTM-3-d CNN community for video content material analysis. We constructed a large-scale dataset comprising 500,000 textual posts, 200,000 offensive images, and 50,000 annotated motion pictures from more than one platform, which includes Twitter, Reddit, YouTube, and online gaming forums. The system became carefully evaluated using trendy gadget mastering metrics which include accuracy, precision, remember, F1-score, and ROC-AUC curves. Experimental outcomes demonstrate that our multi-modal method extensively outperforms single-modal AI classifiers, achieving an accuracy of 92.3%, precision of 91.2%, do not forget of 90.1%, and an AUC rating of 0.95. The findings validate the necessity of integrating multi-modal AI for actual-time, high-accuracy online chance detection and moderation. Future paintings will have consciousness on improving hostile robustness, enhancing scalability for real-world deployment, and addressing ethical worries associated with AI-driven content moderation.
文摘The current global cybersecurity landscape, characterized by the increasing scale and sophistication of cyberattacks, underscores the importance of integrating Cyber Threat Intelligence (CTI) into Land Administration Systems (LAS). LAS services involve requests and responses concerning public and private cadastral data, including credentials of parties, ownership, and spatial parcels. This study explores the integration of CTI in LAS to enhance cyber resilience, focusing on the unique vulnerabilities of LAS, such as sensitive data management and interconnection with other critical systems related to spatial data uses and changes. The approach employs a case study of a typical country-specific LAS to analyse structured vulnerabilities and their attributes to determine the degree of vulnerability of LAS through a quantitative inductive approach. The analysis results indicate significant improvements in identifying and mitigating potential threats through CTI integration, thus enhancing cyber resilience. These findings are crucial for policymakers and practitioners to develop robust cybersecurity strategies for LAS.
基金supported by the National Key R&D Program of China(No.2022YFE0103200)the Hubei Provincial Natural Science Foundation of China(No.2021CFB016)the National Natural Science Foundation of China(No.52100217).
文摘As an emerging environmental contaminant,antibiotic resistance genes(ARGs)in tap water have attracted great attention.Although studies have provided ARG profiles in tap water,research on their abundance levels,composition characteristics,and potential threat is still insufficient.Here,9 household tap water samples were collected from the Guangdong-Hong Kong-Macao Greater Bay Area(GBA)in China.Additionally,75 sets of environmental sample data(9 types)were downloaded from the public database.Metagenomics was then performed to explore the differences in the abundance and composition of ARGs.221 ARG subtypes consisting of 17 types were detected in tap water.Although the ARG abundance in tap water was not significantly different from that found in drinking water plants and reservoirs,their composition varied.In tap water samples,the three most abundant classes of resistance genes were multidrug,fosfomycin and MLS(macrolide-lincosamidestreptogramin)ARGs,and their corresponding subtypes ompR,fosX and macB were also the most abundant ARG subtypes.Regarding the potential mobility,vanS had the highest abundance on plasmids and viruses,but the absence of key genes rendered resistance to vancomycin ineffective.Generally,the majority of ARGs present in tap water were those that have not been assessed and are currently not listed as high-threat level ARG families based on the World Health Organization Guideline.Although the current potential threat to human health posed by ARGs in tap water is limited,with persistent transfer and accumulation,especially in pathogens,the potential danger to human health posed by ARGs should not be ignored.
文摘Given the unique challenges facing the railway industry, cybersecurity is a crucial issue that must be addressed proactively. This paper aims to provide a systematic review of cybersecurity threats that could impact the safety and operations of rolling stock, the privacy and security of passengers and employees, and the public in general. The systematic literature review revealed that cyber threats to the railway industry can take many forms, including attacks on operational technology systems, data breaches, theft of sensitive information, and disruptions to train services. The consequences of these threats can be severe, leading to operational disruptions, financial losses, and loss of public trust in the railway system. To address these threats, railway organizations must adopt a proactive approach to security and implement robust cybersecurity measures tailored to the industry’s specific needs and challenges. This includes regular testing of systems for vulnerabilities, incident response plans, and employee training to identify and respond to cyber threats. Ensuring the system remains available, reliable, and maintainable is fundamental given the importance of railways as critical infrastructure and the potential harm that can be caused by cyber threats.
基金funded by Ongoing Research Funding program(ORF-2025-749),King Saud University,Riyadh,Saudi Arabia.
文摘Cyber threat detection is a crucial aspect of contemporary cybersecurity due to the depth and complexity of cyberattacks.It is the identification of malicious activity,unauthorized access,and possible intrusions in networks and systems.Modern detection methods employ artificial intelligence and machine learning to study vast amounts of data,learn patterns,and anticipate potential threats.Real-time monitoring and anomaly detection improve the capacity to react to changing threats more rapidly.Cyber threat detection systems aim to reduce false positives and provide complete coverage against the broadest possible attacks.This research advocates for proactive measures and adaptive technologies in defending digital environments.Improvements in detection ability by organizations will assist in safeguarding assets and integrity in operations in this increasingly digital world.This paper draws on the categorization of cyber threat detection methods using hesitant bipolar fuzzy Frank operators.Categorization is a step that is necessary for systematic comparison and assessment of detection methods so that the most suitable method for particular cybersecurity requirements is chosen.Furthermore,this research manages uncertainty and vagueness that exists in decision-making by applying hesitant bipolar fuzzy logic.The importance of the work lies in how it fortifies cybersecurity architectures with a formal method of discovering optimal detection measures and improving responsiveness,resulting in holistic protection against dynamic threats.
基金National Natural Science Foundation of China(62006193,62103338)Aeronautical Science Foundation of China(2022Z023053001)+1 种基金Key Research and Development Program of Shaanxi Province(2024GX-YBXM-115)Fundamental Research Funds for the Central Universities(D5000230150)。
文摘Beyond-visual-range(BVR)air combat threat assessment has attracted wide attention as the support of situation awareness and autonomous decision-making.However,the traditional threat assessment method is flawed in its failure to consider the intention and event of the target,resulting in inaccurate assessment results.In view of this,an integrated threat assessment method is proposed to address the existing problems,such as overly subjective determination of index weight and imbalance of situation.The process and characteristics of BVR air combat are analyzed to establish a threat assessment model in terms of target intention,event,situation,and capability.On this basis,a distributed weight-solving algorithm is proposed to determine index and attribute weight respectively.Then,variable weight and game theory are introduced to effectively deal with the situation imbalance and achieve the combination of subjective and objective.The performance of the model and algorithm is evaluated through multiple simulation experiments.The assessment results demonstrate the accuracy of the proposed method in BVR air combat,indicating its potential practical significance in real air combat scenarios.
基金funded by Universiti Teknologi Malaysia under the UTM RA ICONIC Grant(Q.J130000.4351.09G61).
文摘Advanced Persistent Threats(APTs)represent one of the most complex and dangerous categories of cyber-attacks characterised by their stealthy behaviour,long-term persistence,and ability to bypass traditional detection systems.The complexity of real-world network data poses significant challenges in detection.Machine learning models have shown promise in detecting APTs;however,their performance often suffers when trained on large datasets with redundant or irrelevant features.This study presents a novel,hybrid feature selection method designed to improve APT detection by reducing dimensionality while preserving the informative characteristics of the data.It combines Mutual Information(MI),Symmetric Uncertainty(SU)and Minimum Redundancy Maximum Relevance(mRMR)to enhance feature selection.MI and SU assess feature relevance,while mRMR maximises relevance and minimises redundancy,ensuring that the most impactful features are prioritised.This method addresses redundancy among selected features,improving the overall efficiency and effectiveness of the detection model.Experiments on a real-world APT datasets were conducted to evaluate the proposed method.Multiple classifiers including,Random Forest,Support Vector Machine(SVM),Gradient Boosting,and Neural Networks were used to assess classification performance.The results demonstrate that the proposed feature selection method significantly enhances detection accuracy compared to baseline models trained on the full feature set.The Random Forest algorithm achieved the highest performance,with near-perfect accuracy,precision,recall,and F1 scores(99.97%).The proposed adaptive thresholding algorithm within the selection method allows each classifier to benefit from a reduced and optimised feature space,resulting in improved training and predictive performance.This research offers a scalable and classifier-agnostic solution for dimensionality reduction in cybersecurity applications.
基金supported by the“Regional Innovation System&Education(RISE)”through the Seoul RISE Center,funded by the Ministry of Education(MOE)and the Seoul Metropolitan Government(2025-RISE-01-018-05)supported by Quad Miners Corp。
文摘The dynamic,heterogeneous nature of Edge computing in the Internet of Things(Edge-IoT)and Industrial IoT(IIoT)networks brings unique and evolving cybersecurity challenges.This study maps cyber threats in Edge-IoT/IIoT environments to the Adversarial Tactics,Techniques,and Common Knowledge(ATT&CK)framework by MITRE and introduces a lightweight,data-driven scoring model that enables rapid identification and prioritization of attacks.Inspired by the Factor Analysis of Information Risk model,our proposed scoring model integrates four key metrics:Common Vulnerability Scoring System(CVSS)-based severity scoring,Cyber Kill Chain–based difficulty estimation,Deep Neural Networks-driven detection scoring,and frequency analysis based on dataset prevalence.By aggregating these indicators,the model generates comprehensive risk profiles,facilitating actionable prioritization of threats.Robustness and stability of the scoring model are validated through non-parametric correlation analysis using Spearman’s and Kendall’s rank correlation coefficients,demonstrating consistent performance across diverse scenarios.The approach culminates in a prioritized attack ranking that provides actionable guidance for risk mitigation and resource allocation in Edge-IoT/IIoT security operations.By leveraging real-world data to align MITRE ATT&CK techniques with CVSS metrics,the framework offers a standardized and practically applicable solution for consistent threat assessment in operational settings.The proposed lightweight scoring model delivers rapid and reliable results under dynamic cyber conditions,facilitating timely identification of attack scenarios and prioritization of response strategies.Our systematic integration of established taxonomies with data-driven indicators strengthens practical risk management and supports strategic planning in next-generation IoT deployments.Ultimately,this work advances adaptive threat modeling for Edge/IIoT ecosystems and establishes a robust foundation for evidence-based prioritization in emerging cyber-physical infrastructures.
基金supported by grants from the National Natural Science Foundation of China(32471074 and 32200825)the STI2030-Major Projects(2021ZD0203000 and 2021ZD0203002)+1 种基金the Shandong Provincial Taishan Scholars Project(tsqn202306174)the Shandong Provincial Natural Science Foundation(ZR2022QC173).
文摘Social behaviors,including social support and mating,play a critical role in survival and reproduction.Animals must make adaptive social decisions based on internal states and external contexts[1].The sex of a social partner is a crucial factor that shapes social decision-making,as oppositesex interactions are vital for fulfilling reproductive needs,whereas same-sex interactions are essential for both collaborative support and competitive behaviors.Under normal circumstances,mice typically exhibit a variety of prosocial behaviors that strengthen social bonds within their groups.
文摘Inflammatory bowel disease(IBD),encompassing Crohn’s disease and ulcerative colitis,manifests as a chronic,recurrent,and refractory intestinal inflammatory condition significantly impacting patients’quality of life.Despite ongoing research,its etiology and pathogenesis remain incompletely understood.Recent advancements in medical research highlight the critical role of drug combination therapies in managing IBD.This paper employs the strengths,weaknesses,opportunities,and threats framework to evaluate the four strategic elements(strengths,weaknesses,opportunities,and threats)pertaining to combination therapies for IBD.Among the strengths,the paper underscores the efficacy of multi-targeted strategies,the advancement of personalized medicine,and the mitigation of drug resistance.Nonetheless,the analysis identifies significant weaknesses,including the prohibitive cost of treatment,issues with patient compliance,and the necessity for comprehensive long-term safety data.The paper also delineates opportunities to augment therapeutic success through the incorporation of biomarkers,the application of artificial intelligence,and extensive international collaborative efforts.In contrast,the paper does not shy away from addressing the threats,which include the potential for therapeutic resistance and the logistical challenges inherent in global therapy deployment.These initiatives aim to refine future therapeutic practices,fostering safer,more effective,and personalized treatment paradigms for IBD patients.
基金This study is the result of a commissioned research project supported by the affiliated institute of ETRI(No.2021-026)partially supported by the NationalResearch Foundation of Korea(NRF)grant funded by the Korean government(MSIT)(No.2020R1F1A1061107)+2 种基金the Korea Institute for Advancement of Technology(KIAT)grant funded by the Korean government(MOTIE)(P0008703,The Competency Development Program for Industry Specialist)the MSIT under the ICAN(ICT Challenge and Advanced Network of HRD)program[grant number IITP-2022-RS-2022-00156310]supervised by the Institute of Information&Communication Technology Planning and Evaluation(IITP).
文摘Recently,with the normalization of non-face-to-face online environments in response to the COVID-19 pandemic,the possibility of cyberattacks through endpoints has increased.Numerous endpoint devices are managed meticulously to prevent cyberattacks and ensure timely responses to potential security threats.In particular,because telecommuting,telemedicine,and teleeducation are implemented in uncontrolled environments,attackers typically target vulnerable endpoints to acquire administrator rights or steal authentication information,and reports of endpoint attacks have been increasing considerably.Advanced persistent threats(APTs)using various novel variant malicious codes are a form of a sophisticated attack.However,conventional commercial antivirus and anti-malware systems that use signature-based attack detectionmethods cannot satisfactorily respond to such attacks.In this paper,we propose a method that expands the detection coverage inAPT attack environments.In this model,an open-source threat detector and log collector are used synergistically to improve threat detection performance.Extending the scope of attack log collection through interworking between highly accessible open-source tools can efficiently increase the detection coverage of tactics and techniques used to deal with APT attacks,as defined by MITRE Adversarial Tactics,Techniques,and Common Knowledge(ATT&CK).We implemented an attack environment using an APT attack scenario emulator called Carbanak and analyzed the detection coverage of Google Rapid Response(GRR),an open-source threat detection tool,and Graylog,an open-source log collector.The proposed method expanded the detection coverage against MITRE ATT&CK by approximately 11%compared with that conventional methods.
基金The author extends their appreciation to the Deanship of Scientific research at Majmaah University for the funding this work under Project No.1439-48.
文摘Cyber Threat Intelligence(CTI)has gained massive attention to collect hidden knowledge for a better understanding of the various cyber-attacks and eventually paving the way for predicting the future of such attacks.The information exchange and collaborative sharing through different platforms have a significant contribution towards a global solution.While CTI and the information exchange can help a lot in focusing and prioritizing on the use of the large volume of complex information among different organizations,there exists a great challenge ineffective processing of large count of different Indicators of Threat(IoT)which appear regularly,and that can be solved only through a collaborative approach.Collaborative approach and intelligence sharing have become the mandatory element in the entire world of processing the threats.In order to covet the complete needs of having a definite standard of information exchange,various initiatives have been taken in means of threat information sharing platforms like MISP and formats such as SITX.This paper proposes a scoring model to address information decay,which is shared within TISP.The scoring model is implemented,taking the use case of detecting the Threat Indicators in a phishing data network.The proposed method calculates the rate of decay of an attribute through which the early entries are removed.
文摘The integration of organisation’s information security policy into threat modeling enhances effectiveness of security strategies for information security management. These security policies are the ones which define the sets of security issues, controls and organisation’s commitment for seamless integration with knowledge based platforms in order to protect critical assets and data. Such platforms are needed to evaluate and share violations which can create security loop-hole. The lack of rules-based approaches for discovering potential threats at organisation’s context, poses a challenge for many organisations in safeguarding their critical assets. To address the challenge, this paper introduces a Platform for Organisation Security Threat Analytic and Management (POSTAM) using rule-based approach. The platform enhances strategies for combating information security threats and thus improves organisations’ commitment in protecting their critical assets. R scripting language for data visualization and java-based scripts were used to develop a prototype to run on web protocol. MySQL database management system was used as back-end for data storage during threat analytic processes.
文摘As cyber threats keep changing and business environments adapt, a comprehensive approach to disaster recovery involves more than just defensive measures. This research delves deep into the strategies required to respond to threats and anticipate and mitigate them proactively. Beginning with understanding the critical need for a layered defense and the intricacies of the attacker’s journey, the research offers insights into specialized defense techniques, emphasizing the importance of timely and strategic responses during incidents. Risk management is brought to the forefront, underscoring businesses’ need to adopt mature risk assessment practices and understand the potential risk impact areas. Additionally, the value of threat intelligence is explored, shedding light on the importance of active engagement within sharing communities and the vigilant observation of adversary motivations. “Beyond Defense: Proactive Approaches to Disaster Recovery and Threat Intelligence in Modern Enterprises” is a comprehensive guide for organizations aiming to fortify their cybersecurity posture, marrying best practices in proactive and reactive measures in the ever-challenging digital realm.
