Objective:Skin wound exposed to complex external environment for a long time is highly susceptible to bacterial infection.Impact Statement:This work designs a Janus adhesive dual-layer hydrogel containing in situ silv...Objective:Skin wound exposed to complex external environment for a long time is highly susceptible to bacterial infection.Impact Statement:This work designs a Janus adhesive dual-layer hydrogel containing in situ silver nanoparticles(named PSAP/DXP@AgNPs)with integrated attack and defense to simultaneously kill the existing bacteria and prevent foreign bacterial contamination.Introduction:The current gauze dressing fixed by tape fails to well fit at skin wound and lacks intrinsic antibacterial property,making it highly prone to causing secondary infection.Moreover,foreign bacteria may contaminate the wound dressing during use,further increasing the risk of secondary infection.Methods:In this work,a Janus adhesive dual-layer PSAP/DXP@AgNPs hydrogel is prepared by sequentially building the PSAP gel layer containing zwitterionic poly(sulfobetaine methacrylamide)(PSBMA)on the DXP@AgNPs gel layer containing in situ catechol-reduced AgNPs.Results:The flexible PSAP/DXP@AgNPs can adapt shape change of skin and adhere to skin tissue with interfacial toughness of 153.38 J m^(−2) relying on its DXP@AgNPs layer,which is beneficial to build favorable fit.The in situ reduced AgNPs released from the DXP@AgNPs layer of PSAP/DXP@AgNPs exhibit obvious antibacterial effects against Escherichia coli and Staphylococcus aureus,with antibacterial rates of 99%and 88%,respectively.Meanwhile,the hydrated PSAP layer of PSAP/DXP@AgNPs containing PSBMA is able to prevent the bacterial contamination,decreasing the risk of secondary infection.Besides,cell experiments demonstrate that PSAP/DXP@AgNPs is biocompatible.Conclusion:The PSAP/DXP@AgNPs hydrogel with integrated attack and defense simultaneously possessing bacteria-killing and bacteria-antifouling properties is a potential alternative in treating infected skin wound.展开更多
Potential malicious cyber-attacks to power systems which are connected to a wide range of stakeholders from the top to tail will impose significant societal risks and challenges.The timely detection and defense are of...Potential malicious cyber-attacks to power systems which are connected to a wide range of stakeholders from the top to tail will impose significant societal risks and challenges.The timely detection and defense are of crucial importance for safe and reliable operation of cyber-physical power systems(CPPSs).This paper presents a comprehensive review of some of the latest attack detection and defense strategies.Firstly,the vulnerabilities brought by some new information and communication technologies(ICTs)are analyzed,and their impacts on the security of CPPSs are discussed.Various malicious cyber-attacks on cyber and physical layers are then analyzed within CPPSs framework,and their features and negative impacts are discussed.Secondly,two current mainstream attack detection methods including state estimation based and machine learning based methods are analyzed,and their benefits and drawbacks are discussed.Moreover,two current mainstream attack defense methods including active defense and passive defense methods are comprehensively discussed.Finally,the trends and challenges in attack detection and defense strategies in CPPSs are provided.展开更多
In this paper,we investigate the defense problem against the joint attacks of denial-of-service attacks and data tampering attacks in the framework of system identification with binary-valued observations.By estimatin...In this paper,we investigate the defense problem against the joint attacks of denial-of-service attacks and data tampering attacks in the framework of system identification with binary-valued observations.By estimating the key parameters of the joint attack and compensating them in the identification algorithm,a compensation-oriented defense scheme is proposed.Then the identification algorithm of system parameter is designed and is further proved to be consistent.The asymptotic normality of the algorithm is obtained,and on this basis,we propose the optimal defense scheme.Furthermore,the implementation of the optimal defense scheme is discussed.Finally,a simulation example is presented to verify the effectiveness of the main results.展开更多
Networks have become an integral part of today’s world. The ease of deployment, low-cost and high data rates have contributed significantly to their popularity. There are many protocols that are tailored to ease the ...Networks have become an integral part of today’s world. The ease of deployment, low-cost and high data rates have contributed significantly to their popularity. There are many protocols that are tailored to ease the process of establishing these networks. Nevertheless, security-wise precautions were not taken in some of them. In this paper, we expose some of the vulnerability that exists in a commonly and widely used network protocol, the Address Resolution Protocol (ARP) protocol. Effectively, we will implement a user friendly and an easy-to-use tool that exploits the weaknesses of this protocol to deceive a victim’s machine and a router through creating a sort of Man-in-the-Middle (MITM) attack. In MITM, all of the data going out or to the victim machine will pass first through the attacker’s machine. This enables the attacker to inspect victim’s data packets, extract valuable data (like passwords) that belong to the victim and manipulate these data packets. We suggest and implement a defense mechanism and tool that counters this attack, warns the user, and exposes some information about the attacker to isolate him. GNU/Linux is chosen as an operating system to implement both the attack and the defense tools. The results show the success of the defense mechanism in detecting the ARP related attacks in a very simple and efficient way.展开更多
This paper analyzes the characteristics of Interact space and confrontation, discussed on the main technology of network space attack and defense confrontation. The paper presents the realization scheme of network spa...This paper analyzes the characteristics of Interact space and confrontation, discussed on the main technology of network space attack and defense confrontation. The paper presents the realization scheme of network space attack defense confrontation system, and analyzes its feasibility. The technology and the system can provide technical support for the system in the network space of our country development, and safeguard security of network space in China, promote the development of the network space security industry of China, it plays an important role and significance to speed up China' s independent controllable security products development.展开更多
This paper puts forward the plan on constructing information security attack and defense platform based on cloud computing and virtualization, provides the hardware topology structure of the platform and technical fra...This paper puts forward the plan on constructing information security attack and defense platform based on cloud computing and virtualization, provides the hardware topology structure of the platform and technical framework of the system and the experimental process and technical principle of the platform. The experiment platform can provide more than 20 attack classes. Using the virtualization technology can build hypothesized target of various types in the laboratory and diversified network structure to carry out attack and defense experiment.展开更多
Cloud platforms could automatically scale underlying network resources up and down in response to changes in the traffic load.Such an auto-scaling mechanism can largely enhance the elasticity and scalability of cloud ...Cloud platforms could automatically scale underlying network resources up and down in response to changes in the traffic load.Such an auto-scaling mechanism can largely enhance the elasticity and scalability of cloud platforms.However,it may introduce new security threats.For example,the Yo-Yo attack is a newly disclosed attack against the cloud auto-scaling mechanism.Attackers periodically send bursts of traffic to cause the autoscaling mechanism to oscillate between the scale-up process and the scale-down process,which may result in significant performance degradation and economic loss.None of the prior work addressed the problem of mitigating such an attack.In this paper,we propose a Trust-based Adversarial Scanner Delaying(TASD)approach to effectively and proactively mitigate the Yo-Yo attack on the cloud auto-scaling mechanism.In TASD,we first propose to use the trust-based scheme to establish trust values for users,which is leveraged to identify adversarial requests.Trust values are updated by jointly considering the request mode and the auto-scaling status.Then,we aim to disable the condition under which the Yo-Yo attack takes effect by injecting certain delay,under the QoS constraints,to manipulate the response time of suspicious requests and deceive the attackers.Our extensive evaluation demonstrates that our approach achieves promising results,e.g.,it can detect at least 80%Yo-Yo adversarial users and reduce more than 41%malicious scale-ups.展开更多
Due to our increasing dependence on infrastructure networks,the attack and defense game in these networks has draw great concerns from security agencies.Moreover,when it comes to evaluating the payoffs in practical at...Due to our increasing dependence on infrastructure networks,the attack and defense game in these networks has draw great concerns from security agencies.Moreover,when it comes to evaluating the payoffs in practical attack and defense games in infrastructure networks,the lack of consideration for the fuzziness and uncertainty of subjective human judgment brings forth significant challenges to the analysis of strategic interactions among decision makers.This paper employs intuitionistic fuzzy sets(IFSs)to depict such uncertain payoffs,and introduce a theoretical framework for analyzing the attack and defense game in infrastructure networks based on intuitionistic fuzzy theory.We take the changes in three complex network metrics as the universe of discourse,and intuitionistic fuzzy sets are employed based on this universe of discourse to reflect the satisfaction of decision makers.We employ an algorithm based on intuitionistic fuzzy theory to find the Nash equilibrium,and conduct experiments on both local and global networks.Results show that:(1)the utilization of intuitionistic fuzzy sets to depict the payoffs of attack and defense games in infrastructure networks can reflect the unique characteristics of decision makers’subjective preferences.(2)the use of differently weighted proportions of the three complex network metrics has little impact on decision makers’choices of different strategies.展开更多
The widespread use of internet technologies is limited because people are worried about cybersecurity.With phishing,cyber criminals pose as reputable entities to trick users and access important information.Standard d...The widespread use of internet technologies is limited because people are worried about cybersecurity.With phishing,cyber criminals pose as reputable entities to trick users and access important information.Standard detection approaches are difficult to follow along with the constantly changing strategies of cybercriminals.A new phishing attack detection framework is presented in this research,using the Gated Recurrent Unit(GRU)Artificial Intelligence(AI)model.Labels have been added to the Uniform Resource Locators(URLs)in the PhishTank dataset,so the model learns what is phishing and what is not.A good data preprocessing method involving feature extraction,dealing with missing data,and running outlier detection checks is applied to maintain high data quality.The performance of the GRU model is outstanding,reaching 98.01%accuracy,F1-score of 98.14%,98.41%recall,as well as 98.67%precision,better than that of classical Machine Learning(ML)methods,including Adaptive Boosting(AdaBoost)and Long Short-Term Memory(LSTM).The proposed approach correctly handles dependencies among elements in a URL,resulting in a strong method for detecting phishing pages.Results from experiments verify the model’s potential in accurately identifying phishing attacks,offering significant advancements in cybersecurity defense systems.展开更多
To ensure the safe operation of industrial digital twins network and avoid the harm to the system caused by hacker invasion,a series of discussions on network security issues are carried out based on game theory.From ...To ensure the safe operation of industrial digital twins network and avoid the harm to the system caused by hacker invasion,a series of discussions on network security issues are carried out based on game theory.From the perspective of the life cycle of network vulnerabilities,mining and repairing vulnerabilities are analyzed by applying evolutionary game theory.The evolution process of knowledge sharing among white hats under various conditions is simulated,and a game model of the vulnerability patch cooperative development strategy among manufacturers is constructed.On this basis,the differential evolution is introduced into the update mechanism of the Wolf Colony Algorithm(WCA)to produce better replacement individuals with greater probability from the perspective of both attack and defense.Through the simulation experiment,it is found that the convergence speed of the probability(X)of white Hat 1 choosing the knowledge sharing policy is related to the probability(x0)of white Hat 2 choosing the knowledge sharing policy initially,and the probability(y0)of white hat 2 choosing the knowledge sharing policy initially.When y0?0.9,X converges rapidly in a relatively short time.When y0 is constant and x0 is small,the probability curve of the“cooperative development”strategy converges to 0.It is concluded that the higher the trust among the white hat members in the temporary team,the stronger their willingness to share knowledge,which is conducive to the mining of loopholes in the system.The greater the probability of a hacker attacking the vulnerability before it is fully disclosed,the lower the willingness of manufacturers to choose the"cooperative development"of vulnerability patches.Applying the improved wolf colonyco-evolution algorithm can obtain the equilibrium solution of the"attack and defense game model",and allocate the security protection resources according to the importance of nodes.This study can provide an effective solution to protect the network security for digital twins in the industry.展开更多
Image classifiers that based on Deep Neural Networks(DNNs)have been proved to be easily fooled by well-designed perturbations.Previous defense methods have the limitations of requiring expensive computation or reducin...Image classifiers that based on Deep Neural Networks(DNNs)have been proved to be easily fooled by well-designed perturbations.Previous defense methods have the limitations of requiring expensive computation or reducing the accuracy of the image classifiers.In this paper,we propose a novel defense method which based on perceptual hash.Our main goal is to destroy the process of perturbations generation by comparing the similarities of images thus achieve the purpose of defense.To verify our idea,we defended against two main attack methods(a white-box attack and a black-box attack)in different DNN-based image classifiers and show that,after using our defense method,the attack-success-rate for all DNN-based image classifiers decreases significantly.More specifically,for the white-box attack,the attack-success-rate is reduced by an average of 36.3%.For the black-box attack,the average attack-success-rate of targeted attack and non-targeted attack has been reduced by 72.8%and 76.7%respectively.The proposed method is a simple and effective defense method and provides a new way to defend against adversarial samples.展开更多
To investigate the attack and defense strategies in complex net works,the authors propose a two-player zero-sum static game model with complete information which considers attack and defense strategies simultaneously....To investigate the attack and defense strategies in complex net works,the authors propose a two-player zero-sum static game model with complete information which considers attack and defense strategies simultaneously.The authors assume that both the attacker and defender have two typical strategies:Targeted strategy and random strategy.The authors explore the Nash equilibriums of the attacker-defender game and demonstrate that when the attacker's attack resources are not so significantly abundant as the defender's resources,there exists a pure-strategy Nash equilibrium in both model net works and real-world net works,in which the defender protects the hub t arge ts with large degrees preferentially,while the attacker prefers selecting the targets randomly.When the attack resources are much higher than defense resources,both the attacker and the defender adopt the targeted strategy in equilibriums.This paper provides a new theoretical framework for the study of attack and defense st rat egies in complex net works.展开更多
The open and distributed connection of the powersystem makes it vulnerable to various potential cyber-attacks,which may lead to power outages and even casualties. Therefore,the construction of attack and defense drill...The open and distributed connection of the powersystem makes it vulnerable to various potential cyber-attacks,which may lead to power outages and even casualties. Therefore,the construction of attack and defense drill (ADD) platforms forattack mechanism investigation and protection strategy evaluationhas become a research hotspot. However, for the massiveand heterogeneous security analysis data generated during thedrill, it is rare to have a comprehensive and intuitive methodto visually and efficiently display the perspective of the attackerand defender. In order to solve this problem, this paper proposesa visual analysis scheme of an ADD framework for a grid cyberphysicalsystem (GCPS) based on the interactive visual analysismethod. Specifically, it realizes system weakness discovery basedon knowledge visualization, optimization of the detection modeland visualization interaction. Finally, the case study on thesimulation platform of ADD proves the effectiveness of theproposed method.展开更多
Emerging memristive devices offer enormous advantages for applications such as non-volatile memories and inmemory computing(IMC),but there is a rising interest in using memristive technologies for security application...Emerging memristive devices offer enormous advantages for applications such as non-volatile memories and inmemory computing(IMC),but there is a rising interest in using memristive technologies for security applications in the era of internet of things(IoT).In this review article,for achieving secure hardware systems in IoT,lowpower design techniques based on emerging memristive technology for hardware security primitives/systems are presented.By reviewing the state-of-the-art in three highlighted memristive application areas,i.e.memristive non-volatile memory,memristive reconfigurable logic computing and memristive artificial intelligent computing,their application-level impacts on the novel implementations of secret key generation,crypto functions and machine learning attacks are explored,respectively.For the low-power security applications in IoT,it is essential to understand how to best realize cryptographic circuitry using memristive circuitries,and to assess the implications of memristive crypto implementations on security and to develop novel computing paradigms that will enhance their security.This review article aims to help researchers to explore security solutions,to analyze new possible threats and to develop corresponding protections for the secure hardware systems based on low-cost memristive circuit designs.展开更多
Cyber security lacks comprehensive theoretical guidance. General security theory, as a set of basic security theory concepts, is intended to guide cyber security and all the other security work. The general theory of ...Cyber security lacks comprehensive theoretical guidance. General security theory, as a set of basic security theory concepts, is intended to guide cyber security and all the other security work. The general theory of security aims to unify the main branches of cyber security and establish a unified basic theory. This paper proposal an overview on the general theory of security, which is devoted to constructing a comprehensive model of network security. The hierarchical structure of the meridian-collateral tree is described. Shannon information theory is employed to build a cyberspace security model. Some central concepts of security, i.e., the attack and defense, are discussed and several general theorems on security are presented.展开更多
To develop an efficient thrombolytic therapy approach that addresses the limitations of current fibrinolytic drugs, such as short half-life, weak thrombus specificity and poor penetration ability, we constructed a NIR...To develop an efficient thrombolytic therapy approach that addresses the limitations of current fibrinolytic drugs, such as short half-life, weak thrombus specificity and poor penetration ability, we constructed a NIR-triggered detachable nanoplatform (PA/UK@IcpLipo) using thin-film hydration method. It was designed to integrate attack and defense mechanisms for thrombolytic therapy. This platform can actively identify thrombi by binding to GPIIb-IIIa receptors overexpressed on activated platelets. Upon NIR laser activation and interaction with thrombin in the thrombotic microenvironment, the thermosensitive liposomes rupture, releasing the PA/UK core for deep penetration into the thrombus. Our results showed that the PA/UK@IcpLipo nanoplatform efficiently promoted rapid thrombolysis under the action of UK (attack), followed by PA exerting an antiplatelet aggregation effect (defense). This dual-action approach significantly improved vascular reperfusion rates. The NIR-triggered detachable nanoplatform offered a promising solution for enhanced thrombolysis efficiency and reduced bleeding risk, addressing critical limitations of current fibrinolytic therapies.展开更多
It is universally acknowledged by network security experts that proactive peer-to-peer (P2P) worms may soon en-gender serious threats to the Internet infrastructures. These latent threats stimulate activities of model...It is universally acknowledged by network security experts that proactive peer-to-peer (P2P) worms may soon en-gender serious threats to the Internet infrastructures. These latent threats stimulate activities of modeling and analysis of the proactive P2P worm propagation. Based on the classical two-factor model,in this paper,we propose a novel proactive worm propagation model in unstructured P2P networks (called the four-factor model) by considering four factors:(1) network topology,(2) countermeasures taken by Internet service providers (ISPs) and users,(3) configuration diversity of nodes in the P2P network,and (4) attack and defense strategies. Simulations and experiments show that proactive P2P worms can be slowed down by two ways:improvement of the configuration diversity of the P2P network and using powerful rules to reinforce the most connected nodes from being compromised. The four-factor model provides a better description and prediction of the proactive P2P worm propagation.展开更多
This article is focused on analyzing the key technologies of new malicious code and corresponding defensive measures in the large-scale communication networks. Based on description of the concepts and development of t...This article is focused on analyzing the key technologies of new malicious code and corresponding defensive measures in the large-scale communication networks. Based on description of the concepts and development of the malicious code, the article introduces the anti-analysis technology, splitting and inserting technology, hiding technology, polymorph virus technology, and auto production technology of the malicious code trends with intelligence, diversity and integration. Following that, it summarizes the security vulnerabilities of communication networks from four related layers aspects, according to the mechanisms of malicious code in the communication networks. Finally, it proposes rapid response disposition of malicious code attacks from four correlated steps: building up the network node monitoring system, suspicious code feature automation analysis and extraction, rapid active malicious code response technique for unknown malicious code, and malicious code attack immunity technique. As a result, it actively defenses against the unknown malicious code attacks and enhances the security performance of communication networks.展开更多
基金supported by the National Natural Science Foundation of China(nos.52073191,U22A20158,and 52303194)State Key Laboratory of Polymer Materials Engineering(grant no.sklpme 2023-2-16).
文摘Objective:Skin wound exposed to complex external environment for a long time is highly susceptible to bacterial infection.Impact Statement:This work designs a Janus adhesive dual-layer hydrogel containing in situ silver nanoparticles(named PSAP/DXP@AgNPs)with integrated attack and defense to simultaneously kill the existing bacteria and prevent foreign bacterial contamination.Introduction:The current gauze dressing fixed by tape fails to well fit at skin wound and lacks intrinsic antibacterial property,making it highly prone to causing secondary infection.Moreover,foreign bacteria may contaminate the wound dressing during use,further increasing the risk of secondary infection.Methods:In this work,a Janus adhesive dual-layer PSAP/DXP@AgNPs hydrogel is prepared by sequentially building the PSAP gel layer containing zwitterionic poly(sulfobetaine methacrylamide)(PSBMA)on the DXP@AgNPs gel layer containing in situ catechol-reduced AgNPs.Results:The flexible PSAP/DXP@AgNPs can adapt shape change of skin and adhere to skin tissue with interfacial toughness of 153.38 J m^(−2) relying on its DXP@AgNPs layer,which is beneficial to build favorable fit.The in situ reduced AgNPs released from the DXP@AgNPs layer of PSAP/DXP@AgNPs exhibit obvious antibacterial effects against Escherichia coli and Staphylococcus aureus,with antibacterial rates of 99%and 88%,respectively.Meanwhile,the hydrated PSAP layer of PSAP/DXP@AgNPs containing PSBMA is able to prevent the bacterial contamination,decreasing the risk of secondary infection.Besides,cell experiments demonstrate that PSAP/DXP@AgNPs is biocompatible.Conclusion:The PSAP/DXP@AgNPs hydrogel with integrated attack and defense simultaneously possessing bacteria-killing and bacteria-antifouling properties is a potential alternative in treating infected skin wound.
基金supported in part by the National Science Foundation of China(No.92067106)111 Project(No.D18003)。
文摘Potential malicious cyber-attacks to power systems which are connected to a wide range of stakeholders from the top to tail will impose significant societal risks and challenges.The timely detection and defense are of crucial importance for safe and reliable operation of cyber-physical power systems(CPPSs).This paper presents a comprehensive review of some of the latest attack detection and defense strategies.Firstly,the vulnerabilities brought by some new information and communication technologies(ICTs)are analyzed,and their impacts on the security of CPPSs are discussed.Various malicious cyber-attacks on cyber and physical layers are then analyzed within CPPSs framework,and their features and negative impacts are discussed.Secondly,two current mainstream attack detection methods including state estimation based and machine learning based methods are analyzed,and their benefits and drawbacks are discussed.Moreover,two current mainstream attack defense methods including active defense and passive defense methods are comprehensively discussed.Finally,the trends and challenges in attack detection and defense strategies in CPPSs are provided.
文摘In this paper,we investigate the defense problem against the joint attacks of denial-of-service attacks and data tampering attacks in the framework of system identification with binary-valued observations.By estimating the key parameters of the joint attack and compensating them in the identification algorithm,a compensation-oriented defense scheme is proposed.Then the identification algorithm of system parameter is designed and is further proved to be consistent.The asymptotic normality of the algorithm is obtained,and on this basis,we propose the optimal defense scheme.Furthermore,the implementation of the optimal defense scheme is discussed.Finally,a simulation example is presented to verify the effectiveness of the main results.
文摘Networks have become an integral part of today’s world. The ease of deployment, low-cost and high data rates have contributed significantly to their popularity. There are many protocols that are tailored to ease the process of establishing these networks. Nevertheless, security-wise precautions were not taken in some of them. In this paper, we expose some of the vulnerability that exists in a commonly and widely used network protocol, the Address Resolution Protocol (ARP) protocol. Effectively, we will implement a user friendly and an easy-to-use tool that exploits the weaknesses of this protocol to deceive a victim’s machine and a router through creating a sort of Man-in-the-Middle (MITM) attack. In MITM, all of the data going out or to the victim machine will pass first through the attacker’s machine. This enables the attacker to inspect victim’s data packets, extract valuable data (like passwords) that belong to the victim and manipulate these data packets. We suggest and implement a defense mechanism and tool that counters this attack, warns the user, and exposes some information about the attacker to isolate him. GNU/Linux is chosen as an operating system to implement both the attack and the defense tools. The results show the success of the defense mechanism in detecting the ARP related attacks in a very simple and efficient way.
文摘This paper analyzes the characteristics of Interact space and confrontation, discussed on the main technology of network space attack and defense confrontation. The paper presents the realization scheme of network space attack defense confrontation system, and analyzes its feasibility. The technology and the system can provide technical support for the system in the network space of our country development, and safeguard security of network space in China, promote the development of the network space security industry of China, it plays an important role and significance to speed up China' s independent controllable security products development.
文摘This paper puts forward the plan on constructing information security attack and defense platform based on cloud computing and virtualization, provides the hardware topology structure of the platform and technical framework of the system and the experimental process and technical principle of the platform. The experiment platform can provide more than 20 attack classes. Using the virtualization technology can build hypothesized target of various types in the laboratory and diversified network structure to carry out attack and defense experiment.
基金This research was partially supported by the Natural Science Foundation of China(61571098)Open Foundation of State Key Laboratory of Networking and Switching Technology(Beijing University of Posts and Telecommunications)(SKLNST-2016-2-24).
文摘Cloud platforms could automatically scale underlying network resources up and down in response to changes in the traffic load.Such an auto-scaling mechanism can largely enhance the elasticity and scalability of cloud platforms.However,it may introduce new security threats.For example,the Yo-Yo attack is a newly disclosed attack against the cloud auto-scaling mechanism.Attackers periodically send bursts of traffic to cause the autoscaling mechanism to oscillate between the scale-up process and the scale-down process,which may result in significant performance degradation and economic loss.None of the prior work addressed the problem of mitigating such an attack.In this paper,we propose a Trust-based Adversarial Scanner Delaying(TASD)approach to effectively and proactively mitigate the Yo-Yo attack on the cloud auto-scaling mechanism.In TASD,we first propose to use the trust-based scheme to establish trust values for users,which is leveraged to identify adversarial requests.Trust values are updated by jointly considering the request mode and the auto-scaling status.Then,we aim to disable the condition under which the Yo-Yo attack takes effect by injecting certain delay,under the QoS constraints,to manipulate the response time of suspicious requests and deceive the attackers.Our extensive evaluation demonstrates that our approach achieves promising results,e.g.,it can detect at least 80%Yo-Yo adversarial users and reduce more than 41%malicious scale-ups.
文摘Due to our increasing dependence on infrastructure networks,the attack and defense game in these networks has draw great concerns from security agencies.Moreover,when it comes to evaluating the payoffs in practical attack and defense games in infrastructure networks,the lack of consideration for the fuzziness and uncertainty of subjective human judgment brings forth significant challenges to the analysis of strategic interactions among decision makers.This paper employs intuitionistic fuzzy sets(IFSs)to depict such uncertain payoffs,and introduce a theoretical framework for analyzing the attack and defense game in infrastructure networks based on intuitionistic fuzzy theory.We take the changes in three complex network metrics as the universe of discourse,and intuitionistic fuzzy sets are employed based on this universe of discourse to reflect the satisfaction of decision makers.We employ an algorithm based on intuitionistic fuzzy theory to find the Nash equilibrium,and conduct experiments on both local and global networks.Results show that:(1)the utilization of intuitionistic fuzzy sets to depict the payoffs of attack and defense games in infrastructure networks can reflect the unique characteristics of decision makers’subjective preferences.(2)the use of differently weighted proportions of the three complex network metrics has little impact on decision makers’choices of different strategies.
文摘The widespread use of internet technologies is limited because people are worried about cybersecurity.With phishing,cyber criminals pose as reputable entities to trick users and access important information.Standard detection approaches are difficult to follow along with the constantly changing strategies of cybercriminals.A new phishing attack detection framework is presented in this research,using the Gated Recurrent Unit(GRU)Artificial Intelligence(AI)model.Labels have been added to the Uniform Resource Locators(URLs)in the PhishTank dataset,so the model learns what is phishing and what is not.A good data preprocessing method involving feature extraction,dealing with missing data,and running outlier detection checks is applied to maintain high data quality.The performance of the GRU model is outstanding,reaching 98.01%accuracy,F1-score of 98.14%,98.41%recall,as well as 98.67%precision,better than that of classical Machine Learning(ML)methods,including Adaptive Boosting(AdaBoost)and Long Short-Term Memory(LSTM).The proposed approach correctly handles dependencies among elements in a URL,resulting in a strong method for detecting phishing pages.Results from experiments verify the model’s potential in accurately identifying phishing attacks,offering significant advancements in cybersecurity defense systems.
文摘To ensure the safe operation of industrial digital twins network and avoid the harm to the system caused by hacker invasion,a series of discussions on network security issues are carried out based on game theory.From the perspective of the life cycle of network vulnerabilities,mining and repairing vulnerabilities are analyzed by applying evolutionary game theory.The evolution process of knowledge sharing among white hats under various conditions is simulated,and a game model of the vulnerability patch cooperative development strategy among manufacturers is constructed.On this basis,the differential evolution is introduced into the update mechanism of the Wolf Colony Algorithm(WCA)to produce better replacement individuals with greater probability from the perspective of both attack and defense.Through the simulation experiment,it is found that the convergence speed of the probability(X)of white Hat 1 choosing the knowledge sharing policy is related to the probability(x0)of white Hat 2 choosing the knowledge sharing policy initially,and the probability(y0)of white hat 2 choosing the knowledge sharing policy initially.When y0?0.9,X converges rapidly in a relatively short time.When y0 is constant and x0 is small,the probability curve of the“cooperative development”strategy converges to 0.It is concluded that the higher the trust among the white hat members in the temporary team,the stronger their willingness to share knowledge,which is conducive to the mining of loopholes in the system.The greater the probability of a hacker attacking the vulnerability before it is fully disclosed,the lower the willingness of manufacturers to choose the"cooperative development"of vulnerability patches.Applying the improved wolf colonyco-evolution algorithm can obtain the equilibrium solution of the"attack and defense game model",and allocate the security protection resources according to the importance of nodes.This study can provide an effective solution to protect the network security for digital twins in the industry.
基金The work is supported by the National Key Research Development Program of China(2016QY01W0200)the National Natural Science Foundation of China NSFC(U1636101,U1736211,U1636219).
文摘Image classifiers that based on Deep Neural Networks(DNNs)have been proved to be easily fooled by well-designed perturbations.Previous defense methods have the limitations of requiring expensive computation or reducing the accuracy of the image classifiers.In this paper,we propose a novel defense method which based on perceptual hash.Our main goal is to destroy the process of perturbations generation by comparing the similarities of images thus achieve the purpose of defense.To verify our idea,we defended against two main attack methods(a white-box attack and a black-box attack)in different DNN-based image classifiers and show that,after using our defense method,the attack-success-rate for all DNN-based image classifiers decreases significantly.More specifically,for the white-box attack,the attack-success-rate is reduced by an average of 36.3%.For the black-box attack,the average attack-success-rate of targeted attack and non-targeted attack has been reduced by 72.8%and 76.7%respectively.The proposed method is a simple and effective defense method and provides a new way to defend against adversarial samples.
基金supported by the National Natural Science Foundation of China under Grant Nos.71871217 and 71371185the Natural Science Foundation of Hunan Province under Grant No.2019JJ20019
文摘To investigate the attack and defense strategies in complex net works,the authors propose a two-player zero-sum static game model with complete information which considers attack and defense strategies simultaneously.The authors assume that both the attacker and defender have two typical strategies:Targeted strategy and random strategy.The authors explore the Nash equilibriums of the attacker-defender game and demonstrate that when the attacker's attack resources are not so significantly abundant as the defender's resources,there exists a pure-strategy Nash equilibrium in both model net works and real-world net works,in which the defender protects the hub t arge ts with large degrees preferentially,while the attacker prefers selecting the targets randomly.When the attack resources are much higher than defense resources,both the attacker and the defender adopt the targeted strategy in equilibriums.This paper provides a new theoretical framework for the study of attack and defense st rat egies in complex net works.
基金the Science and Technology Project of State Grid Corporation of China(Research on key technologies of integrated electric power network security simulation and verification environment,521304190004).
文摘The open and distributed connection of the powersystem makes it vulnerable to various potential cyber-attacks,which may lead to power outages and even casualties. Therefore,the construction of attack and defense drill (ADD) platforms forattack mechanism investigation and protection strategy evaluationhas become a research hotspot. However, for the massiveand heterogeneous security analysis data generated during thedrill, it is rare to have a comprehensive and intuitive methodto visually and efficiently display the perspective of the attackerand defender. In order to solve this problem, this paper proposesa visual analysis scheme of an ADD framework for a grid cyberphysicalsystem (GCPS) based on the interactive visual analysismethod. Specifically, it realizes system weakness discovery basedon knowledge visualization, optimization of the detection modeland visualization interaction. Finally, the case study on thesimulation platform of ADD proves the effectiveness of theproposed method.
基金supported by the DFG(German Research Foundation)Priority Program Nano Security,Project MemCrypto(Projektnummer 439827659/funding id DU 1896/2–1,PO 1220/15–1)the funding by the Fraunhofer Internal Programs under Grant No.Attract 600768。
文摘Emerging memristive devices offer enormous advantages for applications such as non-volatile memories and inmemory computing(IMC),but there is a rising interest in using memristive technologies for security applications in the era of internet of things(IoT).In this review article,for achieving secure hardware systems in IoT,lowpower design techniques based on emerging memristive technology for hardware security primitives/systems are presented.By reviewing the state-of-the-art in three highlighted memristive application areas,i.e.memristive non-volatile memory,memristive reconfigurable logic computing and memristive artificial intelligent computing,their application-level impacts on the novel implementations of secret key generation,crypto functions and machine learning attacks are explored,respectively.For the low-power security applications in IoT,it is essential to understand how to best realize cryptographic circuitry using memristive circuitries,and to assess the implications of memristive crypto implementations on security and to develop novel computing paradigms that will enhance their security.This review article aims to help researchers to explore security solutions,to analyze new possible threats and to develop corresponding protections for the secure hardware systems based on low-cost memristive circuit designs.
基金supported by the National Key R&D Program of China (2016YFF0204001)the National Key Technology Support Program (2015BAH08F02)+3 种基金the CCF-Venustech Hongyan Research Initiative (2016-009)the PAPD fundthe CICAEET fundthe Guizhou Provincial Key Laboratory of Public Big Data Program
文摘Cyber security lacks comprehensive theoretical guidance. General security theory, as a set of basic security theory concepts, is intended to guide cyber security and all the other security work. The general theory of security aims to unify the main branches of cyber security and establish a unified basic theory. This paper proposal an overview on the general theory of security, which is devoted to constructing a comprehensive model of network security. The hierarchical structure of the meridian-collateral tree is described. Shannon information theory is employed to build a cyberspace security model. Some central concepts of security, i.e., the attack and defense, are discussed and several general theorems on security are presented.
基金supported by National Natural Science Foundation of China(No.82102918)。
文摘To develop an efficient thrombolytic therapy approach that addresses the limitations of current fibrinolytic drugs, such as short half-life, weak thrombus specificity and poor penetration ability, we constructed a NIR-triggered detachable nanoplatform (PA/UK@IcpLipo) using thin-film hydration method. It was designed to integrate attack and defense mechanisms for thrombolytic therapy. This platform can actively identify thrombi by binding to GPIIb-IIIa receptors overexpressed on activated platelets. Upon NIR laser activation and interaction with thrombin in the thrombotic microenvironment, the thermosensitive liposomes rupture, releasing the PA/UK core for deep penetration into the thrombus. Our results showed that the PA/UK@IcpLipo nanoplatform efficiently promoted rapid thrombolysis under the action of UK (attack), followed by PA exerting an antiplatelet aggregation effect (defense). This dual-action approach significantly improved vascular reperfusion rates. The NIR-triggered detachable nanoplatform offered a promising solution for enhanced thrombolysis efficiency and reduced bleeding risk, addressing critical limitations of current fibrinolytic therapies.
基金Project (No. 09511501600) partially supported by the Science and Technology Commission of Shanghai Municipality, China
文摘It is universally acknowledged by network security experts that proactive peer-to-peer (P2P) worms may soon en-gender serious threats to the Internet infrastructures. These latent threats stimulate activities of modeling and analysis of the proactive P2P worm propagation. Based on the classical two-factor model,in this paper,we propose a novel proactive worm propagation model in unstructured P2P networks (called the four-factor model) by considering four factors:(1) network topology,(2) countermeasures taken by Internet service providers (ISPs) and users,(3) configuration diversity of nodes in the P2P network,and (4) attack and defense strategies. Simulations and experiments show that proactive P2P worms can be slowed down by two ways:improvement of the configuration diversity of the P2P network and using powerful rules to reinforce the most connected nodes from being compromised. The four-factor model provides a better description and prediction of the proactive P2P worm propagation.
基金supported by the National Natural Science Foundation of China (60973139,60773041)the Natural Science Foundation of Jiangsu Province (BK2008451)+4 种基金the Hi-Tech Research and Development Program of China (2007AA01Z404,2007AA01Z478)Foundation of National Laboratory for Modern Communications (9140C1105040805)the Postdoctoral Foundation (0801019C,20090451240,20090451241)the Science & Technology Innovation Fund for Higher Education Institutions of Jiangsu Province (CX08B-085Z,CX08B-086Z)the Six Kinds of Top Talent of Jiangsu Province (2008118)
文摘This article is focused on analyzing the key technologies of new malicious code and corresponding defensive measures in the large-scale communication networks. Based on description of the concepts and development of the malicious code, the article introduces the anti-analysis technology, splitting and inserting technology, hiding technology, polymorph virus technology, and auto production technology of the malicious code trends with intelligence, diversity and integration. Following that, it summarizes the security vulnerabilities of communication networks from four related layers aspects, according to the mechanisms of malicious code in the communication networks. Finally, it proposes rapid response disposition of malicious code attacks from four correlated steps: building up the network node monitoring system, suspicious code feature automation analysis and extraction, rapid active malicious code response technique for unknown malicious code, and malicious code attack immunity technique. As a result, it actively defenses against the unknown malicious code attacks and enhances the security performance of communication networks.
