A color petri net (CPN) based attack modeling approach is addressed. Compared with graph-based modeling, CPN based attack model is flexible enough to model Internet intrusions, because of their static and dynamic feat...A color petri net (CPN) based attack modeling approach is addressed. Compared with graph-based modeling, CPN based attack model is flexible enough to model Internet intrusions, because of their static and dynamic features. The processes and rules of building CPN based attack model from attack tree are also presented. In order to evaluate the risk of intrusion, some cost elements are added to CPN based attack modeling. This extended model is useful in intrusion detection and risk evaluation. Experiences show that it is easy to exploit CPN based attack modeling approach to provide the controlling functions, such as intrusion response and intrusion defense. A case study given in this paper shows that CPN based attack model has many unique characters which attack tree model hasn’t.展开更多
Based on the analysis for the interception process of ship-to-air missile system to the anti-ship missile stream, the antagonism of ship-to-air missile and anti-ship missile stream was modeled by Monte Carlo method. T...Based on the analysis for the interception process of ship-to-air missile system to the anti-ship missile stream, the antagonism of ship-to-air missile and anti-ship missile stream was modeled by Monte Carlo method. This model containing the probability of acquiring anti-ship missile, threat estimation, firepower distribution, interception, effectiveness evaluation and firepower turning, can dynamically simulate the antagonism process of anti-ship missile attack stream and anti-air missile weapon system. The anti-ship missile's saturation attack stream for different ship-to-air missile systems can be calculated quantitatively. The simulated results reveal the relations among the anti-ship missile saturation attack and the attack intensity of anti-ship missile, interception mode and the main parameters of anti-air missile weapon system. It provides a theoretical basis for the effective operation of anti-ship missile.展开更多
Internet worms can propagate across networks at terrifying speeds,reduce network security to a remarkable extent,and cause heavy economic losses.Thus,the rapid elimination of Internet worms using partial immunization ...Internet worms can propagate across networks at terrifying speeds,reduce network security to a remarkable extent,and cause heavy economic losses.Thus,the rapid elimination of Internet worms using partial immunization becomes a significant matter for sustaining Internet infrastructure.This paper addresses this issue by presenting a novel worm susceptible-vaccinated-exposed-infectious-recovered model,named the SVEIR model.The SVEIR model extends the classical susceptible-exposed-infectious-recovered model(refer to SEIR model)through incorporating a saturated incidence rate and a partial immunization rate.The basic reproduction number in the SVEIR model is obtained.By virtue of the basic reproduction number,we prove the global stabilities of an infection-free equilibrium point and a unique endemic equilibrium point.Numerical methods are used to verify the proposed SVEIR model.Simulation results show that partial immunization is highly effective for eliminating worms,and the SVEIR model is viable for controlling and forecasting Internet worms.展开更多
Responding to a need for experimental data on a standard wind tunnel model at high angles of attack in the supersonic speed range, and in the absence of suitable reference data, a series of tests of two HB-2 standard ...Responding to a need for experimental data on a standard wind tunnel model at high angles of attack in the supersonic speed range, and in the absence of suitable reference data, a series of tests of two HB-2 standard models of different sizes was performed in the T-38 trisonic wind tunnel of Vojnotehnickˇi Institut(VTI), in the Mach number range 1.5–4.0, at angles of attack up to+30°. Tests were performed at relatively high Reynolds numbers of 2.2 millions to 4.5 millions(based on model forebody diameter). Results were compared with available low angle of attack data from other facilities, and, as a good agreement was found, it was assumed that, by implication, the obtained high angle of attack results were valid as well. Therefore, the results can be used as a reference database for the HB-2 model at high angles of attack in the supersonic speed range, which was not available before. The results are presented in comparison with available reference data, but also contain data for some Mach numbers not given in other publications.展开更多
With the rapid development of e-commerce, the security issues of collaborative filtering recommender systems have been widely investigated. Malicious users can benefit from injecting a great quantities of fake profile...With the rapid development of e-commerce, the security issues of collaborative filtering recommender systems have been widely investigated. Malicious users can benefit from injecting a great quantities of fake profiles into recommender systems to manipulate recommendation results. As one of the most important attack methods in recommender systems, the shilling attack has been paid considerable attention, especially to its model and the way to detect it. Among them, the loose version of Group Shilling Attack Generation Algorithm (GSAGenl) has outstanding performance. It can be immune to some PCC (Pearson Correlation Coefficient)-based detectors due to the nature of anti-Pearson correlation. In order to overcome the vulnerabilities caused by GSAGenl, a gravitation-based detection model (GBDM) is presented, integrated with a sophisticated gravitational detector and a decider. And meanwhile two new basic attributes and a particle filter algorithm are used for tracking prediction. And then, whether an attack occurs can be judged according to the law of universal gravitation in decision-making. The detection performances of GBDM, HHT-SVM, UnRAP, AP-UnRAP Semi-SAD,SVM-TIA and PCA-P are compared and evaluated. And simulation results show the effectiveness and availability of GBDM.展开更多
Abstract Accurate aerodynamic models are the basis of flight simulation and control law design. Mathematically modeling unsteady aerodynamics at high angles of attack bears great difficulties in model structure determ...Abstract Accurate aerodynamic models are the basis of flight simulation and control law design. Mathematically modeling unsteady aerodynamics at high angles of attack bears great difficulties in model structure determination and parameter estimation due to little understanding of the flow mechanism. Support vector machines (SVMs) based on statistical learning theory provide a novel tool for nonlinear system modeling. The work presented here examines the feasibility of applying SVMs to high angle.-of-attack unsteady aerodynamic modeling field. Mainly, after a review of SVMs, several issues associated with unsteady aerodynamic modeling by use of SVMs are discussed in detail, such as sele, ction of input variables, selection of output variables and determination of SVM parameters. The least squares SVM (LS-SVM) models are set up from certain dynamic wind tunnel test data of a delta wing and an aircraft configuration, and then used to predict the aerodynamic responses in other tests. The predictions are in good agreement with the test data, which indicates the satisfving learning and generalization performance of LS-SVMs.展开更多
Algebraic attack was applied to attack Filter-Combintr model keystreamgenerators. We proposed the technique of function composition to improve the model, and the improvedmodel can resist the algebraic attack. A new cr...Algebraic attack was applied to attack Filter-Combintr model keystreamgenerators. We proposed the technique of function composition to improve the model, and the improvedmodel can resist the algebraic attack. A new criterion for designing Filter-Combiner model was alsoproposed: the total length I. of Linear Finite State Machines used in the model should be largeenough and the degree d of Filter-Combiner function should be approximate [L/2].展开更多
As the density of wireless networks increases globally, the vulnerability of overlapped dense wireless communications to interference by hidden nodes and denial-of-service (DoS) attacks is becoming more apparent. Ther...As the density of wireless networks increases globally, the vulnerability of overlapped dense wireless communications to interference by hidden nodes and denial-of-service (DoS) attacks is becoming more apparent. There exists a gap in research on the detection and response to attacks on Medium Access Control (MAC) mechanisms themselves, which would lead to service outages between nodes. Classifying exploitation and deceptive jamming attacks on control mechanisms is particularly challengingdue to their resemblance to normal heavy communication patterns. Accordingly, this paper proposes a machine learning-based selective attack mitigation model that detects DoS attacks on wireless networks by monitoring packet log data. Based on the type of detected attack, it implements effective corresponding mitigation techniques to restore performance to nodes whose availability has been compromised. Experimental results reveal that the accuracy of the proposed model is 14% higher than that of a baseline anomaly detection model. Further, the appropriate mitigation techniques selected by the proposed system based on the attack type improve the average throughput by more than 440% compared to the case without a response.展开更多
The recent interest in the deployment of Generative AI applications that use large language models (LLMs) has brought to the forefront significant privacy concerns, notably the leakage of Personally Identifiable Infor...The recent interest in the deployment of Generative AI applications that use large language models (LLMs) has brought to the forefront significant privacy concerns, notably the leakage of Personally Identifiable Information (PII) and other confidential or protected information that may have been memorized during training, specifically during a fine-tuning or customization process. We describe different black-box attacks from potential adversaries and study their impact on the amount and type of information that may be recovered from commonly used and deployed LLMs. Our research investigates the relationship between PII leakage, memorization, and factors such as model size, architecture, and the nature of attacks employed. The study utilizes two broad categories of attacks: PII leakage-focused attacks (auto-completion and extraction attacks) and memorization-focused attacks (various membership inference attacks). The findings from these investigations are quantified using an array of evaluative metrics, providing a detailed understanding of LLM vulnerabilities and the effectiveness of different attacks.展开更多
With the increasing prevalence of social networks, more and more social network data are published for many applications, such as social network analysis and data mining. However, this brings privacy problems. For exa...With the increasing prevalence of social networks, more and more social network data are published for many applications, such as social network analysis and data mining. However, this brings privacy problems. For example, adversaries can get sensitive information of some individuals easily with little background knowledge. How to publish social network data for analysis purpose while preserving the privacy of individuals has raised many concerns. Many algorithms have been proposed to address this issue. In this paper, we discuss this privacy problem from two aspects: attack models and countermeasures. We analyse privacy conceres, model the background knowledge that adversary may utilize and review the recently developed attack models. We then survey the state-of-the-art privacy preserving methods in two categories: anonymization methods and differential privacy methods. We also provide research directions in this area.展开更多
模型劫持攻击是一种新型攻击方式,通过植入特定词语,能够隐蔽地控制模型执行与原始任务截然不同的劫持任务,使模型拥有者的训练算力成本增加的同时面临潜在的法律风险。目前,已有研究针对德-英文语言翻译模型探索了这一攻击方式,但在中...模型劫持攻击是一种新型攻击方式,通过植入特定词语,能够隐蔽地控制模型执行与原始任务截然不同的劫持任务,使模型拥有者的训练算力成本增加的同时面临潜在的法律风险。目前,已有研究针对德-英文语言翻译模型探索了这一攻击方式,但在中文自然语言处理(natural language processing,NLP)领域尚属空白。中文语言的独特性使得其面临不同于其他语言环境的安全挑战,因此亟需开发针对中文模型的攻击评估方法。基于上述事实,提出了一种基于中文逻辑词的模型劫持攻击方法Cheater,用于评估中文模型的安全性。Cheater针对中-英文NLP任务,首先使用公共模型对劫持数据进行伪装生成过渡数据,再通过在过渡样本中嵌入中文逻辑词的方式对其进行改造生成毒性数据,最后利用毒性数据完成对目标模型的劫持。实验表明,对于Bart[large]模型,Cheater在0.5%的数据投毒率下攻击成功率可以达到90.2%。展开更多
基金Supperted by the Nation High Technology Research and Development Program of China (863 Program) (No.2002AA001042) and the Tackle Key Problem Program of Sichuan Province (No. 01GG0712)
文摘A color petri net (CPN) based attack modeling approach is addressed. Compared with graph-based modeling, CPN based attack model is flexible enough to model Internet intrusions, because of their static and dynamic features. The processes and rules of building CPN based attack model from attack tree are also presented. In order to evaluate the risk of intrusion, some cost elements are added to CPN based attack modeling. This extended model is useful in intrusion detection and risk evaluation. Experiences show that it is easy to exploit CPN based attack modeling approach to provide the controlling functions, such as intrusion response and intrusion defense. A case study given in this paper shows that CPN based attack model has many unique characters which attack tree model hasn’t.
文摘Based on the analysis for the interception process of ship-to-air missile system to the anti-ship missile stream, the antagonism of ship-to-air missile and anti-ship missile stream was modeled by Monte Carlo method. This model containing the probability of acquiring anti-ship missile, threat estimation, firepower distribution, interception, effectiveness evaluation and firepower turning, can dynamically simulate the antagonism process of anti-ship missile attack stream and anti-air missile weapon system. The anti-ship missile's saturation attack stream for different ship-to-air missile systems can be calculated quantitatively. The simulated results reveal the relations among the anti-ship missile saturation attack and the attack intensity of anti-ship missile, interception mode and the main parameters of anti-air missile weapon system. It provides a theoretical basis for the effective operation of anti-ship missile.
基金This work is supported by the National Natural Science Foundation of China(Nos.61272541,61572170)Natural Science Foundation of Hebei Province of China(Nos.F2015205157,F2016205023)+1 种基金Natural Science Foundation of Hebei Normal University(No.L2015Z08)Educational Commission of Hebei Province of China(No.QN2014165).
文摘Internet worms can propagate across networks at terrifying speeds,reduce network security to a remarkable extent,and cause heavy economic losses.Thus,the rapid elimination of Internet worms using partial immunization becomes a significant matter for sustaining Internet infrastructure.This paper addresses this issue by presenting a novel worm susceptible-vaccinated-exposed-infectious-recovered model,named the SVEIR model.The SVEIR model extends the classical susceptible-exposed-infectious-recovered model(refer to SEIR model)through incorporating a saturated incidence rate and a partial immunization rate.The basic reproduction number in the SVEIR model is obtained.By virtue of the basic reproduction number,we prove the global stabilities of an infection-free equilibrium point and a unique endemic equilibrium point.Numerical methods are used to verify the proposed SVEIR model.Simulation results show that partial immunization is highly effective for eliminating worms,and the SVEIR model is viable for controlling and forecasting Internet worms.
基金supported by the Military Technical Institute(VTI)and Ministry of Education,Science and Technological Development of Serbia(No.TP 36050)
文摘Responding to a need for experimental data on a standard wind tunnel model at high angles of attack in the supersonic speed range, and in the absence of suitable reference data, a series of tests of two HB-2 standard models of different sizes was performed in the T-38 trisonic wind tunnel of Vojnotehnickˇi Institut(VTI), in the Mach number range 1.5–4.0, at angles of attack up to+30°. Tests were performed at relatively high Reynolds numbers of 2.2 millions to 4.5 millions(based on model forebody diameter). Results were compared with available low angle of attack data from other facilities, and, as a good agreement was found, it was assumed that, by implication, the obtained high angle of attack results were valid as well. Therefore, the results can be used as a reference database for the HB-2 model at high angles of attack in the supersonic speed range, which was not available before. The results are presented in comparison with available reference data, but also contain data for some Mach numbers not given in other publications.
基金supported by the National Natural Science Foundation of P.R.China(No.61672297)the Key Research and Development Program of Jiangsu Province(Social Development Program,No.BE2017742)+1 种基金The Sixth Talent Peaks Project of Jiangsu Province(No.DZXX-017)Jiangsu Natural Science Foundation for Excellent Young Scholar(No.BK20160089)
文摘With the rapid development of e-commerce, the security issues of collaborative filtering recommender systems have been widely investigated. Malicious users can benefit from injecting a great quantities of fake profiles into recommender systems to manipulate recommendation results. As one of the most important attack methods in recommender systems, the shilling attack has been paid considerable attention, especially to its model and the way to detect it. Among them, the loose version of Group Shilling Attack Generation Algorithm (GSAGenl) has outstanding performance. It can be immune to some PCC (Pearson Correlation Coefficient)-based detectors due to the nature of anti-Pearson correlation. In order to overcome the vulnerabilities caused by GSAGenl, a gravitation-based detection model (GBDM) is presented, integrated with a sophisticated gravitational detector and a decider. And meanwhile two new basic attributes and a particle filter algorithm are used for tracking prediction. And then, whether an attack occurs can be judged according to the law of universal gravitation in decision-making. The detection performances of GBDM, HHT-SVM, UnRAP, AP-UnRAP Semi-SAD,SVM-TIA and PCA-P are compared and evaluated. And simulation results show the effectiveness and availability of GBDM.
文摘Abstract Accurate aerodynamic models are the basis of flight simulation and control law design. Mathematically modeling unsteady aerodynamics at high angles of attack bears great difficulties in model structure determination and parameter estimation due to little understanding of the flow mechanism. Support vector machines (SVMs) based on statistical learning theory provide a novel tool for nonlinear system modeling. The work presented here examines the feasibility of applying SVMs to high angle.-of-attack unsteady aerodynamic modeling field. Mainly, after a review of SVMs, several issues associated with unsteady aerodynamic modeling by use of SVMs are discussed in detail, such as sele, ction of input variables, selection of output variables and determination of SVM parameters. The least squares SVM (LS-SVM) models are set up from certain dynamic wind tunnel test data of a delta wing and an aircraft configuration, and then used to predict the aerodynamic responses in other tests. The predictions are in good agreement with the test data, which indicates the satisfving learning and generalization performance of LS-SVMs.
文摘Algebraic attack was applied to attack Filter-Combintr model keystreamgenerators. We proposed the technique of function composition to improve the model, and the improvedmodel can resist the algebraic attack. A new criterion for designing Filter-Combiner model was alsoproposed: the total length I. of Linear Finite State Machines used in the model should be largeenough and the degree d of Filter-Combiner function should be approximate [L/2].
基金supported by the Ministry of Trade,Industry and Energy(MOTIE)under Training Industrial Security Specialist for High-Tech Industry(RS-2024-00415520)supervised by the Korea Institute for Advancement of Technology(KIAT)the Ministry of Science and ICT(MSIT)under the ICT Challenge and Advanced Network of HRD(ICAN)Program(No.IITP-2022-RS-2022-00156310)supervised by the Institute of Information&Communication Technology Planning&Evaluation(IITP).
文摘As the density of wireless networks increases globally, the vulnerability of overlapped dense wireless communications to interference by hidden nodes and denial-of-service (DoS) attacks is becoming more apparent. There exists a gap in research on the detection and response to attacks on Medium Access Control (MAC) mechanisms themselves, which would lead to service outages between nodes. Classifying exploitation and deceptive jamming attacks on control mechanisms is particularly challengingdue to their resemblance to normal heavy communication patterns. Accordingly, this paper proposes a machine learning-based selective attack mitigation model that detects DoS attacks on wireless networks by monitoring packet log data. Based on the type of detected attack, it implements effective corresponding mitigation techniques to restore performance to nodes whose availability has been compromised. Experimental results reveal that the accuracy of the proposed model is 14% higher than that of a baseline anomaly detection model. Further, the appropriate mitigation techniques selected by the proposed system based on the attack type improve the average throughput by more than 440% compared to the case without a response.
文摘The recent interest in the deployment of Generative AI applications that use large language models (LLMs) has brought to the forefront significant privacy concerns, notably the leakage of Personally Identifiable Information (PII) and other confidential or protected information that may have been memorized during training, specifically during a fine-tuning or customization process. We describe different black-box attacks from potential adversaries and study their impact on the amount and type of information that may be recovered from commonly used and deployed LLMs. Our research investigates the relationship between PII leakage, memorization, and factors such as model size, architecture, and the nature of attacks employed. The study utilizes two broad categories of attacks: PII leakage-focused attacks (auto-completion and extraction attacks) and memorization-focused attacks (various membership inference attacks). The findings from these investigations are quantified using an array of evaluative metrics, providing a detailed understanding of LLM vulnerabilities and the effectiveness of different attacks.
文摘With the increasing prevalence of social networks, more and more social network data are published for many applications, such as social network analysis and data mining. However, this brings privacy problems. For example, adversaries can get sensitive information of some individuals easily with little background knowledge. How to publish social network data for analysis purpose while preserving the privacy of individuals has raised many concerns. Many algorithms have been proposed to address this issue. In this paper, we discuss this privacy problem from two aspects: attack models and countermeasures. We analyse privacy conceres, model the background knowledge that adversary may utilize and review the recently developed attack models. We then survey the state-of-the-art privacy preserving methods in two categories: anonymization methods and differential privacy methods. We also provide research directions in this area.
文摘模型劫持攻击是一种新型攻击方式,通过植入特定词语,能够隐蔽地控制模型执行与原始任务截然不同的劫持任务,使模型拥有者的训练算力成本增加的同时面临潜在的法律风险。目前,已有研究针对德-英文语言翻译模型探索了这一攻击方式,但在中文自然语言处理(natural language processing,NLP)领域尚属空白。中文语言的独特性使得其面临不同于其他语言环境的安全挑战,因此亟需开发针对中文模型的攻击评估方法。基于上述事实,提出了一种基于中文逻辑词的模型劫持攻击方法Cheater,用于评估中文模型的安全性。Cheater针对中-英文NLP任务,首先使用公共模型对劫持数据进行伪装生成过渡数据,再通过在过渡样本中嵌入中文逻辑词的方式对其进行改造生成毒性数据,最后利用毒性数据完成对目标模型的劫持。实验表明,对于Bart[large]模型,Cheater在0.5%的数据投毒率下攻击成功率可以达到90.2%。
