A definition of self-determined priority is used in airfight decision firstly. A scheme of grouping the whole fighters is introduced, and the principle of target assignment and fire control is designed. Based on the ...A definition of self-determined priority is used in airfight decision firstly. A scheme of grouping the whole fighters is introduced, and the principle of target assignment and fire control is designed. Based on the neutral network, the decision algorithm is derived and the whole coordinated decision system is simulated. Secondly an algorithm for missile-attacking area is described and its calculational result is obtained under initial conditions. Then the attacking of missile is realized by the proportion guidance. Finally, a multi-target attack system. The system includes airfight decision, estimation of missile attack area and calculation of missile attack procedure. A digital simulation demonstrates that the airfight decision algorithm is correct. The methods have important reference values for the study of fire control system of the fourth generation fighter.展开更多
Deep neural networks(DNNs)are widely adopted in daily life and the security problems of DNNs have drawn attention from both scientific researchers and industrial engineers.Many related works show that DNNs are vulnera...Deep neural networks(DNNs)are widely adopted in daily life and the security problems of DNNs have drawn attention from both scientific researchers and industrial engineers.Many related works show that DNNs are vulnerable to adversarial examples that are generated with subtle perturbation to original images in both digital domain and physical domain.As a most common application of DNNs,face recognition systems are likely to cause serious consequences if they are attacked by the adversarial examples.In this paper,we implement an adversarial attack system for face recognition in both digital domain that generates adversarial face images to fool the recognition system,and physical domain that generates customized glasses to fool the system when a person wears the glasses.Experiments show that our system attacks face recognition systems effectively.Furthermore,our system could misguide the recognition system to identify a person wearing the customized glasses as a certain target.We hope this research could help raise the attention of artificial intelligence security and promote building robust recognition systems.展开更多
This paper addresses the consensus problem of nonlinear multi-agent systems subject to external disturbances and uncertainties under denial-ofservice(DoS)attacks.Firstly,an observer-based state feedback control method...This paper addresses the consensus problem of nonlinear multi-agent systems subject to external disturbances and uncertainties under denial-ofservice(DoS)attacks.Firstly,an observer-based state feedback control method is employed to achieve secure control by estimating the system's state in real time.Secondly,by combining a memory-based adaptive eventtriggered mechanism with neural networks,the paper aims to approximate the nonlinear terms in the networked system and efficiently conserve system resources.Finally,based on a two-degree-of-freedom model of a vehicle affected by crosswinds,this paper constructs a multi-unmanned ground vehicle(Multi-UGV)system to validate the effectiveness of the proposed method.Simulation results show that the proposed control strategy can effectively handle external disturbances such as crosswinds in practical applications,ensuring the stability and reliable operation of the Multi-UGV system.展开更多
This paper investigates the problem of optimal secure control for networked control systems under hybrid attacks.A control strategy based on the Stackelberg game framework is proposed,which differs from conventional m...This paper investigates the problem of optimal secure control for networked control systems under hybrid attacks.A control strategy based on the Stackelberg game framework is proposed,which differs from conventional methods by considering both denial-of-service(DoS)and false data injection(FDI)attacks simultaneously.Additionally,the stability conditions for the system under these hybrid attacks are established.It is technically challenging to design the control strategy by predicting attacker actions based on Stcakelberg game to ensure the system stability under hybrid attacks.Another technical difficulty lies in establishing the conditions for mean-square asymptotic stability due to the complexity of the attack scenarios Finally,simulations on an unstable batch reactor system under hybrid attacks demonstrate the effectiveness of the proposed strategy.展开更多
Dear Editor,The attacker is always going to intrude covertly networked control systems(NCSs)by dynamically changing false data injection attacks(FDIAs)strategy,while the defender try their best to resist attacks by de...Dear Editor,The attacker is always going to intrude covertly networked control systems(NCSs)by dynamically changing false data injection attacks(FDIAs)strategy,while the defender try their best to resist attacks by designing defense strategy on the basis of identifying attack strategy,maintaining stable operation of NCSs.To solve this attack-defense game problem,this letter investigates optimal secure control of NCSs under FDIAs.First,for the alterations of energy caused by false data,a novel attack-defense game model is constructed,which considers the changes of energy caused by the actions of the defender and attacker in the forward and feedback channels.展开更多
In this paper, the attack detection problem is investigated for a class of closed-loop systems subjected to unknownbutbounded noises in the presence of stealthy attacks. The measurement outputs from the sensors are qu...In this paper, the attack detection problem is investigated for a class of closed-loop systems subjected to unknownbutbounded noises in the presence of stealthy attacks. The measurement outputs from the sensors are quantized before transmission.A specific type of perfect stealthy attack, which meets certain rather stringent conditions, is taken into account. Such attacks could be injected by adversaries into both the sensor-toestimator and controller-to-actuator channels, with the aim of disrupting the normal data flow. For the purpose of defending against these perfect stealthy attacks, a novel scheme based on watermarks is developed. This scheme includes the injection of watermarks(applied to data prior to quantization) and the recovery of data(implemented before the data reaches the estimator).The watermark-based scheme is designed to be both timevarying and hidden from adversaries through incorporating a time-varying and bounded watermark signal. Subsequently, a watermark-based attack detection strategy is proposed which thoroughly considers the characteristics of perfect stealthy attacks,thereby ensuring that an alarm is activated upon the occurrence of such attacks. An example is provided to demonstrate the efficacy of the proposed mechanism for detecting attacks.展开更多
This paper explores security risks in state estimation based on multi-sensor systems that implement a Kalman filter and aχ^(2) detector.When measurements are transmitted via wireless networks to a remote estimator,th...This paper explores security risks in state estimation based on multi-sensor systems that implement a Kalman filter and aχ^(2) detector.When measurements are transmitted via wireless networks to a remote estimator,the innovation sequence becomes susceptible to interception and manipulation by adversaries.We consider a class of linear deception attacks,wherein the attacker alters the innovation to degrade estimation accuracy while maintaining stealth against the detector.Given the inherent volatility of the detection function based on theχ^(2) detector,we propose broadening the traditional feasibility constraint to accommodate a certain degree of deviation from the distribution of the innovation.This broadening enables the design of stealthy attacks that exploit the tolerance inherent in the detection mechanism.The state estimation error is quantified and analyzed by deriving the iteration of the error covariance matrix of the remote estimator under these conditions.The selected degree of deviation is combined with the error covariance to establish the objective function and the attack scheme is acquired by solving an optimization problem.Furthermore,we propose a novel detection algorithm that employs a majority-voting mechanism to determine whether the system is under attack,with decision parameters dynamically adjusted in response to system behavior.This approach enhances sensitivity to stealthy and persistent attacks without increasing the false alarm rate.Simulation results show that the designed leads to about a 41%rise in the trace of error covariance for stable systems and 29%for unstable systems,significantly impairing estimation performance.Concurrently,the proposed detection algorithm enhances the attack detection rate by 33%compared to conventional methods.展开更多
This paper investigates set-valued state estimation of nonlinear systems with unknown-but-bounded(UBB)noises based on constrained polynomial zonotopes which is utilized to characterize non-convex sets.First,properties...This paper investigates set-valued state estimation of nonlinear systems with unknown-but-bounded(UBB)noises based on constrained polynomial zonotopes which is utilized to characterize non-convex sets.First,properties of constrained polynomial zonotopes are provided and the order reduction method is given to reduce the computational complexity.Then,the corresponding improved prediction-update algorithm is proposed so that it can be adapted to non-convex sets.Based on generalized intersection,the utilization of set-based estimation for attack detection is analyzed.Finally,an example is given to show the efficiency of our results.展开更多
Dear Editor,The letter deals with the distributed state and fault estimation of the whole physical layer for cyber-physical systems(CPSs) when the cyber layer suffers from DoS attacks. With the advancement of embedded...Dear Editor,The letter deals with the distributed state and fault estimation of the whole physical layer for cyber-physical systems(CPSs) when the cyber layer suffers from DoS attacks. With the advancement of embedded computing, communication and related hardware technologies, CPSs have attracted extensive attention and have been widely used in power system, traffic network, refrigeration system and other fields.展开更多
Cyber-physical systems(CPSs)are increasingly vulnerable to cyber-attacks due to their integral connection between cyberspace and the physical world,which is augmented by Internet connectivity.This vulnerability necess...Cyber-physical systems(CPSs)are increasingly vulnerable to cyber-attacks due to their integral connection between cyberspace and the physical world,which is augmented by Internet connectivity.This vulnerability necessitates a heightened focus on developing resilient control mechanisms for CPSs.However,current observer-based active compensation resilient controllers exhibit poor performance against stealthy deception attacks(SDAs)due to the difficulty in accurately reconstructing system states because of the stealthy nature of these attacks.Moreover,some non-active compensation approaches are insufficient when there is a complete loss of actuator control authority.To address these issues,we introduce a novel learning-based passive resilient controller(LPRC).Our approach,unlike observer-based state reconstruction,shows enhanced effectiveness in countering SDAs.We developed a safety state set,represented by an ellipsoid,to ensure CPS stability under SDA conditions,maintaining system trajectories within this set.Additionally,by employing deep reinforcement learning(DRL),the LPRC acquires the capacity to adapt and diverse evolving attack strategies.To empirically substantiate our methodology,various attack methods were compared with current passive and active compensation resilient control methods to evaluate their performance.展开更多
This research paper tackles the complexities of achieving global fuzzy consensus in leader-follower systems in robotic systems,focusing on robust control systems against an advanced signal attack that integrates senso...This research paper tackles the complexities of achieving global fuzzy consensus in leader-follower systems in robotic systems,focusing on robust control systems against an advanced signal attack that integrates sensor and actuator disturbances within the dynamics of follower robots.Each follower robot has unknown dynamics and control inputs,which expose it to the risks of both sensor and actuator attacks.The leader robot,described by a secondorder,time-varying nonlinear model,transmits its position,velocity,and acceleration information to follower robots through a wireless connection.To handle the complex setup and communication among robots in the network,we design a robust hybrid distributed adaptive control strategy combining the effect of sensor and actuator attack,which ensures asymptotic consensus,extending beyond conventional bounded consensus results.The proposed framework employs fuzzy logic systems(FLSs)as proactive controllers to estimate unknown nonlinear behaviors,while also effectively managing sensor and actuator attacks,ensuring stable consensus among all agents.To counter the impact of the combined signal attack on follower dynamics,a specialized robust control mechanism is designed,sustaining system stability and performance under adversarial conditions.The efficiency of this control strategy is demonstrated through simulations conducted across two different directed communication topologies,underscoring the protocol’s adaptability,resilience,and effectiveness in maintaining global consensus under complex attack scenarios.展开更多
This paper proposes a model-based control framework for vehicle platooning systems with secondorder nonlinear dynamics operating over switching signed networks,time-varying delays,and deception attacks.The study inclu...This paper proposes a model-based control framework for vehicle platooning systems with secondorder nonlinear dynamics operating over switching signed networks,time-varying delays,and deception attacks.The study includes two configurations:a leaderless structure using Finite-Time Non-Singular Terminal Bipartite Consensus(FNTBC)and Fixed-Time Bipartite Consensus(FXTBC),and a leader—follower structure ensuring structural balance and robustness against deceptive signals.In the leaderless model,a bipartite controller based on impulsive control theory,gauge transformation,and Markovian switching Lyapunov functions ensures mean-square stability and coordination under deception attacks and communication delays.The FNTBC achieves finite-time convergence depending on initial conditions,while the FXTBC guarantees fixed-time convergence independent of them,providing adaptability to different operating states.In the leader—follower case,a discontinuous impulsive control law synchronizes all followers with the leader despite deceptive attacks and switching topologies,maintaining robust coordination through nonlinear corrective mechanisms.To validate the approach,simulations are conducted on systems of five and seventeen vehicles in both leaderless and leader—follower configurations.The results demonstrate that the proposed framework achieves rapid consensus,strong robustness,and high resistance to deception attacks,offering a secure and scalable model-based control solution for modern vehicular communication networks.展开更多
A security issue with multi-sensor unmanned aerial vehicle(UAV)cyber physical systems(CPS)from the viewpoint of a false data injection(FDI)attacker is investigated in this paper.The FDI attacker can employ attacks on ...A security issue with multi-sensor unmanned aerial vehicle(UAV)cyber physical systems(CPS)from the viewpoint of a false data injection(FDI)attacker is investigated in this paper.The FDI attacker can employ attacks on feedback and feed-forward channels simultaneously with limited resource.The attacker aims at degrading the UAV CPS's estimation performance to the max while keeping stealthiness characterized by the Kullback-Leibler(K-L)divergence.The attacker is resource limited which can only attack part of sensors,and the attacked sensor as well as specific forms of attack signals at each instant should be considered by the attacker.Also,the sensor selection principle is investigated with respect to time invariant attack covariances.Additionally,the optimal switching attack strategies in regard to time variant attack covariances are modeled as a multi-agent Markov decision process(MDP)with hybrid discrete-continuous action space.Then,the multi-agent MDP is solved by utilizing the deep Multi-agent parameterized Q-networks(MAPQN)method.Ultimately,a quadrotor near hover system is used to validate the effectiveness of the results in the simulation section.展开更多
The surge in smishing attacks underscores the urgent need for robust,real-time detection systems powered by advanced deep learning models.This paper introduces PhishNet,a novel ensemble learning framework that integra...The surge in smishing attacks underscores the urgent need for robust,real-time detection systems powered by advanced deep learning models.This paper introduces PhishNet,a novel ensemble learning framework that integrates transformer-based models(RoBERTa)and large language models(LLMs)(GPT-OSS 120B,LLaMA3.370B,and Qwen332B)to enhance smishing detection performance significantly.To mitigate class imbalance,we apply synthetic data augmentation using T5 and leverage various text preprocessing techniques.Our system employs a duallayer voting mechanism:weighted majority voting among LLMs and a final ensemble vote to classify messages as ham,spam,or smishing.Experimental results show an average accuracy improvement from 96%to 98.5%compared to the best standalone transformer,and from 93%to 98.5%when compared to LLMs across datasets.Furthermore,we present a real-time,user-friendly application to operationalize our detection model for practical use.PhishNet demonstrates superior scalability,usability,and detection accuracy,filling critical gaps in current smishing detection methodologies.展开更多
Zero-click attacks represent an advanced cybersecurity threat,capable of compromising devices without user interaction.High-profile examples such as Pegasus,Simjacker,Bluebugging,and Bluesnarfing exploit hidden vulner...Zero-click attacks represent an advanced cybersecurity threat,capable of compromising devices without user interaction.High-profile examples such as Pegasus,Simjacker,Bluebugging,and Bluesnarfing exploit hidden vulnerabilities in software and communication protocols to silently gain access,exfiltrate data,and enable long-term surveillance.Their stealth and ability to evade traditional defenses make detection and mitigation highly challenging.This paper addresses these threats by systematically mapping the tactics and techniques of zero-click attacks using the MITRE ATT&CK framework,a widely adopted standard for modeling adversarial behavior.Through this mapping,we categorize real-world attack vectors and better understand how such attacks operate across the cyber-kill chain.To support threat detection efforts,we propose an Active Learning-based method to efficiently label the Pegasus spyware dataset in alignment with the MITRE ATT&CK framework.This approach reduces the effort of manually annotating data while improving the quality of the labeled data,which is essential to train robust cybersecurity models.In addition,our analysis highlights the structured execution paths of zero-click attacks and reveals gaps in current defense strategies.The findings emphasize the importance of forward-looking strategies such as continuous surveillance,dynamic threat profiling,and security education.By bridging zero-click attack analysis with the MITRE ATT&CK framework and leveraging machine learning for dataset annotation,this work provides a foundation for more accurate threat detection and the development of more resilient and structured cybersecurity frameworks.展开更多
With the increasing emphasis on personal information protection,encryption through security protocols has emerged as a critical requirement in data transmission and reception processes.Nevertheless,IoT ecosystems comp...With the increasing emphasis on personal information protection,encryption through security protocols has emerged as a critical requirement in data transmission and reception processes.Nevertheless,IoT ecosystems comprise heterogeneous networks where outdated systems coexist with the latest devices,spanning a range of devices from non-encrypted ones to fully encrypted ones.Given the limited visibility into payloads in this context,this study investigates AI-based attack detection methods that leverage encrypted traffic metadata,eliminating the need for decryption and minimizing system performance degradation—especially in light of these heterogeneous devices.Using the UNSW-NB15 and CICIoT-2023 dataset,encrypted and unencrypted traffic were categorized according to security protocol,and AI-based intrusion detection experiments were conducted for each traffic type based on metadata.To mitigate the problem of class imbalance,eight different data sampling techniques were applied.The effectiveness of these sampling techniques was then comparatively analyzed using two ensemble models and three Deep Learning(DL)models from various perspectives.The experimental results confirmed that metadata-based attack detection is feasible using only encrypted traffic.In the UNSW-NB15 dataset,the f1-score of encrypted traffic was approximately 0.98,which is 4.3%higher than that of unencrypted traffic(approximately 0.94).In addition,analysis of the encrypted traffic in the CICIoT-2023 dataset using the same method showed a significantly lower f1-score of roughly 0.43,indicating that the quality of the dataset and the preprocessing approach have a substantial impact on detection performance.Furthermore,when data sampling techniques were applied to encrypted traffic,the recall in the UNSWNB15(Encrypted)dataset improved by up to 23.0%,and in the CICIoT-2023(Encrypted)dataset by 20.26%,showing a similar level of improvement.Notably,in CICIoT-2023,f1-score and Receiver Operation Characteristic-Area Under the Curve(ROC-AUC)increased by 59.0%and 55.94%,respectively.These results suggest that data sampling can have a positive effect even in encrypted environments.However,the extent of the improvement may vary depending on data quality,model architecture,and sampling strategy.展开更多
Graph Neural Networks(GNNs)have proven highly effective for graph classification across diverse fields such as social networks,bioinformatics,and finance,due to their capability to learn complex graph structures.Howev...Graph Neural Networks(GNNs)have proven highly effective for graph classification across diverse fields such as social networks,bioinformatics,and finance,due to their capability to learn complex graph structures.However,despite their success,GNNs remain vulnerable to adversarial attacks that can significantly degrade their classification accuracy.Existing adversarial attack strategies primarily rely on label information to guide the attacks,which limits their applicability in scenarios where such information is scarce or unavailable.This paper introduces an innovative unsupervised attack method for graph classification,which operates without relying on label information,thereby enhancing its applicability in a broad range of scenarios.Specifically,our method first leverages a graph contrastive learning loss to learn high-quality graph embeddings by comparing different stochastic augmented views of the graphs.To effectively perturb the graphs,we then introduce an implicit estimator that measures the impact of various modifications on graph structures.The proposed strategy identifies and flips edges with the top-K highest scores,determined by the estimator,to maximize the degradation of the model’s performance.In addition,to defend against such attack,we propose a lightweight regularization-based defense mechanism that is specifically tailored to mitigate the structural perturbations introduced by our attack strategy.It enhances model robustness by enforcing embedding consistency and edge-level smoothness during training.We conduct experiments on six public TU graph classification datasets:NCI1,NCI109,Mutagenicity,ENZYMES,COLLAB,and DBLP_v1,to evaluate the effectiveness of our attack and defense strategies.Under an attack budget of 3,the maximum reduction in model accuracy reaches 6.67%on the Graph Convolutional Network(GCN)and 11.67%on the Graph Attention Network(GAT)across different datasets,indicating that our unsupervised method induces degradation comparable to state-of-the-art supervised attacks.Meanwhile,our defense achieves the highest accuracy recovery of 3.89%(GCN)and 5.00%(GAT),demonstrating improved robustness against structural perturbations.展开更多
Transformer-based models have significantly advanced binary code similarity detection(BCSD)by leveraging their semantic encoding capabilities for efficient function matching across diverse compilation settings.Althoug...Transformer-based models have significantly advanced binary code similarity detection(BCSD)by leveraging their semantic encoding capabilities for efficient function matching across diverse compilation settings.Although adversarial examples can strategically undermine the accuracy of BCSD models and protect critical code,existing techniques predominantly depend on inserting artificial instructions,which incur high computational costs and offer limited diversity of perturbations.To address these limitations,we propose AIMA,a novel gradient-guided assembly instruction relocation method.Our method decouples the detection model into tokenization,embedding,and encoding layers to enable efficient gradient computation.Since token IDs of instructions are discrete and nondifferentiable,we compute gradients in the continuous embedding space to evaluate the influence of each token.The most critical tokens are identified by calculating the L2 norm of their embedding gradients.We then establish a mapping between instructions and their corresponding tokens to aggregate token-level importance into instructionlevel significance.To maximize adversarial impact,a sliding window algorithm selects the most influential contiguous segments for relocation,ensuring optimal perturbation with minimal length.This approach efficiently locates critical code regions without expensive search operations.The selected segments are relocated outside their original function boundaries via a jump mechanism,which preserves runtime control flow and functionality while introducing“deletion”effects in the static instruction sequence.Extensive experiments show that AIMA reduces similarity scores by up to 35.8%in state-of-the-art BCSD models.When incorporated into training data,it also enhances model robustness,achieving a 5.9%improvement in AUROC.展开更多
The exponential growth of the Internet of Things(IoT)has introduced significant security challenges,with zero-day attacks emerging as one of the most critical and challenging threats.Traditional Machine Learning(ML)an...The exponential growth of the Internet of Things(IoT)has introduced significant security challenges,with zero-day attacks emerging as one of the most critical and challenging threats.Traditional Machine Learning(ML)and Deep Learning(DL)techniques have demonstrated promising early detection capabilities.However,their effectiveness is limited when handling the vast volumes of IoT-generated data due to scalability constraints,high computational costs,and the costly time-intensive process of data labeling.To address these challenges,this study proposes a Federated Learning(FL)framework that leverages collaborative and hybrid supervised learning to enhance cyber threat detection in IoT networks.By employing Deep Neural Networks(DNNs)and decentralized model training,the approach reduces computational complexity while improving detection accuracy.The proposed model demonstrates robust performance,achieving accuracies of 94.34%,99.95%,and 87.94%on the publicly available kitsune,Bot-IoT,and UNSW-NB15 datasets,respectively.Furthermore,its ability to detect zero-day attacks is validated through evaluations on two additional benchmark datasets,TON-IoT and IoT-23,using a Deep Federated Learning(DFL)framework,underscoring the generalization and effectiveness of the model in heterogeneous and decentralized IoT environments.Experimental results demonstrate superior performance over existing methods,establishing the proposed framework as an efficient and scalable solution for IoT security.展开更多
A cyber physical system(CPS)is a complex system that integrates sensing,computation,control and networking into physical processes and objects over Internet.It plays a key role in modern industry since it connects phy...A cyber physical system(CPS)is a complex system that integrates sensing,computation,control and networking into physical processes and objects over Internet.It plays a key role in modern industry since it connects physical and cyber worlds.In order to meet ever-changing industrial requirements,its structures and functions are constantly improved.Meanwhile,new security issues have arisen.A ubiquitous problem is the fact that cyber attacks can cause significant damage to industrial systems,and thus has gained increasing attention from researchers and practitioners.This paper presents a survey of state-of-the-art results of cyber attacks on cyber physical systems.First,as typical system models are employed to study these systems,time-driven and event-driven systems are reviewed.Then,recent advances on three types of attacks,i.e.,those on availability,integrity,and confidentiality are discussed.In particular,the detailed studies on availability and integrity attacks are introduced from the perspective of attackers and defenders.Namely,both attack and defense strategies are discussed based on different system models.Some challenges and open issues are indicated to guide future research and inspire the further exploration of this increasingly important area.展开更多
文摘A definition of self-determined priority is used in airfight decision firstly. A scheme of grouping the whole fighters is introduced, and the principle of target assignment and fire control is designed. Based on the neutral network, the decision algorithm is derived and the whole coordinated decision system is simulated. Secondly an algorithm for missile-attacking area is described and its calculational result is obtained under initial conditions. Then the attacking of missile is realized by the proportion guidance. Finally, a multi-target attack system. The system includes airfight decision, estimation of missile attack area and calculation of missile attack procedure. A digital simulation demonstrates that the airfight decision algorithm is correct. The methods have important reference values for the study of fire control system of the fourth generation fighter.
基金This work is supported in part by the National Natural Science Foundation of China under Grant 61902082,U1636215the Guangdong Province Key research and Development Plan under Grant 2019B010136003.
文摘Deep neural networks(DNNs)are widely adopted in daily life and the security problems of DNNs have drawn attention from both scientific researchers and industrial engineers.Many related works show that DNNs are vulnerable to adversarial examples that are generated with subtle perturbation to original images in both digital domain and physical domain.As a most common application of DNNs,face recognition systems are likely to cause serious consequences if they are attacked by the adversarial examples.In this paper,we implement an adversarial attack system for face recognition in both digital domain that generates adversarial face images to fool the recognition system,and physical domain that generates customized glasses to fool the system when a person wears the glasses.Experiments show that our system attacks face recognition systems effectively.Furthermore,our system could misguide the recognition system to identify a person wearing the customized glasses as a certain target.We hope this research could help raise the attention of artificial intelligence security and promote building robust recognition systems.
基金The National Natural Science Foundation of China(W2431048)The Science and Technology Research Program of Chongqing Municipal Education Commission,China(KJZDK202300807)The Chongqing Natural Science Foundation,China(CSTB2024NSCQQCXMX0052).
文摘This paper addresses the consensus problem of nonlinear multi-agent systems subject to external disturbances and uncertainties under denial-ofservice(DoS)attacks.Firstly,an observer-based state feedback control method is employed to achieve secure control by estimating the system's state in real time.Secondly,by combining a memory-based adaptive eventtriggered mechanism with neural networks,the paper aims to approximate the nonlinear terms in the networked system and efficiently conserve system resources.Finally,based on a two-degree-of-freedom model of a vehicle affected by crosswinds,this paper constructs a multi-unmanned ground vehicle(Multi-UGV)system to validate the effectiveness of the proposed method.Simulation results show that the proposed control strategy can effectively handle external disturbances such as crosswinds in practical applications,ensuring the stability and reliable operation of the Multi-UGV system.
基金supported in part by Shanghai Rising-Star Program,China under grant 22QA1409400in part by National Natural Science Foundation of China under grant 62473287 and 62088101in part by Shanghai Municipal Science and Technology Major Project under grant 2021SHZDZX0100.
文摘This paper investigates the problem of optimal secure control for networked control systems under hybrid attacks.A control strategy based on the Stackelberg game framework is proposed,which differs from conventional methods by considering both denial-of-service(DoS)and false data injection(FDI)attacks simultaneously.Additionally,the stability conditions for the system under these hybrid attacks are established.It is technically challenging to design the control strategy by predicting attacker actions based on Stcakelberg game to ensure the system stability under hybrid attacks.Another technical difficulty lies in establishing the conditions for mean-square asymptotic stability due to the complexity of the attack scenarios Finally,simulations on an unstable batch reactor system under hybrid attacks demonstrate the effectiveness of the proposed strategy.
基金supported in part by the National Science Foundation of China(62373240,62273224,U24A20259).
文摘Dear Editor,The attacker is always going to intrude covertly networked control systems(NCSs)by dynamically changing false data injection attacks(FDIAs)strategy,while the defender try their best to resist attacks by designing defense strategy on the basis of identifying attack strategy,maintaining stable operation of NCSs.To solve this attack-defense game problem,this letter investigates optimal secure control of NCSs under FDIAs.First,for the alterations of energy caused by false data,a novel attack-defense game model is constructed,which considers the changes of energy caused by the actions of the defender and attacker in the forward and feedback channels.
基金supported in part by the National Natural Science Foundation of China(61933007,62273087,62273088,U21A2019)the Shanghai Pujiang Program of China(22PJ1400400)+2 种基金the Hainan Province Science and Technology Special Fund of China(ZDYF2022SHFZ105)the Royal Society of U.K.the Alexander von Humboldt Foundation of Germany
文摘In this paper, the attack detection problem is investigated for a class of closed-loop systems subjected to unknownbutbounded noises in the presence of stealthy attacks. The measurement outputs from the sensors are quantized before transmission.A specific type of perfect stealthy attack, which meets certain rather stringent conditions, is taken into account. Such attacks could be injected by adversaries into both the sensor-toestimator and controller-to-actuator channels, with the aim of disrupting the normal data flow. For the purpose of defending against these perfect stealthy attacks, a novel scheme based on watermarks is developed. This scheme includes the injection of watermarks(applied to data prior to quantization) and the recovery of data(implemented before the data reaches the estimator).The watermark-based scheme is designed to be both timevarying and hidden from adversaries through incorporating a time-varying and bounded watermark signal. Subsequently, a watermark-based attack detection strategy is proposed which thoroughly considers the characteristics of perfect stealthy attacks,thereby ensuring that an alarm is activated upon the occurrence of such attacks. An example is provided to demonstrate the efficacy of the proposed mechanism for detecting attacks.
文摘This paper explores security risks in state estimation based on multi-sensor systems that implement a Kalman filter and aχ^(2) detector.When measurements are transmitted via wireless networks to a remote estimator,the innovation sequence becomes susceptible to interception and manipulation by adversaries.We consider a class of linear deception attacks,wherein the attacker alters the innovation to degrade estimation accuracy while maintaining stealth against the detector.Given the inherent volatility of the detection function based on theχ^(2) detector,we propose broadening the traditional feasibility constraint to accommodate a certain degree of deviation from the distribution of the innovation.This broadening enables the design of stealthy attacks that exploit the tolerance inherent in the detection mechanism.The state estimation error is quantified and analyzed by deriving the iteration of the error covariance matrix of the remote estimator under these conditions.The selected degree of deviation is combined with the error covariance to establish the objective function and the attack scheme is acquired by solving an optimization problem.Furthermore,we propose a novel detection algorithm that employs a majority-voting mechanism to determine whether the system is under attack,with decision parameters dynamically adjusted in response to system behavior.This approach enhances sensitivity to stealthy and persistent attacks without increasing the false alarm rate.Simulation results show that the designed leads to about a 41%rise in the trace of error covariance for stable systems and 29%for unstable systems,significantly impairing estimation performance.Concurrently,the proposed detection algorithm enhances the attack detection rate by 33%compared to conventional methods.
基金supported by the National Natural Science Foundation of China(61703286,62394342,61890924,61991404)。
文摘This paper investigates set-valued state estimation of nonlinear systems with unknown-but-bounded(UBB)noises based on constrained polynomial zonotopes which is utilized to characterize non-convex sets.First,properties of constrained polynomial zonotopes are provided and the order reduction method is given to reduce the computational complexity.Then,the corresponding improved prediction-update algorithm is proposed so that it can be adapted to non-convex sets.Based on generalized intersection,the utilization of set-based estimation for attack detection is analyzed.Finally,an example is given to show the efficiency of our results.
基金supported by the National Natural Science Foundation of China(62303273,62373226)the National Research Foundation,Singapore through the Medium Sized Center for Advanced Robotics Technology Innovation(WP2.7)
文摘Dear Editor,The letter deals with the distributed state and fault estimation of the whole physical layer for cyber-physical systems(CPSs) when the cyber layer suffers from DoS attacks. With the advancement of embedded computing, communication and related hardware technologies, CPSs have attracted extensive attention and have been widely used in power system, traffic network, refrigeration system and other fields.
基金supported by the National Natural Science Foundation of China(52332011).
文摘Cyber-physical systems(CPSs)are increasingly vulnerable to cyber-attacks due to their integral connection between cyberspace and the physical world,which is augmented by Internet connectivity.This vulnerability necessitates a heightened focus on developing resilient control mechanisms for CPSs.However,current observer-based active compensation resilient controllers exhibit poor performance against stealthy deception attacks(SDAs)due to the difficulty in accurately reconstructing system states because of the stealthy nature of these attacks.Moreover,some non-active compensation approaches are insufficient when there is a complete loss of actuator control authority.To address these issues,we introduce a novel learning-based passive resilient controller(LPRC).Our approach,unlike observer-based state reconstruction,shows enhanced effectiveness in countering SDAs.We developed a safety state set,represented by an ellipsoid,to ensure CPS stability under SDA conditions,maintaining system trajectories within this set.Additionally,by employing deep reinforcement learning(DRL),the LPRC acquires the capacity to adapt and diverse evolving attack strategies.To empirically substantiate our methodology,various attack methods were compared with current passive and active compensation resilient control methods to evaluate their performance.
文摘This research paper tackles the complexities of achieving global fuzzy consensus in leader-follower systems in robotic systems,focusing on robust control systems against an advanced signal attack that integrates sensor and actuator disturbances within the dynamics of follower robots.Each follower robot has unknown dynamics and control inputs,which expose it to the risks of both sensor and actuator attacks.The leader robot,described by a secondorder,time-varying nonlinear model,transmits its position,velocity,and acceleration information to follower robots through a wireless connection.To handle the complex setup and communication among robots in the network,we design a robust hybrid distributed adaptive control strategy combining the effect of sensor and actuator attack,which ensures asymptotic consensus,extending beyond conventional bounded consensus results.The proposed framework employs fuzzy logic systems(FLSs)as proactive controllers to estimate unknown nonlinear behaviors,while also effectively managing sensor and actuator attacks,ensuring stable consensus among all agents.To counter the impact of the combined signal attack on follower dynamics,a specialized robust control mechanism is designed,sustaining system stability and performance under adversarial conditions.The efficiency of this control strategy is demonstrated through simulations conducted across two different directed communication topologies,underscoring the protocol’s adaptability,resilience,and effectiveness in maintaining global consensus under complex attack scenarios.
基金Deanship of Research and Graduate Studies at King Khalid University for funding this work through Large Research Project under grant number RGP.2/103/46”Deanship of Scientific Research at Northern Border University,Arar,Saudi Arabia for funding this research work through project number“NBU-FFR-2025-871-15”funding from Prince Sattam bin Abdulaziz University project number(PSAU/2025/R/1447).
文摘This paper proposes a model-based control framework for vehicle platooning systems with secondorder nonlinear dynamics operating over switching signed networks,time-varying delays,and deception attacks.The study includes two configurations:a leaderless structure using Finite-Time Non-Singular Terminal Bipartite Consensus(FNTBC)and Fixed-Time Bipartite Consensus(FXTBC),and a leader—follower structure ensuring structural balance and robustness against deceptive signals.In the leaderless model,a bipartite controller based on impulsive control theory,gauge transformation,and Markovian switching Lyapunov functions ensures mean-square stability and coordination under deception attacks and communication delays.The FNTBC achieves finite-time convergence depending on initial conditions,while the FXTBC guarantees fixed-time convergence independent of them,providing adaptability to different operating states.In the leader—follower case,a discontinuous impulsive control law synchronizes all followers with the leader despite deceptive attacks and switching topologies,maintaining robust coordination through nonlinear corrective mechanisms.To validate the approach,simulations are conducted on systems of five and seventeen vehicles in both leaderless and leader—follower configurations.The results demonstrate that the proposed framework achieves rapid consensus,strong robustness,and high resistance to deception attacks,offering a secure and scalable model-based control solution for modern vehicular communication networks.
文摘A security issue with multi-sensor unmanned aerial vehicle(UAV)cyber physical systems(CPS)from the viewpoint of a false data injection(FDI)attacker is investigated in this paper.The FDI attacker can employ attacks on feedback and feed-forward channels simultaneously with limited resource.The attacker aims at degrading the UAV CPS's estimation performance to the max while keeping stealthiness characterized by the Kullback-Leibler(K-L)divergence.The attacker is resource limited which can only attack part of sensors,and the attacked sensor as well as specific forms of attack signals at each instant should be considered by the attacker.Also,the sensor selection principle is investigated with respect to time invariant attack covariances.Additionally,the optimal switching attack strategies in regard to time variant attack covariances are modeled as a multi-agent Markov decision process(MDP)with hybrid discrete-continuous action space.Then,the multi-agent MDP is solved by utilizing the deep Multi-agent parameterized Q-networks(MAPQN)method.Ultimately,a quadrotor near hover system is used to validate the effectiveness of the results in the simulation section.
基金funded by the Deanship of Scientific Research(DSR)at King Abdulaziz University,Jeddah,under Grant No.(GPIP:1074-612-2024).
文摘The surge in smishing attacks underscores the urgent need for robust,real-time detection systems powered by advanced deep learning models.This paper introduces PhishNet,a novel ensemble learning framework that integrates transformer-based models(RoBERTa)and large language models(LLMs)(GPT-OSS 120B,LLaMA3.370B,and Qwen332B)to enhance smishing detection performance significantly.To mitigate class imbalance,we apply synthetic data augmentation using T5 and leverage various text preprocessing techniques.Our system employs a duallayer voting mechanism:weighted majority voting among LLMs and a final ensemble vote to classify messages as ham,spam,or smishing.Experimental results show an average accuracy improvement from 96%to 98.5%compared to the best standalone transformer,and from 93%to 98.5%when compared to LLMs across datasets.Furthermore,we present a real-time,user-friendly application to operationalize our detection model for practical use.PhishNet demonstrates superior scalability,usability,and detection accuracy,filling critical gaps in current smishing detection methodologies.
文摘Zero-click attacks represent an advanced cybersecurity threat,capable of compromising devices without user interaction.High-profile examples such as Pegasus,Simjacker,Bluebugging,and Bluesnarfing exploit hidden vulnerabilities in software and communication protocols to silently gain access,exfiltrate data,and enable long-term surveillance.Their stealth and ability to evade traditional defenses make detection and mitigation highly challenging.This paper addresses these threats by systematically mapping the tactics and techniques of zero-click attacks using the MITRE ATT&CK framework,a widely adopted standard for modeling adversarial behavior.Through this mapping,we categorize real-world attack vectors and better understand how such attacks operate across the cyber-kill chain.To support threat detection efforts,we propose an Active Learning-based method to efficiently label the Pegasus spyware dataset in alignment with the MITRE ATT&CK framework.This approach reduces the effort of manually annotating data while improving the quality of the labeled data,which is essential to train robust cybersecurity models.In addition,our analysis highlights the structured execution paths of zero-click attacks and reveals gaps in current defense strategies.The findings emphasize the importance of forward-looking strategies such as continuous surveillance,dynamic threat profiling,and security education.By bridging zero-click attack analysis with the MITRE ATT&CK framework and leveraging machine learning for dataset annotation,this work provides a foundation for more accurate threat detection and the development of more resilient and structured cybersecurity frameworks.
基金supported by the Institute of Information&Communications Technology Planning&Evaluation(IITP)grant funded by the Korea government(MSIT)(No.RS-2023-00235509Development of security monitoring technology based network behavior against encrypted cyber threats in ICT convergence environment).
文摘With the increasing emphasis on personal information protection,encryption through security protocols has emerged as a critical requirement in data transmission and reception processes.Nevertheless,IoT ecosystems comprise heterogeneous networks where outdated systems coexist with the latest devices,spanning a range of devices from non-encrypted ones to fully encrypted ones.Given the limited visibility into payloads in this context,this study investigates AI-based attack detection methods that leverage encrypted traffic metadata,eliminating the need for decryption and minimizing system performance degradation—especially in light of these heterogeneous devices.Using the UNSW-NB15 and CICIoT-2023 dataset,encrypted and unencrypted traffic were categorized according to security protocol,and AI-based intrusion detection experiments were conducted for each traffic type based on metadata.To mitigate the problem of class imbalance,eight different data sampling techniques were applied.The effectiveness of these sampling techniques was then comparatively analyzed using two ensemble models and three Deep Learning(DL)models from various perspectives.The experimental results confirmed that metadata-based attack detection is feasible using only encrypted traffic.In the UNSW-NB15 dataset,the f1-score of encrypted traffic was approximately 0.98,which is 4.3%higher than that of unencrypted traffic(approximately 0.94).In addition,analysis of the encrypted traffic in the CICIoT-2023 dataset using the same method showed a significantly lower f1-score of roughly 0.43,indicating that the quality of the dataset and the preprocessing approach have a substantial impact on detection performance.Furthermore,when data sampling techniques were applied to encrypted traffic,the recall in the UNSWNB15(Encrypted)dataset improved by up to 23.0%,and in the CICIoT-2023(Encrypted)dataset by 20.26%,showing a similar level of improvement.Notably,in CICIoT-2023,f1-score and Receiver Operation Characteristic-Area Under the Curve(ROC-AUC)increased by 59.0%and 55.94%,respectively.These results suggest that data sampling can have a positive effect even in encrypted environments.However,the extent of the improvement may vary depending on data quality,model architecture,and sampling strategy.
基金funded by the National Key Research and Development Program of China(Grant No.2024YFE0209000)the NSFC(Grant No.U23B2019).
文摘Graph Neural Networks(GNNs)have proven highly effective for graph classification across diverse fields such as social networks,bioinformatics,and finance,due to their capability to learn complex graph structures.However,despite their success,GNNs remain vulnerable to adversarial attacks that can significantly degrade their classification accuracy.Existing adversarial attack strategies primarily rely on label information to guide the attacks,which limits their applicability in scenarios where such information is scarce or unavailable.This paper introduces an innovative unsupervised attack method for graph classification,which operates without relying on label information,thereby enhancing its applicability in a broad range of scenarios.Specifically,our method first leverages a graph contrastive learning loss to learn high-quality graph embeddings by comparing different stochastic augmented views of the graphs.To effectively perturb the graphs,we then introduce an implicit estimator that measures the impact of various modifications on graph structures.The proposed strategy identifies and flips edges with the top-K highest scores,determined by the estimator,to maximize the degradation of the model’s performance.In addition,to defend against such attack,we propose a lightweight regularization-based defense mechanism that is specifically tailored to mitigate the structural perturbations introduced by our attack strategy.It enhances model robustness by enforcing embedding consistency and edge-level smoothness during training.We conduct experiments on six public TU graph classification datasets:NCI1,NCI109,Mutagenicity,ENZYMES,COLLAB,and DBLP_v1,to evaluate the effectiveness of our attack and defense strategies.Under an attack budget of 3,the maximum reduction in model accuracy reaches 6.67%on the Graph Convolutional Network(GCN)and 11.67%on the Graph Attention Network(GAT)across different datasets,indicating that our unsupervised method induces degradation comparable to state-of-the-art supervised attacks.Meanwhile,our defense achieves the highest accuracy recovery of 3.89%(GCN)and 5.00%(GAT),demonstrating improved robustness against structural perturbations.
基金supported by Key Laboratory of Cyberspace Security,Ministry of Education,China。
文摘Transformer-based models have significantly advanced binary code similarity detection(BCSD)by leveraging their semantic encoding capabilities for efficient function matching across diverse compilation settings.Although adversarial examples can strategically undermine the accuracy of BCSD models and protect critical code,existing techniques predominantly depend on inserting artificial instructions,which incur high computational costs and offer limited diversity of perturbations.To address these limitations,we propose AIMA,a novel gradient-guided assembly instruction relocation method.Our method decouples the detection model into tokenization,embedding,and encoding layers to enable efficient gradient computation.Since token IDs of instructions are discrete and nondifferentiable,we compute gradients in the continuous embedding space to evaluate the influence of each token.The most critical tokens are identified by calculating the L2 norm of their embedding gradients.We then establish a mapping between instructions and their corresponding tokens to aggregate token-level importance into instructionlevel significance.To maximize adversarial impact,a sliding window algorithm selects the most influential contiguous segments for relocation,ensuring optimal perturbation with minimal length.This approach efficiently locates critical code regions without expensive search operations.The selected segments are relocated outside their original function boundaries via a jump mechanism,which preserves runtime control flow and functionality while introducing“deletion”effects in the static instruction sequence.Extensive experiments show that AIMA reduces similarity scores by up to 35.8%in state-of-the-art BCSD models.When incorporated into training data,it also enhances model robustness,achieving a 5.9%improvement in AUROC.
基金supported by Princess Nourah bint Abdulrahman University Researchers Supporting Project Number(PNURSP2025R97)Princess Nourah bint Abdulrahman University,Riyadh,Saudi Arabia.
文摘The exponential growth of the Internet of Things(IoT)has introduced significant security challenges,with zero-day attacks emerging as one of the most critical and challenging threats.Traditional Machine Learning(ML)and Deep Learning(DL)techniques have demonstrated promising early detection capabilities.However,their effectiveness is limited when handling the vast volumes of IoT-generated data due to scalability constraints,high computational costs,and the costly time-intensive process of data labeling.To address these challenges,this study proposes a Federated Learning(FL)framework that leverages collaborative and hybrid supervised learning to enhance cyber threat detection in IoT networks.By employing Deep Neural Networks(DNNs)and decentralized model training,the approach reduces computational complexity while improving detection accuracy.The proposed model demonstrates robust performance,achieving accuracies of 94.34%,99.95%,and 87.94%on the publicly available kitsune,Bot-IoT,and UNSW-NB15 datasets,respectively.Furthermore,its ability to detect zero-day attacks is validated through evaluations on two additional benchmark datasets,TON-IoT and IoT-23,using a Deep Federated Learning(DFL)framework,underscoring the generalization and effectiveness of the model in heterogeneous and decentralized IoT environments.Experimental results demonstrate superior performance over existing methods,establishing the proposed framework as an efficient and scalable solution for IoT security.
基金supported by Institutional Fund Projects(IFPNC-001-135-2020)technical and financial support from the Ministry of Education and King Abdulaziz University,DSR,Jeddah,Saudi Arabia。
文摘A cyber physical system(CPS)is a complex system that integrates sensing,computation,control and networking into physical processes and objects over Internet.It plays a key role in modern industry since it connects physical and cyber worlds.In order to meet ever-changing industrial requirements,its structures and functions are constantly improved.Meanwhile,new security issues have arisen.A ubiquitous problem is the fact that cyber attacks can cause significant damage to industrial systems,and thus has gained increasing attention from researchers and practitioners.This paper presents a survey of state-of-the-art results of cyber attacks on cyber physical systems.First,as typical system models are employed to study these systems,time-driven and event-driven systems are reviewed.Then,recent advances on three types of attacks,i.e.,those on availability,integrity,and confidentiality are discussed.In particular,the detailed studies on availability and integrity attacks are introduced from the perspective of attackers and defenders.Namely,both attack and defense strategies are discussed based on different system models.Some challenges and open issues are indicated to guide future research and inspire the further exploration of this increasingly important area.
