Zero-click attacks represent an advanced cybersecurity threat,capable of compromising devices without user interaction.High-profile examples such as Pegasus,Simjacker,Bluebugging,and Bluesnarfing exploit hidden vulner...Zero-click attacks represent an advanced cybersecurity threat,capable of compromising devices without user interaction.High-profile examples such as Pegasus,Simjacker,Bluebugging,and Bluesnarfing exploit hidden vulnerabilities in software and communication protocols to silently gain access,exfiltrate data,and enable long-term surveillance.Their stealth and ability to evade traditional defenses make detection and mitigation highly challenging.This paper addresses these threats by systematically mapping the tactics and techniques of zero-click attacks using the MITRE ATT&CK framework,a widely adopted standard for modeling adversarial behavior.Through this mapping,we categorize real-world attack vectors and better understand how such attacks operate across the cyber-kill chain.To support threat detection efforts,we propose an Active Learning-based method to efficiently label the Pegasus spyware dataset in alignment with the MITRE ATT&CK framework.This approach reduces the effort of manually annotating data while improving the quality of the labeled data,which is essential to train robust cybersecurity models.In addition,our analysis highlights the structured execution paths of zero-click attacks and reveals gaps in current defense strategies.The findings emphasize the importance of forward-looking strategies such as continuous surveillance,dynamic threat profiling,and security education.By bridging zero-click attack analysis with the MITRE ATT&CK framework and leveraging machine learning for dataset annotation,this work provides a foundation for more accurate threat detection and the development of more resilient and structured cybersecurity frameworks.展开更多
Dear Editor,This letter studies the problem of stealthy attacks targeting stochastic event-based estimation,alongside proposing measures for their mitigation.A general attack framework is introduced,and the correspond...Dear Editor,This letter studies the problem of stealthy attacks targeting stochastic event-based estimation,alongside proposing measures for their mitigation.A general attack framework is introduced,and the corresponding stealthiness condition is analyzed.To enhance system security,we advocate for a single-dimensional encryption method,showing that securing a singular data element is sufficient to shield the system from the perils of stealthy attacks.展开更多
In recent years,with the rapid advancement of artificial intelligence,object detection algorithms have made significant strides in accuracy and computational efficiency.Notably,research and applications of Anchor-Free...In recent years,with the rapid advancement of artificial intelligence,object detection algorithms have made significant strides in accuracy and computational efficiency.Notably,research and applications of Anchor-Free models have opened new avenues for real-time target detection in optical remote sensing images(ORSIs).However,in the realmof adversarial attacks,developing adversarial techniques tailored to Anchor-Freemodels remains challenging.Adversarial examples generated based on Anchor-Based models often exhibit poor transferability to these new model architectures.Furthermore,the growing diversity of Anchor-Free models poses additional hurdles to achieving robust transferability of adversarial attacks.This study presents an improved cross-conv-block feature fusion You Only Look Once(YOLO)architecture,meticulously engineered to facilitate the extraction ofmore comprehensive semantic features during the backpropagation process.To address the asymmetry between densely distributed objects in ORSIs and the corresponding detector outputs,a novel dense bounding box attack strategy is proposed.This approach leverages dense target bounding boxes loss in the calculation of adversarial loss functions.Furthermore,by integrating translation-invariant(TI)and momentum-iteration(MI)adversarial methodologies,the proposed framework significantly improves the transferability of adversarial attacks.Experimental results demonstrate that our method achieves superior adversarial attack performance,with adversarial transferability rates(ATR)of 67.53%on the NWPU VHR-10 dataset and 90.71%on the HRSC2016 dataset.Compared to ensemble adversarial attack and cascaded adversarial attack approaches,our method generates adversarial examples in an average of 0.64 s,representing an approximately 14.5%improvement in efficiency under equivalent conditions.展开更多
Large language models(LLMs)have revolutionized AI applications across diverse domains.However,their widespread deployment has introduced critical security vulnerabilities,particularly prompt injection attacks that man...Large language models(LLMs)have revolutionized AI applications across diverse domains.However,their widespread deployment has introduced critical security vulnerabilities,particularly prompt injection attacks that manipulate model behavior through malicious instructions.Following Kitchenham’s guidelines,this systematic review synthesizes 128 peer-reviewed studies from 2022 to 2025 to provide a unified understanding of this rapidly evolving threat landscape.Our findings reveal a swift progression from simple direct injections to sophisticated multimodal attacks,achieving over 90%success rates against unprotected systems.In response,defense mechanisms show varying effectiveness:input preprocessing achieves 60%–80%detection rates and advanced architectural defenses demonstrate up to 95%protection against known patterns,though significant gaps persist against novel attack vectors.We identified 37 distinct defense approaches across three categories,but standardized evaluation frameworks remain limited.Our analysis attributes these vulnerabilities to fundamental LLM architectural limitations,such as the inability to distinguish instructions from data and attention mechanism vulnerabilities.This highlights critical research directions such as formal verification methods,standardized evaluation protocols,and architectural innovations for inherently secure LLM designs.展开更多
Internet of Things(IoTs)devices are bringing about a revolutionary change our society by enabling connectivity regardless of time and location.However,The extensive deployment of these devices also makes them attracti...Internet of Things(IoTs)devices are bringing about a revolutionary change our society by enabling connectivity regardless of time and location.However,The extensive deployment of these devices also makes them attractive victims for themalicious actions of adversaries.Within the spectrumof existing threats,Side-ChannelAttacks(SCAs)have established themselves as an effective way to compromise cryptographic implementations.These attacks exploit unintended,unintended physical leakage that occurs during the cryptographic execution of devices,bypassing the theoretical strength of the crypto design.In recent times,the advancement of deep learning has provided SCAs with a powerful ally.Well-trained deep-learningmodels demonstrate an exceptional capacity to identify correlations between side-channel measurements and sensitive data,thereby significantly enhancing such attacks.To further understand the security threats posed by deep-learning SCAs and to aid in formulating robust countermeasures in the future,this paper undertakes an exhaustive investigation of leading-edge SCAs targeting Advanced Encryption Standard(AES)implementations.The study specifically focuses on attacks that exploit power consumption and electromagnetic(EM)emissions as primary leakage sources,systematically evaluating the extent to which diverse deep learning techniques enhance SCAs acrossmultiple critical dimensions.These dimensions include:(i)the characteristics of publicly available datasets derived from various hardware and software platforms;(ii)the formalization of leakage models tailored to different attack scenarios;(iii)the architectural suitability and performance of state-of-the-art deep learning models.Furthermore,the survey provides a systematic synthesis of current research findings,identifies significant unresolved issues in the existing literature and suggests promising directions for future work,including cross-device attack transferability and the impact of quantum-classical hybrid computing on side-channel security.展开更多
Transformer-based models have significantly advanced binary code similarity detection(BCSD)by leveraging their semantic encoding capabilities for efficient function matching across diverse compilation settings.Althoug...Transformer-based models have significantly advanced binary code similarity detection(BCSD)by leveraging their semantic encoding capabilities for efficient function matching across diverse compilation settings.Although adversarial examples can strategically undermine the accuracy of BCSD models and protect critical code,existing techniques predominantly depend on inserting artificial instructions,which incur high computational costs and offer limited diversity of perturbations.To address these limitations,we propose AIMA,a novel gradient-guided assembly instruction relocation method.Our method decouples the detection model into tokenization,embedding,and encoding layers to enable efficient gradient computation.Since token IDs of instructions are discrete and nondifferentiable,we compute gradients in the continuous embedding space to evaluate the influence of each token.The most critical tokens are identified by calculating the L2 norm of their embedding gradients.We then establish a mapping between instructions and their corresponding tokens to aggregate token-level importance into instructionlevel significance.To maximize adversarial impact,a sliding window algorithm selects the most influential contiguous segments for relocation,ensuring optimal perturbation with minimal length.This approach efficiently locates critical code regions without expensive search operations.The selected segments are relocated outside their original function boundaries via a jump mechanism,which preserves runtime control flow and functionality while introducing“deletion”effects in the static instruction sequence.Extensive experiments show that AIMA reduces similarity scores by up to 35.8%in state-of-the-art BCSD models.When incorporated into training data,it also enhances model robustness,achieving a 5.9%improvement in AUROC.展开更多
This article investigates the distributed recursive filtering problem for discrete-time stochastic cyber–physical systems.A particular feature of our work is that we consider systems in which the state is constrained...This article investigates the distributed recursive filtering problem for discrete-time stochastic cyber–physical systems.A particular feature of our work is that we consider systems in which the state is constrained by saturation.Measurements are transmitted to nodes of a sensor network over unreliable wireless channels.We propose a linear coding mechanism,together with a distributed method for obtaining a state estimate at each node.These designs aim to minimize the state estimation error covariance.In addition,we derive a bound on this covariance,and accommodate the design parameters to minimize this bound.The resulting design depends on the packet loss probabilities of the wireless channels.This permits applying the proposed scheme to systems in which communications suffer from denial-of-service attacks,as such attacks typically affect those probabilities.Finally,we present a numerical example illustrating this application.展开更多
An attack-resilient distributed Nash equilibrium(NE) seeking problem is addressed for noncooperative games of networked systems under malicious cyber-attacks,i.e.,false data injection(FDI) attacks.Different from many ...An attack-resilient distributed Nash equilibrium(NE) seeking problem is addressed for noncooperative games of networked systems under malicious cyber-attacks,i.e.,false data injection(FDI) attacks.Different from many existing distributed NE seeking works,it is practical and challenging to get resilient adaptively distributed NE seeking under unknown and unbounded FDI attacks.An attack-resilient NE seeking algorithm that is distributed(i.e.,independent of global information on the graph's algebraic connectivity,Lipschitz and monotone constants of pseudo-gradients,or number of players),is presented by means of incorporating the consensus-based gradient play with a distributed attack identifier so as to achieve simultaneous NE seeking and attack identification asymptotically.Another key characteristic is that FDI attacks are allowed to be unknown and unbounded.By exploiting nonsmooth analysis and stability theory,the global asymptotic convergence of the developed algorithm to the NE is ensured.Moreover,we extend this design to further consider the attack-resilient NE seeking of double-integrator players.Lastly,numerical simulation and practical experiment results are presented to validate the developed algorithms' effectiveness.展开更多
The wide-area damping controllers(WADCs),which are essential for mitigating regional low-frequency oscillations,face cyber-physical security threats due to the vulnerability of wide-area measurement system to cyber at...The wide-area damping controllers(WADCs),which are essential for mitigating regional low-frequency oscillations,face cyber-physical security threats due to the vulnerability of wide-area measurement system to cyber attacks and wind power uncertainties.This paper introduces reachability analysis method to quantify the impact of varying-amplitude attacks and uncertain wind fluctuations on the performance of WADC.Firstly,considering wind farm integration and attack injection,a nonlinear power system model with multiple buses is constructed based on Kron reduction method to improve computational efficiency and mitigate the constraints imposed by algebraic constraints.Then,a zonotope-based polytope construction method is employed to effectively model the range of attack amplitudes and wind uncertainties.By conducting reachability analysis,the reachable set preserving the nonlinear characteristics of studied system is computed,which enables the quantification of the maximum fluctuation range of regional oscillations under the dual disturbances.Case studies are undertaken on two multi-machine power systems with wind farm integration.The obtained results emphasize the efficacy of designed method,providing valuable insights into the magnitude of the impact that attacks exert on the operational characteristics of power system under various uncertain factors.展开更多
Orthogonal Frequency Division Multiplexing(OFDM)enables efficient Dynamic Spectrum Access(DSA)but suffers from high sidelobe that causes excessive out-of-band(OOB)emissions and expose the system to spectrum-layer cybe...Orthogonal Frequency Division Multiplexing(OFDM)enables efficient Dynamic Spectrum Access(DSA)but suffers from high sidelobe that causes excessive out-of-band(OOB)emissions and expose the system to spectrum-layer cyberattacks such as man-in-the-middle(MITM),eavesdropping,and primary user emulation(PUE)attacks.To address both spectral leakage and its security implications,this paper introduces a secure and intelligent hybrid optimization strategy that combinesan Eigenspace-based Generalized Sidelobe Canceller(ES-GSC)with a Genetic Algorithm(GA),to derive optimally weighted cancellation carriers.The proposed method jointly suppresses sidelobes and reinforces resistance to leakage-based attacks.MATLAB Simulation demonstrate considerable reductions in OOB emissions and higher resilience against spectrum-layer threats compared with existing techniques.展开更多
In this paper,a security defense issue is investigated for networked control systems susceptible to stochastic denial of service(DoS) attacks by using the sliding mode control method.To utilize network communication r...In this paper,a security defense issue is investigated for networked control systems susceptible to stochastic denial of service(DoS) attacks by using the sliding mode control method.To utilize network communication resources more effectively,a novel adaptive event-triggered(AET) mechanism is introduced,whose triggering coefficient can be adaptively adjusted according to the evolution trend of system states.Differing from existing event-triggered(ET) mechanisms,the proposed one demonstrates exceptional relevance and flexibility.It is closely related to attack probability,and its triggering coefficient dynamically adjusts depending on the presence or absence of an attack.To leverage attacker information more effectively,a switching-like sliding mode security controller is designed,which can autonomously select different controller gains based on the sliding function representing the attack situation.Sufficient conditions for the existence of the switching-like sliding mode secure controller are presented to ensure the stochastic stability of the system and the reachability of the sliding surface.Compared with existing time-invariant control strategies within the triggered interval,more resilient defense performance can be expected since the correlation with attack information is established in both the proposed AET scheme and the control strategy.Finally,a simulation example is conducted to verify the effectiveness and feasibility of the proposed security control method.展开更多
The exponential growth of the Internet of Things(IoT)has introduced significant security challenges,with zero-day attacks emerging as one of the most critical and challenging threats.Traditional Machine Learning(ML)an...The exponential growth of the Internet of Things(IoT)has introduced significant security challenges,with zero-day attacks emerging as one of the most critical and challenging threats.Traditional Machine Learning(ML)and Deep Learning(DL)techniques have demonstrated promising early detection capabilities.However,their effectiveness is limited when handling the vast volumes of IoT-generated data due to scalability constraints,high computational costs,and the costly time-intensive process of data labeling.To address these challenges,this study proposes a Federated Learning(FL)framework that leverages collaborative and hybrid supervised learning to enhance cyber threat detection in IoT networks.By employing Deep Neural Networks(DNNs)and decentralized model training,the approach reduces computational complexity while improving detection accuracy.The proposed model demonstrates robust performance,achieving accuracies of 94.34%,99.95%,and 87.94%on the publicly available kitsune,Bot-IoT,and UNSW-NB15 datasets,respectively.Furthermore,its ability to detect zero-day attacks is validated through evaluations on two additional benchmark datasets,TON-IoT and IoT-23,using a Deep Federated Learning(DFL)framework,underscoring the generalization and effectiveness of the model in heterogeneous and decentralized IoT environments.Experimental results demonstrate superior performance over existing methods,establishing the proposed framework as an efficient and scalable solution for IoT security.展开更多
Dear Editor,This letter presents some control strategies for quadrotor unmanned aerial vehicle(UAV)leader-follower formation model,where the stochastic impulsive deception attacks are fully considered.Based on Lyapuno...Dear Editor,This letter presents some control strategies for quadrotor unmanned aerial vehicle(UAV)leader-follower formation model,where the stochastic impulsive deception attacks are fully considered.Based on Lyapunov method,the outer loop and the inner loop controllers of quadrotor UAV are designed,respectively.Moreover,a relationship between continuous control laws,stochastic impulsive sequences,and impulsive intensity is established in this letter.展开更多
Objective To determine the safety and efficacy of fresh frozen plasma (FFP) iniusion for the treat- ment of hereditary angioedema (FIAE). Methods The medical records of patients with HAE admitted to Peking Union ...Objective To determine the safety and efficacy of fresh frozen plasma (FFP) iniusion for the treat- ment of hereditary angioedema (FIAE). Methods The medical records of patients with HAE admitted to Peking Union Medical College Fiospital who had received FFP infusion during 2004 and 2010 were reviewed and PubMed database iFom 1966 to the present were searched using the following key words: hereditary angioedema and fresh frozen plasma. The patient's age, sex, body location of HAE attacks, the dose of FFP infusion, time of beginning to improvenaent, time to complete remission, complication, C 1 inhibitor activity, and outcome were analyzed. Results A total of 13 enrolled patients (7 male and 6 female) received 16 times of FFP infusion, in- cluding 2 patients undergoing FFP infusion in Peking Union Medical College Hospital and 11 patients re- ported in the literature. The mean dosage of FFP infusion was 586±337 mL. Two cases suffered from wors- ening abdominal pain and one case experienced skin rash. Only I patient had no improvement in symptom owing to transfusion related reaction. There was a definite improvement in symptom 49± 19 minutes after beginning FFP infusion. The remission time decreased from 61.7±27.0 hours to 3.3 (2.0, 12.0) hours after FFP infusion. FFP infusion was effective for both type I and type Ⅱ HAE. Conclusion FFP seems to be safe and effective for acute attacks of HAE.展开更多
文摘Zero-click attacks represent an advanced cybersecurity threat,capable of compromising devices without user interaction.High-profile examples such as Pegasus,Simjacker,Bluebugging,and Bluesnarfing exploit hidden vulnerabilities in software and communication protocols to silently gain access,exfiltrate data,and enable long-term surveillance.Their stealth and ability to evade traditional defenses make detection and mitigation highly challenging.This paper addresses these threats by systematically mapping the tactics and techniques of zero-click attacks using the MITRE ATT&CK framework,a widely adopted standard for modeling adversarial behavior.Through this mapping,we categorize real-world attack vectors and better understand how such attacks operate across the cyber-kill chain.To support threat detection efforts,we propose an Active Learning-based method to efficiently label the Pegasus spyware dataset in alignment with the MITRE ATT&CK framework.This approach reduces the effort of manually annotating data while improving the quality of the labeled data,which is essential to train robust cybersecurity models.In addition,our analysis highlights the structured execution paths of zero-click attacks and reveals gaps in current defense strategies.The findings emphasize the importance of forward-looking strategies such as continuous surveillance,dynamic threat profiling,and security education.By bridging zero-click attack analysis with the MITRE ATT&CK framework and leveraging machine learning for dataset annotation,this work provides a foundation for more accurate threat detection and the development of more resilient and structured cybersecurity frameworks.
基金supported by the National Natural Science Foundation of China(62303353,62273030,62573320)。
文摘Dear Editor,This letter studies the problem of stealthy attacks targeting stochastic event-based estimation,alongside proposing measures for their mitigation.A general attack framework is introduced,and the corresponding stealthiness condition is analyzed.To enhance system security,we advocate for a single-dimensional encryption method,showing that securing a singular data element is sufficient to shield the system from the perils of stealthy attacks.
文摘In recent years,with the rapid advancement of artificial intelligence,object detection algorithms have made significant strides in accuracy and computational efficiency.Notably,research and applications of Anchor-Free models have opened new avenues for real-time target detection in optical remote sensing images(ORSIs).However,in the realmof adversarial attacks,developing adversarial techniques tailored to Anchor-Freemodels remains challenging.Adversarial examples generated based on Anchor-Based models often exhibit poor transferability to these new model architectures.Furthermore,the growing diversity of Anchor-Free models poses additional hurdles to achieving robust transferability of adversarial attacks.This study presents an improved cross-conv-block feature fusion You Only Look Once(YOLO)architecture,meticulously engineered to facilitate the extraction ofmore comprehensive semantic features during the backpropagation process.To address the asymmetry between densely distributed objects in ORSIs and the corresponding detector outputs,a novel dense bounding box attack strategy is proposed.This approach leverages dense target bounding boxes loss in the calculation of adversarial loss functions.Furthermore,by integrating translation-invariant(TI)and momentum-iteration(MI)adversarial methodologies,the proposed framework significantly improves the transferability of adversarial attacks.Experimental results demonstrate that our method achieves superior adversarial attack performance,with adversarial transferability rates(ATR)of 67.53%on the NWPU VHR-10 dataset and 90.71%on the HRSC2016 dataset.Compared to ensemble adversarial attack and cascaded adversarial attack approaches,our method generates adversarial examples in an average of 0.64 s,representing an approximately 14.5%improvement in efficiency under equivalent conditions.
基金supported by 2023 Higher Education Scientific Research Planning Project of China Society of Higher Education(No.23PG0408)2023 Philosophy and Social Science Research Programs in Jiangsu Province(No.2023SJSZ0993)+2 种基金Nantong Science and Technology Project(No.JC2023070)Key Project of Jiangsu Province Education Science 14th Five-Year Plan(Grant No.B-b/2024/02/41)the Open Fund of Advanced Cryptography and System Security Key Laboratory of Sichuan Province(Grant No.SKLACSS-202407).
文摘Large language models(LLMs)have revolutionized AI applications across diverse domains.However,their widespread deployment has introduced critical security vulnerabilities,particularly prompt injection attacks that manipulate model behavior through malicious instructions.Following Kitchenham’s guidelines,this systematic review synthesizes 128 peer-reviewed studies from 2022 to 2025 to provide a unified understanding of this rapidly evolving threat landscape.Our findings reveal a swift progression from simple direct injections to sophisticated multimodal attacks,achieving over 90%success rates against unprotected systems.In response,defense mechanisms show varying effectiveness:input preprocessing achieves 60%–80%detection rates and advanced architectural defenses demonstrate up to 95%protection against known patterns,though significant gaps persist against novel attack vectors.We identified 37 distinct defense approaches across three categories,but standardized evaluation frameworks remain limited.Our analysis attributes these vulnerabilities to fundamental LLM architectural limitations,such as the inability to distinguish instructions from data and attention mechanism vulnerabilities.This highlights critical research directions such as formal verification methods,standardized evaluation protocols,and architectural innovations for inherently secure LLM designs.
基金The Key R&D Program of Hunan Province(Grant No.2025AQ2024)of the Department of Science and Technology of Hunan Province.Distinguished Young Scientists Fund(Grant No.24B0446)of Hunan Education Department.
文摘Internet of Things(IoTs)devices are bringing about a revolutionary change our society by enabling connectivity regardless of time and location.However,The extensive deployment of these devices also makes them attractive victims for themalicious actions of adversaries.Within the spectrumof existing threats,Side-ChannelAttacks(SCAs)have established themselves as an effective way to compromise cryptographic implementations.These attacks exploit unintended,unintended physical leakage that occurs during the cryptographic execution of devices,bypassing the theoretical strength of the crypto design.In recent times,the advancement of deep learning has provided SCAs with a powerful ally.Well-trained deep-learningmodels demonstrate an exceptional capacity to identify correlations between side-channel measurements and sensitive data,thereby significantly enhancing such attacks.To further understand the security threats posed by deep-learning SCAs and to aid in formulating robust countermeasures in the future,this paper undertakes an exhaustive investigation of leading-edge SCAs targeting Advanced Encryption Standard(AES)implementations.The study specifically focuses on attacks that exploit power consumption and electromagnetic(EM)emissions as primary leakage sources,systematically evaluating the extent to which diverse deep learning techniques enhance SCAs acrossmultiple critical dimensions.These dimensions include:(i)the characteristics of publicly available datasets derived from various hardware and software platforms;(ii)the formalization of leakage models tailored to different attack scenarios;(iii)the architectural suitability and performance of state-of-the-art deep learning models.Furthermore,the survey provides a systematic synthesis of current research findings,identifies significant unresolved issues in the existing literature and suggests promising directions for future work,including cross-device attack transferability and the impact of quantum-classical hybrid computing on side-channel security.
基金supported by Key Laboratory of Cyberspace Security,Ministry of Education,China。
文摘Transformer-based models have significantly advanced binary code similarity detection(BCSD)by leveraging their semantic encoding capabilities for efficient function matching across diverse compilation settings.Although adversarial examples can strategically undermine the accuracy of BCSD models and protect critical code,existing techniques predominantly depend on inserting artificial instructions,which incur high computational costs and offer limited diversity of perturbations.To address these limitations,we propose AIMA,a novel gradient-guided assembly instruction relocation method.Our method decouples the detection model into tokenization,embedding,and encoding layers to enable efficient gradient computation.Since token IDs of instructions are discrete and nondifferentiable,we compute gradients in the continuous embedding space to evaluate the influence of each token.The most critical tokens are identified by calculating the L2 norm of their embedding gradients.We then establish a mapping between instructions and their corresponding tokens to aggregate token-level importance into instructionlevel significance.To maximize adversarial impact,a sliding window algorithm selects the most influential contiguous segments for relocation,ensuring optimal perturbation with minimal length.This approach efficiently locates critical code regions without expensive search operations.The selected segments are relocated outside their original function boundaries via a jump mechanism,which preserves runtime control flow and functionality while introducing“deletion”effects in the static instruction sequence.Extensive experiments show that AIMA reduces similarity scores by up to 35.8%in state-of-the-art BCSD models.When incorporated into training data,it also enhances model robustness,achieving a 5.9%improvement in AUROC.
基金supported by the KGJ Basic Research Fund(JCKY2023110C080)the National Natural Science Foundation of China(62322306,62173057,62033006)+2 种基金Aviation Science Foundation Project(2022Z018063001)the Argentinean Agency for Scientific and Technological Promotion(PICT-2021-I-A-00730)the National Foreign Expert Individual Project(H20240983).
文摘This article investigates the distributed recursive filtering problem for discrete-time stochastic cyber–physical systems.A particular feature of our work is that we consider systems in which the state is constrained by saturation.Measurements are transmitted to nodes of a sensor network over unreliable wireless channels.We propose a linear coding mechanism,together with a distributed method for obtaining a state estimate at each node.These designs aim to minimize the state estimation error covariance.In addition,we derive a bound on this covariance,and accommodate the design parameters to minimize this bound.The resulting design depends on the packet loss probabilities of the wireless channels.This permits applying the proposed scheme to systems in which communications suffer from denial-of-service attacks,as such attacks typically affect those probabilities.Finally,we present a numerical example illustrating this application.
基金supported in part by the National Natural Science Foundation of China(62373022,U2241217,62141604)Beijing Natural Science Foundation(4252043,JQ23019)+4 种基金the Fundamental Research Funds for the Central Universities(JKF-2025037448805,JKF-2025086098295)the Aeronautical Science Fund(2023Z034051001)the Academic Excellence Foundation of BUAA for Ph.D. Studentsthe Science and Technology Innovation2030—Key Project of New Generation Artificial Intelligence(2020AAA0108200)the National Key Research and Development Program of China(2022YFB3305600)。
文摘An attack-resilient distributed Nash equilibrium(NE) seeking problem is addressed for noncooperative games of networked systems under malicious cyber-attacks,i.e.,false data injection(FDI) attacks.Different from many existing distributed NE seeking works,it is practical and challenging to get resilient adaptively distributed NE seeking under unknown and unbounded FDI attacks.An attack-resilient NE seeking algorithm that is distributed(i.e.,independent of global information on the graph's algebraic connectivity,Lipschitz and monotone constants of pseudo-gradients,or number of players),is presented by means of incorporating the consensus-based gradient play with a distributed attack identifier so as to achieve simultaneous NE seeking and attack identification asymptotically.Another key characteristic is that FDI attacks are allowed to be unknown and unbounded.By exploiting nonsmooth analysis and stability theory,the global asymptotic convergence of the developed algorithm to the NE is ensured.Moreover,we extend this design to further consider the attack-resilient NE seeking of double-integrator players.Lastly,numerical simulation and practical experiment results are presented to validate the developed algorithms' effectiveness.
基金supported in part by the Young Elite Scientists Sponsorship Program by the Chinese Society for Electrical Engineering under Grant CSEE-YESS-2022019in part by the Guangzhou Basic and Applied Basic Research Foundation under Grand 2024A04J3672in part by the National Natural Science Foundation of China under Grant 52207106.
文摘The wide-area damping controllers(WADCs),which are essential for mitigating regional low-frequency oscillations,face cyber-physical security threats due to the vulnerability of wide-area measurement system to cyber attacks and wind power uncertainties.This paper introduces reachability analysis method to quantify the impact of varying-amplitude attacks and uncertain wind fluctuations on the performance of WADC.Firstly,considering wind farm integration and attack injection,a nonlinear power system model with multiple buses is constructed based on Kron reduction method to improve computational efficiency and mitigate the constraints imposed by algebraic constraints.Then,a zonotope-based polytope construction method is employed to effectively model the range of attack amplitudes and wind uncertainties.By conducting reachability analysis,the reachable set preserving the nonlinear characteristics of studied system is computed,which enables the quantification of the maximum fluctuation range of regional oscillations under the dual disturbances.Case studies are undertaken on two multi-machine power systems with wind farm integration.The obtained results emphasize the efficacy of designed method,providing valuable insights into the magnitude of the impact that attacks exert on the operational characteristics of power system under various uncertain factors.
文摘Orthogonal Frequency Division Multiplexing(OFDM)enables efficient Dynamic Spectrum Access(DSA)but suffers from high sidelobe that causes excessive out-of-band(OOB)emissions and expose the system to spectrum-layer cyberattacks such as man-in-the-middle(MITM),eavesdropping,and primary user emulation(PUE)attacks.To address both spectral leakage and its security implications,this paper introduces a secure and intelligent hybrid optimization strategy that combinesan Eigenspace-based Generalized Sidelobe Canceller(ES-GSC)with a Genetic Algorithm(GA),to derive optimally weighted cancellation carriers.The proposed method jointly suppresses sidelobes and reinforces resistance to leakage-based attacks.MATLAB Simulation demonstrate considerable reductions in OOB emissions and higher resilience against spectrum-layer threats compared with existing techniques.
基金supported in part by Shanghai Natural Science Foundation(24ZR1454700)the National Natural Science Foundation of China(62503331,62533016,62573279,62173231,62203288)Shanghai Pujiang Program(23PJD033)。
文摘In this paper,a security defense issue is investigated for networked control systems susceptible to stochastic denial of service(DoS) attacks by using the sliding mode control method.To utilize network communication resources more effectively,a novel adaptive event-triggered(AET) mechanism is introduced,whose triggering coefficient can be adaptively adjusted according to the evolution trend of system states.Differing from existing event-triggered(ET) mechanisms,the proposed one demonstrates exceptional relevance and flexibility.It is closely related to attack probability,and its triggering coefficient dynamically adjusts depending on the presence or absence of an attack.To leverage attacker information more effectively,a switching-like sliding mode security controller is designed,which can autonomously select different controller gains based on the sliding function representing the attack situation.Sufficient conditions for the existence of the switching-like sliding mode secure controller are presented to ensure the stochastic stability of the system and the reachability of the sliding surface.Compared with existing time-invariant control strategies within the triggered interval,more resilient defense performance can be expected since the correlation with attack information is established in both the proposed AET scheme and the control strategy.Finally,a simulation example is conducted to verify the effectiveness and feasibility of the proposed security control method.
基金supported by Princess Nourah bint Abdulrahman University Researchers Supporting Project Number(PNURSP2025R97)Princess Nourah bint Abdulrahman University,Riyadh,Saudi Arabia.
文摘The exponential growth of the Internet of Things(IoT)has introduced significant security challenges,with zero-day attacks emerging as one of the most critical and challenging threats.Traditional Machine Learning(ML)and Deep Learning(DL)techniques have demonstrated promising early detection capabilities.However,their effectiveness is limited when handling the vast volumes of IoT-generated data due to scalability constraints,high computational costs,and the costly time-intensive process of data labeling.To address these challenges,this study proposes a Federated Learning(FL)framework that leverages collaborative and hybrid supervised learning to enhance cyber threat detection in IoT networks.By employing Deep Neural Networks(DNNs)and decentralized model training,the approach reduces computational complexity while improving detection accuracy.The proposed model demonstrates robust performance,achieving accuracies of 94.34%,99.95%,and 87.94%on the publicly available kitsune,Bot-IoT,and UNSW-NB15 datasets,respectively.Furthermore,its ability to detect zero-day attacks is validated through evaluations on two additional benchmark datasets,TON-IoT and IoT-23,using a Deep Federated Learning(DFL)framework,underscoring the generalization and effectiveness of the model in heterogeneous and decentralized IoT environments.Experimental results demonstrate superior performance over existing methods,establishing the proposed framework as an efficient and scalable solution for IoT security.
基金supported by the National Natural Science Foundation of China(62173215)the Project for the Integrated Development of the City and Universities in Jinan(JNSX2024016)。
文摘Dear Editor,This letter presents some control strategies for quadrotor unmanned aerial vehicle(UAV)leader-follower formation model,where the stochastic impulsive deception attacks are fully considered.Based on Lyapunov method,the outer loop and the inner loop controllers of quadrotor UAV are designed,respectively.Moreover,a relationship between continuous control laws,stochastic impulsive sequences,and impulsive intensity is established in this letter.
文摘Objective To determine the safety and efficacy of fresh frozen plasma (FFP) iniusion for the treat- ment of hereditary angioedema (FIAE). Methods The medical records of patients with HAE admitted to Peking Union Medical College Fiospital who had received FFP infusion during 2004 and 2010 were reviewed and PubMed database iFom 1966 to the present were searched using the following key words: hereditary angioedema and fresh frozen plasma. The patient's age, sex, body location of HAE attacks, the dose of FFP infusion, time of beginning to improvenaent, time to complete remission, complication, C 1 inhibitor activity, and outcome were analyzed. Results A total of 13 enrolled patients (7 male and 6 female) received 16 times of FFP infusion, in- cluding 2 patients undergoing FFP infusion in Peking Union Medical College Hospital and 11 patients re- ported in the literature. The mean dosage of FFP infusion was 586±337 mL. Two cases suffered from wors- ening abdominal pain and one case experienced skin rash. Only I patient had no improvement in symptom owing to transfusion related reaction. There was a definite improvement in symptom 49± 19 minutes after beginning FFP infusion. The remission time decreased from 61.7±27.0 hours to 3.3 (2.0, 12.0) hours after FFP infusion. FFP infusion was effective for both type I and type Ⅱ HAE. Conclusion FFP seems to be safe and effective for acute attacks of HAE.
