This paper proposes a novel event-driven encrypted control framework for linear networked control systems(NCSs),which relies on two modified uniform quantization policies,the Paillier cryptosystem,and an event-trigger...This paper proposes a novel event-driven encrypted control framework for linear networked control systems(NCSs),which relies on two modified uniform quantization policies,the Paillier cryptosystem,and an event-triggered strategy.Due to the fact that only integers can work in the Pailler cryptosystem,both the real-valued control gain and system state need to be first quantized before encryption.This is dramatically different from the existing quantized control methods,where only the quantization of a single value,e.g.,the control input or the system state,is considered.To handle this issue,static and dynamic quantization policies are presented,which achieve the desired integer conversions and guarantee asymptotic convergence of the quantized system state to the equilibrium.Then,the quantized system state is encrypted and sent to the controller when the triggering condition,specified by a state-based event-triggered strategy,is satisfied.By doing so,not only the security and confidentiality of data transmitted over the communication network are protected,but also the ciphertext expansion phenomenon can be relieved.Additionally,by tactfully designing the quantization sensitivities and triggering error,the proposed event-driven encrypted control framework ensures the asymptotic stability of the overall closedloop system.Finally,a simulation example of the secure motion control for an inverted pendulum cart system is presented to evaluate the effectiveness of the theoretical results.展开更多
In the cloud environment,ensuring a high level of data security is in high demand.Data planning storage optimization is part of the whole security process in the cloud environment.It enables data security by avoiding ...In the cloud environment,ensuring a high level of data security is in high demand.Data planning storage optimization is part of the whole security process in the cloud environment.It enables data security by avoiding the risk of data loss and data overlapping.The development of data flow scheduling approaches in the cloud environment taking security parameters into account is insufficient.In our work,we propose a data scheduling model for the cloud environment.Themodel is made up of three parts that together help dispatch user data flow to the appropriate cloudVMs.The first component is the Collector Agent whichmust periodically collect information on the state of the network links.The second one is the monitoring agent which must then analyze,classify,and make a decision on the state of the link and finally transmit this information to the scheduler.The third one is the scheduler who must consider previous information to transfer user data,including fair distribution and reliable paths.It should be noted that each part of the proposedmodel requires the development of its algorithms.In this article,we are interested in the development of data transfer algorithms,including fairness distribution with the consideration of a stable link state.These algorithms are based on the grouping of transmitted files and the iterative method.The proposed algorithms showthe performances to obtain an approximate solution to the studied problem which is an NP-hard(Non-Polynomial solution)problem.The experimental results show that the best algorithm is the half-grouped minimum excluding(HME),with a percentage of 91.3%,an average deviation of 0.042,and an execution time of 0.001 s.展开更多
The increasing amount and intricacy of network traffic in the modern digital era have worsened the difficulty of identifying abnormal behaviours that may indicate potential security breaches or operational interruptio...The increasing amount and intricacy of network traffic in the modern digital era have worsened the difficulty of identifying abnormal behaviours that may indicate potential security breaches or operational interruptions. Conventional detection approaches face challenges in keeping up with the ever-changing strategies of cyber-attacks, resulting in heightened susceptibility and significant harm to network infrastructures. In order to tackle this urgent issue, this project focused on developing an effective anomaly detection system that utilizes Machine Learning technology. The suggested model utilizes contemporary machine learning algorithms and frameworks to autonomously detect deviations from typical network behaviour. It promptly identifies anomalous activities that may indicate security breaches or performance difficulties. The solution entails a multi-faceted approach encompassing data collection, preprocessing, feature engineering, model training, and evaluation. By utilizing machine learning methods, the model is trained on a wide range of datasets that include both regular and abnormal network traffic patterns. This training ensures that the model can adapt to numerous scenarios. The main priority is to ensure that the system is functional and efficient, with a particular emphasis on reducing false positives to avoid unwanted alerts. Additionally, efforts are directed on improving anomaly detection accuracy so that the model can consistently distinguish between potentially harmful and benign activity. This project aims to greatly strengthen network security by addressing emerging cyber threats and improving their resilience and reliability.展开更多
Network intrusion detection systems need to be updated due to the rise in cyber threats. In order to improve detection accuracy, this research presents a strong strategy that makes use of a stacked ensemble method, wh...Network intrusion detection systems need to be updated due to the rise in cyber threats. In order to improve detection accuracy, this research presents a strong strategy that makes use of a stacked ensemble method, which combines the advantages of several machine learning models. The ensemble is made up of various base models, such as Decision Trees, K-Nearest Neighbors (KNN), Multi-Layer Perceptrons (MLP), and Naive Bayes, each of which offers a distinct perspective on the properties of the data. The research adheres to a methodical workflow that begins with thorough data preprocessing to guarantee the accuracy and applicability of the data. In order to extract useful attributes from network traffic data—which are essential for efficient model training—feature engineering is used. The ensemble approach combines these models by training a Logistic Regression model meta-learner on base model predictions. In addition to increasing prediction accuracy, this tiered approach helps get around the drawbacks that come with using individual models. High accuracy, precision, and recall are shown in the model’s evaluation of a network intrusion dataset, indicating the model’s efficacy in identifying malicious activity. Cross-validation is used to make sure the models are reliable and well-generalized to new, untested data. In addition to advancing cybersecurity, the research establishes a foundation for the implementation of flexible and scalable intrusion detection systems. This hybrid, stacked ensemble model has a lot of potential for improving cyberattack prevention, lowering the likelihood of cyberattacks, and offering a scalable solution that can be adjusted to meet new threats and technological advancements.展开更多
Most of the security strategies today are primarily designed to provide security protection,rather than to solve one of the basic security issues related to adequate software product architecture.Several models,framew...Most of the security strategies today are primarily designed to provide security protection,rather than to solve one of the basic security issues related to adequate software product architecture.Several models,frameworks and methodologies have been introduced by the researchers for a secure and sustainable software development life cycle.Therefore it is important to assess the usability of the popular security requirements engineering(SRE)approaches.A significant factor in the management and handling of successful security requirements is the assessment of security requirements engineering method performance.This assessment will allow changes to the engineering process of security requirements.The consistency of security requirements depends heavily on the usability of security requirements engineering.Several SRE approaches are available for use and each approach takes into account several factors of usability but does not cover every element of usability.There seems to be no realistic implementation of such models because the concept of usability is not specific.This paper aims at specifying the different taxonomy of usability and design hierarchical usability model.The taxonomy takes into account the common quality assessment parameters that combine variables,attributes,and characteristics identified in different approaches used for security requirements engineering.The multiple-criteria decision-making(MCDM)model used in this paper for usability evaluation is called the fuzzy AHP-TOPSIS model which can conveniently be incorporated into the current approach of software engineering.Five significant usability criteria are identified and used to evaluate the six different alternatives.Such strategies are graded as per their expected values of usability.展开更多
The advanced technological need,exacerbated by the flexible time constraints,leads to several more design level unexplored vulnerabilities.Security is an extremely vital component in software development;we must take ...The advanced technological need,exacerbated by the flexible time constraints,leads to several more design level unexplored vulnerabilities.Security is an extremely vital component in software development;we must take charge of security and therefore analysis of software security risk assumes utmost significance.In order to handle the cyber-security risk of the web application and protect individuals,information and properties effectively,one must consider what needs to be secured,what are the perceived threats and the protection of assets.Security preparation plans,implements,tracks,updates and consistently develops safety risk management activities.Risk management must be interpreted as the major component for tackling security efficiently.In particular,during application development,security is considered as an add-on but not the main issue.It is important for the researchers to stress on the consideration of protection right from the earlier developmental stages of the software.This approach will help in designing software which can itself combat threats and does not depend on external security programs.Therefore,it is essential to evaluate the impact of security risks during software design.In this paper the researchers have used the hybrid Fuzzy AHPTOPSIS method to evaluate the risks for improving security durability of different Institutional Web Applications.In addition,the e-component of security risk is measured on software durability,and vice versa.The paper’s findings will prove to be valuable for enhancing the security durability of different web applications.展开更多
The proliferation of maliciously coded documents as file transfers increase has led to a rise in sophisticated attacks.Portable Document Format(PDF)files have emerged as a major attack vector for malware due to their ...The proliferation of maliciously coded documents as file transfers increase has led to a rise in sophisticated attacks.Portable Document Format(PDF)files have emerged as a major attack vector for malware due to their adaptability and wide usage.Detecting malware in PDF files is challenging due to its ability to include various harmful elements such as embedded scripts,exploits,and malicious URLs.This paper presents a comparative analysis of machine learning(ML)techniques,including Naive Bayes(NB),K-Nearest Neighbor(KNN),Average One Dependency Estimator(A1DE),RandomForest(RF),and SupportVectorMachine(SVM)forPDFmalware detection.The study utilizes a dataset obtained from the Canadian Institute for Cyber-security and employs different testing criteria,namely percentage splitting and 10-fold cross-validation.The performance of the techniques is evaluated using F1-score,precision,recall,and accuracy measures.The results indicate that KNNoutperforms other models,achieving an accuracy of 99.8599%using 10-fold cross-validation.The findings highlight the effectiveness of ML models in accurately detecting PDF malware and provide insights for developing robust systems to protect against malicious activities.展开更多
A web browser is the most basic tool for accessing the internet from any of the machines/equipment.Recently,data breaches have been reported frequently from users who are concerned about their personal information,as ...A web browser is the most basic tool for accessing the internet from any of the machines/equipment.Recently,data breaches have been reported frequently from users who are concerned about their personal information,as well as threats from criminal actors.Giving loss of data and information to an innocent user comes under the jurisdiction of cyber-attack.These kinds of cyber-attacks are far more dangerous when it comes to the many types of devices employed in an internet of things(IoT)environment.Continuous surveillance of IoT devices and forensic tools are required to overcome the issues pertaining to secure data and assets.Peer to peer(P2P)applications have been utilized for criminal operations on the web.Therefore,it is a challenge for a forensic investigator to perform forensic analysis of the evolving hardware and software platforms for IoT.For identity concealment and privacy protection,the Onion Router(Tor)and Chrome with the Invisible Internet Project(I2P)as the foundation browser are often used.Confirmation is required to determine whether Tor is truly anonymous and private as they claim.Some people,on the other hand,utilize the Tor browser for evil reasons.Tools and techniques are available for the collection of artifacts,identifying problem areas,further processing and analysis of data on the computer and IoT.Present research tried to explore a few tools for the tracing of I2P activities over computer on windows 10 that reflects IoT devices.According to the results of this research,it leaves an excessive amount of important digital evidence on the operating system that can be exploited to attack the information of users.This research is based on windows operating system and does not support other operating systems.展开更多
Our dependency on energy is so vital that it makes it difficult to imagine how humans can live on our planet earth without it.The demand for electricity,for example,is directly related to the growth of the population ...Our dependency on energy is so vital that it makes it difficult to imagine how humans can live on our planet earth without it.The demand for electricity,for example,is directly related to the growth of the population worldwide,and presently,to meet this demand,we need both renewable and nonrenewable energy.While nonrenewable energy has its shortcomings(negative impact on climate change,for example),renewable energy is not enough to address the ever-changing demand for energy.One way to address this need is to become more innovative,use technology more effectively,and be aware of the costs associated with different sources of renewable energy.In the case of nuclear power plants,new innovative centered around small modular reactors(SMRs)of generation 4th of these plants make them safer and less costly to own them as well as to protect them via means of cyber-security against any attack by smart malware.Of course,understanding the risks and how to address them is an integral part of the study.Natural sources of energy,such as wind and solar,are suggesting other innovating technical approaches.In this article,we are studying these factors holistically,and details have been laid out in a book by the authors’second volume of series title as Knowledge Is Power in Four Dimensions under Energy subtitle.展开更多
Ensuring stability and reliability in power systems requires accurate state estimation, which is challenging due to the growing network size, noisy measurements, and nonlinear power-flow equations. In this paper, we i...Ensuring stability and reliability in power systems requires accurate state estimation, which is challenging due to the growing network size, noisy measurements, and nonlinear power-flow equations. In this paper, we introduce the Graph Attention Estimation Network (GAEN) model to tackle power system state estimation (PSSE) by capitalizing on the inherent graph structure of power grids. This approach facilitates efficient information exchange among interconnected buses, yielding a distributed, computationally efficient architecture that is also resilient to cyber-attacks. We develop a thorough approach by utilizing Graph Convolutional Neural Networks (GCNNs) and attention mechanism in PSSE based on Supervisory Control and Data Acquisition (SCADA) and Phasor Measurement Unit (PMU) measurements, addressing the limitations of previous learning architectures. In accordance with the empirical results obtained from the experiments, the proposed method demonstrates superior performance and scalability compared to existing techniques. Furthermore, the amalgamation of local topological configurations with nodal-level data yields a heightened efficacy in the domain of state estimation. This work marks a significant achievement in the design of advanced learning architectures in PSSE, contributing and fostering the development of more reliable and secure power system operations.展开更多
Communication plays a vital role in incorporating smartness into the interconnected power system.However,historical records prove that the data transfer has always been vulnerable to cyber-attacks.Unless these cyber-a...Communication plays a vital role in incorporating smartness into the interconnected power system.However,historical records prove that the data transfer has always been vulnerable to cyber-attacks.Unless these cyber-attacks are identified and cordoned off,they may lead to black-out and result in national security issues.This paper proposes an optimal two-stage Kalman filter(OTS-KF)for simultaneous state and cyber-attack estimation in automatic generation control(AGC)system.Biases/cyber-attacks are modeled as unknown inputs in the AGC dynamics.Five types of cyber-attacks,i.e.,false data injection(FDI),data replay attack,denial of service(DoS),scaling,and ramp attacks,are injected into the measurements and estimated using OTS-KF.As the load variations of each area are seldom available,OTS-KF is reformulated to estimate the states and outliers along with the load variations of the system.The proposed technique is validated on the benchmark two-area,three-area,and five-area power system models.The simulation results under various test conditions demonstrate the efficacy of the proposed filter.展开更多
A nearest-neighbor-based detector against load redistribution attacks is presented.The detector is designed to scale from small-scale to very large-scale systems while guaranteeing consistent detection performance.Ext...A nearest-neighbor-based detector against load redistribution attacks is presented.The detector is designed to scale from small-scale to very large-scale systems while guaranteeing consistent detection performance.Extensive testing is performed on a realistic large-scale system to evaluate the perfor-mance of the proposed detector against a wide range of attacks,from simple random noise attacks to sophisticated load redistribution attacks.The detection capability is analyzed against different attack parameters to evaluate its sensitivity.A statistical test that leverages the proposed detector is introduced to identify which loads are likely to have been maliciously modified,thus,localizing the attack subgraph.This test is based on ascribing to each load a risk measure(probability of being attacked)and then computing the best posterior likelihood that minimizes log-loss.展开更多
In this article,a systematic assessment of cyber-physical security is developed for the lane-keeping control(LKC)system of autonomous vehicles(AVs),which has not been attempted before.A novel impact analysis methodolo...In this article,a systematic assessment of cyber-physical security is developed for the lane-keeping control(LKC)system of autonomous vehicles(AVs),which has not been attempted before.A novel impact analysis methodology for typical cyber-attacks is proposed with new evaluation metrics from the viewpoint of safety and performance and innovative index-based resilience and security criteria.Specifically,a security criterion is investigated by tracking performance,comfort and vehicle stability to evaluate the safety and security of the vehicle LKC system.Hardware-in-the-Loop(HiL)experimental results show that the proposed evaluation metrics are effective in analyzing the impact of cyberattacks on the commercial LKC system of Dongfeng Motor comprehensively.Finally,the conclusion provides guidelines for attack detection,diagnosis,and countermeasures for AVs.展开更多
基金the Research Grants Council of Hong Kong(CityU 21208921)the Chow Sang Sang Group Research Fund Sponsored by Chow Sang Sang Holdings International Ltd.
文摘This paper proposes a novel event-driven encrypted control framework for linear networked control systems(NCSs),which relies on two modified uniform quantization policies,the Paillier cryptosystem,and an event-triggered strategy.Due to the fact that only integers can work in the Pailler cryptosystem,both the real-valued control gain and system state need to be first quantized before encryption.This is dramatically different from the existing quantized control methods,where only the quantization of a single value,e.g.,the control input or the system state,is considered.To handle this issue,static and dynamic quantization policies are presented,which achieve the desired integer conversions and guarantee asymptotic convergence of the quantized system state to the equilibrium.Then,the quantized system state is encrypted and sent to the controller when the triggering condition,specified by a state-based event-triggered strategy,is satisfied.By doing so,not only the security and confidentiality of data transmitted over the communication network are protected,but also the ciphertext expansion phenomenon can be relieved.Additionally,by tactfully designing the quantization sensitivities and triggering error,the proposed event-driven encrypted control framework ensures the asymptotic stability of the overall closedloop system.Finally,a simulation example of the secure motion control for an inverted pendulum cart system is presented to evaluate the effectiveness of the theoretical results.
基金the deputyship for Research&Innovation,Ministry of Education in Saudi Arabia for funding this research work through the Project Number(IFP-2022-34).
文摘In the cloud environment,ensuring a high level of data security is in high demand.Data planning storage optimization is part of the whole security process in the cloud environment.It enables data security by avoiding the risk of data loss and data overlapping.The development of data flow scheduling approaches in the cloud environment taking security parameters into account is insufficient.In our work,we propose a data scheduling model for the cloud environment.Themodel is made up of three parts that together help dispatch user data flow to the appropriate cloudVMs.The first component is the Collector Agent whichmust periodically collect information on the state of the network links.The second one is the monitoring agent which must then analyze,classify,and make a decision on the state of the link and finally transmit this information to the scheduler.The third one is the scheduler who must consider previous information to transfer user data,including fair distribution and reliable paths.It should be noted that each part of the proposedmodel requires the development of its algorithms.In this article,we are interested in the development of data transfer algorithms,including fairness distribution with the consideration of a stable link state.These algorithms are based on the grouping of transmitted files and the iterative method.The proposed algorithms showthe performances to obtain an approximate solution to the studied problem which is an NP-hard(Non-Polynomial solution)problem.The experimental results show that the best algorithm is the half-grouped minimum excluding(HME),with a percentage of 91.3%,an average deviation of 0.042,and an execution time of 0.001 s.
文摘The increasing amount and intricacy of network traffic in the modern digital era have worsened the difficulty of identifying abnormal behaviours that may indicate potential security breaches or operational interruptions. Conventional detection approaches face challenges in keeping up with the ever-changing strategies of cyber-attacks, resulting in heightened susceptibility and significant harm to network infrastructures. In order to tackle this urgent issue, this project focused on developing an effective anomaly detection system that utilizes Machine Learning technology. The suggested model utilizes contemporary machine learning algorithms and frameworks to autonomously detect deviations from typical network behaviour. It promptly identifies anomalous activities that may indicate security breaches or performance difficulties. The solution entails a multi-faceted approach encompassing data collection, preprocessing, feature engineering, model training, and evaluation. By utilizing machine learning methods, the model is trained on a wide range of datasets that include both regular and abnormal network traffic patterns. This training ensures that the model can adapt to numerous scenarios. The main priority is to ensure that the system is functional and efficient, with a particular emphasis on reducing false positives to avoid unwanted alerts. Additionally, efforts are directed on improving anomaly detection accuracy so that the model can consistently distinguish between potentially harmful and benign activity. This project aims to greatly strengthen network security by addressing emerging cyber threats and improving their resilience and reliability.
文摘Network intrusion detection systems need to be updated due to the rise in cyber threats. In order to improve detection accuracy, this research presents a strong strategy that makes use of a stacked ensemble method, which combines the advantages of several machine learning models. The ensemble is made up of various base models, such as Decision Trees, K-Nearest Neighbors (KNN), Multi-Layer Perceptrons (MLP), and Naive Bayes, each of which offers a distinct perspective on the properties of the data. The research adheres to a methodical workflow that begins with thorough data preprocessing to guarantee the accuracy and applicability of the data. In order to extract useful attributes from network traffic data—which are essential for efficient model training—feature engineering is used. The ensemble approach combines these models by training a Logistic Regression model meta-learner on base model predictions. In addition to increasing prediction accuracy, this tiered approach helps get around the drawbacks that come with using individual models. High accuracy, precision, and recall are shown in the model’s evaluation of a network intrusion dataset, indicating the model’s efficacy in identifying malicious activity. Cross-validation is used to make sure the models are reliable and well-generalized to new, untested data. In addition to advancing cybersecurity, the research establishes a foundation for the implementation of flexible and scalable intrusion detection systems. This hybrid, stacked ensemble model has a lot of potential for improving cyberattack prevention, lowering the likelihood of cyberattacks, and offering a scalable solution that can be adjusted to meet new threats and technological advancements.
基金Funding for this study is received from the Ministry of Education and Deanship of Scientific Research at King Abdulaziz University,Kingdom of Saudi Arabia under Grant No.IFPHI-269-611-2020.
文摘Most of the security strategies today are primarily designed to provide security protection,rather than to solve one of the basic security issues related to adequate software product architecture.Several models,frameworks and methodologies have been introduced by the researchers for a secure and sustainable software development life cycle.Therefore it is important to assess the usability of the popular security requirements engineering(SRE)approaches.A significant factor in the management and handling of successful security requirements is the assessment of security requirements engineering method performance.This assessment will allow changes to the engineering process of security requirements.The consistency of security requirements depends heavily on the usability of security requirements engineering.Several SRE approaches are available for use and each approach takes into account several factors of usability but does not cover every element of usability.There seems to be no realistic implementation of such models because the concept of usability is not specific.This paper aims at specifying the different taxonomy of usability and design hierarchical usability model.The taxonomy takes into account the common quality assessment parameters that combine variables,attributes,and characteristics identified in different approaches used for security requirements engineering.The multiple-criteria decision-making(MCDM)model used in this paper for usability evaluation is called the fuzzy AHP-TOPSIS model which can conveniently be incorporated into the current approach of software engineering.Five significant usability criteria are identified and used to evaluate the six different alternatives.Such strategies are graded as per their expected values of usability.
基金the Deanship of Scientific Research(DSR),King Abdulaziz University,Jeddah,under grant No.G-323-611-1441.
文摘The advanced technological need,exacerbated by the flexible time constraints,leads to several more design level unexplored vulnerabilities.Security is an extremely vital component in software development;we must take charge of security and therefore analysis of software security risk assumes utmost significance.In order to handle the cyber-security risk of the web application and protect individuals,information and properties effectively,one must consider what needs to be secured,what are the perceived threats and the protection of assets.Security preparation plans,implements,tracks,updates and consistently develops safety risk management activities.Risk management must be interpreted as the major component for tackling security efficiently.In particular,during application development,security is considered as an add-on but not the main issue.It is important for the researchers to stress on the consideration of protection right from the earlier developmental stages of the software.This approach will help in designing software which can itself combat threats and does not depend on external security programs.Therefore,it is essential to evaluate the impact of security risks during software design.In this paper the researchers have used the hybrid Fuzzy AHPTOPSIS method to evaluate the risks for improving security durability of different Institutional Web Applications.In addition,the e-component of security risk is measured on software durability,and vice versa.The paper’s findings will prove to be valuable for enhancing the security durability of different web applications.
文摘The proliferation of maliciously coded documents as file transfers increase has led to a rise in sophisticated attacks.Portable Document Format(PDF)files have emerged as a major attack vector for malware due to their adaptability and wide usage.Detecting malware in PDF files is challenging due to its ability to include various harmful elements such as embedded scripts,exploits,and malicious URLs.This paper presents a comparative analysis of machine learning(ML)techniques,including Naive Bayes(NB),K-Nearest Neighbor(KNN),Average One Dependency Estimator(A1DE),RandomForest(RF),and SupportVectorMachine(SVM)forPDFmalware detection.The study utilizes a dataset obtained from the Canadian Institute for Cyber-security and employs different testing criteria,namely percentage splitting and 10-fold cross-validation.The performance of the techniques is evaluated using F1-score,precision,recall,and accuracy measures.The results indicate that KNNoutperforms other models,achieving an accuracy of 99.8599%using 10-fold cross-validation.The findings highlight the effectiveness of ML models in accurately detecting PDF malware and provide insights for developing robust systems to protect against malicious activities.
基金supported by Yayasan Universiti Teknologi PETRONAS Grant Scheme015LC0029 and 015LC0277.
文摘A web browser is the most basic tool for accessing the internet from any of the machines/equipment.Recently,data breaches have been reported frequently from users who are concerned about their personal information,as well as threats from criminal actors.Giving loss of data and information to an innocent user comes under the jurisdiction of cyber-attack.These kinds of cyber-attacks are far more dangerous when it comes to the many types of devices employed in an internet of things(IoT)environment.Continuous surveillance of IoT devices and forensic tools are required to overcome the issues pertaining to secure data and assets.Peer to peer(P2P)applications have been utilized for criminal operations on the web.Therefore,it is a challenge for a forensic investigator to perform forensic analysis of the evolving hardware and software platforms for IoT.For identity concealment and privacy protection,the Onion Router(Tor)and Chrome with the Invisible Internet Project(I2P)as the foundation browser are often used.Confirmation is required to determine whether Tor is truly anonymous and private as they claim.Some people,on the other hand,utilize the Tor browser for evil reasons.Tools and techniques are available for the collection of artifacts,identifying problem areas,further processing and analysis of data on the computer and IoT.Present research tried to explore a few tools for the tracing of I2P activities over computer on windows 10 that reflects IoT devices.According to the results of this research,it leaves an excessive amount of important digital evidence on the operating system that can be exploited to attack the information of users.This research is based on windows operating system and does not support other operating systems.
文摘Our dependency on energy is so vital that it makes it difficult to imagine how humans can live on our planet earth without it.The demand for electricity,for example,is directly related to the growth of the population worldwide,and presently,to meet this demand,we need both renewable and nonrenewable energy.While nonrenewable energy has its shortcomings(negative impact on climate change,for example),renewable energy is not enough to address the ever-changing demand for energy.One way to address this need is to become more innovative,use technology more effectively,and be aware of the costs associated with different sources of renewable energy.In the case of nuclear power plants,new innovative centered around small modular reactors(SMRs)of generation 4th of these plants make them safer and less costly to own them as well as to protect them via means of cyber-security against any attack by smart malware.Of course,understanding the risks and how to address them is an integral part of the study.Natural sources of energy,such as wind and solar,are suggesting other innovating technical approaches.In this article,we are studying these factors holistically,and details have been laid out in a book by the authors’second volume of series title as Knowledge Is Power in Four Dimensions under Energy subtitle.
文摘Ensuring stability and reliability in power systems requires accurate state estimation, which is challenging due to the growing network size, noisy measurements, and nonlinear power-flow equations. In this paper, we introduce the Graph Attention Estimation Network (GAEN) model to tackle power system state estimation (PSSE) by capitalizing on the inherent graph structure of power grids. This approach facilitates efficient information exchange among interconnected buses, yielding a distributed, computationally efficient architecture that is also resilient to cyber-attacks. We develop a thorough approach by utilizing Graph Convolutional Neural Networks (GCNNs) and attention mechanism in PSSE based on Supervisory Control and Data Acquisition (SCADA) and Phasor Measurement Unit (PMU) measurements, addressing the limitations of previous learning architectures. In accordance with the empirical results obtained from the experiments, the proposed method demonstrates superior performance and scalability compared to existing techniques. Furthermore, the amalgamation of local topological configurations with nodal-level data yields a heightened efficacy in the domain of state estimation. This work marks a significant achievement in the design of advanced learning architectures in PSSE, contributing and fostering the development of more reliable and secure power system operations.
文摘Communication plays a vital role in incorporating smartness into the interconnected power system.However,historical records prove that the data transfer has always been vulnerable to cyber-attacks.Unless these cyber-attacks are identified and cordoned off,they may lead to black-out and result in national security issues.This paper proposes an optimal two-stage Kalman filter(OTS-KF)for simultaneous state and cyber-attack estimation in automatic generation control(AGC)system.Biases/cyber-attacks are modeled as unknown inputs in the AGC dynamics.Five types of cyber-attacks,i.e.,false data injection(FDI),data replay attack,denial of service(DoS),scaling,and ramp attacks,are injected into the measurements and estimated using OTS-KF.As the load variations of each area are seldom available,OTS-KF is reformulated to estimate the states and outliers along with the load variations of the system.The proposed technique is validated on the benchmark two-area,three-area,and five-area power system models.The simulation results under various test conditions demonstrate the efficacy of the proposed filter.
基金the National Science Foundation(No.CNS-1449080,No.OAC-1934766)the Power System Engineering Research Center(PSERC)under projects S-72 and S-87。
文摘A nearest-neighbor-based detector against load redistribution attacks is presented.The detector is designed to scale from small-scale to very large-scale systems while guaranteeing consistent detection performance.Extensive testing is performed on a realistic large-scale system to evaluate the perfor-mance of the proposed detector against a wide range of attacks,from simple random noise attacks to sophisticated load redistribution attacks.The detection capability is analyzed against different attack parameters to evaluate its sensitivity.A statistical test that leverages the proposed detector is introduced to identify which loads are likely to have been maliciously modified,thus,localizing the attack subgraph.This test is based on ascribing to each load a risk measure(probability of being attacked)and then computing the best posterior likelihood that minimizes log-loss.
基金supported in part by the National Natural Science Foundation of China under Grants No.U1964201,62373281 and 62333015part by Shanghai Municipal Science and Technology Commission No.23ZR1467700.
文摘In this article,a systematic assessment of cyber-physical security is developed for the lane-keeping control(LKC)system of autonomous vehicles(AVs),which has not been attempted before.A novel impact analysis methodology for typical cyber-attacks is proposed with new evaluation metrics from the viewpoint of safety and performance and innovative index-based resilience and security criteria.Specifically,a security criterion is investigated by tracking performance,comfort and vehicle stability to evaluate the safety and security of the vehicle LKC system.Hardware-in-the-Loop(HiL)experimental results show that the proposed evaluation metrics are effective in analyzing the impact of cyberattacks on the commercial LKC system of Dongfeng Motor comprehensively.Finally,the conclusion provides guidelines for attack detection,diagnosis,and countermeasures for AVs.
