The rapid proliferation of Internet of Things(IoT)devices has heightened security concerns,making intrusion detection a pivotal challenge in safeguarding these networks.Traditional centralized Intrusion Detection Syst...The rapid proliferation of Internet of Things(IoT)devices has heightened security concerns,making intrusion detection a pivotal challenge in safeguarding these networks.Traditional centralized Intrusion Detection Systems(IDS)often fail to meet the privacy requirements and scalability demands of large-scale IoT ecosystems.To address these challenges,we propose an innovative privacy-preserving approach leveraging Federated Learning(FL)for distributed intrusion detection.Our model eliminates the need for aggregating sensitive data on a central server by training locally on IoT devices and sharing only encrypted model updates,ensuring enhanced privacy and scalability without compromising detection accuracy.Key innovations of this research include the integration of advanced deep learning techniques for real-time threat detection with minimal latency and a novel model to fortify the system’s resilience against diverse cyber-attacks such as Distributed Denial of Service(DDoS)and malware injections.Our evaluation on three benchmark IoT datasets demonstrates significant improvements:achieving 92.78%accuracy on NSL-KDD,91.47%on BoT-IoT,and 92.05%on UNSW-NB15.The precision,recall,and F1-scores for all datasets consistently exceed 91%.Furthermore,the communication overhead was reduced to 85 MB for NSL-KDD,105 MB for BoT-IoT,and 95 MB for UNSW-NB15—substantially lower than traditional centralized IDS approaches.This study contributes to the domain by presenting a scalable,secure,and privacy-preserving solution tailored to the unique characteristics of IoT environments.The proposed framework is adaptable to dynamic and heterogeneous settings,with potential applications extending to other privacy-sensitive domains.Future work will focus on enhancing the system’s efficiency and addressing emerging challenges such as model poisoning attacks in federated environments.展开更多
A hierarchical peer-to-peer(P2P)model and a data fusion method for network security situation awareness system are proposed to improve the efficiency of distributed security behavior monitoring network.The single po...A hierarchical peer-to-peer(P2P)model and a data fusion method for network security situation awareness system are proposed to improve the efficiency of distributed security behavior monitoring network.The single point failure of data analysis nodes is avoided by this P2P model,in which a greedy data forwarding method based on node priority and link delay is devised to promote the efficiency of data analysis nodes.And the data fusion method based on repulsive theory-Dumpster/Shafer(PSORT-DS)is used to deal with the challenge of multi-source alarm information.This data fusion method debases the false alarm rate.Compared with improved Dumpster/Shafer(DS)theoretical method based on particle swarm optimization(PSO)and classical DS evidence theoretical method,the proposed model reduces false alarm rate by 3%and 7%,respectively,whereas their detection rate increases by 4%and 16%,respectively.展开更多
This paper addresses the problem of distributed secure state estimation for multi-agent systems under homologous sensor attacks.Two types of secure Luenberger-like distributed observers are proposed to estimate the sy...This paper addresses the problem of distributed secure state estimation for multi-agent systems under homologous sensor attacks.Two types of secure Luenberger-like distributed observers are proposed to estimate the system state and attack signal simultaneously.Specifically,the proposed two observers are applicable to deal with the cases in the presence and absence of time delays during network communication.It is also shown that the proposed observers can ensure the attack estimations from different agents asymptotically converge to the same value.Sufficient conditions for guaranteeing the asymptotic convergence of the estimation errors are derived.Simulation examples are finally provided to demonstrate the effectiveness of the proposed results.展开更多
The quantum key distribution (QKD) allows two parties to share a secret key by typically making use of a one-way quantum channel. Howevery the two-way QKD has its own unique advantages, which means the two-way QKD h...The quantum key distribution (QKD) allows two parties to share a secret key by typically making use of a one-way quantum channel. Howevery the two-way QKD has its own unique advantages, which means the two-way QKD has become a focus recently. To improve the practieM performance of the two-way QKD, we present a security analysis of a two-way QKD protocol based on the decoy method with heralded single-photon sources (HSPSs). We make use of two approaches to calculate the yield and the quantum bit error rate of single-photon and two-photon pulses. Then we present the secret key generation rate based on the GLLP formula. The numerical simulation shows that the protocol with HSPSs has an advantage in the secure distance compared with weak coherent state sources. In addition, we present the final secret key by considering the statistical fluctuation of the yield generation rate of the LM05 protocol with finite resources and the error rate.展开更多
Considering the ocean water's optical attenuation and the roughness of the sea surface, we analyze the security of continuous-variable (CV) quantum key distribution (QKD) based Mr-to-water channel. The effects of...Considering the ocean water's optical attenuation and the roughness of the sea surface, we analyze the security of continuous-variable (CV) quantum key distribution (QKD) based Mr-to-water channel. The effects of the absorp- tion and scattering on the transmittance of underwater quantum channel and the maximum secure transmission distance are studied. Considering the roughness of the sea surface, we simulate the performance bounds of CV QKD with different wind speeds using the Monte Carlo method. The results show that even if the secret key rate gradually reduces as the wind speed increases, the maximum transmission distance will not be affected obviously. Compared to the works regarding short-distance underwater optical communication, our research represents a significant step towards establishing secure communication between air platform and submarine vehicle.展开更多
The security of Federated Learning(FL)/Distributed Machine Learning(DML)is gravely threatened by data poisoning attacks,which destroy the usability of the model by contaminating training samples,so such attacks are ca...The security of Federated Learning(FL)/Distributed Machine Learning(DML)is gravely threatened by data poisoning attacks,which destroy the usability of the model by contaminating training samples,so such attacks are called causative availability indiscriminate attacks.Facing the problem that existing data sanitization methods are hard to apply to real-time applications due to their tedious process and heavy computations,we propose a new supervised batch detection method for poison,which can fleetly sanitize the training dataset before the local model training.We design a training dataset generation method that helps to enhance accuracy and uses data complexity features to train a detection model,which will be used in an efficient batch hierarchical detection process.Our model stockpiles knowledge about poison,which can be expanded by retraining to adapt to new attacks.Being neither attack-specific nor scenario-specific,our method is applicable to FL/DML or other online or offline scenarios.展开更多
Semi-device-independent quantum key distribution (SDI-QKD) has been proposed by applying the quantum dimension correlation, and the security relies on the violation of quantum dimension witness inequalities. We prov...Semi-device-independent quantum key distribution (SDI-QKD) has been proposed by applying the quantum dimension correlation, and the security relies on the violation of quantum dimension witness inequalities. We prove the security of the SDI-QKD protocol under the depolarization channel by considering the quantum dimension witness inequalities and minimum entropy and the specific process of the QKD protocol, combining with a four- quantum-state preparation and three measurement bases. We also provide the relationship between the dimension witness value, the error rate and the security key rate by the numerical simulation.展开更多
We investigate the effect of collective-rotation noise on the security of the six-state quantum key distribution. We study the case where the eavesdropper, Eve, performs an intercept-resend attack on the quantum commu...We investigate the effect of collective-rotation noise on the security of the six-state quantum key distribution. We study the case where the eavesdropper, Eve, performs an intercept-resend attack on the quantum communication between Alice, the sender, and Bob, the receiver. We first derive the collective-rotation noise model for the six-state protocol and then parameterize the mutual information between Alice and Eve. We then derive quantum bit error rate for three interceptresend attack scenarios. We observe that the six-state protocol is robust against intercept-resend attacks on collective rotation noise channels when the rotation angle is kept within certain bounds.展开更多
The mega-constellation is a major future development direction for space-based technologies in communications,navigation,remote sensing,and other fields.However,there are marked security threats to the mega-constellat...The mega-constellation is a major future development direction for space-based technologies in communications,navigation,remote sensing,and other fields.However,there are marked security threats to the mega-constellation.Traditional password-based security protection techniques are inefficient for vast node access authentication because they lack a unified management system and methodology.To address the aforementioned issues,this work presents a mega-constellation node security access authentication technique based on sharding blockchain via the“1+N+1”mega-constellation security and trustworthiness architecture.We build a distributed node security access authentication system based on functional domains and functional cross-domains,and we develop mathematical models for the complexity of messaging and space,the throughput of transactions,and the overall estimation of sharding blockchain systems.The results demonstrate that every indicator outperforms conventional blockchain techniques,which has major implications for mega-constellation by creating a complete link security and trustworthiness system.A universal solution for the number of consensus nodes I and the number of shards N is found,which can be used to guide parameter design in mega-constellation sharding blockchain systems.展开更多
基金supported and funded by the Deanship of Graduate Studies and Scientific Research at Qassim University for financial support(QU-APC-2025).
文摘The rapid proliferation of Internet of Things(IoT)devices has heightened security concerns,making intrusion detection a pivotal challenge in safeguarding these networks.Traditional centralized Intrusion Detection Systems(IDS)often fail to meet the privacy requirements and scalability demands of large-scale IoT ecosystems.To address these challenges,we propose an innovative privacy-preserving approach leveraging Federated Learning(FL)for distributed intrusion detection.Our model eliminates the need for aggregating sensitive data on a central server by training locally on IoT devices and sharing only encrypted model updates,ensuring enhanced privacy and scalability without compromising detection accuracy.Key innovations of this research include the integration of advanced deep learning techniques for real-time threat detection with minimal latency and a novel model to fortify the system’s resilience against diverse cyber-attacks such as Distributed Denial of Service(DDoS)and malware injections.Our evaluation on three benchmark IoT datasets demonstrates significant improvements:achieving 92.78%accuracy on NSL-KDD,91.47%on BoT-IoT,and 92.05%on UNSW-NB15.The precision,recall,and F1-scores for all datasets consistently exceed 91%.Furthermore,the communication overhead was reduced to 85 MB for NSL-KDD,105 MB for BoT-IoT,and 95 MB for UNSW-NB15—substantially lower than traditional centralized IDS approaches.This study contributes to the domain by presenting a scalable,secure,and privacy-preserving solution tailored to the unique characteristics of IoT environments.The proposed framework is adaptable to dynamic and heterogeneous settings,with potential applications extending to other privacy-sensitive domains.Future work will focus on enhancing the system’s efficiency and addressing emerging challenges such as model poisoning attacks in federated environments.
基金Supported by the National Natural Science Foundation of China(61370212)the Research Fund for the Doctoral Program of Higher Education of China(20122304130002)+1 种基金the Natural Science Foundation of Heilongjiang Province(ZD 201102)the Fundamental Research Fund for the Central Universities(HEUCFZ1213,HEUCF100601)
文摘A hierarchical peer-to-peer(P2P)model and a data fusion method for network security situation awareness system are proposed to improve the efficiency of distributed security behavior monitoring network.The single point failure of data analysis nodes is avoided by this P2P model,in which a greedy data forwarding method based on node priority and link delay is devised to promote the efficiency of data analysis nodes.And the data fusion method based on repulsive theory-Dumpster/Shafer(PSORT-DS)is used to deal with the challenge of multi-source alarm information.This data fusion method debases the false alarm rate.Compared with improved Dumpster/Shafer(DS)theoretical method based on particle swarm optimization(PSO)and classical DS evidence theoretical method,the proposed model reduces false alarm rate by 3%and 7%,respectively,whereas their detection rate increases by 4%and 16%,respectively.
基金supported by the Fundamental Research Funds for the Central Universities(buctrc202201)High Performance Computing Platform,College of Information Science and Technology,Beijing University of Chemical Technology。
文摘This paper addresses the problem of distributed secure state estimation for multi-agent systems under homologous sensor attacks.Two types of secure Luenberger-like distributed observers are proposed to estimate the system state and attack signal simultaneously.Specifically,the proposed two observers are applicable to deal with the cases in the presence and absence of time delays during network communication.It is also shown that the proposed observers can ensure the attack estimations from different agents asymptotically converge to the same value.Sufficient conditions for guaranteeing the asymptotic convergence of the estimation errors are derived.Simulation examples are finally provided to demonstrate the effectiveness of the proposed results.
基金Supported by the National Basic Research Program of China under Grant No 2013CB338002the National Natural Science Foundation of China under Grant Nos 11304397 and 61505261
文摘The quantum key distribution (QKD) allows two parties to share a secret key by typically making use of a one-way quantum channel. Howevery the two-way QKD has its own unique advantages, which means the two-way QKD has become a focus recently. To improve the practieM performance of the two-way QKD, we present a security analysis of a two-way QKD protocol based on the decoy method with heralded single-photon sources (HSPSs). We make use of two approaches to calculate the yield and the quantum bit error rate of single-photon and two-photon pulses. Then we present the secret key generation rate based on the GLLP formula. The numerical simulation shows that the protocol with HSPSs has an advantage in the secure distance compared with weak coherent state sources. In addition, we present the final secret key by considering the statistical fluctuation of the yield generation rate of the LM05 protocol with finite resources and the error rate.
基金Supported by the National Natural Science Foundation of China under Grant No 61572529
文摘Considering the ocean water's optical attenuation and the roughness of the sea surface, we analyze the security of continuous-variable (CV) quantum key distribution (QKD) based Mr-to-water channel. The effects of the absorp- tion and scattering on the transmittance of underwater quantum channel and the maximum secure transmission distance are studied. Considering the roughness of the sea surface, we simulate the performance bounds of CV QKD with different wind speeds using the Monte Carlo method. The results show that even if the secret key rate gradually reduces as the wind speed increases, the maximum transmission distance will not be affected obviously. Compared to the works regarding short-distance underwater optical communication, our research represents a significant step towards establishing secure communication between air platform and submarine vehicle.
基金supported in part by the“Pioneer”and“Leading Goose”R&D Program of Zhejiang(Grant No.2022C03174)the National Natural Science Foundation of China(No.92067103)+4 种基金the Key Research and Development Program of Shaanxi,China(No.2021ZDLGY06-02)the Natural Science Foundation of Shaanxi Province(No.2019ZDLGY12-02)the Shaanxi Innovation Team Project(No.2018TD-007)the Xi'an Science and technology Innovation Plan(No.201809168CX9JC10)the Fundamental Research Funds for the Central Universities(No.YJS2212)and National 111 Program of China B16037.
文摘The security of Federated Learning(FL)/Distributed Machine Learning(DML)is gravely threatened by data poisoning attacks,which destroy the usability of the model by contaminating training samples,so such attacks are called causative availability indiscriminate attacks.Facing the problem that existing data sanitization methods are hard to apply to real-time applications due to their tedious process and heavy computations,we propose a new supervised batch detection method for poison,which can fleetly sanitize the training dataset before the local model training.We design a training dataset generation method that helps to enhance accuracy and uses data complexity features to train a detection model,which will be used in an efficient batch hierarchical detection process.Our model stockpiles knowledge about poison,which can be expanded by retraining to adapt to new attacks.Being neither attack-specific nor scenario-specific,our method is applicable to FL/DML or other online or offline scenarios.
基金Supported by the National Basic Research Program of China under Grant No 2013CB338002the National Natural Science Foundation of China under Grant Nos 11304397 and 61505261
文摘Semi-device-independent quantum key distribution (SDI-QKD) has been proposed by applying the quantum dimension correlation, and the security relies on the violation of quantum dimension witness inequalities. We prove the security of the SDI-QKD protocol under the depolarization channel by considering the quantum dimension witness inequalities and minimum entropy and the specific process of the QKD protocol, combining with a four- quantum-state preparation and three measurement bases. We also provide the relationship between the dimension witness value, the error rate and the security key rate by the numerical simulation.
基金Project supported by the South African Research Chair Initiative of the Department of Science and Technology and National Research Foundation
文摘We investigate the effect of collective-rotation noise on the security of the six-state quantum key distribution. We study the case where the eavesdropper, Eve, performs an intercept-resend attack on the quantum communication between Alice, the sender, and Bob, the receiver. We first derive the collective-rotation noise model for the six-state protocol and then parameterize the mutual information between Alice and Eve. We then derive quantum bit error rate for three interceptresend attack scenarios. We observe that the six-state protocol is robust against intercept-resend attacks on collective rotation noise channels when the rotation angle is kept within certain bounds.
基金the specific grant from China’s National Social Science Foundation (U23B2025 and U22B2014).
文摘The mega-constellation is a major future development direction for space-based technologies in communications,navigation,remote sensing,and other fields.However,there are marked security threats to the mega-constellation.Traditional password-based security protection techniques are inefficient for vast node access authentication because they lack a unified management system and methodology.To address the aforementioned issues,this work presents a mega-constellation node security access authentication technique based on sharding blockchain via the“1+N+1”mega-constellation security and trustworthiness architecture.We build a distributed node security access authentication system based on functional domains and functional cross-domains,and we develop mathematical models for the complexity of messaging and space,the throughput of transactions,and the overall estimation of sharding blockchain systems.The results demonstrate that every indicator outperforms conventional blockchain techniques,which has major implications for mega-constellation by creating a complete link security and trustworthiness system.A universal solution for the number of consensus nodes I and the number of shards N is found,which can be used to guide parameter design in mega-constellation sharding blockchain systems.
