Lateral movement represents the most covert and critical phase of Advanced Persistent Threats(APTs),and its detection still faces two primary challenges:sample scarcity and“cold start”of new entities.To address thes...Lateral movement represents the most covert and critical phase of Advanced Persistent Threats(APTs),and its detection still faces two primary challenges:sample scarcity and“cold start”of new entities.To address these challenges,we propose an Uncertainty-Driven Graph Embedding-Enhanced Lateral Movement Detection framework(UGEA-LMD).First,the framework employs event-level incremental encoding on a continuous-time graph to capture fine-grained behavioral evolution,enabling newly appearing nodes to retain temporal contextual awareness even in the absence of historical interactions and thereby fundamentally mitigating the cold-start problem.Second,in the embedding space,we model the dependency structure among feature dimensions using a Gaussian copula to quantify the uncertainty distribution,and generate augmented samples with consistent structural and semantic properties through adaptive sampling,thus expanding the representation space of sparse samples and enhancing the model’s generalization under sparse sample conditions.Unlike static graph methods that cannot model temporal dependencies or data augmentation techniques that depend on predefined structures,UGEA-LMD offers both superior temporaldynamic modeling and structural generalization.Experimental results on the large-scale LANL log dataset demonstrate that,under the transductive setting,UGEA-LMD achieves an AUC of 0.9254;even when 10%of nodes or edges are withheld during training,UGEA-LMD significantly outperforms baseline methods on metrics such as recall and AUC,confirming its robustness and generalization capability in sparse-sample and cold-start scenarios.展开更多
The detection of cyber threats has recently been a crucial research domain as the internet and data drive people’s livelihood.Several cyber-attacks lead to the compromise of data security.The proposed system offers c...The detection of cyber threats has recently been a crucial research domain as the internet and data drive people’s livelihood.Several cyber-attacks lead to the compromise of data security.The proposed system offers complete data protection from Advanced Persistent Threat(APT)attacks with attack detection and defence mechanisms.The modified lateral movement detection algorithm detects the APT attacks,while the defence is achieved by the Dynamic Deception system that makes use of the belief update algorithm.Before termination,every cyber-attack undergoes multiple stages,with the most prominent stage being Lateral Movement(LM).The LM uses a Remote Desktop protocol(RDP)technique to authenticate the unauthorised host leaving footprints on the network and host logs.An anomaly-based approach leveraging the RDP event logs on Windows is used for detecting the evidence of LM.After extracting various feature sets from the logs,the RDP sessions are classified using machine-learning techniques with high recall and precision.It is found that the AdaBoost classifier offers better accuracy,precision,F1 score and recall recording 99.9%,99.9%,0.99 and 0.98%.Further,a dynamic deception process is used as a defence mechanism to mitigateAPTattacks.A hybrid encryption communication,dynamic(Internet Protocol)IP address generation,timing selection and policy allocation are established based on mathematical models.A belief update algorithm controls the defender’s action.The performance of the proposed system is compared with the state-of-the-art models.展开更多
The exploration of smart electronic textiles is a common goal to improve people’s quality of life.However,current smart e-textiles still face challenges such as being prone to failure under humid or cold conditions,l...The exploration of smart electronic textiles is a common goal to improve people’s quality of life.However,current smart e-textiles still face challenges such as being prone to failure under humid or cold conditions,lack of washing durability and chemical fragility.Herein,a multifunctional strain sensor with a negative resistance change was developed based on the excellent elasticity of knitted fabrics.A reduced graphene oxide(rGO)conductive fabric was first obtained by electrostatic self-assembly of chitosan(CS).Then a strain sensor was prepared using a dip-coating process to adsorb nanoscale silica dioxide and poly(dimethylsiloxane)(PDMS).A broad working range of 60%,a fast response time(22 ms)and stable cycling durability over 4000 cycles were simultaneously achieved using the prepared sensor.Furthermore,the sensor showed excel-lent superhydrophobicity,photothermal effects and UV protection,as graphene,silica and PDMS acted in synergy.This multifunctional sensor could be mounted on human joints to perform tasks,including activity monitoring,medical rehabili-tation evaluation and gesture recognition,due to its superior electromechanical capabilities.Based on its multiple superior properties,this sensor could be used as winter sportswear for athletes to track their actions without being impacted by water and as a warmer to ensure the wearer's comfort.展开更多
基金supported by the Zhongyuan University of Technology Discipline Backbone Teacher Support Program Project(No.GG202417)the Key Research and Development Program of Henan under Grant 251111212000.
文摘Lateral movement represents the most covert and critical phase of Advanced Persistent Threats(APTs),and its detection still faces two primary challenges:sample scarcity and“cold start”of new entities.To address these challenges,we propose an Uncertainty-Driven Graph Embedding-Enhanced Lateral Movement Detection framework(UGEA-LMD).First,the framework employs event-level incremental encoding on a continuous-time graph to capture fine-grained behavioral evolution,enabling newly appearing nodes to retain temporal contextual awareness even in the absence of historical interactions and thereby fundamentally mitigating the cold-start problem.Second,in the embedding space,we model the dependency structure among feature dimensions using a Gaussian copula to quantify the uncertainty distribution,and generate augmented samples with consistent structural and semantic properties through adaptive sampling,thus expanding the representation space of sparse samples and enhancing the model’s generalization under sparse sample conditions.Unlike static graph methods that cannot model temporal dependencies or data augmentation techniques that depend on predefined structures,UGEA-LMD offers both superior temporaldynamic modeling and structural generalization.Experimental results on the large-scale LANL log dataset demonstrate that,under the transductive setting,UGEA-LMD achieves an AUC of 0.9254;even when 10%of nodes or edges are withheld during training,UGEA-LMD significantly outperforms baseline methods on metrics such as recall and AUC,confirming its robustness and generalization capability in sparse-sample and cold-start scenarios.
文摘The detection of cyber threats has recently been a crucial research domain as the internet and data drive people’s livelihood.Several cyber-attacks lead to the compromise of data security.The proposed system offers complete data protection from Advanced Persistent Threat(APT)attacks with attack detection and defence mechanisms.The modified lateral movement detection algorithm detects the APT attacks,while the defence is achieved by the Dynamic Deception system that makes use of the belief update algorithm.Before termination,every cyber-attack undergoes multiple stages,with the most prominent stage being Lateral Movement(LM).The LM uses a Remote Desktop protocol(RDP)technique to authenticate the unauthorised host leaving footprints on the network and host logs.An anomaly-based approach leveraging the RDP event logs on Windows is used for detecting the evidence of LM.After extracting various feature sets from the logs,the RDP sessions are classified using machine-learning techniques with high recall and precision.It is found that the AdaBoost classifier offers better accuracy,precision,F1 score and recall recording 99.9%,99.9%,0.99 and 0.98%.Further,a dynamic deception process is used as a defence mechanism to mitigateAPTattacks.A hybrid encryption communication,dynamic(Internet Protocol)IP address generation,timing selection and policy allocation are established based on mathematical models.A belief update algorithm controls the defender’s action.The performance of the proposed system is compared with the state-of-the-art models.
基金supported by the Innovation Team and Talents Cultivation Program of National Administration of Traditional Chinese Medicine(No.Z YYCXTD-D-202206)the Natural Science Foundation of Jiangxi Province,China(No.20212BAB214016)+3 种基金the Fundamental Research Funds for the Central Universities(No.JUSRP52007A)the International Science and Technology Center(No.BZ2018032)the Jiangsu Province Advanced Textile Engineering Technology Centre Funding Project(XJFZ/2021/4)the National Natural Science Foundation of China(No.51603090).
文摘The exploration of smart electronic textiles is a common goal to improve people’s quality of life.However,current smart e-textiles still face challenges such as being prone to failure under humid or cold conditions,lack of washing durability and chemical fragility.Herein,a multifunctional strain sensor with a negative resistance change was developed based on the excellent elasticity of knitted fabrics.A reduced graphene oxide(rGO)conductive fabric was first obtained by electrostatic self-assembly of chitosan(CS).Then a strain sensor was prepared using a dip-coating process to adsorb nanoscale silica dioxide and poly(dimethylsiloxane)(PDMS).A broad working range of 60%,a fast response time(22 ms)and stable cycling durability over 4000 cycles were simultaneously achieved using the prepared sensor.Furthermore,the sensor showed excel-lent superhydrophobicity,photothermal effects and UV protection,as graphene,silica and PDMS acted in synergy.This multifunctional sensor could be mounted on human joints to perform tasks,including activity monitoring,medical rehabili-tation evaluation and gesture recognition,due to its superior electromechanical capabilities.Based on its multiple superior properties,this sensor could be used as winter sportswear for athletes to track their actions without being impacted by water and as a warmer to ensure the wearer's comfort.
