Dear Editor,The attacker is always going to intrude covertly networked control systems(NCSs)by dynamically changing false data injection attacks(FDIAs)strategy,while the defender try their best to resist attacks by de...Dear Editor,The attacker is always going to intrude covertly networked control systems(NCSs)by dynamically changing false data injection attacks(FDIAs)strategy,while the defender try their best to resist attacks by designing defense strategy on the basis of identifying attack strategy,maintaining stable operation of NCSs.To solve this attack-defense game problem,this letter investigates optimal secure control of NCSs under FDIAs.First,for the alterations of energy caused by false data,a novel attack-defense game model is constructed,which considers the changes of energy caused by the actions of the defender and attacker in the forward and feedback channels.展开更多
Building attack scenario is one of the most important aspects in network security.This paper pro-posed a system which collects intrusion alerts,clusters them as sub-attacks using alerts abstraction,ag-gregates the sim...Building attack scenario is one of the most important aspects in network security.This paper pro-posed a system which collects intrusion alerts,clusters them as sub-attacks using alerts abstraction,ag-gregates the similar sub-attacks,and then correlates and generates correlation graphs.The scenarios wererepresented by alert classes instead of alerts themselves so as to reduce the required rules and have the a-bility of detecting new variations of attacks.The proposed system is capable of passing some of the missedattacks.To evaluate system effectiveness,it was tested with different datasets which contain multi-stepattacks.Compressed and easily understandable Correlation graphs which reflect attack scenarios were gen-erated.The proposed system can correlate related alerts,uncover the attack strategies,and detect newvariations of attacks.展开更多
The application of machine learning for pyrite discrimination establishes a robust foundation for constructing the ore-forming history of multi-stage deposits;however,published models face challenges related to limite...The application of machine learning for pyrite discrimination establishes a robust foundation for constructing the ore-forming history of multi-stage deposits;however,published models face challenges related to limited,imbalanced datasets and oversampling.In this study,the dataset was expanded to approximately 500 samples for each type,including 508 sedimentary,573 orogenic gold,548 sedimentary exhalative(SEDEX)deposits,and 364 volcanogenic massive sulfides(VMS)pyrites,utilizing random forest(RF)and support vector machine(SVM)methodologies to enhance the reliability of the classifier models.The RF classifier achieved an overall accuracy of 99.8%,and the SVM classifier attained an overall accuracy of 100%.The model was evaluated by a five-fold cross-validation approach with 93.8%accuracy for the RF and 94.9%for the SVM classifier.These results demonstrate the strong feasibility of pyrite classification,supported by a relatively large,balanced dataset and high accuracy rates.The classifier was employed to reveal the genesis of the controversial Keketale Pb-Zn deposit in NW China,which has been inconclusive among SEDEX,VMS,or a SEDEX-VMS transition.Petrographic investigations indicated that the deposit comprises early fine-grained layered pyrite(Py1)and late recrystallized pyrite(Py2).The majority voting classified Py1 as the VMS type,with an accuracy of RF and SVM being 72.2%and 75%,respectively,and confirmed Py2 as an orogenic type with 74.3% and 77.1%accuracy,respectively.The new findings indicated that the Keketale deposit originated from a submarine VMS mineralization system,followed by late orogenic-type overprinting of metamorphism and deformation,which is consistent with the geological and geochemical observations.This study further emphasizes the advantages of Machine learning(ML)methods in accurately and directly discriminating the deposit types and reconstructing the formation history of multi-stage deposits.展开更多
The high proportion of uncertain distributed power sources and the access to large-scale random electric vehicle(EV)charging resources further aggravate the voltage fluctuation of the distribution network,and the exis...The high proportion of uncertain distributed power sources and the access to large-scale random electric vehicle(EV)charging resources further aggravate the voltage fluctuation of the distribution network,and the existing research has not deeply explored the EV active-reactive synergistic regulating characteristics,and failed to realize themulti-timescale synergistic control with other regulatingmeans,For this reason,this paper proposes amultilevel linkage coordinated optimization strategy to reduce the voltage deviation of the distribution network.Firstly,a capacitor bank reactive power compensation voltage control model and a distributed photovoltaic(PV)activereactive power regulationmodel are established.Additionally,an external characteristicmodel of EVactive-reactive power regulation is developed considering the four-quadrant operational characteristics of the EVcharger.Amultiobjective optimization model of the distribution network is then constructed considering the time-series coupling constraints of multiple types of voltage regulators.A multi-timescale control strategy is proposed by considering the impact of voltage regulators on active-reactive EV energy consumption and PV energy consumption.Then,a four-stage voltage control optimization strategy is proposed for various types of voltage regulators with multiple time scales.Themulti-objective optimization is solved with the improvedDrosophila algorithmto realize the power fluctuation control of the distribution network and themulti-stage voltage control optimization.Simulation results validate that the proposed voltage control optimization strategy achieves the coordinated control of decentralized voltage control resources in the distribution network.It effectively reduces the voltage deviation of the distribution network while ensuring the energy demand of EV users and enhancing the stability and economic efficiency of the distribution network.展开更多
Although previous researchers have attempted to decipher ore genesis and mineralization in the Erdaokan Ag-Pb-Zn deposit,some uncertainties regarding the mineralization process and evolution of both ore-forming fluids...Although previous researchers have attempted to decipher ore genesis and mineralization in the Erdaokan Ag-Pb-Zn deposit,some uncertainties regarding the mineralization process and evolution of both ore-forming fluids and magnetite types still need to be addressed.In this study,we obtained new EPMA,LA-ICP-MS,and in situ Fe isotope data from magnetite from the Erdaokan deposit,in order to better understand the mineralization mechanism and evolution of both magnetite and the ore-forming fluids.Our results identified seven types of magnetite at Erdaokan:disseminated magnetite(Mag1),coarse-grained magnetite(Mag2a),radial magnetite(Mag2b),fragmented fine-grained magnetite(Mag2c),vermicular gel magnetite(Mag3a1 and Mag3a2),colloidal magnetite(Mag3b)and dark gray magnetite(Mag4).All of the magnetite types were hydrothermal in origin and generally low in Ti(<400 ppm)and Ni(<800 ppm),while being enriched in light Fe isotopes(δ^(56)Fe ranging from−1.54‰to−0.06‰).However,they exhibit different geochemical signatures and are thus classified into high-manganese magnetite(Mag1,MnO>5 wt%),low-silicon magnetite(Mag2a-c,SiO_(2)<1 wt%),high-silicon magnetite(Mag3a-b,SiO_(2)from 1 to 7 wt%)and high-silicon-manganese magnetite(Mag4,SiO_(2)>1 wt%,MnO>0.2 wt%),each being formed within distinct hydrothermal environments.Based on mineralogy,elemental geochemistry,Fe isotopes,temperature trends,TMg-mag and(Ti+V)vs.(Al+Mn)diagrams,we propose that the Erdaokan Ag-Pb-Zn deposit underwent multi-stage mineralization,which can be broken down into four stages and nine sub-stages.Mag1,Mag2a-c,Mag3a-b and Mag4 were formed during the first sub-stage of each of the four stages,respectively.Additionally,fluid mixing,cooling and depressurization boiling were identified as the main mechanisms for mineral precipitation.The enrichment of Ag was significantly enhanced by the superposition of multi-stage ore-forming hydrothermal fluids in the Erdaokan Ag-Pb-Zn deposit.展开更多
This paper presents a new criterion for determining the unloading points quantitatively and consistently in a multi-stage triaxial test.The radial strain gradient(RSG)is first introduced as an arc tangent function of ...This paper presents a new criterion for determining the unloading points quantitatively and consistently in a multi-stage triaxial test.The radial strain gradient(RSG)is first introduced as an arc tangent function of the rate of change of radial strain to time.RSG is observed to correlate closely with the stress state of a compressed sample,and reaches a horizontal asymptote as approaching failure.For a given rock type,RSG value at peak stress is almost the same,irrespective of the porosity and permeability.These findings lead to the development of RSG criterion:Unloading points can be precisely determined at the time when RSG reaches a pre-determined value that is a little smaller than or equal to the RSG at peak stress.The RSG criterion is validated against other criteria and the single-stage triaxial test on various types of rocks.Failure envelopes from the RSG criterion match well with those from single-stage tests.A practical procedure is recommended to use the RSG criterion:an unconfined compression or single-stage test is first conducted to determine the RSG at peak stress for one sample,the unloading point is then selected to be a value close to the RSG at peak stress,and the multi-stage test is finally performed on another sample using the pre-selected RSG unloading criterion.Generally,the RSG criterion is applicable for any type of rocks,especially brittle rocks,where other criteria are not suitable.Further,it can be practically implemented on the most available rock mechanical testing instruments.展开更多
A new hang-off system has been proposed to improve the security of risers in hang-off modes during typhoons.However,efficient anti-typhoon evacuation strategies have not been investigated.Optimiza-tion model and metho...A new hang-off system has been proposed to improve the security of risers in hang-off modes during typhoons.However,efficient anti-typhoon evacuation strategies have not been investigated.Optimiza-tion model and method for the anti-typhoon evacuation strategies should be researched.Therefore,multi-objective functions are proposed based on operation time,evacuation speed stability,and steering stability.An evacuation path model and a dynamic model of risers with the new hang-off system are developed for design variables and constraints.A multi-objective optimization model with high-dimensional variables and complex constraints is established.Finally,a three-stage optimization method based on genetic algorithm,least square method,and the penalty function method is proposed to solve the multi-objective optimization model.Optimization results show that the operation time can be reduced through operation parameter optimization,especially evacuation heading optimization.The optimal anti-typhoon strategy is evacuation with all risers suspended along a variable path when the direction angle is large,while evacuation with all risers suspended along a straight path at another di-rection angle.Besides,the influencing factors on anti-typhoon evacuation strategies indicate that the proposed optimization model and method have strong applicability to working conditions and remarkable optimization effects.展开更多
Nano zero-valent iron(nZVI)is a promising phosphate adsorbent for advanced phosphate removal.However,the rapid passivation of nZVI and the low activity of adsorption sites seriously limit its phosphate removal perform...Nano zero-valent iron(nZVI)is a promising phosphate adsorbent for advanced phosphate removal.However,the rapid passivation of nZVI and the low activity of adsorption sites seriously limit its phosphate removal performance,accounting for its inapplicability to meet the emission criteria of 0.1 mg P/L phosphate.In this study,we report that the oxalate modification can inhibit the passivation of nZVI and alter the multi-stage phosphate adsorption mechanism by changing the adsorption sites.As expected,the stronger antipassivation ability of oxalate modified nZVI(OX-nZVI)strongly favored its phosphate adsorption.Interestingly,the oxalate modification endowed the surface Fe(III)sites with the lowest chemisorption energy and the fastest phosphate adsorption ability than the other adsorption sites,by in situ forming a Fe(III)-phosphate-oxalate ternary complex,therefore enabling an advanced phosphate removal process.At an initial phosphate concentration of 1.00 mg P/L,pH of 6.0 and a dosage of 0.3 g/L of adsorbents,OX-nZVI exhibited faster phosphate removal rate(0.11 g/mg/min)and lower residual phosphate level(0.02 mg P/L)than nZVI(0.055 g/mg/min and 0.19 mg P/L).This study sheds light on the importance of site manipulation in the development of high-performance adsorbents,and offers a facile surface modification strategy to prepare superior iron-basedmaterials for advanced phosphate removal.展开更多
The effectiveness of horizontal well multi-stage and multi-cluster fracturing in the fractured soft coal seam roof for coalbed methane(CBM) extraction has been demonstrated.This study focuses on the geological charact...The effectiveness of horizontal well multi-stage and multi-cluster fracturing in the fractured soft coal seam roof for coalbed methane(CBM) extraction has been demonstrated.This study focuses on the geological characteristics of the No.5 and No.11 coal seams in the Hancheng Block,Ordos Basin,China.A multi-functional,variable-size rock sample mold capable of securing the wellbore was developed to simulate layered formations comprising strata of varying lithology and thicknesses.A novel segmented fracturing simulation method based on an expandable pipe plugging technique is proposed.Large-scale true triaxial experiments were conducted to investigate the effects of horizontal wellbore location,perforation strategy,roof lithology,and vertical stress difference on fracture propagation,hydraulic energy variation,and the stimulated reservoir volume in horizontal wells targeting the soft coal seam roof.The results indicate that bilateral downward perforation with a phase angle of 120° optimizes hydraulic energy conservation,reduces operational costs,enhances fracture formation,and prevents fracturing failure caused by coal powder generation and migration.This perforation mode is thus considered optimal for coal seam roof fracturing.When the roof consists of sandstone,each perforation cluster tends to initiate a single dominant fracture with a regular geometry.In contrast,hydraulic fractures formed in mudstone roofs display diverse morphology.Due to its high strength,the sandstone roof requires significantly higher pressure for crack initiation and propagation,whereas the mudstone roof,with its strong water sensitivity,exhibits lower fracturing pressures.To mitigate inter-cluster interference,cluster spacing in mudstone roofs should be greater than that in sandstone roofs.Horizontal wellbore placement critically influences fracturing effectiveness.For indirect fracturing in sandstone roofs,an optimal position is 25 mm away from the lithological interface.In contrast,the optimal location for indirect fracturing in mudstone roofs is directly at the lithological interface with the coal seam.Higher vertical stress coefficients lead to increased fractu ring pressures and promote vertical,layer-penetrating fractures.A coefficient of 0.5 is identified as optimal for achieving effective indirect fracturing.This study provides valuable insights for the design and optimization of staged fracturing in horizontal wells targeting crushed soft coal seam roofs.展开更多
In federated learning,backdoor attacks have become an important research topic with their wide application in processing sensitive datasets.Since federated learning detects or modifies local models through defense mec...In federated learning,backdoor attacks have become an important research topic with their wide application in processing sensitive datasets.Since federated learning detects or modifies local models through defense mechanisms during aggregation,it is difficult to conduct effective backdoor attacks.In addition,existing backdoor attack methods are faced with challenges,such as low backdoor accuracy,poor ability to evade anomaly detection,and unstable model training.To address these challenges,a method called adaptive simulation backdoor attack(ASBA)is proposed.Specifically,ASBA improves the stability of model training by manipulating the local training process and using an adaptive mechanism,the ability of the malicious model to evade anomaly detection by combing large simulation training and clipping,and the backdoor accuracy by introducing a stimulus model to amplify the impact of the backdoor in the global model.Extensive comparative experiments under five advanced defense scenarios show that ASBA can effectively evade anomaly detection and achieve high backdoor accuracy in the global model.Furthermore,it exhibits excellent stability and effectiveness after multiple rounds of attacks,outperforming state-of-the-art backdoor attack methods.展开更多
Federated Learning(FL)protects data privacy through a distributed training mechanism,yet its decentralized nature also introduces new security vulnerabilities.Backdoor attacks inject malicious triggers into the global...Federated Learning(FL)protects data privacy through a distributed training mechanism,yet its decentralized nature also introduces new security vulnerabilities.Backdoor attacks inject malicious triggers into the global model through compromised updates,posing significant threats to model integrity and becoming a key focus in FL security.Existing backdoor attack methods typically embed triggers directly into original images and consider only data heterogeneity,resulting in limited stealth and adaptability.To address the heterogeneity of malicious client devices,this paper proposes a novel backdoor attack method named Capability-Adaptive Shadow Backdoor Attack(CASBA).By incorporating measurements of clients’computational and communication capabilities,CASBA employs a dynamic hierarchical attack strategy that adaptively aligns attack intensity with available resources.Furthermore,an improved deep convolutional generative adversarial network(DCGAN)is integrated into the attack pipeline to embed triggers without modifying original data,significantly enhancing stealthiness.Comparative experiments with Shadow Backdoor Attack(SBA)across multiple scenarios demonstrate that CASBA dynamically adjusts resource consumption based on device capabilities,reducing average memory usage per iteration by 5.8%.CASBA improves resource efficiency while keeping the drop in attack success rate within 3%.Additionally,the effectiveness of CASBA against three robust FL algorithms is also validated.展开更多
The surge in smishing attacks underscores the urgent need for robust,real-time detection systems powered by advanced deep learning models.This paper introduces PhishNet,a novel ensemble learning framework that integra...The surge in smishing attacks underscores the urgent need for robust,real-time detection systems powered by advanced deep learning models.This paper introduces PhishNet,a novel ensemble learning framework that integrates transformer-based models(RoBERTa)and large language models(LLMs)(GPT-OSS 120B,LLaMA3.370B,and Qwen332B)to enhance smishing detection performance significantly.To mitigate class imbalance,we apply synthetic data augmentation using T5 and leverage various text preprocessing techniques.Our system employs a duallayer voting mechanism:weighted majority voting among LLMs and a final ensemble vote to classify messages as ham,spam,or smishing.Experimental results show an average accuracy improvement from 96%to 98.5%compared to the best standalone transformer,and from 93%to 98.5%when compared to LLMs across datasets.Furthermore,we present a real-time,user-friendly application to operationalize our detection model for practical use.PhishNet demonstrates superior scalability,usability,and detection accuracy,filling critical gaps in current smishing detection methodologies.展开更多
Zero-click attacks represent an advanced cybersecurity threat,capable of compromising devices without user interaction.High-profile examples such as Pegasus,Simjacker,Bluebugging,and Bluesnarfing exploit hidden vulner...Zero-click attacks represent an advanced cybersecurity threat,capable of compromising devices without user interaction.High-profile examples such as Pegasus,Simjacker,Bluebugging,and Bluesnarfing exploit hidden vulnerabilities in software and communication protocols to silently gain access,exfiltrate data,and enable long-term surveillance.Their stealth and ability to evade traditional defenses make detection and mitigation highly challenging.This paper addresses these threats by systematically mapping the tactics and techniques of zero-click attacks using the MITRE ATT&CK framework,a widely adopted standard for modeling adversarial behavior.Through this mapping,we categorize real-world attack vectors and better understand how such attacks operate across the cyber-kill chain.To support threat detection efforts,we propose an Active Learning-based method to efficiently label the Pegasus spyware dataset in alignment with the MITRE ATT&CK framework.This approach reduces the effort of manually annotating data while improving the quality of the labeled data,which is essential to train robust cybersecurity models.In addition,our analysis highlights the structured execution paths of zero-click attacks and reveals gaps in current defense strategies.The findings emphasize the importance of forward-looking strategies such as continuous surveillance,dynamic threat profiling,and security education.By bridging zero-click attack analysis with the MITRE ATT&CK framework and leveraging machine learning for dataset annotation,this work provides a foundation for more accurate threat detection and the development of more resilient and structured cybersecurity frameworks.展开更多
Graph Neural Networks(GNNs)have proven highly effective for graph classification across diverse fields such as social networks,bioinformatics,and finance,due to their capability to learn complex graph structures.Howev...Graph Neural Networks(GNNs)have proven highly effective for graph classification across diverse fields such as social networks,bioinformatics,and finance,due to their capability to learn complex graph structures.However,despite their success,GNNs remain vulnerable to adversarial attacks that can significantly degrade their classification accuracy.Existing adversarial attack strategies primarily rely on label information to guide the attacks,which limits their applicability in scenarios where such information is scarce or unavailable.This paper introduces an innovative unsupervised attack method for graph classification,which operates without relying on label information,thereby enhancing its applicability in a broad range of scenarios.Specifically,our method first leverages a graph contrastive learning loss to learn high-quality graph embeddings by comparing different stochastic augmented views of the graphs.To effectively perturb the graphs,we then introduce an implicit estimator that measures the impact of various modifications on graph structures.The proposed strategy identifies and flips edges with the top-K highest scores,determined by the estimator,to maximize the degradation of the model’s performance.In addition,to defend against such attack,we propose a lightweight regularization-based defense mechanism that is specifically tailored to mitigate the structural perturbations introduced by our attack strategy.It enhances model robustness by enforcing embedding consistency and edge-level smoothness during training.We conduct experiments on six public TU graph classification datasets:NCI1,NCI109,Mutagenicity,ENZYMES,COLLAB,and DBLP_v1,to evaluate the effectiveness of our attack and defense strategies.Under an attack budget of 3,the maximum reduction in model accuracy reaches 6.67%on the Graph Convolutional Network(GCN)and 11.67%on the Graph Attention Network(GAT)across different datasets,indicating that our unsupervised method induces degradation comparable to state-of-the-art supervised attacks.Meanwhile,our defense achieves the highest accuracy recovery of 3.89%(GCN)and 5.00%(GAT),demonstrating improved robustness against structural perturbations.展开更多
In recent years,with the rapid advancement of artificial intelligence,object detection algorithms have made significant strides in accuracy and computational efficiency.Notably,research and applications of Anchor-Free...In recent years,with the rapid advancement of artificial intelligence,object detection algorithms have made significant strides in accuracy and computational efficiency.Notably,research and applications of Anchor-Free models have opened new avenues for real-time target detection in optical remote sensing images(ORSIs).However,in the realmof adversarial attacks,developing adversarial techniques tailored to Anchor-Freemodels remains challenging.Adversarial examples generated based on Anchor-Based models often exhibit poor transferability to these new model architectures.Furthermore,the growing diversity of Anchor-Free models poses additional hurdles to achieving robust transferability of adversarial attacks.This study presents an improved cross-conv-block feature fusion You Only Look Once(YOLO)architecture,meticulously engineered to facilitate the extraction ofmore comprehensive semantic features during the backpropagation process.To address the asymmetry between densely distributed objects in ORSIs and the corresponding detector outputs,a novel dense bounding box attack strategy is proposed.This approach leverages dense target bounding boxes loss in the calculation of adversarial loss functions.Furthermore,by integrating translation-invariant(TI)and momentum-iteration(MI)adversarial methodologies,the proposed framework significantly improves the transferability of adversarial attacks.Experimental results demonstrate that our method achieves superior adversarial attack performance,with adversarial transferability rates(ATR)of 67.53%on the NWPU VHR-10 dataset and 90.71%on the HRSC2016 dataset.Compared to ensemble adversarial attack and cascaded adversarial attack approaches,our method generates adversarial examples in an average of 0.64 s,representing an approximately 14.5%improvement in efficiency under equivalent conditions.展开更多
Large language models(LLMs)have revolutionized AI applications across diverse domains.However,their widespread deployment has introduced critical security vulnerabilities,particularly prompt injection attacks that man...Large language models(LLMs)have revolutionized AI applications across diverse domains.However,their widespread deployment has introduced critical security vulnerabilities,particularly prompt injection attacks that manipulate model behavior through malicious instructions.Following Kitchenham’s guidelines,this systematic review synthesizes 128 peer-reviewed studies from 2022 to 2025 to provide a unified understanding of this rapidly evolving threat landscape.Our findings reveal a swift progression from simple direct injections to sophisticated multimodal attacks,achieving over 90%success rates against unprotected systems.In response,defense mechanisms show varying effectiveness:input preprocessing achieves 60%–80%detection rates and advanced architectural defenses demonstrate up to 95%protection against known patterns,though significant gaps persist against novel attack vectors.We identified 37 distinct defense approaches across three categories,but standardized evaluation frameworks remain limited.Our analysis attributes these vulnerabilities to fundamental LLM architectural limitations,such as the inability to distinguish instructions from data and attention mechanism vulnerabilities.This highlights critical research directions such as formal verification methods,standardized evaluation protocols,and architectural innovations for inherently secure LLM designs.展开更多
Internet of Things(IoTs)devices are bringing about a revolutionary change our society by enabling connectivity regardless of time and location.However,The extensive deployment of these devices also makes them attracti...Internet of Things(IoTs)devices are bringing about a revolutionary change our society by enabling connectivity regardless of time and location.However,The extensive deployment of these devices also makes them attractive victims for themalicious actions of adversaries.Within the spectrumof existing threats,Side-ChannelAttacks(SCAs)have established themselves as an effective way to compromise cryptographic implementations.These attacks exploit unintended,unintended physical leakage that occurs during the cryptographic execution of devices,bypassing the theoretical strength of the crypto design.In recent times,the advancement of deep learning has provided SCAs with a powerful ally.Well-trained deep-learningmodels demonstrate an exceptional capacity to identify correlations between side-channel measurements and sensitive data,thereby significantly enhancing such attacks.To further understand the security threats posed by deep-learning SCAs and to aid in formulating robust countermeasures in the future,this paper undertakes an exhaustive investigation of leading-edge SCAs targeting Advanced Encryption Standard(AES)implementations.The study specifically focuses on attacks that exploit power consumption and electromagnetic(EM)emissions as primary leakage sources,systematically evaluating the extent to which diverse deep learning techniques enhance SCAs acrossmultiple critical dimensions.These dimensions include:(i)the characteristics of publicly available datasets derived from various hardware and software platforms;(ii)the formalization of leakage models tailored to different attack scenarios;(iii)the architectural suitability and performance of state-of-the-art deep learning models.Furthermore,the survey provides a systematic synthesis of current research findings,identifies significant unresolved issues in the existing literature and suggests promising directions for future work,including cross-device attack transferability and the impact of quantum-classical hybrid computing on side-channel security.展开更多
Transformer-based models have significantly advanced binary code similarity detection(BCSD)by leveraging their semantic encoding capabilities for efficient function matching across diverse compilation settings.Althoug...Transformer-based models have significantly advanced binary code similarity detection(BCSD)by leveraging their semantic encoding capabilities for efficient function matching across diverse compilation settings.Although adversarial examples can strategically undermine the accuracy of BCSD models and protect critical code,existing techniques predominantly depend on inserting artificial instructions,which incur high computational costs and offer limited diversity of perturbations.To address these limitations,we propose AIMA,a novel gradient-guided assembly instruction relocation method.Our method decouples the detection model into tokenization,embedding,and encoding layers to enable efficient gradient computation.Since token IDs of instructions are discrete and nondifferentiable,we compute gradients in the continuous embedding space to evaluate the influence of each token.The most critical tokens are identified by calculating the L2 norm of their embedding gradients.We then establish a mapping between instructions and their corresponding tokens to aggregate token-level importance into instructionlevel significance.To maximize adversarial impact,a sliding window algorithm selects the most influential contiguous segments for relocation,ensuring optimal perturbation with minimal length.This approach efficiently locates critical code regions without expensive search operations.The selected segments are relocated outside their original function boundaries via a jump mechanism,which preserves runtime control flow and functionality while introducing“deletion”effects in the static instruction sequence.Extensive experiments show that AIMA reduces similarity scores by up to 35.8%in state-of-the-art BCSD models.When incorporated into training data,it also enhances model robustness,achieving a 5.9%improvement in AUROC.展开更多
With the increasing emphasis on personal information protection,encryption through security protocols has emerged as a critical requirement in data transmission and reception processes.Nevertheless,IoT ecosystems comp...With the increasing emphasis on personal information protection,encryption through security protocols has emerged as a critical requirement in data transmission and reception processes.Nevertheless,IoT ecosystems comprise heterogeneous networks where outdated systems coexist with the latest devices,spanning a range of devices from non-encrypted ones to fully encrypted ones.Given the limited visibility into payloads in this context,this study investigates AI-based attack detection methods that leverage encrypted traffic metadata,eliminating the need for decryption and minimizing system performance degradation—especially in light of these heterogeneous devices.Using the UNSW-NB15 and CICIoT-2023 dataset,encrypted and unencrypted traffic were categorized according to security protocol,and AI-based intrusion detection experiments were conducted for each traffic type based on metadata.To mitigate the problem of class imbalance,eight different data sampling techniques were applied.The effectiveness of these sampling techniques was then comparatively analyzed using two ensemble models and three Deep Learning(DL)models from various perspectives.The experimental results confirmed that metadata-based attack detection is feasible using only encrypted traffic.In the UNSW-NB15 dataset,the f1-score of encrypted traffic was approximately 0.98,which is 4.3%higher than that of unencrypted traffic(approximately 0.94).In addition,analysis of the encrypted traffic in the CICIoT-2023 dataset using the same method showed a significantly lower f1-score of roughly 0.43,indicating that the quality of the dataset and the preprocessing approach have a substantial impact on detection performance.Furthermore,when data sampling techniques were applied to encrypted traffic,the recall in the UNSWNB15(Encrypted)dataset improved by up to 23.0%,and in the CICIoT-2023(Encrypted)dataset by 20.26%,showing a similar level of improvement.Notably,in CICIoT-2023,f1-score and Receiver Operation Characteristic-Area Under the Curve(ROC-AUC)increased by 59.0%and 55.94%,respectively.These results suggest that data sampling can have a positive effect even in encrypted environments.However,the extent of the improvement may vary depending on data quality,model architecture,and sampling strategy.展开更多
The increasing intelligence of power systems is transforming distribution networks into Cyber-Physical Distribution Systems(CPDS).While enabling advanced functionalities,the tight interdependence between cyber and phy...The increasing intelligence of power systems is transforming distribution networks into Cyber-Physical Distribution Systems(CPDS).While enabling advanced functionalities,the tight interdependence between cyber and physical layers introduces significant security challenges and amplifies operational risks.To address these critical issues,this paper proposes a comprehensive risk assessment framework that explicitly incorporates the physical dependence of information systems.A Bayesian attack graph is employed to quantitatively evaluate the likelihood of successful cyber attacks.By analyzing the critical scenario of fault current path misjudgment,we define novel system-level and node-level risk coupling indices to preciselymeasure the cascading impacts across cyber and physical domains.Furthermore,an attack-responsive power recovery optimization model is established,integrating DistFlowbased physical constraints and sophisticated modeling of information-dependent interference.To enhance resilience against varying attack scenarios,a defense resource allocation model is constructed,where the complex Mixed-Integer Nonlinear Programming(MINLP)problem is efficiently linearized into a Mixed-Integer Linear Programming(MILP)formulation.Finally,to mitigate the impact of targeted attacks,the optimal deployment of terminal defense resources is determined using a Stackelberg game-theoretic approach,aiming to minimize overall system risk.The robustness and effectiveness of the proposed integrated framework are rigorously validated through extensive simulations under diverse attack intensities and defense resource constraints.展开更多
基金supported in part by the National Science Foundation of China(62373240,62273224,U24A20259).
文摘Dear Editor,The attacker is always going to intrude covertly networked control systems(NCSs)by dynamically changing false data injection attacks(FDIAs)strategy,while the defender try their best to resist attacks by designing defense strategy on the basis of identifying attack strategy,maintaining stable operation of NCSs.To solve this attack-defense game problem,this letter investigates optimal secure control of NCSs under FDIAs.First,for the alterations of energy caused by false data,a novel attack-defense game model is constructed,which considers the changes of energy caused by the actions of the defender and attacker in the forward and feedback channels.
基金the National High Technology Research and Development Programme of China(2006AA01Z452)
文摘Building attack scenario is one of the most important aspects in network security.This paper pro-posed a system which collects intrusion alerts,clusters them as sub-attacks using alerts abstraction,ag-gregates the similar sub-attacks,and then correlates and generates correlation graphs.The scenarios wererepresented by alert classes instead of alerts themselves so as to reduce the required rules and have the a-bility of detecting new variations of attacks.The proposed system is capable of passing some of the missedattacks.To evaluate system effectiveness,it was tested with different datasets which contain multi-stepattacks.Compressed and easily understandable Correlation graphs which reflect attack scenarios were gen-erated.The proposed system can correlate related alerts,uncover the attack strategies,and detect newvariations of attacks.
基金the National Key Research and Development Program of China(2021YFC2900300)the Natural Science Foundation of Guangdong Province(2024A1515030216)+2 种基金MOST Special Fund from State Key Laboratory of Geological Processes and Mineral Resources,China University of Geosciences(GPMR202437)the Guangdong Province Introduced of Innovative R&D Team(2021ZT09H399)the Third Xinjiang Scientific Expedition Program(2022xjkk1301).
文摘The application of machine learning for pyrite discrimination establishes a robust foundation for constructing the ore-forming history of multi-stage deposits;however,published models face challenges related to limited,imbalanced datasets and oversampling.In this study,the dataset was expanded to approximately 500 samples for each type,including 508 sedimentary,573 orogenic gold,548 sedimentary exhalative(SEDEX)deposits,and 364 volcanogenic massive sulfides(VMS)pyrites,utilizing random forest(RF)and support vector machine(SVM)methodologies to enhance the reliability of the classifier models.The RF classifier achieved an overall accuracy of 99.8%,and the SVM classifier attained an overall accuracy of 100%.The model was evaluated by a five-fold cross-validation approach with 93.8%accuracy for the RF and 94.9%for the SVM classifier.These results demonstrate the strong feasibility of pyrite classification,supported by a relatively large,balanced dataset and high accuracy rates.The classifier was employed to reveal the genesis of the controversial Keketale Pb-Zn deposit in NW China,which has been inconclusive among SEDEX,VMS,or a SEDEX-VMS transition.Petrographic investigations indicated that the deposit comprises early fine-grained layered pyrite(Py1)and late recrystallized pyrite(Py2).The majority voting classified Py1 as the VMS type,with an accuracy of RF and SVM being 72.2%and 75%,respectively,and confirmed Py2 as an orogenic type with 74.3% and 77.1%accuracy,respectively.The new findings indicated that the Keketale deposit originated from a submarine VMS mineralization system,followed by late orogenic-type overprinting of metamorphism and deformation,which is consistent with the geological and geochemical observations.This study further emphasizes the advantages of Machine learning(ML)methods in accurately and directly discriminating the deposit types and reconstructing the formation history of multi-stage deposits.
基金funded by the State Grid Corporation Science and Technology Project(5108-202218280A-2-391-XG).
文摘The high proportion of uncertain distributed power sources and the access to large-scale random electric vehicle(EV)charging resources further aggravate the voltage fluctuation of the distribution network,and the existing research has not deeply explored the EV active-reactive synergistic regulating characteristics,and failed to realize themulti-timescale synergistic control with other regulatingmeans,For this reason,this paper proposes amultilevel linkage coordinated optimization strategy to reduce the voltage deviation of the distribution network.Firstly,a capacitor bank reactive power compensation voltage control model and a distributed photovoltaic(PV)activereactive power regulationmodel are established.Additionally,an external characteristicmodel of EVactive-reactive power regulation is developed considering the four-quadrant operational characteristics of the EVcharger.Amultiobjective optimization model of the distribution network is then constructed considering the time-series coupling constraints of multiple types of voltage regulators.A multi-timescale control strategy is proposed by considering the impact of voltage regulators on active-reactive EV energy consumption and PV energy consumption.Then,a four-stage voltage control optimization strategy is proposed for various types of voltage regulators with multiple time scales.Themulti-objective optimization is solved with the improvedDrosophila algorithmto realize the power fluctuation control of the distribution network and themulti-stage voltage control optimization.Simulation results validate that the proposed voltage control optimization strategy achieves the coordinated control of decentralized voltage control resources in the distribution network.It effectively reduces the voltage deviation of the distribution network while ensuring the energy demand of EV users and enhancing the stability and economic efficiency of the distribution network.
基金financially supported by the Heilongjiang Provincial Key R&D Program Project(No.GA21A204)Heilongjiang Provincial Natural Science Foundation of China(No.LH2022D031)the Research Project of Heilongjiang Province Bureau of Geology and Mineral Resources(No.HKY202302).
文摘Although previous researchers have attempted to decipher ore genesis and mineralization in the Erdaokan Ag-Pb-Zn deposit,some uncertainties regarding the mineralization process and evolution of both ore-forming fluids and magnetite types still need to be addressed.In this study,we obtained new EPMA,LA-ICP-MS,and in situ Fe isotope data from magnetite from the Erdaokan deposit,in order to better understand the mineralization mechanism and evolution of both magnetite and the ore-forming fluids.Our results identified seven types of magnetite at Erdaokan:disseminated magnetite(Mag1),coarse-grained magnetite(Mag2a),radial magnetite(Mag2b),fragmented fine-grained magnetite(Mag2c),vermicular gel magnetite(Mag3a1 and Mag3a2),colloidal magnetite(Mag3b)and dark gray magnetite(Mag4).All of the magnetite types were hydrothermal in origin and generally low in Ti(<400 ppm)and Ni(<800 ppm),while being enriched in light Fe isotopes(δ^(56)Fe ranging from−1.54‰to−0.06‰).However,they exhibit different geochemical signatures and are thus classified into high-manganese magnetite(Mag1,MnO>5 wt%),low-silicon magnetite(Mag2a-c,SiO_(2)<1 wt%),high-silicon magnetite(Mag3a-b,SiO_(2)from 1 to 7 wt%)and high-silicon-manganese magnetite(Mag4,SiO_(2)>1 wt%,MnO>0.2 wt%),each being formed within distinct hydrothermal environments.Based on mineralogy,elemental geochemistry,Fe isotopes,temperature trends,TMg-mag and(Ti+V)vs.(Al+Mn)diagrams,we propose that the Erdaokan Ag-Pb-Zn deposit underwent multi-stage mineralization,which can be broken down into four stages and nine sub-stages.Mag1,Mag2a-c,Mag3a-b and Mag4 were formed during the first sub-stage of each of the four stages,respectively.Additionally,fluid mixing,cooling and depressurization boiling were identified as the main mechanisms for mineral precipitation.The enrichment of Ag was significantly enhanced by the superposition of multi-stage ore-forming hydrothermal fluids in the Erdaokan Ag-Pb-Zn deposit.
文摘This paper presents a new criterion for determining the unloading points quantitatively and consistently in a multi-stage triaxial test.The radial strain gradient(RSG)is first introduced as an arc tangent function of the rate of change of radial strain to time.RSG is observed to correlate closely with the stress state of a compressed sample,and reaches a horizontal asymptote as approaching failure.For a given rock type,RSG value at peak stress is almost the same,irrespective of the porosity and permeability.These findings lead to the development of RSG criterion:Unloading points can be precisely determined at the time when RSG reaches a pre-determined value that is a little smaller than or equal to the RSG at peak stress.The RSG criterion is validated against other criteria and the single-stage triaxial test on various types of rocks.Failure envelopes from the RSG criterion match well with those from single-stage tests.A practical procedure is recommended to use the RSG criterion:an unconfined compression or single-stage test is first conducted to determine the RSG at peak stress for one sample,the unloading point is then selected to be a value close to the RSG at peak stress,and the multi-stage test is finally performed on another sample using the pre-selected RSG unloading criterion.Generally,the RSG criterion is applicable for any type of rocks,especially brittle rocks,where other criteria are not suitable.Further,it can be practically implemented on the most available rock mechanical testing instruments.
基金supported by the National Natural Science Foundation of China(Grant No:52271300,52071337)National Key Research and Development Program of China(2022YFC2806501)+1 种基金High-tech Ship Research Projects Sponsored by MIIT(CBG2N21-4-25)Program for Changjiang Scholars and Innovative Research Team in University(Grant No.IRT14R58).
文摘A new hang-off system has been proposed to improve the security of risers in hang-off modes during typhoons.However,efficient anti-typhoon evacuation strategies have not been investigated.Optimiza-tion model and method for the anti-typhoon evacuation strategies should be researched.Therefore,multi-objective functions are proposed based on operation time,evacuation speed stability,and steering stability.An evacuation path model and a dynamic model of risers with the new hang-off system are developed for design variables and constraints.A multi-objective optimization model with high-dimensional variables and complex constraints is established.Finally,a three-stage optimization method based on genetic algorithm,least square method,and the penalty function method is proposed to solve the multi-objective optimization model.Optimization results show that the operation time can be reduced through operation parameter optimization,especially evacuation heading optimization.The optimal anti-typhoon strategy is evacuation with all risers suspended along a variable path when the direction angle is large,while evacuation with all risers suspended along a straight path at another di-rection angle.Besides,the influencing factors on anti-typhoon evacuation strategies indicate that the proposed optimization model and method have strong applicability to working conditions and remarkable optimization effects.
基金supported by the National Key Research and Development Program of China(Nos.2022YFA1205602,and 2023YFC3707801)the National Natural Science Foundation of China(Nos.U22A20402,22376073,21936003 and 22306119)China Postdoctoral Science Foundation(No.2023T160419).
文摘Nano zero-valent iron(nZVI)is a promising phosphate adsorbent for advanced phosphate removal.However,the rapid passivation of nZVI and the low activity of adsorption sites seriously limit its phosphate removal performance,accounting for its inapplicability to meet the emission criteria of 0.1 mg P/L phosphate.In this study,we report that the oxalate modification can inhibit the passivation of nZVI and alter the multi-stage phosphate adsorption mechanism by changing the adsorption sites.As expected,the stronger antipassivation ability of oxalate modified nZVI(OX-nZVI)strongly favored its phosphate adsorption.Interestingly,the oxalate modification endowed the surface Fe(III)sites with the lowest chemisorption energy and the fastest phosphate adsorption ability than the other adsorption sites,by in situ forming a Fe(III)-phosphate-oxalate ternary complex,therefore enabling an advanced phosphate removal process.At an initial phosphate concentration of 1.00 mg P/L,pH of 6.0 and a dosage of 0.3 g/L of adsorbents,OX-nZVI exhibited faster phosphate removal rate(0.11 g/mg/min)and lower residual phosphate level(0.02 mg P/L)than nZVI(0.055 g/mg/min and 0.19 mg P/L).This study sheds light on the importance of site manipulation in the development of high-performance adsorbents,and offers a facile surface modification strategy to prepare superior iron-basedmaterials for advanced phosphate removal.
基金support from China National Natural Science Foundation (11672333)。
文摘The effectiveness of horizontal well multi-stage and multi-cluster fracturing in the fractured soft coal seam roof for coalbed methane(CBM) extraction has been demonstrated.This study focuses on the geological characteristics of the No.5 and No.11 coal seams in the Hancheng Block,Ordos Basin,China.A multi-functional,variable-size rock sample mold capable of securing the wellbore was developed to simulate layered formations comprising strata of varying lithology and thicknesses.A novel segmented fracturing simulation method based on an expandable pipe plugging technique is proposed.Large-scale true triaxial experiments were conducted to investigate the effects of horizontal wellbore location,perforation strategy,roof lithology,and vertical stress difference on fracture propagation,hydraulic energy variation,and the stimulated reservoir volume in horizontal wells targeting the soft coal seam roof.The results indicate that bilateral downward perforation with a phase angle of 120° optimizes hydraulic energy conservation,reduces operational costs,enhances fracture formation,and prevents fracturing failure caused by coal powder generation and migration.This perforation mode is thus considered optimal for coal seam roof fracturing.When the roof consists of sandstone,each perforation cluster tends to initiate a single dominant fracture with a regular geometry.In contrast,hydraulic fractures formed in mudstone roofs display diverse morphology.Due to its high strength,the sandstone roof requires significantly higher pressure for crack initiation and propagation,whereas the mudstone roof,with its strong water sensitivity,exhibits lower fracturing pressures.To mitigate inter-cluster interference,cluster spacing in mudstone roofs should be greater than that in sandstone roofs.Horizontal wellbore placement critically influences fracturing effectiveness.For indirect fracturing in sandstone roofs,an optimal position is 25 mm away from the lithological interface.In contrast,the optimal location for indirect fracturing in mudstone roofs is directly at the lithological interface with the coal seam.Higher vertical stress coefficients lead to increased fractu ring pressures and promote vertical,layer-penetrating fractures.A coefficient of 0.5 is identified as optimal for achieving effective indirect fracturing.This study provides valuable insights for the design and optimization of staged fracturing in horizontal wells targeting crushed soft coal seam roofs.
文摘In federated learning,backdoor attacks have become an important research topic with their wide application in processing sensitive datasets.Since federated learning detects or modifies local models through defense mechanisms during aggregation,it is difficult to conduct effective backdoor attacks.In addition,existing backdoor attack methods are faced with challenges,such as low backdoor accuracy,poor ability to evade anomaly detection,and unstable model training.To address these challenges,a method called adaptive simulation backdoor attack(ASBA)is proposed.Specifically,ASBA improves the stability of model training by manipulating the local training process and using an adaptive mechanism,the ability of the malicious model to evade anomaly detection by combing large simulation training and clipping,and the backdoor accuracy by introducing a stimulus model to amplify the impact of the backdoor in the global model.Extensive comparative experiments under five advanced defense scenarios show that ASBA can effectively evade anomaly detection and achieve high backdoor accuracy in the global model.Furthermore,it exhibits excellent stability and effectiveness after multiple rounds of attacks,outperforming state-of-the-art backdoor attack methods.
基金supported by the National Natural Science Foundation of China(Grant No.62172123)the Key Research and Development Program of Heilongjiang Province,China(GrantNo.2022ZX01A36).
文摘Federated Learning(FL)protects data privacy through a distributed training mechanism,yet its decentralized nature also introduces new security vulnerabilities.Backdoor attacks inject malicious triggers into the global model through compromised updates,posing significant threats to model integrity and becoming a key focus in FL security.Existing backdoor attack methods typically embed triggers directly into original images and consider only data heterogeneity,resulting in limited stealth and adaptability.To address the heterogeneity of malicious client devices,this paper proposes a novel backdoor attack method named Capability-Adaptive Shadow Backdoor Attack(CASBA).By incorporating measurements of clients’computational and communication capabilities,CASBA employs a dynamic hierarchical attack strategy that adaptively aligns attack intensity with available resources.Furthermore,an improved deep convolutional generative adversarial network(DCGAN)is integrated into the attack pipeline to embed triggers without modifying original data,significantly enhancing stealthiness.Comparative experiments with Shadow Backdoor Attack(SBA)across multiple scenarios demonstrate that CASBA dynamically adjusts resource consumption based on device capabilities,reducing average memory usage per iteration by 5.8%.CASBA improves resource efficiency while keeping the drop in attack success rate within 3%.Additionally,the effectiveness of CASBA against three robust FL algorithms is also validated.
基金funded by the Deanship of Scientific Research(DSR)at King Abdulaziz University,Jeddah,under Grant No.(GPIP:1074-612-2024).
文摘The surge in smishing attacks underscores the urgent need for robust,real-time detection systems powered by advanced deep learning models.This paper introduces PhishNet,a novel ensemble learning framework that integrates transformer-based models(RoBERTa)and large language models(LLMs)(GPT-OSS 120B,LLaMA3.370B,and Qwen332B)to enhance smishing detection performance significantly.To mitigate class imbalance,we apply synthetic data augmentation using T5 and leverage various text preprocessing techniques.Our system employs a duallayer voting mechanism:weighted majority voting among LLMs and a final ensemble vote to classify messages as ham,spam,or smishing.Experimental results show an average accuracy improvement from 96%to 98.5%compared to the best standalone transformer,and from 93%to 98.5%when compared to LLMs across datasets.Furthermore,we present a real-time,user-friendly application to operationalize our detection model for practical use.PhishNet demonstrates superior scalability,usability,and detection accuracy,filling critical gaps in current smishing detection methodologies.
文摘Zero-click attacks represent an advanced cybersecurity threat,capable of compromising devices without user interaction.High-profile examples such as Pegasus,Simjacker,Bluebugging,and Bluesnarfing exploit hidden vulnerabilities in software and communication protocols to silently gain access,exfiltrate data,and enable long-term surveillance.Their stealth and ability to evade traditional defenses make detection and mitigation highly challenging.This paper addresses these threats by systematically mapping the tactics and techniques of zero-click attacks using the MITRE ATT&CK framework,a widely adopted standard for modeling adversarial behavior.Through this mapping,we categorize real-world attack vectors and better understand how such attacks operate across the cyber-kill chain.To support threat detection efforts,we propose an Active Learning-based method to efficiently label the Pegasus spyware dataset in alignment with the MITRE ATT&CK framework.This approach reduces the effort of manually annotating data while improving the quality of the labeled data,which is essential to train robust cybersecurity models.In addition,our analysis highlights the structured execution paths of zero-click attacks and reveals gaps in current defense strategies.The findings emphasize the importance of forward-looking strategies such as continuous surveillance,dynamic threat profiling,and security education.By bridging zero-click attack analysis with the MITRE ATT&CK framework and leveraging machine learning for dataset annotation,this work provides a foundation for more accurate threat detection and the development of more resilient and structured cybersecurity frameworks.
基金funded by the National Key Research and Development Program of China(Grant No.2024YFE0209000)the NSFC(Grant No.U23B2019).
文摘Graph Neural Networks(GNNs)have proven highly effective for graph classification across diverse fields such as social networks,bioinformatics,and finance,due to their capability to learn complex graph structures.However,despite their success,GNNs remain vulnerable to adversarial attacks that can significantly degrade their classification accuracy.Existing adversarial attack strategies primarily rely on label information to guide the attacks,which limits their applicability in scenarios where such information is scarce or unavailable.This paper introduces an innovative unsupervised attack method for graph classification,which operates without relying on label information,thereby enhancing its applicability in a broad range of scenarios.Specifically,our method first leverages a graph contrastive learning loss to learn high-quality graph embeddings by comparing different stochastic augmented views of the graphs.To effectively perturb the graphs,we then introduce an implicit estimator that measures the impact of various modifications on graph structures.The proposed strategy identifies and flips edges with the top-K highest scores,determined by the estimator,to maximize the degradation of the model’s performance.In addition,to defend against such attack,we propose a lightweight regularization-based defense mechanism that is specifically tailored to mitigate the structural perturbations introduced by our attack strategy.It enhances model robustness by enforcing embedding consistency and edge-level smoothness during training.We conduct experiments on six public TU graph classification datasets:NCI1,NCI109,Mutagenicity,ENZYMES,COLLAB,and DBLP_v1,to evaluate the effectiveness of our attack and defense strategies.Under an attack budget of 3,the maximum reduction in model accuracy reaches 6.67%on the Graph Convolutional Network(GCN)and 11.67%on the Graph Attention Network(GAT)across different datasets,indicating that our unsupervised method induces degradation comparable to state-of-the-art supervised attacks.Meanwhile,our defense achieves the highest accuracy recovery of 3.89%(GCN)and 5.00%(GAT),demonstrating improved robustness against structural perturbations.
文摘In recent years,with the rapid advancement of artificial intelligence,object detection algorithms have made significant strides in accuracy and computational efficiency.Notably,research and applications of Anchor-Free models have opened new avenues for real-time target detection in optical remote sensing images(ORSIs).However,in the realmof adversarial attacks,developing adversarial techniques tailored to Anchor-Freemodels remains challenging.Adversarial examples generated based on Anchor-Based models often exhibit poor transferability to these new model architectures.Furthermore,the growing diversity of Anchor-Free models poses additional hurdles to achieving robust transferability of adversarial attacks.This study presents an improved cross-conv-block feature fusion You Only Look Once(YOLO)architecture,meticulously engineered to facilitate the extraction ofmore comprehensive semantic features during the backpropagation process.To address the asymmetry between densely distributed objects in ORSIs and the corresponding detector outputs,a novel dense bounding box attack strategy is proposed.This approach leverages dense target bounding boxes loss in the calculation of adversarial loss functions.Furthermore,by integrating translation-invariant(TI)and momentum-iteration(MI)adversarial methodologies,the proposed framework significantly improves the transferability of adversarial attacks.Experimental results demonstrate that our method achieves superior adversarial attack performance,with adversarial transferability rates(ATR)of 67.53%on the NWPU VHR-10 dataset and 90.71%on the HRSC2016 dataset.Compared to ensemble adversarial attack and cascaded adversarial attack approaches,our method generates adversarial examples in an average of 0.64 s,representing an approximately 14.5%improvement in efficiency under equivalent conditions.
基金supported by 2023 Higher Education Scientific Research Planning Project of China Society of Higher Education(No.23PG0408)2023 Philosophy and Social Science Research Programs in Jiangsu Province(No.2023SJSZ0993)+2 种基金Nantong Science and Technology Project(No.JC2023070)Key Project of Jiangsu Province Education Science 14th Five-Year Plan(Grant No.B-b/2024/02/41)the Open Fund of Advanced Cryptography and System Security Key Laboratory of Sichuan Province(Grant No.SKLACSS-202407).
文摘Large language models(LLMs)have revolutionized AI applications across diverse domains.However,their widespread deployment has introduced critical security vulnerabilities,particularly prompt injection attacks that manipulate model behavior through malicious instructions.Following Kitchenham’s guidelines,this systematic review synthesizes 128 peer-reviewed studies from 2022 to 2025 to provide a unified understanding of this rapidly evolving threat landscape.Our findings reveal a swift progression from simple direct injections to sophisticated multimodal attacks,achieving over 90%success rates against unprotected systems.In response,defense mechanisms show varying effectiveness:input preprocessing achieves 60%–80%detection rates and advanced architectural defenses demonstrate up to 95%protection against known patterns,though significant gaps persist against novel attack vectors.We identified 37 distinct defense approaches across three categories,but standardized evaluation frameworks remain limited.Our analysis attributes these vulnerabilities to fundamental LLM architectural limitations,such as the inability to distinguish instructions from data and attention mechanism vulnerabilities.This highlights critical research directions such as formal verification methods,standardized evaluation protocols,and architectural innovations for inherently secure LLM designs.
基金The Key R&D Program of Hunan Province(Grant No.2025AQ2024)of the Department of Science and Technology of Hunan Province.Distinguished Young Scientists Fund(Grant No.24B0446)of Hunan Education Department.
文摘Internet of Things(IoTs)devices are bringing about a revolutionary change our society by enabling connectivity regardless of time and location.However,The extensive deployment of these devices also makes them attractive victims for themalicious actions of adversaries.Within the spectrumof existing threats,Side-ChannelAttacks(SCAs)have established themselves as an effective way to compromise cryptographic implementations.These attacks exploit unintended,unintended physical leakage that occurs during the cryptographic execution of devices,bypassing the theoretical strength of the crypto design.In recent times,the advancement of deep learning has provided SCAs with a powerful ally.Well-trained deep-learningmodels demonstrate an exceptional capacity to identify correlations between side-channel measurements and sensitive data,thereby significantly enhancing such attacks.To further understand the security threats posed by deep-learning SCAs and to aid in formulating robust countermeasures in the future,this paper undertakes an exhaustive investigation of leading-edge SCAs targeting Advanced Encryption Standard(AES)implementations.The study specifically focuses on attacks that exploit power consumption and electromagnetic(EM)emissions as primary leakage sources,systematically evaluating the extent to which diverse deep learning techniques enhance SCAs acrossmultiple critical dimensions.These dimensions include:(i)the characteristics of publicly available datasets derived from various hardware and software platforms;(ii)the formalization of leakage models tailored to different attack scenarios;(iii)the architectural suitability and performance of state-of-the-art deep learning models.Furthermore,the survey provides a systematic synthesis of current research findings,identifies significant unresolved issues in the existing literature and suggests promising directions for future work,including cross-device attack transferability and the impact of quantum-classical hybrid computing on side-channel security.
基金supported by Key Laboratory of Cyberspace Security,Ministry of Education,China。
文摘Transformer-based models have significantly advanced binary code similarity detection(BCSD)by leveraging their semantic encoding capabilities for efficient function matching across diverse compilation settings.Although adversarial examples can strategically undermine the accuracy of BCSD models and protect critical code,existing techniques predominantly depend on inserting artificial instructions,which incur high computational costs and offer limited diversity of perturbations.To address these limitations,we propose AIMA,a novel gradient-guided assembly instruction relocation method.Our method decouples the detection model into tokenization,embedding,and encoding layers to enable efficient gradient computation.Since token IDs of instructions are discrete and nondifferentiable,we compute gradients in the continuous embedding space to evaluate the influence of each token.The most critical tokens are identified by calculating the L2 norm of their embedding gradients.We then establish a mapping between instructions and their corresponding tokens to aggregate token-level importance into instructionlevel significance.To maximize adversarial impact,a sliding window algorithm selects the most influential contiguous segments for relocation,ensuring optimal perturbation with minimal length.This approach efficiently locates critical code regions without expensive search operations.The selected segments are relocated outside their original function boundaries via a jump mechanism,which preserves runtime control flow and functionality while introducing“deletion”effects in the static instruction sequence.Extensive experiments show that AIMA reduces similarity scores by up to 35.8%in state-of-the-art BCSD models.When incorporated into training data,it also enhances model robustness,achieving a 5.9%improvement in AUROC.
基金supported by the Institute of Information&Communications Technology Planning&Evaluation(IITP)grant funded by the Korea government(MSIT)(No.RS-2023-00235509Development of security monitoring technology based network behavior against encrypted cyber threats in ICT convergence environment).
文摘With the increasing emphasis on personal information protection,encryption through security protocols has emerged as a critical requirement in data transmission and reception processes.Nevertheless,IoT ecosystems comprise heterogeneous networks where outdated systems coexist with the latest devices,spanning a range of devices from non-encrypted ones to fully encrypted ones.Given the limited visibility into payloads in this context,this study investigates AI-based attack detection methods that leverage encrypted traffic metadata,eliminating the need for decryption and minimizing system performance degradation—especially in light of these heterogeneous devices.Using the UNSW-NB15 and CICIoT-2023 dataset,encrypted and unencrypted traffic were categorized according to security protocol,and AI-based intrusion detection experiments were conducted for each traffic type based on metadata.To mitigate the problem of class imbalance,eight different data sampling techniques were applied.The effectiveness of these sampling techniques was then comparatively analyzed using two ensemble models and three Deep Learning(DL)models from various perspectives.The experimental results confirmed that metadata-based attack detection is feasible using only encrypted traffic.In the UNSW-NB15 dataset,the f1-score of encrypted traffic was approximately 0.98,which is 4.3%higher than that of unencrypted traffic(approximately 0.94).In addition,analysis of the encrypted traffic in the CICIoT-2023 dataset using the same method showed a significantly lower f1-score of roughly 0.43,indicating that the quality of the dataset and the preprocessing approach have a substantial impact on detection performance.Furthermore,when data sampling techniques were applied to encrypted traffic,the recall in the UNSWNB15(Encrypted)dataset improved by up to 23.0%,and in the CICIoT-2023(Encrypted)dataset by 20.26%,showing a similar level of improvement.Notably,in CICIoT-2023,f1-score and Receiver Operation Characteristic-Area Under the Curve(ROC-AUC)increased by 59.0%and 55.94%,respectively.These results suggest that data sampling can have a positive effect even in encrypted environments.However,the extent of the improvement may vary depending on data quality,model architecture,and sampling strategy.
基金supported by China Southern Power Grid Company Limited(066500KK52222006).
文摘The increasing intelligence of power systems is transforming distribution networks into Cyber-Physical Distribution Systems(CPDS).While enabling advanced functionalities,the tight interdependence between cyber and physical layers introduces significant security challenges and amplifies operational risks.To address these critical issues,this paper proposes a comprehensive risk assessment framework that explicitly incorporates the physical dependence of information systems.A Bayesian attack graph is employed to quantitatively evaluate the likelihood of successful cyber attacks.By analyzing the critical scenario of fault current path misjudgment,we define novel system-level and node-level risk coupling indices to preciselymeasure the cascading impacts across cyber and physical domains.Furthermore,an attack-responsive power recovery optimization model is established,integrating DistFlowbased physical constraints and sophisticated modeling of information-dependent interference.To enhance resilience against varying attack scenarios,a defense resource allocation model is constructed,where the complex Mixed-Integer Nonlinear Programming(MINLP)problem is efficiently linearized into a Mixed-Integer Linear Programming(MILP)formulation.Finally,to mitigate the impact of targeted attacks,the optimal deployment of terminal defense resources is determined using a Stackelberg game-theoretic approach,aiming to minimize overall system risk.The robustness and effectiveness of the proposed integrated framework are rigorously validated through extensive simulations under diverse attack intensities and defense resource constraints.
