Distributed Denial of Service(DDoS)attacks are one of the severe threats to network infrastructure,sometimes bypassing traditional diagnosis algorithms because of their evolving complexity.PresentMachine Learning(ML)t...Distributed Denial of Service(DDoS)attacks are one of the severe threats to network infrastructure,sometimes bypassing traditional diagnosis algorithms because of their evolving complexity.PresentMachine Learning(ML)techniques for DDoS attack diagnosis normally apply network traffic statistical features such as packet sizes and inter-arrival times.However,such techniques sometimes fail to capture complicated relations among various traffic flows.In this paper,we present a new multi-scale ensemble strategy given the Graph Neural Networks(GNNs)for improving DDoS detection.Our technique divides traffic into macro-and micro-level elements,letting various GNN models to get the two corase-scale anomalies and subtle,stealthy attack models.Through modeling network traffic as graph-structured data,GNNs efficiently learn intricate relations among network entities.The proposed ensemble learning algorithm combines the results of several GNNs to improve generalization,robustness,and scalability.Extensive experiments on three benchmark datasets—UNSW-NB15,CICIDS2017,and CICDDoS2019—show that our approach outperforms traditional machine learning and deep learning models in detecting both high-rate and low-rate(stealthy)DDoS attacks,with significant improvements in accuracy and recall.These findings demonstrate the suggested method’s applicability and robustness for real-world implementation in contexts where several DDoS patterns coexist.展开更多
Distributed Denial-of-Service(DDoS)attacks pose severe threats to Industrial Control Networks(ICNs),where service disruption can cause significant economic losses and operational risks.Existing signature-based methods...Distributed Denial-of-Service(DDoS)attacks pose severe threats to Industrial Control Networks(ICNs),where service disruption can cause significant economic losses and operational risks.Existing signature-based methods are ineffective against novel attacks,and traditional machine learning models struggle to capture the complex temporal dependencies and dynamic traffic patterns inherent in ICN environments.To address these challenges,this study proposes a deep feature-driven hybrid framework that integrates Transformer,BiLSTM,and KNN to achieve accurate and robust DDoS detection.The Transformer component extracts global temporal dependencies from network traffic flows,while BiLSTM captures fine-grained sequential dynamics.The learned embeddings are then classified using an instance-based KNN layer,enhancing decision boundary precision.This cascaded architecture balances feature abstraction and locality preservation,improving both generalization and robustness.The proposed approach was evaluated on a newly collected real-time ICN traffic dataset and further validated using the public CIC-IDS2017 and Edge-IIoT datasets to demonstrate generalization.Comprehensive metrics including accuracy,precision,recall,F1-score,ROC-AUC,PR-AUC,false positive rate(FPR),and detection latency were employed.Results show that the hybrid framework achieves 98.42%accuracy with an ROC-AUC of 0.992 and FPR below 1%,outperforming baseline machine learning and deep learning models.Robustness experiments under Gaussian noise perturbations confirmed stable performance with less than 2%accuracy degradation.Moreover,detection latency remained below 2.1 ms per sample,indicating suitability for real-time ICS deployment.In summary,the proposed hybrid temporal learning and instance-based classification model offers a scalable and effective solution for DDoS detection in industrial control environments.By combining global contextual modeling,sequential learning,and instance-based refinement,the framework demonstrates strong adaptability across datasets and resilience against noise,providing practical utility for safeguarding critical infrastructure.展开更多
Detecting small forest fire targets in unmanned aerial vehicle(UAV)images is difficult,as flames typically cover only a very limited portion of the visual scene.This study proposes Context-guided Compact Lightweight N...Detecting small forest fire targets in unmanned aerial vehicle(UAV)images is difficult,as flames typically cover only a very limited portion of the visual scene.This study proposes Context-guided Compact Lightweight Network(CCLNet),an end-to-end lightweight model designed to detect small forest fire targets while ensuring efficient inference on devices with constrained computational resources.CCLNet employs a three-stage network architecture.Its key components include three modules.C3F-Convolutional Gated Linear Unit(C3F-CGLU)performs selective local feature extraction while preserving fine-grained high-frequency flame details.Context-Guided Feature Fusion Module(CGFM)replaces plain concatenation with triplet-attention interactions to emphasize subtle flame patterns.Lightweight Shared Convolution with Separated Batch Normalization Detection(LSCSBD)reduces parameters through separated batch normalization while maintaining scale-specific statistics.We build TF-11K,an 11,139-image dataset combining 9139 self-collected UAV images from subtropical forests and 2000 re-annotated frames from the FLAME dataset.On TF-11K,CCLNet attains 85.8%mAP@0.5,45.5%mean Average Precision(mAP)@[0.5:0.95],87.4%precision,and 79.1%recall with 2.21 M parameters and 5.7 Giga Floating-point Operations Per Second(GFLOPs).The ablation study confirms that each module contributes to both accuracy and efficiency.Cross-dataset evaluation on DFS yields 77.5%mAP@0.5 and 42.3%mAP@[0.5:0.95],indicating good generalization to unseen scenes.These results suggest that CCLNet offers a practical balance between accuracy and speed for small-target forest fire monitoring with UAVs.展开更多
With the growing complexity and decentralization of network systems,the attack surface has expanded,which has led to greater concerns over network threats.In this context,artificial intelligence(AI)-based network intr...With the growing complexity and decentralization of network systems,the attack surface has expanded,which has led to greater concerns over network threats.In this context,artificial intelligence(AI)-based network intrusion detection systems(NIDS)have been extensively studied,and recent efforts have shifted toward integrating distributed learning to enable intelligent and scalable detection mechanisms.However,most existing works focus on individual distributed learning frameworks,and there is a lack of systematic evaluations that compare different algorithms under consistent conditions.In this paper,we present a comprehensive evaluation of representative distributed learning frameworks—Federated Learning(FL),Split Learning(SL),hybrid collaborative learning(SFL),and fully distributed learning—in the context of AI-driven NIDS.Using recent benchmark intrusion detection datasets,a unified model backbone,and controlled distributed scenarios,we assess these frameworks across multiple criteria,including detection performance,communication cost,computational efficiency,and convergence behavior.Our findings highlight distinct trade-offs among the distributed learning frameworks,demonstrating that the optimal choice depends strongly on systemconstraints such as bandwidth availability,node resources,and data distribution.This work provides the first holistic analysis of distributed learning approaches for AI-driven NIDS and offers practical guidelines for designing secure and efficient intrusion detection systems in decentralized environments.展开更多
With network attack technology continuing to develop,traditional anomaly traffic detection methods that rely on feature engineering are increasingly insufficient in efficiency and accuracy.Graph Neural Network(GNN),a ...With network attack technology continuing to develop,traditional anomaly traffic detection methods that rely on feature engineering are increasingly insufficient in efficiency and accuracy.Graph Neural Network(GNN),a promising Deep Learning(DL)approach,has proven to be highly effective in identifying intricate patterns in graph⁃structured data and has already found wide applications in the field of network security.In this paper,we propose a hybrid Graph Convolutional Network(GCN)⁃GraphSAGE model for Anomaly Traffic Detection,namely HGS⁃ATD,which aims to improve the accuracy of anomaly traffic detection by leveraging edge feature learning to better capture the relationships between network entities.We validate the HGS⁃ATD model on four publicly available datasets,including NF⁃UNSW⁃NB15⁃v2.The experimental results show that the enhanced hybrid model is 5.71%to 10.25%higher than the baseline model in terms of accuracy,and the F1⁃score is 5.53%to 11.63%higher than the baseline model,proving that the model can effectively distinguish normal traffic from attack traffic and accurately classify various types of attacks.展开更多
Community detection is one of the most fundamental applications in understanding the structure of complicated networks.Furthermore,it is an important approach to identifying closely linked clusters of nodes that may r...Community detection is one of the most fundamental applications in understanding the structure of complicated networks.Furthermore,it is an important approach to identifying closely linked clusters of nodes that may represent underlying patterns and relationships.Networking structures are highly sensitive in social networks,requiring advanced techniques to accurately identify the structure of these communities.Most conventional algorithms for detecting communities perform inadequately with complicated networks.In addition,they miss out on accurately identifying clusters.Since single-objective optimization cannot always generate accurate and comprehensive results,as multi-objective optimization can.Therefore,we utilized two objective functions that enable strong connections between communities and weak connections between them.In this study,we utilized the intra function,which has proven effective in state-of-the-art research studies.We proposed a new inter-function that has demonstrated its effectiveness by making the objective of detecting external connections between communities is to make them more distinct and sparse.Furthermore,we proposed a Multi-Objective community strength enhancement algorithm(MOCSE).The proposed algorithm is based on the framework of the Multi-Objective Evolutionary Algorithm with Decomposition(MOEA/D),integrated with a new heuristic mutation strategy,community strength enhancement(CSE).The results demonstrate that the model is effective in accurately identifying community structures while also being computationally efficient.The performance measures used to evaluate the MOEA/D algorithm in our work are normalized mutual information(NMI)and modularity(Q).It was tested using five state-of-the-art algorithms on social networks,comprising real datasets(Zachary,Dolphin,Football,Krebs,SFI,Jazz,and Netscience),as well as twenty synthetic datasets.These results provide the robustness and practical value of the proposed algorithm in multi-objective community identification.展开更多
The ubiquity of mobile devices has driven advancements in mobile object detection.However,challenges in multi-scale object detection in open,complex environments persist due to limited computational resources.Traditio...The ubiquity of mobile devices has driven advancements in mobile object detection.However,challenges in multi-scale object detection in open,complex environments persist due to limited computational resources.Traditional approaches like network compression,quantization,and lightweight design often sacrifice accuracy or feature representation robustness.This article introduces the Fast Multi-scale Channel Shuffling Network(FMCSNet),a novel lightweight detection model optimized for mobile devices.FMCSNet integrates a fully convolutional Multilayer Perceptron(MLP)module,offering global perception without significantly increasing parameters,effectively bridging the gap between CNNs and Vision Transformers.FMCSNet achieves a delicate balance between computation and accuracy mainly by two key modules:the ShiftMLP module,including a shift operation and an MLP module,and a Partial group Convolutional(PGConv)module,reducing computation while enhancing information exchange between channels.With a computational complexity of 1.4G FLOPs and 1.3M parameters,FMCSNet outperforms CNN-based and DWConv-based ShuffleNetv2 by 1%and 4.5%mAP on the Pascal VOC 2007 dataset,respectively.Additionally,FMCSNet achieves a mAP of 30.0(0.5:0.95 IoU threshold)with only 2.5G FLOPs and 2.0M parameters.It achieves 32 FPS on low-performance i5-series CPUs,meeting real-time detection requirements.The versatility of the PGConv module’s adaptability across scenarios further highlights FMCSNet as a promising solution for real-time mobile object detection.展开更多
With the increasing severity of network security threats,Network Intrusion Detection(NID)has become a key technology to ensure network security.To address the problem of low detection rate of traditional intrusion det...With the increasing severity of network security threats,Network Intrusion Detection(NID)has become a key technology to ensure network security.To address the problem of low detection rate of traditional intrusion detection models,this paper proposes a Dual-Attention model for NID,which combines Convolutional Neural Network(CNN)and Bidirectional Long Short-Term Memory(BiLSTM)to design two modules:the FocusConV and the TempoNet module.The FocusConV module,which automatically adjusts and weights CNN extracted local features,focuses on local features that are more important for intrusion detection.The TempoNet module focuses on global information,identifies more important features in time steps or sequences,and filters and weights the information globally to further improve the accuracy and robustness of NID.Meanwhile,in order to solve the class imbalance problem in the dataset,the EQL v2 method is used to compute the class weights of each class and to use them in the loss computation,which optimizes the performance of the model on the class imbalance problem.Extensive experiments were conducted on the NSL-KDD,UNSW-NB15,and CIC-DDos2019 datasets,achieving average accuracy rates of 99.66%,87.47%,and 99.39%,respectively,demonstrating excellent detection accuracy and robustness.The model also improves the detection performance of minority classes in the datasets.On the UNSW-NB15 dataset,the detection rates for Analysis,Exploits,and Shellcode attacks increased by 7%,7%,and 10%,respectively,demonstrating the Dual-Attention CNN-BiLSTM model’s excellent performance in NID.展开更多
Social bots are automated programs designed to spread rumors and misinformation,posing significant threats to online security.Existing research shows that the structure of a social network significantly affects the be...Social bots are automated programs designed to spread rumors and misinformation,posing significant threats to online security.Existing research shows that the structure of a social network significantly affects the behavioral patterns of social bots:a higher number of connected components weakens their collaborative capabilities,thereby reducing their proportion within the overall network.However,current social bot detection methods still make limited use of topological features.Furthermore,both graph neural network(GNN)-based methods that rely on local features and those that leverage global features suffer from their own limitations,and existing studies lack an effective fusion of multi-scale information.To address these issues,this paper proposes a topology-aware multi-scale social bot detection method,which jointly learns local and global representations through a co-training mechanism.At the local level,topological features are effectively embedded into node representations,enhancing expressiveness while alleviating the over-smoothing problem in GNNs.At the global level,a clustering attention mechanism is introduced to learn global node representations,mitigating the over-globalization problem.Experimental results demonstrate that our method effectively overcomes the limitations of single-scale approaches.Our code is publicly available at https://anonymous.4open.science/r/TopoMSG-2C41/(accessed on 27 October 2025).展开更多
The Internet of Things(IoT)is integral to modern infrastructure,enabling connectivity among a wide range of devices from home automation to industrial control systems.With the exponential increase in data generated by...The Internet of Things(IoT)is integral to modern infrastructure,enabling connectivity among a wide range of devices from home automation to industrial control systems.With the exponential increase in data generated by these interconnected devices,robust anomaly detection mechanisms are essential.Anomaly detection in this dynamic environment necessitates methods that can accurately distinguish between normal and anomalous behavior by learning intricate patterns.This paper presents a novel approach utilizing generative adversarial networks(GANs)for anomaly detection in IoT systems.However,optimizing GANs involves tuning hyper-parameters such as learning rate,batch size,and optimization algorithms,which can be challenging due to the non-convex nature of GAN loss functions.To address this,we propose a five-dimensional Gray wolf optimizer(5DGWO)to optimize GAN hyper-parameters.The 5DGWO introduces two new types of wolves:gamma(γ)for improved exploitation and convergence,and theta(θ)for enhanced exploration and escaping local minima.The proposed system framework comprises four key stages:1)preprocessing,2)generative model training,3)autoencoder(AE)training,and 4)predictive model training.The generative models are utilized to assist the AE training,and the final predictive models(including convolutional neural network(CNN),deep belief network(DBN),recurrent neural network(RNN),random forest(RF),and extreme gradient boosting(XGBoost))are trained using the generated data and AE-encoded features.We evaluated the system on three benchmark datasets:NSL-KDD,UNSW-NB15,and IoT-23.Experiments conducted on diverse IoT datasets show that our method outperforms existing anomaly detection strategies and significantly reduces false positives.The 5DGWO-GAN-CNNAE exhibits superior performance in various metrics,including accuracy,recall,precision,root mean square error(RMSE),and convergence trend.The proposed 5DGWO-GAN-CNNAE achieved the lowest RMSE values across the NSL-KDD,UNSW-NB15,and IoT-23 datasets,with values of 0.24,1.10,and 0.09,respectively.Additionally,it attained the highest accuracy,ranging from 94%to 100%.These results suggest a promising direction for future IoT security frameworks,offering a scalable and efficient solution to safeguard against evolving cyber threats.展开更多
Network attacks have become a critical issue in the internet security domain.Artificial intelligence technology-based detection methodologies have attracted attention;however,recent studies have struggled to adapt to ...Network attacks have become a critical issue in the internet security domain.Artificial intelligence technology-based detection methodologies have attracted attention;however,recent studies have struggled to adapt to changing attack patterns and complex network environments.In addition,it is difficult to explain the detection results logically using artificial intelligence.We propose a method for classifying network attacks using graph models to explain the detection results.First,we reconstruct the network packet data into a graphical structure.We then use a graph model to predict network attacks using edge classification.To explain the prediction results,we observed numerical changes by randomly masking and calculating the importance of neighbors,allowing us to extract significant subgraphs.Our experiments on six public datasets demonstrate superior performance with an average F1-score of 0.960 and accuracy of 0.964,outperforming traditional machine learning and other graph models.The visual representation of the extracted subgraphs highlights the neighboring nodes that have the greatest impact on the results,thus explaining detection.In conclusion,this study demonstrates that graph-based models are suitable for network attack detection in complex environments,and the importance of graph neighbors can be calculated to efficiently analyze the results.This approach can contribute to real-world network security analyses and provide a new direction in the field.展开更多
The increasing interconnection of modern industrial control systems(ICSs)with the Internet has enhanced operational efficiency,but alsomade these systemsmore vulnerable to cyberattacks.This heightened exposure has dri...The increasing interconnection of modern industrial control systems(ICSs)with the Internet has enhanced operational efficiency,but alsomade these systemsmore vulnerable to cyberattacks.This heightened exposure has driven a growing need for robust ICS security measures.Among the key defences,intrusion detection technology is critical in identifying threats to ICS networks.This paper provides an overview of the distinctive characteristics of ICS network security,highlighting standard attack methods.It then examines various intrusion detection methods,including those based on misuse detection,anomaly detection,machine learning,and specialised requirements.This paper concludes by exploring future directions for developing intrusion detection systems to advance research and ensure the continued security and reliability of ICS operations.展开更多
Traditional anomaly detection methods often assume that data points are independent or exhibit regularly structured relationships,as in Euclidean data such as time series or image grids.However,real-world data frequen...Traditional anomaly detection methods often assume that data points are independent or exhibit regularly structured relationships,as in Euclidean data such as time series or image grids.However,real-world data frequently involve irregular,interconnected structures,requiring a shift toward non-Euclidean approaches.This study introduces a novel anomaly detection framework designed to handle non-Euclidean data by modeling transactions as graph signals.By leveraging graph convolution filters,we extract meaningful connection strengths that capture relational dependencies often overlooked in traditional methods.Utilizing the Graph Convolutional Networks(GCN)framework,we integrate graph-based embeddings with conventional anomaly detection models,enhancing performance through relational insights.Ourmethod is validated on European credit card transaction data,demonstrating its effectiveness in detecting fraudulent transactions,particularly thosewith subtle patterns that evade traditional,amountbased detection techniques.The results highlight the advantages of incorporating temporal and structural dependencies into fraud detection,showcasing the robustness and applicability of our approach in complex,real-world scenarios.展开更多
Defect detection in printed circuit boards(PCB)remains challenging due to the difficulty of identifying small-scale defects,the inefficiency of conventional approaches,and the interference from complex backgrounds.To ...Defect detection in printed circuit boards(PCB)remains challenging due to the difficulty of identifying small-scale defects,the inefficiency of conventional approaches,and the interference from complex backgrounds.To address these issues,this paper proposes SIM-Net,an enhanced detection framework derived from YOLOv11.The model integrates SPDConv to preserve fine-grained features for small object detection,introduces a novel convolutional partial attention module(C2PAM)to suppress redundant background information and highlight salient regions,and employs a multi-scale fusion network(MFN)with a multi-grain contextual module(MGCT)to strengthen contextual representation and accelerate inference.Experimental evaluations demonstrate that SIM-Net achieves 92.4%mAP,92%accuracy,and 89.4%recall with an inference speed of 75.1 FPS,outperforming existing state-of-the-art methods.These results confirm the robustness and real-time applicability of SIM-Net for PCB defect inspection.展开更多
Adversarial Reinforcement Learning(ARL)models for intelligent devices and Network Intrusion Detection Systems(NIDS)improve systemresilience against sophisticated cyber-attacks.As a core component of ARL,Adversarial Tr...Adversarial Reinforcement Learning(ARL)models for intelligent devices and Network Intrusion Detection Systems(NIDS)improve systemresilience against sophisticated cyber-attacks.As a core component of ARL,Adversarial Training(AT)enables NIDS agents to discover and prevent newattack paths by exposing them to competing examples,thereby increasing detection accuracy,reducing False Positives(FPs),and enhancing network security.To develop robust decision-making capabilities for real-world network disruptions and hostile activity,NIDS agents are trained in adversarial scenarios to monitor the current state and notify management of any abnormal or malicious activity.The accuracy and timeliness of the IDS were crucial to the network’s availability and reliability at this time.This paper analyzes ARL applications in NIDS,revealing State-of-The-Art(SoTA)methodology,issues,and future research prospects.This includes Reinforcement Machine Learning(RML)-based NIDS,which enables an agent to interact with the environment to achieve a goal,andDeep Reinforcement Learning(DRL)-based NIDS,which can solve complex decision-making problems.Additionally,this survey study addresses cybersecurity adversarial circumstances and their importance for ARL and NIDS.Architectural design,RL algorithms,feature representation,and training methodologies are examined in the ARL-NIDS study.This comprehensive study evaluates ARL for intelligent NIDS research,benefiting cybersecurity researchers,practitioners,and policymakers.The report promotes cybersecurity defense research and innovation.展开更多
The increased connectivity and reliance on digital technologies have exposed smart transportation systems to various cyber threats,making intrusion detection a critical aspect of ensuring their secure operation.Tradit...The increased connectivity and reliance on digital technologies have exposed smart transportation systems to various cyber threats,making intrusion detection a critical aspect of ensuring their secure operation.Traditional intrusion detection systems have limitations in terms of centralized architecture,lack of transparency,and vulnerability to single points of failure.This is where the integration of blockchain technology with signature-based intrusion detection can provide a robust and decentralized solution for securing smart transportation systems.This study tackles the issue of database manipulation attacks in smart transportation networks by proposing a signaturebased intrusion detection system.The introduced signature facilitates accurate detection and systematic classification of attacks,enabling categorization according to their severity levels within the transportation infrastructure.Through comparative analysis,the research demonstrates that the blockchain-based IDS outperforms traditional approaches in terms of security,resilience,and data integrity.展开更多
Deep learning has become integral to robotics,particularly in tasks such as robotic grasping,where objects often exhibit diverse shapes,textures,and physical properties.In robotic grasping tasks,due to the diverse cha...Deep learning has become integral to robotics,particularly in tasks such as robotic grasping,where objects often exhibit diverse shapes,textures,and physical properties.In robotic grasping tasks,due to the diverse characteristics of the targets,frequent adjustments to the network architecture and parameters are required to avoid a decrease in model accuracy,which presents a significant challenge for non-experts.Neural Architecture Search(NAS)provides a compelling method through the automated generation of network architectures,enabling the discovery of models that achieve high accuracy through efficient search algorithms.Compared to manually designed networks,NAS methods can significantly reduce design costs,time expenditure,and improve model performance.However,such methods often involve complex topological connections,and these redundant structures can severely reduce computational efficiency.To overcome this challenge,this work puts forward a robotic grasp detection framework founded on NAS.The method automatically designs a lightweight network with high accuracy and low topological complexity,effectively adapting to the target object to generate the optimal grasp pose,thereby significantly improving the success rate of robotic grasping.Additionally,we use Class Activation Mapping(CAM)as an interpretability tool,which captures sensitive information during the perception process through visualized results.The searched model achieved competitive,and in some cases superior,performance on the Cornell and Jacquard public datasets,achieving accuracies of 98.3%and 96.8%,respectively,while sustaining a detection speed of 89 frames per second with only 0.41 million parameters.To further validate its effectiveness beyond benchmark evaluations,we conducted real-world grasping experiments on a UR5 robotic arm,where the model demonstrated reliable performance across diverse objects and high grasp success rates,thereby confirming its practical applicability in robotic manipulation tasks.展开更多
Multivariate anomaly detection plays a critical role in maintaining the stable operation of information systems.However,in existing research,multivariate data are often influenced by various factors during the data co...Multivariate anomaly detection plays a critical role in maintaining the stable operation of information systems.However,in existing research,multivariate data are often influenced by various factors during the data collection process,resulting in temporal misalignment or displacement.Due to these factors,the node representations carry substantial noise,which reduces the adaptability of the multivariate coupled network structure and subsequently degrades anomaly detection performance.Accordingly,this study proposes a novel multivariate anomaly detection model grounded in graph structure learning.Firstly,a recommendation strategy is employed to identify strongly coupled variable pairs,which are then used to construct a recommendation-driven multivariate coupling network.Secondly,a multi-channel graph encoding layer is used to dynamically optimize the structural properties of the multivariate coupling network,while a multi-head attention mechanism enhances the spatial characteristics of the multivariate data.Finally,unsupervised anomaly detection is conducted using a dynamic threshold selection algorithm.Experimental results demonstrate that effectively integrating the structural and spatial features of multivariate data significantly mitigates anomalies caused by temporal dependency misalignment.展开更多
To address the challenge of real-time detection of unauthorized drone intrusions in complex low-altitude urban environments such as parks and airports,this paper proposes an enhanced MBS-YOLO(Multi-Branch Small Target...To address the challenge of real-time detection of unauthorized drone intrusions in complex low-altitude urban environments such as parks and airports,this paper proposes an enhanced MBS-YOLO(Multi-Branch Small Target Detection YOLO)model for anti-drone object detection,based on the YOLOv8 architecture.To overcome the limitations of existing methods in detecting small objects within complex backgrounds,we designed a C2f-Pu module with excellent feature extraction capability and a more compact parameter set,aiming to reduce the model’s computational complexity.To improve multi-scale feature fusion,we construct a Multi-Branch Feature Pyramid Network(MB-FPN)that employs a cross-level feature fusion strategy to enhance the model’s representation of small objects.Additionally,a shared detail-enhanced detection head is introduced to address the large size variations of Unmanned Aerial Vehicle(UAV)targets,thereby improving detection performance across different scales.Experimental results demonstrate that the proposed model achieves consistent improvements across multiple benchmarks.On the Det-Fly dataset,it improves precision by 3%,recall by 5.6%,and mAP50 by 4.5%compared with the baseline,while reducing parameters by 21.2%.Cross-validation on the VisDrone dataset further validates its robustness,yielding additional gains of 3.2%in precision,6.1%in recall,and 4.8%in mAP50 over the original YOLOv8.These findings confirm the effectiveness of the proposed algorithm in enhancing UAV detection performance under complex scenarios.展开更多
As containerized environments become increasingly prevalent in cloud-native infrastructures,the need for effective monitoring and detection of malicious behaviors has become critical.Malicious containers pose signific...As containerized environments become increasingly prevalent in cloud-native infrastructures,the need for effective monitoring and detection of malicious behaviors has become critical.Malicious containers pose significant risks by exploiting shared host resources,enabling privilege escalation,or launching large-scale attacks such as cryptomining and botnet activities.Therefore,developing accurate and efficient detection mechanisms is essential for ensuring the security and stability of containerized systems.To this end,we propose a hybrid detection framework that leverages the extended Berkeley Packet Filter(eBPF)to monitor container activities directly within the Linux kernel.The framework simultaneously collects flow-based network metadata and host-based system-call traces,transforms them into machine-learning features,and applies multi-class classification models to distinguish malicious containers from benign ones.Using six malicious and four benign container scenarios,our evaluation shows that runtime detection is feasible with high accuracy:flow-based detection achieved 87.49%,while host-based detection using system-call sequences reached 98.39%.The performance difference is largely due to similar communication patterns exhibited by certain malware families which limit the discriminative power of flow-level features.Host-level monitoring,by contrast,exposes fine-grained behavioral characteristics,such as file-system access patterns,persistence mechanisms,and resource-management calls that do not appear in network metadata.Our results further demonstrate that both monitoring modality and preprocessing strategy directly influence model performance.More importantly,combining flow-based and host-based telemetry in a complementary hybrid approach resolves classification ambiguities that arise when relying on a single data source.These findings underscore the potential of eBPF-based hybrid analysis for achieving accurate,low-overhead,and behavior-aware runtime security in containerized environments,and they establish a practical foundation for developing adaptive and scalable detection mechanisms in modern cloud systems.展开更多
文摘Distributed Denial of Service(DDoS)attacks are one of the severe threats to network infrastructure,sometimes bypassing traditional diagnosis algorithms because of their evolving complexity.PresentMachine Learning(ML)techniques for DDoS attack diagnosis normally apply network traffic statistical features such as packet sizes and inter-arrival times.However,such techniques sometimes fail to capture complicated relations among various traffic flows.In this paper,we present a new multi-scale ensemble strategy given the Graph Neural Networks(GNNs)for improving DDoS detection.Our technique divides traffic into macro-and micro-level elements,letting various GNN models to get the two corase-scale anomalies and subtle,stealthy attack models.Through modeling network traffic as graph-structured data,GNNs efficiently learn intricate relations among network entities.The proposed ensemble learning algorithm combines the results of several GNNs to improve generalization,robustness,and scalability.Extensive experiments on three benchmark datasets—UNSW-NB15,CICIDS2017,and CICDDoS2019—show that our approach outperforms traditional machine learning and deep learning models in detecting both high-rate and low-rate(stealthy)DDoS attacks,with significant improvements in accuracy and recall.These findings demonstrate the suggested method’s applicability and robustness for real-world implementation in contexts where several DDoS patterns coexist.
基金supported by the Extral High Voltage Power Transmission Company,China Southern Power Grid Co.,Ltd.
文摘Distributed Denial-of-Service(DDoS)attacks pose severe threats to Industrial Control Networks(ICNs),where service disruption can cause significant economic losses and operational risks.Existing signature-based methods are ineffective against novel attacks,and traditional machine learning models struggle to capture the complex temporal dependencies and dynamic traffic patterns inherent in ICN environments.To address these challenges,this study proposes a deep feature-driven hybrid framework that integrates Transformer,BiLSTM,and KNN to achieve accurate and robust DDoS detection.The Transformer component extracts global temporal dependencies from network traffic flows,while BiLSTM captures fine-grained sequential dynamics.The learned embeddings are then classified using an instance-based KNN layer,enhancing decision boundary precision.This cascaded architecture balances feature abstraction and locality preservation,improving both generalization and robustness.The proposed approach was evaluated on a newly collected real-time ICN traffic dataset and further validated using the public CIC-IDS2017 and Edge-IIoT datasets to demonstrate generalization.Comprehensive metrics including accuracy,precision,recall,F1-score,ROC-AUC,PR-AUC,false positive rate(FPR),and detection latency were employed.Results show that the hybrid framework achieves 98.42%accuracy with an ROC-AUC of 0.992 and FPR below 1%,outperforming baseline machine learning and deep learning models.Robustness experiments under Gaussian noise perturbations confirmed stable performance with less than 2%accuracy degradation.Moreover,detection latency remained below 2.1 ms per sample,indicating suitability for real-time ICS deployment.In summary,the proposed hybrid temporal learning and instance-based classification model offers a scalable and effective solution for DDoS detection in industrial control environments.By combining global contextual modeling,sequential learning,and instance-based refinement,the framework demonstrates strong adaptability across datasets and resilience against noise,providing practical utility for safeguarding critical infrastructure.
基金funded by the Natural Science Foundation of Hunan Province(Grant No.2025JJ80352)the National Natural Science Foundation Project of China(Grant No.32271879).
文摘Detecting small forest fire targets in unmanned aerial vehicle(UAV)images is difficult,as flames typically cover only a very limited portion of the visual scene.This study proposes Context-guided Compact Lightweight Network(CCLNet),an end-to-end lightweight model designed to detect small forest fire targets while ensuring efficient inference on devices with constrained computational resources.CCLNet employs a three-stage network architecture.Its key components include three modules.C3F-Convolutional Gated Linear Unit(C3F-CGLU)performs selective local feature extraction while preserving fine-grained high-frequency flame details.Context-Guided Feature Fusion Module(CGFM)replaces plain concatenation with triplet-attention interactions to emphasize subtle flame patterns.Lightweight Shared Convolution with Separated Batch Normalization Detection(LSCSBD)reduces parameters through separated batch normalization while maintaining scale-specific statistics.We build TF-11K,an 11,139-image dataset combining 9139 self-collected UAV images from subtropical forests and 2000 re-annotated frames from the FLAME dataset.On TF-11K,CCLNet attains 85.8%mAP@0.5,45.5%mean Average Precision(mAP)@[0.5:0.95],87.4%precision,and 79.1%recall with 2.21 M parameters and 5.7 Giga Floating-point Operations Per Second(GFLOPs).The ablation study confirms that each module contributes to both accuracy and efficiency.Cross-dataset evaluation on DFS yields 77.5%mAP@0.5 and 42.3%mAP@[0.5:0.95],indicating good generalization to unseen scenes.These results suggest that CCLNet offers a practical balance between accuracy and speed for small-target forest fire monitoring with UAVs.
基金supported by the Research year project of the KongjuNational University in 2025 and the Institute of Information&Communications Technology Planning&Evaluation(IITP)grant funded by the Korea government(MSIT)(No.RS-2024-00444170,Research and International Collaboration on Trust Model-Based Intelligent Incident Response Technologies in 6G Open Network Environment).
文摘With the growing complexity and decentralization of network systems,the attack surface has expanded,which has led to greater concerns over network threats.In this context,artificial intelligence(AI)-based network intrusion detection systems(NIDS)have been extensively studied,and recent efforts have shifted toward integrating distributed learning to enable intelligent and scalable detection mechanisms.However,most existing works focus on individual distributed learning frameworks,and there is a lack of systematic evaluations that compare different algorithms under consistent conditions.In this paper,we present a comprehensive evaluation of representative distributed learning frameworks—Federated Learning(FL),Split Learning(SL),hybrid collaborative learning(SFL),and fully distributed learning—in the context of AI-driven NIDS.Using recent benchmark intrusion detection datasets,a unified model backbone,and controlled distributed scenarios,we assess these frameworks across multiple criteria,including detection performance,communication cost,computational efficiency,and convergence behavior.Our findings highlight distinct trade-offs among the distributed learning frameworks,demonstrating that the optimal choice depends strongly on systemconstraints such as bandwidth availability,node resources,and data distribution.This work provides the first holistic analysis of distributed learning approaches for AI-driven NIDS and offers practical guidelines for designing secure and efficient intrusion detection systems in decentralized environments.
基金National Natural Science Foundation of China(Grant No.62103434)National Science Fund for Distinguished Young Scholars(Grant No.62176263).
文摘With network attack technology continuing to develop,traditional anomaly traffic detection methods that rely on feature engineering are increasingly insufficient in efficiency and accuracy.Graph Neural Network(GNN),a promising Deep Learning(DL)approach,has proven to be highly effective in identifying intricate patterns in graph⁃structured data and has already found wide applications in the field of network security.In this paper,we propose a hybrid Graph Convolutional Network(GCN)⁃GraphSAGE model for Anomaly Traffic Detection,namely HGS⁃ATD,which aims to improve the accuracy of anomaly traffic detection by leveraging edge feature learning to better capture the relationships between network entities.We validate the HGS⁃ATD model on four publicly available datasets,including NF⁃UNSW⁃NB15⁃v2.The experimental results show that the enhanced hybrid model is 5.71%to 10.25%higher than the baseline model in terms of accuracy,and the F1⁃score is 5.53%to 11.63%higher than the baseline model,proving that the model can effectively distinguish normal traffic from attack traffic and accurately classify various types of attacks.
文摘Community detection is one of the most fundamental applications in understanding the structure of complicated networks.Furthermore,it is an important approach to identifying closely linked clusters of nodes that may represent underlying patterns and relationships.Networking structures are highly sensitive in social networks,requiring advanced techniques to accurately identify the structure of these communities.Most conventional algorithms for detecting communities perform inadequately with complicated networks.In addition,they miss out on accurately identifying clusters.Since single-objective optimization cannot always generate accurate and comprehensive results,as multi-objective optimization can.Therefore,we utilized two objective functions that enable strong connections between communities and weak connections between them.In this study,we utilized the intra function,which has proven effective in state-of-the-art research studies.We proposed a new inter-function that has demonstrated its effectiveness by making the objective of detecting external connections between communities is to make them more distinct and sparse.Furthermore,we proposed a Multi-Objective community strength enhancement algorithm(MOCSE).The proposed algorithm is based on the framework of the Multi-Objective Evolutionary Algorithm with Decomposition(MOEA/D),integrated with a new heuristic mutation strategy,community strength enhancement(CSE).The results demonstrate that the model is effective in accurately identifying community structures while also being computationally efficient.The performance measures used to evaluate the MOEA/D algorithm in our work are normalized mutual information(NMI)and modularity(Q).It was tested using five state-of-the-art algorithms on social networks,comprising real datasets(Zachary,Dolphin,Football,Krebs,SFI,Jazz,and Netscience),as well as twenty synthetic datasets.These results provide the robustness and practical value of the proposed algorithm in multi-objective community identification.
基金funded by the National Natural Science Foundation of China under Grant No.62371187the Open Program of Hunan Intelligent Rehabilitation Robot and Auxiliary Equipment Engineering Technology Research Center under Grant No.2024JS101.
文摘The ubiquity of mobile devices has driven advancements in mobile object detection.However,challenges in multi-scale object detection in open,complex environments persist due to limited computational resources.Traditional approaches like network compression,quantization,and lightweight design often sacrifice accuracy or feature representation robustness.This article introduces the Fast Multi-scale Channel Shuffling Network(FMCSNet),a novel lightweight detection model optimized for mobile devices.FMCSNet integrates a fully convolutional Multilayer Perceptron(MLP)module,offering global perception without significantly increasing parameters,effectively bridging the gap between CNNs and Vision Transformers.FMCSNet achieves a delicate balance between computation and accuracy mainly by two key modules:the ShiftMLP module,including a shift operation and an MLP module,and a Partial group Convolutional(PGConv)module,reducing computation while enhancing information exchange between channels.With a computational complexity of 1.4G FLOPs and 1.3M parameters,FMCSNet outperforms CNN-based and DWConv-based ShuffleNetv2 by 1%and 4.5%mAP on the Pascal VOC 2007 dataset,respectively.Additionally,FMCSNet achieves a mAP of 30.0(0.5:0.95 IoU threshold)with only 2.5G FLOPs and 2.0M parameters.It achieves 32 FPS on low-performance i5-series CPUs,meeting real-time detection requirements.The versatility of the PGConv module’s adaptability across scenarios further highlights FMCSNet as a promising solution for real-time mobile object detection.
基金supported by the High-Level Talent Foundation of Jinling Institute of Technology(grant number.JIT-B-202413).
文摘With the increasing severity of network security threats,Network Intrusion Detection(NID)has become a key technology to ensure network security.To address the problem of low detection rate of traditional intrusion detection models,this paper proposes a Dual-Attention model for NID,which combines Convolutional Neural Network(CNN)and Bidirectional Long Short-Term Memory(BiLSTM)to design two modules:the FocusConV and the TempoNet module.The FocusConV module,which automatically adjusts and weights CNN extracted local features,focuses on local features that are more important for intrusion detection.The TempoNet module focuses on global information,identifies more important features in time steps or sequences,and filters and weights the information globally to further improve the accuracy and robustness of NID.Meanwhile,in order to solve the class imbalance problem in the dataset,the EQL v2 method is used to compute the class weights of each class and to use them in the loss computation,which optimizes the performance of the model on the class imbalance problem.Extensive experiments were conducted on the NSL-KDD,UNSW-NB15,and CIC-DDos2019 datasets,achieving average accuracy rates of 99.66%,87.47%,and 99.39%,respectively,demonstrating excellent detection accuracy and robustness.The model also improves the detection performance of minority classes in the datasets.On the UNSW-NB15 dataset,the detection rates for Analysis,Exploits,and Shellcode attacks increased by 7%,7%,and 10%,respectively,demonstrating the Dual-Attention CNN-BiLSTM model’s excellent performance in NID.
基金supported by“the Fundamental Research Funds for the Central Universities”(Grant No.CUCAI2511).
文摘Social bots are automated programs designed to spread rumors and misinformation,posing significant threats to online security.Existing research shows that the structure of a social network significantly affects the behavioral patterns of social bots:a higher number of connected components weakens their collaborative capabilities,thereby reducing their proportion within the overall network.However,current social bot detection methods still make limited use of topological features.Furthermore,both graph neural network(GNN)-based methods that rely on local features and those that leverage global features suffer from their own limitations,and existing studies lack an effective fusion of multi-scale information.To address these issues,this paper proposes a topology-aware multi-scale social bot detection method,which jointly learns local and global representations through a co-training mechanism.At the local level,topological features are effectively embedded into node representations,enhancing expressiveness while alleviating the over-smoothing problem in GNNs.At the global level,a clustering attention mechanism is introduced to learn global node representations,mitigating the over-globalization problem.Experimental results demonstrate that our method effectively overcomes the limitations of single-scale approaches.Our code is publicly available at https://anonymous.4open.science/r/TopoMSG-2C41/(accessed on 27 October 2025).
基金described in this paper has been developed with in the project PRESECREL(PID2021-124502OB-C43)。
文摘The Internet of Things(IoT)is integral to modern infrastructure,enabling connectivity among a wide range of devices from home automation to industrial control systems.With the exponential increase in data generated by these interconnected devices,robust anomaly detection mechanisms are essential.Anomaly detection in this dynamic environment necessitates methods that can accurately distinguish between normal and anomalous behavior by learning intricate patterns.This paper presents a novel approach utilizing generative adversarial networks(GANs)for anomaly detection in IoT systems.However,optimizing GANs involves tuning hyper-parameters such as learning rate,batch size,and optimization algorithms,which can be challenging due to the non-convex nature of GAN loss functions.To address this,we propose a five-dimensional Gray wolf optimizer(5DGWO)to optimize GAN hyper-parameters.The 5DGWO introduces two new types of wolves:gamma(γ)for improved exploitation and convergence,and theta(θ)for enhanced exploration and escaping local minima.The proposed system framework comprises four key stages:1)preprocessing,2)generative model training,3)autoencoder(AE)training,and 4)predictive model training.The generative models are utilized to assist the AE training,and the final predictive models(including convolutional neural network(CNN),deep belief network(DBN),recurrent neural network(RNN),random forest(RF),and extreme gradient boosting(XGBoost))are trained using the generated data and AE-encoded features.We evaluated the system on three benchmark datasets:NSL-KDD,UNSW-NB15,and IoT-23.Experiments conducted on diverse IoT datasets show that our method outperforms existing anomaly detection strategies and significantly reduces false positives.The 5DGWO-GAN-CNNAE exhibits superior performance in various metrics,including accuracy,recall,precision,root mean square error(RMSE),and convergence trend.The proposed 5DGWO-GAN-CNNAE achieved the lowest RMSE values across the NSL-KDD,UNSW-NB15,and IoT-23 datasets,with values of 0.24,1.10,and 0.09,respectively.Additionally,it attained the highest accuracy,ranging from 94%to 100%.These results suggest a promising direction for future IoT security frameworks,offering a scalable and efficient solution to safeguard against evolving cyber threats.
基金supported by the MSIT(Ministry of Science and ICT),Republic of Korea,under the ICAN(ICT Challenge and Advanced Network of HRD)support program(IITP-2025-RS-2023-00259497)supervised by the IITP(Institute for Information&Communications Technology Planning&Evaluation)and was supported by Institute of Information&Communications Technology Planning&Evaluation(IITP)grant funded by the Republic of Korea government(MSIT)(No.IITP-2025-RS-2023-00254129+1 种基金Graduate School of Metaverse Convergence(Sungkyunkwan University))was supported by the Basic Science Research Program of the National Research Foundation(NRF)funded by the Republic of Korean government(MSIT)(No.RS-2024-00346737).
文摘Network attacks have become a critical issue in the internet security domain.Artificial intelligence technology-based detection methodologies have attracted attention;however,recent studies have struggled to adapt to changing attack patterns and complex network environments.In addition,it is difficult to explain the detection results logically using artificial intelligence.We propose a method for classifying network attacks using graph models to explain the detection results.First,we reconstruct the network packet data into a graphical structure.We then use a graph model to predict network attacks using edge classification.To explain the prediction results,we observed numerical changes by randomly masking and calculating the importance of neighbors,allowing us to extract significant subgraphs.Our experiments on six public datasets demonstrate superior performance with an average F1-score of 0.960 and accuracy of 0.964,outperforming traditional machine learning and other graph models.The visual representation of the extracted subgraphs highlights the neighboring nodes that have the greatest impact on the results,thus explaining detection.In conclusion,this study demonstrates that graph-based models are suitable for network attack detection in complex environments,and the importance of graph neighbors can be calculated to efficiently analyze the results.This approach can contribute to real-world network security analyses and provide a new direction in the field.
文摘The increasing interconnection of modern industrial control systems(ICSs)with the Internet has enhanced operational efficiency,but alsomade these systemsmore vulnerable to cyberattacks.This heightened exposure has driven a growing need for robust ICS security measures.Among the key defences,intrusion detection technology is critical in identifying threats to ICS networks.This paper provides an overview of the distinctive characteristics of ICS network security,highlighting standard attack methods.It then examines various intrusion detection methods,including those based on misuse detection,anomaly detection,machine learning,and specialised requirements.This paper concludes by exploring future directions for developing intrusion detection systems to advance research and ensure the continued security and reliability of ICS operations.
基金supported by the National Research Foundation of Korea(NRF)funded by the Korea government(RS-2023-00249743)Additionally,this research was supported by the Global-Learning&Academic Research Institution for Master’s,PhD Students,and Postdocs(LAMP)Program of the National Research Foundation of Korea(NRF)grant funded by the Ministry of Education(RS-2024-00443714)This research was also supported by the“Research Base Construction Fund Support Program”funded by Jeonbuk National University in 2025.
文摘Traditional anomaly detection methods often assume that data points are independent or exhibit regularly structured relationships,as in Euclidean data such as time series or image grids.However,real-world data frequently involve irregular,interconnected structures,requiring a shift toward non-Euclidean approaches.This study introduces a novel anomaly detection framework designed to handle non-Euclidean data by modeling transactions as graph signals.By leveraging graph convolution filters,we extract meaningful connection strengths that capture relational dependencies often overlooked in traditional methods.Utilizing the Graph Convolutional Networks(GCN)framework,we integrate graph-based embeddings with conventional anomaly detection models,enhancing performance through relational insights.Ourmethod is validated on European credit card transaction data,demonstrating its effectiveness in detecting fraudulent transactions,particularly thosewith subtle patterns that evade traditional,amountbased detection techniques.The results highlight the advantages of incorporating temporal and structural dependencies into fraud detection,showcasing the robustness and applicability of our approach in complex,real-world scenarios.
文摘Defect detection in printed circuit boards(PCB)remains challenging due to the difficulty of identifying small-scale defects,the inefficiency of conventional approaches,and the interference from complex backgrounds.To address these issues,this paper proposes SIM-Net,an enhanced detection framework derived from YOLOv11.The model integrates SPDConv to preserve fine-grained features for small object detection,introduces a novel convolutional partial attention module(C2PAM)to suppress redundant background information and highlight salient regions,and employs a multi-scale fusion network(MFN)with a multi-grain contextual module(MGCT)to strengthen contextual representation and accelerate inference.Experimental evaluations demonstrate that SIM-Net achieves 92.4%mAP,92%accuracy,and 89.4%recall with an inference speed of 75.1 FPS,outperforming existing state-of-the-art methods.These results confirm the robustness and real-time applicability of SIM-Net for PCB defect inspection.
文摘Adversarial Reinforcement Learning(ARL)models for intelligent devices and Network Intrusion Detection Systems(NIDS)improve systemresilience against sophisticated cyber-attacks.As a core component of ARL,Adversarial Training(AT)enables NIDS agents to discover and prevent newattack paths by exposing them to competing examples,thereby increasing detection accuracy,reducing False Positives(FPs),and enhancing network security.To develop robust decision-making capabilities for real-world network disruptions and hostile activity,NIDS agents are trained in adversarial scenarios to monitor the current state and notify management of any abnormal or malicious activity.The accuracy and timeliness of the IDS were crucial to the network’s availability and reliability at this time.This paper analyzes ARL applications in NIDS,revealing State-of-The-Art(SoTA)methodology,issues,and future research prospects.This includes Reinforcement Machine Learning(RML)-based NIDS,which enables an agent to interact with the environment to achieve a goal,andDeep Reinforcement Learning(DRL)-based NIDS,which can solve complex decision-making problems.Additionally,this survey study addresses cybersecurity adversarial circumstances and their importance for ARL and NIDS.Architectural design,RL algorithms,feature representation,and training methodologies are examined in the ARL-NIDS study.This comprehensive study evaluates ARL for intelligent NIDS research,benefiting cybersecurity researchers,practitioners,and policymakers.The report promotes cybersecurity defense research and innovation.
基金supported by the National Research Foundation(NRF),Republic of Korea,under project BK21 FOUR(4299990213939).
文摘The increased connectivity and reliance on digital technologies have exposed smart transportation systems to various cyber threats,making intrusion detection a critical aspect of ensuring their secure operation.Traditional intrusion detection systems have limitations in terms of centralized architecture,lack of transparency,and vulnerability to single points of failure.This is where the integration of blockchain technology with signature-based intrusion detection can provide a robust and decentralized solution for securing smart transportation systems.This study tackles the issue of database manipulation attacks in smart transportation networks by proposing a signaturebased intrusion detection system.The introduced signature facilitates accurate detection and systematic classification of attacks,enabling categorization according to their severity levels within the transportation infrastructure.Through comparative analysis,the research demonstrates that the blockchain-based IDS outperforms traditional approaches in terms of security,resilience,and data integrity.
基金funded by Guangdong Basic and Applied Basic Research Foundation(2023B1515120064)National Natural Science Foundation of China(62273097).
文摘Deep learning has become integral to robotics,particularly in tasks such as robotic grasping,where objects often exhibit diverse shapes,textures,and physical properties.In robotic grasping tasks,due to the diverse characteristics of the targets,frequent adjustments to the network architecture and parameters are required to avoid a decrease in model accuracy,which presents a significant challenge for non-experts.Neural Architecture Search(NAS)provides a compelling method through the automated generation of network architectures,enabling the discovery of models that achieve high accuracy through efficient search algorithms.Compared to manually designed networks,NAS methods can significantly reduce design costs,time expenditure,and improve model performance.However,such methods often involve complex topological connections,and these redundant structures can severely reduce computational efficiency.To overcome this challenge,this work puts forward a robotic grasp detection framework founded on NAS.The method automatically designs a lightweight network with high accuracy and low topological complexity,effectively adapting to the target object to generate the optimal grasp pose,thereby significantly improving the success rate of robotic grasping.Additionally,we use Class Activation Mapping(CAM)as an interpretability tool,which captures sensitive information during the perception process through visualized results.The searched model achieved competitive,and in some cases superior,performance on the Cornell and Jacquard public datasets,achieving accuracies of 98.3%and 96.8%,respectively,while sustaining a detection speed of 89 frames per second with only 0.41 million parameters.To further validate its effectiveness beyond benchmark evaluations,we conducted real-world grasping experiments on a UR5 robotic arm,where the model demonstrated reliable performance across diverse objects and high grasp success rates,thereby confirming its practical applicability in robotic manipulation tasks.
基金supported by Natural Science Foundation of Qinghai Province(2025-ZJ-994M)Scientific Research Innovation Capability Support Project for Young Faculty(SRICSPYF-BS2025007)National Natural Science Foundation of China(62566050).
文摘Multivariate anomaly detection plays a critical role in maintaining the stable operation of information systems.However,in existing research,multivariate data are often influenced by various factors during the data collection process,resulting in temporal misalignment or displacement.Due to these factors,the node representations carry substantial noise,which reduces the adaptability of the multivariate coupled network structure and subsequently degrades anomaly detection performance.Accordingly,this study proposes a novel multivariate anomaly detection model grounded in graph structure learning.Firstly,a recommendation strategy is employed to identify strongly coupled variable pairs,which are then used to construct a recommendation-driven multivariate coupling network.Secondly,a multi-channel graph encoding layer is used to dynamically optimize the structural properties of the multivariate coupling network,while a multi-head attention mechanism enhances the spatial characteristics of the multivariate data.Finally,unsupervised anomaly detection is conducted using a dynamic threshold selection algorithm.Experimental results demonstrate that effectively integrating the structural and spatial features of multivariate data significantly mitigates anomalies caused by temporal dependency misalignment.
基金supported by the Key R&D Programof Xianyang City,Shaanxi Province(L2024-ZDYF-ZDYF-GY-0043).
文摘To address the challenge of real-time detection of unauthorized drone intrusions in complex low-altitude urban environments such as parks and airports,this paper proposes an enhanced MBS-YOLO(Multi-Branch Small Target Detection YOLO)model for anti-drone object detection,based on the YOLOv8 architecture.To overcome the limitations of existing methods in detecting small objects within complex backgrounds,we designed a C2f-Pu module with excellent feature extraction capability and a more compact parameter set,aiming to reduce the model’s computational complexity.To improve multi-scale feature fusion,we construct a Multi-Branch Feature Pyramid Network(MB-FPN)that employs a cross-level feature fusion strategy to enhance the model’s representation of small objects.Additionally,a shared detail-enhanced detection head is introduced to address the large size variations of Unmanned Aerial Vehicle(UAV)targets,thereby improving detection performance across different scales.Experimental results demonstrate that the proposed model achieves consistent improvements across multiple benchmarks.On the Det-Fly dataset,it improves precision by 3%,recall by 5.6%,and mAP50 by 4.5%compared with the baseline,while reducing parameters by 21.2%.Cross-validation on the VisDrone dataset further validates its robustness,yielding additional gains of 3.2%in precision,6.1%in recall,and 4.8%in mAP50 over the original YOLOv8.These findings confirm the effectiveness of the proposed algorithm in enhancing UAV detection performance under complex scenarios.
基金supported by the National Research Foundation of Korea(NRF)grant funded by the Korea government(MSIT)(No.RS-2024-00351898 and No.RS-2025-02263915)the MOTIE under Training Industrial Security Specialist forHigh-Tech Industry(RS-2024-00415520)supervised by theKorea Institute for Advancement of Technology(KIAT)+1 种基金the MSIT under the ICAN(ICT Challenge and Advanced Network of HRD)program(No.IITP-2022-RS-2022-00156310)supervised by the Institute of Information&Communication Technology Planning&Evaluation(IITP).
文摘As containerized environments become increasingly prevalent in cloud-native infrastructures,the need for effective monitoring and detection of malicious behaviors has become critical.Malicious containers pose significant risks by exploiting shared host resources,enabling privilege escalation,or launching large-scale attacks such as cryptomining and botnet activities.Therefore,developing accurate and efficient detection mechanisms is essential for ensuring the security and stability of containerized systems.To this end,we propose a hybrid detection framework that leverages the extended Berkeley Packet Filter(eBPF)to monitor container activities directly within the Linux kernel.The framework simultaneously collects flow-based network metadata and host-based system-call traces,transforms them into machine-learning features,and applies multi-class classification models to distinguish malicious containers from benign ones.Using six malicious and four benign container scenarios,our evaluation shows that runtime detection is feasible with high accuracy:flow-based detection achieved 87.49%,while host-based detection using system-call sequences reached 98.39%.The performance difference is largely due to similar communication patterns exhibited by certain malware families which limit the discriminative power of flow-level features.Host-level monitoring,by contrast,exposes fine-grained behavioral characteristics,such as file-system access patterns,persistence mechanisms,and resource-management calls that do not appear in network metadata.Our results further demonstrate that both monitoring modality and preprocessing strategy directly influence model performance.More importantly,combining flow-based and host-based telemetry in a complementary hybrid approach resolves classification ambiguities that arise when relying on a single data source.These findings underscore the potential of eBPF-based hybrid analysis for achieving accurate,low-overhead,and behavior-aware runtime security in containerized environments,and they establish a practical foundation for developing adaptive and scalable detection mechanisms in modern cloud systems.
