In this paper, we investigate a resilient control strategy for networked control systems(NCSs) subject to zero dynamic attacks which are stealthy false-data injection attacks that are designed so that they cannot be...In this paper, we investigate a resilient control strategy for networked control systems(NCSs) subject to zero dynamic attacks which are stealthy false-data injection attacks that are designed so that they cannot be detected based on control input and measurement data. Cyber resilience represents the ability of systems or network architectures to continue providing their intended behavior during attack and recovery. When a cyber attack on the control signal of a networked control system is computed to remain undetectable from passive model-based fault detection and isolation schemes, we show that the consequence of a zero dynamic attack on the state variable of the plant is undetectable during attack but it becomes apparent after the end of the attack. A resilient linear quadratic Gaussian controller, having the ability to quickly recover the nominal behavior of the closed-loop system after the attack end, is designed by updating online the Kalman filter from information given by an active version of the generalized likelihood ratio detector.展开更多
In recent work,adversarial stickers are widely used to attack face recognition(FR)systems in the physical world.However,it is difficult to evaluate the performance of physical attacks because of the lack of volunteers...In recent work,adversarial stickers are widely used to attack face recognition(FR)systems in the physical world.However,it is difficult to evaluate the performance of physical attacks because of the lack of volunteers in the experiment.In this paper,a simple attack method called incomplete physical adversarial attack(IPAA)is proposed to simulate physical attacks.Different from the process of physical attacks,when an IPAA is conducted,a photo of the adversarial sticker is embedded into a facial image as the input to attack FR systems,which can obtain results similar to those of physical attacks without inviting any volunteers.The results show that IPAA has a higher similarity with physical attacks than digital attacks,indicating that IPAA is able to evaluate the performance of physical attacks.IPAA is effective in quantitatively measuring the impact of the sticker location on the results of attacks.展开更多
This paper presents a security strategy for resisting a physical attack utilizing data remanence in powered- off static random access memory (SRAM). Based on the mechanism of physical attack to data remanence, the s...This paper presents a security strategy for resisting a physical attack utilizing data remanence in powered- off static random access memory (SRAM). Based on the mechanism of physical attack to data remanence, the strategy intends to erase data remanence in memory cells once the power supply is removed, which disturbs attackers trying to steal the right information. Novel on-chip secure circuits including secure power supply and erase transistor are integrated into conventional SRAM to realize erase operation. Implemented in 0.25μm Huahong-NEC CMOS technology, an SRAM exploiting the proposed security strategy shows the erase operation is accomplished within 0.2 μs and data remanence is successfully eliminated. Compared with conventional SRAM, the retentive time of data remanence is reduced by 82% while the operation power consumption only increases by 7%.展开更多
The national grid and other life-sustaining critical infrastructures face an unprecedented threat from prolonged blackouts,which could last over a year and pose a severe risk to national security.Whether caused by phy...The national grid and other life-sustaining critical infrastructures face an unprecedented threat from prolonged blackouts,which could last over a year and pose a severe risk to national security.Whether caused by physical attacks,EMP(electromagnetic pulse)events,or cyberattacks,such disruptions could cripple essential services like water supply,healthcare,communication,and transportation.Research indicates that an attack on just nine key substations could result in a coast-to-coast blackout lasting up to 18 months,leading to economic collapse,civil unrest,and a breakdown of public order.This paper explores the key vulnerabilities of the grid,the potential impacts of prolonged blackouts,and the role of AI(artificial intelligence)and ML(machine learning)in mitigating these threats.AI-driven cybersecurity measures,predictive maintenance,automated threat response,and EMP resilience strategies are discussed as essential solutions to bolster grid security.Policy recommendations emphasize the need for hardened infrastructure,enhanced cybersecurity,redundant power systems,and AI-based grid management to ensure national resilience.Without proactive measures,the nation remains exposed to a catastrophic power grid failure that could have dire consequences for society and the economy.展开更多
Detecting sophisticated cyberattacks,mainly Distributed Denial of Service(DDoS)attacks,with unexpected patterns remains challenging in modern networks.Traditional detection systems often struggle to mitigate such atta...Detecting sophisticated cyberattacks,mainly Distributed Denial of Service(DDoS)attacks,with unexpected patterns remains challenging in modern networks.Traditional detection systems often struggle to mitigate such attacks in conventional and software-defined networking(SDN)environments.While Machine Learning(ML)models can distinguish between benign and malicious traffic,their limited feature scope hinders the detection of new zero-day or low-rate DDoS attacks requiring frequent retraining.In this paper,we propose a novel DDoS detection framework that combines Machine Learning(ML)and Ensemble Learning(EL)techniques to improve DDoS attack detection and mitigation in SDN environments.Our model leverages the“DDoS SDN”dataset for training and evaluation and employs a dynamic feature selection mechanism that enhances detection accuracy by focusing on the most relevant features.This adaptive approach addresses the limitations of conventional ML models and provides more accurate detection of various DDoS attack scenarios.Our proposed ensemble model introduces an additional layer of detection,increasing reliability through the innovative application of ensemble techniques.The proposed solution significantly enhances the model’s ability to identify and respond to dynamic threats in SDNs.It provides a strong foundation for proactive DDoS detection and mitigation,enhancing network defenses against evolving threats.Our comprehensive runtime analysis of Simultaneous Multi-Threading(SMT)on identical configurations shows superior accuracy and efficiency,with significantly reduced computational time,making it ideal for real-time DDoS detection in dynamic,rapidly changing SDNs.Experimental results demonstrate that our model achieves outstanding performance,outperforming traditional algorithms with 99%accuracy using Random Forest(RF)and K-Nearest Neighbors(KNN)and 98%accuracy using XGBoost.展开更多
Autonomous driving systems(ADSs)have attracted wide attention in the machine learning communities.With the help of deep neural networks(DNNs),ADSs have shown both satisfactory performance under significant uncertainti...Autonomous driving systems(ADSs)have attracted wide attention in the machine learning communities.With the help of deep neural networks(DNNs),ADSs have shown both satisfactory performance under significant uncertainties in the environment and the ability to compensate for system failures without external intervention.However,the vulnerability of ADSs has raised concerns since DNNs have been proven vulnerable to adversarial attacks.In this paper,we present a comprehensive survey of current physical adversarial vulnerabilities in ADSs.We first divide the physical adversarial attack methods and defense methods by their restrictions of deployment into three scenarios:the real-world,simulator-based,and digital-world scenarios.Then,we consider the adversarial vulnerabilities that focus on various sensors in ADSs and separate them as camera-based,light detection and ranging(LiDAR)based,and multifusion-based attacks.Subsequently,we divide the attack tasks by traffic elements.For the physical defenses,we establish the taxonomy with reference to input image preprocessing,adversarial example detection,and model enhancement for the DNN models to achieve full coverage of the adversarial defenses.Based on the above survey,we finally discuss the challenges in this research field and provide further outlook on future directions.展开更多
Recently,with the advancement of Information and Communications Technology(ICT),Internet of Things(IoT)has been connected to the cloud and used in industrial sectors,medical environments,and smart grids.However,if dat...Recently,with the advancement of Information and Communications Technology(ICT),Internet of Things(IoT)has been connected to the cloud and used in industrial sectors,medical environments,and smart grids.However,if data is transmitted in plain text when collecting data in an IoTcloud environment,it can be exposed to various security threats such as replay attacks and data forgery.Thus,digital signatures are required.Data integrity is ensured when a user(or a device)transmits data using a signature.In addition,the concept of data aggregation is important to efficiently collect data transmitted from multiple users(or a devices)in an industrial IoT environment.However,signatures based on pairing during aggregation compromise efficiency as the number of signatories increases.Aggregate signature methods(e.g.,identity-based and certificateless cryptography)have been studied.Both methods pose key escrow and key distribution problems.In order to solve these problems,the use of aggregate signatures in certificate-based cryptography is being studied,and studies to satisfy the prevention of forgery of signatures and other security problems are being conducted.In this paper,we propose a new lightweight signature scheme that uses a certificate-based aggregate signature and can generate and verify signed messages from IoT devices in an IoT-cloud environment.In this proposed method,by providing key insulation,security threats that occur when keys are exposed due to physical attacks such as side channels can be solved.This can be applied to create an environment in which data is collected safely and efficiently in IoT-cloud is environments.展开更多
In the last decade,cognitive radio(CR) has emerged as a major next generation wireless networking technology,which is the most promising candidate solution to solve the spectrum scarcity and improve the spectrum utili...In the last decade,cognitive radio(CR) has emerged as a major next generation wireless networking technology,which is the most promising candidate solution to solve the spectrum scarcity and improve the spectrum utilization.However,there exist enormous challenges for the open and random access environment of CRNs,where the unlicensed secondary users(SUs) can use the channels that are not currently used by the licensed primary users(PUs) via spectrum-sensing technology.Because of this access method,some malicious users may access the cognitive network arbitrarily and launch some special attacks,such as primary user emulation attack,falsifying data or denial of service attack,which will cause serious damage to the cognitive radio network.In addition to the specifi c security threats of cognitive network,CRNs also face up to the conventional security threats,such as eavesdropping,tampering,imitation,forgery,and noncooperation etc..Hence,Cognitive radio networks have much more risks than traditional wireless networks with its special network model.In this paper,we considered the security threats from passive and active attacks.Firstly,the PHY layer security is presented in the view of passive attacks,and it is a compelling idea of using the physical properties of the radio channel to help provide secure wireless communications.Moreover,malicious user detection is introduced in the view of active attacks by means of the signal detection techniques to decrease the interference and the probabilities of false alarm and missed detection.Finally,we discuss the general countermeasures of security threats in three phases.In particular,we discuss the far reaching effect of defensive strategy against attacks in CRNs.展开更多
Visual language pre-training(VLP)models have demonstrated significant success in various domains,but they remain vulnerable to adversarial attacks.Addressing these adversarial vulnerabilities is crucial for enhancing ...Visual language pre-training(VLP)models have demonstrated significant success in various domains,but they remain vulnerable to adversarial attacks.Addressing these adversarial vulnerabilities is crucial for enhancing security in multi-modal learning.Traditionally,adversarial methods that target VLP models involve simultaneous perturbation of images and text.However,this approach faces significant challenges.First,adversarial perturbations often fail to translate effectively into real-world scenarios.Second,direct modifications to the text are conspicuously visible.To overcome these limitations,we propose a novel strategy that uses only image patches for attacks,thus preserving the integrity of the original text.Our method leverages prior knowledge from diffusion models to enhance the authenticity and naturalness of the perturbations.Moreover,to optimize patch placement and improve the effectiveness of our attacks,we utilize the cross-attention mechanism,which encapsulates inter-modal interactions by generating attention maps to guide strategic patch placement.Extensive experiments conducted in a white-box setting for image-to-text scenarios reveal that our proposed method significantly outperforms existing techniques,achieving a 100%attack success rate.展开更多
基金supported by the Ministry of the Higher Education and Scientific Research in Tunisia
文摘In this paper, we investigate a resilient control strategy for networked control systems(NCSs) subject to zero dynamic attacks which are stealthy false-data injection attacks that are designed so that they cannot be detected based on control input and measurement data. Cyber resilience represents the ability of systems or network architectures to continue providing their intended behavior during attack and recovery. When a cyber attack on the control signal of a networked control system is computed to remain undetectable from passive model-based fault detection and isolation schemes, we show that the consequence of a zero dynamic attack on the state variable of the plant is undetectable during attack but it becomes apparent after the end of the attack. A resilient linear quadratic Gaussian controller, having the ability to quickly recover the nominal behavior of the closed-loop system after the attack end, is designed by updating online the Kalman filter from information given by an active version of the generalized likelihood ratio detector.
文摘In recent work,adversarial stickers are widely used to attack face recognition(FR)systems in the physical world.However,it is difficult to evaluate the performance of physical attacks because of the lack of volunteers in the experiment.In this paper,a simple attack method called incomplete physical adversarial attack(IPAA)is proposed to simulate physical attacks.Different from the process of physical attacks,when an IPAA is conducted,a photo of the adversarial sticker is embedded into a facial image as the input to attack FR systems,which can obtain results similar to those of physical attacks without inviting any volunteers.The results show that IPAA has a higher similarity with physical attacks than digital attacks,indicating that IPAA is able to evaluate the performance of physical attacks.IPAA is effective in quantitatively measuring the impact of the sticker location on the results of attacks.
基金Project supported by the National Natural Science Foundation of China (No.60776027)
文摘This paper presents a security strategy for resisting a physical attack utilizing data remanence in powered- off static random access memory (SRAM). Based on the mechanism of physical attack to data remanence, the strategy intends to erase data remanence in memory cells once the power supply is removed, which disturbs attackers trying to steal the right information. Novel on-chip secure circuits including secure power supply and erase transistor are integrated into conventional SRAM to realize erase operation. Implemented in 0.25μm Huahong-NEC CMOS technology, an SRAM exploiting the proposed security strategy shows the erase operation is accomplished within 0.2 μs and data remanence is successfully eliminated. Compared with conventional SRAM, the retentive time of data remanence is reduced by 82% while the operation power consumption only increases by 7%.
文摘The national grid and other life-sustaining critical infrastructures face an unprecedented threat from prolonged blackouts,which could last over a year and pose a severe risk to national security.Whether caused by physical attacks,EMP(electromagnetic pulse)events,or cyberattacks,such disruptions could cripple essential services like water supply,healthcare,communication,and transportation.Research indicates that an attack on just nine key substations could result in a coast-to-coast blackout lasting up to 18 months,leading to economic collapse,civil unrest,and a breakdown of public order.This paper explores the key vulnerabilities of the grid,the potential impacts of prolonged blackouts,and the role of AI(artificial intelligence)and ML(machine learning)in mitigating these threats.AI-driven cybersecurity measures,predictive maintenance,automated threat response,and EMP resilience strategies are discussed as essential solutions to bolster grid security.Policy recommendations emphasize the need for hardened infrastructure,enhanced cybersecurity,redundant power systems,and AI-based grid management to ensure national resilience.Without proactive measures,the nation remains exposed to a catastrophic power grid failure that could have dire consequences for society and the economy.
文摘Detecting sophisticated cyberattacks,mainly Distributed Denial of Service(DDoS)attacks,with unexpected patterns remains challenging in modern networks.Traditional detection systems often struggle to mitigate such attacks in conventional and software-defined networking(SDN)environments.While Machine Learning(ML)models can distinguish between benign and malicious traffic,their limited feature scope hinders the detection of new zero-day or low-rate DDoS attacks requiring frequent retraining.In this paper,we propose a novel DDoS detection framework that combines Machine Learning(ML)and Ensemble Learning(EL)techniques to improve DDoS attack detection and mitigation in SDN environments.Our model leverages the“DDoS SDN”dataset for training and evaluation and employs a dynamic feature selection mechanism that enhances detection accuracy by focusing on the most relevant features.This adaptive approach addresses the limitations of conventional ML models and provides more accurate detection of various DDoS attack scenarios.Our proposed ensemble model introduces an additional layer of detection,increasing reliability through the innovative application of ensemble techniques.The proposed solution significantly enhances the model’s ability to identify and respond to dynamic threats in SDNs.It provides a strong foundation for proactive DDoS detection and mitigation,enhancing network defenses against evolving threats.Our comprehensive runtime analysis of Simultaneous Multi-Threading(SMT)on identical configurations shows superior accuracy and efficiency,with significantly reduced computational time,making it ideal for real-time DDoS detection in dynamic,rapidly changing SDNs.Experimental results demonstrate that our model achieves outstanding performance,outperforming traditional algorithms with 99%accuracy using Random Forest(RF)and K-Nearest Neighbors(KNN)and 98%accuracy using XGBoost.
基金supported by the National Natural Science Foundation of China(Nos.62376186 and 61932009)。
文摘Autonomous driving systems(ADSs)have attracted wide attention in the machine learning communities.With the help of deep neural networks(DNNs),ADSs have shown both satisfactory performance under significant uncertainties in the environment and the ability to compensate for system failures without external intervention.However,the vulnerability of ADSs has raised concerns since DNNs have been proven vulnerable to adversarial attacks.In this paper,we present a comprehensive survey of current physical adversarial vulnerabilities in ADSs.We first divide the physical adversarial attack methods and defense methods by their restrictions of deployment into three scenarios:the real-world,simulator-based,and digital-world scenarios.Then,we consider the adversarial vulnerabilities that focus on various sensors in ADSs and separate them as camera-based,light detection and ranging(LiDAR)based,and multifusion-based attacks.Subsequently,we divide the attack tasks by traffic elements.For the physical defenses,we establish the taxonomy with reference to input image preprocessing,adversarial example detection,and model enhancement for the DNN models to achieve full coverage of the adversarial defenses.Based on the above survey,we finally discuss the challenges in this research field and provide further outlook on future directions.
基金This research was supported by Basic Science Research Program through the National Research Foundation of Korea(NRF)funded by the Ministry of Education(NRF2019R1A2C1085718)was supported by the Soonchunhyang University Research Fund.
文摘Recently,with the advancement of Information and Communications Technology(ICT),Internet of Things(IoT)has been connected to the cloud and used in industrial sectors,medical environments,and smart grids.However,if data is transmitted in plain text when collecting data in an IoTcloud environment,it can be exposed to various security threats such as replay attacks and data forgery.Thus,digital signatures are required.Data integrity is ensured when a user(or a device)transmits data using a signature.In addition,the concept of data aggregation is important to efficiently collect data transmitted from multiple users(or a devices)in an industrial IoT environment.However,signatures based on pairing during aggregation compromise efficiency as the number of signatories increases.Aggregate signature methods(e.g.,identity-based and certificateless cryptography)have been studied.Both methods pose key escrow and key distribution problems.In order to solve these problems,the use of aggregate signatures in certificate-based cryptography is being studied,and studies to satisfy the prevention of forgery of signatures and other security problems are being conducted.In this paper,we propose a new lightweight signature scheme that uses a certificate-based aggregate signature and can generate and verify signed messages from IoT devices in an IoT-cloud environment.In this proposed method,by providing key insulation,security threats that occur when keys are exposed due to physical attacks such as side channels can be solved.This can be applied to create an environment in which data is collected safely and efficiently in IoT-cloud is environments.
基金supported in part by the National Natural Science Foundation of China(61227801,61121001,61201152,and 61421061)the Program for New Century Excellent Talents in University(NCET-01-0259)the Fundamental Research Funds for the Central Universities(2013RC0106)
文摘In the last decade,cognitive radio(CR) has emerged as a major next generation wireless networking technology,which is the most promising candidate solution to solve the spectrum scarcity and improve the spectrum utilization.However,there exist enormous challenges for the open and random access environment of CRNs,where the unlicensed secondary users(SUs) can use the channels that are not currently used by the licensed primary users(PUs) via spectrum-sensing technology.Because of this access method,some malicious users may access the cognitive network arbitrarily and launch some special attacks,such as primary user emulation attack,falsifying data or denial of service attack,which will cause serious damage to the cognitive radio network.In addition to the specifi c security threats of cognitive network,CRNs also face up to the conventional security threats,such as eavesdropping,tampering,imitation,forgery,and noncooperation etc..Hence,Cognitive radio networks have much more risks than traditional wireless networks with its special network model.In this paper,we considered the security threats from passive and active attacks.Firstly,the PHY layer security is presented in the view of passive attacks,and it is a compelling idea of using the physical properties of the radio channel to help provide secure wireless communications.Moreover,malicious user detection is introduced in the view of active attacks by means of the signal detection techniques to decrease the interference and the probabilities of false alarm and missed detection.Finally,we discuss the general countermeasures of security threats in three phases.In particular,we discuss the far reaching effect of defensive strategy against attacks in CRNs.
基金supported by the Open Research Fund of The State Key Laboratory of Blockchain and Data Security,Zhejiang University,the Fundamental Research Funds for the Central Universities,Sun Yat-sen University(No.23xkjc010)Shenzhen Science and Technology Program(Nos.RCYX20221008092849068,JCYJ20220530145209022,KOTD20221101093559018,and JCYJ20220818102012025).
文摘Visual language pre-training(VLP)models have demonstrated significant success in various domains,but they remain vulnerable to adversarial attacks.Addressing these adversarial vulnerabilities is crucial for enhancing security in multi-modal learning.Traditionally,adversarial methods that target VLP models involve simultaneous perturbation of images and text.However,this approach faces significant challenges.First,adversarial perturbations often fail to translate effectively into real-world scenarios.Second,direct modifications to the text are conspicuously visible.To overcome these limitations,we propose a novel strategy that uses only image patches for attacks,thus preserving the integrity of the original text.Our method leverages prior knowledge from diffusion models to enhance the authenticity and naturalness of the perturbations.Moreover,to optimize patch placement and improve the effectiveness of our attacks,we utilize the cross-attention mechanism,which encapsulates inter-modal interactions by generating attention maps to guide strategic patch placement.Extensive experiments conducted in a white-box setting for image-to-text scenarios reveal that our proposed method significantly outperforms existing techniques,achieving a 100%attack success rate.
