Deep neural networks(DNNs)have found extensive applications in safety-critical artificial intelligence systems,such as autonomous driving and facial recognition systems.However,recent research has revealed their susce...Deep neural networks(DNNs)have found extensive applications in safety-critical artificial intelligence systems,such as autonomous driving and facial recognition systems.However,recent research has revealed their susceptibility to backdoors maliciously injected by adversaries.This vulnerability arises due to the intricate architecture and opacity of DNNs,resulting in numerous redundant neurons embedded within the models.Adversaries exploit these vulnerabilities to conceal malicious backdoor information within DNNs,thereby causing erroneous outputs and posing substantial threats to the efficacy of DNN-based applications.This article presents a comprehensive survey of backdoor attacks against DNNs and the countermeasure methods employed to mitigate them.Initially,we trace the evolution of the concept from traditional backdoor attacks to backdoor attacks against DNNs,highlighting the feasibility and practicality of generating backdoor attacks against DNNs.Subsequently,we provide an overview of notable works encompassing various attack and defense strategies,facilitating a comparative analysis of their approaches.Through these discussions,we offer constructive insights aimed at refining these techniques.Finally,we extend our research perspective to the domain of large language models(LLMs)and synthesize the characteristics and developmental trends of backdoor attacks and defense methods targeting LLMs.Through a systematic review of existing studies on backdoor vulnerabilities in LLMs,we identify critical open challenges in this field and propose actionable directions for future research.展开更多
Dear Editor,The attacker is always going to intrude covertly networked control systems(NCSs)by dynamically changing false data injection attacks(FDIAs)strategy,while the defender try their best to resist attacks by de...Dear Editor,The attacker is always going to intrude covertly networked control systems(NCSs)by dynamically changing false data injection attacks(FDIAs)strategy,while the defender try their best to resist attacks by designing defense strategy on the basis of identifying attack strategy,maintaining stable operation of NCSs.To solve this attack-defense game problem,this letter investigates optimal secure control of NCSs under FDIAs.First,for the alterations of energy caused by false data,a novel attack-defense game model is constructed,which considers the changes of energy caused by the actions of the defender and attacker in the forward and feedback channels.展开更多
With the rapid developments of artificial intelligence(AI)and deep learning(DL)techniques,it is critical to ensure the security and robustness of the deployed algorithms.Recently,the security vulnerability of DL algor...With the rapid developments of artificial intelligence(AI)and deep learning(DL)techniques,it is critical to ensure the security and robustness of the deployed algorithms.Recently,the security vulnerability of DL algorithms to adversarial samples has been widely recognized.The fabricated samples can lead to various misbehaviors of the DL models while being perceived as benign by humans.Successful implementations of adversarial attacks in real physical-world scenarios further demonstrate their practicality.Hence,adversarial attack and defense techniques have attracted increasing attention from both machine learning and security communities and have become a hot research topic in recent years.In this paper,we first introduce the theoretical foundations,algorithms,and applications of adversarial attack techniques.We then describe a few research efforts on the defense techniques,which cover the broad frontier in the field.Several open problems and challenges are subsequently discussed,which we hope will provoke further research efforts in this critical area.展开更多
Graph Neural Networks(GNNs)have demonstrated outstanding capabilities in processing graph-structured data and are increasingly being integrated into large-scale pre-trained models,such as Large Language Models(LLMs),t...Graph Neural Networks(GNNs)have demonstrated outstanding capabilities in processing graph-structured data and are increasingly being integrated into large-scale pre-trained models,such as Large Language Models(LLMs),to enhance structural reasoning,knowledge retrieval,and memory management.The expansion of their application scope imposes higher requirements on the robustness of GNNs.However,as GNNs are applied to more dynamic and heterogeneous environments,they become increasingly vulnerable to real-world perturbations.In particular,graph data frequently encounters joint adversarial perturbations that simultaneously affect both structures and features,which are significantly more challenging than isolated attacks.These disruptions,caused by incomplete data,malicious attacks,or inherent noise,pose substantial threats to the stable and reliable performance of traditional GNN models.To address this issue,this study proposes the Dual-Shield Graph Neural Network(DSGNN),a defense model that simultaneously mitigates structural and feature perturbations.DSGNN utilizes two parallel GNN channels to independently process structural noise and feature noise,and introduces an adaptive fusion mechanism that integrates information from both pathways to generate robust node representations.Theoretical analysis demonstrates that DSGNN achieves a tighter robustness boundary under joint perturbations compared to conventional single-channel methods.Experimental evaluations across Cora,CiteSeer,and Industry datasets show that DSGNN achieves the highest average classification accuracy under various adversarial settings,reaching 81.24%,71.94%,and 81.66%,respectively,outperforming GNNGuard,GCN-Jaccard,GCN-SVD,RGCN,and NoisyGNN.These results underscore the importance of multi-view perturbation decoupling in constructing resilient GNN models for real-world applications.展开更多
The service and application of a network is a behavioral process that is oriented toward its operations and tasks, whose metrics and evaluation are still somewhat of a rough comparison, This paper describes sce- nes o...The service and application of a network is a behavioral process that is oriented toward its operations and tasks, whose metrics and evaluation are still somewhat of a rough comparison, This paper describes sce- nes of network behavior as differential manifolds, Using the homeomorphic transformation of smooth differential manifolds, we provide a mathematical definition of network behavior and propose a mathe- matical description of the network behavior path and behavior utility, Based on the principle of differen- tial geometry, this paper puts forward the function of network behavior and a calculation method to determine behavior utility, and establishes the calculation principle of network behavior utility, We also provide a calculation framework for assessment of the network's attack-defense confrontation on the strength of behavior utility, Therefore, this paper establishes a mathematical foundation for the objective measurement and precise evaluation of network behavior,展开更多
Wireless sensor networks (WSNs) have many potential applications [1,2] and unique challenges. They usually consist of hundreds or thousands of small sensor nodes such as MICA2, which operate autonomously;conditions su...Wireless sensor networks (WSNs) have many potential applications [1,2] and unique challenges. They usually consist of hundreds or thousands of small sensor nodes such as MICA2, which operate autonomously;conditions such as cost, invisible deployment and many application domains, lead to small size and resource limited sensors [3]. WSNs are susceptible to many types of link layer attacks [1] and most of traditional network security techniques are unusable on WSNs [3];This is due to wireless and shared nature of communication channel, untrusted transmissions, deployment in open environments, unattended nature and limited resources [1]. Therefore security is a vital requirement for these networks;but we have to design a proper security mechanism that attends to WSN’s constraints and requirements. In this paper, we focus on security of WSNs, divide it (the WSNs security) into four categories and will consider them, include: an overview of WSNs, security in WSNs, the threat model on WSNs, a wide variety of WSNs’ link layer attacks and a comparison of them. This work enables us to identify the purpose and capabilities of the attackers;furthermore, the goal and effects of the link layer attacks on WSNs are introduced. Also, this paper discusses known approaches of security detection and defensive mechanisms against the link layer attacks;this would enable IT security managers to manage the link layer attacks of WSNs more effectively.展开更多
This paper puts forward the plan on constructing information security attack and defense platform based on cloud computing and virtualization, provides the hardware topology structure of the platform and technical fra...This paper puts forward the plan on constructing information security attack and defense platform based on cloud computing and virtualization, provides the hardware topology structure of the platform and technical framework of the system and the experimental process and technical principle of the platform. The experiment platform can provide more than 20 attack classes. Using the virtualization technology can build hypothesized target of various types in the laboratory and diversified network structure to carry out attack and defense experiment.展开更多
Due to our increasing dependence on infrastructure networks,the attack and defense game in these networks has draw great concerns from security agencies.Moreover,when it comes to evaluating the payoffs in practical at...Due to our increasing dependence on infrastructure networks,the attack and defense game in these networks has draw great concerns from security agencies.Moreover,when it comes to evaluating the payoffs in practical attack and defense games in infrastructure networks,the lack of consideration for the fuzziness and uncertainty of subjective human judgment brings forth significant challenges to the analysis of strategic interactions among decision makers.This paper employs intuitionistic fuzzy sets(IFSs)to depict such uncertain payoffs,and introduce a theoretical framework for analyzing the attack and defense game in infrastructure networks based on intuitionistic fuzzy theory.We take the changes in three complex network metrics as the universe of discourse,and intuitionistic fuzzy sets are employed based on this universe of discourse to reflect the satisfaction of decision makers.We employ an algorithm based on intuitionistic fuzzy theory to find the Nash equilibrium,and conduct experiments on both local and global networks.Results show that:(1)the utilization of intuitionistic fuzzy sets to depict the payoffs of attack and defense games in infrastructure networks can reflect the unique characteristics of decision makers’subjective preferences.(2)the use of differently weighted proportions of the three complex network metrics has little impact on decision makers’choices of different strategies.展开更多
The Domain Name System(DNS) is suffering from the vulnerabilities exploited to launch the cache poisoning attack. Inspired by biodiversity, we design and implement a non-intrusive and tolerant secure architecture Mult...The Domain Name System(DNS) is suffering from the vulnerabilities exploited to launch the cache poisoning attack. Inspired by biodiversity, we design and implement a non-intrusive and tolerant secure architecture Multi-DNS(MDNS) to deal with it. MDNS consists of Scheduling Proxy and DNS server pool with heterogeneous DNSs in it. And the Scheduling Proxy dynamically schedules m DNSs to provide service in parallel and adopts the vote results from majority of DNSs to decide valid replies. And benefit from the centralized control of software defined networking(SDN), we implement a proof of concept for it. Evaluation results prove the validity and availability of MDNS and its intrusion/fault tolerance, while the average delay can be controlled in 0.3s.展开更多
These days,deep learning and computer vision are much-growing fields in this modern world of information technology.Deep learning algorithms and computer vision have achieved great success in different applications li...These days,deep learning and computer vision are much-growing fields in this modern world of information technology.Deep learning algorithms and computer vision have achieved great success in different applications like image classification,speech recognition,self-driving vehicles,disease diagnostics,and many more.Despite success in various applications,it is found that these learning algorithms face severe threats due to adversarial attacks.Adversarial examples are inputs like images in the computer vision field,which are intentionally slightly changed or perturbed.These changes are humanly imperceptible.But are misclassified by a model with high probability and severely affects the performance or prediction.In this scenario,we present a deep image restoration model that restores adversarial examples so that the target model is classified correctly again.We proved that our defense method against adversarial attacks based on a deep image restoration model is simple and state-of-the-art by providing strong experimental results evidence.We have used MNIST and CIFAR10 datasets for experiments and analysis of our defense method.In the end,we have compared our method to other state-ofthe-art defense methods and proved that our results are better than other rival methods.展开更多
With the explosive growth of network applications,the threat of the malicious code against network security becomes increasingly serious.In this paper we explore the mechanism of the malicious code by giving an attack...With the explosive growth of network applications,the threat of the malicious code against network security becomes increasingly serious.In this paper we explore the mechanism of the malicious code by giving an attack model of the malicious code,and discuss the critical techniques of implementation and prevention against the malicious code.The remaining problems and emerging trends in this area are also addressed in the paper.展开更多
Vehicular Ad-hoc Networks (VANETs) technology has recently emerged, and gaining significant attention from the research because it is promising technologies related to Intelligent Transportation System (ITSs) and smar...Vehicular Ad-hoc Networks (VANETs) technology has recently emerged, and gaining significant attention from the research because it is promising technologies related to Intelligent Transportation System (ITSs) and smart cities. Wireless vehicular communication is employed to improve traffic safety and to reduce traffic congestion. Each vehicle in the ad-hoc network achieves as a smart mobile node categorized by high mobility and forming of dynamic networks. As a result of the movement of vehicles in a continuous way, VANETs are vulnerable to many security threats so it requisites capable and secure communication. Unfortunately, Ad hoc networks are liable to varied attacks like Block Hole attacks and Grey Hole attacks, Denial of service attacks, etc. Among the most known attacks are the Black Hole attacks while the malicious vehicle is able to intercept the data and drops it without forwarding it to the cars. The main goal of our simulation is to analyze the performance impact of black hole attack in real time vehicular traffic in the Greater Detroit Area using NS-2 and SUMO (Simulation of Urban). The simulation will be with AODV protocol.展开更多
Deep Neural Networks (DNN) are widely utilized due to their outstanding performance, but the susceptibility to adversarial attacks poses significant security risks, making adversarial defense research crucial in the f...Deep Neural Networks (DNN) are widely utilized due to their outstanding performance, but the susceptibility to adversarial attacks poses significant security risks, making adversarial defense research crucial in the field of AI security. Currently, robustness defense techniques for models often rely on adversarial training, a method that tends to only defend against specific types of attacks and lacks strong generalization. In response to this challenge, this paper proposes a black-box defense method based on Image Denoising and Pix2Pix (IDP) technology. This method does not require prior knowledge of the specific attack type and eliminates the need for cumbersome adversarial training. When making predictions on unknown samples, the IDP method first undergoes denoising processing, followed by inputting the processed image into a trained Pix2Pix model for image transformation. Finally, the image generated by Pix2Pix is input into the classification model for prediction. This versatile defense approach demonstrates excellent defensive performance against common attack methods such as FGSM, I-FGSM, DeepFool, and UPSET, showcasing high flexibility and transferability. In summary, the IDP method introduces new perspectives and possibilities for adversarial sample defense, alleviating the limitations of traditional adversarial training methods and enhancing the overall robustness of models.展开更多
With the proliferation of advanced communication technologies and the deepening interdependence between cyber and physical components,power distribution networks are subject to miscellaneous security risks induced by ...With the proliferation of advanced communication technologies and the deepening interdependence between cyber and physical components,power distribution networks are subject to miscellaneous security risks induced by malicious attackers.To address the issue,this paper proposes a security risk assessment method and a risk-oriented defense resource allocation strategy for cyber-physical distribution networks(CPDNs)against coordinated cyber attacks.First,an attack graph-based CPDN architecture is constructed,and representative cyber-attack paths are drawn considering the CPDN topology and the risk propagation process.The probability of a successful coordinated cyber attack and incurred security risks are quantitatively assessed based on the absorbing Markov chain model and National Institute of Standards and Technology(NIST)standard.Next,a risk-oriented defense resource allocation strategy is proposed for CPDNs in different attack scenarios.The tradeoff between security risk and limited resource budget is formulated as a multi-objective optimization(MOO)problem,which is solved by an efficient optimal Pareto solution generation approach.By employing a generational distance metric,the optimal solution is prioritized from the optimal Pareto set of the MOO and leveraged for subsequent atomic allocation of defense resources.Several case studies on a modified IEEE 123-node test feeder substantiate the efficacy of the proposed security risk assessment method and risk-oriented defense resource allocation strategy.展开更多
基金supported in part by the National Natural Science Foundation of China under Grants No.62372087 and No.62072076the Research Fund of State Key Laboratory of Processors under Grant No.CLQ202310the CSC scholarship.
文摘Deep neural networks(DNNs)have found extensive applications in safety-critical artificial intelligence systems,such as autonomous driving and facial recognition systems.However,recent research has revealed their susceptibility to backdoors maliciously injected by adversaries.This vulnerability arises due to the intricate architecture and opacity of DNNs,resulting in numerous redundant neurons embedded within the models.Adversaries exploit these vulnerabilities to conceal malicious backdoor information within DNNs,thereby causing erroneous outputs and posing substantial threats to the efficacy of DNN-based applications.This article presents a comprehensive survey of backdoor attacks against DNNs and the countermeasure methods employed to mitigate them.Initially,we trace the evolution of the concept from traditional backdoor attacks to backdoor attacks against DNNs,highlighting the feasibility and practicality of generating backdoor attacks against DNNs.Subsequently,we provide an overview of notable works encompassing various attack and defense strategies,facilitating a comparative analysis of their approaches.Through these discussions,we offer constructive insights aimed at refining these techniques.Finally,we extend our research perspective to the domain of large language models(LLMs)and synthesize the characteristics and developmental trends of backdoor attacks and defense methods targeting LLMs.Through a systematic review of existing studies on backdoor vulnerabilities in LLMs,we identify critical open challenges in this field and propose actionable directions for future research.
基金supported in part by the National Science Foundation of China(62373240,62273224,U24A20259).
文摘Dear Editor,The attacker is always going to intrude covertly networked control systems(NCSs)by dynamically changing false data injection attacks(FDIAs)strategy,while the defender try their best to resist attacks by designing defense strategy on the basis of identifying attack strategy,maintaining stable operation of NCSs.To solve this attack-defense game problem,this letter investigates optimal secure control of NCSs under FDIAs.First,for the alterations of energy caused by false data,a novel attack-defense game model is constructed,which considers the changes of energy caused by the actions of the defender and attacker in the forward and feedback channels.
基金Ant Financial,Zhejiang University Financial Technology Research Center.
文摘With the rapid developments of artificial intelligence(AI)and deep learning(DL)techniques,it is critical to ensure the security and robustness of the deployed algorithms.Recently,the security vulnerability of DL algorithms to adversarial samples has been widely recognized.The fabricated samples can lead to various misbehaviors of the DL models while being perceived as benign by humans.Successful implementations of adversarial attacks in real physical-world scenarios further demonstrate their practicality.Hence,adversarial attack and defense techniques have attracted increasing attention from both machine learning and security communities and have become a hot research topic in recent years.In this paper,we first introduce the theoretical foundations,algorithms,and applications of adversarial attack techniques.We then describe a few research efforts on the defense techniques,which cover the broad frontier in the field.Several open problems and challenges are subsequently discussed,which we hope will provoke further research efforts in this critical area.
基金funded by the Key Research and Development Program of Zhejiang Province No.2023C01141the Science and Technology Innovation Community Project of the Yangtze River Delta No.23002410100suported by the Open Research Fund of the State Key Laboratory of Blockchain and Data Security,Zhejiang University.
文摘Graph Neural Networks(GNNs)have demonstrated outstanding capabilities in processing graph-structured data and are increasingly being integrated into large-scale pre-trained models,such as Large Language Models(LLMs),to enhance structural reasoning,knowledge retrieval,and memory management.The expansion of their application scope imposes higher requirements on the robustness of GNNs.However,as GNNs are applied to more dynamic and heterogeneous environments,they become increasingly vulnerable to real-world perturbations.In particular,graph data frequently encounters joint adversarial perturbations that simultaneously affect both structures and features,which are significantly more challenging than isolated attacks.These disruptions,caused by incomplete data,malicious attacks,or inherent noise,pose substantial threats to the stable and reliable performance of traditional GNN models.To address this issue,this study proposes the Dual-Shield Graph Neural Network(DSGNN),a defense model that simultaneously mitigates structural and feature perturbations.DSGNN utilizes two parallel GNN channels to independently process structural noise and feature noise,and introduces an adaptive fusion mechanism that integrates information from both pathways to generate robust node representations.Theoretical analysis demonstrates that DSGNN achieves a tighter robustness boundary under joint perturbations compared to conventional single-channel methods.Experimental evaluations across Cora,CiteSeer,and Industry datasets show that DSGNN achieves the highest average classification accuracy under various adversarial settings,reaching 81.24%,71.94%,and 81.66%,respectively,outperforming GNNGuard,GCN-Jaccard,GCN-SVD,RGCN,and NoisyGNN.These results underscore the importance of multi-view perturbation decoupling in constructing resilient GNN models for real-world applications.
文摘The service and application of a network is a behavioral process that is oriented toward its operations and tasks, whose metrics and evaluation are still somewhat of a rough comparison, This paper describes sce- nes of network behavior as differential manifolds, Using the homeomorphic transformation of smooth differential manifolds, we provide a mathematical definition of network behavior and propose a mathe- matical description of the network behavior path and behavior utility, Based on the principle of differen- tial geometry, this paper puts forward the function of network behavior and a calculation method to determine behavior utility, and establishes the calculation principle of network behavior utility, We also provide a calculation framework for assessment of the network's attack-defense confrontation on the strength of behavior utility, Therefore, this paper establishes a mathematical foundation for the objective measurement and precise evaluation of network behavior,
文摘Wireless sensor networks (WSNs) have many potential applications [1,2] and unique challenges. They usually consist of hundreds or thousands of small sensor nodes such as MICA2, which operate autonomously;conditions such as cost, invisible deployment and many application domains, lead to small size and resource limited sensors [3]. WSNs are susceptible to many types of link layer attacks [1] and most of traditional network security techniques are unusable on WSNs [3];This is due to wireless and shared nature of communication channel, untrusted transmissions, deployment in open environments, unattended nature and limited resources [1]. Therefore security is a vital requirement for these networks;but we have to design a proper security mechanism that attends to WSN’s constraints and requirements. In this paper, we focus on security of WSNs, divide it (the WSNs security) into four categories and will consider them, include: an overview of WSNs, security in WSNs, the threat model on WSNs, a wide variety of WSNs’ link layer attacks and a comparison of them. This work enables us to identify the purpose and capabilities of the attackers;furthermore, the goal and effects of the link layer attacks on WSNs are introduced. Also, this paper discusses known approaches of security detection and defensive mechanisms against the link layer attacks;this would enable IT security managers to manage the link layer attacks of WSNs more effectively.
文摘This paper puts forward the plan on constructing information security attack and defense platform based on cloud computing and virtualization, provides the hardware topology structure of the platform and technical framework of the system and the experimental process and technical principle of the platform. The experiment platform can provide more than 20 attack classes. Using the virtualization technology can build hypothesized target of various types in the laboratory and diversified network structure to carry out attack and defense experiment.
文摘Due to our increasing dependence on infrastructure networks,the attack and defense game in these networks has draw great concerns from security agencies.Moreover,when it comes to evaluating the payoffs in practical attack and defense games in infrastructure networks,the lack of consideration for the fuzziness and uncertainty of subjective human judgment brings forth significant challenges to the analysis of strategic interactions among decision makers.This paper employs intuitionistic fuzzy sets(IFSs)to depict such uncertain payoffs,and introduce a theoretical framework for analyzing the attack and defense game in infrastructure networks based on intuitionistic fuzzy theory.We take the changes in three complex network metrics as the universe of discourse,and intuitionistic fuzzy sets are employed based on this universe of discourse to reflect the satisfaction of decision makers.We employ an algorithm based on intuitionistic fuzzy theory to find the Nash equilibrium,and conduct experiments on both local and global networks.Results show that:(1)the utilization of intuitionistic fuzzy sets to depict the payoffs of attack and defense games in infrastructure networks can reflect the unique characteristics of decision makers’subjective preferences.(2)the use of differently weighted proportions of the three complex network metrics has little impact on decision makers’choices of different strategies.
基金partly supported by the National key Research and Development Program of China (No.2016YFB0800100, 2016YFB0800101)the National Natural Science Fund for Creative Research Groups Project (No.61521003)the National Natural Science Fund for Youth Found Project (No.61602509)
文摘The Domain Name System(DNS) is suffering from the vulnerabilities exploited to launch the cache poisoning attack. Inspired by biodiversity, we design and implement a non-intrusive and tolerant secure architecture Multi-DNS(MDNS) to deal with it. MDNS consists of Scheduling Proxy and DNS server pool with heterogeneous DNSs in it. And the Scheduling Proxy dynamically schedules m DNSs to provide service in parallel and adopts the vote results from majority of DNSs to decide valid replies. And benefit from the centralized control of software defined networking(SDN), we implement a proof of concept for it. Evaluation results prove the validity and availability of MDNS and its intrusion/fault tolerance, while the average delay can be controlled in 0.3s.
文摘These days,deep learning and computer vision are much-growing fields in this modern world of information technology.Deep learning algorithms and computer vision have achieved great success in different applications like image classification,speech recognition,self-driving vehicles,disease diagnostics,and many more.Despite success in various applications,it is found that these learning algorithms face severe threats due to adversarial attacks.Adversarial examples are inputs like images in the computer vision field,which are intentionally slightly changed or perturbed.These changes are humanly imperceptible.But are misclassified by a model with high probability and severely affects the performance or prediction.In this scenario,we present a deep image restoration model that restores adversarial examples so that the target model is classified correctly again.We proved that our defense method against adversarial attacks based on a deep image restoration model is simple and state-of-the-art by providing strong experimental results evidence.We have used MNIST and CIFAR10 datasets for experiments and analysis of our defense method.In the end,we have compared our method to other state-ofthe-art defense methods and proved that our results are better than other rival methods.
基金Supported by the National Natural Science Foundationof China(60083007)the Special Funds for Major State Basic Re-search Program of China(973 Program)(G1999035810)
文摘With the explosive growth of network applications,the threat of the malicious code against network security becomes increasingly serious.In this paper we explore the mechanism of the malicious code by giving an attack model of the malicious code,and discuss the critical techniques of implementation and prevention against the malicious code.The remaining problems and emerging trends in this area are also addressed in the paper.
文摘Vehicular Ad-hoc Networks (VANETs) technology has recently emerged, and gaining significant attention from the research because it is promising technologies related to Intelligent Transportation System (ITSs) and smart cities. Wireless vehicular communication is employed to improve traffic safety and to reduce traffic congestion. Each vehicle in the ad-hoc network achieves as a smart mobile node categorized by high mobility and forming of dynamic networks. As a result of the movement of vehicles in a continuous way, VANETs are vulnerable to many security threats so it requisites capable and secure communication. Unfortunately, Ad hoc networks are liable to varied attacks like Block Hole attacks and Grey Hole attacks, Denial of service attacks, etc. Among the most known attacks are the Black Hole attacks while the malicious vehicle is able to intercept the data and drops it without forwarding it to the cars. The main goal of our simulation is to analyze the performance impact of black hole attack in real time vehicular traffic in the Greater Detroit Area using NS-2 and SUMO (Simulation of Urban). The simulation will be with AODV protocol.
文摘Deep Neural Networks (DNN) are widely utilized due to their outstanding performance, but the susceptibility to adversarial attacks poses significant security risks, making adversarial defense research crucial in the field of AI security. Currently, robustness defense techniques for models often rely on adversarial training, a method that tends to only defend against specific types of attacks and lacks strong generalization. In response to this challenge, this paper proposes a black-box defense method based on Image Denoising and Pix2Pix (IDP) technology. This method does not require prior knowledge of the specific attack type and eliminates the need for cumbersome adversarial training. When making predictions on unknown samples, the IDP method first undergoes denoising processing, followed by inputting the processed image into a trained Pix2Pix model for image transformation. Finally, the image generated by Pix2Pix is input into the classification model for prediction. This versatile defense approach demonstrates excellent defensive performance against common attack methods such as FGSM, I-FGSM, DeepFool, and UPSET, showcasing high flexibility and transferability. In summary, the IDP method introduces new perspectives and possibilities for adversarial sample defense, alleviating the limitations of traditional adversarial training methods and enhancing the overall robustness of models.
基金supported by the National Natural Science Foundation of China(No.52377086)the Postgraduate Research&Practice Innovation Program of Jiangsu Province(No.SJCX23_0063)。
文摘With the proliferation of advanced communication technologies and the deepening interdependence between cyber and physical components,power distribution networks are subject to miscellaneous security risks induced by malicious attackers.To address the issue,this paper proposes a security risk assessment method and a risk-oriented defense resource allocation strategy for cyber-physical distribution networks(CPDNs)against coordinated cyber attacks.First,an attack graph-based CPDN architecture is constructed,and representative cyber-attack paths are drawn considering the CPDN topology and the risk propagation process.The probability of a successful coordinated cyber attack and incurred security risks are quantitatively assessed based on the absorbing Markov chain model and National Institute of Standards and Technology(NIST)standard.Next,a risk-oriented defense resource allocation strategy is proposed for CPDNs in different attack scenarios.The tradeoff between security risk and limited resource budget is formulated as a multi-objective optimization(MOO)problem,which is solved by an efficient optimal Pareto solution generation approach.By employing a generational distance metric,the optimal solution is prioritized from the optimal Pareto set of the MOO and leveraged for subsequent atomic allocation of defense resources.Several case studies on a modified IEEE 123-node test feeder substantiate the efficacy of the proposed security risk assessment method and risk-oriented defense resource allocation strategy.
