The rapid digitalization of urban infrastructure has made smart cities increasingly vulnerable to sophisticated cyber threats.In the evolving landscape of cybersecurity,the efficacy of Intrusion Detection Systems(IDS)...The rapid digitalization of urban infrastructure has made smart cities increasingly vulnerable to sophisticated cyber threats.In the evolving landscape of cybersecurity,the efficacy of Intrusion Detection Systems(IDS)is increasingly measured by technical performance,operational usability,and adaptability.This study introduces and rigorously evaluates a Human-Computer Interaction(HCI)-Integrated IDS with the utilization of Convolutional Neural Network(CNN),CNN-Long Short Term Memory(LSTM),and Random Forest(RF)against both a Baseline Machine Learning(ML)and a Traditional IDS model,through an extensive experimental framework encompassing many performance metrics,including detection latency,accuracy,alert prioritization,classification errors,system throughput,usability,ROC-AUC,precision-recall,confusion matrix analysis,and statistical accuracy measures.Our findings consistently demonstrate the superiority of the HCI-Integrated approach utilizing three major datasets(CICIDS 2017,KDD Cup 1999,and UNSW-NB15).Experimental results indicate that the HCI-Integrated model outperforms its counterparts,achieving an AUC-ROC of 0.99,a precision of 0.93,and a recall of 0.96,while maintaining the lowest false positive rate(0.03)and the fastest detection time(~1.5 s).These findings validate the efficacy of incorporating HCI to enhance anomaly detection capabilities,improve responsiveness,and reduce alert fatigue in critical smart city applications.It achieves markedly lower detection times,higher accuracy across all threat categories,reduced false positive and false negative rates,and enhanced system throughput under concurrent load conditions.The HCIIntegrated IDS excels in alert contextualization and prioritization,offering more actionable insights while minimizing analyst fatigue.Usability feedback underscores increased analyst confidence and operational clarity,reinforcing the importance of user-centered design.These results collectively position the HCI-Integrated IDS as a highly effective,scalable,and human-aligned solution for modern threat detection environments.展开更多
With the development of information networks, the problem of power security has increasingly caused many attention of people, but the simple power security defense system has been difficult to meet the current complex...With the development of information networks, the problem of power security has increasingly caused many attention of people, but the simple power security defense system has been difficult to meet the current complex network environment. Aiming at this situation, by using the method of T-S fuzzy neural network model to analyze the characteristics of the data transmission in network, it has obtained corresponding threat information. By processing these threat information, it completes the construction of three-dimensional power security defense system. The paper carries on the corresponding data training methods by using T-shirt model fuzzy neural network, which has certain reference significance for the data analysis of other similar fields. At the same time, the study of building on the three-dimensional power security defense system aims to provide a theoretical reference for solving the security defense of the current complex network environment.展开更多
The national grid and other life-sustaining critical infrastructures face an unprecedented threat from prolonged blackouts,which could last over a year and pose a severe risk to national security.Whether caused by phy...The national grid and other life-sustaining critical infrastructures face an unprecedented threat from prolonged blackouts,which could last over a year and pose a severe risk to national security.Whether caused by physical attacks,EMP(electromagnetic pulse)events,or cyberattacks,such disruptions could cripple essential services like water supply,healthcare,communication,and transportation.Research indicates that an attack on just nine key substations could result in a coast-to-coast blackout lasting up to 18 months,leading to economic collapse,civil unrest,and a breakdown of public order.This paper explores the key vulnerabilities of the grid,the potential impacts of prolonged blackouts,and the role of AI(artificial intelligence)and ML(machine learning)in mitigating these threats.AI-driven cybersecurity measures,predictive maintenance,automated threat response,and EMP resilience strategies are discussed as essential solutions to bolster grid security.Policy recommendations emphasize the need for hardened infrastructure,enhanced cybersecurity,redundant power systems,and AI-based grid management to ensure national resilience.Without proactive measures,the nation remains exposed to a catastrophic power grid failure that could have dire consequences for society and the economy.展开更多
We propose two schemes for realizing quantum secure direct communication (QSDC)by using a set ofordered two-photon three-dimensional hyperentangled states entangled in two degrees of freedom (DOFs)as quantuminformatio...We propose two schemes for realizing quantum secure direct communication (QSDC)by using a set ofordered two-photon three-dimensional hyperentangled states entangled in two degrees of freedom (DOFs)as quantuminformation channels.In the first scheme,the photons from Bob to Alice are transmitted only once.After insuring thesecurity of the quantum channels,Bob encodes the secret message on his photons.Then Alice performs single-photontwo-DOF Bell bases measurements on her photons.This scheme has better security than former QSDC protocols.In thesecond scheme,Bob transmits photons to Alice twice.After insuring the security of the quantum channels,Bob encodesthe secret message on his photons.Then Alice performs two-photon Bell bases measurements on each DOF.The schemehas more information capacity than former QSDC protocols.展开更多
The accelerated advancement of the Internet of Things(IoT)has generated substantial data,including sensitive and private information.Consequently,it is imperative to guarantee the security of data sharing.While facili...The accelerated advancement of the Internet of Things(IoT)has generated substantial data,including sensitive and private information.Consequently,it is imperative to guarantee the security of data sharing.While facilitating fine-grained access control,Ciphertext Policy Attribute-Based Encryption(CP-ABE)can effectively ensure the confidentiality of shared data.Nevertheless,the conventional centralized CP-ABE scheme is plagued by the issues of keymisuse,key escrow,and large computation,which will result in security risks.This paper suggests a lightweight IoT data security sharing scheme that integrates blockchain technology and CP-ABE to address the abovementioned issues.The integrity and traceability of shared data are guaranteed by the use of blockchain technology to store and verify access transactions.The encryption and decryption operations of the CP-ABE algorithm have been implemented using elliptic curve scalarmultiplication to accommodate lightweight IoT devices,as opposed to themore arithmetic bilinear pairing found in the traditional CP-ABE algorithm.Additionally,a portion of the computation is delegated to the edge nodes to alleviate the computational burden on users.A distributed key management method is proposed to address the issues of key escrow andmisuse.Thismethod employs the edge blockchain to facilitate the storage and distribution of attribute private keys.Meanwhile,data security sharing is enhanced by combining off-chain and on-chain ciphertext storage.The security and performance analysis indicates that the proposed scheme is more efficient and secure.展开更多
The integration of artificial intelligence(AI)technology,particularly large language models(LLMs),has become essential across various sectors due to their advanced language comprehension and generation capabilities.De...The integration of artificial intelligence(AI)technology,particularly large language models(LLMs),has become essential across various sectors due to their advanced language comprehension and generation capabilities.Despite their transformative impact in fields such as machine translation and intelligent dialogue systems,LLMs face significant challenges.These challenges include safety,security,and privacy concerns that undermine their trustworthiness and effectiveness,such as hallucinations,backdoor attacks,and privacy leakage.Previous works often conflated safety issues with security concerns.In contrast,our study provides clearer and more reasonable definitions for safety,security,and privacy within the context of LLMs.Building on these definitions,we provide a comprehensive overview of the vulnerabilities and defense mechanisms related to safety,security,and privacy in LLMs.Additionally,we explore the unique research challenges posed by LLMs and suggest potential avenues for future research,aiming to enhance the robustness and reliability of LLMs in the face of emerging threats.展开更多
Unmanned aerial vehicles(UAVs)are en-visioned as a promising means of providing wireless services for various complex terrains and emergency situations.In this paper,we consider a wireless UAV-enabled cognitive commun...Unmanned aerial vehicles(UAVs)are en-visioned as a promising means of providing wireless services for various complex terrains and emergency situations.In this paper,we consider a wireless UAV-enabled cognitive communication network,where a rotary-wing UAV transmits confidential information to a ground cognitive user over the spectrum assigned to primary users(PUs),while eavesdroppers attempt to wiretap the legitimate transmission.In order to en-hance the secrecy performance of wireless communi-cations,the secrecy rate(SR)of the UAV-enabled cog-nitive communication system is maximized through optimizing UAV three-dimensional(3D)flying trajec-tory while satisfying the requirements of UAV’s initial and final locations and guaranteeing the constraint of maximum speed of UAV and the interference thresh-old of each PU.However,the formulated SR maxi-mization(SRM)problem is non-convex.For the pur-pose of dealing with this intractable problem,we em-ploy the difference of two-convex functions approxi-mation approach to convert the non-convex optimiza-tion problem into a convex one,which is then solved through applying standard convex optimization tech-niques.Moreover,an iterative 3D trajectory opti-mization algorithm for SRM scheme is proposed to achieve the near-optimal 3D trajectory.Simulation re-sults show that our proposed 3D trajectory optimiza-tion based SRM algorithm has good convergence,and the proposed SRM scheme outperforms the bench-mark approach in terms of the SR performance.展开更多
To address the problem of multi-missile cooperative interception against maneuvering targets at a prespecified impact time and desired Line-of-Sight(LOS)angles in ThreeDimensional(3D)space,this paper proposes a 3D lea...To address the problem of multi-missile cooperative interception against maneuvering targets at a prespecified impact time and desired Line-of-Sight(LOS)angles in ThreeDimensional(3D)space,this paper proposes a 3D leader-following cooperative interception guidance law.First,in the LOS direction of the leader,an impact time-controlled guidance law is derived based on the fixed-time stability theory,which enables the leader to complete the interception task at a prespecified impact time.Next,in the LOS direction of the followers,by introducing a time consensus tracking error function,a fixed-time consensus tracking guidance law is investigated to guarantee the consensus tracking convergence of the time-to-go.Then,in the direction normal to the LOS,by combining the designed global integral sliding mode surface and the second-order Sliding Mode Control(SMC)theory,an innovative 3D LOS-angle-constrained interception guidance law is developed,which eliminates the reaching phase in the traditional sliding mode guidance laws and effectively saves energy consumption.Moreover,it effectively suppresses the chattering phenomenon while avoiding the singularity issue,and compensates for unknown interference caused by target maneuvering online,making it convenient for practical engineering applications.Finally,theoretical proof analysis and multiple sets of numerical simulation results verify the effectiveness,superiority,and robustness of the investigated guidance law.展开更多
Software security poses substantial risks to our society because software has become part of our life. Numerous techniques have been proposed to resolve or mitigate the impact of software security issues. Among them, ...Software security poses substantial risks to our society because software has become part of our life. Numerous techniques have been proposed to resolve or mitigate the impact of software security issues. Among them, software testing and analysis are two of the critical methods, which significantly benefit from the advancements in deep learning technologies. Due to the successful use of deep learning in software security, recently,researchers have explored the potential of using large language models(LLMs) in this area. In this paper, we systematically review the results focusing on LLMs in software security. We analyze the topics of fuzzing, unit test, program repair, bug reproduction, data-driven bug detection, and bug triage. We deconstruct these techniques into several stages and analyze how LLMs can be used in the stages. We also discuss the future directions of using LLMs in software security, including the future directions for the existing use of LLMs and extensions from conventional deep learning research.展开更多
Internet of Things(IoT)refers to the infrastructures that connect smart devices to the Internet,operating autonomously.This connectivitymakes it possible to harvest vast quantities of data,creating new opportunities f...Internet of Things(IoT)refers to the infrastructures that connect smart devices to the Internet,operating autonomously.This connectivitymakes it possible to harvest vast quantities of data,creating new opportunities for the emergence of unprecedented knowledge.To ensure IoT securit,various approaches have been implemented,such as authentication,encoding,as well as devices to guarantee data integrity and availability.Among these approaches,Intrusion Detection Systems(IDS)is an actual security solution,whose performance can be enhanced by integrating various algorithms,including Machine Learning(ML)and Deep Learning(DL),enabling proactive and accurate detection of threats.This study proposes to optimize the performance of network IDS using an ensemble learning method based on a voting classification algorithm.By combining the strengths of three powerful algorithms,Random Forest(RF),K-Nearest Neighbors(KNN),and Support Vector Machine(SVM)to detect both normal behavior and different categories of attack.Our analysis focuses primarily on the NSL-KDD dataset,while also integrating the recent Edge-IIoT dataset,tailored to industrial IoT environments.Experimental results show significant enhancements on the Edge-IIoT and NSL-KDD datasets,reaching accuracy levels between 72%to 99%,with precision between 87%and 99%,while recall values and F1-scores are also between 72%and 99%,for both normal and attack detection.Despite the promising results of this study,it suffers from certain limitations,notably the use of specific datasets and the lack of evaluations in a variety of environments.Future work could include applying this model to various datasets and evaluating more advanced ensemble strategies,with the aim of further enhancing the effectiveness of IDS.展开更多
ChatGPT is a powerful artificial intelligence(AI)language model that has demonstrated significant improvements in various natural language processing(NLP) tasks. However, like any technology, it presents potential sec...ChatGPT is a powerful artificial intelligence(AI)language model that has demonstrated significant improvements in various natural language processing(NLP) tasks. However, like any technology, it presents potential security risks that need to be carefully evaluated and addressed. In this survey, we provide an overview of the current state of research on security of using ChatGPT, with aspects of bias, disinformation, ethics, misuse,attacks and privacy. We review and discuss the literature on these topics and highlight open research questions and future directions.Through this survey, we aim to contribute to the academic discourse on AI security, enriching the understanding of potential risks and mitigations. We anticipate that this survey will be valuable for various stakeholders involved in AI development and usage, including AI researchers, developers, policy makers, and end-users.展开更多
Software-related security aspects are a growing and legitimate concern,especially with 5G data available just at our palms.To conduct research in this field,periodic comparative analysis is needed with the new techniq...Software-related security aspects are a growing and legitimate concern,especially with 5G data available just at our palms.To conduct research in this field,periodic comparative analysis is needed with the new techniques coming up rapidly.The purpose of this study is to review the recent developments in the field of security integration in the software development lifecycle(SDLC)by analyzing the articles published in the last two decades and to propose a way forward.This review follows Kitchenham’s review protocol.The review has been divided into three main stages including planning,execution,and analysis.From the selected 100 articles,it becomes evident that need of a collaborative approach is necessary for addressing critical software security risks(CSSRs)through effective risk management/estimation techniques.Quantifying risks using a numeric scale enables a comprehensive understanding of their severity,facilitating focused resource allocation and mitigation efforts.Through a comprehensive understanding of potential vulnerabilities and proactive mitigation efforts facilitated by protection poker,organizations can prioritize resources effectively to ensure the successful outcome of projects and initiatives in today’s dynamic threat landscape.The review reveals that threat analysis and security testing are needed to develop automated tools for the future.Accurate estimation of effort required to prioritize potential security risks is a big challenge in software security.The accuracy of effort estimation can be further improved by exploring new techniques,particularly those involving deep learning.It is also imperative to validate these effort estimation methods to ensure all potential security threats are addressed.Another challenge is selecting the right model for each specific security threat.To achieve a comprehensive evaluation,researchers should use well-known benchmark checklists.展开更多
This study presents an innovative approach to enhancing the security of visual medical data in the generative AI environment through the integration of blockchain technology.By combining the strengths of blockchain an...This study presents an innovative approach to enhancing the security of visual medical data in the generative AI environment through the integration of blockchain technology.By combining the strengths of blockchain and generative AI,the research team aimed to address the timely challenge of safeguarding visual medical content.The participating researchers conducted a comprehensive analysis,examining the vulnerabilities of medical AI services,personal information protection issues,and overall security weaknesses.This multi faceted exploration led to an indepth evaluation of the model’s performance and security.Notably,the correlation between accuracy,detection rate,and error rate was scrutinized.This analysis revealed insights into the model’s strengths and limitations,while the consideration of standard deviation shed light on the model’s stability and performance variability.The study proposed practical improvements,emphasizing the reduction of false negatives to enhance detection rate and leveraging blockchain technology to ensure visual data integrity in medical applications.Applying blockchain to generative AI-created medical content addresses key personal information protection issues.By utilizing the distributed ledger system of blockchain,the research team aimed to protect the privacy and integrity of medical data especially medical images.This approach not only enhances security but also enables transparent and tamperproof record-keeping.Additionally,the use of generative AI models ensures the creation of novel medical content without compromising personal information,further safeguarding patient privacy.In conclusion,this study showcases the potential of blockchain-based solutions in the medical field,particularly in securing sensitive medical data and protecting patient privacy.The proposed approach,combining blockchain and generative AI,offers a promising direction toward more robust and secure medical content management.Further research and advancements in this area will undoubtedly contribute to the development of robust and privacy-preserving healthcare systems,and visual diagnostic systems.展开更多
Liposarcoma is one of the most common soft tissue sarcomas,however,its occurrence rate is still rare compared to other cancers.Due to its rarity,in vitro experiments are an essential approach to elucidate liposarcoma ...Liposarcoma is one of the most common soft tissue sarcomas,however,its occurrence rate is still rare compared to other cancers.Due to its rarity,in vitro experiments are an essential approach to elucidate liposarcoma pathobiology.Conventional cell culture-based research(2D cell culture)is still playing a pivotal role,while several shortcomings have been recently under discussion.In vivo,mouse models are usually adopted for pre-clinical analyses with expectations to overcome the issues of 2D cell culture.However,they do not fully recapitulate human dedifferentiated liposarcoma(DDLPS)characteristics.Therefore,three-dimensional(3D)culture systems have been the recent research focus in the cell biology field with the expectation to overcome at the same time the disadvantages of 2D cell culture and in vivo animal models and fill in the gap between them.Given the liposarcoma rarity,we believe that 3D cell culture techniques,including 3D cell cultures/co-cultures,and Patient-Derived tumor Organoids(PDOs),represent a promising approach to facilitate liposarcoma investigation and elucidate its molecular mechanisms and effective therapy development.In this review,we first provide a general overview of 3D cell cultures compared to 2D cell cultures.We then focus on one of the recent 3D cell culture applications,Patient-Derived Organoids(PDOs),summarizing and discussing several PDO methodologies.Finally,we discuss the current and future applications of PDOs to sarcoma,particularly in the field of liposarcoma.展开更多
Small-drone technology has opened a range of new applications for aerial transportation. These drones leverage the Internet of Things (IoT) to offer cross-location services for navigation. However, they are susceptibl...Small-drone technology has opened a range of new applications for aerial transportation. These drones leverage the Internet of Things (IoT) to offer cross-location services for navigation. However, they are susceptible to security and privacy threats due to hardware and architectural issues. Although small drones hold promise for expansion in both civil and defense sectors, they have safety, security, and privacy threats. Addressing these challenges is crucial to maintaining the security and uninterrupted operations of these drones. In this regard, this study investigates security, and preservation concerning both the drones and Internet of Drones (IoD), emphasizing the significance of creating drone networks that are secure and can robustly withstand interceptions and intrusions. The proposed framework incorporates a weighted voting ensemble model comprising three convolutional neural network (CNN) models to enhance intrusion detection within the network. The employed CNNs are customized 1D models optimized to obtain better performance. The output from these CNNs is voted using a weighted criterion using a 0.4, 0.3, and 0.3 ratio for three CNNs, respectively. Experiments involve using multiple benchmark datasets, achieving an impressive accuracy of up to 99.89% on drone data. The proposed model shows promising results concerning precision, recall, and F1 as indicated by their obtained values of 99.92%, 99.98%, and 99.97%, respectively. Furthermore, cross-validation and performance comparison with existing works is also carried out. Findings indicate that the proposed approach offers a prospective solution for detecting security threats for aerial systems and satellite systems with high accuracy.展开更多
基金funded and supported by the Ongoing Research Funding program(ORF-2025-314),King Saud University,Riyadh,Saudi Arabia.
文摘The rapid digitalization of urban infrastructure has made smart cities increasingly vulnerable to sophisticated cyber threats.In the evolving landscape of cybersecurity,the efficacy of Intrusion Detection Systems(IDS)is increasingly measured by technical performance,operational usability,and adaptability.This study introduces and rigorously evaluates a Human-Computer Interaction(HCI)-Integrated IDS with the utilization of Convolutional Neural Network(CNN),CNN-Long Short Term Memory(LSTM),and Random Forest(RF)against both a Baseline Machine Learning(ML)and a Traditional IDS model,through an extensive experimental framework encompassing many performance metrics,including detection latency,accuracy,alert prioritization,classification errors,system throughput,usability,ROC-AUC,precision-recall,confusion matrix analysis,and statistical accuracy measures.Our findings consistently demonstrate the superiority of the HCI-Integrated approach utilizing three major datasets(CICIDS 2017,KDD Cup 1999,and UNSW-NB15).Experimental results indicate that the HCI-Integrated model outperforms its counterparts,achieving an AUC-ROC of 0.99,a precision of 0.93,and a recall of 0.96,while maintaining the lowest false positive rate(0.03)and the fastest detection time(~1.5 s).These findings validate the efficacy of incorporating HCI to enhance anomaly detection capabilities,improve responsiveness,and reduce alert fatigue in critical smart city applications.It achieves markedly lower detection times,higher accuracy across all threat categories,reduced false positive and false negative rates,and enhanced system throughput under concurrent load conditions.The HCIIntegrated IDS excels in alert contextualization and prioritization,offering more actionable insights while minimizing analyst fatigue.Usability feedback underscores increased analyst confidence and operational clarity,reinforcing the importance of user-centered design.These results collectively position the HCI-Integrated IDS as a highly effective,scalable,and human-aligned solution for modern threat detection environments.
文摘With the development of information networks, the problem of power security has increasingly caused many attention of people, but the simple power security defense system has been difficult to meet the current complex network environment. Aiming at this situation, by using the method of T-S fuzzy neural network model to analyze the characteristics of the data transmission in network, it has obtained corresponding threat information. By processing these threat information, it completes the construction of three-dimensional power security defense system. The paper carries on the corresponding data training methods by using T-shirt model fuzzy neural network, which has certain reference significance for the data analysis of other similar fields. At the same time, the study of building on the three-dimensional power security defense system aims to provide a theoretical reference for solving the security defense of the current complex network environment.
文摘The national grid and other life-sustaining critical infrastructures face an unprecedented threat from prolonged blackouts,which could last over a year and pose a severe risk to national security.Whether caused by physical attacks,EMP(electromagnetic pulse)events,or cyberattacks,such disruptions could cripple essential services like water supply,healthcare,communication,and transportation.Research indicates that an attack on just nine key substations could result in a coast-to-coast blackout lasting up to 18 months,leading to economic collapse,civil unrest,and a breakdown of public order.This paper explores the key vulnerabilities of the grid,the potential impacts of prolonged blackouts,and the role of AI(artificial intelligence)and ML(machine learning)in mitigating these threats.AI-driven cybersecurity measures,predictive maintenance,automated threat response,and EMP resilience strategies are discussed as essential solutions to bolster grid security.Policy recommendations emphasize the need for hardened infrastructure,enhanced cybersecurity,redundant power systems,and AI-based grid management to ensure national resilience.Without proactive measures,the nation remains exposed to a catastrophic power grid failure that could have dire consequences for society and the economy.
基金Supported by the National Natural Science Foundations of China under Grant Nos. 10904066 and 11004096the State Key Program for Basic Research of China under Grant No. 2011CBA00205
文摘We propose two schemes for realizing quantum secure direct communication (QSDC)by using a set ofordered two-photon three-dimensional hyperentangled states entangled in two degrees of freedom (DOFs)as quantuminformation channels.In the first scheme,the photons from Bob to Alice are transmitted only once.After insuring thesecurity of the quantum channels,Bob encodes the secret message on his photons.Then Alice performs single-photontwo-DOF Bell bases measurements on her photons.This scheme has better security than former QSDC protocols.In thesecond scheme,Bob transmits photons to Alice twice.After insuring the security of the quantum channels,Bob encodesthe secret message on his photons.Then Alice performs two-photon Bell bases measurements on each DOF.The schemehas more information capacity than former QSDC protocols.
文摘The accelerated advancement of the Internet of Things(IoT)has generated substantial data,including sensitive and private information.Consequently,it is imperative to guarantee the security of data sharing.While facilitating fine-grained access control,Ciphertext Policy Attribute-Based Encryption(CP-ABE)can effectively ensure the confidentiality of shared data.Nevertheless,the conventional centralized CP-ABE scheme is plagued by the issues of keymisuse,key escrow,and large computation,which will result in security risks.This paper suggests a lightweight IoT data security sharing scheme that integrates blockchain technology and CP-ABE to address the abovementioned issues.The integrity and traceability of shared data are guaranteed by the use of blockchain technology to store and verify access transactions.The encryption and decryption operations of the CP-ABE algorithm have been implemented using elliptic curve scalarmultiplication to accommodate lightweight IoT devices,as opposed to themore arithmetic bilinear pairing found in the traditional CP-ABE algorithm.Additionally,a portion of the computation is delegated to the edge nodes to alleviate the computational burden on users.A distributed key management method is proposed to address the issues of key escrow andmisuse.Thismethod employs the edge blockchain to facilitate the storage and distribution of attribute private keys.Meanwhile,data security sharing is enhanced by combining off-chain and on-chain ciphertext storage.The security and performance analysis indicates that the proposed scheme is more efficient and secure.
基金supported by the National Key R&D Program of China under Grant No.2022YFB3103500the National Natural Science Foundation of China under Grants No.62402087 and No.62020106013+3 种基金the Sichuan Science and Technology Program under Grant No.2023ZYD0142the Chengdu Science and Technology Program under Grant No.2023-XT00-00002-GXthe Fundamental Research Funds for Chinese Central Universities under Grants No.ZYGX2020ZB027 and No.Y030232063003002the Postdoctoral Innovation Talents Support Program under Grant No.BX20230060.
文摘The integration of artificial intelligence(AI)technology,particularly large language models(LLMs),has become essential across various sectors due to their advanced language comprehension and generation capabilities.Despite their transformative impact in fields such as machine translation and intelligent dialogue systems,LLMs face significant challenges.These challenges include safety,security,and privacy concerns that undermine their trustworthiness and effectiveness,such as hallucinations,backdoor attacks,and privacy leakage.Previous works often conflated safety issues with security concerns.In contrast,our study provides clearer and more reasonable definitions for safety,security,and privacy within the context of LLMs.Building on these definitions,we provide a comprehensive overview of the vulnerabilities and defense mechanisms related to safety,security,and privacy in LLMs.Additionally,we explore the unique research challenges posed by LLMs and suggest potential avenues for future research,aiming to enhance the robustness and reliability of LLMs in the face of emerging threats.
基金National Natural Sci-ence Foundation of China(Nos.61631020,61671253,62071253 and 91738201)the Key Project of Nat-ural Science Research of Higher Education Institu-tions of Jiangsu Province(Grant No.18KJB510031).
文摘Unmanned aerial vehicles(UAVs)are en-visioned as a promising means of providing wireless services for various complex terrains and emergency situations.In this paper,we consider a wireless UAV-enabled cognitive communication network,where a rotary-wing UAV transmits confidential information to a ground cognitive user over the spectrum assigned to primary users(PUs),while eavesdroppers attempt to wiretap the legitimate transmission.In order to en-hance the secrecy performance of wireless communi-cations,the secrecy rate(SR)of the UAV-enabled cog-nitive communication system is maximized through optimizing UAV three-dimensional(3D)flying trajec-tory while satisfying the requirements of UAV’s initial and final locations and guaranteeing the constraint of maximum speed of UAV and the interference thresh-old of each PU.However,the formulated SR maxi-mization(SRM)problem is non-convex.For the pur-pose of dealing with this intractable problem,we em-ploy the difference of two-convex functions approxi-mation approach to convert the non-convex optimiza-tion problem into a convex one,which is then solved through applying standard convex optimization tech-niques.Moreover,an iterative 3D trajectory opti-mization algorithm for SRM scheme is proposed to achieve the near-optimal 3D trajectory.Simulation re-sults show that our proposed 3D trajectory optimiza-tion based SRM algorithm has good convergence,and the proposed SRM scheme outperforms the bench-mark approach in terms of the SR performance.
文摘To address the problem of multi-missile cooperative interception against maneuvering targets at a prespecified impact time and desired Line-of-Sight(LOS)angles in ThreeDimensional(3D)space,this paper proposes a 3D leader-following cooperative interception guidance law.First,in the LOS direction of the leader,an impact time-controlled guidance law is derived based on the fixed-time stability theory,which enables the leader to complete the interception task at a prespecified impact time.Next,in the LOS direction of the followers,by introducing a time consensus tracking error function,a fixed-time consensus tracking guidance law is investigated to guarantee the consensus tracking convergence of the time-to-go.Then,in the direction normal to the LOS,by combining the designed global integral sliding mode surface and the second-order Sliding Mode Control(SMC)theory,an innovative 3D LOS-angle-constrained interception guidance law is developed,which eliminates the reaching phase in the traditional sliding mode guidance laws and effectively saves energy consumption.Moreover,it effectively suppresses the chattering phenomenon while avoiding the singularity issue,and compensates for unknown interference caused by target maneuvering online,making it convenient for practical engineering applications.Finally,theoretical proof analysis and multiple sets of numerical simulation results verify the effectiveness,superiority,and robustness of the investigated guidance law.
文摘Software security poses substantial risks to our society because software has become part of our life. Numerous techniques have been proposed to resolve or mitigate the impact of software security issues. Among them, software testing and analysis are two of the critical methods, which significantly benefit from the advancements in deep learning technologies. Due to the successful use of deep learning in software security, recently,researchers have explored the potential of using large language models(LLMs) in this area. In this paper, we systematically review the results focusing on LLMs in software security. We analyze the topics of fuzzing, unit test, program repair, bug reproduction, data-driven bug detection, and bug triage. We deconstruct these techniques into several stages and analyze how LLMs can be used in the stages. We also discuss the future directions of using LLMs in software security, including the future directions for the existing use of LLMs and extensions from conventional deep learning research.
文摘Internet of Things(IoT)refers to the infrastructures that connect smart devices to the Internet,operating autonomously.This connectivitymakes it possible to harvest vast quantities of data,creating new opportunities for the emergence of unprecedented knowledge.To ensure IoT securit,various approaches have been implemented,such as authentication,encoding,as well as devices to guarantee data integrity and availability.Among these approaches,Intrusion Detection Systems(IDS)is an actual security solution,whose performance can be enhanced by integrating various algorithms,including Machine Learning(ML)and Deep Learning(DL),enabling proactive and accurate detection of threats.This study proposes to optimize the performance of network IDS using an ensemble learning method based on a voting classification algorithm.By combining the strengths of three powerful algorithms,Random Forest(RF),K-Nearest Neighbors(KNN),and Support Vector Machine(SVM)to detect both normal behavior and different categories of attack.Our analysis focuses primarily on the NSL-KDD dataset,while also integrating the recent Edge-IIoT dataset,tailored to industrial IoT environments.Experimental results show significant enhancements on the Edge-IIoT and NSL-KDD datasets,reaching accuracy levels between 72%to 99%,with precision between 87%and 99%,while recall values and F1-scores are also between 72%and 99%,for both normal and attack detection.Despite the promising results of this study,it suffers from certain limitations,notably the use of specific datasets and the lack of evaluations in a variety of environments.Future work could include applying this model to various datasets and evaluating more advanced ensemble strategies,with the aim of further enhancing the effectiveness of IDS.
文摘ChatGPT is a powerful artificial intelligence(AI)language model that has demonstrated significant improvements in various natural language processing(NLP) tasks. However, like any technology, it presents potential security risks that need to be carefully evaluated and addressed. In this survey, we provide an overview of the current state of research on security of using ChatGPT, with aspects of bias, disinformation, ethics, misuse,attacks and privacy. We review and discuss the literature on these topics and highlight open research questions and future directions.Through this survey, we aim to contribute to the academic discourse on AI security, enriching the understanding of potential risks and mitigations. We anticipate that this survey will be valuable for various stakeholders involved in AI development and usage, including AI researchers, developers, policy makers, and end-users.
文摘Software-related security aspects are a growing and legitimate concern,especially with 5G data available just at our palms.To conduct research in this field,periodic comparative analysis is needed with the new techniques coming up rapidly.The purpose of this study is to review the recent developments in the field of security integration in the software development lifecycle(SDLC)by analyzing the articles published in the last two decades and to propose a way forward.This review follows Kitchenham’s review protocol.The review has been divided into three main stages including planning,execution,and analysis.From the selected 100 articles,it becomes evident that need of a collaborative approach is necessary for addressing critical software security risks(CSSRs)through effective risk management/estimation techniques.Quantifying risks using a numeric scale enables a comprehensive understanding of their severity,facilitating focused resource allocation and mitigation efforts.Through a comprehensive understanding of potential vulnerabilities and proactive mitigation efforts facilitated by protection poker,organizations can prioritize resources effectively to ensure the successful outcome of projects and initiatives in today’s dynamic threat landscape.The review reveals that threat analysis and security testing are needed to develop automated tools for the future.Accurate estimation of effort required to prioritize potential security risks is a big challenge in software security.The accuracy of effort estimation can be further improved by exploring new techniques,particularly those involving deep learning.It is also imperative to validate these effort estimation methods to ensure all potential security threats are addressed.Another challenge is selecting the right model for each specific security threat.To achieve a comprehensive evaluation,researchers should use well-known benchmark checklists.
文摘This study presents an innovative approach to enhancing the security of visual medical data in the generative AI environment through the integration of blockchain technology.By combining the strengths of blockchain and generative AI,the research team aimed to address the timely challenge of safeguarding visual medical content.The participating researchers conducted a comprehensive analysis,examining the vulnerabilities of medical AI services,personal information protection issues,and overall security weaknesses.This multi faceted exploration led to an indepth evaluation of the model’s performance and security.Notably,the correlation between accuracy,detection rate,and error rate was scrutinized.This analysis revealed insights into the model’s strengths and limitations,while the consideration of standard deviation shed light on the model’s stability and performance variability.The study proposed practical improvements,emphasizing the reduction of false negatives to enhance detection rate and leveraging blockchain technology to ensure visual data integrity in medical applications.Applying blockchain to generative AI-created medical content addresses key personal information protection issues.By utilizing the distributed ledger system of blockchain,the research team aimed to protect the privacy and integrity of medical data especially medical images.This approach not only enhances security but also enables transparent and tamperproof record-keeping.Additionally,the use of generative AI models ensures the creation of novel medical content without compromising personal information,further safeguarding patient privacy.In conclusion,this study showcases the potential of blockchain-based solutions in the medical field,particularly in securing sensitive medical data and protecting patient privacy.The proposed approach,combining blockchain and generative AI,offers a promising direction toward more robust and secure medical content management.Further research and advancements in this area will undoubtedly contribute to the development of robust and privacy-preserving healthcare systems,and visual diagnostic systems.
文摘Liposarcoma is one of the most common soft tissue sarcomas,however,its occurrence rate is still rare compared to other cancers.Due to its rarity,in vitro experiments are an essential approach to elucidate liposarcoma pathobiology.Conventional cell culture-based research(2D cell culture)is still playing a pivotal role,while several shortcomings have been recently under discussion.In vivo,mouse models are usually adopted for pre-clinical analyses with expectations to overcome the issues of 2D cell culture.However,they do not fully recapitulate human dedifferentiated liposarcoma(DDLPS)characteristics.Therefore,three-dimensional(3D)culture systems have been the recent research focus in the cell biology field with the expectation to overcome at the same time the disadvantages of 2D cell culture and in vivo animal models and fill in the gap between them.Given the liposarcoma rarity,we believe that 3D cell culture techniques,including 3D cell cultures/co-cultures,and Patient-Derived tumor Organoids(PDOs),represent a promising approach to facilitate liposarcoma investigation and elucidate its molecular mechanisms and effective therapy development.In this review,we first provide a general overview of 3D cell cultures compared to 2D cell cultures.We then focus on one of the recent 3D cell culture applications,Patient-Derived Organoids(PDOs),summarizing and discussing several PDO methodologies.Finally,we discuss the current and future applications of PDOs to sarcoma,particularly in the field of liposarcoma.
文摘近日,武汉大学国家网络安全学院2023级硕士研究生闫楠作为第一作者撰写的论文被第34届USENIX安全研讨会(The34th USENIX Security Symposium 2025)录用。论文题目为“Embed X:Embedding-Based Cross-Trigger Backdoor Attack Against Large Language Models”(《Embed X:基于嵌入的跨触发器大语言模型后门攻击》),指导老师为国家网络安全学院副研究员李雨晴(通信作者)、教授陈晶(通信作者)、副教授何琨。华中科技大学副教授王雄、香港科技大学教授李波参与合作。
文摘Small-drone technology has opened a range of new applications for aerial transportation. These drones leverage the Internet of Things (IoT) to offer cross-location services for navigation. However, they are susceptible to security and privacy threats due to hardware and architectural issues. Although small drones hold promise for expansion in both civil and defense sectors, they have safety, security, and privacy threats. Addressing these challenges is crucial to maintaining the security and uninterrupted operations of these drones. In this regard, this study investigates security, and preservation concerning both the drones and Internet of Drones (IoD), emphasizing the significance of creating drone networks that are secure and can robustly withstand interceptions and intrusions. The proposed framework incorporates a weighted voting ensemble model comprising three convolutional neural network (CNN) models to enhance intrusion detection within the network. The employed CNNs are customized 1D models optimized to obtain better performance. The output from these CNNs is voted using a weighted criterion using a 0.4, 0.3, and 0.3 ratio for three CNNs, respectively. Experiments involve using multiple benchmark datasets, achieving an impressive accuracy of up to 99.89% on drone data. The proposed model shows promising results concerning precision, recall, and F1 as indicated by their obtained values of 99.92%, 99.98%, and 99.97%, respectively. Furthermore, cross-validation and performance comparison with existing works is also carried out. Findings indicate that the proposed approach offers a prospective solution for detecting security threats for aerial systems and satellite systems with high accuracy.
