Wireless Sensor Networks(WSN)have gained significant attention over recent years due to their extensive applications in various domains such as environmentalmonitoring,healthcare systems,industrial automation,and smar...Wireless Sensor Networks(WSN)have gained significant attention over recent years due to their extensive applications in various domains such as environmentalmonitoring,healthcare systems,industrial automation,and smart cities.However,such networks are inherently vulnerable to different types of attacks because they operate in open environments with limited resources and constrained communication capabilities.Thepaper addresses challenges related to modeling and analysis of wireless sensor networks and their susceptibility to attacks.Its objective is to create versatile modeling tools capable of detecting attacks against network devices and identifying anomalies caused either by legitimate user errors or malicious activities.A proposed integrated approach for data collection,preprocessing,and analysis in WSN outlines a series of steps applicable throughout both the design phase and operation stage.This ensures effective detection of attacks and anomalies within WSNs.An introduced attackmodel specifies potential types of unauthorized network layer attacks targeting network nodes,transmitted data,and services offered by the WSN.Furthermore,a graph-based analytical framework was designed to detect attacks by evaluating real-time events from network nodes and determining if an attack is underway.Additionally,a simulation model based on sequences of imperative rules defining behaviors of both regular and compromised nodes is presented.Overall,this technique was experimentally verified using a segment of a WSN embedded in a smart city infrastructure,simulating a wormhole attack.Results demonstrate the viability and practical significance of the technique for enhancing future information security measures.Validation tests confirmed high levels of accuracy and efficiency when applied specifically to detecting wormhole attacks targeting routing protocols in WSNs.Precision and recall rates averaged above the benchmark value of 0.95,thus validating the broad applicability of the proposed models across varied scenarios.展开更多
Deep neural networks(DNNs)have found extensive applications in safety-critical artificial intelligence systems,such as autonomous driving and facial recognition systems.However,recent research has revealed their susce...Deep neural networks(DNNs)have found extensive applications in safety-critical artificial intelligence systems,such as autonomous driving and facial recognition systems.However,recent research has revealed their susceptibility to backdoors maliciously injected by adversaries.This vulnerability arises due to the intricate architecture and opacity of DNNs,resulting in numerous redundant neurons embedded within the models.Adversaries exploit these vulnerabilities to conceal malicious backdoor information within DNNs,thereby causing erroneous outputs and posing substantial threats to the efficacy of DNN-based applications.This article presents a comprehensive survey of backdoor attacks against DNNs and the countermeasure methods employed to mitigate them.Initially,we trace the evolution of the concept from traditional backdoor attacks to backdoor attacks against DNNs,highlighting the feasibility and practicality of generating backdoor attacks against DNNs.Subsequently,we provide an overview of notable works encompassing various attack and defense strategies,facilitating a comparative analysis of their approaches.Through these discussions,we offer constructive insights aimed at refining these techniques.Finally,we extend our research perspective to the domain of large language models(LLMs)and synthesize the characteristics and developmental trends of backdoor attacks and defense methods targeting LLMs.Through a systematic review of existing studies on backdoor vulnerabilities in LLMs,we identify critical open challenges in this field and propose actionable directions for future research.展开更多
Unsteady aerodynamic characteristics at high angles of attack are of great importance to the design and development of advanced fighter aircraft, which are characterized by post-stall maneuverability with multiple Deg...Unsteady aerodynamic characteristics at high angles of attack are of great importance to the design and development of advanced fighter aircraft, which are characterized by post-stall maneuverability with multiple Degrees-of-Freedom(multi-DOF) and complex flow field structure.In this paper, a special kind of cable-driven parallel mechanism is firstly utilized as a new suspension method to conduct unsteady dynamic wind tunnel tests at high angles of attack, thereby providing experimental aerodynamic data. These tests include a wide range of multi-DOF coupled oscillatory motions with various amplitudes and frequencies. Then, for aerodynamic modeling and analysis, a novel data-driven Feature-Level Attention Recurrent neural network(FLAR) is proposed. This model incorporates a specially designed feature-level attention module that focuses on the state variables affecting the aerodynamic coefficients, thereby enhancing the physical interpretability of the aerodynamic model. Subsequently, spin maneuver simulations, using a mathematical model as the baseline, are conducted to validate the effectiveness of the FLAR. Finally, the results on wind tunnel data reveal that the FLAR accurately predicts aerodynamic coefficients, and observations through the visualization of attention scores identify the key state variables that affect the aerodynamic coefficients. It is concluded that the proposed FLAR enhances the interpretability of the aerodynamic model while achieving good prediction accuracy and generalization capability for multi-DOF coupling motion at high angles of attack.展开更多
Future 6G communications are envisioned to enable a large catalogue of pioneering applications.These will range from networked Cyber-Physical Systems to edge computing devices,establishing real-time feedback control l...Future 6G communications are envisioned to enable a large catalogue of pioneering applications.These will range from networked Cyber-Physical Systems to edge computing devices,establishing real-time feedback control loops critical for managing Industry 5.0 deployments,digital agriculture systems,and essential infrastructures.The provision of extensive machine-type communications through 6G will render many of these innovative systems autonomous and unsupervised.While full automation will enhance industrial efficiency significantly,it concurrently introduces new cyber risks and vulnerabilities.In particular,unattended systems are highly susceptible to trust issues:malicious nodes and false information can be easily introduced into control loops.Additionally,Denialof-Service attacks can be executed by inundating the network with valueless noise.Current anomaly detection schemes require the entire transformation of the control software to integrate new steps and can only mitigate anomalies that conform to predefined mathematical models.Solutions based on an exhaustive data collection to detect anomalies are precise but extremely slow.Standard models,with their limited understanding of mobile networks,can achieve precision rates no higher than 75%.Therefore,more general and transversal protection mechanisms are needed to detect malicious behaviors transparently.This paper introduces a probabilistic trust model and control algorithm designed to address this gap.The model determines the probability of any node to be trustworthy.Communication channels are pruned for those nodes whose probability is below a given threshold.The trust control algorithmcomprises three primary phases,which feed themodel with three different probabilities,which are weighted and combined.Initially,anomalous nodes are identified using Gaussian mixture models and clustering technologies.Next,traffic patterns are studied using digital Bessel functions and the functional scalar product.Finally,the information coherence and content are analyzed.The noise content and abnormal information sequences are detected using a Volterra filter and a bank of Finite Impulse Response filters.An experimental validation based on simulation tools and environments was carried out.Results show the proposed solution can successfully detect up to 92%of malicious data injection attacks.展开更多
The recent interest in the deployment of Generative AI applications that use large language models (LLMs) has brought to the forefront significant privacy concerns, notably the leakage of Personally Identifiable Infor...The recent interest in the deployment of Generative AI applications that use large language models (LLMs) has brought to the forefront significant privacy concerns, notably the leakage of Personally Identifiable Information (PII) and other confidential or protected information that may have been memorized during training, specifically during a fine-tuning or customization process. We describe different black-box attacks from potential adversaries and study their impact on the amount and type of information that may be recovered from commonly used and deployed LLMs. Our research investigates the relationship between PII leakage, memorization, and factors such as model size, architecture, and the nature of attacks employed. The study utilizes two broad categories of attacks: PII leakage-focused attacks (auto-completion and extraction attacks) and memorization-focused attacks (various membership inference attacks). The findings from these investigations are quantified using an array of evaluative metrics, providing a detailed understanding of LLM vulnerabilities and the effectiveness of different attacks.展开更多
Modeling of unsteady aerodynamic loads at high angles of attack using a small amount of experimental or simulation data to construct predictive models for unknown states can greatly improve the efficiency of aircraft ...Modeling of unsteady aerodynamic loads at high angles of attack using a small amount of experimental or simulation data to construct predictive models for unknown states can greatly improve the efficiency of aircraft unsteady aerodynamic design and flight dynamics analysis.In this paper,aiming at the problems of poor generalization of traditional aerodynamic models and intelligent models,an intelligent aerodynamic modeling method based on gated neural units is proposed.The time memory characteristics of the gated neural unit is fully utilized,thus the nonlinear flow field characterization ability of the learning and training process is enhanced,and the generalization ability of the whole prediction model is improved.The prediction and verification of the model are carried out under the maneuvering flight condition of NACA0015 airfoil.The results show that the model has good adaptability.In the interpolation prediction,the maximum prediction error of the lift and drag coefficients and the moment coefficient does not exceed 10%,which can basically represent the variation characteristics of the entire flow field.In the construction of extrapolation models,the training model based on the strong nonlinear data has good accuracy for weak nonlinear prediction.Furthermore,the error is larger,even exceeding 20%,which indicates that the extrapolation and generalization capabilities need to be further optimized by integrating physical models.Compared with the conventional state space equation model,the proposed method can improve the extrapolation accuracy and efficiency by 78%and 60%,respectively,which demonstrates the applied potential of this method in aerodynamic modeling.展开更多
Watermarking is embedding visible or invisible data within media to verify its authenticity or protect copyright.The watermark is embedded in significant spatial or frequency features of the media to make it more resi...Watermarking is embedding visible or invisible data within media to verify its authenticity or protect copyright.The watermark is embedded in significant spatial or frequency features of the media to make it more resistant to intentional or unintentional modification.Some of these features are important perceptual features according to the human visual system(HVS),which means that the embedded watermark should be imperceptible in these features.Therefore,both the designers of watermarking algorithms and potential attackers must consider these perceptual features when carrying out their actions.The two roles will be considered in this paper when designing a robust watermarking algorithm against the most harmful attacks,like volumetric scaling,histogram equalization,and non-conventional watermarking attacks like the Denoising Convolution Neural Network(DnCNN),which must be considered in watermarking algorithm design due to its rising role in the state-of-the-art attacks.The DnCNN is initialized and trained using watermarked image samples created by our proposed Covert and Severe Attacks Resistant Watermarking Algorithm(CSRWA)to prove its robustness.For this algorithm to satisfy the robustness and imperceptibility tradeoff,implementing the Dither Modulation(DM)algorithm is boosted by utilizing the Just Noticeable Distortion(JND)principle to get an improved performance in this sense.Sensitivity,luminance,inter and intra-block contrast are used to adjust the JND values.展开更多
As the density of wireless networks increases globally, the vulnerability of overlapped dense wireless communications to interference by hidden nodes and denial-of-service (DoS) attacks is becoming more apparent. Ther...As the density of wireless networks increases globally, the vulnerability of overlapped dense wireless communications to interference by hidden nodes and denial-of-service (DoS) attacks is becoming more apparent. There exists a gap in research on the detection and response to attacks on Medium Access Control (MAC) mechanisms themselves, which would lead to service outages between nodes. Classifying exploitation and deceptive jamming attacks on control mechanisms is particularly challengingdue to their resemblance to normal heavy communication patterns. Accordingly, this paper proposes a machine learning-based selective attack mitigation model that detects DoS attacks on wireless networks by monitoring packet log data. Based on the type of detected attack, it implements effective corresponding mitigation techniques to restore performance to nodes whose availability has been compromised. Experimental results reveal that the accuracy of the proposed model is 14% higher than that of a baseline anomaly detection model. Further, the appropriate mitigation techniques selected by the proposed system based on the attack type improve the average throughput by more than 440% compared to the case without a response.展开更多
This article proposes an innovative adversarial attack method,AMA(Adaptive Multimodal Attack),which introduces an adaptive feedback mechanism by dynamically adjusting the perturbation strength.Specifically,AMA adjusts...This article proposes an innovative adversarial attack method,AMA(Adaptive Multimodal Attack),which introduces an adaptive feedback mechanism by dynamically adjusting the perturbation strength.Specifically,AMA adjusts perturbation amplitude based on task complexity and optimizes the perturbation direction based on the gradient direction in real time to enhance attack efficiency.Experimental results demonstrate that AMA elevates attack success rates from approximately 78.95%to 89.56%on visual question answering and from78.82%to 84.96%on visual reasoning tasks across representative vision-language benchmarks.These findings demonstrate AMA’s superior attack efficiency and reveal the vulnerability of current visual language models to carefully crafted adversarial examples,underscoring the need to enhance their robustness.展开更多
In recent years,large vision-language models(VLMs)have achieved significant breakthroughs in cross-modal understanding and generation.However,the safety issues arising from their multimodal interactions become promine...In recent years,large vision-language models(VLMs)have achieved significant breakthroughs in cross-modal understanding and generation.However,the safety issues arising from their multimodal interactions become prominent.VLMs are vulnerable to jailbreak attacks,where attackers craft carefully designed prompts to bypass safety mechanisms,leading them to generate harmful content.To address this,we investigate the alignment between visual inputs and task execution,uncovering locality defects and attention biases in VLMs.Based on these findings,we propose VOTI,a novel jailbreak framework leveraging visual obfuscation and task induction.VOTI subtly embeds malicious keywords within neutral image layouts to evade detection,and breaks down harmful queries into a sequence of subtasks.This approach disperses malicious intent across modalities,exploiting VLMs’over-reliance on local visual cues and their fragility in multi-step reasoning to bypass global safety mechanisms.Implemented as an automated framework,VOTI integrates large language models as red-team assistants to generate and iteratively optimize jailbreak strategies.Extensive experiments across seven mainstream VLMs demonstrate VOTI’s effectiveness,achieving a 73.46%attack success rate on GPT-4o-mini.These results reveal critical vulnerabilities in VLMs,highlighting the urgent need for improving robust defenses and multimodal alignment.展开更多
Federated Graph Neural Networks (FedGNNs) have achieved significant success in representation learning for graph data, enabling collaborative training among multiple parties without sharing their raw graph data and so...Federated Graph Neural Networks (FedGNNs) have achieved significant success in representation learning for graph data, enabling collaborative training among multiple parties without sharing their raw graph data and solving the data isolation problem faced by centralized GNNs in data-sensitive scenarios. Despite the plethora of prior work on inference attacks against centralized GNNs, the vulnerability of FedGNNs to inference attacks has not yet been widely explored. It is still unclear whether the privacy leakage risks of centralized GNNs will also be introduced in FedGNNs. To bridge this gap, we present PIAFGNN, the first property inference attack (PIA) against FedGNNs. Compared with prior works on centralized GNNs, in PIAFGNN, the attacker can only obtain the global embedding gradient distributed by the central server. The attacker converts the task of stealing the target user’s local embeddings into a regression problem, using a regression model to generate the target graph node embeddings. By training shadow models and property classifiers, the attacker can infer the basic property information within the target graph that is of interest. Experiments on three benchmark graph datasets demonstrate that PIAFGNN achieves attack accuracy of over 70% in most cases, even approaching the attack accuracy of inference attacks against centralized GNNs in some instances, which is much higher than the attack accuracy of the random guessing method. Furthermore, we observe that common defense mechanisms cannot mitigate our attack without affecting the model’s performance on mainly classification tasks.展开更多
Dear Editor,This letter deals with the stabilization of a resilient model predictive control(MPC)algorithm with a dynamic event-triggered mechanism subject to Denial-of-Service(Do S)attacks.Different from previous wor...Dear Editor,This letter deals with the stabilization of a resilient model predictive control(MPC)algorithm with a dynamic event-triggered mechanism subject to Denial-of-Service(Do S)attacks.Different from previous works,this letter is based on the designed threshold function to dynamically trigger and gives the upper bound conditions for intersampling intervals with attack and attack-free scenarios to converge.展开更多
The intelligent operation management of distribution services is crucial for the stability of power systems.Integrating the large language model(LLM)with 6G edge intelligence provides customized management solutions.H...The intelligent operation management of distribution services is crucial for the stability of power systems.Integrating the large language model(LLM)with 6G edge intelligence provides customized management solutions.However,the adverse effects of false data injection(FDI)attacks on the performance of LLMs cannot be overlooked.Therefore,we propose an FDI attack detection and LLM-assisted resource allocation algorithm for 6G edge intelligenceempowered distribution power grids.First,we formulate a resource allocation optimization problem.The objective is to minimize the weighted sum of the global loss function and total LLM fine-tuning delay under constraints of long-term privacy entropy and energy consumption.Then,we decouple it based on virtual queues.We utilize an LLM-assisted deep Q network(DQN)to learn the resource allocation strategy and design an FDI attack detection mechanism to ensure that fine-tuning remains on the correct path.Simulations demonstrate that the proposed algorithm has excellent performance in convergence,delay,and security.展开更多
Abstract Accurate aerodynamic models are the basis of flight simulation and control law design. Mathematically modeling unsteady aerodynamics at high angles of attack bears great difficulties in model structure determ...Abstract Accurate aerodynamic models are the basis of flight simulation and control law design. Mathematically modeling unsteady aerodynamics at high angles of attack bears great difficulties in model structure determination and parameter estimation due to little understanding of the flow mechanism. Support vector machines (SVMs) based on statistical learning theory provide a novel tool for nonlinear system modeling. The work presented here examines the feasibility of applying SVMs to high angle.-of-attack unsteady aerodynamic modeling field. Mainly, after a review of SVMs, several issues associated with unsteady aerodynamic modeling by use of SVMs are discussed in detail, such as sele, ction of input variables, selection of output variables and determination of SVM parameters. The least squares SVM (LS-SVM) models are set up from certain dynamic wind tunnel test data of a delta wing and an aircraft configuration, and then used to predict the aerodynamic responses in other tests. The predictions are in good agreement with the test data, which indicates the satisfving learning and generalization performance of LS-SVMs.展开更多
Responding to a need for experimental data on a standard wind tunnel model at high angles of attack in the supersonic speed range, and in the absence of suitable reference data, a series of tests of two HB-2 standard ...Responding to a need for experimental data on a standard wind tunnel model at high angles of attack in the supersonic speed range, and in the absence of suitable reference data, a series of tests of two HB-2 standard models of different sizes was performed in the T-38 trisonic wind tunnel of Vojnotehnickˇi Institut(VTI), in the Mach number range 1.5–4.0, at angles of attack up to+30°. Tests were performed at relatively high Reynolds numbers of 2.2 millions to 4.5 millions(based on model forebody diameter). Results were compared with available low angle of attack data from other facilities, and, as a good agreement was found, it was assumed that, by implication, the obtained high angle of attack results were valid as well. Therefore, the results can be used as a reference database for the HB-2 model at high angles of attack in the supersonic speed range, which was not available before. The results are presented in comparison with available reference data, but also contain data for some Mach numbers not given in other publications.展开更多
In this paper,a resilient distributed control scheme against replay attacks for multi-agent networked systems subject to input and state constraints is proposed.The methodological starting point relies on a smart use ...In this paper,a resilient distributed control scheme against replay attacks for multi-agent networked systems subject to input and state constraints is proposed.The methodological starting point relies on a smart use of predictive arguments with a twofold aim:1)Promptly detect malicious agent behaviors affecting normal system operations;2)Apply specific control actions,based on predictive ideas,for mitigating as much as possible undesirable domino effects resulting from adversary operations.Specifically,the multi-agent system is topologically described by a leader-follower digraph characterized by a unique leader and set-theoretic receding horizon control ideas are exploited to develop a distributed algorithm capable to instantaneously recognize the attacked agent.Finally,numerical simulations are carried out to show benefits and effectiveness of the proposed approach.展开更多
Based on the analysis for the interception process of ship-to-air missile system to the anti-ship missile stream, the antagonism of ship-to-air missile and anti-ship missile stream was modeled by Monte Carlo method. T...Based on the analysis for the interception process of ship-to-air missile system to the anti-ship missile stream, the antagonism of ship-to-air missile and anti-ship missile stream was modeled by Monte Carlo method. This model containing the probability of acquiring anti-ship missile, threat estimation, firepower distribution, interception, effectiveness evaluation and firepower turning, can dynamically simulate the antagonism process of anti-ship missile attack stream and anti-air missile weapon system. The anti-ship missile's saturation attack stream for different ship-to-air missile systems can be calculated quantitatively. The simulated results reveal the relations among the anti-ship missile saturation attack and the attack intensity of anti-ship missile, interception mode and the main parameters of anti-air missile weapon system. It provides a theoretical basis for the effective operation of anti-ship missile.展开更多
With the rapid development of e-commerce, the security issues of collaborative filtering recommender systems have been widely investigated. Malicious users can benefit from injecting a great quantities of fake profile...With the rapid development of e-commerce, the security issues of collaborative filtering recommender systems have been widely investigated. Malicious users can benefit from injecting a great quantities of fake profiles into recommender systems to manipulate recommendation results. As one of the most important attack methods in recommender systems, the shilling attack has been paid considerable attention, especially to its model and the way to detect it. Among them, the loose version of Group Shilling Attack Generation Algorithm (GSAGenl) has outstanding performance. It can be immune to some PCC (Pearson Correlation Coefficient)-based detectors due to the nature of anti-Pearson correlation. In order to overcome the vulnerabilities caused by GSAGenl, a gravitation-based detection model (GBDM) is presented, integrated with a sophisticated gravitational detector and a decider. And meanwhile two new basic attributes and a particle filter algorithm are used for tracking prediction. And then, whether an attack occurs can be judged according to the law of universal gravitation in decision-making. The detection performances of GBDM, HHT-SVM, UnRAP, AP-UnRAP Semi-SAD,SVM-TIA and PCA-P are compared and evaluated. And simulation results show the effectiveness and availability of GBDM.展开更多
This paper presents experimental and theoretical methods to study the damage layer evolution of a breakwater made with concrete hollow squares in marine environment.Wetting time was directly related to the performance...This paper presents experimental and theoretical methods to study the damage layer evolution of a breakwater made with concrete hollow squares in marine environment.Wetting time was directly related to the performance degradation of the breakwater by observation.The thickness of damage layer was detected by means of ultrasonic testing.Meanwhile,some samples drilled from concrete hollow squares were analyzed by SEM and XRD in order to illustrate the damage mechanism.Subsequently,a theoretical model containing wetting time ratio was established to simulate the damage layer evolution based on Fick’s second law,which could be suggested to predict the service life of concrete structures in marine environment.展开更多
基金the International Scientific Complex“Astana”was funded by the Committee of Science of the Ministry of Science and Higher Education of the Republic of Kazakhstan(Grant No.AP19680345).
文摘Wireless Sensor Networks(WSN)have gained significant attention over recent years due to their extensive applications in various domains such as environmentalmonitoring,healthcare systems,industrial automation,and smart cities.However,such networks are inherently vulnerable to different types of attacks because they operate in open environments with limited resources and constrained communication capabilities.Thepaper addresses challenges related to modeling and analysis of wireless sensor networks and their susceptibility to attacks.Its objective is to create versatile modeling tools capable of detecting attacks against network devices and identifying anomalies caused either by legitimate user errors or malicious activities.A proposed integrated approach for data collection,preprocessing,and analysis in WSN outlines a series of steps applicable throughout both the design phase and operation stage.This ensures effective detection of attacks and anomalies within WSNs.An introduced attackmodel specifies potential types of unauthorized network layer attacks targeting network nodes,transmitted data,and services offered by the WSN.Furthermore,a graph-based analytical framework was designed to detect attacks by evaluating real-time events from network nodes and determining if an attack is underway.Additionally,a simulation model based on sequences of imperative rules defining behaviors of both regular and compromised nodes is presented.Overall,this technique was experimentally verified using a segment of a WSN embedded in a smart city infrastructure,simulating a wormhole attack.Results demonstrate the viability and practical significance of the technique for enhancing future information security measures.Validation tests confirmed high levels of accuracy and efficiency when applied specifically to detecting wormhole attacks targeting routing protocols in WSNs.Precision and recall rates averaged above the benchmark value of 0.95,thus validating the broad applicability of the proposed models across varied scenarios.
基金supported in part by the National Natural Science Foundation of China under Grants No.62372087 and No.62072076the Research Fund of State Key Laboratory of Processors under Grant No.CLQ202310the CSC scholarship.
文摘Deep neural networks(DNNs)have found extensive applications in safety-critical artificial intelligence systems,such as autonomous driving and facial recognition systems.However,recent research has revealed their susceptibility to backdoors maliciously injected by adversaries.This vulnerability arises due to the intricate architecture and opacity of DNNs,resulting in numerous redundant neurons embedded within the models.Adversaries exploit these vulnerabilities to conceal malicious backdoor information within DNNs,thereby causing erroneous outputs and posing substantial threats to the efficacy of DNN-based applications.This article presents a comprehensive survey of backdoor attacks against DNNs and the countermeasure methods employed to mitigate them.Initially,we trace the evolution of the concept from traditional backdoor attacks to backdoor attacks against DNNs,highlighting the feasibility and practicality of generating backdoor attacks against DNNs.Subsequently,we provide an overview of notable works encompassing various attack and defense strategies,facilitating a comparative analysis of their approaches.Through these discussions,we offer constructive insights aimed at refining these techniques.Finally,we extend our research perspective to the domain of large language models(LLMs)and synthesize the characteristics and developmental trends of backdoor attacks and defense methods targeting LLMs.Through a systematic review of existing studies on backdoor vulnerabilities in LLMs,we identify critical open challenges in this field and propose actionable directions for future research.
基金supported by the National Natural Science Foundation of China(Nos.12172315,12072304,11702232)the Fujian Provincial Natural Science Foundation,China(No.2021J01050)the Aeronautical Science Foundation of China(No.20220013068002).
文摘Unsteady aerodynamic characteristics at high angles of attack are of great importance to the design and development of advanced fighter aircraft, which are characterized by post-stall maneuverability with multiple Degrees-of-Freedom(multi-DOF) and complex flow field structure.In this paper, a special kind of cable-driven parallel mechanism is firstly utilized as a new suspension method to conduct unsteady dynamic wind tunnel tests at high angles of attack, thereby providing experimental aerodynamic data. These tests include a wide range of multi-DOF coupled oscillatory motions with various amplitudes and frequencies. Then, for aerodynamic modeling and analysis, a novel data-driven Feature-Level Attention Recurrent neural network(FLAR) is proposed. This model incorporates a specially designed feature-level attention module that focuses on the state variables affecting the aerodynamic coefficients, thereby enhancing the physical interpretability of the aerodynamic model. Subsequently, spin maneuver simulations, using a mathematical model as the baseline, are conducted to validate the effectiveness of the FLAR. Finally, the results on wind tunnel data reveal that the FLAR accurately predicts aerodynamic coefficients, and observations through the visualization of attention scores identify the key state variables that affect the aerodynamic coefficients. It is concluded that the proposed FLAR enhances the interpretability of the aerodynamic model while achieving good prediction accuracy and generalization capability for multi-DOF coupling motion at high angles of attack.
基金funding by Comunidad de Madrid within the framework of the Multiannual Agreement with Universidad Politécnica de Madrid to encourage research by young doctors(PRINCE project).
文摘Future 6G communications are envisioned to enable a large catalogue of pioneering applications.These will range from networked Cyber-Physical Systems to edge computing devices,establishing real-time feedback control loops critical for managing Industry 5.0 deployments,digital agriculture systems,and essential infrastructures.The provision of extensive machine-type communications through 6G will render many of these innovative systems autonomous and unsupervised.While full automation will enhance industrial efficiency significantly,it concurrently introduces new cyber risks and vulnerabilities.In particular,unattended systems are highly susceptible to trust issues:malicious nodes and false information can be easily introduced into control loops.Additionally,Denialof-Service attacks can be executed by inundating the network with valueless noise.Current anomaly detection schemes require the entire transformation of the control software to integrate new steps and can only mitigate anomalies that conform to predefined mathematical models.Solutions based on an exhaustive data collection to detect anomalies are precise but extremely slow.Standard models,with their limited understanding of mobile networks,can achieve precision rates no higher than 75%.Therefore,more general and transversal protection mechanisms are needed to detect malicious behaviors transparently.This paper introduces a probabilistic trust model and control algorithm designed to address this gap.The model determines the probability of any node to be trustworthy.Communication channels are pruned for those nodes whose probability is below a given threshold.The trust control algorithmcomprises three primary phases,which feed themodel with three different probabilities,which are weighted and combined.Initially,anomalous nodes are identified using Gaussian mixture models and clustering technologies.Next,traffic patterns are studied using digital Bessel functions and the functional scalar product.Finally,the information coherence and content are analyzed.The noise content and abnormal information sequences are detected using a Volterra filter and a bank of Finite Impulse Response filters.An experimental validation based on simulation tools and environments was carried out.Results show the proposed solution can successfully detect up to 92%of malicious data injection attacks.
文摘The recent interest in the deployment of Generative AI applications that use large language models (LLMs) has brought to the forefront significant privacy concerns, notably the leakage of Personally Identifiable Information (PII) and other confidential or protected information that may have been memorized during training, specifically during a fine-tuning or customization process. We describe different black-box attacks from potential adversaries and study their impact on the amount and type of information that may be recovered from commonly used and deployed LLMs. Our research investigates the relationship between PII leakage, memorization, and factors such as model size, architecture, and the nature of attacks employed. The study utilizes two broad categories of attacks: PII leakage-focused attacks (auto-completion and extraction attacks) and memorization-focused attacks (various membership inference attacks). The findings from these investigations are quantified using an array of evaluative metrics, providing a detailed understanding of LLM vulnerabilities and the effectiveness of different attacks.
基金supported in part by the National Natural Science Foundation of China (No. 12202363)。
文摘Modeling of unsteady aerodynamic loads at high angles of attack using a small amount of experimental or simulation data to construct predictive models for unknown states can greatly improve the efficiency of aircraft unsteady aerodynamic design and flight dynamics analysis.In this paper,aiming at the problems of poor generalization of traditional aerodynamic models and intelligent models,an intelligent aerodynamic modeling method based on gated neural units is proposed.The time memory characteristics of the gated neural unit is fully utilized,thus the nonlinear flow field characterization ability of the learning and training process is enhanced,and the generalization ability of the whole prediction model is improved.The prediction and verification of the model are carried out under the maneuvering flight condition of NACA0015 airfoil.The results show that the model has good adaptability.In the interpolation prediction,the maximum prediction error of the lift and drag coefficients and the moment coefficient does not exceed 10%,which can basically represent the variation characteristics of the entire flow field.In the construction of extrapolation models,the training model based on the strong nonlinear data has good accuracy for weak nonlinear prediction.Furthermore,the error is larger,even exceeding 20%,which indicates that the extrapolation and generalization capabilities need to be further optimized by integrating physical models.Compared with the conventional state space equation model,the proposed method can improve the extrapolation accuracy and efficiency by 78%and 60%,respectively,which demonstrates the applied potential of this method in aerodynamic modeling.
文摘Watermarking is embedding visible or invisible data within media to verify its authenticity or protect copyright.The watermark is embedded in significant spatial or frequency features of the media to make it more resistant to intentional or unintentional modification.Some of these features are important perceptual features according to the human visual system(HVS),which means that the embedded watermark should be imperceptible in these features.Therefore,both the designers of watermarking algorithms and potential attackers must consider these perceptual features when carrying out their actions.The two roles will be considered in this paper when designing a robust watermarking algorithm against the most harmful attacks,like volumetric scaling,histogram equalization,and non-conventional watermarking attacks like the Denoising Convolution Neural Network(DnCNN),which must be considered in watermarking algorithm design due to its rising role in the state-of-the-art attacks.The DnCNN is initialized and trained using watermarked image samples created by our proposed Covert and Severe Attacks Resistant Watermarking Algorithm(CSRWA)to prove its robustness.For this algorithm to satisfy the robustness and imperceptibility tradeoff,implementing the Dither Modulation(DM)algorithm is boosted by utilizing the Just Noticeable Distortion(JND)principle to get an improved performance in this sense.Sensitivity,luminance,inter and intra-block contrast are used to adjust the JND values.
基金supported by the Ministry of Trade,Industry and Energy(MOTIE)under Training Industrial Security Specialist for High-Tech Industry(RS-2024-00415520)supervised by the Korea Institute for Advancement of Technology(KIAT)the Ministry of Science and ICT(MSIT)under the ICT Challenge and Advanced Network of HRD(ICAN)Program(No.IITP-2022-RS-2022-00156310)supervised by the Institute of Information&Communication Technology Planning&Evaluation(IITP).
文摘As the density of wireless networks increases globally, the vulnerability of overlapped dense wireless communications to interference by hidden nodes and denial-of-service (DoS) attacks is becoming more apparent. There exists a gap in research on the detection and response to attacks on Medium Access Control (MAC) mechanisms themselves, which would lead to service outages between nodes. Classifying exploitation and deceptive jamming attacks on control mechanisms is particularly challengingdue to their resemblance to normal heavy communication patterns. Accordingly, this paper proposes a machine learning-based selective attack mitigation model that detects DoS attacks on wireless networks by monitoring packet log data. Based on the type of detected attack, it implements effective corresponding mitigation techniques to restore performance to nodes whose availability has been compromised. Experimental results reveal that the accuracy of the proposed model is 14% higher than that of a baseline anomaly detection model. Further, the appropriate mitigation techniques selected by the proposed system based on the attack type improve the average throughput by more than 440% compared to the case without a response.
基金funded by the Natural Science Foundation of Jiangsu Province(Program BK20240699)National Natural Science Foundation of China(Program 62402228).
文摘This article proposes an innovative adversarial attack method,AMA(Adaptive Multimodal Attack),which introduces an adaptive feedback mechanism by dynamically adjusting the perturbation strength.Specifically,AMA adjusts perturbation amplitude based on task complexity and optimizes the perturbation direction based on the gradient direction in real time to enhance attack efficiency.Experimental results demonstrate that AMA elevates attack success rates from approximately 78.95%to 89.56%on visual question answering and from78.82%to 84.96%on visual reasoning tasks across representative vision-language benchmarks.These findings demonstrate AMA’s superior attack efficiency and reveal the vulnerability of current visual language models to carefully crafted adversarial examples,underscoring the need to enhance their robustness.
文摘In recent years,large vision-language models(VLMs)have achieved significant breakthroughs in cross-modal understanding and generation.However,the safety issues arising from their multimodal interactions become prominent.VLMs are vulnerable to jailbreak attacks,where attackers craft carefully designed prompts to bypass safety mechanisms,leading them to generate harmful content.To address this,we investigate the alignment between visual inputs and task execution,uncovering locality defects and attention biases in VLMs.Based on these findings,we propose VOTI,a novel jailbreak framework leveraging visual obfuscation and task induction.VOTI subtly embeds malicious keywords within neutral image layouts to evade detection,and breaks down harmful queries into a sequence of subtasks.This approach disperses malicious intent across modalities,exploiting VLMs’over-reliance on local visual cues and their fragility in multi-step reasoning to bypass global safety mechanisms.Implemented as an automated framework,VOTI integrates large language models as red-team assistants to generate and iteratively optimize jailbreak strategies.Extensive experiments across seven mainstream VLMs demonstrate VOTI’s effectiveness,achieving a 73.46%attack success rate on GPT-4o-mini.These results reveal critical vulnerabilities in VLMs,highlighting the urgent need for improving robust defenses and multimodal alignment.
基金supported by the National Natural Science Foundation of China(Nos.62176122 and 62061146002).
文摘Federated Graph Neural Networks (FedGNNs) have achieved significant success in representation learning for graph data, enabling collaborative training among multiple parties without sharing their raw graph data and solving the data isolation problem faced by centralized GNNs in data-sensitive scenarios. Despite the plethora of prior work on inference attacks against centralized GNNs, the vulnerability of FedGNNs to inference attacks has not yet been widely explored. It is still unclear whether the privacy leakage risks of centralized GNNs will also be introduced in FedGNNs. To bridge this gap, we present PIAFGNN, the first property inference attack (PIA) against FedGNNs. Compared with prior works on centralized GNNs, in PIAFGNN, the attacker can only obtain the global embedding gradient distributed by the central server. The attacker converts the task of stealing the target user’s local embeddings into a regression problem, using a regression model to generate the target graph node embeddings. By training shadow models and property classifiers, the attacker can infer the basic property information within the target graph that is of interest. Experiments on three benchmark graph datasets demonstrate that PIAFGNN achieves attack accuracy of over 70% in most cases, even approaching the attack accuracy of inference attacks against centralized GNNs in some instances, which is much higher than the attack accuracy of the random guessing method. Furthermore, we observe that common defense mechanisms cannot mitigate our attack without affecting the model’s performance on mainly classification tasks.
文摘Dear Editor,This letter deals with the stabilization of a resilient model predictive control(MPC)algorithm with a dynamic event-triggered mechanism subject to Denial-of-Service(Do S)attacks.Different from previous works,this letter is based on the designed threshold function to dynamically trigger and gives the upper bound conditions for intersampling intervals with attack and attack-free scenarios to converge.
基金supported by the Science and Technology Project of State Grid Corporation of China under Grant Number 52094021N010(5400-202199534A-0-5-ZN).
文摘The intelligent operation management of distribution services is crucial for the stability of power systems.Integrating the large language model(LLM)with 6G edge intelligence provides customized management solutions.However,the adverse effects of false data injection(FDI)attacks on the performance of LLMs cannot be overlooked.Therefore,we propose an FDI attack detection and LLM-assisted resource allocation algorithm for 6G edge intelligenceempowered distribution power grids.First,we formulate a resource allocation optimization problem.The objective is to minimize the weighted sum of the global loss function and total LLM fine-tuning delay under constraints of long-term privacy entropy and energy consumption.Then,we decouple it based on virtual queues.We utilize an LLM-assisted deep Q network(DQN)to learn the resource allocation strategy and design an FDI attack detection mechanism to ensure that fine-tuning remains on the correct path.Simulations demonstrate that the proposed algorithm has excellent performance in convergence,delay,and security.
文摘Abstract Accurate aerodynamic models are the basis of flight simulation and control law design. Mathematically modeling unsteady aerodynamics at high angles of attack bears great difficulties in model structure determination and parameter estimation due to little understanding of the flow mechanism. Support vector machines (SVMs) based on statistical learning theory provide a novel tool for nonlinear system modeling. The work presented here examines the feasibility of applying SVMs to high angle.-of-attack unsteady aerodynamic modeling field. Mainly, after a review of SVMs, several issues associated with unsteady aerodynamic modeling by use of SVMs are discussed in detail, such as sele, ction of input variables, selection of output variables and determination of SVM parameters. The least squares SVM (LS-SVM) models are set up from certain dynamic wind tunnel test data of a delta wing and an aircraft configuration, and then used to predict the aerodynamic responses in other tests. The predictions are in good agreement with the test data, which indicates the satisfving learning and generalization performance of LS-SVMs.
基金supported by the Military Technical Institute(VTI)and Ministry of Education,Science and Technological Development of Serbia(No.TP 36050)
文摘Responding to a need for experimental data on a standard wind tunnel model at high angles of attack in the supersonic speed range, and in the absence of suitable reference data, a series of tests of two HB-2 standard models of different sizes was performed in the T-38 trisonic wind tunnel of Vojnotehnickˇi Institut(VTI), in the Mach number range 1.5–4.0, at angles of attack up to+30°. Tests were performed at relatively high Reynolds numbers of 2.2 millions to 4.5 millions(based on model forebody diameter). Results were compared with available low angle of attack data from other facilities, and, as a good agreement was found, it was assumed that, by implication, the obtained high angle of attack results were valid as well. Therefore, the results can be used as a reference database for the HB-2 model at high angles of attack in the supersonic speed range, which was not available before. The results are presented in comparison with available reference data, but also contain data for some Mach numbers not given in other publications.
文摘In this paper,a resilient distributed control scheme against replay attacks for multi-agent networked systems subject to input and state constraints is proposed.The methodological starting point relies on a smart use of predictive arguments with a twofold aim:1)Promptly detect malicious agent behaviors affecting normal system operations;2)Apply specific control actions,based on predictive ideas,for mitigating as much as possible undesirable domino effects resulting from adversary operations.Specifically,the multi-agent system is topologically described by a leader-follower digraph characterized by a unique leader and set-theoretic receding horizon control ideas are exploited to develop a distributed algorithm capable to instantaneously recognize the attacked agent.Finally,numerical simulations are carried out to show benefits and effectiveness of the proposed approach.
文摘Based on the analysis for the interception process of ship-to-air missile system to the anti-ship missile stream, the antagonism of ship-to-air missile and anti-ship missile stream was modeled by Monte Carlo method. This model containing the probability of acquiring anti-ship missile, threat estimation, firepower distribution, interception, effectiveness evaluation and firepower turning, can dynamically simulate the antagonism process of anti-ship missile attack stream and anti-air missile weapon system. The anti-ship missile's saturation attack stream for different ship-to-air missile systems can be calculated quantitatively. The simulated results reveal the relations among the anti-ship missile saturation attack and the attack intensity of anti-ship missile, interception mode and the main parameters of anti-air missile weapon system. It provides a theoretical basis for the effective operation of anti-ship missile.
基金supported by the National Natural Science Foundation of P.R.China(No.61672297)the Key Research and Development Program of Jiangsu Province(Social Development Program,No.BE2017742)+1 种基金The Sixth Talent Peaks Project of Jiangsu Province(No.DZXX-017)Jiangsu Natural Science Foundation for Excellent Young Scholar(No.BK20160089)
文摘With the rapid development of e-commerce, the security issues of collaborative filtering recommender systems have been widely investigated. Malicious users can benefit from injecting a great quantities of fake profiles into recommender systems to manipulate recommendation results. As one of the most important attack methods in recommender systems, the shilling attack has been paid considerable attention, especially to its model and the way to detect it. Among them, the loose version of Group Shilling Attack Generation Algorithm (GSAGenl) has outstanding performance. It can be immune to some PCC (Pearson Correlation Coefficient)-based detectors due to the nature of anti-Pearson correlation. In order to overcome the vulnerabilities caused by GSAGenl, a gravitation-based detection model (GBDM) is presented, integrated with a sophisticated gravitational detector and a decider. And meanwhile two new basic attributes and a particle filter algorithm are used for tracking prediction. And then, whether an attack occurs can be judged according to the law of universal gravitation in decision-making. The detection performances of GBDM, HHT-SVM, UnRAP, AP-UnRAP Semi-SAD,SVM-TIA and PCA-P are compared and evaluated. And simulation results show the effectiveness and availability of GBDM.
基金The authors would like to acknowledge the financial support by the National Natural Science Foundation of China(11832013,11772164)the National Basic Research Program of China(973 Program,2009CB623203)+1 种基金the Key Research Program of Society Development of Ningbo(2013C51007)K.C.Wong Magna Fund in Ningbo University.
文摘This paper presents experimental and theoretical methods to study the damage layer evolution of a breakwater made with concrete hollow squares in marine environment.Wetting time was directly related to the performance degradation of the breakwater by observation.The thickness of damage layer was detected by means of ultrasonic testing.Meanwhile,some samples drilled from concrete hollow squares were analyzed by SEM and XRD in order to illustrate the damage mechanism.Subsequently,a theoretical model containing wetting time ratio was established to simulate the damage layer evolution based on Fick’s second law,which could be suggested to predict the service life of concrete structures in marine environment.
