Here we propose a new concept of"molecule aging":with some special treatment,a molecule could be"aged"by losing some unknown tiny particles or pieces from atoms in the molecule,Such"aging"...Here we propose a new concept of"molecule aging":with some special treatment,a molecule could be"aged"by losing some unknown tiny particles or pieces from atoms in the molecule,Such"aging"or loss of unknown tiny particles does not change apparently its molecular structure or chemical composition,but some physicochemical properties could be changed irreversibly.We further confirm such"molecule aging"via a long-term electron attacking to age water(H_(2)O)molecules.The IR spectra show no structural difference between the fresh water and the aged one,while the NMR spectra show that the electron attacking can decrease the size of water clusters.Such facts indicate that the electron attacking indeed can"affect"the structure of water molecule slightly but without damaging to its basic molecule frame.Further exploration reveals that the hydrogen evolution reaction(HER)activity of the aged water molecule is lower than the fresh water on the same Pt/C electrocatalyst.The density functional theory calculations indicate that the shortened O-H bond in H_(2)O indeed can present lower HER activity,so the observed size decrease of water clusters from NMR probably could be attributed to the shortening of O-H bond in water molecules.Such results indicate significantly that the molecule aging can produce materials with new functions for new possible applications.展开更多
Objective: To observe the clinical effect of Rebixiao granule (热痹消颗粒剂, RBXG) in treating repeatedly attacking acute gouty arthritis and through experimental study on blood uric acid to explore RBXG's therape...Objective: To observe the clinical effect of Rebixiao granule (热痹消颗粒剂, RBXG) in treating repeatedly attacking acute gouty arthritis and through experimental study on blood uric acid to explore RBXG's therapeutic mechanism. Methods: Ninety repeatedly attacking acute gouty arthritis patients were divided into the treated group ( n =60) and control group ( n =30). The treated group was treated with RBXG, and the control group was treated with Futalin tablets (diclofenac sodium). The baseline treatment including good rest, low purine diet, sufficient water drinking and urine alkalization, etc. was then given to both groups. Hypoxanthine 600 mg/kg and niacin 100 mg/kg was applied to hyperuricemic mice by gastrogavage to establish the animal models. Results: The clinical effective rate of the treated group was 95.0% and that of the control 90.0%. Good therapeutic effects were won, insignificant difference ( P >0.05)was shown between the two groups. However, the cure rate of the treated group was 26.7% while that of the control group was 10.0%, with significant difference ( P <0.01) shown between them. The treated group had its blood uric acid lowered, which was significantly different ( P <0.05) from that of the control group. The animal experiment indicated that all the three groups treated with different dosages of RBXG, as well as the Ash bark and Smilax glabra rhizome groups had their blood uric acid content reduced in the hyperuricemic mice. Conclusion: RBXG has a quicker initiation and better treatment effects than sole anti-inflammatory and analgesic agents on the treatment of repeatedly attacking acute gouty arthritis, showing no obvious toxic or adverse reactions and therefore good for long-term administration and likely to be a safe TCM preparation to control the symptoms and reduce the onsets of repeatedly attacking of acute gouty arthritis. The animal experiment shows that both the compound preparation and part of the single ingredients in the recipe have the function of reducing blood uric acid. However, the compound recipe has better therapeutic effects, proving to be superior to single drugs.展开更多
Deep learning networks are widely used in various systems that require classification.However,deep learning networks are vulnerable to adversarial attacks.The study on adversarial attacks plays an important role in de...Deep learning networks are widely used in various systems that require classification.However,deep learning networks are vulnerable to adversarial attacks.The study on adversarial attacks plays an important role in defense.Black-box attacks require less knowledge about target models than white-box attacks do,which means black-box attacks are easier to launch and more valuable.However,the state-of-arts black-box attacks still suffer in low success rates and large visual distances between generative adversarial images and original images.This paper proposes a kind of fast black-box attack based on the cross-correlation(FBACC)method.The attack is carried out in two stages.In the first stage,an adversarial image,which would be missclassified as the target label,is generated by using gradient descending learning.By far the image may look a lot different than the original one.Then,in the second stage,visual quality keeps getting improved on the condition that the label keeps being missclassified.By using the cross-correlation method,the error of the smooth region is ignored,and the number of iterations is reduced.Compared with the proposed black-box adversarial attack methods,FBACC achieves a better fooling rate and fewer iterations.When attacking LeNet5 and AlexNet respectively,the fooling rates are 100%and 89.56%.When attacking them at the same time,the fooling rate is 69.78%.FBACC method also provides a new adversarial attack method for the study of defense against adversarial attacks.展开更多
The unconditional security of quantum key distribution(QKD) can be guaranteed by the nature of quantum physics.Compared with the traditional two-dimensional BB84 QKD protocol, high-dimensional quantum key distribution...The unconditional security of quantum key distribution(QKD) can be guaranteed by the nature of quantum physics.Compared with the traditional two-dimensional BB84 QKD protocol, high-dimensional quantum key distribution(HDQKD) can be applied to generate much more secret key.Nonetheless, practical imperfections in realistic systems can be exploited by the third party to eavesdrop the secret key.The practical beam splitter has a correlation with wavelength,where different wavelengths have different coupling ratios.Using this property, we propose a wavelength-dependent attack towards time-bin high-dimensional QKD system.What is more, we demonstrate that this attacking protocol can be applied to arbitrary d-dimensional QKD system, and higher-dimensional QKD system is more vulnerable to this attacking strategy.展开更多
Influences of polymer-based grinding aid(PGA) on the damage process of concrete exposed to sulfate attack under dry-wet cycles were investigated. The mass loss, dynamic modulus of elasticity(Erd), and S and Ca ele...Influences of polymer-based grinding aid(PGA) on the damage process of concrete exposed to sulfate attack under dry-wet cycles were investigated. The mass loss, dynamic modulus of elasticity(Erd), and S and Ca element contents of concrete specimens were measured. Scanning electron microscopy(SEM), mercury intrusion porosimetry(MIP), and X-ray diffractometry(XRD) were used to investigate the changing of microstructure of interior concrete. The results indicated that PGA was capable of reducing the mass loss and improving the sulfate attack resistance of concrete. X-ray fluorescence(XRF) analysis revealed that PGA delayed the transport process of sulfate ions and Ca ions. In addition, MIP analysis disclosed that the micropores of concrete with PGA increased in the fraction of 20-100 nm and decreased in the residues of 200 nm. Compared with the blank sample, concrete with PGA had more slender and well-organized hydration products, and no changes in hydration products ratio or type were observed.展开更多
Secure platooning control plays an important role in enhancing the cooperative driving safety of automated vehicles subject to various security vulnerabilities.This paper focuses on the distributed secure control issu...Secure platooning control plays an important role in enhancing the cooperative driving safety of automated vehicles subject to various security vulnerabilities.This paper focuses on the distributed secure control issue of automated vehicles affected by replay attacks.A proportional-integral-observer(PIO)with predetermined forgetting parameters is first constructed to acquire the dynamical information of vehicles.Then,a time-varying parameter and two positive scalars are employed to describe the temporal behavior of replay attacks.In light of such a scheme and the common properties of Laplace matrices,the closed-loop system with PIO-based controllers is transformed into a switched and time-delayed one.Furthermore,some sufficient conditions are derived to achieve the desired platooning performance by the view of the Lyapunov stability theory.The controller gains are analytically determined by resorting to the solution of certain matrix inequalities only dependent on maximum and minimum eigenvalues of communication topologies.Finally,a simulation example is provided to illustrate the effectiveness of the proposed control strategy.展开更多
This study investigates resilient platoon control for constrained intelligent and connected vehicles(ICVs)against F-local Byzantine attacks.We introduce a resilient distributed model-predictive platooning control fram...This study investigates resilient platoon control for constrained intelligent and connected vehicles(ICVs)against F-local Byzantine attacks.We introduce a resilient distributed model-predictive platooning control framework for such ICVs.This framework seamlessly integrates the predesigned optimal control with distributed model predictive control(DMPC)optimization and introduces a unique distributed attack detector to ensure the reliability of the transmitted information among vehicles.Notably,our strategy uses previously broadcasted information and a specialized convex set,termed the“resilience set”,to identify unreliable data.This approach significantly eases graph robustness prerequisites,requiring only an(F+1)-robust graph,in contrast to the established mean sequence reduced algorithms,which require a minimum(2F+1)-robust graph.Additionally,we introduce a verification algorithm to restore trust in vehicles under minor attacks,further reducing communication network robustness.Our analysis demonstrates the recursive feasibility of the DMPC optimization.Furthermore,the proposed method achieves exceptional control performance by minimizing the discrepancies between the DMPC control inputs and predesigned platoon control inputs,while ensuring constraint compliance and cybersecurity.Simulation results verify the effectiveness of our theoretical findings.展开更多
In this paper,two new guidance laws based on differential game theory are proposed and investigated for the attacker in an attacker-defender-target scenario.The conditions for the attacker winning the game are analyze...In this paper,two new guidance laws based on differential game theory are proposed and investigated for the attacker in an attacker-defender-target scenario.The conditions for the attacker winning the game are analyzed when the target and defender using the differential game guidance law based on the linear model.The core ideas underlying the two guidance laws are the attacker evading to a critical safe boundary from the defender,and then maintaining a critical miss distance.The guidance law more appropriate for the attacker to win the game differs according to the initial parameters.Unlike other guidance laws,when using the derived guidance laws there is no need to know the target and the defender’s control efforts.The results of numerical simulations show that the attacker can evade the defender and hit the target successfully by using the proposed derived guidance laws.展开更多
The prevalence of diabetes mellitus and its associated complications,particularly diabetic foot pathologies,poses significant healthcare challenges and economic burdens globally.This review synthesises current evidenc...The prevalence of diabetes mellitus and its associated complications,particularly diabetic foot pathologies,poses significant healthcare challenges and economic burdens globally.This review synthesises current evidence on the surgical management of the diabetic foot,focusing on the interplay between neuropathy,ischemia,and infection that commonly culminates in ulcers,infections,and,in severe cases,amputations.The escalating incidence of diabetes mellitus underscores the urgency for effective management strategies,as diabetic foot complications are a leading cause of hospital admissions among diabetic patients,significantly impacting morbidity and mortality rates.This review explores the pathophysiological mechanisms underlying diabetic foot complications and further examines diabetic foot ulcers,infections,and skeletal pathologies such as Charcot arthropathy,emphasising the critical role of early diagnosis,comprehensive management strategies,and interdisciplinary care in mitigating adverse outcomes.In addressing surgical interventions,this review evaluates conservative surgeries,amputations,and reconstructive procedures,highlighting the importance of tailored approaches based on individual patient profiles and the specific characteristics of foot pathologies.The integration of advanced diagnostic tools,novel surgical techniques,and postoperative care,including offloading and infection control,are discussed in the context of optimising healing and preserving limb function.展开更多
Phishing,an Internet fraudwhere individuals are deceived into revealing critical personal and account information,poses a significant risk to both consumers and web-based institutions.Data indicates a persistent rise ...Phishing,an Internet fraudwhere individuals are deceived into revealing critical personal and account information,poses a significant risk to both consumers and web-based institutions.Data indicates a persistent rise in phishing attacks.Moreover,these fraudulent schemes are progressively becoming more intricate,thereby rendering them more challenging to identify.Hence,it is imperative to utilize sophisticated algorithms to address this issue.Machine learning is a highly effective approach for identifying and uncovering these harmful behaviors.Machine learning(ML)approaches can identify common characteristics in most phishing assaults.In this paper,we propose an ensemble approach and compare it with six machine learning techniques to determine the type of website and whether it is normal or not based on two phishing datasets.After that,we used the normalization technique on the dataset to transform the range of all the features into the same range.The findings of this paper for all algorithms are as follows in the first dataset based on accuracy,precision,recall,and F1-score,respectively:Decision Tree(DT)(0.964,0.961,0.976,0.968),Random Forest(RF)(0.970,0.964,0.984,0.974),Gradient Boosting(GB)(0.960,0.959,0.971,0.965),XGBoost(XGB)(0.973,0.976,0.976,0.976),AdaBoost(0.934,0.934,0.950,0.942),Multi Layer Perceptron(MLP)(0.970,0.971,0.976,0.974)and Voting(0.978,0.975,0.987,0.981).So,the Voting classifier gave the best results.While in the second dataset,all the algorithms gave the same results in four evaluation metrics,which indicates that each of them can effectively accomplish the prediction process.Also,this approach outperformed the previous work in detecting phishing websites with high accuracy,a lower false negative rate,a shorter prediction time,and a lower false positive rate.展开更多
Quantum key distribution(QKD),rooted in quantum mechanics,offers information-theoretic security.However,practi-cal systems open security threats due to imperfections,notably bright-light blinding attacks targeting sin...Quantum key distribution(QKD),rooted in quantum mechanics,offers information-theoretic security.However,practi-cal systems open security threats due to imperfections,notably bright-light blinding attacks targeting single-photon detectors.Here,we propose a concise,robust defense strategy for protecting single-photon detectors in QKD systems against blinding attacks.Our strategy uses a dual approach:detecting the bias current of the avalanche photodiode(APD)to defend against con-tinuous-wave blinding attacks,and monitoring the avalanche amplitude to protect against pulsed blinding attacks.By integrat-ing these two branches,the proposed solution effectively identifies and mitigates a wide range of bright light injection attempts,significantly enhancing the resilience of QKD systems against various bright-light blinding attacks.This method forti-fies the safeguards of quantum communications and offers a crucial contribution to the field of quantum information security.展开更多
Various organizations store data online rather than on physical servers.As the number of user’s data stored in cloud servers increases,the attack rate to access data from cloud servers also increases.Different resear...Various organizations store data online rather than on physical servers.As the number of user’s data stored in cloud servers increases,the attack rate to access data from cloud servers also increases.Different researchers worked on different algorithms to protect cloud data from replay attacks.None of the papers used a technique that simultaneously detects a full-message and partial-message replay attack.This study presents the development of a TKN(Text,Key and Name)cryptographic algorithm aimed at protecting data from replay attacks.The program employs distinct ways to encrypt plain text[P],a user-defined Key[K],and a Secret Code[N].The novelty of the TKN cryptographic algorithm is that the bit value of each text is linked to another value with the help of the proposed algorithm,and the length of the cipher text obtained is twice the length of the original text.In the scenario that an attacker executes a replay attack on the cloud server,engages in cryptanalysis,or manipulates any data,it will result in automated modification of all associated values inside the backend.This mechanism has the benefit of enhancing the detectability of replay attacks.Nevertheless,the attacker cannot access data not included in any of the papers,regardless of how effective the attack strategy is.At the end of paper,the proposed algorithm’s novelty will be compared with different algorithms,and it will be discussed how far the proposed algorithm is better than all other algorithms.展开更多
Bayesian networks are a powerful class of graphical decision models used to represent causal relationships among variables.However,the reliability and integrity of learned Bayesian network models are highly dependent ...Bayesian networks are a powerful class of graphical decision models used to represent causal relationships among variables.However,the reliability and integrity of learned Bayesian network models are highly dependent on the quality of incoming data streams.One of the primary challenges with Bayesian networks is their vulnerability to adversarial data poisoning attacks,wherein malicious data is injected into the training dataset to negatively influence the Bayesian network models and impair their performance.In this research paper,we propose an efficient framework for detecting data poisoning attacks against Bayesian network structure learning algorithms.Our framework utilizes latent variables to quantify the amount of belief between every two nodes in each causal model over time.We use our innovative methodology to tackle an important issue with data poisoning assaults in the context of Bayesian networks.With regard to four different forms of data poisoning attacks,we specifically aim to strengthen the security and dependability of Bayesian network structure learning techniques,such as the PC algorithm.By doing this,we explore the complexity of this area and offer workablemethods for identifying and reducing these sneaky dangers.Additionally,our research investigates one particular use case,the“Visit to Asia Network.”The practical consequences of using uncertainty as a way to spot cases of data poisoning are explored in this inquiry,which is of utmost relevance.Our results demonstrate the promising efficacy of latent variables in detecting and mitigating the threat of data poisoning attacks.Additionally,our proposed latent-based framework proves to be sensitive in detecting malicious data poisoning attacks in the context of stream data.展开更多
Owing to the integration of energy digitization and artificial intelligence technology,smart energy grids can realize the stable,efficient and clean operation of power systems.However,the emergence of cyber-physical a...Owing to the integration of energy digitization and artificial intelligence technology,smart energy grids can realize the stable,efficient and clean operation of power systems.However,the emergence of cyber-physical attacks,such as dynamic load-altering attacks(DLAAs)has introduced great challenges to the security of smart energy grids.Thus,this study developed a novel cyber-physical collaborative security framework for DLAAs in smart energy grids.The proposed framework integrates attack prediction in the cyber layer with the detection and localization of attacks in the physical layer.First,a data-driven method was proposed to predict the DLAA sequence in the cyber layer.By designing a double radial basis function network,the influence of disturbances on attack prediction can be eliminated.Based on the prediction results,an unknown input observer-based detection and localization method was further developed for the physical layer.In addition,an adaptive threshold was designed to replace the traditional precomputed threshold and improve the detection performance of the DLAAs.Consequently,through the collaborative work of the cyber-physics layer,injected DLAAs were effectively detected and located.Compared with existing methodologies,the simulation results on IEEE 14-bus and 118-bus power systems verified the superiority of the proposed cyber-physical collaborative detection and localization against DLAAs.展开更多
In an effort to investigate and quantify the patterns of local scour,researchers embarked on an in-depth study using a systematic experimental approach.The research focused on the effects of local scour around a set o...In an effort to investigate and quantify the patterns of local scour,researchers embarked on an in-depth study using a systematic experimental approach.The research focused on the effects of local scour around a set of four piles,each subjected to different hydromechanical conditions.In particular,this study aimed to determine how different attack angles—the angles at which the water flow impinges on the piles,and gap ratios—the ratios of the spacing between the piles to their diameters,influence the extent and nature of scour.A comprehensive series of 35 carefully designed experiments were orchestrated,each designed to dissect the nuances in how the gap ratio and attack angle might contribute to changes in the local scour observed at the base of pile groups.During these experimental trials,a wealth of local scour data were collected to support the analysis.These data included precise topographic profiles of the sediment bed around the pile groups,as well as detailed scour time histories showing the evolution of scour at strategic feature points throughout the test procedure.The analysis of the experimental data provided interesting insights.The study revealed that the interplay between the gap ratio and the attack angle had a pronounced influence on the scouring dynamics of the pile groups.One of the key observations was that the initial phases of scour,particularly within the first hour of water flow exposure,were characterized by a sharp increase in the scour depth occurring immediately in front of the piles.After this initial rapid development,the scour depth transitioned to a more gradual change rate.In contrast,the scour topography around the piles continuously evolved.This suggests that sediment displacement and the associated sculpting of the seabed around pile foundations are sustained and progressive processes,altering the underwater landscape over time.The results of this empirical investigation have significant implications for the design and construction of offshore multi-pile foundations,providing a critical reference for engineers and designers to estimate the expected scour depth around such structures,which is an integral part of decisions regarding foundation design,selection of structural materials,and implementation of scour protection measures.展开更多
While autonomous vehicles are vital components of intelligent transportation systems,ensuring the trustworthiness of decision-making remains a substantial challenge in realizing autonomous driving.Therefore,we present...While autonomous vehicles are vital components of intelligent transportation systems,ensuring the trustworthiness of decision-making remains a substantial challenge in realizing autonomous driving.Therefore,we present a novel robust reinforcement learning approach with safety guarantees to attain trustworthy decision-making for autonomous vehicles.The proposed technique ensures decision trustworthiness in terms of policy robustness and collision safety.Specifically,an adversary model is learned online to simulate the worst-case uncertainty by approximating the optimal adversarial perturbations on the observed states and environmental dynamics.In addition,an adversarial robust actor-critic algorithm is developed to enable the agent to learn robust policies against perturbations in observations and dynamics.Moreover,we devise a safety mask to guarantee the collision safety of the autonomous driving agent during both the training and testing processes using an interpretable knowledge model known as the Responsibility-Sensitive Safety Model.Finally,the proposed approach is evaluated through both simulations and experiments.These results indicate that the autonomous driving agent can make trustworthy decisions and drastically reduce the number of collisions through robust safety policies.展开更多
Nowadays, devices are connected across all areas, from intelligent buildings and smart cities to Industry 4.0 andsmart healthcare. With the exponential growth of Internet of Things usage in our world, IoT security is ...Nowadays, devices are connected across all areas, from intelligent buildings and smart cities to Industry 4.0 andsmart healthcare. With the exponential growth of Internet of Things usage in our world, IoT security is still thebiggest challenge for its deployment. The main goal of IoT security is to ensure the accessibility of services providedby an IoT environment, protect privacy, and confidentiality, and guarantee the safety of IoT users, infrastructures,data, and devices. Authentication, as the first line of defense against security threats, becomes the priority ofeveryone. It can either grant or deny users access to resources according to their legitimacy. As a result, studyingand researching authentication issues within IoT is extremely important. As a result, studying and researchingauthentication issues within IoT is extremely important. This article presents a comparative study of recent researchin IoT security;it provides an analysis of recent authentication protocols from2019 to 2023 that cover several areaswithin IoT (such as smart cities, healthcare, and industry). This survey sought to provide an IoT security researchsummary, the biggest susceptibilities, and attacks, the appropriate technologies, and the most used simulators. Itillustrates that the resistance of protocols against attacks, and their computational and communication cost arelinked directly to the cryptography technique used to build it. Furthermore, it discusses the gaps in recent schemesand provides some future research directions.展开更多
Industrial robots are becoming increasingly vulnerable to cyber incidents and attacks,particularly with the dawn of the Industrial Internet-of-Things(IIoT).To gain a comprehensive understanding of these cyber risks,vu...Industrial robots are becoming increasingly vulnerable to cyber incidents and attacks,particularly with the dawn of the Industrial Internet-of-Things(IIoT).To gain a comprehensive understanding of these cyber risks,vulnerabilities of industrial robots were analyzed empirically,using more than three million communication packets collected with testbeds of two ABB IRB120 robots and five other robots from various original equipment manufacturers(OEMs).This analysis,guided by the confidentiality-integrity-availability(CIA)triad,uncovers robot vulnerabilities in three dimensions:confidentiality,integrity,and availability.These vulnerabilities were used to design Covering Robot Manipulation via Data Deception(CORMAND2),an automated cyber-physical attack against industrial robots.CORMAND2 manipulates robot operation while deceiving the Supervisory Control and Data Acquisition(SCADA)system that the robot is operating normally by modifying the robot’s movement data and data deception.CORMAND2 and its capability of degrading the manufacturing was validated experimentally using the aforementioned seven robots from six different OEMs.CORMAND2 unveils the limitations of existing anomaly detection systems,more specifically the assumption of the authenticity of SCADA-received movement data,to which we propose mitigations for.展开更多
Serverless computing is a promising paradigm in cloud computing that greatly simplifies cloud programming.With serverless computing,developers only provide function code to serverless platform,and these functions are ...Serverless computing is a promising paradigm in cloud computing that greatly simplifies cloud programming.With serverless computing,developers only provide function code to serverless platform,and these functions are invoked by its driven events.Nonetheless,security threats in serverless computing such as vulnerability-based security threats have become the pain point hindering its wide adoption.The ideas in proactive defense such as redundancy,diversity and dynamic provide promising approaches to protect against cyberattacks.However,these security technologies are mostly applied to serverless platform based on“stacked”mode,as they are designed independent with serverless computing.The lack of security consideration in the initial design makes it especially challenging to achieve the all life cycle protection for serverless application with limited cost.In this paper,we present ATSSC,a proactive defense enabled attack tolerant serverless platform.ATSSC integrates the characteristic of redundancy,diversity and dynamic into serverless seamless to achieve high-level security and efficiency.Specifically,ATSSC constructs multiple diverse function replicas to process the driven events and performs cross-validation to verify the results.In order to create diverse function replicas,both software diversity and environment diversity are adopted.Furthermore,a dynamic function refresh strategy is proposed to keep the clean state of serverless functions.We implement ATSSC based on Kubernetes and Knative.Analysis and experimental results demonstrate that ATSSC can effectively protect serverless computing against cyberattacks with acceptable costs.展开更多
The development of Intelligent Railway Transportation Systems necessitates incorporating privacy-preserving mechanisms into AI models to protect sensitive information and enhance system efficiency.Federated learning o...The development of Intelligent Railway Transportation Systems necessitates incorporating privacy-preserving mechanisms into AI models to protect sensitive information and enhance system efficiency.Federated learning offers a promising solution by allowing multiple clients to train models collaboratively without sharing private data.However,despite its privacy benefits,federated learning systems are vulnerable to poisoning attacks,where adversaries alter local model parameters on compromised clients and send malicious updates to the server,potentially compromising the global model’s accuracy.In this study,we introduce PMM(Perturbation coefficient Multiplied by Maximum value),a new poisoning attack method that perturbs model updates layer by layer,demonstrating the threat of poisoning attacks faced by federated learning.Extensive experiments across three distinct datasets have demonstrated PMM’s ability to significantly reduce the global model’s accuracy.Additionally,we propose an effective defense method,namely CLBL(Cluster Layer By Layer).Experiment results on three datasets have confirmed CLBL’s effectiveness.展开更多
基金funded by the Key Research and Development Program sponsored by the Ministry of Science and Technology(MOST)(2022YFA1203400)National Natural Science Foundation of China(21925205,22072145,21372155,22005294,and 22102172)。
文摘Here we propose a new concept of"molecule aging":with some special treatment,a molecule could be"aged"by losing some unknown tiny particles or pieces from atoms in the molecule,Such"aging"or loss of unknown tiny particles does not change apparently its molecular structure or chemical composition,but some physicochemical properties could be changed irreversibly.We further confirm such"molecule aging"via a long-term electron attacking to age water(H_(2)O)molecules.The IR spectra show no structural difference between the fresh water and the aged one,while the NMR spectra show that the electron attacking can decrease the size of water clusters.Such facts indicate that the electron attacking indeed can"affect"the structure of water molecule slightly but without damaging to its basic molecule frame.Further exploration reveals that the hydrogen evolution reaction(HER)activity of the aged water molecule is lower than the fresh water on the same Pt/C electrocatalyst.The density functional theory calculations indicate that the shortened O-H bond in H_(2)O indeed can present lower HER activity,so the observed size decrease of water clusters from NMR probably could be attributed to the shortening of O-H bond in water molecules.Such results indicate significantly that the molecule aging can produce materials with new functions for new possible applications.
基金Supported by Project of Science and Technology Commis sion Foundation of Jiangsu Province in 1998
文摘Objective: To observe the clinical effect of Rebixiao granule (热痹消颗粒剂, RBXG) in treating repeatedly attacking acute gouty arthritis and through experimental study on blood uric acid to explore RBXG's therapeutic mechanism. Methods: Ninety repeatedly attacking acute gouty arthritis patients were divided into the treated group ( n =60) and control group ( n =30). The treated group was treated with RBXG, and the control group was treated with Futalin tablets (diclofenac sodium). The baseline treatment including good rest, low purine diet, sufficient water drinking and urine alkalization, etc. was then given to both groups. Hypoxanthine 600 mg/kg and niacin 100 mg/kg was applied to hyperuricemic mice by gastrogavage to establish the animal models. Results: The clinical effective rate of the treated group was 95.0% and that of the control 90.0%. Good therapeutic effects were won, insignificant difference ( P >0.05)was shown between the two groups. However, the cure rate of the treated group was 26.7% while that of the control group was 10.0%, with significant difference ( P <0.01) shown between them. The treated group had its blood uric acid lowered, which was significantly different ( P <0.05) from that of the control group. The animal experiment indicated that all the three groups treated with different dosages of RBXG, as well as the Ash bark and Smilax glabra rhizome groups had their blood uric acid content reduced in the hyperuricemic mice. Conclusion: RBXG has a quicker initiation and better treatment effects than sole anti-inflammatory and analgesic agents on the treatment of repeatedly attacking acute gouty arthritis, showing no obvious toxic or adverse reactions and therefore good for long-term administration and likely to be a safe TCM preparation to control the symptoms and reduce the onsets of repeatedly attacking of acute gouty arthritis. The animal experiment shows that both the compound preparation and part of the single ingredients in the recipe have the function of reducing blood uric acid. However, the compound recipe has better therapeutic effects, proving to be superior to single drugs.
基金This work is supported by the National Key R&D Program of China(2017YFB0802703)Research on the education mode for complicate skill students in new media with cross specialty integration(22150117092)+3 种基金Major Scientific and Technological Special Project of Guizhou Province(20183001)Open Foundation of Guizhou Provincial Key Laboratory of Public Big Data(2018BDKFJJ014)Open Foundation of Guizhou Provincial Key Laboratory of Public Big Data(2018BDKFJJ019)Open Foundation of Guizhou Provincial Key Laboratory of Public Big Data(2018BDKFJJ022).
文摘Deep learning networks are widely used in various systems that require classification.However,deep learning networks are vulnerable to adversarial attacks.The study on adversarial attacks plays an important role in defense.Black-box attacks require less knowledge about target models than white-box attacks do,which means black-box attacks are easier to launch and more valuable.However,the state-of-arts black-box attacks still suffer in low success rates and large visual distances between generative adversarial images and original images.This paper proposes a kind of fast black-box attack based on the cross-correlation(FBACC)method.The attack is carried out in two stages.In the first stage,an adversarial image,which would be missclassified as the target label,is generated by using gradient descending learning.By far the image may look a lot different than the original one.Then,in the second stage,visual quality keeps getting improved on the condition that the label keeps being missclassified.By using the cross-correlation method,the error of the smooth region is ignored,and the number of iterations is reduced.Compared with the proposed black-box adversarial attack methods,FBACC achieves a better fooling rate and fewer iterations.When attacking LeNet5 and AlexNet respectively,the fooling rates are 100%and 89.56%.When attacking them at the same time,the fooling rate is 69.78%.FBACC method also provides a new adversarial attack method for the study of defense against adversarial attacks.
基金Project supported by the National Key Research and Development Program of China(Grant No.2016YFA0302600)the National Natural Science Foundation of China(Grant No.61675235)
文摘The unconditional security of quantum key distribution(QKD) can be guaranteed by the nature of quantum physics.Compared with the traditional two-dimensional BB84 QKD protocol, high-dimensional quantum key distribution(HDQKD) can be applied to generate much more secret key.Nonetheless, practical imperfections in realistic systems can be exploited by the third party to eavesdrop the secret key.The practical beam splitter has a correlation with wavelength,where different wavelengths have different coupling ratios.Using this property, we propose a wavelength-dependent attack towards time-bin high-dimensional QKD system.What is more, we demonstrate that this attacking protocol can be applied to arbitrary d-dimensional QKD system, and higher-dimensional QKD system is more vulnerable to this attacking strategy.
基金Funded by National Natural Science Foundation of China(No.51578141)National Program on Key Basic Research Project(973 Program)(No.2015CB655102)Ministry of Science and Technology of China(No.2016YFE011820)
文摘Influences of polymer-based grinding aid(PGA) on the damage process of concrete exposed to sulfate attack under dry-wet cycles were investigated. The mass loss, dynamic modulus of elasticity(Erd), and S and Ca element contents of concrete specimens were measured. Scanning electron microscopy(SEM), mercury intrusion porosimetry(MIP), and X-ray diffractometry(XRD) were used to investigate the changing of microstructure of interior concrete. The results indicated that PGA was capable of reducing the mass loss and improving the sulfate attack resistance of concrete. X-ray fluorescence(XRF) analysis revealed that PGA delayed the transport process of sulfate ions and Ca ions. In addition, MIP analysis disclosed that the micropores of concrete with PGA increased in the fraction of 20-100 nm and decreased in the residues of 200 nm. Compared with the blank sample, concrete with PGA had more slender and well-organized hydration products, and no changes in hydration products ratio or type were observed.
基金supported in part by the National Natural Science Foundation of China (61973219,U21A2019,61873058)the Hainan Province Science and Technology Special Fund (ZDYF2022SHFZ105)。
文摘Secure platooning control plays an important role in enhancing the cooperative driving safety of automated vehicles subject to various security vulnerabilities.This paper focuses on the distributed secure control issue of automated vehicles affected by replay attacks.A proportional-integral-observer(PIO)with predetermined forgetting parameters is first constructed to acquire the dynamical information of vehicles.Then,a time-varying parameter and two positive scalars are employed to describe the temporal behavior of replay attacks.In light of such a scheme and the common properties of Laplace matrices,the closed-loop system with PIO-based controllers is transformed into a switched and time-delayed one.Furthermore,some sufficient conditions are derived to achieve the desired platooning performance by the view of the Lyapunov stability theory.The controller gains are analytically determined by resorting to the solution of certain matrix inequalities only dependent on maximum and minimum eigenvalues of communication topologies.Finally,a simulation example is provided to illustrate the effectiveness of the proposed control strategy.
基金the financial support from the Natural Sciences and Engineering Research Council of Canada(NSERC)。
文摘This study investigates resilient platoon control for constrained intelligent and connected vehicles(ICVs)against F-local Byzantine attacks.We introduce a resilient distributed model-predictive platooning control framework for such ICVs.This framework seamlessly integrates the predesigned optimal control with distributed model predictive control(DMPC)optimization and introduces a unique distributed attack detector to ensure the reliability of the transmitted information among vehicles.Notably,our strategy uses previously broadcasted information and a specialized convex set,termed the“resilience set”,to identify unreliable data.This approach significantly eases graph robustness prerequisites,requiring only an(F+1)-robust graph,in contrast to the established mean sequence reduced algorithms,which require a minimum(2F+1)-robust graph.Additionally,we introduce a verification algorithm to restore trust in vehicles under minor attacks,further reducing communication network robustness.Our analysis demonstrates the recursive feasibility of the DMPC optimization.Furthermore,the proposed method achieves exceptional control performance by minimizing the discrepancies between the DMPC control inputs and predesigned platoon control inputs,while ensuring constraint compliance and cybersecurity.Simulation results verify the effectiveness of our theoretical findings.
基金co-supported by the National Natural Science Foundation of China(No.11672093)the Shanghai Aerospace Science and Technology Innovation Foundation,China(No.SAST2016039)
文摘In this paper,two new guidance laws based on differential game theory are proposed and investigated for the attacker in an attacker-defender-target scenario.The conditions for the attacker winning the game are analyzed when the target and defender using the differential game guidance law based on the linear model.The core ideas underlying the two guidance laws are the attacker evading to a critical safe boundary from the defender,and then maintaining a critical miss distance.The guidance law more appropriate for the attacker to win the game differs according to the initial parameters.Unlike other guidance laws,when using the derived guidance laws there is no need to know the target and the defender’s control efforts.The results of numerical simulations show that the attacker can evade the defender and hit the target successfully by using the proposed derived guidance laws.
文摘The prevalence of diabetes mellitus and its associated complications,particularly diabetic foot pathologies,poses significant healthcare challenges and economic burdens globally.This review synthesises current evidence on the surgical management of the diabetic foot,focusing on the interplay between neuropathy,ischemia,and infection that commonly culminates in ulcers,infections,and,in severe cases,amputations.The escalating incidence of diabetes mellitus underscores the urgency for effective management strategies,as diabetic foot complications are a leading cause of hospital admissions among diabetic patients,significantly impacting morbidity and mortality rates.This review explores the pathophysiological mechanisms underlying diabetic foot complications and further examines diabetic foot ulcers,infections,and skeletal pathologies such as Charcot arthropathy,emphasising the critical role of early diagnosis,comprehensive management strategies,and interdisciplinary care in mitigating adverse outcomes.In addressing surgical interventions,this review evaluates conservative surgeries,amputations,and reconstructive procedures,highlighting the importance of tailored approaches based on individual patient profiles and the specific characteristics of foot pathologies.The integration of advanced diagnostic tools,novel surgical techniques,and postoperative care,including offloading and infection control,are discussed in the context of optimising healing and preserving limb function.
基金funding from Deanship of Scientific Research in King Faisal University with Grant Number KFU 241085.
文摘Phishing,an Internet fraudwhere individuals are deceived into revealing critical personal and account information,poses a significant risk to both consumers and web-based institutions.Data indicates a persistent rise in phishing attacks.Moreover,these fraudulent schemes are progressively becoming more intricate,thereby rendering them more challenging to identify.Hence,it is imperative to utilize sophisticated algorithms to address this issue.Machine learning is a highly effective approach for identifying and uncovering these harmful behaviors.Machine learning(ML)approaches can identify common characteristics in most phishing assaults.In this paper,we propose an ensemble approach and compare it with six machine learning techniques to determine the type of website and whether it is normal or not based on two phishing datasets.After that,we used the normalization technique on the dataset to transform the range of all the features into the same range.The findings of this paper for all algorithms are as follows in the first dataset based on accuracy,precision,recall,and F1-score,respectively:Decision Tree(DT)(0.964,0.961,0.976,0.968),Random Forest(RF)(0.970,0.964,0.984,0.974),Gradient Boosting(GB)(0.960,0.959,0.971,0.965),XGBoost(XGB)(0.973,0.976,0.976,0.976),AdaBoost(0.934,0.934,0.950,0.942),Multi Layer Perceptron(MLP)(0.970,0.971,0.976,0.974)and Voting(0.978,0.975,0.987,0.981).So,the Voting classifier gave the best results.While in the second dataset,all the algorithms gave the same results in four evaluation metrics,which indicates that each of them can effectively accomplish the prediction process.Also,this approach outperformed the previous work in detecting phishing websites with high accuracy,a lower false negative rate,a shorter prediction time,and a lower false positive rate.
基金This work was supported by the Major Scientific and Technological Special Project of Anhui Province(202103a13010004)the Major Scientific and Technological Special Project of Hefei City(2021DX007)+1 种基金the Key R&D Plan of Shandong Province(2020CXGC010105)the China Postdoctoral Science Foundation(2021M700315).
文摘Quantum key distribution(QKD),rooted in quantum mechanics,offers information-theoretic security.However,practi-cal systems open security threats due to imperfections,notably bright-light blinding attacks targeting single-photon detectors.Here,we propose a concise,robust defense strategy for protecting single-photon detectors in QKD systems against blinding attacks.Our strategy uses a dual approach:detecting the bias current of the avalanche photodiode(APD)to defend against con-tinuous-wave blinding attacks,and monitoring the avalanche amplitude to protect against pulsed blinding attacks.By integrat-ing these two branches,the proposed solution effectively identifies and mitigates a wide range of bright light injection attempts,significantly enhancing the resilience of QKD systems against various bright-light blinding attacks.This method forti-fies the safeguards of quantum communications and offers a crucial contribution to the field of quantum information security.
基金Deanship of Scientific Research at Majmaah University for supporting this work under Project Number R-2023-811.
文摘Various organizations store data online rather than on physical servers.As the number of user’s data stored in cloud servers increases,the attack rate to access data from cloud servers also increases.Different researchers worked on different algorithms to protect cloud data from replay attacks.None of the papers used a technique that simultaneously detects a full-message and partial-message replay attack.This study presents the development of a TKN(Text,Key and Name)cryptographic algorithm aimed at protecting data from replay attacks.The program employs distinct ways to encrypt plain text[P],a user-defined Key[K],and a Secret Code[N].The novelty of the TKN cryptographic algorithm is that the bit value of each text is linked to another value with the help of the proposed algorithm,and the length of the cipher text obtained is twice the length of the original text.In the scenario that an attacker executes a replay attack on the cloud server,engages in cryptanalysis,or manipulates any data,it will result in automated modification of all associated values inside the backend.This mechanism has the benefit of enhancing the detectability of replay attacks.Nevertheless,the attacker cannot access data not included in any of the papers,regardless of how effective the attack strategy is.At the end of paper,the proposed algorithm’s novelty will be compared with different algorithms,and it will be discussed how far the proposed algorithm is better than all other algorithms.
文摘Bayesian networks are a powerful class of graphical decision models used to represent causal relationships among variables.However,the reliability and integrity of learned Bayesian network models are highly dependent on the quality of incoming data streams.One of the primary challenges with Bayesian networks is their vulnerability to adversarial data poisoning attacks,wherein malicious data is injected into the training dataset to negatively influence the Bayesian network models and impair their performance.In this research paper,we propose an efficient framework for detecting data poisoning attacks against Bayesian network structure learning algorithms.Our framework utilizes latent variables to quantify the amount of belief between every two nodes in each causal model over time.We use our innovative methodology to tackle an important issue with data poisoning assaults in the context of Bayesian networks.With regard to four different forms of data poisoning attacks,we specifically aim to strengthen the security and dependability of Bayesian network structure learning techniques,such as the PC algorithm.By doing this,we explore the complexity of this area and offer workablemethods for identifying and reducing these sneaky dangers.Additionally,our research investigates one particular use case,the“Visit to Asia Network.”The practical consequences of using uncertainty as a way to spot cases of data poisoning are explored in this inquiry,which is of utmost relevance.Our results demonstrate the promising efficacy of latent variables in detecting and mitigating the threat of data poisoning attacks.Additionally,our proposed latent-based framework proves to be sensitive in detecting malicious data poisoning attacks in the context of stream data.
基金supported by the National Nature Science Foundation of China under 62203376the Science and Technology Plan of Hebei Education Department under QN2021139+1 种基金the Nature Science Foundation of Hebei Province under F2021203043the Open Research Fund of Jiangsu Collaborative Innovation Center for Smart Distribution Network,Nanjing Institute of Technology under No.XTCX202203.
文摘Owing to the integration of energy digitization and artificial intelligence technology,smart energy grids can realize the stable,efficient and clean operation of power systems.However,the emergence of cyber-physical attacks,such as dynamic load-altering attacks(DLAAs)has introduced great challenges to the security of smart energy grids.Thus,this study developed a novel cyber-physical collaborative security framework for DLAAs in smart energy grids.The proposed framework integrates attack prediction in the cyber layer with the detection and localization of attacks in the physical layer.First,a data-driven method was proposed to predict the DLAA sequence in the cyber layer.By designing a double radial basis function network,the influence of disturbances on attack prediction can be eliminated.Based on the prediction results,an unknown input observer-based detection and localization method was further developed for the physical layer.In addition,an adaptive threshold was designed to replace the traditional precomputed threshold and improve the detection performance of the DLAAs.Consequently,through the collaborative work of the cyber-physics layer,injected DLAAs were effectively detected and located.Compared with existing methodologies,the simulation results on IEEE 14-bus and 118-bus power systems verified the superiority of the proposed cyber-physical collaborative detection and localization against DLAAs.
基金financially supported by the National Natural Science Foundation of China(Grant No.51890913)the Natural Science Foundation of Sichuan Province of China(Grant No.2023YFQ0111)。
文摘In an effort to investigate and quantify the patterns of local scour,researchers embarked on an in-depth study using a systematic experimental approach.The research focused on the effects of local scour around a set of four piles,each subjected to different hydromechanical conditions.In particular,this study aimed to determine how different attack angles—the angles at which the water flow impinges on the piles,and gap ratios—the ratios of the spacing between the piles to their diameters,influence the extent and nature of scour.A comprehensive series of 35 carefully designed experiments were orchestrated,each designed to dissect the nuances in how the gap ratio and attack angle might contribute to changes in the local scour observed at the base of pile groups.During these experimental trials,a wealth of local scour data were collected to support the analysis.These data included precise topographic profiles of the sediment bed around the pile groups,as well as detailed scour time histories showing the evolution of scour at strategic feature points throughout the test procedure.The analysis of the experimental data provided interesting insights.The study revealed that the interplay between the gap ratio and the attack angle had a pronounced influence on the scouring dynamics of the pile groups.One of the key observations was that the initial phases of scour,particularly within the first hour of water flow exposure,were characterized by a sharp increase in the scour depth occurring immediately in front of the piles.After this initial rapid development,the scour depth transitioned to a more gradual change rate.In contrast,the scour topography around the piles continuously evolved.This suggests that sediment displacement and the associated sculpting of the seabed around pile foundations are sustained and progressive processes,altering the underwater landscape over time.The results of this empirical investigation have significant implications for the design and construction of offshore multi-pile foundations,providing a critical reference for engineers and designers to estimate the expected scour depth around such structures,which is an integral part of decisions regarding foundation design,selection of structural materials,and implementation of scour protection measures.
基金supported in part by the Start-Up Grant-Nanyang Assistant Professorship Grant of Nanyang Technological Universitythe Agency for Science,Technology and Research(A*STAR)under Advanced Manufacturing and Engineering(AME)Young Individual Research under Grant(A2084c0156)+2 种基金the MTC Individual Research Grant(M22K2c0079)the ANR-NRF Joint Grant(NRF2021-NRF-ANR003 HM Science)the Ministry of Education(MOE)under the Tier 2 Grant(MOE-T2EP50222-0002)。
文摘While autonomous vehicles are vital components of intelligent transportation systems,ensuring the trustworthiness of decision-making remains a substantial challenge in realizing autonomous driving.Therefore,we present a novel robust reinforcement learning approach with safety guarantees to attain trustworthy decision-making for autonomous vehicles.The proposed technique ensures decision trustworthiness in terms of policy robustness and collision safety.Specifically,an adversary model is learned online to simulate the worst-case uncertainty by approximating the optimal adversarial perturbations on the observed states and environmental dynamics.In addition,an adversarial robust actor-critic algorithm is developed to enable the agent to learn robust policies against perturbations in observations and dynamics.Moreover,we devise a safety mask to guarantee the collision safety of the autonomous driving agent during both the training and testing processes using an interpretable knowledge model known as the Responsibility-Sensitive Safety Model.Finally,the proposed approach is evaluated through both simulations and experiments.These results indicate that the autonomous driving agent can make trustworthy decisions and drastically reduce the number of collisions through robust safety policies.
文摘Nowadays, devices are connected across all areas, from intelligent buildings and smart cities to Industry 4.0 andsmart healthcare. With the exponential growth of Internet of Things usage in our world, IoT security is still thebiggest challenge for its deployment. The main goal of IoT security is to ensure the accessibility of services providedby an IoT environment, protect privacy, and confidentiality, and guarantee the safety of IoT users, infrastructures,data, and devices. Authentication, as the first line of defense against security threats, becomes the priority ofeveryone. It can either grant or deny users access to resources according to their legitimacy. As a result, studyingand researching authentication issues within IoT is extremely important. As a result, studying and researchingauthentication issues within IoT is extremely important. This article presents a comparative study of recent researchin IoT security;it provides an analysis of recent authentication protocols from2019 to 2023 that cover several areaswithin IoT (such as smart cities, healthcare, and industry). This survey sought to provide an IoT security researchsummary, the biggest susceptibilities, and attacks, the appropriate technologies, and the most used simulators. Itillustrates that the resistance of protocols against attacks, and their computational and communication cost arelinked directly to the cryptography technique used to build it. Furthermore, it discusses the gaps in recent schemesand provides some future research directions.
基金Science and Technology Innovation 2030 Program(2018AAA0101605).
文摘Industrial robots are becoming increasingly vulnerable to cyber incidents and attacks,particularly with the dawn of the Industrial Internet-of-Things(IIoT).To gain a comprehensive understanding of these cyber risks,vulnerabilities of industrial robots were analyzed empirically,using more than three million communication packets collected with testbeds of two ABB IRB120 robots and five other robots from various original equipment manufacturers(OEMs).This analysis,guided by the confidentiality-integrity-availability(CIA)triad,uncovers robot vulnerabilities in three dimensions:confidentiality,integrity,and availability.These vulnerabilities were used to design Covering Robot Manipulation via Data Deception(CORMAND2),an automated cyber-physical attack against industrial robots.CORMAND2 manipulates robot operation while deceiving the Supervisory Control and Data Acquisition(SCADA)system that the robot is operating normally by modifying the robot’s movement data and data deception.CORMAND2 and its capability of degrading the manufacturing was validated experimentally using the aforementioned seven robots from six different OEMs.CORMAND2 unveils the limitations of existing anomaly detection systems,more specifically the assumption of the authenticity of SCADA-received movement data,to which we propose mitigations for.
基金supported by the Foundation for Innovative Research Groups of the National Natural Science Foundation of China under Grant No.61521003the National Natural Science Foundation of China under Grant No.62072467 and 62002383.
文摘Serverless computing is a promising paradigm in cloud computing that greatly simplifies cloud programming.With serverless computing,developers only provide function code to serverless platform,and these functions are invoked by its driven events.Nonetheless,security threats in serverless computing such as vulnerability-based security threats have become the pain point hindering its wide adoption.The ideas in proactive defense such as redundancy,diversity and dynamic provide promising approaches to protect against cyberattacks.However,these security technologies are mostly applied to serverless platform based on“stacked”mode,as they are designed independent with serverless computing.The lack of security consideration in the initial design makes it especially challenging to achieve the all life cycle protection for serverless application with limited cost.In this paper,we present ATSSC,a proactive defense enabled attack tolerant serverless platform.ATSSC integrates the characteristic of redundancy,diversity and dynamic into serverless seamless to achieve high-level security and efficiency.Specifically,ATSSC constructs multiple diverse function replicas to process the driven events and performs cross-validation to verify the results.In order to create diverse function replicas,both software diversity and environment diversity are adopted.Furthermore,a dynamic function refresh strategy is proposed to keep the clean state of serverless functions.We implement ATSSC based on Kubernetes and Knative.Analysis and experimental results demonstrate that ATSSC can effectively protect serverless computing against cyberattacks with acceptable costs.
基金supported by Systematic Major Project of China State Railway Group Corporation Limited(Grant Number:P2023W002).
文摘The development of Intelligent Railway Transportation Systems necessitates incorporating privacy-preserving mechanisms into AI models to protect sensitive information and enhance system efficiency.Federated learning offers a promising solution by allowing multiple clients to train models collaboratively without sharing private data.However,despite its privacy benefits,federated learning systems are vulnerable to poisoning attacks,where adversaries alter local model parameters on compromised clients and send malicious updates to the server,potentially compromising the global model’s accuracy.In this study,we introduce PMM(Perturbation coefficient Multiplied by Maximum value),a new poisoning attack method that perturbs model updates layer by layer,demonstrating the threat of poisoning attacks faced by federated learning.Extensive experiments across three distinct datasets have demonstrated PMM’s ability to significantly reduce the global model’s accuracy.Additionally,we propose an effective defense method,namely CLBL(Cluster Layer By Layer).Experiment results on three datasets have confirmed CLBL’s effectiveness.