A space called Unmanned Aerial Vehicle(UAV)cyber is a new environment where UAV,Ground Control Station(GCS)and business processes are integrated.Denial of service(DoS)attack is a standard network attack method,especia...A space called Unmanned Aerial Vehicle(UAV)cyber is a new environment where UAV,Ground Control Station(GCS)and business processes are integrated.Denial of service(DoS)attack is a standard network attack method,especially suitable for attacking the UAV cyber.It is a robust security risk for UAV cyber and has recently become an active research area.Game theory is typically used to simulate the existing offensive and defensive mechanisms for DoS attacks in a traditional network.In addition,the honeypot,an effective security vulnerability defense mechanism,has not been widely adopted or modeled for defense against DoS attack UAV cyber.With this motivation,the current research paper presents a honeypot game theorymodel that considersGCS andDoS attacks,which is used to study the interaction between attack and defense to optimize defense strategies.The GCS and honeypot act as defenses against DoS attacks in this model,and both players select their appropriate methods and build their benefit function models.On this basis,a hierarchical honeypot and G2A network delay reward strategy are introduced so that the defender and the attacker can adjust their respective strategies dynamically.Finally,by adjusting the degree of camouflage of the honeypot for UAV network services,the overall revenue of the defender can be effectively improved.The proposed method proves the existence of a mixed strategy Nash equilibrium and compares it with the existing research on no delay rewards and no honeypot defense scheme.In addition,this method realizes that the UAV cyber still guarantees a network delay of about ten milliseconds in the presence of a DoS attack.The results demonstrate that our methodology is superior to that of previous studies.展开更多
LDoS (Low-rate Denial of Service) attack, exploiting the flaws in the congestion avoidance mechanism of TCP protocol,is periodic, stealthy, and with high efficiency. Since BGP uses TCP as a transport protocol, it is...LDoS (Low-rate Denial of Service) attack, exploiting the flaws in the congestion avoidance mechanism of TCP protocol,is periodic, stealthy, and with high efficiency. Since BGP uses TCP as a transport protocol, it is subject to LDoS attacks as well. LDoS attacks can cause table reset, route flapping of BGP protocol. A deliberately constructed distributed low-rate DOS attacks can even generate surge of updates throughout the Internet. In this paper, we investigate the promotion of attack efficiency of this novel attack, and then propose an attack model to simulate the LDoS attack. Experiments prove that this attack model can exponentially lower the attack costs and improve the attack effect.展开更多
VehicularAd hoc Network(VANET)has become an integral part of Intelligent Transportation Systems(ITS)in today’s life.VANET is a network that can be heavily scaled up with a number of vehicles and road side units that ...VehicularAd hoc Network(VANET)has become an integral part of Intelligent Transportation Systems(ITS)in today’s life.VANET is a network that can be heavily scaled up with a number of vehicles and road side units that keep fluctuating in real world.VANET is susceptible to security issues,particularly DoS attacks,owing to maximum unpredictability in location.So,effective identification and the classification of attacks have become the major requirements for secure data transmission in VANET.At the same time,congestion control is also one of the key research problems in VANET which aims at minimizing the time expended on roads and calculating travel time as well as waiting time at intersections,for a traveler.With this motivation,the current research paper presents an intelligent DoS attack detection with Congestion Control(IDoS-CC)technique for VANET.The presented IDoSCC technique involves two-stage processes namely,Teaching and Learning Based Optimization(TLBO)-based Congestion Control(TLBO-CC)and Gated Recurrent Unit(GRU)-based DoS detection(GRU-DoSD).The goal of IDoS-CC technique is to reduce the level of congestion and detect the attacks that exist in the network.TLBO algorithm is also involved in IDoS-CC technique for optimization of the routes taken by vehicles via traffic signals and to minimize the congestion on a particular route instantaneously so as to assure minimal fuel utilization.TLBO is applied to avoid congestion on roadways.Besides,GRU-DoSD model is employed as a classification model to effectively discriminate the compromised and genuine vehicles in the network.The outcomes from a series of simulation analyses highlight the supremacy of the proposed IDoS-CC technique as it reduced the congestion and successfully identified the DoS attacks in network.展开更多
The filter-based reactive packet filtering is a key technology in attack traffic filtering for defending against the Denial-of- Service (DOS) attacks. Two kinds of relevant schemes have been proposed as victim- end ...The filter-based reactive packet filtering is a key technology in attack traffic filtering for defending against the Denial-of- Service (DOS) attacks. Two kinds of relevant schemes have been proposed as victim- end filtering and source-end filtering. The first scheme prevents attack traffic from reaching the victim, but causes the huge loss of legitimate flows due to the scarce filters (termed as collateral damages); the other extreme scheme can obtain the sufficient filters, but severely degrades the network transmission performance due to the abused filtering routers. In this paper, we propose a router based packet filtering scheme, which provides relatively more filters while reducing the quantity of filtering touters. We implement this scheme on the emulated DoS scenarios based on the synthetic and real-world Internet topologies. Our evaluation results show that compared to the previous work, our scheme just uses 20% of its filtering routers, but only increasing less than 15 percent of its collateral damage.展开更多
Information Security is determined by three well know security parameters i.e. Confidentiality, Integrity and Availability. Availability is an important pillar when it comes to security of an information system. It is...Information Security is determined by three well know security parameters i.e. Confidentiality, Integrity and Availability. Availability is an important pillar when it comes to security of an information system. It is dependent upon the reliability, timeliness and accessibility of the Information System. This paper presents an analytical view of the fact that when Accessibility is degraded during the presence of an ongoing attack, the other factors reliability and timeliness can also get affected, therefore creating a degrading impact on the overall Availability of the system, which eventually leads to the Denial of Service Attack and therefore affecting the security of the System.展开更多
This paper investigates the event-triggered security consensus problem for nonlinear multi-agent systems(MASs)under denial-of-service(Do S)attacks over an undirected graph.A novel adaptive memory observer-based anti-d...This paper investigates the event-triggered security consensus problem for nonlinear multi-agent systems(MASs)under denial-of-service(Do S)attacks over an undirected graph.A novel adaptive memory observer-based anti-disturbance control scheme is presented to improve the observer accuracy by adding a buffer for the system output measurements.Meanwhile,this control scheme can also provide more reasonable control signals when Do S attacks occur.To save network resources,an adaptive memory event-triggered mechanism(AMETM)is also proposed and Zeno behavior is excluded.It is worth mentioning that the AMETM's updates do not require global information.Then,the observer and controller gains are obtained by using the linear matrix inequality(LMI)technique.Finally,simulation examples show the effectiveness of the proposed control scheme.展开更多
In this paper,denial of service(DoS)attack management for destroying the collaborative estimation in sensor networks and minimizing attack energy from the attacker perspective is studied.In the communication channels ...In this paper,denial of service(DoS)attack management for destroying the collaborative estimation in sensor networks and minimizing attack energy from the attacker perspective is studied.In the communication channels between sensors and a remote estimator,the attacker chooses some channels to randomly jam DoS attacks to make their packets randomly dropped.A stochastic power allocation approach composed of three steps is proposed.Firstly,the minimum number of channels and the channel set to be attacked are given.Secondly,a necessary condition and a sufficient condition on the packet loss probabilities of the channels in the attack set are provided for general and special systems,respectively.Finally,by converting the original coupling nonlinear programming problem to a linear programming problem,a method of searching attack probabilities and power to minimize the attack energy is proposed.The effectiveness of the proposed scheme is verified by simulation examples.展开更多
This paper designs a decentralized resilient H_(∞)load frequency control(LFC)scheme for multi-area cyber-physical power systems(CPPSs).Under the network-based control framework,the sampled measurements are transmitte...This paper designs a decentralized resilient H_(∞)load frequency control(LFC)scheme for multi-area cyber-physical power systems(CPPSs).Under the network-based control framework,the sampled measurements are transmitted through the communication networks,which may be attacked by energylimited denial-of-service(DoS)attacks with a characterization of the maximum count of continuous data losses(resilience index).Each area is controlled in a decentralized mode,and the impacts on one area from other areas via their interconnections are regarded as the additional load disturbance of this area.Then,the closed-loop LFC system of each area under DoS attacks is modeled as an aperiodic sampled-data control system with external disturbances.Under this modeling,a decentralized resilient H_(∞)scheme is presented to design the state-feedback controllers with guaranteed H∞performance and resilience index based on a novel transmission interval-dependent loop functional method.When given the controllers,the proposed scheme can obtain a less conservative H_(∞)performance and resilience index that the LFC system can tolerate.The effectiveness of the proposed LFC scheme is evaluated on a one-area CPPS and two three-area CPPSs under DoS attacks.展开更多
This paper characterizes the joint effects of plant uncertainty,Denial-of-Service(DoS)attacks,and fading channel on the stabilization problem of networked control systems(NCSs).It is assumed that the controller remote...This paper characterizes the joint effects of plant uncertainty,Denial-of-Service(DoS)attacks,and fading channel on the stabilization problem of networked control systems(NCSs).It is assumed that the controller remotely controls the plant and the control input is transmitted over a fading channel.Meanwhile,considering the sustained attack cycle and frequency of DoS attacks are random,the packet-loss caused by DoS attacks is modelled by a Markov process.The sampled-data NCS is transformed into a stochastic form with Markov jump and uncertain parameter.Then,based on Lyapunov functional method,linear matrix inequality(LMI)-based sufficient conditions are presented to ensure the stability of uncertain NCSs.The main contribution of this article lies in the construction of NCSs based on DoS attacks into Markov jump system(MJS)and the joint consideration of fading channel and plant uncertainty.展开更多
In this paper,the authors consider how to design defensive countermeasures against DoS attacks for remote state estimation of multiprocess systems.For each system,a sensor will measure its state and transmits the data...In this paper,the authors consider how to design defensive countermeasures against DoS attacks for remote state estimation of multiprocess systems.For each system,a sensor will measure its state and transmits the data packets through an unreliable channel which is vulnerable to be jammed by an attacker.Under limited communication bandwidth,only a subset of sensors are allowed for data transmission,and how to select the optimal one to maximize the accuracy of remote state estimation is the focus of the proposed work.The authors first formulate this problem as a Markov decision process and investigate the existence of optimal policy.Moreover,the authors demonstrate the piecewise monotonicity structure of optimal policy.Given the difficulty of obtaining an optimal policy of large-scale problems,the authors develop a suboptimal heuristic policy based on the aforementioned policy structure and Whittle’s index.Moreover,a closed form of the indices is derived in order to reduce implementation complexity of proposed scheduling policy and numerical examples are provided to illustrate the proposed developed results.展开更多
Cooperative adaptive cruise control(CACC)is an important technology for improving road utilization and energy efficiency in the automotive industry.In CACC systems,connected vehicles can receive information from adjac...Cooperative adaptive cruise control(CACC)is an important technology for improving road utilization and energy efficiency in the automotive industry.In CACC systems,connected vehicles can receive information from adjacent ones through com-munication networks.However,the networks are vulnerable to cyber-attacks,so the states of vehicles cannot be received promptly and accurately.This paper studies the security resilience control for a CACC system subject to denial of service(DoS)attack.The core of the proposed resilient control strategy is to estimate the delay caused by DoS attack and then compensate for it in the controller.Specifically,a CACC system is modeled by considering the impacts of DoS attack on the transmitted data.Then,a high-gain observer is presented to estimate the vehicle states including the time delay.The conver-gence of the observer is proved in a theorem based on the Lyapunov stability theory,and the high-gain-velocity observer is modified so that the estimation error of the velocity can converge to zero in a finite time.A resilient controller is designed by proposing a time delay compensation algorithm to mitigate the impacts of DoS attack.The effectiveness of the estimation and control methods is illustrated by a ten-vehicle simulation system operating at the FTP75 driving cycle conditions.And the relative estimation errors are less than 6%.展开更多
In this paper,we investigate the observer-based event-triggered consensus problem for linear multi-agent systems(MASs)under a directed graph and denial-of-service(DoS)attacks.A type of DoS attacks launched by maliciou...In this paper,we investigate the observer-based event-triggered consensus problem for linear multi-agent systems(MASs)under a directed graph and denial-of-service(DoS)attacks.A type of DoS attacks launched by malicious attackers at irregular intervals is considered,which can cause communication channel disruption.A novel event-triggered secure control scheme based on a closed-loop observer is proposed to determine the scheduling of the controller update,and a separation method with less conservativeness is employed to design the controller and observer gains.Then,the frequency and duration of DoS attacks that can be tolerated are analysed for the observer-based secure consensus problem.In addition,a strictly positive minimal event-triggered time interval for each agent is designed with the help of the proposed eventtriggered condition to eliminate the Zeno behaviour.Finally,a numerical simulation is given to verify the theoretical analysis.展开更多
Substation automation system uses IEC 61850 protocol for the data transmission between different equipment manufacturers. However, the IEC 61850 protocol lacks an authentication security mechanism, which will make the...Substation automation system uses IEC 61850 protocol for the data transmission between different equipment manufacturers. However, the IEC 61850 protocol lacks an authentication security mechanism, which will make the communication face four threats: eavesdropping, interception, forgery, and alteration. In order to verify the IEC 61850 protocol communication problems, we used the simulation software to build the main operating equipment in the IEC 61850 network environment of the communication system. We verified IEC 61850 transmission protocol security defects, under DoS attack and Reply attack. In order to enhance security agreement, an improved algorithm was proposed based on identity authentication (W-EAP, Whitelist Based ECC & AES Protocol). Experimental results showed that the method can enhance the ability to resist attacks.展开更多
In The Wireless Multimedia Sensor Network(WNSMs)have achieved popularity among diverse communities as a result of technological breakthroughs in sensor and current gadgets.By utilising portable technologies,it achieve...In The Wireless Multimedia Sensor Network(WNSMs)have achieved popularity among diverse communities as a result of technological breakthroughs in sensor and current gadgets.By utilising portable technologies,it achieves solid and significant results in wireless communication,media transfer,and digital transmission.Sensor nodes have been used in agriculture and industry to detect characteristics such as temperature,moisture content,and other environmental conditions in recent decades.WNSMs have also made apps easier to use by giving devices self-governing access to send and process data connected with appro-priate audio and video information.Many video sensor network studies focus on lowering power consumption and increasing transmission capacity,but the main demand is data reliability.Because of the obstacles in the sensor nodes,WMSN is subjected to a variety of attacks,including Denial of Service(DoS)attacks.Deep Convolutional Neural Network is designed with the stateaction relationship mapping which is used to identify the DDOS Attackers present in the Wireless Sensor Networks for Smart Agriculture.The Proposed work it performs the data collection about the traffic conditions and identifies the deviation between the network conditions such as packet loss due to network congestion and the presence of attackers in the network.It reduces the attacker detection delay and improves the detection accuracy.In order to protect the network against DoS assaults,an improved machine learning technique must be offered.An efficient Deep Neural Network approach is provided for detecting DoS in WMSN.The required parameters are selected using an adaptive particle swarm optimization technique.The ratio of packet transmission,energy consumption,latency,network length,and throughput will be used to evaluate the approach’s efficiency.展开更多
The economic dispatch problem of a smart grid under vicious denial of service(DoS)is the main focus of this paper.Taking the actual situation of power generation as a starting point,a new distributed optimization mode...The economic dispatch problem of a smart grid under vicious denial of service(DoS)is the main focus of this paper.Taking the actual situation of power generation as a starting point,a new distributed optimization model is established which takes the environmentai pollution penalty into account.For saving the limited bandwidth,a novel distributed event-triggered scheme is proposed to keep the resilience and economy of a class of cyber-power syst ems when the communication net work is subject to malicious DoS attack.Then an improved multi-agent consensus protocol based on the gradient descent idea is designed to solve the minimization problem,and the prerequisites to minimize the system power generation cost are analyzed from the aspects of optimality and stability.Finally,the theoretical results are verified through a single-area 10-generat or unit simulation.展开更多
This paper addresses the bipartite consensus over cooperation-competition networks affected by denial-of-service(DoS) attacks.Consider that a network consists of multiple interactive agents, and the relationship betwe...This paper addresses the bipartite consensus over cooperation-competition networks affected by denial-of-service(DoS) attacks.Consider that a network consists of multiple interactive agents, and the relationship between neighboring agents is cooperative or competitive. Meanwhile, information transmission among the agents is unavailable during the intervals of attacks. In order to save communication resources and exclude the Zeno behavior, an event-triggered scheme depending on the sampled-data information from neighboring agents is proposed, and efficient defense strategies in response to the attacks are put forward.Suppose that the frequency and duration of DoS attacks meet certain requirements, then according to the signed graph theory,the La Salle’s invariance principle, and the convergence of monotone sequences, the results of bipartite consensus via the eventtriggered protocol are provided, which are mainly related to the communication topology of the network, the sampling period,and the threshold parameters in the event-triggered scheme. It is shown that the bipartite consensus is realized even though the DoS attacks take place frequently. Furthermore, this paper discusses the bipartite consensus in the presence of DoS attacks with a random unsuccessful rate. Finally, numerical simulations illustrate the theoretical results.展开更多
Over time, the world has transformed digitally and there is total dependence on the internet. Many more gadgets are continuously interconnected in the internet ecosystem. This fact has made the Internet a global infor...Over time, the world has transformed digitally and there is total dependence on the internet. Many more gadgets are continuously interconnected in the internet ecosystem. This fact has made the Internet a global information source for every being. Despite all this, attacker knowledge by cybercriminals has advanced and resulted in different attack methodologies on the internet and its data stores. This paper will discuss the origin and significance of Denial of Service (DoS) and Distributed Denial of Service (DDoS). These kinds of attacks remain the most effective methods used by the bad guys to cause substantial damage in terms of operational, reputational, and financial damage to organizations globally. These kinds of attacks have hindered network performance and availability. The victim’s network is flooded with massive illegal traffic hence, denying genuine traffic from passing through for authorized users. The paper will explore detection mechanisms, and mitigation techniques for this network threat.展开更多
Connected automated vehicles(CAVs)serve as a promising enabler for future intelligent transportation systems because of their capabilities in improving traffic efficiency and driving safety,and reducing fuel consumpti...Connected automated vehicles(CAVs)serve as a promising enabler for future intelligent transportation systems because of their capabilities in improving traffic efficiency and driving safety,and reducing fuel consumption and vehicle emissions.A fundamental issue in CAVs is platooning control that empowers a convoy of CAVs to be cooperatively maneuvered with desired longitudinal spacings and identical velocities on roads.This paper addresses the issue of resilient and safe platooning control of CAVs subject to intermittent denial-of-service(DoS)attacks that disrupt vehicle-to-vehicle communications.First,a heterogeneous and uncertain vehicle longitudinal dynamic model is presented to accommodate a variety of uncertainties,including diverse vehicle masses and engine inertial delays,unknown and nonlinear resistance forces,and a dynamic platoon leader.Then,a resilient and safe distributed longitudinal platooning control law is constructed with an aim to preserve simultaneous individual vehicle stability,attack resilience,platoon safety and scalability.Furthermore,a numerically efficient offline design algorithm for determining the desired platoon control law is developed,under which the platoon resilience against DoS attacks can be maximized but the anticipated stability,safety and scalability requirements remain preserved.Finally,extensive numerical experiments are provided to substantiate the efficacy of the proposed platooning method.展开更多
Energy and security remain the main two challenges in Wireless Sensor Networks(WSNs).Therefore,protecting these WSN networks from Denial of Service(DoS)and Distributed DoS(DDoS)is one of the WSN networks security task...Energy and security remain the main two challenges in Wireless Sensor Networks(WSNs).Therefore,protecting these WSN networks from Denial of Service(DoS)and Distributed DoS(DDoS)is one of the WSN networks security tasks.Traditional packet deep scan systems that rely on open field inspection in transport layer security packets and the open field encryption trend are making machine learning-based systems the only viable choice for these types of attacks.This paper contributes to the evaluation of the use machine learning algorithms in WSN nodes traffic and their effect on WSN network life time.We examined the performance metrics of different machine learning classification categories such asK-Nearest Neighbour(KNN),Logistic Regression(LR),Support Vector Machine(SVM),Gboost,Decision Tree(DT),Na飗e Bayes,Long Short Term Memory(LSTM),and Multi-Layer Perceptron(MLP)on aWSN-dataset in different sizes.The test results proved that the statistical and logical classification categories performed the best on numeric statistical datasets,and the Gboost algorithm showed the best performance compared to different algorithms on average of all performance metrics.The performance metrics used in these validations were accuracy,F1-score,False Positive Ratio(FPR),False Negative Ratio(FNR),and the training execution time.Moreover,the test results showed the Gboost algorithm got 99.6%,98.8%,0.4%0.13%in accuracy,F1-score,FPR,and FNR,respectively.At training execution time,it obtained 1.41 s for the average of all training time execution datasets.In addition,this paper demonstrated that for the numeric statistical data type,the best results are in the size of the dataset ranging from3000 to 6000 records and the percentage between categories is not less than 50%for each category with the other categories.Furthermore,this paper investigated the effect of Gboost on the WSN lifetime,which resulted in a 32%reduction compared to other Gboost-free scenarios.展开更多
This paper investigates the sliding mode control(SMC) problem for a class of discrete-time nonlinear networked Markovian jump systems(MJSs) in the presence of probabilistic denial-of-service(Do S) attacks. The communi...This paper investigates the sliding mode control(SMC) problem for a class of discrete-time nonlinear networked Markovian jump systems(MJSs) in the presence of probabilistic denial-of-service(Do S) attacks. The communication network via which the data is propagated is unsafe and the malicious adversary can attack the system during state feedback. By considering random Denial-of-Service attacks, a new sliding mode variable is designed, which takes into account the distribution information of the probabilistic attacks. Then, by resorting to Lyapunov theory and stochastic analysis methods, sufficient conditions are established for the existence of the desired sliding mode controller, guaranteeing both reachability of the designed sliding surface and stability of the resulting sliding motion.Finally, a simulation example is given to demonstrate the effectiveness of the proposed sliding mode control algorithm.展开更多
基金Basic Scientific Research program of China JCKY2020203C025 funding is involved in this study.
文摘A space called Unmanned Aerial Vehicle(UAV)cyber is a new environment where UAV,Ground Control Station(GCS)and business processes are integrated.Denial of service(DoS)attack is a standard network attack method,especially suitable for attacking the UAV cyber.It is a robust security risk for UAV cyber and has recently become an active research area.Game theory is typically used to simulate the existing offensive and defensive mechanisms for DoS attacks in a traditional network.In addition,the honeypot,an effective security vulnerability defense mechanism,has not been widely adopted or modeled for defense against DoS attack UAV cyber.With this motivation,the current research paper presents a honeypot game theorymodel that considersGCS andDoS attacks,which is used to study the interaction between attack and defense to optimize defense strategies.The GCS and honeypot act as defenses against DoS attacks in this model,and both players select their appropriate methods and build their benefit function models.On this basis,a hierarchical honeypot and G2A network delay reward strategy are introduced so that the defender and the attacker can adjust their respective strategies dynamically.Finally,by adjusting the degree of camouflage of the honeypot for UAV network services,the overall revenue of the defender can be effectively improved.The proposed method proves the existence of a mixed strategy Nash equilibrium and compares it with the existing research on no delay rewards and no honeypot defense scheme.In addition,this method realizes that the UAV cyber still guarantees a network delay of about ten milliseconds in the presence of a DoS attack.The results demonstrate that our methodology is superior to that of previous studies.
文摘LDoS (Low-rate Denial of Service) attack, exploiting the flaws in the congestion avoidance mechanism of TCP protocol,is periodic, stealthy, and with high efficiency. Since BGP uses TCP as a transport protocol, it is subject to LDoS attacks as well. LDoS attacks can cause table reset, route flapping of BGP protocol. A deliberately constructed distributed low-rate DOS attacks can even generate surge of updates throughout the Internet. In this paper, we investigate the promotion of attack efficiency of this novel attack, and then propose an attack model to simulate the LDoS attack. Experiments prove that this attack model can exponentially lower the attack costs and improve the attack effect.
文摘VehicularAd hoc Network(VANET)has become an integral part of Intelligent Transportation Systems(ITS)in today’s life.VANET is a network that can be heavily scaled up with a number of vehicles and road side units that keep fluctuating in real world.VANET is susceptible to security issues,particularly DoS attacks,owing to maximum unpredictability in location.So,effective identification and the classification of attacks have become the major requirements for secure data transmission in VANET.At the same time,congestion control is also one of the key research problems in VANET which aims at minimizing the time expended on roads and calculating travel time as well as waiting time at intersections,for a traveler.With this motivation,the current research paper presents an intelligent DoS attack detection with Congestion Control(IDoS-CC)technique for VANET.The presented IDoSCC technique involves two-stage processes namely,Teaching and Learning Based Optimization(TLBO)-based Congestion Control(TLBO-CC)and Gated Recurrent Unit(GRU)-based DoS detection(GRU-DoSD).The goal of IDoS-CC technique is to reduce the level of congestion and detect the attacks that exist in the network.TLBO algorithm is also involved in IDoS-CC technique for optimization of the routes taken by vehicles via traffic signals and to minimize the congestion on a particular route instantaneously so as to assure minimal fuel utilization.TLBO is applied to avoid congestion on roadways.Besides,GRU-DoSD model is employed as a classification model to effectively discriminate the compromised and genuine vehicles in the network.The outcomes from a series of simulation analyses highlight the supremacy of the proposed IDoS-CC technique as it reduced the congestion and successfully identified the DoS attacks in network.
基金supported in part by the funding agencies of china:the Doctoral Fund of Northeastern University of Qinhuangdao(Grant No.XNB201410)the Fundamental Research Funds for the Central Universities(Grant No.N130323005)
文摘The filter-based reactive packet filtering is a key technology in attack traffic filtering for defending against the Denial-of- Service (DOS) attacks. Two kinds of relevant schemes have been proposed as victim- end filtering and source-end filtering. The first scheme prevents attack traffic from reaching the victim, but causes the huge loss of legitimate flows due to the scarce filters (termed as collateral damages); the other extreme scheme can obtain the sufficient filters, but severely degrades the network transmission performance due to the abused filtering routers. In this paper, we propose a router based packet filtering scheme, which provides relatively more filters while reducing the quantity of filtering touters. We implement this scheme on the emulated DoS scenarios based on the synthetic and real-world Internet topologies. Our evaluation results show that compared to the previous work, our scheme just uses 20% of its filtering routers, but only increasing less than 15 percent of its collateral damage.
文摘Information Security is determined by three well know security parameters i.e. Confidentiality, Integrity and Availability. Availability is an important pillar when it comes to security of an information system. It is dependent upon the reliability, timeliness and accessibility of the Information System. This paper presents an analytical view of the fact that when Accessibility is degraded during the presence of an ongoing attack, the other factors reliability and timeliness can also get affected, therefore creating a degrading impact on the overall Availability of the system, which eventually leads to the Denial of Service Attack and therefore affecting the security of the System.
基金supported by the National Natural Science Foundation of China(61773056)the Scientific and Technological Innovation Foundation of Shunde Graduate School,University of Science and Technology Beijing(USTB)(BK19AE018)+2 种基金the Fundamental Research Funds for the Central Universities of USTB(FRF-TP-20-09B,230201606500061,FRF-DF-20-35,FRF-BD-19-002A)supported by Zhejiang Natural Science Foundation(LD21F030001)supported by the National Research Foundation of Korea(NRF)grant funded by the Korea government(Ministry of Science and Information and Communications Technology)(NRF-2020R1A2C1005449)。
文摘This paper investigates the event-triggered security consensus problem for nonlinear multi-agent systems(MASs)under denial-of-service(Do S)attacks over an undirected graph.A novel adaptive memory observer-based anti-disturbance control scheme is presented to improve the observer accuracy by adding a buffer for the system output measurements.Meanwhile,this control scheme can also provide more reasonable control signals when Do S attacks occur.To save network resources,an adaptive memory event-triggered mechanism(AMETM)is also proposed and Zeno behavior is excluded.It is worth mentioning that the AMETM's updates do not require global information.Then,the observer and controller gains are obtained by using the linear matrix inequality(LMI)technique.Finally,simulation examples show the effectiveness of the proposed control scheme.
基金supported by the National Natural ScienceFoundation(NNSF)of China(61973082)Six Talent Peaks Project inJiangsu Province(XYDXX-005)。
文摘In this paper,denial of service(DoS)attack management for destroying the collaborative estimation in sensor networks and minimizing attack energy from the attacker perspective is studied.In the communication channels between sensors and a remote estimator,the attacker chooses some channels to randomly jam DoS attacks to make their packets randomly dropped.A stochastic power allocation approach composed of three steps is proposed.Firstly,the minimum number of channels and the channel set to be attacked are given.Secondly,a necessary condition and a sufficient condition on the packet loss probabilities of the channels in the attack set are provided for general and special systems,respectively.Finally,by converting the original coupling nonlinear programming problem to a linear programming problem,a method of searching attack probabilities and power to minimize the attack energy is proposed.The effectiveness of the proposed scheme is verified by simulation examples.
基金supported by the National Natural Science Foundation(NNSF)of China(62003037,61873303)。
文摘This paper designs a decentralized resilient H_(∞)load frequency control(LFC)scheme for multi-area cyber-physical power systems(CPPSs).Under the network-based control framework,the sampled measurements are transmitted through the communication networks,which may be attacked by energylimited denial-of-service(DoS)attacks with a characterization of the maximum count of continuous data losses(resilience index).Each area is controlled in a decentralized mode,and the impacts on one area from other areas via their interconnections are regarded as the additional load disturbance of this area.Then,the closed-loop LFC system of each area under DoS attacks is modeled as an aperiodic sampled-data control system with external disturbances.Under this modeling,a decentralized resilient H_(∞)scheme is presented to design the state-feedback controllers with guaranteed H∞performance and resilience index based on a novel transmission interval-dependent loop functional method.When given the controllers,the proposed scheme can obtain a less conservative H_(∞)performance and resilience index that the LFC system can tolerate.The effectiveness of the proposed LFC scheme is evaluated on a one-area CPPS and two three-area CPPSs under DoS attacks.
基金supported in part by the National Natural Science Foundation of China(Nos.62173206,62103229)the China Postdoctoral Science Foundation(Nos.2021M691849,2021M692024)+1 种基金the Natural Science Foundation of Shandong Province(Nos.ZR2021ZD13,ZR2021QF026)the National Key R&D Program of China(No.2021YFE0193900)。
文摘This paper characterizes the joint effects of plant uncertainty,Denial-of-Service(DoS)attacks,and fading channel on the stabilization problem of networked control systems(NCSs).It is assumed that the controller remotely controls the plant and the control input is transmitted over a fading channel.Meanwhile,considering the sustained attack cycle and frequency of DoS attacks are random,the packet-loss caused by DoS attacks is modelled by a Markov process.The sampled-data NCS is transformed into a stochastic form with Markov jump and uncertain parameter.Then,based on Lyapunov functional method,linear matrix inequality(LMI)-based sufficient conditions are presented to ensure the stability of uncertain NCSs.The main contribution of this article lies in the construction of NCSs based on DoS attacks into Markov jump system(MJS)and the joint consideration of fading channel and plant uncertainty.
基金supported by the National Natural Science Foundation of China under Grant No.20231120102304001,STIC under Grant Nos.62303212 and ZDSYS20220330161800001.
文摘In this paper,the authors consider how to design defensive countermeasures against DoS attacks for remote state estimation of multiprocess systems.For each system,a sensor will measure its state and transmits the data packets through an unreliable channel which is vulnerable to be jammed by an attacker.Under limited communication bandwidth,only a subset of sensors are allowed for data transmission,and how to select the optimal one to maximize the accuracy of remote state estimation is the focus of the proposed work.The authors first formulate this problem as a Markov decision process and investigate the existence of optimal policy.Moreover,the authors demonstrate the piecewise monotonicity structure of optimal policy.Given the difficulty of obtaining an optimal policy of large-scale problems,the authors develop a suboptimal heuristic policy based on the aforementioned policy structure and Whittle’s index.Moreover,a closed form of the indices is derived in order to reduce implementation complexity of proposed scheduling policy and numerical examples are provided to illustrate the proposed developed results.
基金supported by the Key Program of National Natural Science Foundation of China(61333008).
文摘Cooperative adaptive cruise control(CACC)is an important technology for improving road utilization and energy efficiency in the automotive industry.In CACC systems,connected vehicles can receive information from adjacent ones through com-munication networks.However,the networks are vulnerable to cyber-attacks,so the states of vehicles cannot be received promptly and accurately.This paper studies the security resilience control for a CACC system subject to denial of service(DoS)attack.The core of the proposed resilient control strategy is to estimate the delay caused by DoS attack and then compensate for it in the controller.Specifically,a CACC system is modeled by considering the impacts of DoS attack on the transmitted data.Then,a high-gain observer is presented to estimate the vehicle states including the time delay.The conver-gence of the observer is proved in a theorem based on the Lyapunov stability theory,and the high-gain-velocity observer is modified so that the estimation error of the velocity can converge to zero in a finite time.A resilient controller is designed by proposing a time delay compensation algorithm to mitigate the impacts of DoS attack.The effectiveness of the estimation and control methods is illustrated by a ten-vehicle simulation system operating at the FTP75 driving cycle conditions.And the relative estimation errors are less than 6%.
基金the National Natural Science Foundation of China[61873338]Natural Science Foundation of Shandong Province[ZR2020KF034]Taishan Scholars[tsqn201812052].
文摘In this paper,we investigate the observer-based event-triggered consensus problem for linear multi-agent systems(MASs)under a directed graph and denial-of-service(DoS)attacks.A type of DoS attacks launched by malicious attackers at irregular intervals is considered,which can cause communication channel disruption.A novel event-triggered secure control scheme based on a closed-loop observer is proposed to determine the scheduling of the controller update,and a separation method with less conservativeness is employed to design the controller and observer gains.Then,the frequency and duration of DoS attacks that can be tolerated are analysed for the observer-based secure consensus problem.In addition,a strictly positive minimal event-triggered time interval for each agent is designed with the help of the proposed eventtriggered condition to eliminate the Zeno behaviour.Finally,a numerical simulation is given to verify the theoretical analysis.
文摘Substation automation system uses IEC 61850 protocol for the data transmission between different equipment manufacturers. However, the IEC 61850 protocol lacks an authentication security mechanism, which will make the communication face four threats: eavesdropping, interception, forgery, and alteration. In order to verify the IEC 61850 protocol communication problems, we used the simulation software to build the main operating equipment in the IEC 61850 network environment of the communication system. We verified IEC 61850 transmission protocol security defects, under DoS attack and Reply attack. In order to enhance security agreement, an improved algorithm was proposed based on identity authentication (W-EAP, Whitelist Based ECC & AES Protocol). Experimental results showed that the method can enhance the ability to resist attacks.
文摘In The Wireless Multimedia Sensor Network(WNSMs)have achieved popularity among diverse communities as a result of technological breakthroughs in sensor and current gadgets.By utilising portable technologies,it achieves solid and significant results in wireless communication,media transfer,and digital transmission.Sensor nodes have been used in agriculture and industry to detect characteristics such as temperature,moisture content,and other environmental conditions in recent decades.WNSMs have also made apps easier to use by giving devices self-governing access to send and process data connected with appro-priate audio and video information.Many video sensor network studies focus on lowering power consumption and increasing transmission capacity,but the main demand is data reliability.Because of the obstacles in the sensor nodes,WMSN is subjected to a variety of attacks,including Denial of Service(DoS)attacks.Deep Convolutional Neural Network is designed with the stateaction relationship mapping which is used to identify the DDOS Attackers present in the Wireless Sensor Networks for Smart Agriculture.The Proposed work it performs the data collection about the traffic conditions and identifies the deviation between the network conditions such as packet loss due to network congestion and the presence of attackers in the network.It reduces the attacker detection delay and improves the detection accuracy.In order to protect the network against DoS assaults,an improved machine learning technique must be offered.An efficient Deep Neural Network approach is provided for detecting DoS in WMSN.The required parameters are selected using an adaptive particle swarm optimization technique.The ratio of packet transmission,energy consumption,latency,network length,and throughput will be used to evaluate the approach’s efficiency.
基金Project supported by the National Natural Science Foundation of China(No.62073269)the China Postdoctoral Science Foundation(No.2018M643661)the Natural Science Basic Research Plan in Shaanxi Province of China(No.2018JQ60330)。
文摘The economic dispatch problem of a smart grid under vicious denial of service(DoS)is the main focus of this paper.Taking the actual situation of power generation as a starting point,a new distributed optimization model is established which takes the environmentai pollution penalty into account.For saving the limited bandwidth,a novel distributed event-triggered scheme is proposed to keep the resilience and economy of a class of cyber-power syst ems when the communication net work is subject to malicious DoS attack.Then an improved multi-agent consensus protocol based on the gradient descent idea is designed to solve the minimization problem,and the prerequisites to minimize the system power generation cost are analyzed from the aspects of optimality and stability.Finally,the theoretical results are verified through a single-area 10-generat or unit simulation.
基金supported by the National Natural Science Foundation of China (Grant Nos. 61833005,and 11972156)the Natural Science Foundation of Jiangsu Province (Grant No. BK20181342)the work of J.H.Park was supported by the National Research Foundation of Korea (NRF)and the Korea Government (MSIT)(Grant No. 2020R1A2B5B02002002)。
文摘This paper addresses the bipartite consensus over cooperation-competition networks affected by denial-of-service(DoS) attacks.Consider that a network consists of multiple interactive agents, and the relationship between neighboring agents is cooperative or competitive. Meanwhile, information transmission among the agents is unavailable during the intervals of attacks. In order to save communication resources and exclude the Zeno behavior, an event-triggered scheme depending on the sampled-data information from neighboring agents is proposed, and efficient defense strategies in response to the attacks are put forward.Suppose that the frequency and duration of DoS attacks meet certain requirements, then according to the signed graph theory,the La Salle’s invariance principle, and the convergence of monotone sequences, the results of bipartite consensus via the eventtriggered protocol are provided, which are mainly related to the communication topology of the network, the sampling period,and the threshold parameters in the event-triggered scheme. It is shown that the bipartite consensus is realized even though the DoS attacks take place frequently. Furthermore, this paper discusses the bipartite consensus in the presence of DoS attacks with a random unsuccessful rate. Finally, numerical simulations illustrate the theoretical results.
文摘Over time, the world has transformed digitally and there is total dependence on the internet. Many more gadgets are continuously interconnected in the internet ecosystem. This fact has made the Internet a global information source for every being. Despite all this, attacker knowledge by cybercriminals has advanced and resulted in different attack methodologies on the internet and its data stores. This paper will discuss the origin and significance of Denial of Service (DoS) and Distributed Denial of Service (DDoS). These kinds of attacks remain the most effective methods used by the bad guys to cause substantial damage in terms of operational, reputational, and financial damage to organizations globally. These kinds of attacks have hindered network performance and availability. The victim’s network is flooded with massive illegal traffic hence, denying genuine traffic from passing through for authorized users. The paper will explore detection mechanisms, and mitigation techniques for this network threat.
基金supported in part by Australian Research Council Discovery Early Career Researcher Award(DE210100273)。
文摘Connected automated vehicles(CAVs)serve as a promising enabler for future intelligent transportation systems because of their capabilities in improving traffic efficiency and driving safety,and reducing fuel consumption and vehicle emissions.A fundamental issue in CAVs is platooning control that empowers a convoy of CAVs to be cooperatively maneuvered with desired longitudinal spacings and identical velocities on roads.This paper addresses the issue of resilient and safe platooning control of CAVs subject to intermittent denial-of-service(DoS)attacks that disrupt vehicle-to-vehicle communications.First,a heterogeneous and uncertain vehicle longitudinal dynamic model is presented to accommodate a variety of uncertainties,including diverse vehicle masses and engine inertial delays,unknown and nonlinear resistance forces,and a dynamic platoon leader.Then,a resilient and safe distributed longitudinal platooning control law is constructed with an aim to preserve simultaneous individual vehicle stability,attack resilience,platoon safety and scalability.Furthermore,a numerically efficient offline design algorithm for determining the desired platoon control law is developed,under which the platoon resilience against DoS attacks can be maximized but the anticipated stability,safety and scalability requirements remain preserved.Finally,extensive numerical experiments are provided to substantiate the efficacy of the proposed platooning method.
文摘Energy and security remain the main two challenges in Wireless Sensor Networks(WSNs).Therefore,protecting these WSN networks from Denial of Service(DoS)and Distributed DoS(DDoS)is one of the WSN networks security tasks.Traditional packet deep scan systems that rely on open field inspection in transport layer security packets and the open field encryption trend are making machine learning-based systems the only viable choice for these types of attacks.This paper contributes to the evaluation of the use machine learning algorithms in WSN nodes traffic and their effect on WSN network life time.We examined the performance metrics of different machine learning classification categories such asK-Nearest Neighbour(KNN),Logistic Regression(LR),Support Vector Machine(SVM),Gboost,Decision Tree(DT),Na飗e Bayes,Long Short Term Memory(LSTM),and Multi-Layer Perceptron(MLP)on aWSN-dataset in different sizes.The test results proved that the statistical and logical classification categories performed the best on numeric statistical datasets,and the Gboost algorithm showed the best performance compared to different algorithms on average of all performance metrics.The performance metrics used in these validations were accuracy,F1-score,False Positive Ratio(FPR),False Negative Ratio(FNR),and the training execution time.Moreover,the test results showed the Gboost algorithm got 99.6%,98.8%,0.4%0.13%in accuracy,F1-score,FPR,and FNR,respectively.At training execution time,it obtained 1.41 s for the average of all training time execution datasets.In addition,this paper demonstrated that for the numeric statistical data type,the best results are in the size of the dataset ranging from3000 to 6000 records and the percentage between categories is not less than 50%for each category with the other categories.Furthermore,this paper investigated the effect of Gboost on the WSN lifetime,which resulted in a 32%reduction compared to other Gboost-free scenarios.
基金supported in part by the National Natural Science Foundation of China(61773209)the Six Talent Peaks Project in Jiangsu Province(XYDXX-033)+1 种基金the Postdoctoral Science Foundation of China(2014M551598)the Natural Science Foundation of Jiangsu Province(BK20190021)。
文摘This paper investigates the sliding mode control(SMC) problem for a class of discrete-time nonlinear networked Markovian jump systems(MJSs) in the presence of probabilistic denial-of-service(Do S) attacks. The communication network via which the data is propagated is unsafe and the malicious adversary can attack the system during state feedback. By considering random Denial-of-Service attacks, a new sliding mode variable is designed, which takes into account the distribution information of the probabilistic attacks. Then, by resorting to Lyapunov theory and stochastic analysis methods, sufficient conditions are established for the existence of the desired sliding mode controller, guaranteeing both reachability of the designed sliding surface and stability of the resulting sliding motion.Finally, a simulation example is given to demonstrate the effectiveness of the proposed sliding mode control algorithm.