A New Method for Sensing Cognitive Radio Network under Malicious Attacker

Cognitive radio has been designed for solving the problem of spectrum scarcity by using the spectrum of primary users who don’t use their spectrum on that time. For sensing the spectrum, collaborative spectrum sensing has been utilized because of robustness. In this paper, a new collaborative spectrum method is proposed based on Least Mean Square (LMS) algorithm. In this scheme, the weights of secondary users were updated in time and finally the sensing results were combined in the fusion center based on their trusted weights. Simulation results show that the proposed scheme can significantly reduce the effects of Spectrum Sensing Data Falsification (SSDF) attackers, when they are smart malicious, and even percentage of malicious users are more than trusted users.

Jointly beam stealing attackers detection and localization without training:an image processing viewpoint

Recently revealed beam stealing attacks could greatly threaten the security and privacy of IEEE 802.11ad communications.The premise to restore normal network service is detecting and locating beam stealing attackers without their cooperation.Current consistency-based methods are only valid for one single attacker and are parametersensitive.From the viewpoint of image processing,this paper proposes an algorithm to jointly detect and locate multiple beam stealing attackers based on RSSI(Received Signal Strength Indicator)map without the training process involved in deep learning-based solutions.Firstly,an RSSI map is constructed based on interpolating the raw RSSI data for enabling high-resolution localization while reducing monitoring cost.Secondly,three image processing steps,including edge detection and segmentation,are conducted on the constructed RSSI map to detect and locate multiple attackers without any prior knowledge about the attackers.To evaluate our proposal’s performance,a series of experiments are conducted based on the collected data.Experimental results have shown that in typical parameter settings,our algorithm’s positioning error does not exceed 0.41 m with a detection rate no less than 91%.

Countermeasure against blinding attack for single-photon detectors in quantum key distribution

Quantum key distribution(QKD),rooted in quantum mechanics,offers information-theoretic security.However,practi-cal systems open security threats due to imperfections,notably bright-light blinding attacks targeting single-photon detectors.Here,we propose a concise,robust defense strategy for protecting single-photon detectors in QKD systems against blinding attacks.Our strategy uses a dual approach:detecting the bias current of the avalanche photodiode(APD)to defend against con-tinuous-wave blinding attacks,and monitoring the avalanche amplitude to protect against pulsed blinding attacks.By integrat-ing these two branches,the proposed solution effectively identifies and mitigates a wide range of bright light injection attempts,significantly enhancing the resilience of QKD systems against various bright-light blinding attacks.This method forti-fies the safeguards of quantum communications and offers a crucial contribution to the field of quantum information security.

An Innovative Approach Using TKN-Cryptology for Identifying the Replay Assault

Various organizations store data online rather than on physical servers.As the number of user’s data stored in cloud servers increases,the attack rate to access data from cloud servers also increases.Different researchers worked on different algorithms to protect cloud data from replay attacks.None of the papers used a technique that simultaneously detects a full-message and partial-message replay attack.This study presents the development of a TKN(Text,Key and Name)cryptographic algorithm aimed at protecting data from replay attacks.The program employs distinct ways to encrypt plain text[P],a user-defined Key[K],and a Secret Code[N].The novelty of the TKN cryptographic algorithm is that the bit value of each text is linked to another value with the help of the proposed algorithm,and the length of the cipher text obtained is twice the length of the original text.In the scenario that an attacker executes a replay attack on the cloud server,engages in cryptanalysis,or manipulates any data,it will result in automated modification of all associated values inside the backend.This mechanism has the benefit of enhancing the detectability of replay attacks.Nevertheless,the attacker cannot access data not included in any of the papers,regardless of how effective the attack strategy is.At the end of paper,the proposed algorithm’s novelty will be compared with different algorithms,and it will be discussed how far the proposed algorithm is better than all other algorithms.

Evaluating the Efficacy of Latent Variables in Mitigating Data Poisoning Attacks in the Context of Bayesian Networks:An Empirical Study

Bayesian networks are a powerful class of graphical decision models used to represent causal relationships among variables.However,the reliability and integrity of learned Bayesian network models are highly dependent on the quality of incoming data streams.One of the primary challenges with Bayesian networks is their vulnerability to adversarial data poisoning attacks,wherein malicious data is injected into the training dataset to negatively influence the Bayesian network models and impair their performance.In this research paper,we propose an efficient framework for detecting data poisoning attacks against Bayesian network structure learning algorithms.Our framework utilizes latent variables to quantify the amount of belief between every two nodes in each causal model over time.We use our innovative methodology to tackle an important issue with data poisoning assaults in the context of Bayesian networks.With regard to four different forms of data poisoning attacks,we specifically aim to strengthen the security and dependability of Bayesian network structure learning techniques,such as the PC algorithm.By doing this,we explore the complexity of this area and offer workablemethods for identifying and reducing these sneaky dangers.Additionally,our research investigates one particular use case,the“Visit to Asia Network.”The practical consequences of using uncertainty as a way to spot cases of data poisoning are explored in this inquiry,which is of utmost relevance.Our results demonstrate the promising efficacy of latent variables in detecting and mitigating the threat of data poisoning attacks.Additionally,our proposed latent-based framework proves to be sensitive in detecting malicious data poisoning attacks in the context of stream data.

Novel cyber-physical collaborative detection and localization method against dynamic load altering attacks in smart energy grids

Owing to the integration of energy digitization and artificial intelligence technology,smart energy grids can realize the stable,efficient and clean operation of power systems.However,the emergence of cyber-physical attacks,such as dynamic load-altering attacks(DLAAs)has introduced great challenges to the security of smart energy grids.Thus,this study developed a novel cyber-physical collaborative security framework for DLAAs in smart energy grids.The proposed framework integrates attack prediction in the cyber layer with the detection and localization of attacks in the physical layer.First,a data-driven method was proposed to predict the DLAA sequence in the cyber layer.By designing a double radial basis function network,the influence of disturbances on attack prediction can be eliminated.Based on the prediction results,an unknown input observer-based detection and localization method was further developed for the physical layer.In addition,an adaptive threshold was designed to replace the traditional precomputed threshold and improve the detection performance of the DLAAs.Consequently,through the collaborative work of the cyber-physics layer,injected DLAAs were effectively detected and located.Compared with existing methodologies,the simulation results on IEEE 14-bus and 118-bus power systems verified the superiority of the proposed cyber-physical collaborative detection and localization against DLAAs.

Toward Trustworthy Decision-Making for Autonomous Vehicles:A Robust Reinforcement Learning Approach with Safety Guarantees

While autonomous vehicles are vital components of intelligent transportation systems,ensuring the trustworthiness of decision-making remains a substantial challenge in realizing autonomous driving.Therefore,we present a novel robust reinforcement learning approach with safety guarantees to attain trustworthy decision-making for autonomous vehicles.The proposed technique ensures decision trustworthiness in terms of policy robustness and collision safety.Specifically,an adversary model is learned online to simulate the worst-case uncertainty by approximating the optimal adversarial perturbations on the observed states and environmental dynamics.In addition,an adversarial robust actor-critic algorithm is developed to enable the agent to learn robust policies against perturbations in observations and dynamics.Moreover,we devise a safety mask to guarantee the collision safety of the autonomous driving agent during both the training and testing processes using an interpretable knowledge model known as the Responsibility-Sensitive Safety Model.Finally,the proposed approach is evaluated through both simulations and experiments.These results indicate that the autonomous driving agent can make trustworthy decisions and drastically reduce the number of collisions through robust safety policies.

Internet of Things Authentication Protocols: Comparative Study

Nowadays, devices are connected across all areas, from intelligent buildings and smart cities to Industry 4.0 andsmart healthcare. With the exponential growth of Internet of Things usage in our world, IoT security is still thebiggest challenge for its deployment. The main goal of IoT security is to ensure the accessibility of services providedby an IoT environment, protect privacy, and confidentiality, and guarantee the safety of IoT users, infrastructures,data, and devices. Authentication, as the first line of defense against security threats, becomes the priority ofeveryone. It can either grant or deny users access to resources according to their legitimacy. As a result, studyingand researching authentication issues within IoT is extremely important. As a result, studying and researchingauthentication issues within IoT is extremely important. This article presents a comparative study of recent researchin IoT security;it provides an analysis of recent authentication protocols from2019 to 2023 that cover several areaswithin IoT (such as smart cities, healthcare, and industry). This survey sought to provide an IoT security researchsummary, the biggest susceptibilities, and attacks, the appropriate technologies, and the most used simulators. Itillustrates that the resistance of protocols against attacks, and their computational and communication cost arelinked directly to the cryptography technique used to build it. Furthermore, it discusses the gaps in recent schemesand provides some future research directions.

CORMAND2--针对工业机器人的欺骗攻击

Industrial robots are becoming increasingly vulnerable to cyber incidents and attacks,particularly with the dawn of the Industrial Internet-of-Things(IIoT).To gain a comprehensive understanding of these cyber risks,vulnerabilities of industrial robots were analyzed empirically,using more than three million communication packets collected with testbeds of two ABB IRB120 robots and five other robots from various original equipment manufacturers(OEMs).This analysis,guided by the confidentiality-integrity-availability(CIA)triad,uncovers robot vulnerabilities in three dimensions:confidentiality,integrity,and availability.These vulnerabilities were used to design Covering Robot Manipulation via Data Deception(CORMAND2),an automated cyber-physical attack against industrial robots.CORMAND2 manipulates robot operation while deceiving the Supervisory Control and Data Acquisition(SCADA)system that the robot is operating normally by modifying the robot’s movement data and data deception.CORMAND2 and its capability of degrading the manufacturing was validated experimentally using the aforementioned seven robots from six different OEMs.CORMAND2 unveils the limitations of existing anomaly detection systems,more specifically the assumption of the authenticity of SCADA-received movement data,to which we propose mitigations for.

ATSSC:An Attack Tolerant System in Serverless Computing

Serverless computing is a promising paradigm in cloud computing that greatly simplifies cloud programming.With serverless computing,developers only provide function code to serverless platform,and these functions are invoked by its driven events.Nonetheless,security threats in serverless computing such as vulnerability-based security threats have become the pain point hindering its wide adoption.The ideas in proactive defense such as redundancy,diversity and dynamic provide promising approaches to protect against cyberattacks.However,these security technologies are mostly applied to serverless platform based on“stacked”mode,as they are designed independent with serverless computing.The lack of security consideration in the initial design makes it especially challenging to achieve the all life cycle protection for serverless application with limited cost.In this paper,we present ATSSC,a proactive defense enabled attack tolerant serverless platform.ATSSC integrates the characteristic of redundancy,diversity and dynamic into serverless seamless to achieve high-level security and efficiency.Specifically,ATSSC constructs multiple diverse function replicas to process the driven events and performs cross-validation to verify the results.In order to create diverse function replicas,both software diversity and environment diversity are adopted.Furthermore,a dynamic function refresh strategy is proposed to keep the clean state of serverless functions.We implement ATSSC based on Kubernetes and Knative.Analysis and experimental results demonstrate that ATSSC can effectively protect serverless computing against cyberattacks with acceptable costs.

Distributed Platooning Control of Automated Vehicles Subject to Replay Attacks Based on Proportional Integral

Secure platooning control plays an important role in enhancing the cooperative driving safety of automated vehicles subject to various security vulnerabilities.This paper focuses on the distributed secure control issue of automated vehicles affected by replay attacks.A proportional-integral-observer(PIO)with predetermined forgetting parameters is first constructed to acquire the dynamical information of vehicles.Then,a time-varying parameter and two positive scalars are employed to describe the temporal behavior of replay attacks.In light of such a scheme and the common properties of Laplace matrices,the closed-loop system with PIO-based controllers is transformed into a switched and time-delayed one.Furthermore,some sufficient conditions are derived to achieve the desired platooning performance by the view of the Lyapunov stability theory.The controller gains are analytically determined by resorting to the solution of certain matrix inequalities only dependent on maximum and minimum eigenvalues of communication topologies.Finally,a simulation example is provided to illustrate the effectiveness of the proposed control strategy.

Mitigating Blackhole and Greyhole Routing Attacks in Vehicular Ad Hoc Networks Using Blockchain Based Smart Contracts

The rapid increase in vehicle traffic volume in modern societies has raised the need to develop innovative solutions to reduce traffic congestion and enhance traffic management efficiency.Revolutionary advanced technology,such as Intelligent Transportation Systems(ITS),enables improved traffic management,helps eliminate congestion,and supports a safer environment.ITS provides real-time information on vehicle traffic and transportation systems that can improve decision-making for road users.However,ITS suffers from routing issues at the network layer when utilising Vehicular Ad Hoc Networks(VANETs).This is because each vehicle plays the role of a router in this network,which leads to a complex vehicle communication network,causing issues such as repeated link breakages between vehicles resulting from the mobility of the network and rapid topological variation.This may lead to loss or delay in packet transmissions;this weakness can be exploited in routing attacks,such as black-hole and gray-hole attacks,that threaten the availability of ITS services.In this paper,a Blockchain-based smart contracts model is proposed to offer convenient and comprehensive security mechanisms,enhancing the trustworthiness between vehicles.Self-Classification Blockchain-Based Contracts(SCBC)and Voting-Classification Blockchain-Based Contracts(VCBC)are utilised in the proposed protocol.The results show that VCBC succeeds in attaining better results in PDR and TP performance even in the presence of Blackhole and Grayhole attacks.

An Empirical Study on the Effectiveness of Adversarial Examples in Malware Detection

Antivirus vendors and the research community employ Machine Learning(ML)or Deep Learning(DL)-based static analysis techniques for efficient identification of new threats,given the continual emergence of novel malware variants.On the other hand,numerous researchers have reported that Adversarial Examples(AEs),generated by manipulating previously detected malware,can successfully evade ML/DL-based classifiers.Commercial antivirus systems,in particular,have been identified as vulnerable to such AEs.This paper firstly focuses on conducting black-box attacks to circumvent ML/DL-based malware classifiers.Our attack method utilizes seven different perturbations,including Overlay Append,Section Append,and Break Checksum,capitalizing on the ambiguities present in the PE format,as previously employed in evasion attack research.By directly applying the perturbation techniques to PE binaries,our attack method eliminates the need to grapple with the problem-feature space dilemma,a persistent challenge in many evasion attack studies.Being a black-box attack,our method can generate AEs that successfully evade both DL-based and ML-based classifiers.Also,AEs generated by the attack method retain their executability and malicious behavior,eliminating the need for functionality verification.Through thorogh evaluations,we confirmed that the attack method achieves an evasion rate of 65.6%against well-known ML-based malware detectors and can reach a remarkable 99%evasion rate against well-known DL-based malware detectors.Furthermore,our AEs demonstrated the capability to bypass detection by 17%of vendors out of the 64 on VirusTotal(VT).In addition,we propose a defensive approach that utilizes Trend Locality Sensitive Hashing(TLSH)to construct a similarity-based defense model.Through several experiments on the approach,we verified that our defense model can effectively counter AEs generated by the perturbation techniques.In conclusion,our defense model alleviates the limitation of the most promising defense method,adversarial training,which is only effective against the AEs that are included in the training classifiers.

Robust Facial Biometric Authentication System Using Pupillary Light Reflex for Liveness Detection of Facial Images

Pupil dynamics are the important characteristics of face spoofing detection.The face recognition system is one of the most used biometrics for authenticating individual identity.The main threats to the facial recognition system are different types of presentation attacks like print attacks,3D mask attacks,replay attacks,etc.The proposed model uses pupil characteristics for liveness detection during the authentication process.The pupillary light reflex is an involuntary reaction controlling the pupil’s diameter at different light intensities.The proposed framework consists of two-phase methodologies.In the first phase,the pupil’s diameter is calculated by applying stimulus(light)in one eye of the subject and calculating the constriction of the pupil size on both eyes in different video frames.The above measurement is converted into feature space using Kohn and Clynes model-defined parameters.The Support Vector Machine is used to classify legitimate subjects when the diameter change is normal(or when the eye is alive)or illegitimate subjects when there is no change or abnormal oscillations of pupil behavior due to the presence of printed photograph,video,or 3D mask of the subject in front of the camera.In the second phase,we perform the facial recognition process.Scale-invariant feature transform(SIFT)is used to find the features from the facial images,with each feature having a size of a 128-dimensional vector.These features are scale,rotation,and orientation invariant and are used for recognizing facial images.The brute force matching algorithm is used for matching features of two different images.The threshold value we considered is 0.08 for good matches.To analyze the performance of the framework,we tested our model in two Face antispoofing datasets named Replay attack datasets and CASIA-SURF datasets,which were used because they contain the videos of the subjects in each sample having three modalities(RGB,IR,Depth).The CASIA-SURF datasets showed an 89.9%Equal Error Rate,while the Replay Attack datasets showed a 92.1%Equal Error Rate.

Local Adaptive Gradient Variance Attack for Deep Fake Fingerprint Detection

In recent years,deep learning has been the mainstream technology for fingerprint liveness detection(FLD)tasks because of its remarkable performance.However,recent studies have shown that these deep fake fingerprint detection(DFFD)models are not resistant to attacks by adversarial examples,which are generated by the introduction of subtle perturbations in the fingerprint image,allowing the model to make fake judgments.Most of the existing adversarial example generation methods are based on gradient optimization,which is easy to fall into local optimal,resulting in poor transferability of adversarial attacks.In addition,the perturbation added to the blank area of the fingerprint image is easily perceived by the human eye,leading to poor visual quality.In response to the above challenges,this paper proposes a novel adversarial attack method based on local adaptive gradient variance for DFFD.The ridge texture area within the fingerprint image has been identified and designated as the region for perturbation generation.Subsequently,the images are fed into the targeted white-box model,and the gradient direction is optimized to compute gradient variance.Additionally,an adaptive parameter search method is proposed using stochastic gradient ascent to explore the parameter values during adversarial example generation,aiming to maximize adversarial attack performance.Experimental results on two publicly available fingerprint datasets show that ourmethod achieves higher attack transferability and robustness than existing methods,and the perturbation is harder to perceive.

K-core attack, equilibrium K-core,and kinetically constrained spin system

Kinetically constrained spin systems are toy models of supercooled liquids and amorphous solids. In this perspective,we revisit the prototypical Fredrickson–Andersen(FA) kinetically constrained model from the viewpoint of K-core combinatorial optimization. Each kinetic cluster of the FA system, containing all the mutually visitable microscopic occupation configurations, is exactly the solution space of a specific instance of the K-core attack problem. The whole set of different jammed occupation patterns of the FA system is the configuration space of an equilibrium K-core problem. Based on recent theoretical results achieved on the K-core attack and equilibrium K-core problems, we discuss the thermodynamic spin glass phase transitions and the maximum occupation density of the fully unfrozen FA kinetic cluster, and the minimum occupation density and extreme vulnerability of the partially frozen(jammed) kinetic clusters. The equivalence between K-core attack and the fully unfrozen FA kinetic cluster also implies a new way of sampling K-core attack solutions.

Physics-Constrained Robustness Enhancement for Tree Ensembles Applied in Smart Grid

With the widespread use of machine learning(ML)technology,the operational efficiency and responsiveness of power grids have been significantly enhanced,allowing smart grids to achieve high levels of automation and intelligence.However,tree ensemble models commonly used in smart grids are vulnerable to adversarial attacks,making it urgent to enhance their robustness.To address this,we propose a robustness enhancement method that incorporates physical constraints into the node-splitting decisions of tree ensembles.Our algorithm improves robustness by developing a dataset of adversarial examples that comply with physical laws,ensuring training data accurately reflects possible attack scenarios while adhering to physical rules.In our experiments,the proposed method increased robustness against adversarial attacks by 100%when applied to real grid data under physical constraints.These results highlight the advantages of our method in maintaining efficient and secure operation of smart grids under adversarial conditions.

Electricity Carbon Quota Trading Scheme based on Certificateless Signature and Blockchain

The carbon tradingmarket can promote“carbon peaking”and“carbon neutrality”at low cost,but carbon emission quotas face attacks such as data forgery,tampering,counterfeiting,and replay in the electricity trading market.Certificateless signatures are a new cryptographic technology that can address traditional cryptography’s general essential certificate requirements and avoid the problem of crucial escrowbased on identity cryptography.However,most certificateless signatures still suffer fromvarious security flaws.We present a secure and efficient certificateless signing scheme by examining the security of existing certificateless signature schemes.To ensure the integrity and verifiability of electricity carbon quota trading,we propose an electricity carbon quota trading scheme based on a certificateless signature and blockchain.Our scheme utilizes certificateless signatures to ensure the validity and nonrepudiation of transactions and adopts blockchain technology to achieve immutability and traceability in electricity carbon quota transactions.In addition,validating electricity carbon quota transactions does not require time-consuming bilinear pairing operations.The results of the analysis indicate that our scheme meets existential unforgeability under adaptive selective message attacks,offers conditional identity privacy protection,resists replay attacks,and demonstrates high computing and communication performance.

A Comprehensive Survey on Advanced Persistent Threat (APT) Detection Techniques

The increase in number of people using the Internet leads to increased cyberattack opportunities.Advanced Persistent Threats,or APTs,are among the most dangerous targeted cyberattacks.APT attacks utilize various advanced tools and techniques for attacking targets with specific goals.Even countries with advanced technologies,like the US,Russia,the UK,and India,are susceptible to this targeted attack.APT is a sophisticated attack that involves multiple stages and specific strategies.Besides,TTP(Tools,Techniques,and Procedures)involved in the APT attack are commonly new and developed by an attacker to evade the security system.However,APTs are generally implemented in multiple stages.If one of the stages is detected,we may apply a defense mechanism for subsequent stages,leading to the entire APT attack failure.The detection at the early stage of APT and the prediction of the next step in the APT kill chain are ongoing challenges.This survey paper will provide knowledge about APT attacks and their essential steps.This follows the case study of known APT attacks,which will give clear information about the APT attack process—in later sections,highlighting the various detection methods defined by different researchers along with the limitations of the work.Data used in this article comes from the various annual reports published by security experts and blogs and information released by the enterprise networks targeted by the attack.