Variance-Constrained Filtering Fusion for Nonlinear Cyber-Physical Systems With the Denial-of-Service Attacks and Stochastic Communication Protocol

In this paper,a new filtering fusion problem is studied for nonlinear cyber-physical systems under errorvariance constraints and denial-of-service attacks.To prevent data collision and reduce communication cost,the stochastic communication protocol is adopted in the sensor-to-filter channels to regulate the transmission order of sensors.Each sensor is allowed to enter the network according to the transmission priority decided by a set of independent and identicallydistributed random variables.From the defenders’view,the occurrence of the denial-of-service attack is governed by the randomly Bernoulli-distributed sequence.At the local filtering stage,a set of variance-constrained local filters are designed where the upper bounds(on the filtering error covariances)are first acquired and later minimized by appropriately designing filter parameters.At the fusion stage,all local estimates and error covariances are combined to develop a variance-constrained fusion estimator under the federated fusion rule.Furthermore,the performance of the fusion estimator is examined by studying the boundedness of the fused error covariance.A simulation example is finally presented to demonstrate the effectiveness of the proposed fusion estimator.

Resilient and Safe Platooning Control of Connected Automated Vehicles Against Intermittent Denial-of-Service Attacks

Connected automated vehicles(CAVs)serve as a promising enabler for future intelligent transportation systems because of their capabilities in improving traffic efficiency and driving safety,and reducing fuel consumption and vehicle emissions.A fundamental issue in CAVs is platooning control that empowers a convoy of CAVs to be cooperatively maneuvered with desired longitudinal spacings and identical velocities on roads.This paper addresses the issue of resilient and safe platooning control of CAVs subject to intermittent denial-of-service(DoS)attacks that disrupt vehicle-to-vehicle communications.First,a heterogeneous and uncertain vehicle longitudinal dynamic model is presented to accommodate a variety of uncertainties,including diverse vehicle masses and engine inertial delays,unknown and nonlinear resistance forces,and a dynamic platoon leader.Then,a resilient and safe distributed longitudinal platooning control law is constructed with an aim to preserve simultaneous individual vehicle stability,attack resilience,platoon safety and scalability.Furthermore,a numerically efficient offline design algorithm for determining the desired platoon control law is developed,under which the platoon resilience against DoS attacks can be maximized but the anticipated stability,safety and scalability requirements remain preserved.Finally,extensive numerical experiments are provided to substantiate the efficacy of the proposed platooning method.

Sliding Mode Control for Nonlinear Markovian Jump Systems Under Denial-of-Service Attacks

This paper investigates the sliding mode control(SMC) problem for a class of discrete-time nonlinear networked Markovian jump systems(MJSs) in the presence of probabilistic denial-of-service(Do S) attacks. The communication network via which the data is propagated is unsafe and the malicious adversary can attack the system during state feedback. By considering random Denial-of-Service attacks, a new sliding mode variable is designed, which takes into account the distribution information of the probabilistic attacks. Then, by resorting to Lyapunov theory and stochastic analysis methods, sufficient conditions are established for the existence of the desired sliding mode controller, guaranteeing both reachability of the designed sliding surface and stability of the resulting sliding motion.Finally, a simulation example is given to demonstrate the effectiveness of the proposed sliding mode control algorithm.

Machine Learning-Based Detection and Selective Mitigation of Denial-of-Service Attacks in Wireless Sensor Networks

As the density of wireless networks increases globally, the vulnerability of overlapped dense wireless communications to interference by hidden nodes and denial-of-service (DoS) attacks is becoming more apparent. There exists a gap in research on the detection and response to attacks on Medium Access Control (MAC) mechanisms themselves, which would lead to service outages between nodes. Classifying exploitation and deceptive jamming attacks on control mechanisms is particularly challengingdue to their resemblance to normal heavy communication patterns. Accordingly, this paper proposes a machine learning-based selective attack mitigation model that detects DoS attacks on wireless networks by monitoring packet log data. Based on the type of detected attack, it implements effective corresponding mitigation techniques to restore performance to nodes whose availability has been compromised. Experimental results reveal that the accuracy of the proposed model is 14% higher than that of a baseline anomaly detection model. Further, the appropriate mitigation techniques selected by the proposed system based on the attack type improve the average throughput by more than 440% compared to the case without a response.

Risk Assessment and Defense Resource Allocation of Cyber-physical Distribution Systems Under Denial-of-service Attacks

With the help of advanced information technology,real-time monitoring and control levels of cyber-physical distribution systems(CPDS)have been significantly improved.However due to the deep integration of cyber and physical systems,attackers could still threaten the stable operation of CPDS by launching cyber-attacks,such as denial-of-service(DoS)attacks.Thus,it is necessary to study the CPDS risk assessment and defense resource allocation methods under DoS attacks.This paper analyzes the impact of DoS attacks on the physical system based on the CPDS fault self-healing control.Then,considering attacker and defender strategies and attack damage,a CPDS risk assessment framework is established.Furthermore,risk assessment and defense resource allocation methods,based on the Stackelberg dynamic game model,are proposed under conditions in which the cyber and physical systems are launched simultaneously.Finally,a simulation based on an actual CPDS is performed,and the calculation results verify the effectiveness of the algorithm.

Periodic event-triggered secure consensus for networked mechanical systems under Denial-of-Service attacks

This paper concentrates on the secure consensus problem of networked mechanical/Euler–Lagrange systems.First,a new periodic event-triggered(PET)secure distributed observer is proposed to estimate the leader information.The proposed distributed observer only relies on the PET data from its neighbors,which can significantly reduce the communication and computational burden.More importantly,it is secure in the sense that it can work normally regardless of the Denial-of-Service(DoS)attacks.Second,based on the proposed distributed observer,an adaptive fuzzy control law is proposed for each Euler–Lagrange system.A PET mechanism is integrated into the controller,which can reduce the control update.This is helpful for both energy saving and fault tolerance of actuators.Moreover,the PET mechanism naturally makes the controller easy to be implemented in digital platform.The property of fuzzy logic systems and Gronwall inequality are skillfully utilized to show the stability of the closed-loop system.Finally,the proposed control scheme is verified on real Euler–Lagrange systems,which contain a robot manipulator and several servo motors.

System identification with binary-valued observations under both denial-of-service attacks and data tampering attacks:the optimality of attack strategy

With the development of wireless communication technology,cyber physical systems are applied in various fields such as industrial production and infrastructure,where lots of information exchange brings cyber security threats to the systems.From the perspective of system identification with binary-valued observations,we study the optimal attack problem when the system is subject to both denial of service attacks and data tampering attacks.The packet loss rate and the data tampering rate caused by the attack is given,and the estimation error is derived.Then the optimal attack strategy to maximize the identification error with the least energy is described as a min–max optimization problem with constraints.The explicit expression of the optimal attack strategy is obtained.Simulation examples are presented to verify the effectiveness of the main conclusions.

Discovery method for distributed denial-of-service attack behavior in SDNs using a feature-pattern graph model

The security threats to software-defined networks(SDNs)have become a significant problem,generally because of the open framework of SDNs.Among all the threats,distributed denial-of-service(DDoS)attacks can have a devastating impact on the network.We propose a method to discover DDoS attack behaviors in SDNs using a feature-pattern graph model.The feature-pattern graph model presented employs network patterns as nodes and similarity as weighted links;it can demonstrate not only the traffc header information but also the relationships among all the network patterns.The similarity between nodes is modeled by metric learning and the Mahalanobis distance.The proposed method can discover DDoS attacks using a graph-based neighborhood classification method;it is capable of automatically finding unknown attacks and is scalable by inserting new nodes to the graph model via local or global updates.Experiments on two datasets prove the feasibility of the proposed method for attack behavior discovery and graph update tasks,and demonstrate that the graph-based method to discover DDoS attack behaviors substantially outperforms the methods compared herein.

Experimental Observing Damage Evolution in Cement Pastes Exposed to External Sulfate Attack by in situ X-ray Computed Tomography

The paper presents experimental investigation results of crack pattern change in cement pastes caused by external sulfate attack(ESA).To visualize the formation and development of cracks in cement pastes under ESA,an X-ray computed tomography(X-ray CT)was used,i e,the tomography system of Zeiss Xradia 510 versa.The results indicate that X-CT can monitor the development process and distribution characteristics of the internal cracks of cement pastes under ESA with attack time.In addition,the C3A content in the cement significantly affects the damage mode of cement paste specimens during sulfate erosion.The damage of ordinary Portland cement(OPC)pastes subjected to sulfate attack with high C3A content are severe,while the damage of sulfate resistant Portland cement(SRPC)pastes is much smaller than that of OPC pastes.Furthermore,a quadratic function describes the correlation between the crack volume fraction and development depth for two cement pastes immermed in sulfate solution.

System identification with binary-valued observations under both denial-of-service attacks and data tampering attacks:defense scheme and its optimality

In this paper,we investigate the defense problem against the joint attacks of denial-of-service attacks and data tampering attacks in the framework of system identification with binary-valued observations.By estimating the key parameters of the joint attack and compensating them in the identification algorithm,a compensation-oriented defense scheme is proposed.Then the identification algorithm of system parameter is designed and is further proved to be consistent.The asymptotic normality of the algorithm is obtained,and on this basis,we propose the optimal defense scheme.Furthermore,the implementation of the optimal defense scheme is discussed.Finally,a simulation example is presented to verify the effectiveness of the main results.

Diabetic foot attack:Managing severe sepsis in the diabetic patient

Diabetic foot attack(DFA)is the most severe presentation of diabetic foot disease,with the patient commonly displaying severe sepsis,which can be limb or life threatening.DFA can be classified into two main categories:Typical and atypical.A typical DFA is secondary to a severe infection in the foot,often initiated by minor breaches in skin integrity that allow pathogens to enter and proliferate.This form often progresses rapidly due to the underlying diabetic pathophysiology of neuropathy,microvascular disease,and hyperglycemia,which facilitate infection spread and tissue necrosis.This form of DFA can present as one of a number of severe infective pathologies including pyomyositis,necrotizing fasciitis,and myonecrosis,all of which can lead to systemic sepsis and multiorgan failure.An atypical DFA,however,is not primarily infection-driven.It can occur secondary to either ischemia or Charcot arthropathy.Management of the typical DFA involves prompt diagnosis,aggressive infection control,and a multidisciplinary approach.Treatment can be guided by the current International Working Group on the Diabetic Foot/Infectious Diseases Society of America guidelines on diabetic foot infections,and the combined British Orthopaedic Foot and Ankle Society-Vascular Society guidelines.This article highlights the importance of early recognition,comprehensive management strategies,and the need for further research to establish standardized protocols and improve clinical outcomes for patients with DFA.

Oversampling-Enhanced Feature Fusion-Based Hybrid ViT-1DCNN Model for Ransomware Cyber Attack Detection

Ransomware attacks pose a significant threat to critical infrastructures,demanding robust detection mechanisms.This study introduces a hybrid model that combines vision transformer(ViT)and one-dimensional convolutional neural network(1DCNN)architectures to enhance ransomware detection capabilities.Addressing common challenges in ransomware detection,particularly dataset class imbalance,the synthetic minority oversampling technique(SMOTE)is employed to generate synthetic samples for minority class,thereby improving detection accuracy.The integration of ViT and 1DCNN through feature fusion enables the model to capture both global contextual and local sequential features,resulting in comprehensive ransomware classification.Tested on the UNSW-NB15 dataset,the proposed ViT-1DCNN model achieved 98%detection accuracy with precision,recall,and F1-score metrics surpassing conventional methods.This approach not only reduces false positives and negatives but also offers scalability and robustness for real-world cybersecurity applications.The results demonstrate the model’s potential as an effective tool for proactive ransomware detection,especially in environments where evolving threats require adaptable and high-accuracy solutions.

Research on fixed-time time-varying formation of heterogeneous multi-agent systems based on tracking error observer under DoS attacks

In this paper,the fixed-time time-varying formation of heterogeneous multi-agent systems(MASs) based on tracking error observer under denial-of-service(DoS) attacks is investigated.Firstly,the dynamic pinning strategy is used to reconstruct the communication channel for the system that suffers from DoS attacks to prevent the discontinuous transmission information of the communication network from affecting MASs formation.Then,considering that the leader state is not available to each follower under DoS attacks,a fixed-time distributed observer without velocity information is constructed to estimate the tracking error between followers and the leader.Finally,adaptive radial basis function neural network(RBFNN) is used to approximate the unknown ensemble disturbances in the system,and the fixed-time time-varying formation scheme is designed with the constructed observer.The effectiveness of the proposed control algorithm is demonstrated by the numerical simulation.

XMAM:X-raying models with a matrix to reveal backdoor attacks for federated learning

Federated Learning(FL),a burgeoning technology,has received increasing attention due to its privacy protection capability.However,the base algorithm FedAvg is vulnerable when it suffers from so-called backdoor attacks.Former researchers proposed several robust aggregation methods.Unfortunately,due to the hidden characteristic of backdoor attacks,many of these aggregation methods are unable to defend against backdoor attacks.What's more,the attackers recently have proposed some hiding methods that further improve backdoor attacks'stealthiness,making all the existing robust aggregation methods fail.To tackle the threat of backdoor attacks,we propose a new aggregation method,X-raying Models with A Matrix(XMAM),to reveal the malicious local model updates submitted by the backdoor attackers.Since we observe that the output of the Softmax layer exhibits distinguishable patterns between malicious and benign updates,unlike the existing aggregation algorithms,we focus on the Softmax layer's output in which the backdoor attackers are difficult to hide their malicious behavior.Specifically,like medical X-ray examinations,we investigate the collected local model updates by using a matrix as an input to get their Softmax layer's outputs.Then,we preclude updates whose outputs are abnormal by clustering.Without any training dataset in the server,the extensive evaluations show that our XMAM can effectively distinguish malicious local model updates from benign ones.For instance,when other methods fail to defend against the backdoor attacks at no more than 20%malicious clients,our method can tolerate 45%malicious clients in the black-box mode and about 30%in Projected Gradient Descent(PGD)mode.Besides,under adaptive attacks,the results demonstrate that XMAM can still complete the global model training task even when there are 40%malicious clients.Finally,we analyze our method's screening complexity and compare the real screening time with other methods.The results show that XMAM is about 10–10000 times faster than the existing methods.

Distributed Platooning Control of Automated Vehicles Subject to Replay Attacks Based on Proportional Integral Observers

Secure platooning control plays an important role in enhancing the cooperative driving safety of automated vehicles subject to various security vulnerabilities.This paper focuses on the distributed secure control issue of automated vehicles affected by replay attacks.A proportional-integral-observer(PIO)with predetermined forgetting parameters is first constructed to acquire the dynamical information of vehicles.Then,a time-varying parameter and two positive scalars are employed to describe the temporal behavior of replay attacks.In light of such a scheme and the common properties of Laplace matrices,the closed-loop system with PIO-based controllers is transformed into a switched and time-delayed one.Furthermore,some sufficient conditions are derived to achieve the desired platooning performance by the view of the Lyapunov stability theory.The controller gains are analytically determined by resorting to the solution of certain matrix inequalities only dependent on maximum and minimum eigenvalues of communication topologies.Finally,a simulation example is provided to illustrate the effectiveness of the proposed control strategy.

Anti-Byzantine Attacks Enabled Vehicle Selection for Asynchronous Federated Learning in Vehicular Edge Computing

In vehicle edge computing(VEC),asynchronous federated learning(AFL)is used,where the edge receives a local model and updates the global model,effectively reducing the global aggregation latency.Due to different amounts of local data,computing capabilities and locations of the vehicles,renewing the global model with same weight is inappropriate.The above factors will affect the local calculation time and upload time of the local model,and the vehicle may also be affected by Byzantine attacks,leading to the deterioration of the vehicle data.However,based on deep reinforcement learning(DRL),we can consider these factors comprehensively to eliminate vehicles with poor performance as much as possible and exclude vehicles that have suffered Byzantine attacks before AFL.At the same time,when aggregating AFL,we can focus on those vehicles with better performance to improve the accuracy and safety of the system.In this paper,we proposed a vehicle selection scheme based on DRL in VEC.In this scheme,vehicle’s mobility,channel conditions with temporal variations,computational resources with temporal variations,different data amount,transmission channel status of vehicles as well as Byzantine attacks were taken into account.Simulation results show that the proposed scheme effectively improves the safety and accuracy of the global model.

Evaluating Privacy Leakage and Memorization Attacks on Large Language Models (LLMs) in Generative AI Applications

The recent interest in the deployment of Generative AI applications that use large language models (LLMs) has brought to the forefront significant privacy concerns, notably the leakage of Personally Identifiable Information (PII) and other confidential or protected information that may have been memorized during training, specifically during a fine-tuning or customization process. We describe different black-box attacks from potential adversaries and study their impact on the amount and type of information that may be recovered from commonly used and deployed LLMs. Our research investigates the relationship between PII leakage, memorization, and factors such as model size, architecture, and the nature of attacks employed. The study utilizes two broad categories of attacks: PII leakage-focused attacks (auto-completion and extraction attacks) and memorization-focused attacks (various membership inference attacks). The findings from these investigations are quantified using an array of evaluative metrics, providing a detailed understanding of LLM vulnerabilities and the effectiveness of different attacks.

Ensuring Secure Platooning of Constrained Intelligent and Connected Vehicles Against Byzantine Attacks:A Distributed MPC Framework

This study investigates resilient platoon control for constrained intelligent and connected vehicles(ICVs)against F-local Byzantine attacks.We introduce a resilient distributed model-predictive platooning control framework for such ICVs.This framework seamlessly integrates the predesigned optimal control with distributed model predictive control(DMPC)optimization and introduces a unique distributed attack detector to ensure the reliability of the transmitted information among vehicles.Notably,our strategy uses previously broadcasted information and a specialized convex set,termed the“resilience set”,to identify unreliable data.This approach significantly eases graph robustness prerequisites,requiring only an(F+1)-robust graph,in contrast to the established mean sequence reduced algorithms,which require a minimum(2F+1)-robust graph.Additionally,we introduce a verification algorithm to restore trust in vehicles under minor attacks,further reducing communication network robustness.Our analysis demonstrates the recursive feasibility of the DMPC optimization.Furthermore,the proposed method achieves exceptional control performance by minimizing the discrepancies between the DMPC control inputs and predesigned platoon control inputs,while ensuring constraint compliance and cybersecurity.Simulation results verify the effectiveness of our theoretical findings.

ICPS multi-target constrained comprehensive security control based on DoS attacks energy grading detection and compensation

Aiming at the industry cyber-physical system(ICPS)where Denial-of-Service(DoS)attacks and actuator failure coexist,the integrated security control problem of ICPS under multi-objective constraints was studied.First,from the perspective of the defender,according to the differential impact of the system under DoS attacks of different energies,the DoS attacks energy grading detection standard was formulated,and the ICPS comprehensive security control framework was constructed.Secondly,a security transmission strategy based on event triggering was designed.Under the DoS attack energy classification detection mechanism,for large-energy attacks,the method based on time series analysis was considered to predict and compensate for lost data.Therefore,on the basis of passive and elastic response to small energy attacks,the active defense capability against DoS attacks was increased.Then by introducing the conecomplement linearization algorithm,the calculation methods of the state and fault estimation observer and the integrated safety controller were deduced,the goal of DoS attack active and passive hybrid intrusion tolerance and actuator failure active fault tolerance were realized.Finally,a simulation example of a four-capacity water tank system was given to verify the validity of the obtained conclusions.

A Probabilistic Trust Model and Control Algorithm to Protect 6G Networks against Malicious Data Injection Attacks in Edge Computing Environments

Future 6G communications are envisioned to enable a large catalogue of pioneering applications.These will range from networked Cyber-Physical Systems to edge computing devices,establishing real-time feedback control loops critical for managing Industry 5.0 deployments,digital agriculture systems,and essential infrastructures.The provision of extensive machine-type communications through 6G will render many of these innovative systems autonomous and unsupervised.While full automation will enhance industrial efficiency significantly,it concurrently introduces new cyber risks and vulnerabilities.In particular,unattended systems are highly susceptible to trust issues:malicious nodes and false information can be easily introduced into control loops.Additionally,Denialof-Service attacks can be executed by inundating the network with valueless noise.Current anomaly detection schemes require the entire transformation of the control software to integrate new steps and can only mitigate anomalies that conform to predefined mathematical models.Solutions based on an exhaustive data collection to detect anomalies are precise but extremely slow.Standard models,with their limited understanding of mobile networks,can achieve precision rates no higher than 75%.Therefore,more general and transversal protection mechanisms are needed to detect malicious behaviors transparently.This paper introduces a probabilistic trust model and control algorithm designed to address this gap.The model determines the probability of any node to be trustworthy.Communication channels are pruned for those nodes whose probability is below a given threshold.The trust control algorithmcomprises three primary phases,which feed themodel with three different probabilities,which are weighted and combined.Initially,anomalous nodes are identified using Gaussian mixture models and clustering technologies.Next,traffic patterns are studied using digital Bessel functions and the functional scalar product.Finally,the information coherence and content are analyzed.The noise content and abnormal information sequences are detected using a Volterra filter and a bank of Finite Impulse Response filters.An experimental validation based on simulation tools and environments was carried out.Results show the proposed solution can successfully detect up to 92%of malicious data injection attacks.