A Review on the Security of the Ethereum-Based DeFi Ecosystem

Decentralized finance(DeFi)is a general term for a series of financial products and services.It is based on blockchain technology and has attracted people’s attention because of its open,transparent,and intermediary free.Among them,the DeFi ecosystem based on Ethereum-based blockchains attracts the most attention.However,the current decentralized financial system built on the Ethereum architecture has been exposed to many smart contract vulnerabilities during the last few years.Herein,we believe it is time to improve the understanding of the prevailing Ethereum-based DeFi ecosystem security issues.To that end,we investigate the Ethereum-based DeFi security issues:1)inherited from the real-world financial system,which can be solved by macro-control;2)induced by the problems of blockchain architecture,which require a better blockchain platform;3)caused by DeFi invented applications,which should be focused on during the project development.Based on that,we further discuss the current solutions and potential directions ofDeFi security.According to our research,we could provide a comprehensive vision to the research community for the improvement of Ethereum-basedDeFi ecosystem security.

A Security Trade-Off Scheme of Anomaly Detection System in IoT to Defend against Data-Tampering Attacks

Internet of Things(IoT)is vulnerable to data-tampering(DT)attacks.Due to resource limitations,many anomaly detection systems(ADSs)for IoT have high false positive rates when detecting DT attacks.This leads to the misreporting of normal data,which will impact the normal operation of IoT.To mitigate the impact caused by the high false positive rate of ADS,this paper proposes an ADS management scheme for clustered IoT.First,we model the data transmission and anomaly detection in clustered IoT.Then,the operation strategy of the clustered IoT is formulated as the running probabilities of all ADSs deployed on every IoT device.In the presence of a high false positive rate in ADSs,to deal with the trade-off between the security and availability of data,we develop a linear programming model referred to as a security trade-off(ST)model.Next,we develop an analysis framework for the ST model,and solve the ST model on an IoT simulation platform.Last,we reveal the effect of some factors on the maximum combined detection rate through theoretical analysis.Simulations show that the ADS management scheme can mitigate the data unavailability loss caused by the high false positive rates in ADS.

High-Level Security Dimension Evaluation of Blockchain BaaS System and Key Technology

In recent years,blockchain technology integration and application has gradually become an important driving force for new technological innovation and industrial transformation.While blockchain technology and applications are developing rapidly,the emerging security risks and obstacles have gradually become prominent.Attackers can still find security issues in blockchain systems and conduct attacks,causing increasing losses from network attacks every year.In response to the current demand for blockchain application security detection and assessment in all industries,and the insufficient coverage of existing detection technologies such as smart contract detectiontechnology,this paper proposes a blockchain core technology security assessment system model,and studies the relevant detection and assessment key technologies and systems.A security assessment scheme based on a smart contract and consensus mechanism detection scheme is designed.And the underlying blockchain architecture supports the traceability of detection results using super blockchains.Finally,the functionality and performance of the system were tested,and the test results show that the model and solutions proposed in this paper have good feasibility.

Physical Layer Security of 6G Vehicular Networks with UAV Systems:First Order Secrecy Metrics,Optimization,and Bounds

The mobility and connective capabilities of unmanned aerial vehicles(UAVs)are becoming more and more important in defense,commercial,and research domains.However,their open communication makes UAVs susceptible toundesirablepassive attacks suchas eavesdroppingor jamming.Recently,the inefficiencyof traditional cryptography-based techniques has led to the addition of Physical Layer Security(PLS).This study focuses on the advanced PLS method for passive eavesdropping in UAV-aided vehicular environments,proposing a solution to complement the conventional cryptography approach.Initially,we present a performance analysis of first-order secrecy metrics in 6G-enabled UAV systems,namely hybrid outage probability(HOP)and secrecy outage probability(SOP)over 2×2 Nakagami-m channels.Later,we propose a novel technique for mitigating passive eavesdropping,which considers first-order secrecy metrics as an optimization problem and determines their lower and upper bounds.Finally,we conduct an analysis of bounded HOP and SOP using the interactive Nakagami-m channel,considering the multiple-input-multiple-output configuration of the UAV system.The findings indicate that 2×2 Nakagami-mis a suitable fadingmodel under constant velocity for trustworthy receivers and eavesdroppers.The results indicate that UAV mobility has some influence on an eavesdropper’s intrusion during line-of-sight-enabled communication and can play an important role in improving security against passive eavesdroppers.

Cloud edge integrated security architecture of new cloud manufacturing system

With the rapid development of cloud manufacturing technology and the new generation of artificial intelligence technology,the new cloud manufacturing system(NCMS)built on the connotation of cloud manufacturing 3.0 presents a new business model of“Internet of everything,intelligent leading,data driving,shared services,cross-border integration,and universal innovation”.The network boundaries are becoming increasingly blurred,NCMS is facing security risks such as equipment unauthorized use,account theft,static and extensive access control policies,unauthorized access,supply chain attacks,sensitive data leaks,and industrial control vulnerability attacks.Traditional security architectures mainly use information security technology,which cannot meet the active security protection requirements of NCMS.In order to solve the above problems,this paper proposes an integrated cloud-edge-terminal security system architecture of NCMS.It adopts the zero trust concept and effectively integrates multiple security capabilities such as network,equipment,cloud computing environment,application,identity,and data.It adopts a new access control mode of“continuous verification+dynamic authorization”,classified access control mechanisms such as attribute-based access control,rolebased access control,policy-based access control,and a new data security protection system based on blockchain,achieving“trustworthy subject identity,controllable access behavior,and effective protection of subject and object resources”.This architecture provides an active security protection method for NCMS in the digital transformation of large enterprises,and can effectively enhance network security protection capabilities and cope with increasingly severe network security situations.

Impacts of multi-scenario land use change on ecosystem services and ecological security pattern: A case study of the Yellow River Delta

The Yellow River Delta(YRD), a critical economic zone along China's eastern coast, also functions as a vital ecological reserve in the lower Yellow River. Amidst rapid industrialization and urbanization, the region has witnessed significant land use/cover changes(LUCC), impacting ecosystem services(ES) and ecological security patterns(ESP). Investigating LUCC's effects on ES and ESP in the YRD is crucial for ecological security and sustainable development. This study utilized the PLUS model to simulate 2030 land use scenarios, including natural development(NDS), economic development(EDS), and ecological protection scenarios(EPS). Subsequently, the InVEST model and circuit theory were applied to assess ES and ESP under varying LUCC scenarios from 2010 to 2030. Findings indicate:(1) Notable LUCC from 2010 to 2030, marked by decreasing cropland and increasing construction land and water bodies.(2) From 2010 to 2020, improvements were observed in carbon storage,water yield, soil retention, and habitat quality, whereas 2020–2030 saw increases in water yield and soil retention but declines in habitat quality and carbon storage. Among the scenarios, EPS showed superior performance in all four ES.(3) Between 2010 and 2030, ecological sources, corridors, and pinchpoints expanded, displaying significant spatial heterogeneity. The EPS scenario yielded the most substantial increases in ecological sources,corridors, and pinchpoints, totaling 582.89 km^(2), 645.03 km^(2),and 64.43 km^(2), respectively. This study highlights the importance of EPS, offering insightful scientific guidance for the YRD's sustainable development.

Surgical treatment of liver cancer and pancreatic cancer under the China Healthcare Security Diagnosis Related Groups payment system

BACKGROUND Data from the World Health Organization’s International Agency for Research on Cancer reported that China had the highest prevalence of cancer and cancer deaths in 2022.Liver and pancreatic cancers accounted for the highest number of new cases.Real-world data(RWD)is now widely preferred to traditional clinical trials in various fields of medicine and healthcare,as the traditional research approach often involves highly selected populations and interventions and controls that are strictly regulated.Additionally,research results from the RWD match global reality better than those from traditional clinical trials.AIM To analyze the cost disparity between surgical treatments for liver and pancreatic cancer under various factors.METHODS This study analyzed RWD 1137 cases within the HB1 group(patients who underwent pancreatectomy,hepatectomy,and/or shunt surgery)in 2023.It distinguished different expenditure categories,including medical,nursing,technical,management,drug,and consumable costs.Additionally,it assessed the contribution of each expenditure category to total hospital costs and performed cross-group comparisons using the non-parametric Kruskal–Wallis test.This study used the Steel–Dwass test for post-hoc multiple comparisons and the Spearman correlation coefficient to examine the relationships between variables.RESULTS The study found that in HB11 and HB13,the total hospitalization costs were significantly higher for pancreaticoduodenectomy than for pancreatectomy and hepatectomy.Although no significant difference was observed in the length of hospital stay between patients who underwent pancreaticoduodenectomy and pancreatectomy,both were significantly longer than those who underwent liver resection.In HB15,no significant difference was observed in the total cost of hospitalization between pancreaticoduodenectomy and pancreatectomy;however,both were significantly higher than those in hepatectomy.Additionally,the length of hospital stay was significantly longer for patients who underwent pancreaticoduodenectomy than for those who underwent pancreatectomy or liver resection.CONCLUSION China Healthcare Security Diagnosis Related Groups payment system positively impacts liver and pancreatic cancer surgeries by improving medical quality and controlling costs.Further research could refine this grouping system and ensure continuous effectiveness and sustainability.

Cost analysis of radical resection of malignant breast tumors under the China Healthcare Security Diagnosis Related Groups payment system

BACKGROUND Breast cancer is one of the most common malignant tumors in women worldwide and poses a severe threat to their health.Therefore,this study examined patients who underwent breast cancer surgery,analyzed hospitalization costs and structure,and explored the impact of China Healthcare Security Diagnosis Related Groups(CHS-DRG)management on patient costs.It aimed to provide medical institutions with ways to reduce costs,optimize cost structures,reduce patient burden,and improve service efficiency.AIM To study the CHS-DRG payment system’s impact on breast cancer surgery costs.METHODS Using the CHS-DRG(version 1.1)grouping criteria,4073 patients,who underwent the radical resection of breast malignant tumors from January to December 2023,were included in the JA29 group;1028 patients were part of the CHS-DRG payment system,unlike the rest.Through an independent sample t-test,the length of hospital stay as well as total hospitalization,medicine and consumables,medical,nursing,medical technology,and management expenses were compared.Pearson’s correlation coefficient was used to test the cost correlation.RESULTS In terms of hospitalization expenses,patients in the CHS-DRG payment group had lower medical,nursing,and management expenses than those in the diagnosis-related group(DRG)non-payment group.For patients in the DRG payment group,the factors affecting the total hospitalization cost,in descending order of relevance,were medicine and consumable costs,consumable costs,medicine costs,medical costs,medical technology costs,management costs,nursing costs,and length of hospital stay.For patients in the DRG nonpayment group,the factors affecting the total hospitalization expenses in descending order of relevance were medicines and consumable expenses,consumable expenses,medical technology expenses,the cost of medicines,medical expenses,nursing expenses,length of hospital stay,and management expenses.CONCLUSION The CHS-DRG system can help control and reduce unnecessary medical expenses by controlling medicine costs,medical consumable costs,and the length of hospital stay while ensuring medical safety.

Novel Static Security and Stability Control of Power Systems Based on Artificial Emotional Lazy Q-Learning

The stability problem of power grids has become increasingly serious in recent years as the size of novel power systems increases.In order to improve and ensure the stable operation of the novel power system,this study proposes an artificial emotional lazy Q-learning method,which combines artificial emotion,lazy learning,and reinforcement learning for static security and stability analysis of power systems.Moreover,this study compares the analysis results of the proposed method with those of the small disturbance method for a stand-alone power system and verifies that the proposed lazy Q-learning method is able to effectively screen useful data for learning,and improve the static security stability of the new type of power system more effectively than the traditional proportional-integral-differential control and Q-learning methods.

The Research on Open Sharing of Higher Education Park Based on Intelligent Security System

The intelligent security system is a series of systems that use modern information technology means such as artificial intelligence, cloud computing, big data, face recognition to carry out comprehensive monitoring, early warning, prevention and control, disposal, etc, for security protection. It is the development trend of security system in the future, and it is also the basis for open sharing between higher education parks and universities. By using content analysis, unstructured interviews and other research methods, this paper deeply studies the feasibility and basic ideas of the construction of intelligent security system in Shahe Higher Education Park, and forms basic experience and typical practices through the project construction, which further promotes the more intelligent, standardized and scientific safety management in colleges and universities. It really provides an important theoretical basis and practical guidance for the opening and sharing between higher education parks and universities.

Security Implications of Edge Computing in Cloud Networks

Security issues in cloud networks and edge computing have become very common. This research focuses on analyzing such issues and developing the best solutions. A detailed literature review has been conducted in this regard. The findings have shown that many challenges are linked to edge computing, such as privacy concerns, security breaches, high costs, low efficiency, etc. Therefore, there is a need to implement proper security measures to overcome these issues. Using emerging trends, like machine learning, encryption, artificial intelligence, real-time monitoring, etc., can help mitigate security issues. They can also develop a secure and safe future in cloud computing. It was concluded that the security implications of edge computing can easily be covered with the help of new technologies and techniques.

Enhancing Cybersecurity Competency in the Kingdom of Saudi Arabia:A Fuzzy Decision-Making Approach

The Kingdom of Saudi Arabia(KSA)has achieved significant milestones in cybersecurity.KSA has maintained solid regulatorymechanisms to prevent,trace,and punish offenders to protect the interests of both individual users and organizations from the online threats of data poaching and pilferage.The widespread usage of Information Technology(IT)and IT Enable Services(ITES)reinforces securitymeasures.The constantly evolving cyber threats are a topic that is generating a lot of discussion.In this league,the present article enlists a broad perspective on how cybercrime is developing in KSA at present and also takes a look at some of the most significant attacks that have taken place in the region.The existing legislative framework and measures in the KSA are geared toward deterring criminal activity online.Different competency models have been devised to address the necessary cybercrime competencies in this context.The research specialists in this domain can benefit more by developing a master competency level for achieving optimum security.To address this research query,the present assessment uses the Fuzzy Decision-Making Trial and Evaluation Laboratory(Fuzzy-DMTAEL),Fuzzy Analytic Hierarchy Process(F.AHP),and Fuzzy TOPSIS methodology to achieve segment-wise competency development in cyber security policy.The similarities and differences between the three methods are also discussed.This cybersecurity analysis determined that the National Cyber Security Centre got the highest priority.The study concludes by perusing the challenges that still need to be examined and resolved in effectuating more credible and efficacious online security mechanisms to offer amoreempowered ITES-driven economy for SaudiArabia.Moreover,cybersecurity specialists and policymakers need to collate their efforts to protect the country’s digital assets in the era of overt and covert cyber warfare.

Security and Privacy in Solar Insecticidal Lamps Internet of Things:Requirements and Challenges

Solar insecticidal lamps(SIL) can effectively control pests and reduce the use of pesticides. Combining SIL and Internet of Things(IoT) has formed a new type of agricultural IoT,known as SIL-IoT, which can improve the effectiveness of migratory phototropic pest control. However, since the SIL is connected to the Internet, it is vulnerable to various security issues.These issues can lead to serious consequences, such as tampering with the parameters of SIL, illegally starting and stopping SIL,etc. In this paper, we describe the overall security requirements of SIL-IoT and present an extensive survey of security and privacy solutions for SIL-IoT. We investigate the background and logical architecture of SIL-IoT, discuss SIL-IoT security scenarios, and analyze potential attacks. Starting from the security requirements of SIL-IoT we divide them into six categories, namely privacy, authentication, confidentiality, access control, availability,and integrity. Next, we describe the SIL-IoT privacy and security solutions, as well as the blockchain-based solutions. Based on the current survey, we finally discuss the challenges and future research directions of SIL-IoT.

Security Analysis in Smart Agriculture: Insights from a Cyber-Physical System Application

Smart agriculture modifies traditional farming practices,and offers innovative approaches to boost production and sustainability by leveraging contemporary technologies.In today’s world where technology is everything,these technologies are utilized to streamline regular tasks and procedures in agriculture,one of the largest and most significant industries in every nation.This research paper stands out from existing literature on smart agriculture security by providing a comprehensive analysis and examination of security issues within smart agriculture systems.Divided into three main sections-security analysis,system architecture and design and risk assessment of Cyber-Physical Systems(CPS)applications-the study delves into various elements crucial for smart farming,such as data sources,infrastructure components,communication protocols,and the roles of different stakeholders such as farmers,agricultural scientists and researchers,technology providers,government agencies,consumers and many others.In contrast to earlier research,this work analyzes the resilience of smart agriculture systems using approaches such as threat modeling,penetration testing,and vulnerability assessments.Important discoveries highlight the concerns connected to unsecured communication protocols,possible threats from malevolent actors,and vulnerabilities in IoT devices.Furthermore,the study suggests enhancements for CPS applications,such as strong access controls,intrusion detection systems,and encryption protocols.In addition,risk assessment techniques are applied to prioritize mitigation tactics and detect potential hazards,addressing issues like data breaches,system outages,and automated farming process sabotage.The research sets itself apart even more by presenting a prototype CPS application that makes use of a digital temperature sensor.This application was first created using a Tinkercad simulator and then using actual hardware with Arduino boards.The CPS application’s defenses against potential threats and vulnerabilities are strengthened by this integrated approach,which distinguishes this research for its depth and usefulness in the field of smart agriculture security.

Research progress and future prospects in the service security of key blast furnace equipment

The safety and longevity of key blast furnace(BF)equipment determine the stable and low-carbon production of iron.This pa-per presents an analysis of the heat transfer characteristics of these components and the uneven distribution of cooling water in parallel pipes based on hydrodynamic principles,discusses the feasible methods for the improvement of BF cooling intensity,and reviews the pre-paration process,performance,and damage characteristics of three key equipment pieces:coolers,tuyeres,and hearth refractories.Fur-thermoere,to attain better control of these critical components under high-temperature working conditions,we propose the application of optimized technologies,such as BF operation and maintenance technology,self-repair technology,and full-lifecycle management techno-logy.Finally,we propose further researches on safety assessments and predictions for key BF equipment under new operating conditions.

Systematic Security Guideline Framework through Intelligently Automated Vulnerability Analysis

This research aims to propose a practical framework designed for the automatic analysis of a product’s comprehensive functionality and security vulnerabilities,generating applicable guidelines based on real-world software.The existing analysis of software security vulnerabilities often focuses on specific features or modules.This partial and arbitrary analysis of the security vulnerabilities makes it challenging to comprehend the overall security vulnerabilities of the software.The key novelty lies in overcoming the constraints of partial approaches.The proposed framework utilizes data from various sources to create a comprehensive functionality profile,facilitating the derivation of real-world security guidelines.Security guidelines are dynamically generated by associating functional security vulnerabilities with the latest Common Vulnerabilities and Exposure(CVE)and Common Vulnerability Scoring System(CVSS)scores,resulting in automated guidelines tailored to each product.These guidelines are not only practical but also applicable in real-world software,allowing for prioritized security responses.The proposed framework is applied to virtual private network(VPN)software,wherein a validated Level 2 data flow diagram is generated using the Spoofing,Tampering,Repudiation,Information Disclosure,Denial of Service,and Elevation of privilege(STRIDE)technique with references to various papers and examples from related software.The analysis resulted in the identification of a total of 121 vulnerabilities.The successful implementation and validation demonstrate the framework’s efficacy in generating customized guidelines for entire systems,subsystems,and selected modules.

Network Security Enhanced with Deep Neural Network-Based Intrusion Detection System

This study describes improving network security by implementing and assessing an intrusion detection system(IDS)based on deep neural networks(DNNs).The paper investigates contemporary technical ways for enhancing intrusion detection performance,given the vital relevance of safeguarding computer networks against harmful activity.The DNN-based IDS is trained and validated by the model using the NSL-KDD dataset,a popular benchmark for IDS research.The model performs well in both the training and validation stages,with 91.30%training accuracy and 94.38%validation accuracy.Thus,the model shows good learning and generalization capabilities with minor losses of 0.22 in training and 0.1553 in validation.Furthermore,for both macro and micro averages across class 0(normal)and class 1(anomalous)data,the study evaluates the model using a variety of assessment measures,such as accuracy scores,precision,recall,and F1 scores.The macro-average recall is 0.9422,the macro-average precision is 0.9482,and the accuracy scores are 0.942.Furthermore,macro-averaged F1 scores of 0.9245 for class 1 and 0.9434 for class 0 demonstrate the model’s ability to precisely identify anomalies precisely.The research also highlights how real-time threat monitoring and enhanced resistance against new online attacks may be achieved byDNN-based intrusion detection systems,which can significantly improve network security.The study underscores the critical function ofDNN-based IDS in contemporary cybersecurity procedures by setting the foundation for further developments in this field.Upcoming research aims to enhance intrusion detection systems by examining cooperative learning techniques and integrating up-to-date threat knowledge.

A Review on Security and Privacy Issues Pertaining to Cyber-Physical Systems in the Industry 5.0 Era

The advent of Industry 5.0 marks a transformative era where Cyber-Physical Systems(CPSs)seamlessly integrate physical processes with advanced digital technologies.However,as industries become increasingly interconnected and reliant on smart digital technologies,the intersection of physical and cyber domains introduces novel security considerations,endangering the entire industrial ecosystem.The transition towards a more cooperative setting,including humans and machines in Industry 5.0,together with the growing intricacy and interconnection of CPSs,presents distinct and diverse security and privacy challenges.In this regard,this study provides a comprehensive review of security and privacy concerns pertaining to CPSs in the context of Industry 5.0.The review commences by providing an outline of the role of CPSs in Industry 5.0 and then proceeds to conduct a thorough review of the different security risks associated with CPSs in the context of Industry 5.0.Afterward,the study also presents the privacy implications inherent in these systems,particularly in light of the massive data collection and processing required.In addition,the paper delineates potential avenues for future research and provides countermeasures to surmount these challenges.Overall,the study underscores the imperative of adopting comprehensive security and privacy strategies within the context of Industry 5.0.

Security-Reliability Tradeoff Analysis for Jamming Aided Decode-and-Forward Relay Networks

In this paper,we explore a cooperative decode-and-forward(DF)relay network comprised of a source,a relay,and a destination in the presence of an eavesdropper.To improve physical-layer security of the relay system,we propose a jamming aided decodeand-forward relay(JDFR)scheme combining the use of artificial noise and DF relaying which requires two stages to transmit a packet.Specifically,in stage one,the source sends confidential message to the relay while the destination acts as a friendly jammer and transmits artificial noise to confound the eavesdropper.In stage two,the relay forwards its re-encoded message to the destination while the source emits artificial noise to confuse the eavesdropper.In addition,we analyze the security-reliability tradeoff(SRT)performance of the proposed JDFR scheme,where security and reliability are evaluated by deriving intercept probability(IP)and outage probability(OP),respectively.For the purpose of comparison,SRT of the traditional decode-and-forward relay(TDFR)scheme is also analyzed.Numerical results show that the SRT performance of the proposed JDFR scheme is better than that of the TDFR scheme.Also,it is shown that for the JDFR scheme,a better SRT performance can be obtained by the optimal power allocation(OPA)between the friendly jammer and user.

Intelligent Solution System for Cloud Security Based on Equity Distribution:Model and Algorithms

In the cloud environment,ensuring a high level of data security is in high demand.Data planning storage optimization is part of the whole security process in the cloud environment.It enables data security by avoiding the risk of data loss and data overlapping.The development of data flow scheduling approaches in the cloud environment taking security parameters into account is insufficient.In our work,we propose a data scheduling model for the cloud environment.Themodel is made up of three parts that together help dispatch user data flow to the appropriate cloudVMs.The first component is the Collector Agent whichmust periodically collect information on the state of the network links.The second one is the monitoring agent which must then analyze,classify,and make a decision on the state of the link and finally transmit this information to the scheduler.The third one is the scheduler who must consider previous information to transfer user data,including fair distribution and reliable paths.It should be noted that each part of the proposedmodel requires the development of its algorithms.In this article,we are interested in the development of data transfer algorithms,including fairness distribution with the consideration of a stable link state.These algorithms are based on the grouping of transmitted files and the iterative method.The proposed algorithms showthe performances to obtain an approximate solution to the studied problem which is an NP-hard(Non-Polynomial solution)problem.The experimental results show that the best algorithm is the half-grouped minimum excluding(HME),with a percentage of 91.3%,an average deviation of 0.042,and an execution time of 0.001 s.