LDAS&ET-AD:Learnable Distillation Attack Strategies and Evolvable Teachers Adversarial Distillation

Adversarial distillation(AD)has emerged as a potential solution to tackle the challenging optimization problem of loss with hard labels in adversarial training.However,fixed sample-agnostic and student-egocentric attack strategies are unsuitable for distillation.Additionally,the reliability of guidance from static teachers diminishes as target models become more robust.This paper proposes an AD method called Learnable Distillation Attack Strategies and Evolvable Teachers Adversarial Distillation(LDAS&ET-AD).Firstly,a learnable distillation attack strategies generating mechanism is developed to automatically generate sample-dependent attack strategies tailored for distillation.A strategy model is introduced to produce attack strategies that enable adversarial examples(AEs)to be created in areas where the target model significantly diverges from the teachers by competing with the target model in minimizing or maximizing the AD loss.Secondly,a teacher evolution strategy is introduced to enhance the reliability and effectiveness of knowledge in improving the generalization performance of the target model.By calculating the experimentally updated target model’s validation performance on both clean samples and AEs,the impact of distillation from each training sample and AE on the target model’s generalization and robustness abilities is assessed to serve as feedback to fine-tune standard and robust teachers accordingly.Experiments evaluate the performance of LDAS&ET-AD against different adversarial attacks on the CIFAR-10 and CIFAR-100 datasets.The experimental results demonstrate that the proposed method achieves a robust precision of 45.39%and 42.63%against AutoAttack(AA)on the CIFAR-10 dataset for ResNet-18 and MobileNet-V2,respectively,marking an improvement of 2.31%and 3.49%over the baseline method.In comparison to state-of-the-art adversarial defense techniques,our method surpasses Introspective Adversarial Distillation,the top-performing method in terms of robustness under AA attack for the CIFAR-10 dataset,with enhancements of 1.40%and 1.43%for ResNet-18 and MobileNet-V2,respectively.These findings demonstrate the effectiveness of our proposed method in enhancing the robustness of deep learning networks(DNNs)against prevalent adversarial attacks when compared to other competing methods.In conclusion,LDAS&ET-AD provides reliable and informative soft labels to one of the most promising defense methods,AT,alleviating the limitations of untrusted teachers and unsuitable AEs in existing AD techniques.We hope this paper promotes the development of DNNs in real-world trust-sensitive fields and helps ensure a more secure and dependable future for artificial intelligence systems.

PROBABILISTIC CLONE-RESEND ATTACK STRATEGY IN QUANTUM KEY DISTRIBUTION

A kind of attack strategy based on a probabilistic cloning machine is proposed in this letter. The security of BB84 and the six-state quantum key distribution protocols under this attack is studied by theoretic analyses and corroborated by simulations. It is concluded that the quantum key distribution protocols still have an asymptotic perfect security even if the eavesdropper adopts the proposed attack strategy.

A Survey of Cyber Attacks on Cyber Physical Systems:Recent Advances and Challenges

A cyber physical system(CPS)is a complex system that integrates sensing,computation,control and networking into physical processes and objects over Internet.It plays a key role in modern industry since it connects physical and cyber worlds.In order to meet ever-changing industrial requirements,its structures and functions are constantly improved.Meanwhile,new security issues have arisen.A ubiquitous problem is the fact that cyber attacks can cause significant damage to industrial systems,and thus has gained increasing attention from researchers and practitioners.This paper presents a survey of state-of-the-art results of cyber attacks on cyber physical systems.First,as typical system models are employed to study these systems,time-driven and event-driven systems are reviewed.Then,recent advances on three types of attacks,i.e.,those on availability,integrity,and confidentiality are discussed.In particular,the detailed studies on availability and integrity attacks are introduced from the perspective of attackers and defenders.Namely,both attack and defense strategies are discussed based on different system models.Some challenges and open issues are indicated to guide future research and inspire the further exploration of this increasingly important area.

Optimal injection attack strategy for cyber-physical systems:a dynamic feedback approach

This paper investigates the system security problem of cyber-physical systems(CPSs),which is not only more practical but also more significant to deal with than the detecting faults problem.The purpose of this paper is to find an optimal attack strat-egy that maximizes the output error of the attacked system with low energy consumption.Based on a general model of linear time-invariant systems and a key technical lemma,a new optimal attack strategy for the meticulously designed false data injection attack is constructed.It is worth mentioning that compared with the existing model-based attack strategies,the designed one is more general and the corresponding attack strategy is more easily implemented when system states and external input are inaccessible.Key to overcom-ing the inaccessible information,a dynamic observer in the form of Luenberger is constructed.Finally,a networked magnetic levitation steel ball movement system is applied to illustrate the effectiveness of the proposed scheme.

Optimal injection attack strategy for cyber-physical systems:a dynamic feedback approach

This paper investigates the system security problem of cyber-physical systems(CPSs),which is not only more practical but also more signi cant to deal with than the detecting faults problem.The purpose of this paper is to nd an optimal attack strategy that maximizes the output error of the attacked system with low energy consumption.Based on a general model of linear time-invariant systems and a key technical lemma,a new optimal attack strategy for the meticulously designed false data injection attack is constructed.It is worth mentioning that compared with the existing model-based attack strategies,the designed one is more general and the corresponding attack strategy is more easily implemented when system states and external input are inaccessible.Key to overcoming the inaccessible information,a dynamic observer in the form of Luenberger is constructed.Finally,a networked magnetic levitation steel ball movement system is applied to illustrate the e ectiveness of the proposed scheme.

Robustness analysis metrics for worldwide airport network：A comprehensive study

Robustness of transportation networks is one of the major challenges of the 21 st century.This paper investigates the resilience of global air transportation from a complex network point of view,with focus on attacking strategies in the airport network,i.e.,to remove airports from the system and see what could affect the air traffic system from a passenger＇s perspective.Specifically,we identify commonalities and differences between several robustness measures and attacking strategies,proposing a novel notion of functional robustness：unaffected passengers with rerouting.We apply twelve attacking strategies to the worldwide airport network with three weights,and evaluate three robustness measures.We find that degree and Bonacich based attacks harm passenger weighted network most.Our evaluation is geared toward a unified view on air transportation network attack and serves as a foundation on how to develop effective mitigation strategies.

Attack and Defense Strategies in Complex Networks Based on Game Theory

To investigate the attack and defense strategies in complex net works,the authors propose a two-player zero-sum static game model with complete information which considers attack and defense strategies simultaneously.The authors assume that both the attacker and defender have two typical strategies:Targeted strategy and random strategy.The authors explore the Nash equilibriums of the attacker-defender game and demonstrate that when the attacker's attack resources are not so significantly abundant as the defender's resources,there exists a pure-strategy Nash equilibrium in both model net works and real-world net works,in which the defender protects the hub t arge ts with large degrees preferentially,while the attacker prefers selecting the targets randomly.When the attack resources are much higher than defense resources,both the attacker and the defender adopt the targeted strategy in equilibriums.This paper provides a new theoretical framework for the study of attack and defense st rat egies in complex net works.

Proactive worm propagation modeling and analysis in unstructured peer-to-peer networks

It is universally acknowledged by network security experts that proactive peer-to-peer (P2P) worms may soon en-gender serious threats to the Internet infrastructures. These latent threats stimulate activities of modeling and analysis of the proactive P2P worm propagation. Based on the classical two-factor model,in this paper,we propose a novel proactive worm propagation model in unstructured P2P networks (called the four-factor model) by considering four factors:(1) network topology,(2) countermeasures taken by Internet service providers (ISPs) and users,(3) configuration diversity of nodes in the P2P network,and (4) attack and defense strategies. Simulations and experiments show that proactive P2P worms can be slowed down by two ways:improvement of the configuration diversity of the P2P network and using powerful rules to reinforce the most connected nodes from being compromised. The four-factor model provides a better description and prediction of the proactive P2P worm propagation.

Heuristics of node selection criteria to assess robustness of world airport network

The world airport network（WAN） is one of the networked infrastructures that shape today＇s economic and social activity, so its resilience against incidents affecting the WAN is an important problem. In this paper, the robustness of air route networks is extended by defining and testing several heuristics to define selection criteria to detect the critical nodes of the WAN.In addition to heuristics based on genetic algorithms and simulated annealing, custom heuristics based on node damage and node betweenness are defined. The most effective heuristic is a multiattack heuristic combining both custom heuristics. Results obtained are of importance not only for advance in the understanding of the structure of complex networks, but also for critical node detection.