This paper mainly investigates the security problem of a networked control system based on a Kalman filter.A false data injection attack scheme is proposed to only tamper the measurement output,and its stealthiness an...This paper mainly investigates the security problem of a networked control system based on a Kalman filter.A false data injection attack scheme is proposed to only tamper the measurement output,and its stealthiness and effects on system performance are analyzed under three cases of system knowledge held by an attacker and a defender.Firstly,it is derived that the proposed attack scheme is stealthy for a residual-based detector when the attacker and the defender hold the same accurate system knowledge.Secondly,it is proven that the proposed attack scheme is still stealthy even if the defender actively modifies the Kalman filter gain so as to make it different from that of the attacker.Thirdly,the stealthiness condition of the proposed attack scheme based on an inaccurate model is given.Furthermore,for each case,the instability conditions of the closed-loop system under attack are derived.Finally,simulation results are provided to test the proposed attack scheme.展开更多
This paper,from the view of a defender,addresses the security problem of cyber-physical systems(CPSs)subject to stealthy false data injection(FDI)attacks that cannot be detected by a residual-based anomaly detector wi...This paper,from the view of a defender,addresses the security problem of cyber-physical systems(CPSs)subject to stealthy false data injection(FDI)attacks that cannot be detected by a residual-based anomaly detector without other defensive measures.To detect such a class of FDI attacks,a stochastic coding scheme,which codes the sensor measurement with a Gaussian stochastic signal at the sensor side,is proposed to assist an anomaly detector to expose the FDI attack.In order to ensure the system performance in the normal operational context,a decoder is adopted to decode the coded sensor measurement when received at the controller side.With this detection scheme,the residual under the attack can be significantly different from that in the normal situation,and thus trigger an alarm.The design condition of the coding signal covariance is derived to meet the constraints of false alarm rate and attack detection rate.To minimize the trace of the coding signal covariance,the design problem of the coding signal is converted into a constraint non-convex optimization problem,and an estimation-optimization iteration algorithm is presented to obtain a numerical solution of the coding signal covariance.A numerical example is given to verify the effectiveness of the proposed scheme.展开更多
This paper investigates the security issue of multisensor remote estimation systems.An optimal stealthy false data injection(FDI)attack scheme based on historical and current residuals,which only tampers with the meas...This paper investigates the security issue of multisensor remote estimation systems.An optimal stealthy false data injection(FDI)attack scheme based on historical and current residuals,which only tampers with the measurement residuals of partial sensors due to limited attack resources,is proposed to maximally degrade system estimation performance.The attack stealthiness condition is given,and then the estimation error covariance in compromised state is derived to quantify the system performance under attack.The optimal attack strategy is obtained by solving several convex optimization problems which maximize the trace of the compromised estimation error covariance subject to the stealthiness condition.Moreover,due to the constraint of attack resources,the selection principle of the attacked sensor is provided to determine which sensor is attacked so as to hold the most impact on system performance.Finally,simulation results are presented to verify the theoretical analysis.展开更多
Boron nitride(BN)aerogels,composed of nanoscale BN building units together with plenty of air in between these nanoscale building units,are ultralight ceramic materials with excellent thermal/electrical insulation,gre...Boron nitride(BN)aerogels,composed of nanoscale BN building units together with plenty of air in between these nanoscale building units,are ultralight ceramic materials with excellent thermal/electrical insulation,great chemical stability and high-temperature oxidation resistance,which offer considerable advantages for various applications under extreme conditions.However,previous BN aerogels cannot resist high temperature above 900℃ in air atmosphere,and hightemperature oxidation resistance enhancement for BN aerogels is still a great challenge.Herein,a calcium-doped BN(Ca-BN)aerogel with enhanced high-temperature stability(up to~1300℃ in air)was synthesized by introducing Ca atoms into crystal structure of BN building blocks via high-temperature reaction between calcium phosphate and melamine diborate architecture.Such Ca-BN aerogels could resist the burning of butane flame(~1300℃)and keep their megashape and microstructure very well.Furthermore,Ca-BN aerogel serves as thermal insulation layer,together with Al foil serving as both low-infrared-emission layer and high-infrared-reflection layer,forming a combination structure that can effectively hide high-temperature target(heated by butane flame).Such successful chemical doping of metal element into crystal structure of BN may be helpful in the future design and fabrication of advanced BN aerogel materials,and further extending their possible applications to extremely high-temperature environments.展开更多
The efficacious delivery of antimicrobial drugs to intractable oral biofilms remains a challenge due to inadequate biofilm penetration and lack of pathogen targeting.Herein,we have developed a microenvironment-activat...The efficacious delivery of antimicrobial drugs to intractable oral biofilms remains a challenge due to inadequate biofilm penetration and lack of pathogen targeting.Herein,we have developed a microenvironment-activated poly(ethylene glycol)(PEG)-sheddable nanoplatform to mediate targeted delivery of drugs into oral biofilms for the efficient prevention of dental caries.The PEGylated nanoplatform with enhanced biofilm penetration is capable of deshielding the PEG layer under slightly acidic conditions in a PEG chain length-dependent manner to re-expose the bacteria-targeting ligands,thereby facilitating targeted codelivery of ciprofloxacin(CIP)and IR780 to the bacteria after accumulation within biofilms.The nanoplatform tends to induce bacterial agglomeration and suffers from degradation in the acidic oral biofilm microenvironment,triggering rapid drug release on demand around bacterial cells.The self-modulating nanoplatform under near-infrared(NIR)irradiation accordingly displays greatly augmented potency in oral biofilm penetration and disruption compared with drugs alone.Topical oral treatment with nanoplatforms involving synergetic pharmacological and photothermal/photodynamic trinary therapy results in robust biofilm dispersion and efficacious suppression of severe tooth decay in rats.This versatile nanoplatform can promote local accumulation and specific drug transport into biofilms and represents a new paradigm for targeted drug delivery for the management of oral biofilm-associated infections.展开更多
Web crawlers have been misused for several malicious purposes such as downloading server data without permission from the website administrator.Moreover,armoured crawlers are evolving against new anti-crawler mechanis...Web crawlers have been misused for several malicious purposes such as downloading server data without permission from the website administrator.Moreover,armoured crawlers are evolving against new anti-crawler mechanisms in the arm races between crawler developers and crawler defenders.In this paper,based on one observation that normal users and malicious crawlers have different short-term and long-term download behaviours,we develop a new anti-crawler mechanism called PathMarker to detect and constrain persistent distributed crawlers.By adding a marker to each Uniform Resource Locator(URL),we can trace the page that leads to the access of this URL and the user identity who accesses this URL.With this supporting information,we can not only perform more accurate heuristic detection using the path related features,but also develop a Support Vector Machine based machine learning detection model to distinguish malicious crawlers from normal users via inspecting their different patterns of URL visiting paths and URL visiting timings.In addition to effectively detecting crawlers at the earliest stage,PathMarker can dramatically suppress the scraping efficiency of crawlers before they are detected.We deploy our approach on an online forum website,and the evaluation results show that PathMarker can quickly capture all 6 open-source and in-house crawlers,plus two external crawlers(i.e.,Googlebots and Yahoo Slurp).展开更多
Web crawlers have been misused for several malicious purposes such as downloading server data without permission from the website administrator.Moreover,armoured crawlers are evolving against new anti-crawler mechanis...Web crawlers have been misused for several malicious purposes such as downloading server data without permission from the website administrator.Moreover,armoured crawlers are evolving against new anti-crawler mechanisms in the arm races between crawler developers and crawler defenders.In this paper,based on one observation that normal users and malicious crawlers have different short-term and long-term download behaviours,we develop a new anti-crawler mechanism called PathMarker to detect and constrain persistent distributed crawlers.By adding a marker to each Uniform Resource Locator(URL),we can trace the page that leads to the access of this URL and the user identity who accesses this URL.With this supporting information,we can not only perform more accurate heuristic detection using the path related features,but also develop a Support Vector Machine based machine learning detection model to distinguish malicious crawlers from normal users via inspecting their different patterns of URL visiting paths and URL visiting timings.In addition to effectively detecting crawlers at the earliest stage,PathMarker can dramatically suppress the scraping efficiency of crawlers before they are detected.We deploy our approach on an online forum website,and the evaluation results show that PathMarker can quickly capture all 6 open-source and in-house crawlers,plus two external crawlers(i.e.,Googlebots and Yahoo Slurp).展开更多
IP covert timing channel (IPCTC) is an unconventional communication channel which attaches time information to the packets of an overt channel as messages carders, e.g., using different inter-packet delays to transm...IP covert timing channel (IPCTC) is an unconventional communication channel which attaches time information to the packets of an overt channel as messages carders, e.g., using different inter-packet delays to transmit messages in a packet-switched network. Although the IPCTCs have many different communication methods, based on the concept of time, we categorized the base communication model of the IPCTCs into three types and then utilized the signal processing theory to build their mathematical models. As a result, the basic characteristics of the IPCTCs' base model were formally derived. Hence, the characteristics of any IPCTC can be derived from the base models that consist of the IPCTC. Furthermore, a set of approaches was devised to implement the base model of the IPCTCs in a TCP/IP network. Experimental results show the correctness of the pro- posed base model of the IPCTCs in this paper.展开更多
基金supported in part by the National Natural Science Foundation of China under Grant Nos.62173002, 61925303, 62088101, U20B2073, and 61720106011the Beijing Natural Science Foundation under Grant No. 4222045
文摘This paper mainly investigates the security problem of a networked control system based on a Kalman filter.A false data injection attack scheme is proposed to only tamper the measurement output,and its stealthiness and effects on system performance are analyzed under three cases of system knowledge held by an attacker and a defender.Firstly,it is derived that the proposed attack scheme is stealthy for a residual-based detector when the attacker and the defender hold the same accurate system knowledge.Secondly,it is proven that the proposed attack scheme is still stealthy even if the defender actively modifies the Kalman filter gain so as to make it different from that of the attacker.Thirdly,the stealthiness condition of the proposed attack scheme based on an inaccurate model is given.Furthermore,for each case,the instability conditions of the closed-loop system under attack are derived.Finally,simulation results are provided to test the proposed attack scheme.
基金supported by the National Natural Science Foundation of China under Grant Nos.61925303,62088101,U20B2073,61720106011,and 62173002the National Key R&D Program of China under Grant No.2018YFB1700100the Beijing Natural Science Foundation under Grant No.4222045。
文摘This paper,from the view of a defender,addresses the security problem of cyber-physical systems(CPSs)subject to stealthy false data injection(FDI)attacks that cannot be detected by a residual-based anomaly detector without other defensive measures.To detect such a class of FDI attacks,a stochastic coding scheme,which codes the sensor measurement with a Gaussian stochastic signal at the sensor side,is proposed to assist an anomaly detector to expose the FDI attack.In order to ensure the system performance in the normal operational context,a decoder is adopted to decode the coded sensor measurement when received at the controller side.With this detection scheme,the residual under the attack can be significantly different from that in the normal situation,and thus trigger an alarm.The design condition of the coding signal covariance is derived to meet the constraints of false alarm rate and attack detection rate.To minimize the trace of the coding signal covariance,the design problem of the coding signal is converted into a constraint non-convex optimization problem,and an estimation-optimization iteration algorithm is presented to obtain a numerical solution of the coding signal covariance.A numerical example is given to verify the effectiveness of the proposed scheme.
基金supported by the National Natural Science Foundation of China(61925303,62173034,62088101,U20B2073,62173002)the National Key Research and Development Program of China(2021YFB1714800)Beijing Natural Science Foundation(4222045)。
文摘This paper investigates the security issue of multisensor remote estimation systems.An optimal stealthy false data injection(FDI)attack scheme based on historical and current residuals,which only tampers with the measurement residuals of partial sensors due to limited attack resources,is proposed to maximally degrade system estimation performance.The attack stealthiness condition is given,and then the estimation error covariance in compromised state is derived to quantify the system performance under attack.The optimal attack strategy is obtained by solving several convex optimization problems which maximize the trace of the compromised estimation error covariance subject to the stealthiness condition.Moreover,due to the constraint of attack resources,the selection principle of the attacked sensor is provided to determine which sensor is attacked so as to hold the most impact on system performance.Finally,simulation results are presented to verify the theoretical analysis.
基金financially supported by the Royal Society Newton Advanced Fellowship(NA170184)the National Natural Science Foundation of China(52173052)the Natural Science Foundation of Jiangsu Province(BK20210133).
文摘Boron nitride(BN)aerogels,composed of nanoscale BN building units together with plenty of air in between these nanoscale building units,are ultralight ceramic materials with excellent thermal/electrical insulation,great chemical stability and high-temperature oxidation resistance,which offer considerable advantages for various applications under extreme conditions.However,previous BN aerogels cannot resist high temperature above 900℃ in air atmosphere,and hightemperature oxidation resistance enhancement for BN aerogels is still a great challenge.Herein,a calcium-doped BN(Ca-BN)aerogel with enhanced high-temperature stability(up to~1300℃ in air)was synthesized by introducing Ca atoms into crystal structure of BN building blocks via high-temperature reaction between calcium phosphate and melamine diborate architecture.Such Ca-BN aerogels could resist the burning of butane flame(~1300℃)and keep their megashape and microstructure very well.Furthermore,Ca-BN aerogel serves as thermal insulation layer,together with Al foil serving as both low-infrared-emission layer and high-infrared-reflection layer,forming a combination structure that can effectively hide high-temperature target(heated by butane flame).Such successful chemical doping of metal element into crystal structure of BN may be helpful in the future design and fabrication of advanced BN aerogel materials,and further extending their possible applications to extremely high-temperature environments.
基金This work was supported by National Natural Science Foundation of China(Grant No.21975133,21774062)the Key Projects of Natural Science Foundation of Tianjin,China(19JCZDJC36900)This work is dedicated to the 100th anniversary of Chemistry at Nankai University.
文摘The efficacious delivery of antimicrobial drugs to intractable oral biofilms remains a challenge due to inadequate biofilm penetration and lack of pathogen targeting.Herein,we have developed a microenvironment-activated poly(ethylene glycol)(PEG)-sheddable nanoplatform to mediate targeted delivery of drugs into oral biofilms for the efficient prevention of dental caries.The PEGylated nanoplatform with enhanced biofilm penetration is capable of deshielding the PEG layer under slightly acidic conditions in a PEG chain length-dependent manner to re-expose the bacteria-targeting ligands,thereby facilitating targeted codelivery of ciprofloxacin(CIP)and IR780 to the bacteria after accumulation within biofilms.The nanoplatform tends to induce bacterial agglomeration and suffers from degradation in the acidic oral biofilm microenvironment,triggering rapid drug release on demand around bacterial cells.The self-modulating nanoplatform under near-infrared(NIR)irradiation accordingly displays greatly augmented potency in oral biofilm penetration and disruption compared with drugs alone.Topical oral treatment with nanoplatforms involving synergetic pharmacological and photothermal/photodynamic trinary therapy results in robust biofilm dispersion and efficacious suppression of severe tooth decay in rats.This versatile nanoplatform can promote local accumulation and specific drug transport into biofilms and represents a new paradigm for targeted drug delivery for the management of oral biofilm-associated infections.
基金This work is supported by U.S.Office of Naval Research under grants N00014-16-1-3214 and N00014-16-1-3216.
文摘Web crawlers have been misused for several malicious purposes such as downloading server data without permission from the website administrator.Moreover,armoured crawlers are evolving against new anti-crawler mechanisms in the arm races between crawler developers and crawler defenders.In this paper,based on one observation that normal users and malicious crawlers have different short-term and long-term download behaviours,we develop a new anti-crawler mechanism called PathMarker to detect and constrain persistent distributed crawlers.By adding a marker to each Uniform Resource Locator(URL),we can trace the page that leads to the access of this URL and the user identity who accesses this URL.With this supporting information,we can not only perform more accurate heuristic detection using the path related features,but also develop a Support Vector Machine based machine learning detection model to distinguish malicious crawlers from normal users via inspecting their different patterns of URL visiting paths and URL visiting timings.In addition to effectively detecting crawlers at the earliest stage,PathMarker can dramatically suppress the scraping efficiency of crawlers before they are detected.We deploy our approach on an online forum website,and the evaluation results show that PathMarker can quickly capture all 6 open-source and in-house crawlers,plus two external crawlers(i.e.,Googlebots and Yahoo Slurp).
基金supported by U.S.Office of Naval Research under grants N00014-16-1-3214 and N00014-16-1-3216.
文摘Web crawlers have been misused for several malicious purposes such as downloading server data without permission from the website administrator.Moreover,armoured crawlers are evolving against new anti-crawler mechanisms in the arm races between crawler developers and crawler defenders.In this paper,based on one observation that normal users and malicious crawlers have different short-term and long-term download behaviours,we develop a new anti-crawler mechanism called PathMarker to detect and constrain persistent distributed crawlers.By adding a marker to each Uniform Resource Locator(URL),we can trace the page that leads to the access of this URL and the user identity who accesses this URL.With this supporting information,we can not only perform more accurate heuristic detection using the path related features,but also develop a Support Vector Machine based machine learning detection model to distinguish malicious crawlers from normal users via inspecting their different patterns of URL visiting paths and URL visiting timings.In addition to effectively detecting crawlers at the earliest stage,PathMarker can dramatically suppress the scraping efficiency of crawlers before they are detected.We deploy our approach on an online forum website,and the evaluation results show that PathMarker can quickly capture all 6 open-source and in-house crawlers,plus two external crawlers(i.e.,Googlebots and Yahoo Slurp).
基金This work was supported in part by the National Nature Science Foundation of China (Grant Nos. 61300228 and 61672269), Jiangsu Technology Support Project (BE2013103, BA2015161) Bajian Project of Jiangsu University (1213000013).
文摘IP covert timing channel (IPCTC) is an unconventional communication channel which attaches time information to the packets of an overt channel as messages carders, e.g., using different inter-packet delays to transmit messages in a packet-switched network. Although the IPCTCs have many different communication methods, based on the concept of time, we categorized the base communication model of the IPCTCs into three types and then utilized the signal processing theory to build their mathematical models. As a result, the basic characteristics of the IPCTCs' base model were formally derived. Hence, the characteristics of any IPCTC can be derived from the base models that consist of the IPCTC. Furthermore, a set of approaches was devised to implement the base model of the IPCTCs in a TCP/IP network. Experimental results show the correctness of the pro- posed base model of the IPCTCs in this paper.
