期刊文献+
共找到24,589篇文章
< 1 2 250 >
每页显示 20 50 100
XMAM:X-raying models with a matrix to reveal backdoor attacks for federated learning 被引量:1
1
作者 Jianyi Zhang Fangjiao Zhang +3 位作者 Qichao Jin Zhiqiang Wang Xiaodong Lin Xiali Hei 《Digital Communications and Networks》 SCIE CSCD 2024年第4期1154-1167,共14页
Federated Learning(FL),a burgeoning technology,has received increasing attention due to its privacy protection capability.However,the base algorithm FedAvg is vulnerable when it suffers from so-called backdoor attacks... Federated Learning(FL),a burgeoning technology,has received increasing attention due to its privacy protection capability.However,the base algorithm FedAvg is vulnerable when it suffers from so-called backdoor attacks.Former researchers proposed several robust aggregation methods.Unfortunately,due to the hidden characteristic of backdoor attacks,many of these aggregation methods are unable to defend against backdoor attacks.What's more,the attackers recently have proposed some hiding methods that further improve backdoor attacks'stealthiness,making all the existing robust aggregation methods fail.To tackle the threat of backdoor attacks,we propose a new aggregation method,X-raying Models with A Matrix(XMAM),to reveal the malicious local model updates submitted by the backdoor attackers.Since we observe that the output of the Softmax layer exhibits distinguishable patterns between malicious and benign updates,unlike the existing aggregation algorithms,we focus on the Softmax layer's output in which the backdoor attackers are difficult to hide their malicious behavior.Specifically,like medical X-ray examinations,we investigate the collected local model updates by using a matrix as an input to get their Softmax layer's outputs.Then,we preclude updates whose outputs are abnormal by clustering.Without any training dataset in the server,the extensive evaluations show that our XMAM can effectively distinguish malicious local model updates from benign ones.For instance,when other methods fail to defend against the backdoor attacks at no more than 20%malicious clients,our method can tolerate 45%malicious clients in the black-box mode and about 30%in Projected Gradient Descent(PGD)mode.Besides,under adaptive attacks,the results demonstrate that XMAM can still complete the global model training task even when there are 40%malicious clients.Finally,we analyze our method's screening complexity and compare the real screening time with other methods.The results show that XMAM is about 10–10000 times faster than the existing methods. 展开更多
关键词 Federated learning Backdoor attacks Aggregation methods
下载PDF
Distributed Platooning Control of Automated Vehicles Subject to Replay Attacks Based on Proportional Integral Observers 被引量:1
2
作者 Meiling Xie Derui Ding +3 位作者 Xiaohua Ge Qing-Long Han Hongli Dong Yan Song 《IEEE/CAA Journal of Automatica Sinica》 SCIE EI CSCD 2024年第9期1954-1966,共13页
Secure platooning control plays an important role in enhancing the cooperative driving safety of automated vehicles subject to various security vulnerabilities.This paper focuses on the distributed secure control issu... Secure platooning control plays an important role in enhancing the cooperative driving safety of automated vehicles subject to various security vulnerabilities.This paper focuses on the distributed secure control issue of automated vehicles affected by replay attacks.A proportional-integral-observer(PIO)with predetermined forgetting parameters is first constructed to acquire the dynamical information of vehicles.Then,a time-varying parameter and two positive scalars are employed to describe the temporal behavior of replay attacks.In light of such a scheme and the common properties of Laplace matrices,the closed-loop system with PIO-based controllers is transformed into a switched and time-delayed one.Furthermore,some sufficient conditions are derived to achieve the desired platooning performance by the view of the Lyapunov stability theory.The controller gains are analytically determined by resorting to the solution of certain matrix inequalities only dependent on maximum and minimum eigenvalues of communication topologies.Finally,a simulation example is provided to illustrate the effectiveness of the proposed control strategy. 展开更多
关键词 Automated vehicles platooning control proportional-integral-observers(PIOs) replay attacks TIME-DELAYS
下载PDF
Anti-Byzantine Attacks Enabled Vehicle Selection for Asynchronous Federated Learning in Vehicular Edge Computing 被引量:1
3
作者 Zhang Cui Xu Xiao +4 位作者 Wu Qiong Fan Pingyi Fan Qiang Zhu Huiling Wang Jiangzhou 《China Communications》 SCIE CSCD 2024年第8期1-17,共17页
In vehicle edge computing(VEC),asynchronous federated learning(AFL)is used,where the edge receives a local model and updates the global model,effectively reducing the global aggregation latency.Due to different amount... In vehicle edge computing(VEC),asynchronous federated learning(AFL)is used,where the edge receives a local model and updates the global model,effectively reducing the global aggregation latency.Due to different amounts of local data,computing capabilities and locations of the vehicles,renewing the global model with same weight is inappropriate.The above factors will affect the local calculation time and upload time of the local model,and the vehicle may also be affected by Byzantine attacks,leading to the deterioration of the vehicle data.However,based on deep reinforcement learning(DRL),we can consider these factors comprehensively to eliminate vehicles with poor performance as much as possible and exclude vehicles that have suffered Byzantine attacks before AFL.At the same time,when aggregating AFL,we can focus on those vehicles with better performance to improve the accuracy and safety of the system.In this paper,we proposed a vehicle selection scheme based on DRL in VEC.In this scheme,vehicle’s mobility,channel conditions with temporal variations,computational resources with temporal variations,different data amount,transmission channel status of vehicles as well as Byzantine attacks were taken into account.Simulation results show that the proposed scheme effectively improves the safety and accuracy of the global model. 展开更多
关键词 asynchronous federated learning byzantine attacks vehicle selection vehicular edge computing
下载PDF
Evaluating Privacy Leakage and Memorization Attacks on Large Language Models (LLMs) in Generative AI Applications 被引量:1
4
作者 Harshvardhan Aditya Siddansh Chawla +6 位作者 Gunika Dhingra Parijat Rai Saumil Sood Tanmay Singh Zeba Mohsin Wase Arshdeep Bahga Vijay K. Madisetti 《Journal of Software Engineering and Applications》 2024年第5期421-447,共27页
The recent interest in the deployment of Generative AI applications that use large language models (LLMs) has brought to the forefront significant privacy concerns, notably the leakage of Personally Identifiable Infor... The recent interest in the deployment of Generative AI applications that use large language models (LLMs) has brought to the forefront significant privacy concerns, notably the leakage of Personally Identifiable Information (PII) and other confidential or protected information that may have been memorized during training, specifically during a fine-tuning or customization process. We describe different black-box attacks from potential adversaries and study their impact on the amount and type of information that may be recovered from commonly used and deployed LLMs. Our research investigates the relationship between PII leakage, memorization, and factors such as model size, architecture, and the nature of attacks employed. The study utilizes two broad categories of attacks: PII leakage-focused attacks (auto-completion and extraction attacks) and memorization-focused attacks (various membership inference attacks). The findings from these investigations are quantified using an array of evaluative metrics, providing a detailed understanding of LLM vulnerabilities and the effectiveness of different attacks. 展开更多
关键词 Large Language Models PII Leakage Privacy Memorization OVERFITTING Membership Inference attack (MIA)
下载PDF
Ensuring Secure Platooning of Constrained Intelligent and Connected Vehicles Against Byzantine Attacks:A Distributed MPC Framework 被引量:1
5
作者 Henglai Wei Hui Zhang +1 位作者 Kamal AI-Haddad Yang Shi 《Engineering》 SCIE EI CAS CSCD 2024年第2期35-46,共12页
This study investigates resilient platoon control for constrained intelligent and connected vehicles(ICVs)against F-local Byzantine attacks.We introduce a resilient distributed model-predictive platooning control fram... This study investigates resilient platoon control for constrained intelligent and connected vehicles(ICVs)against F-local Byzantine attacks.We introduce a resilient distributed model-predictive platooning control framework for such ICVs.This framework seamlessly integrates the predesigned optimal control with distributed model predictive control(DMPC)optimization and introduces a unique distributed attack detector to ensure the reliability of the transmitted information among vehicles.Notably,our strategy uses previously broadcasted information and a specialized convex set,termed the“resilience set”,to identify unreliable data.This approach significantly eases graph robustness prerequisites,requiring only an(F+1)-robust graph,in contrast to the established mean sequence reduced algorithms,which require a minimum(2F+1)-robust graph.Additionally,we introduce a verification algorithm to restore trust in vehicles under minor attacks,further reducing communication network robustness.Our analysis demonstrates the recursive feasibility of the DMPC optimization.Furthermore,the proposed method achieves exceptional control performance by minimizing the discrepancies between the DMPC control inputs and predesigned platoon control inputs,while ensuring constraint compliance and cybersecurity.Simulation results verify the effectiveness of our theoretical findings. 展开更多
关键词 Model predictive control Resilient control Platoon control Intelligent and connected vehicle Byzantine attacks
下载PDF
A Probabilistic Trust Model and Control Algorithm to Protect 6G Networks against Malicious Data Injection Attacks in Edge Computing Environments 被引量:1
6
作者 Borja Bordel Sánchez Ramón Alcarria Tomás Robles 《Computer Modeling in Engineering & Sciences》 SCIE EI 2024年第10期631-654,共24页
Future 6G communications are envisioned to enable a large catalogue of pioneering applications.These will range from networked Cyber-Physical Systems to edge computing devices,establishing real-time feedback control l... Future 6G communications are envisioned to enable a large catalogue of pioneering applications.These will range from networked Cyber-Physical Systems to edge computing devices,establishing real-time feedback control loops critical for managing Industry 5.0 deployments,digital agriculture systems,and essential infrastructures.The provision of extensive machine-type communications through 6G will render many of these innovative systems autonomous and unsupervised.While full automation will enhance industrial efficiency significantly,it concurrently introduces new cyber risks and vulnerabilities.In particular,unattended systems are highly susceptible to trust issues:malicious nodes and false information can be easily introduced into control loops.Additionally,Denialof-Service attacks can be executed by inundating the network with valueless noise.Current anomaly detection schemes require the entire transformation of the control software to integrate new steps and can only mitigate anomalies that conform to predefined mathematical models.Solutions based on an exhaustive data collection to detect anomalies are precise but extremely slow.Standard models,with their limited understanding of mobile networks,can achieve precision rates no higher than 75%.Therefore,more general and transversal protection mechanisms are needed to detect malicious behaviors transparently.This paper introduces a probabilistic trust model and control algorithm designed to address this gap.The model determines the probability of any node to be trustworthy.Communication channels are pruned for those nodes whose probability is below a given threshold.The trust control algorithmcomprises three primary phases,which feed themodel with three different probabilities,which are weighted and combined.Initially,anomalous nodes are identified using Gaussian mixture models and clustering technologies.Next,traffic patterns are studied using digital Bessel functions and the functional scalar product.Finally,the information coherence and content are analyzed.The noise content and abnormal information sequences are detected using a Volterra filter and a bank of Finite Impulse Response filters.An experimental validation based on simulation tools and environments was carried out.Results show the proposed solution can successfully detect up to 92%of malicious data injection attacks. 展开更多
关键词 6G networks noise injection attacks Gaussian mixture model Bessel function traffic filter Volterra filter
下载PDF
Detection and defending the XSS attack using novel hybrid stacking ensemble learning-based DNN approach 被引量:1
7
作者 Muralitharan Krishnan Yongdo Lim +1 位作者 Seethalakshmi Perumal Gayathri Palanisamy 《Digital Communications and Networks》 SCIE CSCD 2024年第3期716-727,共12页
Existing web-based security applications have failed in many situations due to the great intelligence of attackers.Among web applications,Cross-Site Scripting(XSS)is one of the dangerous assaults experienced while mod... Existing web-based security applications have failed in many situations due to the great intelligence of attackers.Among web applications,Cross-Site Scripting(XSS)is one of the dangerous assaults experienced while modifying an organization's or user's information.To avoid these security challenges,this article proposes a novel,all-encompassing combination of machine learning(NB,SVM,k-NN)and deep learning(RNN,CNN,LSTM)frameworks for detecting and defending against XSS attacks with high accuracy and efficiency.Based on the representation,a novel idea for merging stacking ensemble with web applications,termed“hybrid stacking”,is proposed.In order to implement the aforementioned methods,four distinct datasets,each of which contains both safe and unsafe content,are considered.The hybrid detection method can adaptively identify the attacks from the URL,and the defense mechanism inherits the advantages of URL encoding with dictionary-based mapping to improve prediction accuracy,accelerate the training process,and effectively remove the unsafe JScript/JavaScript keywords from the URL.The simulation results show that the proposed hybrid model is more efficient than the existing detection methods.It produces more than 99.5%accurate XSS attack classification results(accuracy,precision,recall,f1_score,and Receiver Operating Characteristic(ROC))and is highly resistant to XSS attacks.In order to ensure the security of the server's information,the proposed hybrid approach is demonstrated in a real-time environment. 展开更多
关键词 Machine learning Deep neural networks Classification Stacking ensemble XSS attack URL encoding JScript/JavaScript Web security
下载PDF
Phishing Attacks Detection Using EnsembleMachine Learning Algorithms
8
作者 Nisreen Innab Ahmed Abdelgader Fadol Osman +4 位作者 Mohammed Awad Mohammed Ataelfadiel Marwan Abu-Zanona Bassam Mohammad Elzaghmouri Farah H.Zawaideh Mouiad Fadeil Alawneh 《Computers, Materials & Continua》 SCIE EI 2024年第7期1325-1345,共21页
Phishing,an Internet fraudwhere individuals are deceived into revealing critical personal and account information,poses a significant risk to both consumers and web-based institutions.Data indicates a persistent rise ... Phishing,an Internet fraudwhere individuals are deceived into revealing critical personal and account information,poses a significant risk to both consumers and web-based institutions.Data indicates a persistent rise in phishing attacks.Moreover,these fraudulent schemes are progressively becoming more intricate,thereby rendering them more challenging to identify.Hence,it is imperative to utilize sophisticated algorithms to address this issue.Machine learning is a highly effective approach for identifying and uncovering these harmful behaviors.Machine learning(ML)approaches can identify common characteristics in most phishing assaults.In this paper,we propose an ensemble approach and compare it with six machine learning techniques to determine the type of website and whether it is normal or not based on two phishing datasets.After that,we used the normalization technique on the dataset to transform the range of all the features into the same range.The findings of this paper for all algorithms are as follows in the first dataset based on accuracy,precision,recall,and F1-score,respectively:Decision Tree(DT)(0.964,0.961,0.976,0.968),Random Forest(RF)(0.970,0.964,0.984,0.974),Gradient Boosting(GB)(0.960,0.959,0.971,0.965),XGBoost(XGB)(0.973,0.976,0.976,0.976),AdaBoost(0.934,0.934,0.950,0.942),Multi Layer Perceptron(MLP)(0.970,0.971,0.976,0.974)and Voting(0.978,0.975,0.987,0.981).So,the Voting classifier gave the best results.While in the second dataset,all the algorithms gave the same results in four evaluation metrics,which indicates that each of them can effectively accomplish the prediction process.Also,this approach outperformed the previous work in detecting phishing websites with high accuracy,a lower false negative rate,a shorter prediction time,and a lower false positive rate. 展开更多
关键词 Social engineering attackS phishing attacks machine learning SECURITY artificial intelligence
下载PDF
Evaluating the Efficacy of Latent Variables in Mitigating Data Poisoning Attacks in the Context of Bayesian Networks:An Empirical Study
9
作者 Shahad Alzahrani Hatim Alsuwat Emad Alsuwat 《Computer Modeling in Engineering & Sciences》 SCIE EI 2024年第5期1635-1654,共20页
Bayesian networks are a powerful class of graphical decision models used to represent causal relationships among variables.However,the reliability and integrity of learned Bayesian network models are highly dependent ... Bayesian networks are a powerful class of graphical decision models used to represent causal relationships among variables.However,the reliability and integrity of learned Bayesian network models are highly dependent on the quality of incoming data streams.One of the primary challenges with Bayesian networks is their vulnerability to adversarial data poisoning attacks,wherein malicious data is injected into the training dataset to negatively influence the Bayesian network models and impair their performance.In this research paper,we propose an efficient framework for detecting data poisoning attacks against Bayesian network structure learning algorithms.Our framework utilizes latent variables to quantify the amount of belief between every two nodes in each causal model over time.We use our innovative methodology to tackle an important issue with data poisoning assaults in the context of Bayesian networks.With regard to four different forms of data poisoning attacks,we specifically aim to strengthen the security and dependability of Bayesian network structure learning techniques,such as the PC algorithm.By doing this,we explore the complexity of this area and offer workablemethods for identifying and reducing these sneaky dangers.Additionally,our research investigates one particular use case,the“Visit to Asia Network.”The practical consequences of using uncertainty as a way to spot cases of data poisoning are explored in this inquiry,which is of utmost relevance.Our results demonstrate the promising efficacy of latent variables in detecting and mitigating the threat of data poisoning attacks.Additionally,our proposed latent-based framework proves to be sensitive in detecting malicious data poisoning attacks in the context of stream data. 展开更多
关键词 Bayesian networks data poisoning attacks latent variables structure learning algorithms adversarial attacks
下载PDF
Termite Attack and Damage in Cocoa Plantations in Daloa Department, Central-Western Côte d’Ivoire
10
作者 Yao Martin Siapo Ehui Joachim Ano +1 位作者 Yao Kan Séraphin Diby Annick Yamousso Tahiri 《American Journal of Plant Sciences》 CAS 2024年第10期996-1009,共14页
Cocoa farming faces numerous constraints that affect production levels. Among these constraints are termites, one of the biggest scourges in tropical agriculture and agroforestry. The aim of this study is to assess th... Cocoa farming faces numerous constraints that affect production levels. Among these constraints are termites, one of the biggest scourges in tropical agriculture and agroforestry. The aim of this study is to assess the level of damage caused by termites in cocoa plantations. To this end, 3 plantations were selected. In each of the 3 plantations, 18 plots containing an average of 47 ± 6 cocoa plants were delimited. Sampling was based on 25 cocoa plants per plot. The study consisted in sampling the termites observed on the plants and noting the type of damage caused by them, taking into account the density of the harvest veneers and, above all, the termites’ progress through the anatomical structures of the plant, i.e. the bark, sapwood and heartwood. A total of 8 termite species were collected from cocoa plants. These species are responsible for four types of damage (D1, D2, D3 and D4), grouped into minor damage (D1 and D2) and major damage (D3 and D4). D1 damage ranged from 24.67% ± 5.64% to 39.55% ± 7.43%. D2 damage ranged from 6.88% ± 1.31% to 9.33% ± 2.79%. D3 damage ranged from 2.88% ± 1.55% to 6.44% ± 1.55%. D4 damage ranged from 1.11% ± 1% to 3.11% ± 1.37%. Among the termite species collected, Microcerotermes sp, C. sjostedti, A. crucifer and P. militaris were the most formidable on cocoa trees in our study locality. In view of the extensive damage caused by termites, biological control measures should be considered, using insecticidal plants. 展开更多
关键词 TERMITES attackS DAMAGE Cocoa Trees Côte d’Ivoire
下载PDF
Countermeasure against blinding attack for single-photon detectors in quantum key distribution
11
作者 Lianjun Jiang Dongdong Li +12 位作者 Yuqiang Fang Meisheng Zhao Ming Liu Zhilin Xie Yukang Zhao Yanlin Tang Wei Jiang Houlin Fang Rui Ma Lei Cheng Weifeng Yang Songtao Han Shibiao Tang 《Journal of Semiconductors》 EI CAS CSCD 2024年第4期76-81,共6页
Quantum key distribution(QKD),rooted in quantum mechanics,offers information-theoretic security.However,practi-cal systems open security threats due to imperfections,notably bright-light blinding attacks targeting sin... Quantum key distribution(QKD),rooted in quantum mechanics,offers information-theoretic security.However,practi-cal systems open security threats due to imperfections,notably bright-light blinding attacks targeting single-photon detectors.Here,we propose a concise,robust defense strategy for protecting single-photon detectors in QKD systems against blinding attacks.Our strategy uses a dual approach:detecting the bias current of the avalanche photodiode(APD)to defend against con-tinuous-wave blinding attacks,and monitoring the avalanche amplitude to protect against pulsed blinding attacks.By integrat-ing these two branches,the proposed solution effectively identifies and mitigates a wide range of bright light injection attempts,significantly enhancing the resilience of QKD systems against various bright-light blinding attacks.This method forti-fies the safeguards of quantum communications and offers a crucial contribution to the field of quantum information security. 展开更多
关键词 quantum key distribution single photon detector blinding attack pulsed blinding attack COUNTERMEASURE quan-tum communication
下载PDF
Novel cyber-physical collaborative detection and localization method against dynamic load altering attacks in smart energy grids
12
作者 Xinyu Wang Xiangjie Wang +2 位作者 Xiaoyuan Luo Xinping Guan Shuzheng Wang 《Global Energy Interconnection》 EI CSCD 2024年第3期362-376,共15页
Owing to the integration of energy digitization and artificial intelligence technology,smart energy grids can realize the stable,efficient and clean operation of power systems.However,the emergence of cyber-physical a... Owing to the integration of energy digitization and artificial intelligence technology,smart energy grids can realize the stable,efficient and clean operation of power systems.However,the emergence of cyber-physical attacks,such as dynamic load-altering attacks(DLAAs)has introduced great challenges to the security of smart energy grids.Thus,this study developed a novel cyber-physical collaborative security framework for DLAAs in smart energy grids.The proposed framework integrates attack prediction in the cyber layer with the detection and localization of attacks in the physical layer.First,a data-driven method was proposed to predict the DLAA sequence in the cyber layer.By designing a double radial basis function network,the influence of disturbances on attack prediction can be eliminated.Based on the prediction results,an unknown input observer-based detection and localization method was further developed for the physical layer.In addition,an adaptive threshold was designed to replace the traditional precomputed threshold and improve the detection performance of the DLAAs.Consequently,through the collaborative work of the cyber-physics layer,injected DLAAs were effectively detected and located.Compared with existing methodologies,the simulation results on IEEE 14-bus and 118-bus power systems verified the superiority of the proposed cyber-physical collaborative detection and localization against DLAAs. 展开更多
关键词 Smart energy grids Cyber-physical system Dynamic load altering attacks attack prediction Detection and localization
下载PDF
Experimental Study of Local Scour Around Four Piles Under Different Attack Angles and Gap Ratios
13
作者 LIU Ming-ming TANG Guo-qiang +1 位作者 JIN Xin GENG Shao-yang 《China Ocean Engineering》 SCIE EI CSCD 2024年第4期612-624,共13页
In an effort to investigate and quantify the patterns of local scour,researchers embarked on an in-depth study using a systematic experimental approach.The research focused on the effects of local scour around a set o... In an effort to investigate and quantify the patterns of local scour,researchers embarked on an in-depth study using a systematic experimental approach.The research focused on the effects of local scour around a set of four piles,each subjected to different hydromechanical conditions.In particular,this study aimed to determine how different attack angles—the angles at which the water flow impinges on the piles,and gap ratios—the ratios of the spacing between the piles to their diameters,influence the extent and nature of scour.A comprehensive series of 35 carefully designed experiments were orchestrated,each designed to dissect the nuances in how the gap ratio and attack angle might contribute to changes in the local scour observed at the base of pile groups.During these experimental trials,a wealth of local scour data were collected to support the analysis.These data included precise topographic profiles of the sediment bed around the pile groups,as well as detailed scour time histories showing the evolution of scour at strategic feature points throughout the test procedure.The analysis of the experimental data provided interesting insights.The study revealed that the interplay between the gap ratio and the attack angle had a pronounced influence on the scouring dynamics of the pile groups.One of the key observations was that the initial phases of scour,particularly within the first hour of water flow exposure,were characterized by a sharp increase in the scour depth occurring immediately in front of the piles.After this initial rapid development,the scour depth transitioned to a more gradual change rate.In contrast,the scour topography around the piles continuously evolved.This suggests that sediment displacement and the associated sculpting of the seabed around pile foundations are sustained and progressive processes,altering the underwater landscape over time.The results of this empirical investigation have significant implications for the design and construction of offshore multi-pile foundations,providing a critical reference for engineers and designers to estimate the expected scour depth around such structures,which is an integral part of decisions regarding foundation design,selection of structural materials,and implementation of scour protection measures. 展开更多
关键词 local scour PILES gap ratio attack angle
下载PDF
Mitigating while Accessing:A Lightweight Defense Framework Against Link Flooding Attacks in SDN
14
作者 Sun Hancun Chen Xu +1 位作者 Luo Yantian Ge Ning 《China Communications》 SCIE CSCD 2024年第11期15-27,共13页
Link flooding attack(LFA)is a type of covert distributed denial of service(DDoS)attack.The attack mechanism of LFAs is to flood critical links within the network to cut off the target area from the Internet.Recently,t... Link flooding attack(LFA)is a type of covert distributed denial of service(DDoS)attack.The attack mechanism of LFAs is to flood critical links within the network to cut off the target area from the Internet.Recently,the proliferation of Internet of Things(IoT)has increased the quantity of vulnerable devices connected to the network and has intensified the threat of LFAs.In LFAs,attackers typically utilize low-speed flows that do not reach the victims,making the attack difficult to detect.Traditional LFA defense methods mainly reroute the attack traffic around the congested link,which encounters high complexity and high computational overhead due to the aggregation of massive attack traffic.To address these challenges,we present an LFA defense framework which can mitigate the attack flows at the border switches when they are small in scale.This framework is lightweight and can be deployed at border switches of the network in a distributed manner,which ensures the scalability of our defense system.The performance of our framework is assessed in an experimental environment.The simulation results indicate that our method is effective in detecting and mitigating LFAs with low time complexity. 展开更多
关键词 attack mitigation distributed denial of service(DDoS) link flooding attack(LFA) software defined networking(SDN)
下载PDF
Game theory attack pricing for mining pools in blockchain-based IoT
15
作者 Yourong Chen Hao Chen +3 位作者 Zhenyu Xiong Banteng Liu Zhangquan Wang Meng Han 《Digital Communications and Networks》 SCIE CSCD 2024年第4期973-988,共16页
The malicious mining pool can sacrifice part of its revenue to employ the computing power of blockchain network.The employed computing power carries out the pool mining attacks on the attacked mining pool.To realize t... The malicious mining pool can sacrifice part of its revenue to employ the computing power of blockchain network.The employed computing power carries out the pool mining attacks on the attacked mining pool.To realize the win-win game between the malicious mining pool and the employee,the paper proposes an Employment Attack Pricing Algorithm(EAPA)of mining pools in blockchain based on game theory.In the EAPA,the paper uses mathematical formulas to express the revenue of malicious mining pools under the employment attack,the revenue increment of malicious mining pools,and the revenue of the employee.It establishes a game model between the malicious mining pool and the employee under the employment attack.Then,the paper proposes an optimal computing power price selection strategy of employment attack based on model derivation.In the strategy,the malicious mining pool analyzes the conditions for the employment attack,and uses the derivative method to find the optimal utilization value of computing power,employees analyze the conditions for accepting employment,and use the derivative method to find the optimal reward value of computing power.Finally,the strategy finds the optimal employment computing power price to realize Nash equilibrium between the malicious mining pool and the employee under the current computing power allocation.The simulation results show that the EAPA could find the employment computing power price that realizes the win-win game between the malicious mining pool and the employee.The EAPA also maximizes the unit computing power revenue of employment and the unit computing power revenue of honest mining in malicious mining pool at the same time.The EAPA outperforms the state-of-the-art methods such as SPSUCP,DPSACP,and FPSUCP. 展开更多
关键词 Game theory Blockchain PoW Mining pool Employment attack
下载PDF
General multi-attack detection for continuous-variable quantum key distribution with local local oscillator
16
作者 康茁 刘维琪 +1 位作者 齐锦 贺晨 《Chinese Physics B》 SCIE EI CAS CSCD 2024年第5期255-262,共8页
Continuous-variable quantum key distribution with a local local oscillator(LLO CVQKD)has been extensively researched due to its simplicity and security.For practical security of an LLO CVQKD system,there are two main ... Continuous-variable quantum key distribution with a local local oscillator(LLO CVQKD)has been extensively researched due to its simplicity and security.For practical security of an LLO CVQKD system,there are two main attack modes referred to as reference pulse attack and polarization attack presently.However,there is currently no general defense strategy against such attacks,and the security of the system needs further investigation.Here,we employ a deep learning framework called generative adversarial networks(GANs)to detect both attacks.We first analyze the data in different cases,derive a feature vector as input to a GAN model,and then show the training and testing process of the GAN model for attack classification.The proposed model has two parts,a discriminator and a generator,both of which employ a convolutional neural network(CNN)to improve accuracy.Simulation results show that the proposed scheme can detect and classify attacks without reducing the secret key rate and the maximum transmission distance.It only establishes a detection model by monitoring features of the pulse without adding additional devices. 展开更多
关键词 CVQKD generative adversarial network attack classification
下载PDF
An Improved Framework of Massive Superpoly Recovery in Cube Attacks Against NFSR-Based Stream Ciphers
17
作者 LIU Chen TIAN Tian QI Wen-Feng 《密码学报(中英文)》 CSCD 北大核心 2024年第5期1179-1198,共20页
A critical problem in the cube attack is how to recover superpolies efficiently.As the targeting number of rounds of an iterative stream cipher increases,the scale of its superpolies becomes larger and larger.Recently... A critical problem in the cube attack is how to recover superpolies efficiently.As the targeting number of rounds of an iterative stream cipher increases,the scale of its superpolies becomes larger and larger.Recently,to recover massive superpolies,the nested monomial prediction technique,the algorithm based on the divide-and-conquer strategy,and stretching cube attacks were proposed,which have been used to recover a superpoly with over ten million monomials for the NFSR-based stream ciphers such as Trivium and Grain-128AEAD.Nevertheless,when these methods are used to recover superpolies,many invalid calculations are performed,which makes recovering superpolies more difficult.This study finds an interesting observation that can be used to improve the above methods.Based on the observation,a new method is proposed to avoid a part of invalid calculations during the process of recovering superpolies.Then,the new method is applied to the nested monomial prediction technique and an improved superpoly recovery framework is presented.To verify the effectiveness of the proposed scheme,the improved framework is applied to 844-and 846-round Trivium and the exact ANFs of the superpolies is obtained with over one hundred million monomials,showing the improved superpoly recovery technique is powerful.Besides,extensive experiments on other scaled-down variants of NFSR-based stream ciphers show that the proposed scheme indeed could be more efficient on the superpoly recovery against NFSR-based stream ciphers. 展开更多
关键词 NFSR-based stream ciphers cube attacks MILP Trivium
下载PDF
Explainable AI-Based DDoS Attacks Classification Using Deep Transfer Learning
18
作者 Ahmad Alzu’bi Amjad Albashayreh +1 位作者 Abdelrahman Abuarqoub Mai A.M.Alfawair 《Computers, Materials & Continua》 SCIE EI 2024年第9期3785-3802,共18页
In the era of the Internet of Things(IoT),the proliferation of connected devices has raised security concerns,increasing the risk of intrusions into diverse systems.Despite the convenience and efficiency offered by Io... In the era of the Internet of Things(IoT),the proliferation of connected devices has raised security concerns,increasing the risk of intrusions into diverse systems.Despite the convenience and efficiency offered by IoT technology,the growing number of IoT devices escalates the likelihood of attacks,emphasizing the need for robust security tools to automatically detect and explain threats.This paper introduces a deep learning methodology for detecting and classifying distributed denial of service(DDoS)attacks,addressing a significant security concern within IoT environments.An effective procedure of deep transfer learning is applied to utilize deep learning backbones,which is then evaluated on two benchmarking datasets of DDoS attacks in terms of accuracy and time complexity.By leveraging several deep architectures,the study conducts thorough binary and multiclass experiments,each varying in the complexity of classifying attack types and demonstrating real-world scenarios.Additionally,this study employs an explainable artificial intelligence(XAI)AI technique to elucidate the contribution of extracted features in the process of attack detection.The experimental results demonstrate the effectiveness of the proposed method,achieving a recall of 99.39%by the XAI bidirectional long short-term memory(XAI-BiLSTM)model. 展开更多
关键词 DDoS attack classification deep learning explainable AI CYBERSECURITY
下载PDF
Local Adaptive Gradient Variance Attack for Deep Fake Fingerprint Detection
19
作者 Chengsheng Yuan Baojie Cui +2 位作者 Zhili Zhou Xinting Li Qingming Jonathan Wu 《Computers, Materials & Continua》 SCIE EI 2024年第1期899-914,共16页
In recent years,deep learning has been the mainstream technology for fingerprint liveness detection(FLD)tasks because of its remarkable performance.However,recent studies have shown that these deep fake fingerprint de... In recent years,deep learning has been the mainstream technology for fingerprint liveness detection(FLD)tasks because of its remarkable performance.However,recent studies have shown that these deep fake fingerprint detection(DFFD)models are not resistant to attacks by adversarial examples,which are generated by the introduction of subtle perturbations in the fingerprint image,allowing the model to make fake judgments.Most of the existing adversarial example generation methods are based on gradient optimization,which is easy to fall into local optimal,resulting in poor transferability of adversarial attacks.In addition,the perturbation added to the blank area of the fingerprint image is easily perceived by the human eye,leading to poor visual quality.In response to the above challenges,this paper proposes a novel adversarial attack method based on local adaptive gradient variance for DFFD.The ridge texture area within the fingerprint image has been identified and designated as the region for perturbation generation.Subsequently,the images are fed into the targeted white-box model,and the gradient direction is optimized to compute gradient variance.Additionally,an adaptive parameter search method is proposed using stochastic gradient ascent to explore the parameter values during adversarial example generation,aiming to maximize adversarial attack performance.Experimental results on two publicly available fingerprint datasets show that ourmethod achieves higher attack transferability and robustness than existing methods,and the perturbation is harder to perceive. 展开更多
关键词 FLD adversarial attacks adversarial examples gradient optimization transferability
下载PDF
ATSSC:An Attack Tolerant System in Serverless Computing
20
作者 Zhang Shuai Guo Yunfei +2 位作者 Hu Hongchao Liu Wenyan Wang Yawen 《China Communications》 SCIE CSCD 2024年第6期192-205,共14页
Serverless computing is a promising paradigm in cloud computing that greatly simplifies cloud programming.With serverless computing,developers only provide function code to serverless platform,and these functions are ... Serverless computing is a promising paradigm in cloud computing that greatly simplifies cloud programming.With serverless computing,developers only provide function code to serverless platform,and these functions are invoked by its driven events.Nonetheless,security threats in serverless computing such as vulnerability-based security threats have become the pain point hindering its wide adoption.The ideas in proactive defense such as redundancy,diversity and dynamic provide promising approaches to protect against cyberattacks.However,these security technologies are mostly applied to serverless platform based on“stacked”mode,as they are designed independent with serverless computing.The lack of security consideration in the initial design makes it especially challenging to achieve the all life cycle protection for serverless application with limited cost.In this paper,we present ATSSC,a proactive defense enabled attack tolerant serverless platform.ATSSC integrates the characteristic of redundancy,diversity and dynamic into serverless seamless to achieve high-level security and efficiency.Specifically,ATSSC constructs multiple diverse function replicas to process the driven events and performs cross-validation to verify the results.In order to create diverse function replicas,both software diversity and environment diversity are adopted.Furthermore,a dynamic function refresh strategy is proposed to keep the clean state of serverless functions.We implement ATSSC based on Kubernetes and Knative.Analysis and experimental results demonstrate that ATSSC can effectively protect serverless computing against cyberattacks with acceptable costs. 展开更多
关键词 active defense attack tolerant cloud computing SECURITY serverless computing
下载PDF
上一页 1 2 250 下一页 到第
使用帮助 返回顶部