This paper examines how cybersecurity is developing and how it relates to more conventional information security. Although information security and cyber security are sometimes used synonymously, this study contends t...This paper examines how cybersecurity is developing and how it relates to more conventional information security. Although information security and cyber security are sometimes used synonymously, this study contends that they are not the same. The concept of cyber security is explored, which goes beyond protecting information resources to include a wider variety of assets, including people [1]. Protecting information assets is the main goal of traditional information security, with consideration to the human element and how people fit into the security process. On the other hand, cyber security adds a new level of complexity, as people might unintentionally contribute to or become targets of cyberattacks. This aspect presents moral questions since it is becoming more widely accepted that society has a duty to protect weaker members of society, including children [1]. The study emphasizes how important cyber security is on a larger scale, with many countries creating plans and laws to counteract cyberattacks. Nevertheless, a lot of these sources frequently neglect to define the differences or the relationship between information security and cyber security [1]. The paper focus on differentiating between cybersecurity and information security on a larger scale. The study also highlights other areas of cybersecurity which includes defending people, social norms, and vital infrastructure from threats that arise from online in addition to information and technology protection. It contends that ethical issues and the human factor are becoming more and more important in protecting assets in the digital age, and that cyber security is a paradigm shift in this regard [1].展开更多
The increase in number of people using the Internet leads to increased cyberattack opportunities.Advanced Persistent Threats,or APTs,are among the most dangerous targeted cyberattacks.APT attacks utilize various advan...The increase in number of people using the Internet leads to increased cyberattack opportunities.Advanced Persistent Threats,or APTs,are among the most dangerous targeted cyberattacks.APT attacks utilize various advanced tools and techniques for attacking targets with specific goals.Even countries with advanced technologies,like the US,Russia,the UK,and India,are susceptible to this targeted attack.APT is a sophisticated attack that involves multiple stages and specific strategies.Besides,TTP(Tools,Techniques,and Procedures)involved in the APT attack are commonly new and developed by an attacker to evade the security system.However,APTs are generally implemented in multiple stages.If one of the stages is detected,we may apply a defense mechanism for subsequent stages,leading to the entire APT attack failure.The detection at the early stage of APT and the prediction of the next step in the APT kill chain are ongoing challenges.This survey paper will provide knowledge about APT attacks and their essential steps.This follows the case study of known APT attacks,which will give clear information about the APT attack process—in later sections,highlighting the various detection methods defined by different researchers along with the limitations of the work.Data used in this article comes from the various annual reports published by security experts and blogs and information released by the enterprise networks targeted by the attack.展开更多
Unmanned autonomous helicopter(UAH)path planning problem is an important component of the UAH mission planning system.Aiming to reduce the influence of non-complete ground threat information on UAH path planning,a gro...Unmanned autonomous helicopter(UAH)path planning problem is an important component of the UAH mission planning system.Aiming to reduce the influence of non-complete ground threat information on UAH path planning,a ground threat prediction-based path planning method is proposed based on artificial bee colony(ABC)algorithm by collaborative thinking strategy.Firstly,a dynamic threat distribution probability model is developed based on the characteristics of typical ground threats.The dynamic no-fly zone of the UAH is simulated and established by calculating the distribution probability of ground threats in real time.Then,a dynamic path planning method for UAH is designed in complex environment based on the real-time prediction of ground threats.By adding the collision warning mechanism to the path planning model,the flight path could be dynamically adjusted according to changing no-fly zones.Furthermore,a hybrid enhanced ABC algorithm is proposed based on collaborative thinking strategy.The proposed algorithm applies the leader-member thinking mechanism to guide the direction of population evolution,and reduces the negative impact of local optimal solutions caused by collaborative learning update strategy,which makes the optimization performance of ABC algorithm more controllable and efficient.Finally,simulation results verify the feasibility and effectiveness of the proposed ground threat prediction path planning method.展开更多
In the tobacco industry,insider employee attack is a thorny problem that is difficult to detect.To solve this issue,this paper proposes an insider threat detection method based on heterogeneous graph embedding.First,t...In the tobacco industry,insider employee attack is a thorny problem that is difficult to detect.To solve this issue,this paper proposes an insider threat detection method based on heterogeneous graph embedding.First,the interrelationships between logs are fully considered,and log entries are converted into heterogeneous graphs based on these relationships.Second,the heterogeneous graph embedding is adopted and each log entry is represented as a low-dimensional feature vector.Then,normal logs and malicious logs are classified into different clusters by clustering algorithm to identify malicious logs.Finally,the effectiveness and superiority of the method is verified through experiments on the CERT dataset.The experimental results show that this method has better performance compared to some baseline methods.展开更多
Considering the increased anthropogenic impacts,species with a limited range and low detectability often lack fundamental information and conservation actions,placing them at a high risk of endangerment.The Chinting a...Considering the increased anthropogenic impacts,species with a limited range and low detectability often lack fundamental information and conservation actions,placing them at a high risk of endangerment.The Chinting alpine toad Scutiger chintingensis is a rare mountain amphibian endemic to the eastern margin of the Qinghai-Xizang Plateau in China.Within its whole distribution range,only three known populations(Wolong,Emei,and Wawu)exist and no recent population status report has been documented for this species over the past two decades.From 2020 to 2023,we investigated the species distribution,and assessed the risk factors for the main populations.We recorded this species in all distribution areas,and updated a new distribution site with a lower elevation limit.The relative population density was 0.024±0.012 ind./m^(2)on Mount Emei,whereas only 0.008±0.017 ind./m^(2)on Mount Wawu.No significant difference was observed in the number of individuals between the two populations;however,the relative population density was significantly different.Sewage and waste discharge resulting from the construction of scenic areas,as well as disturbances from tourism,were the primary anthropogenic factors that influenced the survival of this species.Our results provide the updated information on the distribution and population status of the Chinting alpine toad,and suggest that unrecorded populations,as well as a wider elevation range,may exist for this species.Our findings emphasise the importance of timely updates of species distribution and population information and offer a basis for the future conservation of endangered amphibians.展开更多
Information technology is critical in coordinating patient records, smart devices, operations, and critical infrastructure in healthcare organizations, and their constantly changing digital environment, including supp...Information technology is critical in coordinating patient records, smart devices, operations, and critical infrastructure in healthcare organizations, and their constantly changing digital environment, including suppliers, doctors, insurance providers, and regulatory agencies. This dependence on interdependent systems makes this sector vulnerable to various information technology risks. Such threats include common cybersecurity risks such as data breaches and malware attacks, unique problems occurring in healthcare settings such as unauthorized access to patient records, disruptions in services provided at medical facilities, and potential harm caused to patients due to the compromise of medical devices. The threat taxonomies, such as the Open Threat Taxonomy, NIST, or ENISA, are foundational frameworks for grasping and categorizing IT threats. However, these taxonomies were not specifically designed to deal with the complexities of the healthcare industry. The problem arises from the gap between these taxonomies’ general nature and the industry-specific threats and vulnerabilities that affect healthcare organizations. As a result, many healthcare institutions fail to holistically address and eliminate the unique risks related to confidentiality, integrity, and availability of patients’ data as well as critical systems used in healthcare. This paper aims to narrow this gap by carefully assessing these taxonomies to determine the frame-work best suited for addressing the threat environment in the healthcare sector.展开更多
Although AI and quantum computing (QC) are fast emerging as key enablers of the future Internet, experts believe they pose an existential threat to humanity. Responding to the frenzied release of ChatGPT/GPT-4, thousa...Although AI and quantum computing (QC) are fast emerging as key enablers of the future Internet, experts believe they pose an existential threat to humanity. Responding to the frenzied release of ChatGPT/GPT-4, thousands of alarmed tech leaders recently signed an open letter to pause AI research to prepare for the catastrophic threats to humanity from uncontrolled AGI (Artificial General Intelligence). Perceived as an “epistemological nightmare”, AGI is believed to be on the anvil with GPT-5. Two computing rules appear responsible for these risks. 1) Mandatory third-party permissions that allow computers to run applications at the expense of introducing vulnerabilities. 2) The Halting Problem of Turing-complete AI programming languages potentially renders AGI unstoppable. The double whammy of these inherent weaknesses remains invincible under the legacy systems. A recent cybersecurity breakthrough shows that banning all permissions reduces the computer attack surface to zero, delivering a new zero vulnerability computing (ZVC) paradigm. Deploying ZVC and blockchain, this paper formulates and supports a hypothesis: “Safe, secure, ethical, controllable AGI/QC is possible by conquering the two unassailable rules of computability.” Pursued by a European consortium, testing/proving the proposed hypothesis will have a groundbreaking impact on the future digital infrastructure when AGI/QC starts powering the 75 billion internet devices by 2025.展开更多
The Industrial Internet of Things(IIoT)has brought numerous benefits,such as improved efficiency,smart analytics,and increased automation.However,it also exposes connected devices,users,applications,and data generated...The Industrial Internet of Things(IIoT)has brought numerous benefits,such as improved efficiency,smart analytics,and increased automation.However,it also exposes connected devices,users,applications,and data generated to cyber security threats that need to be addressed.This work investigates hybrid cyber threats(HCTs),which are now working on an entirely new level with the increasingly adopted IIoT.This work focuses on emerging methods to model,detect,and defend against hybrid cyber attacks using machine learning(ML)techniques.Specifically,a novel ML-based HCT modelling and analysis framework was proposed,in which L1 regularisation and Random Forest were used to cluster features and analyse the importance and impact of each feature in both individual threats and HCTs.A grey relation analysis-based model was employed to construct the correlation between IIoT components and different threats.展开更多
Aerial threat assessment is a crucial link in modern air combat, whose result counts a great deal for commanders to make decisions. With the consideration that the existing threat assessment methods have difficulties ...Aerial threat assessment is a crucial link in modern air combat, whose result counts a great deal for commanders to make decisions. With the consideration that the existing threat assessment methods have difficulties in dealing with high dimensional time series target data, a threat assessment method based on self-attention mechanism and gated recurrent unit(SAGRU) is proposed. Firstly, a threat feature system including air combat situations and capability features is established. Moreover, a data augmentation process based on fractional Fourier transform(FRFT) is applied to extract more valuable information from time series situation features. Furthermore, aiming to capture key characteristics of battlefield evolution, a bidirectional GRU and SA mechanisms are designed for enhanced features.Subsequently, after the concatenation of the processed air combat situation and capability features, the target threat level will be predicted by fully connected neural layers and the softmax classifier. Finally, in order to validate this model, an air combat dataset generated by a combat simulation system is introduced for model training and testing. The comparison experiments show the proposed model has structural rationality and can perform threat assessment faster and more accurately than the other existing models based on deep learning.展开更多
The Unintentional Insider Threat (UIT) concept highlights that insider threats might not always stem from malicious intent and can occur across various domains. This research examines how individuals with medical or p...The Unintentional Insider Threat (UIT) concept highlights that insider threats might not always stem from malicious intent and can occur across various domains. This research examines how individuals with medical or psychological issues might unintentionally become insider threats due to their perception of being targeted. Insights from the survey A Survey of Unintentional Medical Insider Threat Category indicate that such perceptions can be linked to underlying health conditions. The study Emotion Analysis Based on Belief of Targeted Individual Supporting Insider Threat Detection reveals that anger is a common emotion among these individuals. The findings suggest that UITs are often linked to medical or psychological issues, with anger being prevalent. To mitigate these risks, it is recommended that Insider Threat programs integrate expertise from medicine, psychology, and cybersecurity. Additionally, handwriting analysis is proposed as a potential tool for detecting insider threats, reflecting the evolving nature of threat assessment methodologies.展开更多
Self-efficacy plays an important role in the management of type 2 diabetes mellitus (T2DM) patients, and it runs through the whole process of diabetes treatment, which is conducive to controlling and delaying the occu...Self-efficacy plays an important role in the management of type 2 diabetes mellitus (T2DM) patients, and it runs through the whole process of diabetes treatment, which is conducive to controlling and delaying the occurrence and development of complications, as well as improving the quality of life of patients. This paper mainly describes the concept of self-efficacy, the current situation of self-efficacy of diabetic patients at home and abroad, the functional aspects and their influencing factors, so as to take relevant measures on how to improve self-efficacy. It aims to provide a theoretical basis for the development of self-efficacy interventions for patients with type 2 diabetes mellitus.展开更多
This literature review primarily aims to explore and synthesise the previous studies in simulation education research conducted over the past five years related to the effects of simulation training on the self-effica...This literature review primarily aims to explore and synthesise the previous studies in simulation education research conducted over the past five years related to the effects of simulation training on the self-efficacy of undergraduate pre-registration nursing students. The second aim of this study is to explore additional outcome variables that were examined in the previous studies. Five electronic databases were searched systematically. These databases were MEDLINE, CINAHL Plus, Scopus, Embase and PsycINFO. The PICO model was employed to identify the search terms, with a thesaurus being used to provide synonyms. Reference lists of relevant articles were examined and hand searches of journals were also undertaken. The quality of each study was assessed using the Simulation Research Rubric (SRR). A total of 11 studies were included. All studies explored the impact of simulation education on undergraduate pre-registration nursing. Six studies explored nursing students’ competence and performance and two papers examined their critical thinking. Problem solving, learning motivation, communication skills and knowledge acquisition were examined once. The majority of studies indicated that simulation training has a positive impact on pre-registration nursing students’ self-efficacy and other outcome variables. Furthermore, the study results indicate that simulation training is more dependable than traditional training, and students were extremely satisfied with the simulation training. However, most of the studies included in this review had several gaps, including study design, sample size and dissimilarities between the scales used. Further research with large samples, reliable and valid instruments, and outcomes measures (such as critical thinking and transferability of skills) is required to provide better insight into the effectiveness of simulation in undergraduate nursing education. .展开更多
Cloud computing plays a significant role in modern information technology, providing organizations with numerous benefits, including flexibility, scalability, and cost-efficiency. However, it has become essential for ...Cloud computing plays a significant role in modern information technology, providing organizations with numerous benefits, including flexibility, scalability, and cost-efficiency. However, it has become essential for organizations to ensure the security of their applications, data, and cloud-based networks to use cloud services effectively. This systematic literature review aims to determine the latest information regarding cloud computing security, with a specific emphasis on threats and mitigation strategies. Additionally, it highlights some common threats related to cloud computing security, such as distributed denial-of-service (DDoS) attacks, account hijacking, malware attacks, and data breaches. This research also explores some mitigation strategies, including security awareness training, vulnerability management, security information and event management (SIEM), identity and access management (IAM), and encryption techniques. It discusses emerging trends in cloud security, such as integrating artificial intelligence (AI) and machine learning (ML), serverless computing, and containerization, as well as the effectiveness of the shared responsibility model and its related challenges. The importance of user awareness and the impact of emerging technologies on cloud security have also been discussed in detail to mitigate security risks. A literature review of previous research and scholarly articles has also been conducted to provide insights regarding cloud computing security. It shows the need for continuous research and innovation to address emerging threats and maintain a security-conscious culture in the company.展开更多
The architecture and working principle of coordinated search and rescue system of unmanned/manned aircraft,which is composed of manned/unmanned aircraft and manned aircraft,were first introduced,and they can cooperate...The architecture and working principle of coordinated search and rescue system of unmanned/manned aircraft,which is composed of manned/unmanned aircraft and manned aircraft,were first introduced,and they can cooperate with each other to complete a search and rescue task.Secondly,a threat assessment method based on meteorological data was proposed,and potential meteorological threats,such as storms and rainfall,can be predicted by collecting and analyzing meteorological data.Finally,an experiment was carried out to evaluate the performance of the proposed method in different scenarios.The experimental results show that the coordinated search and rescue system of unmanned/manned aircraft can be used to effectively assess meteorological threats and provide accurate search and rescue guidance.展开更多
As cyber threats keep changing and business environments adapt, a comprehensive approach to disaster recovery involves more than just defensive measures. This research delves deep into the strategies required to respo...As cyber threats keep changing and business environments adapt, a comprehensive approach to disaster recovery involves more than just defensive measures. This research delves deep into the strategies required to respond to threats and anticipate and mitigate them proactively. Beginning with understanding the critical need for a layered defense and the intricacies of the attacker’s journey, the research offers insights into specialized defense techniques, emphasizing the importance of timely and strategic responses during incidents. Risk management is brought to the forefront, underscoring businesses’ need to adopt mature risk assessment practices and understand the potential risk impact areas. Additionally, the value of threat intelligence is explored, shedding light on the importance of active engagement within sharing communities and the vigilant observation of adversary motivations. “Beyond Defense: Proactive Approaches to Disaster Recovery and Threat Intelligence in Modern Enterprises” is a comprehensive guide for organizations aiming to fortify their cybersecurity posture, marrying best practices in proactive and reactive measures in the ever-challenging digital realm.展开更多
This study explores the nuanced relationship between trait mindfulness and thriving at work among educators in Western China,emphasizing the mediating role of general self-efficacy.Employing a sample of 378 primary an...This study explores the nuanced relationship between trait mindfulness and thriving at work among educators in Western China,emphasizing the mediating role of general self-efficacy.Employing a sample of 378 primary and secondary school teachers,this research utilizes the Five Facet Mindfulness Questionnaire(FFMQ),Thriving at Work Scale(TWS),and the General Self-Efficacy Scale(GSES)to conduct a thorough investigation.The findings indicate a significant positive correlation between trait mindfulness and thriving at work,between trait mindfulness and general self-efficacy,and between general self-efficacy and thriving at work.Additionally,trait mindfulness was found to have a positive predictive effect on both thriving at work and general self-efficacy,with general self-efficacy also showing a positive predictive effect on thriving at work.Importantly,general self-efficacy was identified as playing a partial mediating role in the relationship between trait mindfulness and thriving at work.These results underscore the importance of cultivating mindfulness and self-efficacy among teachers to enhance their enthusiasm for work,suggesting potential pathways for professional development and well-being in the educational sector.展开更多
Objective:This study aimed to translate the Academic Nurse Self-Efficacy scale(ANSE),assess its appropriateness for use in Korean nursing students,and evaluate the Korean Version of the Academic Nurse Self-Efficacy sc...Objective:This study aimed to translate the Academic Nurse Self-Efficacy scale(ANSE),assess its appropriateness for use in Korean nursing students,and evaluate the Korean Version of the Academic Nurse Self-Efficacy scale’s(K-ANSE)validity and reliability.Methods:The data of 444 nursing college students at 10 universities across the country were collected from November 1,2020 to June 8,2021.The K-ANSE was analyzed utilizing SPSS 25.0 and AMOS 25.0 programs.The K-ANSE’s content validity,construct validity,convergent/discriminant validity,criterion-related validity,and reliability were evaluated.Results:Internal emotion management,auto-regulatory behavior,external emotion management,and sociality were established.The Cronbach’sαfor the overall scale was 0.87,and that of the 4 subscales ranged from 0.70 to 0.89.Conclusions:The Korean version of the ANSE seems to be a valid and reliable instrument to measure Korean bachelor-level nursing students.展开更多
As a distributed database,the system security of the blockchain is of great significance to prevent tampering,protect privacy,prevent double spending,and improve credibility.Due to the decentralized and trustless natu...As a distributed database,the system security of the blockchain is of great significance to prevent tampering,protect privacy,prevent double spending,and improve credibility.Due to the decentralized and trustless nature of blockchain,the security defense of the blockchain system has become one of the most important measures.This paper comprehensively reviews the research progress of blockchain security threats and collaborative defense,and we first introduce the overview,classification,and threat assessment process of blockchain security threats.Then,we investigate the research status of single-node defense technology and multi-node collaborative defense technology and summarize the blockchain security evaluation indicators and evaluation methods.Finally,we discuss the challenges of blockchain security and future research directions,such as parallel detection and federated learning.This paper aims to stimulate further research and discussion on blockchain security,providing more reliable security guarantees for the use and development of blockchain technology to face changing threats and challenges through continuous updating and improvement of defense technologies.展开更多
In recent years,cyber attacks have been intensifying and causing great harm to individuals,companies,and countries.The mining of cyber threat intelligence(CTI)can facilitate intelligence integration and serve well in ...In recent years,cyber attacks have been intensifying and causing great harm to individuals,companies,and countries.The mining of cyber threat intelligence(CTI)can facilitate intelligence integration and serve well in combating cyber attacks.Named Entity Recognition(NER),as a crucial component of text mining,can structure complex CTI text and aid cybersecurity professionals in effectively countering threats.However,current CTI NER research has mainly focused on studying English CTI.In the limited studies conducted on Chinese text,existing models have shown poor performance.To fully utilize the power of Chinese pre-trained language models(PLMs)and conquer the problem of lengthy infrequent English words mixing in the Chinese CTIs,we propose a residual dilated convolutional neural network(RDCNN)with a conditional random field(CRF)based on a robustly optimized bidirectional encoder representation from transformers pre-training approach with whole word masking(RoBERTa-wwm),abbreviated as RoBERTa-wwm-RDCNN-CRF.We are the first to experiment on the relevant open source dataset and achieve an F1-score of 82.35%,which exceeds the common baseline model bidirectional encoder representation from transformers(BERT)-bidirectional long short-term memory(BiLSTM)-CRF in this field by about 19.52%and exceeds the current state-of-the-art model,BERT-RDCNN-CRF,by about 3.53%.In addition,we conducted an ablation study on the encoder part of the model to verify the effectiveness of the proposed model and an in-depth investigation of the PLMs and encoder part of the model to verify the effectiveness of the proposed model.The RoBERTa-wwm-RDCNN-CRF model,the shared pre-processing,and augmentation methods can serve the subsequent fundamental tasks such as cybersecurity information extraction and knowledge graph construction,contributing to important applications in downstream tasks such as intrusion detection and advanced persistent threat(APT)attack detection.展开更多
Recently,Internet of Things(IoT)devices produces massive quantity of data from distinct sources that get transmitted over public networks.Cybersecurity becomes a challenging issue in the IoT environment where the exis...Recently,Internet of Things(IoT)devices produces massive quantity of data from distinct sources that get transmitted over public networks.Cybersecurity becomes a challenging issue in the IoT environment where the existence of cyber threats needs to be resolved.The development of automated tools for cyber threat detection and classification using machine learning(ML)and artificial intelligence(AI)tools become essential to accomplish security in the IoT environment.It is needed to minimize security issues related to IoT gadgets effectively.Therefore,this article introduces a new Mayfly optimization(MFO)with regularized extreme learning machine(RELM)model,named MFO-RELM for Cybersecurity Threat Detection and classification in IoT environment.The presented MFORELM technique accomplishes the effectual identification of cybersecurity threats that exist in the IoT environment.For accomplishing this,the MFO-RELM model pre-processes the actual IoT data into a meaningful format.In addition,the RELM model receives the pre-processed data and carries out the classification process.In order to boost the performance of the RELM model,the MFO algorithm has been employed to it.The performance validation of the MFO-RELM model is tested using standard datasets and the results highlighted the better outcomes of the MFO-RELM model under distinct aspects.展开更多
文摘This paper examines how cybersecurity is developing and how it relates to more conventional information security. Although information security and cyber security are sometimes used synonymously, this study contends that they are not the same. The concept of cyber security is explored, which goes beyond protecting information resources to include a wider variety of assets, including people [1]. Protecting information assets is the main goal of traditional information security, with consideration to the human element and how people fit into the security process. On the other hand, cyber security adds a new level of complexity, as people might unintentionally contribute to or become targets of cyberattacks. This aspect presents moral questions since it is becoming more widely accepted that society has a duty to protect weaker members of society, including children [1]. The study emphasizes how important cyber security is on a larger scale, with many countries creating plans and laws to counteract cyberattacks. Nevertheless, a lot of these sources frequently neglect to define the differences or the relationship between information security and cyber security [1]. The paper focus on differentiating between cybersecurity and information security on a larger scale. The study also highlights other areas of cybersecurity which includes defending people, social norms, and vital infrastructure from threats that arise from online in addition to information and technology protection. It contends that ethical issues and the human factor are becoming more and more important in protecting assets in the digital age, and that cyber security is a paradigm shift in this regard [1].
文摘The increase in number of people using the Internet leads to increased cyberattack opportunities.Advanced Persistent Threats,or APTs,are among the most dangerous targeted cyberattacks.APT attacks utilize various advanced tools and techniques for attacking targets with specific goals.Even countries with advanced technologies,like the US,Russia,the UK,and India,are susceptible to this targeted attack.APT is a sophisticated attack that involves multiple stages and specific strategies.Besides,TTP(Tools,Techniques,and Procedures)involved in the APT attack are commonly new and developed by an attacker to evade the security system.However,APTs are generally implemented in multiple stages.If one of the stages is detected,we may apply a defense mechanism for subsequent stages,leading to the entire APT attack failure.The detection at the early stage of APT and the prediction of the next step in the APT kill chain are ongoing challenges.This survey paper will provide knowledge about APT attacks and their essential steps.This follows the case study of known APT attacks,which will give clear information about the APT attack process—in later sections,highlighting the various detection methods defined by different researchers along with the limitations of the work.Data used in this article comes from the various annual reports published by security experts and blogs and information released by the enterprise networks targeted by the attack.
文摘Unmanned autonomous helicopter(UAH)path planning problem is an important component of the UAH mission planning system.Aiming to reduce the influence of non-complete ground threat information on UAH path planning,a ground threat prediction-based path planning method is proposed based on artificial bee colony(ABC)algorithm by collaborative thinking strategy.Firstly,a dynamic threat distribution probability model is developed based on the characteristics of typical ground threats.The dynamic no-fly zone of the UAH is simulated and established by calculating the distribution probability of ground threats in real time.Then,a dynamic path planning method for UAH is designed in complex environment based on the real-time prediction of ground threats.By adding the collision warning mechanism to the path planning model,the flight path could be dynamically adjusted according to changing no-fly zones.Furthermore,a hybrid enhanced ABC algorithm is proposed based on collaborative thinking strategy.The proposed algorithm applies the leader-member thinking mechanism to guide the direction of population evolution,and reduces the negative impact of local optimal solutions caused by collaborative learning update strategy,which makes the optimization performance of ABC algorithm more controllable and efficient.Finally,simulation results verify the feasibility and effectiveness of the proposed ground threat prediction path planning method.
基金Supported by the National Natural Science Foundation of China(No.62203390)the Science and Technology Project of China TobaccoZhejiang Industrial Co.,Ltd(No.ZJZY2022E004)。
文摘In the tobacco industry,insider employee attack is a thorny problem that is difficult to detect.To solve this issue,this paper proposes an insider threat detection method based on heterogeneous graph embedding.First,the interrelationships between logs are fully considered,and log entries are converted into heterogeneous graphs based on these relationships.Second,the heterogeneous graph embedding is adopted and each log entry is represented as a low-dimensional feature vector.Then,normal logs and malicious logs are classified into different clusters by clustering algorithm to identify malicious logs.Finally,the effectiveness and superiority of the method is verified through experiments on the CERT dataset.The experimental results show that this method has better performance compared to some baseline methods.
基金supported by the National Natural Science Foundation of China(32271737,32071544)the Interdisciplinary Innovation Team of the Chinese Academy of Sciences(CAS)“Light of West China”Program(xbzg-zdsys-202207)+1 种基金the Shenzhen Zhilan Foundation(2021070451A)Nature Science Foundation of Sichuan Province(2022NSFSC0125).
文摘Considering the increased anthropogenic impacts,species with a limited range and low detectability often lack fundamental information and conservation actions,placing them at a high risk of endangerment.The Chinting alpine toad Scutiger chintingensis is a rare mountain amphibian endemic to the eastern margin of the Qinghai-Xizang Plateau in China.Within its whole distribution range,only three known populations(Wolong,Emei,and Wawu)exist and no recent population status report has been documented for this species over the past two decades.From 2020 to 2023,we investigated the species distribution,and assessed the risk factors for the main populations.We recorded this species in all distribution areas,and updated a new distribution site with a lower elevation limit.The relative population density was 0.024±0.012 ind./m^(2)on Mount Emei,whereas only 0.008±0.017 ind./m^(2)on Mount Wawu.No significant difference was observed in the number of individuals between the two populations;however,the relative population density was significantly different.Sewage and waste discharge resulting from the construction of scenic areas,as well as disturbances from tourism,were the primary anthropogenic factors that influenced the survival of this species.Our results provide the updated information on the distribution and population status of the Chinting alpine toad,and suggest that unrecorded populations,as well as a wider elevation range,may exist for this species.Our findings emphasise the importance of timely updates of species distribution and population information and offer a basis for the future conservation of endangered amphibians.
文摘Information technology is critical in coordinating patient records, smart devices, operations, and critical infrastructure in healthcare organizations, and their constantly changing digital environment, including suppliers, doctors, insurance providers, and regulatory agencies. This dependence on interdependent systems makes this sector vulnerable to various information technology risks. Such threats include common cybersecurity risks such as data breaches and malware attacks, unique problems occurring in healthcare settings such as unauthorized access to patient records, disruptions in services provided at medical facilities, and potential harm caused to patients due to the compromise of medical devices. The threat taxonomies, such as the Open Threat Taxonomy, NIST, or ENISA, are foundational frameworks for grasping and categorizing IT threats. However, these taxonomies were not specifically designed to deal with the complexities of the healthcare industry. The problem arises from the gap between these taxonomies’ general nature and the industry-specific threats and vulnerabilities that affect healthcare organizations. As a result, many healthcare institutions fail to holistically address and eliminate the unique risks related to confidentiality, integrity, and availability of patients’ data as well as critical systems used in healthcare. This paper aims to narrow this gap by carefully assessing these taxonomies to determine the frame-work best suited for addressing the threat environment in the healthcare sector.
文摘Although AI and quantum computing (QC) are fast emerging as key enablers of the future Internet, experts believe they pose an existential threat to humanity. Responding to the frenzied release of ChatGPT/GPT-4, thousands of alarmed tech leaders recently signed an open letter to pause AI research to prepare for the catastrophic threats to humanity from uncontrolled AGI (Artificial General Intelligence). Perceived as an “epistemological nightmare”, AGI is believed to be on the anvil with GPT-5. Two computing rules appear responsible for these risks. 1) Mandatory third-party permissions that allow computers to run applications at the expense of introducing vulnerabilities. 2) The Halting Problem of Turing-complete AI programming languages potentially renders AGI unstoppable. The double whammy of these inherent weaknesses remains invincible under the legacy systems. A recent cybersecurity breakthrough shows that banning all permissions reduces the computer attack surface to zero, delivering a new zero vulnerability computing (ZVC) paradigm. Deploying ZVC and blockchain, this paper formulates and supports a hypothesis: “Safe, secure, ethical, controllable AGI/QC is possible by conquering the two unassailable rules of computability.” Pursued by a European consortium, testing/proving the proposed hypothesis will have a groundbreaking impact on the future digital infrastructure when AGI/QC starts powering the 75 billion internet devices by 2025.
文摘The Industrial Internet of Things(IIoT)has brought numerous benefits,such as improved efficiency,smart analytics,and increased automation.However,it also exposes connected devices,users,applications,and data generated to cyber security threats that need to be addressed.This work investigates hybrid cyber threats(HCTs),which are now working on an entirely new level with the increasingly adopted IIoT.This work focuses on emerging methods to model,detect,and defend against hybrid cyber attacks using machine learning(ML)techniques.Specifically,a novel ML-based HCT modelling and analysis framework was proposed,in which L1 regularisation and Random Forest were used to cluster features and analyse the importance and impact of each feature in both individual threats and HCTs.A grey relation analysis-based model was employed to construct the correlation between IIoT components and different threats.
基金supported by the National Natural Science Foundation of China (6202201562088101)+1 种基金Shanghai Municipal Science and Technology Major Project (2021SHZDZX0100)Shanghai Municip al Commission of Science and Technology Project (19511132101)。
文摘Aerial threat assessment is a crucial link in modern air combat, whose result counts a great deal for commanders to make decisions. With the consideration that the existing threat assessment methods have difficulties in dealing with high dimensional time series target data, a threat assessment method based on self-attention mechanism and gated recurrent unit(SAGRU) is proposed. Firstly, a threat feature system including air combat situations and capability features is established. Moreover, a data augmentation process based on fractional Fourier transform(FRFT) is applied to extract more valuable information from time series situation features. Furthermore, aiming to capture key characteristics of battlefield evolution, a bidirectional GRU and SA mechanisms are designed for enhanced features.Subsequently, after the concatenation of the processed air combat situation and capability features, the target threat level will be predicted by fully connected neural layers and the softmax classifier. Finally, in order to validate this model, an air combat dataset generated by a combat simulation system is introduced for model training and testing. The comparison experiments show the proposed model has structural rationality and can perform threat assessment faster and more accurately than the other existing models based on deep learning.
文摘The Unintentional Insider Threat (UIT) concept highlights that insider threats might not always stem from malicious intent and can occur across various domains. This research examines how individuals with medical or psychological issues might unintentionally become insider threats due to their perception of being targeted. Insights from the survey A Survey of Unintentional Medical Insider Threat Category indicate that such perceptions can be linked to underlying health conditions. The study Emotion Analysis Based on Belief of Targeted Individual Supporting Insider Threat Detection reveals that anger is a common emotion among these individuals. The findings suggest that UITs are often linked to medical or psychological issues, with anger being prevalent. To mitigate these risks, it is recommended that Insider Threat programs integrate expertise from medicine, psychology, and cybersecurity. Additionally, handwriting analysis is proposed as a potential tool for detecting insider threats, reflecting the evolving nature of threat assessment methodologies.
文摘Self-efficacy plays an important role in the management of type 2 diabetes mellitus (T2DM) patients, and it runs through the whole process of diabetes treatment, which is conducive to controlling and delaying the occurrence and development of complications, as well as improving the quality of life of patients. This paper mainly describes the concept of self-efficacy, the current situation of self-efficacy of diabetic patients at home and abroad, the functional aspects and their influencing factors, so as to take relevant measures on how to improve self-efficacy. It aims to provide a theoretical basis for the development of self-efficacy interventions for patients with type 2 diabetes mellitus.
文摘This literature review primarily aims to explore and synthesise the previous studies in simulation education research conducted over the past five years related to the effects of simulation training on the self-efficacy of undergraduate pre-registration nursing students. The second aim of this study is to explore additional outcome variables that were examined in the previous studies. Five electronic databases were searched systematically. These databases were MEDLINE, CINAHL Plus, Scopus, Embase and PsycINFO. The PICO model was employed to identify the search terms, with a thesaurus being used to provide synonyms. Reference lists of relevant articles were examined and hand searches of journals were also undertaken. The quality of each study was assessed using the Simulation Research Rubric (SRR). A total of 11 studies were included. All studies explored the impact of simulation education on undergraduate pre-registration nursing. Six studies explored nursing students’ competence and performance and two papers examined their critical thinking. Problem solving, learning motivation, communication skills and knowledge acquisition were examined once. The majority of studies indicated that simulation training has a positive impact on pre-registration nursing students’ self-efficacy and other outcome variables. Furthermore, the study results indicate that simulation training is more dependable than traditional training, and students were extremely satisfied with the simulation training. However, most of the studies included in this review had several gaps, including study design, sample size and dissimilarities between the scales used. Further research with large samples, reliable and valid instruments, and outcomes measures (such as critical thinking and transferability of skills) is required to provide better insight into the effectiveness of simulation in undergraduate nursing education. .
文摘Cloud computing plays a significant role in modern information technology, providing organizations with numerous benefits, including flexibility, scalability, and cost-efficiency. However, it has become essential for organizations to ensure the security of their applications, data, and cloud-based networks to use cloud services effectively. This systematic literature review aims to determine the latest information regarding cloud computing security, with a specific emphasis on threats and mitigation strategies. Additionally, it highlights some common threats related to cloud computing security, such as distributed denial-of-service (DDoS) attacks, account hijacking, malware attacks, and data breaches. This research also explores some mitigation strategies, including security awareness training, vulnerability management, security information and event management (SIEM), identity and access management (IAM), and encryption techniques. It discusses emerging trends in cloud security, such as integrating artificial intelligence (AI) and machine learning (ML), serverless computing, and containerization, as well as the effectiveness of the shared responsibility model and its related challenges. The importance of user awareness and the impact of emerging technologies on cloud security have also been discussed in detail to mitigate security risks. A literature review of previous research and scholarly articles has also been conducted to provide insights regarding cloud computing security. It shows the need for continuous research and innovation to address emerging threats and maintain a security-conscious culture in the company.
基金the Study on the Impact of the Construction and Development of Southwest Plateau Airport on the Ecological Environment(CZKY2023032).
文摘The architecture and working principle of coordinated search and rescue system of unmanned/manned aircraft,which is composed of manned/unmanned aircraft and manned aircraft,were first introduced,and they can cooperate with each other to complete a search and rescue task.Secondly,a threat assessment method based on meteorological data was proposed,and potential meteorological threats,such as storms and rainfall,can be predicted by collecting and analyzing meteorological data.Finally,an experiment was carried out to evaluate the performance of the proposed method in different scenarios.The experimental results show that the coordinated search and rescue system of unmanned/manned aircraft can be used to effectively assess meteorological threats and provide accurate search and rescue guidance.
文摘As cyber threats keep changing and business environments adapt, a comprehensive approach to disaster recovery involves more than just defensive measures. This research delves deep into the strategies required to respond to threats and anticipate and mitigate them proactively. Beginning with understanding the critical need for a layered defense and the intricacies of the attacker’s journey, the research offers insights into specialized defense techniques, emphasizing the importance of timely and strategic responses during incidents. Risk management is brought to the forefront, underscoring businesses’ need to adopt mature risk assessment practices and understand the potential risk impact areas. Additionally, the value of threat intelligence is explored, shedding light on the importance of active engagement within sharing communities and the vigilant observation of adversary motivations. “Beyond Defense: Proactive Approaches to Disaster Recovery and Threat Intelligence in Modern Enterprises” is a comprehensive guide for organizations aiming to fortify their cybersecurity posture, marrying best practices in proactive and reactive measures in the ever-challenging digital realm.
基金funded by the Gansu Provincial Higher Education Innovation Fund project titled"Study on the Influencing Factors and Training Effects of Internet Usage Habits among Teachers in Counties and Districts of Gansu Province"(Project No.:2021B-293).
文摘This study explores the nuanced relationship between trait mindfulness and thriving at work among educators in Western China,emphasizing the mediating role of general self-efficacy.Employing a sample of 378 primary and secondary school teachers,this research utilizes the Five Facet Mindfulness Questionnaire(FFMQ),Thriving at Work Scale(TWS),and the General Self-Efficacy Scale(GSES)to conduct a thorough investigation.The findings indicate a significant positive correlation between trait mindfulness and thriving at work,between trait mindfulness and general self-efficacy,and between general self-efficacy and thriving at work.Additionally,trait mindfulness was found to have a positive predictive effect on both thriving at work and general self-efficacy,with general self-efficacy also showing a positive predictive effect on thriving at work.Importantly,general self-efficacy was identified as playing a partial mediating role in the relationship between trait mindfulness and thriving at work.These results underscore the importance of cultivating mindfulness and self-efficacy among teachers to enhance their enthusiasm for work,suggesting potential pathways for professional development and well-being in the educational sector.
文摘Objective:This study aimed to translate the Academic Nurse Self-Efficacy scale(ANSE),assess its appropriateness for use in Korean nursing students,and evaluate the Korean Version of the Academic Nurse Self-Efficacy scale’s(K-ANSE)validity and reliability.Methods:The data of 444 nursing college students at 10 universities across the country were collected from November 1,2020 to June 8,2021.The K-ANSE was analyzed utilizing SPSS 25.0 and AMOS 25.0 programs.The K-ANSE’s content validity,construct validity,convergent/discriminant validity,criterion-related validity,and reliability were evaluated.Results:Internal emotion management,auto-regulatory behavior,external emotion management,and sociality were established.The Cronbach’sαfor the overall scale was 0.87,and that of the 4 subscales ranged from 0.70 to 0.89.Conclusions:The Korean version of the ANSE seems to be a valid and reliable instrument to measure Korean bachelor-level nursing students.
基金supported by National Natural Science Foundation of China(Grant Nos.62162022 and 62162024)Young Talents’Science and Technology Innovation Project of Hainan Association for Science and Technology(Grant No.QCXM202007)Hainan Provincial Natural Science Foundation of China(Grant Nos.2019RC098 and 621RC612).
文摘As a distributed database,the system security of the blockchain is of great significance to prevent tampering,protect privacy,prevent double spending,and improve credibility.Due to the decentralized and trustless nature of blockchain,the security defense of the blockchain system has become one of the most important measures.This paper comprehensively reviews the research progress of blockchain security threats and collaborative defense,and we first introduce the overview,classification,and threat assessment process of blockchain security threats.Then,we investigate the research status of single-node defense technology and multi-node collaborative defense technology and summarize the blockchain security evaluation indicators and evaluation methods.Finally,we discuss the challenges of blockchain security and future research directions,such as parallel detection and federated learning.This paper aims to stimulate further research and discussion on blockchain security,providing more reliable security guarantees for the use and development of blockchain technology to face changing threats and challenges through continuous updating and improvement of defense technologies.
基金funded by the Double Top-Class Innovation Research Project in Cyberspace Security Enforcement Technology of People’s Public Security University of China(No.2023SYL07).
文摘In recent years,cyber attacks have been intensifying and causing great harm to individuals,companies,and countries.The mining of cyber threat intelligence(CTI)can facilitate intelligence integration and serve well in combating cyber attacks.Named Entity Recognition(NER),as a crucial component of text mining,can structure complex CTI text and aid cybersecurity professionals in effectively countering threats.However,current CTI NER research has mainly focused on studying English CTI.In the limited studies conducted on Chinese text,existing models have shown poor performance.To fully utilize the power of Chinese pre-trained language models(PLMs)and conquer the problem of lengthy infrequent English words mixing in the Chinese CTIs,we propose a residual dilated convolutional neural network(RDCNN)with a conditional random field(CRF)based on a robustly optimized bidirectional encoder representation from transformers pre-training approach with whole word masking(RoBERTa-wwm),abbreviated as RoBERTa-wwm-RDCNN-CRF.We are the first to experiment on the relevant open source dataset and achieve an F1-score of 82.35%,which exceeds the common baseline model bidirectional encoder representation from transformers(BERT)-bidirectional long short-term memory(BiLSTM)-CRF in this field by about 19.52%and exceeds the current state-of-the-art model,BERT-RDCNN-CRF,by about 3.53%.In addition,we conducted an ablation study on the encoder part of the model to verify the effectiveness of the proposed model and an in-depth investigation of the PLMs and encoder part of the model to verify the effectiveness of the proposed model.The RoBERTa-wwm-RDCNN-CRF model,the shared pre-processing,and augmentation methods can serve the subsequent fundamental tasks such as cybersecurity information extraction and knowledge graph construction,contributing to important applications in downstream tasks such as intrusion detection and advanced persistent threat(APT)attack detection.
基金The authors extend their appreciation to the Deanship of Scientific Research at King Khalid University for funding this work under grant number(RGP 2/142/43)Princess Nourah bint Abdulrahman University Researchers Supporting Project number(PNURSP2022R161)Princess Nourah bint Abdulrahman University,Riyadh,Saudi Arabia.The authors would like to thank the Deanship of Scientific Research at Umm Al-Qura University for supporting this work by Grant Code:(22UQU4210118DSR06).
文摘Recently,Internet of Things(IoT)devices produces massive quantity of data from distinct sources that get transmitted over public networks.Cybersecurity becomes a challenging issue in the IoT environment where the existence of cyber threats needs to be resolved.The development of automated tools for cyber threat detection and classification using machine learning(ML)and artificial intelligence(AI)tools become essential to accomplish security in the IoT environment.It is needed to minimize security issues related to IoT gadgets effectively.Therefore,this article introduces a new Mayfly optimization(MFO)with regularized extreme learning machine(RELM)model,named MFO-RELM for Cybersecurity Threat Detection and classification in IoT environment.The presented MFORELM technique accomplishes the effectual identification of cybersecurity threats that exist in the IoT environment.For accomplishing this,the MFO-RELM model pre-processes the actual IoT data into a meaningful format.In addition,the RELM model receives the pre-processed data and carries out the classification process.In order to boost the performance of the RELM model,the MFO algorithm has been employed to it.The performance validation of the MFO-RELM model is tested using standard datasets and the results highlighted the better outcomes of the MFO-RELM model under distinct aspects.