Search Results (712)

Escalating advancements in artificial intelligence (AI) has prompted significant security concerns, especially with its increasing commercialization. This necessitates research on safety measures to securely utilize AI models. Existing AI models are vulnerable to adversarial attacks, which are a specific form of assault methodology. Although various countermeasures have been explored, practical defense models are scarce. Current adversarial defense methods suffer from reduced accuracy, increased training time, and incomplete defense against adversarial attacks, indicating performance limitations and a lack of robustness. To address these limitations, we propose a composite defense model, the knowledge Distillation and deNoising Network (DiNo-Net), which integrates knowledge distillation and feature denoising techniques. Furthermore, we analyzed a correlation between the loss surface of adversarial perturbations and denoising techniques. Using DiNo-Net, we confirmed that increasing the temperature during the knowledge distillation process effectively amplifies the loss surface around the ground truth. Consequently, this enables more efficient denoising of the adversarial perturbations. It achieved a defense success rate of 72.7%, which is a remarkable improvement over the 41.0% success rate of models with only denoising defense mechanisms. Furthermore, DiNo-Net reduced the training time and maintained higher accuracy, confirming its efficient defense performance. We hope that this relationship will spur the development of fundamental defense strategies. Full article

The Ziziphus tree species offer valuable socio-economic and ecological benefits but experience significant damage from insect pests. In Ethiopia, there is limited knowledge of the insects attacking Ziziphus fruits, and a study aimed to identify these pests, assess their impact and understand how different land use types (LUTs) affect them was conducted. Sampling involved collecting fifty fruits and ten leaves from each of ten randomly chosen Ziziphus trees per LUT within each agroecological zone from August to December in 2022 and 2023. Samples were visually assessed for incidence and infestation levels, and the five morphotypes were identified using molecular techniques through phylogenetic analysis. Fruit pest incidence varied during the season, yet a positive correlation (r = 0.84) was observed among the months and years when assessment took place. Most fruits showed low to medium infestation levels (5%–50%), while severe infestations (>75%) were predominant in the lowland agroecological zone. The insects that had caused the damage were identified as Carpomya incompleta Becker, 1903; Drosophila hydei Sturtevant, 1921; D. simulans Sturtevant, 1919 and Zaprionus indianus Gupta, 1970. Fruits showed higher incidence and infestation levels than leaves, indicating significant yield and income losses. Thus, implementing effective management strategies is vital to minimize these losses and achieve sustainable production in Ethiopia. Full article

Electric vehicles (EVs) and their ecosystem have unquestionably made significant technological strides. Indeed, EVs have evolved into sophisticated computer systems with extensive internal and external communication capabilities. This interconnection raises concerns about security, privacy, and the expanding risk of cyber-attacks within the electric vehicle landscape. In particular, the charging infrastructure plays a crucial role in the electric mobility ecosystem. With the proliferation of charging points, new attack vectors are opened up for cybercriminals. The threat landscape targeting charging systems encompasses various types of attacks ranging from physical attacks to data breaches including customer information. In this paper, we aim to leverage the power of model-driven engineering to model and analyze EV charging systems at early stages. We employ domain-specific modeling language (DSML) techniques for the early security modeling and analysis of EV charging infrastructure. We accomplish this by integrating the established EMSA model for electric mobility, which encapsulates all key stakeholders in the ecosystem. To our knowledge, this represents the first instance in the literature of applying DSML within the electric mobility ecosystem, highlighting its innovative nature. Moreover, as our formalization based on DSML is an iterative, continuous, and evolving process, this approach guarantees that our proposed framework adeptly tackles the evolving cyber threats confronting the EV industry. Specifically, we use the Object Constraint Language (OCL) for precise specification and verification of security threats as properties of a modeled system. To validate our framework, we explore a set of representative threats targeting EV charging systems from real-world scenarios. To the best of our knowledge, this is the first attempt to provide a comprehensive security modeling framework for the electric mobility ecosystem. Full article

With the continuous development of network security situations, the types of attacks increase sharply, but can be divided into symmetric attacks and asymmetric attacks. Symmetric attacks such as phishing and DDoS attacks exploit fixed patterns, resulting in system crashes and data breaches that cause losses to businesses. Asymmetric attacks such as Advanced Persistent Threat (APT), a highly sophisticated and organized form of cyber attack, because of its concealment and complexity, realize data theft through long-term latency and pose a greater threat to organization security. In addition, there are challenges in the processing of missing data, especially in the application of symmetric and asymmetric data filling, the former is simple but not flexible, and the latter is complex and more suitable for highly complex attack scenarios. Since asymmetric attack research is particularly important, this paper proposes a method that combines causal discovery with graph autoencoder to solve missing data, classify potentially malicious nodes, and reveal causal relationships. The core is to use graphic autoencoders to learn the underlying causal structure of APT attacks, with a special focus on the complex causal relationships in asymmetric attacks. This causal knowledge is then applied to enhance the robustness of the model by compensating for data gaps. In the final phase, it also reveals causality, predicts and classifies potential APT attack nodes, and provides a comprehensive framework that not only predicts potential threats, but also provides insight into the logical sequence of the attacker’s actions. Full article

Serious crime modelling typically needs to be undertaken securely behind a firewall where police knowledge and capabilities remain undisclosed. Data informing an ongoing incident are often sparse; a large proportion of relevant data only come to light after the incident culminates or after police intervene—by which point it is too late to make use of the data to aid real-time decision-making for the incident in question. Much of the data that are available to the police to support real-time decision-making are highly confidential and cannot be shared with academics, and are therefore missing to them. In this paper, we describe the development of a formal protocol where a graphical model is used as a framework for securely translating a base model designed by an academic team to a fully embellished model for use by a police team. We then show, for the first time, how libraries of these models can be built and used for real-time decision support to circumvent the challenges of data missingness seen in such a secure environment through the ability to match ongoing plots to existing models within the library.The parallel development described by this protocol ensures that any sensitive information collected by police and missing to academics remains secured behind a firewall. The protocol nevertheless guides police so that they are able to combine the typically incomplete data streams that are open source with their more sensitive information in a formal and justifiable way. We illustrate the application of this protocol by describing how a new entry—a suspected vehicle attack—can be embedded into such a police library of criminal plots. Full article

Fuzzy systems are powerful modeling systems for uncertainty applications. In contrast to traditional crisp systems, fuzzy systems offer the opportunity to extend the binary decision to continuous space, which could offer benefits for various application areas such as intrusion detection systems (IDSs), because of their ability to measure the degree of attacks instead of making a binary decision. Furthermore, fuzzy systems offer a suitable environment that is able to deal with uncertainty. However, fuzzy systems face a critical challenge represented by the sparse fuzzy rules. Typical fuzzy systems demand complete fuzzy rules in order to offer the required results. Additionally, generating complete fuzzy rules can be difficult due to many factors, such as a lack of knowledge base or limited data availability, such as in IDS applications. Fuzzy rule interpolation (FRI) was introduced to overcome this limitation by generating the required interpolation results in cases with sparse fuzzy rules. This work introduces a threefold approach designed to address the cases of missing fuzzy rules, which uses a few fuzzy rules to handle the limitations of missing fuzzy rules. This is achieved by finding the interpolation condition of neighboring fuzzy rules. This procedure was accomplished based on the concept of factors (which determine the degree to which each neighboring fuzzy rule contributes to the interpolated results, in cases of missing fuzzy rules). The evaluation procedure for the threefold approach was conducted using the following two steps: firstly, using the FRI benchmark numerical metrics, the results demonstrated the ability of the threefold approach to generate the required results for the various benchmark scenarios. Secondly, using a real-life dataset (phishing attacks dataset), the results demonstrated the effectiveness of the suggested approach to handle cases of missing fuzzy rules in the area of phishing attacks. Consequently, the suggested threefold approach offers an opportunity to reduce the number of fuzzy rules effectively and generate the required results using only a few fuzzy rules. Full article

Federated learning, as an emerging machine-learning method, has received widespread attention because it allows users to train locally during the training process and uses relevant cryptographic knowledge to safeguard the privacy of data during model aggregation. However, existing federated learning is also susceptible to privacy breaches, e.g., label inference attacks against vertical federated learning scenarios, where an adversary is able to reason about the labels of other participants based on the trained model, leading to serious privacy breaches. In this paper, we design a detection method for label inference attacks in vertical federated learning scenarios, which is able to detect the attacks based on the principles of the attacks. We design a threshold-filtering detection method based on the principle of attack to determine that the model is under attack when the threshold value is greater than a set parameter. Furthermore, we have created six threat model classifications based on different a priori conditions of the adversary to comprehensively analyze the adversary’s attacks. In addition to the detection method of attacks, the extent of attacks on the model and the effectiveness of the defense can also be evaluated. The evaluation module will experimentally measure the changes in the relevant metrics such as the accuracy of the attack, the F1 score, and the change in the accuracy after the defense method. For example, detection in the full connected neural network model assesses the attack and defense effectiveness of the model with an attack accuracy of 86.72% in the breast cancer Wisconsin dataset and an F1 score of 0.743, which is reduced to 36.36% after dispersed training. This ensures that users have an overall grasp of the extent to which the training model is under attack before deploying the model. Full article

The maritime industry is constantly evolving and posing new challenges, especially with increasing digitalization, which has raised concerns about cyber-attacks on maritime supply chain agents. Although scholars have proposed various methods and classification models to counter these cyber threats, a comprehensive cyber-attack taxonomy for maritime supply chain actors based on a systematic literature review is still lacking. This review aims to provide a clear picture of common cyber-attacks and develop a taxonomy for their categorization. In addition, it outlines best practices derived from academic research in maritime cybersecurity using PRISMA principles for a systematic literature review, which identified 110 relevant journal papers. This study highlights that distributed denial of service (DDoS) attacks and malware are top concerns for all maritime supply chain stakeholders. In particular, shipping companies are urged to prioritize defenses against hijacking, spoofing, and jamming. The report identifies 18 practices to combat cyber-attacks, categorized into information security management solutions, information security policies, and cybersecurity awareness and training. Finally, this paper explores how emerging technologies can address cyber-attacks in the maritime supply chain network (MSCN). While Industry 4.0 technologies are highlighted as significant trends in the literature, this study aims to equip MSCN stakeholders with the knowledge to effectively leverage a broader range of emerging technologies. In doing so, it provides forward-looking solutions to prevent and mitigate cyber-attacks, emphasizing that Industry 4.0 is part of a larger landscape of technological innovation. Full article

The paper proposes a technique for protecting reconfigurable networks that implements topology rebuilding, which combines immunization and network gaming methods, as a solution for maintaining cyber resilience. Immunization presumes an adaptive set of protective reconfigurations destined to ensure the functioning of a network. It is a protective reconfiguration aimed to preserve/increase the functional quality of the system. Network nodes and edges are adaptively reorganized to counteract an invasion. This is a functional component of cyber resilience. It can be implemented as a global strategy, using knowledge of the whole network structure, or a local strategy that only works with a certain part of a network. A formal description of global and local immune strategies based on hierarchical and peer-to-peer network topologies is presented. A network game is a kind of the well-defined game model in which each situation generates a specific network, and the payoff function is calculated based on the constructed networks. A network game is proposed for analyzing a network topology. This model allows quickly identifying nodes that require disconnection or replacement when a cyber attack occurs, and understanding which network sectors might be affected by an attack. The gaming method keeps the network topology resistant to unnecessary connections. This is a structural component of cyber resilience. The basic network game method has been improved by using the criterion of maximum possible path length to reduce the number of reconfigurations. Network optimization works together with immunization to preserve the structural integrity of the network. In an experimental study, the proposed method demonstrated its effectiveness in maintaining system quality within given functional limits and reducing the cost of system protective restructuring. Full article

Adaptive adversarial attacks, where adversaries tailor their strategies with full knowledge of defense mechanisms, pose significant challenges to the robustness of adversarial detectors. In this paper, we introduce RADAR (Robust Adversarial Detection via Adversarial Retraining), an approach designed to fortify adversarial detectors against such adaptive attacks while preserving the classifier’s accuracy. RADAR employs adversarial training by incorporating adversarial examples—crafted to deceive both the classifier and the detector—into the training process. This dual optimization enables the detector to learn and adapt to sophisticated attack scenarios. Comprehensive experiments on CIFAR-10, SVHN, and ImageNet datasets demonstrate that RADAR substantially enhances the detector’s ability to accurately identify adaptive adversarial attacks without degrading classifier performance. Full article

Wireless sensor networks are composed of many nodes distributed in a region of interest to monitor different environments and physical variables. In many cases, access to nodes is not easy or feasible. As such, the system lifetime is a primary design parameter to consider in the design of these networks. In this regard, for some applications, it is preferable to extend the system lifetime by actively reducing the number of packet transmissions and, thus, the number of reports. The system administrator can be aware of such reporting reduction to distinguish this final phase from a malfunction of the system or even an attack. Given this, we explore different mathematical functions that drastically reduce the number of packet transmissions when the residual energy in the system is low but still allow for an adequate number of transmissions. Indeed, in previous works, where the negative exponential distribution is used, the system reaches the point of zero transmissions extremely fast. Hence, we propose different dampening functions with different decreasing rates that present oscillations to allow for packet transmissions even at the end of the system lifetime. We compare the system performance under these mathematical functions, which, to the best of our knowledge, have never been used before, to find the most adequate transmission scheme for packet transmissions and system lifetime. We develop an analytical model based on a discrete-time Markov chain to show that a moderately decreasing function provides the best results. We also develop a discrete event simulator to validate the analytical results. Full article

This paper studies the security issues for cyber–physical systems, aimed at countering potential malicious cyber-attacks. The main focus is on solving the problem of extracting the most vulnerable attack path in a known attack graph, where an attack path is a sequence of steps that an attacker can take to compromise the underlying network. Determining an attacker’s possible attack path is critical to cyber defenders as it helps identify threats, harden the network, and thwart attacker’s intentions. We formulate this problem as a path-finding optimization problem with logical constraints represented by AND and OR nodes. We propose a new Dijkstra-type algorithm that combines elements from Dijkstra’s shortest path algorithm and the critical path method. Although the path extraction problem is generally NP-hard, for the studied special case, the proposed algorithm determines the optimal attack path in polynomial time, $O\left(nm\right)$, where $n$ is the number of nodes and $m$ is the number of edges in the attack graph. To our knowledge this is the first exact polynomial algorithm that can solve the path extraction problem for different attack graphs, both cycle-containing and cycle-free. Computational experiments with real and synthetic data have shown that the proposed algorithm consistently and quickly finds optimal solutions to the problem. Full article

This paper presents the results of investigations on the kinetic modeling of Brilliant Blue FCF (BB) discoloration reactions in aqueous solutions with different ozone concentrations and pH conditions. Kinetic studies involve knowledge of the structure and properties of dye and ozone, as well as of the experimental conditions. In general, scientists admit that the predominant oxidation pathway is direct (by free oxygen atoms) or indirect (by free hydroxyl radicals); this will depend on influencing factors such as the physicochemical properties of the dye, the pH of the aqueous solution, ozone concentration, reaction time, and the contact mode with/without stirring. In this experimental research, two pathways were chosen following C_BB = f(t)—1. a constant dye concentration and different ozone concentrations, in the concentration range of 100–250 mg/L, in three pH media (acidic, neutral, and basic), with and without stirring; 2. a constant concentration of ozone and different dyes in the concentration range of 2.5–10 mg/L, under the conditions of point 1. With the obtained experimental data, the curves C_BB = f(t) were drawn and processed according to the integral method of classical kinetics, based on first- and second-order equations. Unfortunately, this simple procedure did not give any results for the pH values studied. The rate constants were negative, and/or the reaction order depended on the initial conditions. Due to its structure, the BB dye has several chromophore groups, and thus multiple attack centers, resulting in several oxidation by-products, which is why the ¹H-NMR spectrum was recorded for the discoloration of BB with ozone. Since the stoichiometry of the overall oxidation reaction, as well as the relationship between the rate constant and the reaction conditions mentioned above, is not known, a kinetic model based on mass transfer coupled with a chain reaction in the bulk liquid phase was proposed and successfully tested at pH = 7. This research approach also involves the consolidation of the theoretical bases of the ozonation process through the kinetic study carried out, as well as the proposal of a kinetic model. These systematics lead to results that are applicable to other aqueous systems that are impure with dyes, allowing for generalizations and the development of the field, ensuring the sustainability of the research. Full article

Fifth Generation (5G) cellular networks have been adopted worldwide since the rollout began around 2019. It brought with it many innovations and new services, such as Enhanced Mobile Broadband (eMBB), Ultra Reliable and Low-Latency Communications (URLLC), and Massive Internet of Things (mIoT). Furthermore, 5G introduced a more scalable approach to network operations using fully software-based Virtualized Network Functions (VNF) in Core Networks (CN) rather than the prior hardware-based approach. However, while this shift towards a fully software-based system design provides numerous significant benefits, such as increased interoperability, scalability, and cost-effectiveness, it also brings with it an increased cybersecurity risk. Security is crucial to maintaining trust between vendors, operators, and consumers. Cyberattacks are rapidly increasing in number and sophistication, and we are seeing a shift towards zero-trust approaches. This means that even communications between VNFs inside a 5G core must be scrutinized and hardened against attacks, especially with the advent of quantum computers. The National Institute of Standards and Technology (NIST), over the past 10 years, has led efforts to standardize post-quantum cryptography (PQC) to protect against quantum attacks. This paper covers a custom implementation of the open-source free5GC CN, to expand its HTTPS capabilities for VNFs by introducing PQC Key Encapsulation Methods (KEM) for Transport Layer Security (TLS) v1.3. This paper provides the details of this integration with a focus on the latency of different PQC KEMs in initial handshakes between VNFs, on packet size, and the implications in a 5G environment. This work also conducts a security comparison between the PQC-equipped free5GC and other open-source 5G CNs. The presented results indicate a negligible increase in UE connection setup duration and a small increase in connection setup data requirements, strongly indicating that PQC KEM’s benefits far outweigh any downsides when integrated into 5G and 6G core services. To the best of our knowledge, this is the first work incorporating PQC into an open-source 5G core. Furthermore, the results from this effort demonstrate that employing PQC ciphers for securing VNF communications results in only a negligible impact on latency and bandwidth usage, thus demonstrating significant benefits to 5G cybersecurity. Full article

Background/Objectives: The purpose of this study was to determine the influence of H. pylori eradication on the serum level of the orally administered valproic acid (VPA) in children with idiopathic generalized epilepsy; Methods: This prospective cohort observational study included 100 children with idiopathic generalized epilepsy, recruited from a neurology clinic from May 2021 to December 2021. The patients were divided into two groups, each containing 50 children. The first group had a positive H. pylori stool antigen and H. pylori-related symptoms, while the second group had a negative antigen. H. pylori Eradication therapy was given to the positive H. pylori group. The serum level of VPA was obtained at baseline and 4 weeks after eradication therapy. Results: Despite there being no significant difference between the H. pylori-positive and H. pylori-negative groups regarding the baseline VPA serum level (79.9 ± 13.9 and 77.9 ± 13.1 mcg/mL), respectively, the serum VPA level had significantly increased after H. pylori eradication therapy (99.4 ± 11 mcg/mL) (p value = 0.000), as opposed to the H. pylori-negative group (85.3 ± 10.9 mcg/mL) (p value = 0.142). Furthermore, there was a statistically significant association with a negative correlation between the VPA serum level after eradication and the number of epileptic attacks per month (p value = 0.033, R value = −0.301) and the dose of VPA (p value = 0.046, R value = −0.284). Conclusions: The eradication of H. pylori resulted in a highly significant improvement in the serum level of the orally given VPA in children with idiopathic generalized epilepsy, as well as an indirect decrease in the frequency of epileptic events per month, allowing for dose reduction. Eradication therapy may have anticonvulsant properties and might indirectly aid in the management of epileptic activity. H. pylori screening for children with idiopathic generalized epilepsy can optimize serum VPA levels, potentially leading to better seizure control. To our knowledge, this is the first study in the literature to describe the effect of H. pylori eradication on the serum level of the orally administered VPA in children with idiopathic generalized epilepsy. Full article