Search Results (185)

This paper presents a novel multi-dimensional asymmetric game model for network attack–defense decision-making, called “Catch the Cyber Thief”. The model is built upon the concept of partially observable stochastic games (POSG) and is designed to systematically incorporate multi-dimensional asymmetry into network attack–defense problems. The attack agent is called a “thief” who wants to control a key host by exploring the unfamiliar network environment, and the defense agent is called a “police” who needs to catch the opponent before its goal is accomplished. The results indicate that the asymmetry of network attack and defense is not only influenced by attack and defense strategies but also by spatio-temporal factors such as the attacker’s initial position, network topology, and defense lag time. In addition, we have found that there may exist the “attack rhythm,” which makes “how to maintain a good attack rhythm” and “how to generate a robust defense strategy against different attackers” worth exploring. Compared with existing attack–defense game models, our game model can better generate a direct mapping relationship with real elements, enabling us to understand network attack and defense interactions better, recognize security risks, and design defense strategies that can directly serve real-world decision-making. Full article

The exponential growth of encrypted network traffic poses significant challenges for detecting malicious activities online. The scale of emerging malicious traffic is significantly smaller than that of normal traffic, and the imbalanced data distribution poses challenges for detection. However, most existing methods rely on single-category features for classification, which struggle to detect covert malicious traffic behaviors. In this paper, we introduce a novel semi-supervised approach to identify malicious traffic by leveraging multimodal traffic characteristics. By integrating the sequence and topological information inherent in the traffic, we achieve a multifaceted representation of encrypted traffic. We design two independent neural networks to learn the corresponding sequence and topological features from the traffic. This dual-feature extraction enhances the model’s robustness in detecting anomalies within encrypted traffic. The model is trained using a joint strategy that minimizes both the reconstruction error from the autoencoder and the classification loss, allowing it to effectively utilize limited labeled data alongside a large amount of unlabeled data. A confidence-estimation module enhances the classifier’s ability to detect unknown attacks. Finally, our method is evaluated on two benchmark datasets, UNSW-NB15 and CICIDS2017, under various scenarios, including different training set label ratios and the presence of unknown attacks. Our model outperforms other models by 3.49% and 5.69% in F1 score at labeling rates of 1% and 0.1%, respectively. Full article

One of the most challenging issues in contemporary complex network research is to understand the structure and vulnerability of multilayer networks, even though cascading failures in single networks have been widely studied in recent years. The goal of this work is to compare the similarities and differences between four single layers and understand the implications of interdependencies among cities on the overall vulnerability of a multilayer global logistics network. In this paper, a global logistics network model set as a multilayer network considering cascading failures is proposed in different disruption scenarios. Two types of attack strategies—a highest load attack and a lowest load attack—are used to evaluate the vulnerability of the global logistics network and to further analyze the changes in the topology properties. For a multilayer network, the vulnerability of single layers is compared as well. The results suggest that compared with the results of a single global logistics network, a multilayer network has a higher vulnerability. In addition, the heterogeneity of networks plays an important role in the vulnerability of a multilayer network against targeted attacks. Protecting the most important nodes is critical to safeguard the potential “vulnerability” in the development of the global logistics network. The three-step response strategy of “Prewarning–Response–Postrepair” is the main pathway to improving the adjustment ability and adaptability of logistics hub cities in response to external shocks. These findings supplement and extend the previous attack results on nodes and can thus help us better explain the vulnerability of different networks and provide insight into more tolerant, real, complex system designs. Full article

To mitigate the impact of wind power uncertainty and power–communication coupling on the robustness of a new power system, a bi-level mixed-integer robust optimization strategy is proposed. Firstly, a coupled network model is constructed based on complex network theory, taking into account the coupled relationship of energy supply and control dependencies between the power and communication networks. Next, a bi-level mixed-integer robust optimization model is developed to improve power system resilience, incorporating constraints related to the coupling strength, electrical characteristics, and traffic characteristics of the information network. The upper-level model seeks to minimize load shedding by optimizing DC power flow using fuzzy chance constraints, thereby reducing the risk of power imbalances caused by random fluctuations in wind power generation. Furthermore, the deterministic power balance constraints are relaxed into inequality constraints that account for wind power forecasting errors through fuzzy variables. The lower-level model focuses on minimizing traffic load shedding by establishing a topology–function-constrained information network traffic model based on the maximum flow principle in graph theory, thereby improving the efficiency of network flow transmission. Finally, a modified IEEE 39-bus test system with intermittent wind power is used as a case study. Random attack simulations demonstrate that, under the highest link failure rate and wind power penetration, Model 2 outperforms Model 1 by reducing the load loss ratio by 23.6% and improving the node survival ratio by 5.3%. Full article

The Internet of Things (IoT) is a significant technological advancement that allows for seamless device integration and data flow. The development of the IoT has led to the emergence of several solutions in various sectors. However, rapid popularization also has its challenges, and one of the most serious challenges is the security of the IoT. Security is a major concern, particularly routing attacks in the core network, which may cause severe damage due to information loss. Routing Protocol for Low-Power and Lossy Networks (RPL), a routing protocol used for IoT devices, is faced with selective forwarding attacks. In this paper, we present a federated learning-based detection technique for detecting selective forwarding attacks, termed FL-DSFA. A lightweight model involving the IoT Routing Attack Dataset (IRAD), which comprises Hello Flood (HF), Decreased Rank (DR), and Version Number (VN), is used in this technique to increase the detection efficiency. The attacks on IoT threaten the security of the IoT system since they mainly focus on essential elements of RPL. The components include control messages, routing topologies, repair procedures, and resources within sensor networks. Binary classification approaches have been used to assess the training efficiency of the proposed model. The training step includes the implementation of machine learning algorithms, including logistic regression (LR), K-nearest neighbors (KNN), support vector machine (SVM), and naive Bayes (NB). The comparative analysis illustrates that this study, with SVM and KNN classifiers, exhibits the highest accuracy during training and achieves the most efficient runtime performance. The proposed system demonstrates exceptional performance, achieving a prediction precision of 97.50%, an accuracy of 95%, a recall rate of 98.33%, and an F1 score of 97.01%. It outperforms the current leading research in this field, with its classification results, scalability, and enhanced privacy. Full article

The security of traditional public key cryptography algorithms depends on the difficulty of the underlying mathematical problems. Asymmetric topological encryption is a graph-dependent encryption algorithm produced to resist attacks by quantum computers on these mathematical problems. The security of this encryption algorithm depends on two types of NP-complete problems: subgraph isomorphism and graph coloring. Topological coding technology refers to the technology of generating key strings or topology signature strings through topological coding graphs. We take odd-graceful labeling and set-ordered odd-graceful labeling as limiting functions, and propose two kinds of topological coding generation technique, which we call the random leaf-adding operation and randomly adding edge-removing operation. Through these two techniques, graphs of the same scale and larger scales can be generated with the same type of labeling so as to derive more number strings, expand the key space, and analyze the topology and property of the generated graphs. Full article

The emerging and promising paradigm of the Internet of Vehicles (IoV) employ vehicle-to-everything communication for facilitating vehicles to not only communicate with one another but also with the supporting roadside infrastructure, vulnerable pedestrians, and the backbone network in a bid to primarily address a number of safety-critical vehicular applications. Nevertheless, owing to the inherent characteristics of IoV networks, in particular, of being (a) highly dynamic in nature and which results in a continual change in the network topology and (b) non-deterministic owing to the intricate nature of its entities and their interrelationships, they are susceptible to a number of malicious attacks. Such kinds of attacks, if and when materialized, jeopardizes the entire IoV network, thereby putting human lives at risk. Whilst the cryptographic-based mechanisms are capable of mitigating the external attacks, the internal attacks are extremely hard to tackle. Trust, therefore, is an indispensable tool since it facilitates in the timely identification and eradication of malicious entities responsible for launching internal attacks in an IoV network. To date, there is no dataset pertinent to trust management in the context of IoV networks and the same has proven to be a bottleneck for conducting an in-depth research in this domain. The manuscript-at-hand, accordingly, presents a first of its kind trust-based IoV dataset encompassing 96,707 interactions amongst 79 vehicles at different time instances. The dataset involves nine salient trust parameters, i.e., packet delivery ratio, similarity, external similarity, internal similarity, familiarity, external familiarity, internal familiarity, reward/punishment, and context, which play a considerable role in ascertaining the trust of a vehicle within an IoV network. Full article

This paper proposes a decentralized adaptive event-triggered fault-tolerant cooperative control (ET-FTCC) scheme for multiple unmanned aerial vehicles (UAVs) and unmanned ground vehicles (UGVs) with actuator faults and external disturbances under denial-of-service (DoS) attacks. The multiple UAVs and UGVs have a larger search radius, which is important in both the civilian and military domains. The different dynamics between UAVs and UGVs result in unbalanced interactions in the communication topologies, which increases the complexity of cooperative control. DoS attacks are conducted in both sensor and control channels. The dynamic models of UAVs and UGVs are introduced firstly, and the unified heterogeneous multiagent system model with actuator faults is established. The composite observer is designed to obtain the information of state and lumped disturbance, which is used to design the controller. In order to save the limited communication network resources, the event-triggered mechanism is introduced. The transformed error is presented by using the prescribed performance function (PPF). Then, the sliding-mode manifold is presented by combining the event-triggered control scheme to achieve the tracking purpose with actuator faults, external disturbances, and DoS attacks. Based on the Lyapunov function approach, the tracking errors are bounded within the prescribed boundary. Finally, the effectiveness of the proposed method is verified by qualitative analysis and quantitative analysis of the simulation results. This study can enhance the security and reliability of heterogeneous multiagent systems, providing technical support for the safe operation of unmanned systems. This paper mainly solves the FTCC problem of second-order nonlinear heterogeneous multiagent systems, and further research is needed for the FTCC problem of higher-order nonlinear heterogeneous multi-agent systems. In addition, the system may encounter multiple cyber attacks. As one of the future research works, we can extend the results of this paper to high-order nonlinear systems under multiple cyber attacks, which contain DoS attacks and deception attacks, and achieve fault-tolerant cooperative control of heterogeneous multiagent systems. Full article

Network risk assessment should include the impact of the relationship between vulnerabilities, in order to conduct a more in-depth and comprehensive assessment of vulnerabilities and network-related risks. However, the impact of extracting the relationship between vulnerabilities mainly relies on manual processes, which are subjective and inefficient. To address these issues, this paper proposes a dual-layer knowledge representation model that combines various attributes and structural information of entities. This article first constructs a vulnerability knowledge graph and proposes a two-layer knowledge representation learning model based on it. Secondly, in order to more accurately assess the actual risk of vulnerabilities in specific networks, this paper proposes a vulnerability risk calculation model based on impact relationships, which realizes the risk assessment and ranking of vulnerabilities in specific network scenarios. Finally, based on the research on automatic prediction of the impact relationship between vulnerabilities, this paper proposes a new Bayesian attack graph network risk assessment model for inferring the possibility of device intrusion in the network. The experimental results show that the model proposed in this study outperforms traditional evaluation methods in relationship prediction tasks, demonstrating its efficiency and accuracy in complex network environments. This model achieves efficient resource utilization by simplifying training parameters and reducing the demand for computing resources. In addition, this method can quantitatively evaluate the success probability of attacking specific devices in the network topology, providing risk assessment and defense strategy support for network security managers. Full article

Mobile ad hoc networks (MANETs) offer a decentralized communication solution ideal for infrastructure-less environments like disaster relief zones. However, their inherent lack of central control and dynamic topology make them vulnerable to attacks. This paper examines the impact of various attacks on mobile nodes within two network types: randomly and uniformly distributed stationary networks. Four types of attacks are investigated: delay, dropping, sinkhole (alone), and a combined black hole attack (dropping + sinkhole). The effects of these attacks are compared using the packet delivery ratio, throughput, and end-to-end delay. The evaluation results show that all single attacks negatively impacted network performance, with the random network experiencing the most significant degradation. Interestingly, the combined black hole attack, while more disruptive than any single attack, affected the uniformly distributed network more severely than the random network. Full article

This paper explores the group consensus problem of second-order multi-agent systems (MAS) under asynchronous denial-of-service (DoS) attacks. Asynchronous DoS attacks involve the interruption of certain communication links, allowing the MAS to be reimagined as a switching system with a persistent dwell time (PDT). The agents in each group can be divided into three types, which are inter-act agents, intra-act agents with zero in-degree, and other agents. Then, according to the properties of the different agents, suitable agents are pinned. By leveraging the concepts of switching topology and the PDT, a suitable event-triggered control protocol is designed, along with the establishment of conditions to ensure the group consensus of the MAS. Moreover, through the construction of topology-dependent Lyapunov functions, the achievement of group consensus within the MAS under asynchronous DoS attacks is demonstrated. Subsequently, a numerical example is presented to validate the effectiveness of the proposed results. Full article

With the acceleration of urbanization, public transport networks are an important part of urban transport systems, and their robustness is critical for city operation. The objective of this study is to analyze the topological properties and robustness of an urban public transport network (UPTN) with a view to enhancing the sustainability of urbanization. In order to present the topological structure of the UPTN, the L-Space complex network modeling method is used to construct a model. Topological characteristics of the network are calculated. Based on single evaluation indices of station significance, a comprehensive evaluation index is proposed as the basis for selecting critical stations. The UPTN cascading failure model is established. Using the proportion of the maximum connected subgraph as the evaluation index, the robustness of the UPTN is analyzed using different station significance indices and deliberate attack strategies. The public transport network of Xuzhou city is selected for instance analysis. The results show that the UPTN in Xuzhou city has small-world effects and scale-free characteristics. Although the network has poor connectivity, it is a convenient means to travel for residents with many independent communities. The network’s dynamic robustness is demonstrably inferior to its static robustness due to the prevalence of cascading failure phenomena. Specifically, the failure of important stations has a wider impact on the network performance. Improving their load capacity and distributing the routes via them will help bolster the network resistance against contingencies. This study provides a scientific basis and strategic recommendations for urban planners and public transport managers to achieve a more sustainable public transport system. Full article

The growing adoption of telemedicine necessitates robust security measures for medical images during transmission. This paper proposes a novel blind watermarking system for medical images that utilizes both image gradients and the Discrete Wavelet Transform (DWT). Image gradients, acting as spatial derivatives, provide a “topological map” of the image, aiding in the identification of areas susceptible to disruption. The DWT, with its multi-resolution analysis, offers a favorable balance between robustness and imperceptibility. The proposed method embeds the watermark within the low–low band (LL) of the DWT-decomposed image, specifically in 3 × 3 block regions selected based on gradient information. The mathematical relationships between the gradient’s direction and magnitude are employed to extract the corresponding blocks and their codes adequately. These codes are then XORed with the watermark and embedded into the chosen blocks using the least significant bit (LSB) technique. Extensive experimentation on a medical image dataset evaluates the system’s performance against some attacks like filtering, noise, and scaling. The results demonstrate the efficacy of the proposed approach in hiding information while ensuring the security and integrity of watermarked medical images. Full article

Continuous variable measurement-device-independent quantum key distribution (CV-MDI-QKD) removes all known or unknown side-channel attacks on detectors. However, it is difficult to fully implement assumptions in the security demonstration model, which leads to potential security vulnerabilities inevitably existing in the practical system. In this paper, we explore the impact of imbalanced modulation at transmitters on the security of the CV-MDI-QKD system mainly using a coherent state and squeezed state under symmetric and asymmetric distances. Assuming two different modulation topologies of senders, we propose a generalized theoretical scheme and evaluate the key parameter achievable of the protocol with the mechanism of imbalanced modulation. The presented results show that imbalanced modulation can achieve a relatively nonlinearly higher secret key rate and transmission distances than the previous protocol which is the balanced modulation variance used by transmitters. The advantage of imbalanced modulation is demonstrated for the system key parameter estimation using numerical simulation under different situations. In addition, the consequences indicate the importance of imbalanced modulation on the performance of CV-MDI-QKD protocol and provide a theoretical framework for experimental implementation as well as the optimal modulated mode. Full article

Due to the uniqueness of the underwater environment, traditional data aggregation schemes face many challenges. Most existing data aggregation solutions do not fully consider node trustworthiness, which may result in the inclusion of falsified data sent by malicious nodes during the aggregation process, thereby affecting the accuracy of the aggregated results. Additionally, because of the dynamically changing nature of the underwater environment, current solutions often lack sufficient flexibility to handle situations such as node movement and network topology changes, significantly impacting the stability and reliability of data transmission. To address the aforementioned issues, this paper proposes a secure data aggregation algorithm based on a trust mechanism. By dynamically adjusting the number and size of node slices based on node trust values and transmission distances, the proposed algorithm effectively reduces network communication overhead and improves the accuracy of data aggregation. Due to the variability in the number of node slices, even if attackers intercept some slices, it is difficult for them to reconstruct the complete data, thereby ensuring data security. Full article