Injection Attacks Research Articles

Tensor-Completion-Enabled Stealthy False Data Injection Attacks on IoT-Based Smart Grid

Tensor-Completion-Enabled Stealthy False Data Injection Attacks on IoT-Based Smart Grid

False Data Injection Attacks Detection Based on Stacking and MIC-DCXGB

False Data Injection Attacks Detection Based on Stacking and MIC-DCXGB

Anti-bump control for switched systems with decentralised adaptive event-triggering

A control system may exist bumps during mode transitions and discontinuous control input would seriously affect performance. In this paper, the anti-bump (or bumpless) switching control for triggered and switched systems under injection attacks is studied. This control method combines decentralised adaptive event-triggering mechanism (DAETM) and anti-bump condition. The main work is as follows: First, a DAETM is considered to allocate network resources properly and resist data injection attacks. Then, a data buffer is adopted to consolidate data from decentralised channels for ensuring timely utilisation. In addition, a controller gain condition is presented to achieve the bumpless switching between subsystems. Moreover, by adopting piecewise Lyapunov function method, sufficient conditions are obtained for triggered switched systems to be exponentially stable and anti-bump under injection attacks. Finally, the design method effectiveness is verified by actual circuit simulation.

Enhancing Structured Query Language Injection Detection with Trustworthy Ensemble Learning and Boosting Models Using Local Explanation Techniques

This paper presents a comparative analysis of several decision models for detecting Structured Query Language (SQL) injection attacks, which remain one of the most prevalent and serious security threats to web applications. SQL injection enables attackers to exploit databases, gain unauthorized access, and manipulate data. Traditional detection methods often struggle due to the constantly evolving nature of these attacks, the increasing complexity of modern web applications, and the lack of transparency in the decision-making processes of machine learning models. To address these challenges, we evaluated the performance of various models, including decision tree, random forest, XGBoost, AdaBoost, Gradient Boosting Decision Tree (GBDT), and Histogram Gradient Boosting Decision Tree (HGBDT), using a comprehensive SQL injection dataset. The primary motivation behind our approach is to leverage the strengths of ensemble learning and boosting techniques to enhance detection accuracy and robustness against SQL injection attacks. By systematically comparing these models, we aim to identify the most effective algorithms for SQL injection detection systems. Our experiments show that decision tree, random forest, and AdaBoost achieved the highest performance, with an accuracy of 99.50% and an F1 score of 99.33%. Additionally, we applied SHapley Additive exPlanations (SHAPs) and Local Interpretable Model-agnostic Explanations (LIMEs) for local explainability, illustrating how each model classifies normal and attack cases. This transparency enhances the trustworthiness of our approach to detecting SQL injection attacks. These findings highlight the potential of ensemble methods to provide reliable and efficient solutions for detecting SQL injection attacks, thereby improving the security of web applications.

Attack Reconstruction and Attack-Resilient Consensus Control for Fuzzy Markovian Jump Multi-Agent Systems

Driven by the rapid development of modern industrial applications, multi-agent systems (MASs), integrating computational and physical resources, have become increasingly important in recent years. However, the performance of MASs can be easily compromised by malicious false data injection attacks (FDIAs) due to the inherent vulnerability of the cyber layer. This work focuses on an event-triggered framework for secure reconstruction and consensus control in MASs subject to both sensor and actuator attacks. First, we introduce a class of Takagi–Sugeno fuzzy multi-agent systems that relax the traditional Lipschitz condition and incorporate realistic system dynamics by considering parameter variations governed by Markovian jump principles. Second, an adaptive fuzzy estimator is developed for the simultaneous reconstruction of states and attacks in MASs. The derived estimates are utilized to design an attack-resilient consensus control strategy that compensates for the effects of FDIAs on the closed-loop consensus error dynamics. Meanwhile, the sufficient conditions for the convergence of both estimation and consensus errors are presented and rigorously proved. Finally, evaluation results on an experimental platform through multiple truck-trailer systems are provided to demonstrate the effectiveness and performance of the proposed approach.

Watch Out for the Inherent Vulnerabilities in Developing Multi-tenant Cloud-FPGA: Communication Protocols

As FPGAs are being deployed in the cloud infrastructure for acceleration, the technology of multi-tenant FPGA has emerged as a topic of interest. This development has drawn considerable attention to its security issues. While previous research primarily focused on the security of applications, there has been limited exploration of the vulnerabilities inherent in FPGA IPs. In our work, we examine the vulnerabilities of two widely used data transmission protocols in modern FPGAs: the Advanced eXtensible Interface (AXI) and Peripheral Component Interconnect Express (PCIe). Our experiments, conducted with commercial FPGA development kits, launched fault injection attacks through the shared power distribution network (PDN). Through non-invasive electromagnetic (EM) trace measurement, we characterize the voltage fluctuation across various attack patterns. Subsequently, we simulate real-world data transfers using two crafted datasets with different statistical characteristics. The experimental results demonstrate the unique security vulnerabilities of the current AXI and PCIe protocols in the context of a multi-tenant cloud-FPGA. In response to such vulnerability, we further propose two defense strategies: InChAXI that utilizes integrity checking for AXI-based data, and FCPCIe that employs frequency scaling for PCIe-based data. The performance evaluation demonstrates that our proposed defenses can significantly reduce the fault injections on the AXI-based data transmission by 705 times with small overheads – 0.5% in hardware footprint and 7.9% in latency, respectively. On the other hand, FCPCIe effectively prevents the fault injection attack during the PCIe-based data transmission by reducing the user clock frequency, while incurring a 10.13% overhead on data throughput.

Lightweight High-Throughput True Random Number Generator Based on State Switchable Ring Oscillator

True random number generators (TRNGs) perform an extremely critical role in cryptographic algorithms and security protocols, scientific simulation, industrial testing, privacy protection, and numerous other domains. Nevertheless, modern TRNGs have difficulty striking a reasonable balance between high throughput and low hardware consumption. In this paper, a novel lightweight high-throughput TRNG based on state switchable ring oscillators (SSROs) is proposed. Under the effect of flip-flops that are prone to entering the metastable region, the SSROs randomly switch between oscillatory and buffer states to create jitter and metastability. A feedback strategy is adopted to effectively eliminate the fixed point in the circuit, which further enhances the randomness of the structure. The proposed TRNG is implemented on Xilinx Artix-7 and Kintex-7 FPGAs, with support for automatic routing. It achieves a throughput of up to 400 Mbps while consuming only 16 LUTs and 13 DFFs, showing extremely high resource utilization efficiency. Experimental results show that the output random sequence passes the NIST SP800-22 test, the NIST SP800-90B test, and the AIS-31 test without any post-processing, exhibiting strong robustness against voltage and temperature variations as well as frequency injection attacks.

Blockchain-Enhanced Machine Learning for Robust Detection of APT Injection Attacks in the Cyber-Physical Systems

Cyber-Physical Systems (CPS) have become a research hotspot due to their vulnerability to stealthy network attacks like ZDA and PDA, which can lead to unsafe states and system damage. Recent defense mechanisms for ZDA and PDA often rely on model-based observation techniques prone to false alarms. In this paper, we present an innovative approach to securing CPS against Advanced Persistent Threat (APT) injection attacks by integrating machine learning with blockchain technology. Our system leverages a robust ML model trained to detect APT injection attacks with high accuracy, achieving a detection rate of 99.89%. To address the limitations of current defense mechanisms and enhance the security and integrity of the detection process, we utilize blockchain technology to store and verify the predictions made by the ML model. We implemented a smart contract on the Ethereum blockchain using Solidity, which logs the input features and corresponding predictions. This immutable ledger ensures the integrity and traceability of the detection process, mitigating risks of data tampering and reducing false alarms, thereby enhancing trust in the system's outputs. The implementation includes a user-friendly interface for inputting features, a backend for data processing and model prediction, and a blockchain interaction module to store and verify predictions. The integration of blockchain with Machine learning enhances both the precision and resilience of APT detection while providing an additional layer of security by ensuring the transparency and immutability of the recorded data. This dual approach represents a substantial advancement in protecting CPS from sophisticated cyber threats.

Observer‐Based Attack Detection and Data‐Driven Resilient Control for Heterogeneous Nonlinear Nonaffine Mass Under FDI Attacks

ABSTRACTThe attack detection and data‐driven resilient control problem for heterogeneous nonlinear nonaffine multi‐agent systems (MASs) in the presence of intermittent false data injection (FDI) attacks is investigated in this article. First, an attack detection and isolation mechanism based on the distributed observer are designed to determine the attack signals and isolate the attacked communication links in time. Then, in order to solve the problem of the unknown system model, the dynamic linearization method is used to convert the nonlinear nonaffine MASs into an equivalent linear data model. Further, based on the linear data model, the data‐driven resilient controller with the attack isolation mechanism is designed to achieve the leader‐following tracking control objective. Finally, the simulation result illustrates the performance of the proposed scheme with comparisons.

Consensus-Based Power System State Estimation Algorithm Under Collaborative Attack

Due to its vulnerability to a variety of cyber attacks, research on cyber security for power systems has become especially crucial. In order to maintain the safe and stable operation of power systems, it is worthwhile to gain insight into the complex characteristics and behaviors of cyber attacks from the attacker’s perspective. The consensus-based distributed state estimation problem is investigated for power systems subject to collaborative attacks. In order to describe such attack behaviors, the denial of service (DoS) attack model for hybrid remote terminal unit (RTU) and phasor measurement unit (PMU) measurements, and the false data injection (FDI) attack model for neighboring estimation information, are constructed. By integrating these two types of attack models, a different consensus-based distributed estimator is designed to accurately estimate the state of the power system under collaborative attacks. Then, through Lyapunov stability analysis theory, a sufficient condition is provided to ensure that the proposed distributed estimator is stable, and a suitable consensus gain matrix is devised. Finally, to confirm the viability and efficacy of the suggested algorithm, a simulation experiment on an IEEE benchmark 14-bus power system is carried out.

Finite-time bounded security control of networked switched stochastic systems

This paper is dedicated to discussing stochastic finite-time bounded control of switched stochastic systems with feedback information sampled by an event-triggered mechanism and transmitted by network. Besides the incomplete information because of sample, data loss and corruption during information transmission caused by hybrid cyber attacks including DoS attacks and false-data injection attacks, are also taken into consideration. Based on the above incomplete information, state feedback controllers are established to fulfil stochastic finite-time boundedness of switched stochastic systems and make it have a certain disturbance attenuation capability, i.e. have a finite-time L 2 -gain, successfully. Sufficient conditions are cast into a convex optimisation problem which can be easily solved by fixing some parameters. Simulation results are employed to verify the validity of results.

Detecting command injection attacks in web applications based on novel deep learning methods

Web command injection attacks pose significant security threats to web applications, leading to potential server information leakage or severe server disruption. Traditional detection methods struggle with the increasing complexity and obfuscation of these attacks, resulting in poor identification of malicious code, complicated feature extraction processes, and low detection efficiency. To address these challenges, a novel detection model, the Convolutional Channel-BiLSTM Attention (CCBA) model, is proposed, leveraging deep learning techniques to enhance the identification of web command injection attacks. The model utilizes dual CNN convolutional channels for comprehensive feature extraction and employs a BiLSTM network for bidirectional recognition of temporal features. An attention mechanism is also incorporated to assign weights to critical features, improving the model’s detection performance. Experimental results demonstrate that the CCBA model achieves 99.3% accuracy and 98.2% recall on a real-world dataset. To validate the robustness and generalization of the model, tests were conducted on two widely recognized public cybersecurity datasets, consistently achieving over 98% accuracy. Compared to existing methods, the proposed model offers a more effective solution for identifying web command injection attacks.

A Hybrid Machine Learning‐Based Data‐Centric Cybersecurity Detection in the 5G‐Enabled IoT

ABSTRACTBy increasing smart objects as high‐potential computing devices and 5G technology, the Internet of Things (IoT) has emerging technology to provide a data‐centric infrastructure for detecting safe device‐to‐device communications by supporting security and privacy issues. As a 5G‐enabled communication technology, vehicle‐to‐vehicle (V2V) communication provides a wireless exchange information connection between smart vehicles, intelligent devices, and a cloud‐edge computing environment. This connection should be established with a safe and secured run‐time protection system to avoid many critical anomalies and misbehavior problems. Detecting run‐time malicious transformations with data‐centric misbehaving reactions is a main challenge for autonomous vehicle communications with 5G‐enabled communication technology. This paper provides a hybrid genetic algorithm‐based ensemble bagged trees (GA‐EBT) algorithm for a data‐centric misbehavior detection approach to support the V2V communications against malicious and misbehavior transactions. In this hybrid algorithm, GA provides a beneficial performance on the training accuracy factor based on a single‐objective fitness function and EBT supports a high‐degree prediction and training process using multiple decision tree models with bootstrapped samples of the training data. For the evaluation of the proposed algorithm, four real test cases are applied for messaging injection attacks in the V2V environments in comparison to the state‐of‐the‐art machine learning algorithms. The experimental results show that the proposed hybrid approach can achieve an optimal high rate accuracy factor of 99.999, precision and recall factors of 100%, and an F1‐Score factor of 100% to detect unexpected cyber‐attacks for the V2V communications in the IoT environment.

Federated Deep Learning Model for False Data Injection Attack Detection in Cyber Physical Power Systems

Cyber-physical power systems (CPPS) integrate information and communication technology into conventional electric power systems to facilitate bidirectional communication of information and electric power between users and power grids. Despite its benefits, the open communication environment of CPPS is vulnerable to various security attacks. This paper proposes a federated deep learning-based architecture to detect false data injection attacks (FDIAs) in CPPS. The proposed work offers a strong, decentralized alternative with the ability to boost detection accuracy while maintaining data privacy, presenting a significant opportunity for real-world applications in the smart grid. This framework combines state-of-the-art machine learning and deep learning models, which are used in both centralized and federated learning configurations, to boost the detection of false data injection attacks in cyber-physical power systems. In particular, the research uses a multi-stage detection framework that combines several models, including classic machine learning classifiers like Random Forest and ExtraTrees Classifiers, and deep learning architectures such as Long Short-Term Memory (LSTM) and Gated Recurrent Unit (GRU). The results demonstrate that Bidirectional GRU and LSTM models with attention layers in a federated learning setup achieve superior performance, with accuracy approaching 99.8%. This approach enhances both detection accuracy and data privacy, offering a robust solution for FDIA detection in real-world smart grid applications.

Security Analysis of SQL Injection Attacks on Multimedia and Journal-Services Sites Using Concatenated Input Validation and Parsing Method (CIVP)

Security Analysis of SQL Injection Attacks on Multimedia and Journal-Services Sites Using Concatenated Input Validation and Parsing Method (CIVP)

On adaptive resilient secondary control for DC microgrids under false data injection attacks

AbstractDistributed cooperative control strategies for DC microgrids have been rapidly evolving in recent years. However, introducing a cyber layer to enhance robustness, scalability, and reliability also exposes the system to potential cyber‐attacks. The damage inflicted by such attacks on the system performance can be catastrophic, reaching a point where it may devastate the system normal operation. By using model reference adaptive control (MRAC), this article proposes a resilient approach that does not require an accurate model of the system and despite the uncertainties for detecting false data injections into the reference DC voltage and simultaneously mitigating their adverse effects on the system stability and performance. The proposed technique employs an observer to detect possible false data injections in an online manner. By emulating the behavior of an ideal reference model, the MRAC ensures adaptive adjustments of the control parameters over time to mitigate the negative effects of potential attacks effectively and despite non‐idealities such as measurement noise, parameter variations, and environmental changes in DC microgrids, the MRAC effectively manages false data injection attacks. Simulation studies are conducted using diverse scenarios involving a three‐node DC microgrid to show the effectiveness of the proposed method.

Probability‐Based Finite‐Time Security Control for Switched Stochastic Systems via a Novel Event‐Triggered Mechanism and Its Application

ABSTRACTThis article discusses the finite‐time boundedness (FTB) issue and ‐gain analysis for switched stochastic systems, particularly under the dual influence of DoS attacks and false data injection attacks, by employing a novel event‐triggered mechanism. Different from the moment calculation method, a probability‐based FTB is studied which offers more pertinence. To obtain a less conservative condition of FTB, a switched Lyapunov function is constructed. Additionally, a memory‐based dynamic event‐triggered mechanism is designed to reduce the amounts of triggering and mitigate the state response fluctuations. Based on the incomplete information above, state feedback controllers are devised to satisfy stochastic FTB, ensuring the successful attainment of finite‐time ‐gain. Sufficient conditions are cast into a convex optimization problem by LMIs which can be solved easily. Finally, a compared numerical example and an RLC series circuit are adopted to demonstrate the availability of the theoretical results.

Enhancing SQL Injection Attack Detection Using Naïve Bayes and SMOTE Method on Imbalanced Datasets

SQL injection attack detection is a crucial aspect of cybersecurity, considering the potential damage that such attacks can cause. This study aims to evaluate the effectiveness of the Naive Bayes model in detecting SQL injection attacks on an imbalanced dataset. To address the data imbalance issue, the SMOTE (Synthetic Minority Over-sampling Technique) method was applied. The study consists of two phases: first, training and testing the Naive Bayes model on the original dataset without SMOTE, and second, training and testing on the dataset with SMOTE applied. The results indicate that the Naive Bayes model on the dataset without SMOTE achieved an accuracy of 0.9948, F1 Score of 0.9885, Precision of 0.9906, and Recall of 0.9946. After applying SMOTE, the model's performance improved significantly, with an accuracy of 0.9950, F1 Score of 0.9950, Precision of 0.9950, and Recall of 0.9950. This improvement suggests that SMOTE effectively enhanced class balance in the dataset, improving the model's ability to detect both malicious and safe queries. The study recommends exploring other resampling methods, feature engineering analysis, and testing on more diverse datasets as well as implementation in real-world environments for future research.

Event‐Triggered Secure Control of Positive Networked Control Systems Under Multi‐Channels Attacks

ABSTRACTThis paper focuses on the secure control of positive networked control systems under multi‐channel attacks characterized by a Bernoulli distribution. Specifically, the sensor‐to‐controller channel suffers from false data injection (FDI) attacks, whereas the controller‐to‐actuator channel suffers from denial of service (DoS) attacks. The objective is to design a static output feedback controller that guarantees the positivity and stochastic stability of the closed‐loop system in the presence of DoS and FDI attacks. To conserve communication resources, we employ an event‐triggered scheme to reduce the frequency of information transmission. Due to the positivity of the system, the proposed event‐triggering mechanism employs the 1‐norm form instead of the 2‐norm form, which allows that the controller parameter is determined via linear programming rather than LMI technique. Finally, two simulation examples are provided to verify the effectiveness of our methods.

A Real-Time and Online Dynamic Reconfiguration against Cyber-Attacks to Enhance Security and Cost-Efficiency in Smart Power Microgrids Using Deep Learning

Ensuring the secure and cost-effective operation of smart power microgrids has become a significant concern for managers and operators due to the escalating damage caused by natural phenomena and cyber-attacks. This paper presents a novel framework focused on the dynamic reconfiguration of multi-microgrids to enhance system’s security index, including stability, reliability, and operation costs. The framework incorporates distributed generation (DG) to address cyber-attacks that can lead to line outages or generation failures within the network. Additionally, this work considers the uncertainties and accessibility factors of power networks through a modified point prediction method, which was previously overlooked. To achieve the secure and cost-effective operation of smart power multi-microgrids, an optimization framework is developed as a multi-objective problem, where the states of switches and DG serve as independent parameters, while the dependent parameters consist of the operation cost and techno-security indexes. The multi-objective problem employs deep learning (DL) techniques, specifically based on long short-term memory (LSTM) and prediction intervals, to effectively detect false data injection attacks (FDIAs) on advanced metering infrastructures (AMIs). By incorporating a modified point prediction method, LSTM-based deep learning, and consideration of technical indexes and FDIA cyber-attacks, this framework aims to advance the security and reliability of smart power multi-microgrids. The effectiveness of this method was validated on a network of 118 buses. The results of the proposed approach demonstrate remarkable improvements over PSO, MOGA, ICA, and HHO algorithms in both technical and economic indicators.