Attack Scenarios Research Articles

Resilience Distributed MPC for Dynamically Coupled Multiple Cyber-Physical Systems Subject to Severe Attacks.

This article proposes a resilient distributed model predictive control (DMPC) algorithm for a class of constrained dynamically coupled multiple cyber-physical systems (CPSs) subject to bounded additive disturbances. The algorithm is designed to address severe attacks on the forward controller-actuator (C-A) channel, the feedback sensor-controller (S-C) channel, and the channels between subsystems, without any prior information about the intruder available to the defender. To mitigate the negative effects of intruders, we consider a one-step time delay strategy in the local model predictive controller design. This strategy allows the generated controller data to be checked for acceptability before use. To ensure constraint satisfaction for an infinite-horizon MPC problem while accounting for the unknown duration of attacks, we develop a set of minimally conservative constraints in the open-loop control mode using a constraint tightening technique. Moreover, we obtain an equivalent finite number of constraints for the infinite-horizon problem to ensure recursive feasibility. To prevent tampered data from affecting control performance, a detector module is designed to decide whether data is used by its receiver. It is shown that the closed-loop system is uniformly ultimate boundedness (UUB) under any admissible attack scenario and disturbance realization. Finally, the effectiveness of the proposed algorithm is validated by a case study.

Endpoint Detection and Response (EDR) in Healthcare: Mitigating Threats on Critical Devices

Purpose: This paper aims to identify the strategies for designing, implementing, and evaluating EDR in the safety of mission-critical medical devices and workstations in healthcare environments. Methodology: The exercise involved installing EDR elements throughout a sample of health organization’s endpoints and using bots to stage select cyber threats. This way, the methodology provides controlled exposure to real-life attack scenarios to assess the detection, response time and impact on the system. Findings: Endpoint Detection and Response (EDR) solutions are gradually rising as preventive security measures in response to such new-age threats. With these characteristics, EDR programs are a more advanced form of AV tools as they provide endpoints with real-time monitoring, context-aware detection, automated action, and investigation across numerous phases. The given study depicts how EDR platforms make dwell time low, detect advanced threats in real time, and isolate the affected devices to prevent disruptions in healthcare facilities. Unique Contribution to Theory, Practice and Policy: The study pleas for the systematic integration of EDR into the healthcare cybersecurity frameworks as a cornerstone to the security of the healthcare system and the patient.

Low-Cost Privacy-Preserving Decentralized Learning

Decentralized learning (DL) is an emerging paradigm of collaborative machine learning that enables nodes in a network to train models collectively without sharing their raw data or relying on a central server. This paper introduces Zip-DL, a privacy-aware DL algorithm that leverages correlated noise to achieve robust privacy against local adversaries while ensuring efficient convergence at low communication costs. By progressively neutralizing the noise added during distributed averaging, Zip-DL combines strong privacy guarantees with high model accuracy. Its design requires only one communication round per gradient descent iteration, significantly reducing communication overhead compared to competitors. We establish theoretical bounds on both convergence speed and privacy guarantees. Moreover, extensive experiments demonstrating Zip-DL's practical applicability make it outperform state-of-the-art methods in the accuracy vs. vulnerability trade-off. Specifically, Zip-DL (i) reduces membership-inference attack success rates by up to 35% compared to baseline DL, (ii) decreases attack efficacy by up to 13% compared to competitors offering similar utility, and (iii) achieves up to 59% higher accuracy to completely nullify a basic attack scenario, compared to a state-of-the-art privacy-preserving approach under the same threat model. These results position Zip-DL as a practical and efficient solution for privacy-preserving decentralized learning in real-world applications.

Smart grid security: Safeguarding sustainable energy systems from cyber threats

The rapid advancement and integration of smart grid technologies have revolutionized energy systems by enabling real-time monitoring, enhanced efficiency, decentralized energy generation, and renewable energy integration. However, this increased digitization and connectivity have simultaneously exposed critical infrastructures to a growing array of sophisticated cyber threats. As smart grids evolve into complex, data-driven ecosystems, ensuring their cybersecurity becomes paramount to achieving sustainable and resilient energy systems. This paper explores the intersection of cybersecurity and smart grid sustainability, identifying vulnerabilities in advanced metering infrastructure (AMI), supervisory control and data acquisition (SCADA) systems, distributed energy resources (DERs), and communication protocols. It discusses real-world incidents and simulated attack scenarios to highlight the potential consequences of cyber intrusions on grid stability, data integrity, and energy availability. A comprehensive framework for smart grid security is proposed, focusing on proactive risk management, threat detection through artificial intelligence (AI) and machine learning (ML), blockchain-enabled data validation, and zero-trust architecture models. The framework emphasizes the importance of stakeholder collaboration, regulatory compliance, and continuous system auditing to reinforce cybersecurity postures. Additionally, this study investigates the role of digital twins in simulating cyber-physical interactions and enabling predictive threat modeling for proactive resilience. Furthermore, the paper examines policy gaps, standardization issues, and workforce capacity constraints that hinder effective implementation of cybersecurity measures across diverse energy infrastructures. Strategies for integrating cybersecurity into the lifecycle of smart grid components from design to deployment are also discussed. By aligning technological innovation with robust cybersecurity governance, the paper aims to support the development of secure, adaptive, and sustainable smart energy systems capable of withstanding emerging cyber threats. The insights provided are intended to guide policymakers, grid operators, technology developers, and researchers in fortifying energy systems against cyber vulnerabilities while ensuring the continued advancement of clean and intelligent energy solutions. Ultimately, safeguarding smart grids is not merely a technical imperative but a foundational element for achieving long-term energy sustainability and national security in the digital era.

Denial-of-Service Attacks on Permissioned Blockchains: A Practical Study

Hyperledger Fabric (HLF) is a leading permissioned blockchain platform designed for enterprise applications. However, it faces significant security risks from Denial-of-Service (DoS) attacks targeting its core components. This study systematically investigated network-level DoS attack vectors against HLF, with a focus on threats to its ordering service, Membership Service Provider (MSP), peer nodes, consensus protocols, and architectural dependencies. In this research, we performed experiments on an HLF test bed to demonstrate how compromised components can be exploited to launch DoS attacks and degrade the performance and availability of the blockchain network. Key attack scenarios included manipulating block sizes to induce latency, discarding blocks to disrupt consensus, issuing malicious certificates via MSP, colluding peers to sabotage validation, flooding external clients to overwhelm resources, misconfiguring Raft consensus parameters, and disabling CouchDB to cripple data access. The experimental results reveal severe impacts on the availability, including increased latency, decreased throughput, and inaccessibility of the ledger. Our findings emphasize the need for proactive monitoring and robust defense mechanisms to detect and mitigate DoS threats. Finally, we discuss some future research directions, including lightweight machine learning tailored to HLF, enhanced monitoring by aggregating logs from multiple sources, and collaboration with industry stakeholders to deploy pilot studies of security-enhanced HLF in operational environments.

Protecting IOT Networks Through AI-Based Solutions and Fractional Tchebichef Moments

Advancements in Internet of Things (IoT) technologies have had a profound impact on interconnected devices, leading to exponentially growing networks of billions of intelligent devices. However, this growth has exposed Internet of Things (IoT) systems to cybersecurity vulnerabilities. These vulnerabilities are primarily caused by the inherent limitations of these devices, such as finite battery resources and the requirement for ubiquitous connectivity. The rapid evolution of deep learning (DL) technologies has led to their widespread use in critical application domains, thereby highlighting the need to integrate DL methodologies to improve IoT security systems beyond the basic secure communication protocols. This is essential for creating intelligent security frameworks that can effectively address the increasingly complex cybersecurity threats faced by IoT networks. This study proposes a hybrid methodology that combines fractional discrete Tchebichef moment analysis with deep learning for the prevention of IoT attacks. The effectiveness of our proposed technique for detecting IoT threats was evaluated using the UNSW-NB15 and Bot-IoT datasets, featuring illustrative cases of common IoT attack scenarios, such as DDoS, identity spoofing, network reconnaissance, and unauthorized data access. The empirical results validate the superior classification capabilities of the proposed methodology in IoT cybersecurity threat assessments compared with existing solutions. This study leveraged the synergistic integration of discrete Tchebichef moments and deep convolutional networks to facilitate comprehensive attack detection and prevention in IoT ecosystems.

Big Data-Driven Computer-Aided Network Attack Simulation andc Defense System Optimization

As cyber-attacks and network vulnerabilities get more sophisticated, optimizing protection systems utilizing advanced computational methodologies is critical. Big data approaches are a viable way to simulate network attacks and improve protection measures. But conventional approaches frequently can’t handle massive volumes of real-time data or quickly adjust to changing threats. The goal of the research is to create a large data-driven computer-aided network attack simulation and defense system that uses advanced Machine Learning (ML) techniques to optimize defensive techniques, improve threat detection, and increase system adaptability. A hybrid system that combines big data analytics with Hyperbolic Tangent Particle Swarm Optimized Decision Tree (HTPSO-DT) methods was presented to simulate and predict possible cyber-attacks. Big data refers to the methodologies for collecting, processing by min–max scaling, and extracting insights from diverse, high-volume, and high-velocity data sets using Discrete Wavelet Transform (DWT). The system simulates attack scenarios and optimizes defense responses using real-time network traffic data; behavior analysis and predictive modeling. The defense system adjusts by continuously learning from simulations and continually improving its techniques. The proposed method of HTPSO-DT has performed and achieved precision at 99.12%, recall at 99.15%, [Formula: see text]1 score at 99.17%, [Formula: see text]2 score at 99.09%, [Formula: see text]beta score at 98.95%, and ROC-AUU at 0.88. The method significantly improves attack detection accuracy and reduces defense response time. The suggested solution improves the effectiveness of network defense strategies by integrating big data and ML, allowing for real-time, adaptive protection.

Analysis of Cascading Failures and Recovery in Freeway Network Under the Impact of Incidents

In the past few decades, extensive research has been conducted on the modeling of cascading failures and their recovery processes in freeway networks. In practice, the restoration of functionality and structure in complex networks that suffer large-scale cascading failures may involve a series of repair operations. In this paper, we first propose a cascading failure model for freeway networks, which considers load redistribution by taking travelers’ choice behavior into account. Specifically, we use the Stochastic User Equilibrium (SUE) as a method for redistribution in the model. Next, we propose a recovery strategy focused on critical edges, with their importance ranked through the integration of the network’s topological features and traffic characteristics. This ranking then serves as the foundation for the edge-recovery process. This model considers the operational mechanisms of complex freeway networks. In the experiment, we used the freeway network in Hunan Province as a case study to validate the effectiveness of our model. Traffic volume data were collected from toll stations on the freeway network, and the topological structure of the network was combined with these data to construct a complex weighted freeway network. The evolution of network cascading failures was analyzed under various scenarios of attacks caused by traffic incidents. Subsequently, the failed network was recovered, and the results indicate that the proposed recovery strategy demonstrates better performance compared to other traditional methods. This research provides theoretical and methodological support for the management of freeway networks.

COMPREHENSIVE METHODOLOGY FOR EVALUATING THE FUNCTIONAL CAPABILITIES OF ANTIVIRUS SOFTWARE

In today's conditions of intensive development of information and communication technologies and rapid growth of the number of cyber threats, protection of end devices and information and communication systems of organizations is becoming critical. In this regard, antivirus software remains a key tool in ensuring cyber protection against malicious software and targeted attack scenarios. However, to choose the optimal antivirus software, it is important to have an objective and comprehensive approach to assessing their functionality. The purpose of this article is to develop a Comprehensive Methodology for Evaluating the Functional Capabilities of Antivirus Software. The proposed methodology takes into account a wide range of tests that simulate typical and atypical vectors of malware penetration: from infected ZIP archives, phishing emails, changes to system files (hosts, registry) to detection of Beacon activity, auto-start scripts, obfuscated PowerShell commands, Office document macros, etc. The study evaluates four popular antivirus software products: ESET Endpoint Security, Avast Business Antivirus, Zillya, and Windows Defender. As part of the experiment, the research team evaluated the functions of each antivirus software product according to 21 criteria. The evaluation was carried out in points (0–2) with the corresponding criticality weight (1 – critical, 0.8 – high, 0.5 – medium). The methodology allows you to determine the overall level of functionality and efficiency in percentage terms. This allows you to objectively approach the choice of antivirus software depending on the nature of the information infrastructure and the level of risk. The proposed approach is universal and suitable for adaptation to other platforms and conditions, and can also be expanded to interact with Endpoint Detection and Response (Extended Detection and Response) class systems. The results of the study confirm the importance of a comprehensive approach to cyber protection, taking into account the specifics of modern cyberattacks.

Detecting Rogue Switch and Device Behaviour Using Network Anomalies in LAN

Local Area Networks (LANs) are crucial for modern organizations, facilitating essential communication and dataexchange in wired environments. However, wired LANs are susceptible to internal threats, exacerbated by "Bring Your OwnDevice" (BYOD) policies that increase vulnerability to rogue switches. These unauthorized switches, connected with just anEthernet cable, can be installed by compromised employees or malicious insiders, undermining network security byintercepting and manipulating data traffic. These rogue switches, often plug-and-play devices, are particularly dangerousbecause they are difficult to detect and can be used to spy on network traffic or launch cyberattacks, further increasingorganizational risks. This study presents a hybrid detection and mitigation framework that combines Dynamic ARP Inspection(DAI) with DHCP Snooping, Root Guard, and Port Security with Sticky MAC, alongside AI-driven anomaly detection. Byintegrating rule-based security mechanisms with supervised machine learning models, the system detects subtle deviationsin network traffic and automates threat mitigation. This approach enhances detection accuracy, reduces false positives, andseamlessly integrates into existing security baselines. Experimental validation was conducted using GNS3-based labsimulations with a consistent network topology to evaluate detection effectiveness and dataset generation. Various Layer 2attacks, including ARP spoofing, MAC flooding, and STP root bridge manipulation, were introduced to assess detectionaccuracy. The AI-enhanced system, trained with supervised learning using Logistic Regression, achieved 100% accuracy andan F1-score of 100% across all three attack scenarios, demonstrating its reliability in mitigating Layer 2 threats. The findingsemphasise the effectiveness of combining AI-driven anomaly detection with traditional network security mechanisms toenhance LAN security. Unlike conventional reactive approaches, this framework enables proactive, real-time detection andmitigation, adapting to evolving threats and eliminating reliance on manual monitoring. The ability to detect subtle variationsin network traffic behaviour ensures greater adaptability against sophisticated attacks. By continuously learning and refiningdetection models, the system provides scalable, intelligent, and future-ready network protection against increasinglyadvanced Layer 2 threats.

Improving UAV Remote Sensing Photogrammetry Accuracy Under Navigation Interference Using Anomaly Detection and Data Fusion

Accurate and robust navigation is fundamental to Unmanned Aerial Vehicle (UAV) remote sensing operations. However, the susceptibility of UAV navigation sensors to diverse interference and malicious attacks can severely degrade positioning accuracy and compromise mission integrity. Addressing these vulnerabilities, this paper presents an integrated framework combining sensor anomaly detection with a Dynamic Adaptive Extended Kalman Filter (DAEKF) and federated filtering algorithms to bolster navigation resilience and accuracy for UAV remote sensing. Specifically, mathematical models for prevalent UAV sensor attacks were established. The proposed framework employs adaptive thresholding and residual consistency checks for the real-time identification and isolation of anomalous sensor measurements. Based on these detection outcomes, the DAEKF dynamically adjusts its sensor fusion strategies and noise covariance matrices. To further enhance the fault tolerance, a federated filtering architecture was implemented, utilizing adaptively weighted sub-filters based on assessed trustworthiness to effectively isolate faults. The efficacy of this framework was validated through rigorous experiments that involved real-world flight data and software-defined radio (SDR)-based Global Positioning System (GPS) spoofing, alongside simulated attacks. The results demonstrate exceptional performance, where the average anomaly detection accuracy exceeded 99% and the precision surpassed 98%. Notably, when benchmarked against traditional methods, the proposed system reduced navigation errors by a factor of approximately 2-3 under attack scenarios, which substantially enhanced the operational stability of the UAVs in challenging environments.

Integrating Reconfigurable Intelligent Surfaces into Next-Generation Mobile Networks: Comparative Simulations based on Simu5G

Due to the need for high-performance communication systems capable of supporting a wide range of applications -including industrial automation, smart healthcare, and autonomous driving-, Next-Generation Mobile Networks (NGMNs) are continuing to evolve. Furthermore, to cope with variable traffic situations in urban vehicular environments, autonomous cars require communication, high reliability, doubtless integrity and low latency. Besides, in smart city environments, an AI-powered attack can i) exploit vulnerabilities in connected autonomous vehicles by generating spoofed signals to misdirect navigation and orchestrating jamming attacks to disrupt Vehicle-to-Everything (V2X) communications; In the same way, ii) telemedicine applications and wearable medical devices in the healthcare industry require reliable and secure communication in dynamic, interference-prone indoor and outdoor environments. However, in order to facilitate synchronized Machine-to-Machine (M2M) operations under strict latency and reliability limitations, industrial automation relies on resilient and robust wireless communication. In this context, Reconfigurable Intelligent Surfaces (RISs) have emerged as one of the potential Sixth Generation (6G)-enabling technologies capable of addressing these challenges. By dynamically reconfiguring the wireless propagation environment through programmable surfaces, RISs can improve the system performance in terms of signal reliability, coverage, and energy efficiency. To examine this, this work focuses on comparative simulations evaluating the network-layer performance of RIS-enhanced and non-RIS networks using the network simulation environment Simu5G. Thereby, key RIS features, such as channel optimization and interference suppression, are modelled to assess their impact on critical metrics like Signal-to-Interference-plus-Noise-Ratio (SINR), resilience, and secrecy efficiency against adversarial threats. Furthermore, this work highlights how RISs can mitigate security risks such as eavesdropping, spoofing, and jamming, which are becoming increasingly prevalent in AI-driven attack scenarios. For instance, RISs effectively counters AI-generated spoofed signals in autonomous vehicle networks and suppresses jamming in V2X communication. Comparative results demonstrate the superiority of RIS-enabled network architectures in both performance and security. In addition, the work provides academic and industrial researchers with a robust toolkit for examining the dual function of RIS in improving wireless network performance and security by expanding the Simu5G platform with RIS-capable modules. This contribution is an important step towards enabling real-world deployment of RIS in future networks.

Zero Trust Networks and Federated Unlearning Based 6G Edge Networks: Attack Scenario, Security Model and Future Directions

ABSTRACTThe dynamic interplay between federated learning (FL) and federated unlearning (FU) introduces vulnerabilities, particularly the slow poisoning attack scenario by malicious adversaries. The attack proceeds where adversaries can gradually degrade global model performance over successive update cycles. In this letter, we propose a blueprint architecture that integrates zero trust networks (ZTNs) into both the unlearning (FU) request and the client admission (FL) stages to counteract these threats. By enforcing continuous client verification and rigorous risk assessment, our vision ensures that only authenticated and reliable updates contribute to the global model, thereby preserving model integrity and safeguarding sensitive data. Promising future research directions and open challenges are also discussed.

SDN Attack Identification Model Using Hybrid CNN – LSTM with Attention Mechanism

SDN provides centralised control and programmability, but because of its open and centralised architecture, it is extremely susceptible to cyberattacks like Distributed Denial of Service (DDoS), infiltration, and botnets. In terms of accuracy and flexibility, traditional intrusion detection systems frequently fall short of the changing requirements of SDN settings. In order to solve this, we suggest a hybrid deep learning model that incorporates Long Short-Term Memory (LSTM) networks and Convolutional Neural Networks (CNN), augmented with an Attention mechanism. In order to increase accuracy and interpretability, CNN layers take out spatial information from traffic data, LSTM layers record temporal dependencies, and the Attention mechanism highlights important elements. The CICIDS 2017 dataset is used to train and assess the model, utilising pre - processing methods such as class balancing, label encoding, and normalisation. According to experimental results, our model outperforms conventional models such standalone CNNs and statistical techniques, achieving an accuracy of 93.43%. It performs admirably in a variety of attack scenarios, such as DDoS, probe, and penetration. This study establishes the foundation for real-time, scalable deployment and demonstrates the potential of hybrid deep learning models in SDN cybersecurity. Future research will concentrate on improving the detection of zero-day attacks and tailoring the model for edge computing settings with TensorFlow Lite. Key Words: SDN Security, Intrusion Detection, CNN-LSTM Hybrid, Attention Mechanism, Cyberattack Detection.

Detection of SSH Brute Force Attacks Using Naïve Bayes Classification on Cowrie Honeypot Logs in a Virtualized Environment

The increasing number of brute force cyberattacks targeting SSH services highlights the urgent need for effective early detection and mitigation systems. This study aims to analyze brute force attack patterns using the Naïve Bayes classification algorithm based on log data generated by the Cowrie Honeypot. A simulated virtual environment was developed to emulate attack scenarios and generate authentic SSH log data while preserving real server confidentiality. The system architecture follows the CRISP-DM framework, including data preprocessing, model development, evaluation, and deployment. Evaluation using confusion matrix metrics showed that the Naïve Bayes algorithm successfully distinguished brute force attempts from normal traffic with high accuracy, precision, recall, and F1-score. The findings confirm the potential of combining Cowrie honeypot data with machine learning classifiers as an early warning tool for intrusion detection in enterprise network infrastructures.

CAShift: Benchmarking Log-Based Cloud Attack Detection under Normality Shift

With the rapid advancement of cloud-native computing, securing cloud environments has become an important task. Log-based Anomaly Detection (LAD) is the most representative technique used in different systems for attack detection and safety guarantee, where multiple LAD methods and relevant datasets have been proposed. However, even though some of these datasets are specifically prepared for cloud systems, they only cover limited cloud behaviors and lack information from a whole-system perspective. Another critical issue to consider is normality shift, which implies that the test distribution could differ from the training distribution and highly affect the performance of LAD. Unfortunately, existing works only focus on simple shift types such as chronological changes, while other cloud-specific shift types are ignored, e.g., different deployed cloud architectures. Therefore, a dataset that captures diverse cloud system behaviors and various types of normality shifts is essential. To fill this gap, we construct a dataset CAShift to evaluate the performance of LAD in cloud, which considers different roles of software in cloud systems, supports three real-world normality shift types (application shift, version shift, and cloud architecture shift), and features 20 different attack scenarios in various cloud system components. Based on CAShift, we conduct a comprehensive empirical study to investigate the effectiveness of existing LAD methods in normality shift scenarios. Additionally, to explore the feasibility of shift adaptation, we further investigate three continuous learning approaches, which are the most common methods to mitigate the impact of distribution shift. Results demonstrated that 1) all LAD methods suffer from normality shift where the performance drops up to 34%, and 2) existing continuous learning methods are promising to address shift drawbacks, but the ratio of data used for model retraining and the selection of algorithms highly affect the shift adaptation, with an increase in the F1-Score of up to 27%. Based on our findings, we offer valuable implications for future research in designing more robust LAD models and methods for LAD shift adaptation.

Quantifying Cyber Resilience: A Framework Based on Availability Metrics and AUC-Based Normalization

This study presents a metric selection framework and a normalization method for the quantitative assessment of cyber resilience, with a specific focus on availability as a core dimension. To develop a generalizable evaluation model, service types from 1124 organizations were categorized, and candidate metrics applicable across diverse operational environments were identified. Ten quantitative metrics were derived based on five core selection criteria—objectivity, reproducibility, scalability, practicality, and relevance to resilience—while adhering to the principles of mutual exclusivity and collective exhaustiveness. To validate the framework, two availability-oriented metrics—Transactions per Second (TPS) and Connections per Second (CPS)—were empirically evaluated in a simulated denial-of-service environment using a TCP SYN flood attack scenario. The experiment included three phases: normal operation, attack, and recovery. An Area Under the Curve (AUC)-based Normalized Resilience Index (NRI) was introduced to quantify performance degradation and recovery, using each organization’s Recovery Time Objective (RTO) as a reference baseline. This approach facilitates objective, interpretable comparisons of resilience performance across systems with varying service conditions. The findings demonstrate the practical applicability of the proposed metrics and normalization technique for evaluating cyber resilience and underscore their potential in informing resilience policy development, operational benchmarking, and technical decision-making.

Counter-Samples: A Stateless Strategy to Neutralize Black Box Adversarial Attacks

Our paper introduces a novel defense mechanism against black-box attacks, where attackers exploit the victim model as an oracle to craft adversarial examples. Unlike traditional pre-processing defenses that rely on sanitizing input samples, our stateless strategy directly counters the attack process itself. For each query, we evaluate a counter-sample, an optimized version of the original sample, designed to thwart the attacker's objective. By responding to every black-box query with a targeted white-box optimization, our strategy introduces a strategic asymmetry that significantly advantages the defender. Our approach proves to be highly effective against state-of-the-art black-box attacks, outperforming existing defenses on both CIFAR-10 and ImageNet datasets. Specifically, our method achieves an average attack failure rate (AFR) of 74.7% (up from 13%) on ImageNet and 67.7% (up from 3.5%) on CIFAR-10 when tested against 10 state-of-the-art query-based black-box attacks. Moreover, it maintains the model's performance on legitimate inputs, with accuracy (ACC) reduced by only 0.7% on ImageNet and 0.9% on CIFAR-10. This is in stark contrast to other defenses tested, which can cause accuracy drops of up to 50%. Such a modest decrease ensures negligible performance degradation on legitimate tasks. Furthermore, we demonstrate that our defense exhibits superior robustness across datasets and attack scenarios, including adaptive attacks specifically designed to try to bypass our method. This robustness highlights the strength and adaptability of our approach in countering adversarial threats.

Generative Adversarial and Transformer Network Synergy for Robust Intrusion Detection in IoT Environments

Intrusion detection in the Internet of Things (IoT) environments is increasingly critical due to the rapid proliferation of connected devices and the growing sophistication of cyber threats. Traditional detection methods often fall short in identifying multi-class attacks, particularly in the presence of high-dimensional and imbalanced IoT traffic. To address these challenges, this paper proposes a novel hybrid intrusion detection framework that integrates transformer networks with generative adversarial networks (GANs), aiming to enhance both detection accuracy and robustness. In the proposed architecture, the transformer component effectively models temporal and contextual dependencies within traffic sequences, while the GAN component generates synthetic data to improve feature diversity and mitigate class imbalance. Additionally, an improved non-dominated sorting biogeography-based optimization (INSBBO) algorithm is employed to fine-tune the hyper-parameters of the hybrid model, further enhancing learning stability and detection performance. The model is trained and evaluated on the CIC-IoT-2023 and TON_IoT dataset, which contains a diverse range of real-world IoT traffic and attack scenarios. Experimental results show that our hybrid framework consistently outperforms baseline methods, in both binary and multi-class intrusion detection tasks. The transformer-GAN achieves a multi-class classification accuracy of 99.67%, with an F1-score of 99.61%, and an area under the curve (AUC) of 99.80% in the CIC-IoT-2023 dataset, and achieves 98.84% accuracy, 98.79% F1-score, and 99.12% AUC on the TON_IoT dataset. The superiority of the proposed model was further validated through statistically significant t-test results, lower execution time compared to baselines, and minimal standard deviation across runs, indicating both efficiency and stability. The proposed framework offers a promising approach for enhancing the security and resilience of next-generation IoT systems.

AdvFaceGAN: a face dual-identity impersonation attack method based on generative adversarial networks.

This article aims to reveal security vulnerabilities in current commercial facial recognition systems and promote advancements in facial recognition technology security. Previous research on both digital-domain and physical-domain attacks has lacked consideration of real-world attack scenarios: Digital-domain attacks with good stealthiness often fail to achieve physical implementation, while wearable-based physical-domain attacks typically appear unnatural and cannot evade human visual inspection. We propose AdvFaceGAN, a generative adversarial network (GAN)-based impersonation attack method that generates dual-identity adversarial faces capable of bypassing defenses and being uploaded to facial recognition system databases in our proposed attack scenario, thereby achieving dual-identity impersonation attacks. To enhance visual quality, AdvFaceGAN introduces a structural similarity loss in addition to conventional generative loss and perturbation loss, optimizing the generation pattern of adversarial perturbations. Under the combined effect of these three losses, our method produces adversarial faces with excellent stealthiness that can pass administrator's human review. To improve attack effectiveness, AdvFaceGAN employs an ensemble of facial recognition models with maximum model diversity to calculate identity loss, thereby enhancing similarity to target identities. Innovatively, we incorporate source identity loss into the identity loss calculation, discovering that minor reductions in target identity similarity can be traded for significant improvements in source identity similarity, thus making the adversarial faces generated by our method highly similar to both the source identity and the target identity, addressing limitations in existing impersonation attack methods. Experimental results demonstrate that in black-box attack scenarios, AdvFaceGAN-generated adversarial faces exhibit better stealthiness and stronger transferability compared to existing methods, achieving superior traditional and dual-identity impersonation attack success rates across multiple black-box facial recognition models and three commercial facial recognition application programming interfaces (APIs).