检索结果-内蒙古大学图书馆

ATHENA: An In-vehicle CAN Intrusion Detection Framework Based on Physical Characteristics of Vehicle Systems

学校读者我要写书评

暂无评论

arXiv 2025年

作者： Wang, Kai Sun, Zhen Wang, Bailing Fan, Qilin Li, Ming Zhang, Hongke School of Computer Science and Technology Harbin Institute of Technology Weihai China Shandong Key Laboratory of Industrial Network Security China School of Big Data and Software Engineering Chongqing University Chongqing China Key Laboratory of Dependable Service Computing in Cyber Physical Society of Ministry of Education Chongqing University Chongqing China Jinan Key Laboratory of Distributed Databases Shandong Inspur Database Technology Co. Ltd Jinan China School of Electronic and Information Engineering Beijing Jiaotong University Beijing China

With the growing interconnection between In-Vehicle networks (IVNs) and external environments, intelligent vehicles are increasingly vulnerable to sophisticated external network attacks. This paper proposes ATHENA, the first IVN intrusion detection framework that adopts a vehicle-cloud integrated architecture to achieve better security performance for the resource-constrained vehicular environment. Specifically, in the cloud with sufficient resources, ATHENA uses the clustering method of multi-distribution mixture model combined with deep data mining technology to generate the raw Payload Rule Bank of IVN CAN messages, and then improves the rule quality with the help of exploitation on the first-principled physical knowledge of the vehicle system, after which the payload rules are periodically sent to the vehicle terminal. At the vehicle terminal, a simple LSTM component is used to generate the Time Rule Bank representing the long-term time series dependencies and the periodic characteristics of CAN messages, but not for any detection tasks as in traditional usage scenarios, where only the generated time rules are the candidates for further IVN intrusion detection tasks. Based on both the payload and time rules generated from cloud and vehicle terminal, ATHENA can achieve efficient intrusion detection capability by simple rule-base matching operations, rather than using complex black-box reasoning of resource-intensive neural network models, which is in fact only used for rule logic generation phase instead of the actual intrusion detection phase in our framework. Comparative experimental results on the ROAD dataset, which is current the most outstanding real-world in-vehicle CAN dataset covering new instances of sophisticated and stealthy masquerade attacks, demonstrate ATHENA significantly outperforms the state-of-the-art IVN intrusion detection methods in detecting complex attacks. We make the code available at https://***/wangkai-tech23/ATHENA. Copyright

关键词： network intrusion

Demand Response Scheme: Achieving Sustainability in Distributed Data Processing

学校读者我要写书评

暂无评论

Demand Response Scheme: Achieving Sustainability in Distribu...

IEEE International Conference on Data Science in Cyberspace (DSC)

作者： Xueying Zhai Yunfeng Peng Xiuping Guo Liang Zhang Wei Zhang School of Computer and Communication Engineering University of Science and Technology Beijing Beijing China School of Economics and Management Beijing University of Posts and Telecommunications Beijing China Guizhou Key Laboratory of Electric Power Big Data Guizhou Institute of Technology Guizhou China Key Laboratory of Computing Power Network and Information Security Ministry of Education Shandong Computer Science Center (National Supercomputer Center in Jinan) Qilu University of Technology (Shandong Academy of Sciences) Jinan China

ISBN: (数字)9798350391367

ISBN: (纸本)9798350391374

The rapid development of Internet of Things (IoT) technology has driven the intelligent transformation of various industries, including manufacturing, agriculture, and healthcare, etc., significantly enhancing their management capabilities and decision-making efficiency. Data analysis is crucial, serving as both the core technology of this transformation and a major driving force for advancing industry intelligence. However, the increasing volume of data has led to high energy consumption during data analysis, posing significant challenges to environmental and economic sustainability. Integrating renewable energy sources (RESs) is an effective way to reduce greenhouse gas emissions due to their low-carbon and renewable nature. Additionally, the spatiotemporal variability and complementarity of RES generation and grid electricity prices provide favorable conditions for distributed data processing. Therefore, a two-stage demand response scheme is proposed to reduce carbon emissions and electricity costs by prioritizing data processing in data centers (DCs) where RES is abundant or electricity prices are low, based on RES generation and electricity price signals. Simulation results show that the proposed scheme reduces 36.37% carbon emissions and 20.49% electricity costs compared to the benchmark algorithm, indicating its potential for both environmental and economic optimization.

关键词： Renewable energy sources Energy consumption Costs Electricity Simulation Carbon dioxide Spatiotemporal phenomena Internet of Things Sustainable development Optimization

A Method Based on Hierarchical Spatiotemporal Features for Trojan Traffic Detection

学校读者我要写书评

暂无评论

arXiv 2023年

作者： Xie, Jiang Li, Shuhao Zhang, Yongzheng Yun, Xiaochun Li, Jia Institute of Information Engineering Chinese Academy of Sciences Beijing China Key Laboratory of Network Assessment Technology IIE CAS Beijing China School of Cyber Security University of Chinese Academy of Sciences Beijing China National Computer Network Emergency Response Technical Team Coordination Center of China Beijing China

Trojans are one of the most threatening network attacks currently. HTTP-based Trojan, in particular, accounts for a considerable proportion of them. Moreover, as the network environment becomes more complex, HTTP-based Trojan is more concealed than others. At present, many intrusion detection systems (IDSs) are increasingly difficult to effectively detect such Trojan traffic due to the inherent shortcomings of the methods used and the backwardness of training data. Classical anomaly detection and traditional machine learning-based (TML-based) anomaly detection are highly dependent on expert knowledge to extract features artificially, which is difficult to implement in HTTP-based Trojan traffic detection. Deep learning-based (DL-based) anomaly detection has been locally applied to IDSs, but it cannot be transplanted to HTTP-based Trojan traffic detection directly. To solve this problem, in this paper, we propose a neural network detection model (HSTF-Model) based on hierarchical spatiotemporal features of traffic. Meanwhile, we combine deep learning algorithms with expert knowledge through feature encoders and statistical characteristics to improve the self-learning ability of the model. Experiments indicate that F1 of HSTF-Model can reach 99.4% in real traffic. In addition, we present a dataset BTHT consisting of HTTP-based benign and Trojan traffic to facilitate related research in the field. © 2023, CC BY.

关键词： Anomaly detection

Hard-Label Cryptanalytic Extraction of Neural network Models

学校读者我要写书评

暂无评论

arXiv 2024年

作者： Chen, Yi Dong, Xiaoyang Guo, Jian Shen, Yantian Wang, Anyu Wang, Xiaoyun Institute for Advanced Study Tsinghua University Beijing China Institute for Network Sciences and Cyberspace BNRist Tsinghua University Beijing China School of Physical and Mathematical Sciences Nanyang Technological University Singapore Department of Computer Science and Technology Tsinghua University Beijing China Zhongguancun Laboratory Beijing China Shandong Key Laboratory of Artificial Intelligence Security Shandong China

The machine learning problem of extracting neural network parameters has been proposed for nearly three decades. Functionally equivalent extraction is a crucial goal for research on this problem. When the adversary has access to the raw output of neural networks, various attacks, including those presented at CRYPTO 2020 and EUROCRYPT 2024, have successfully achieved this goal. However, this goal is not achieved when neural networks operate under a hard-label setting where the raw output is inaccessible. In this paper, we propose the first attack that theoretically achieves functionally equivalent extraction under the hard-label setting, which applies to ReLU neural networks. The effectiveness of our attack is validated through practical experiments on a wide range of ReLU neural networks, including neural networks trained on two real benchmarking datasets (MNIST, CIFAR10) widely used in computer vision. For a neural network consisting of 105 parameters, our attack only requires several hours on a single core. © 2024, CC BY.

关键词： Neural network models

security is Readily to Interpret: Quantitative Feature Analysis for Botnet Encrypted Malicious Traffic

学校读者我要写书评

暂无评论

Security is Readily to Interpret: Quantitative Feature Analy...

IEEE Annual International Computer Software and Applications Conference (COMPSAC)

作者： Long Chen Qiaojuan Wang Yanqing Song Jianguo Chen Beijing Key Laboratory of Network Technology QI-AN XIN Group China Applied Sciences and Technologies Research Beihang University Beijing Topsec Network Security Technology Co. Innovation Technology Research Institute China Applied Sciences and Technologies Research Beijing Aerospace Information Sciences and Technologies Geophysical Laboratory Hebei Seismological Observatories China Applied Sciences and Technologies Research Beijing Aerospace Information Sciences and Technologies

Nowadays, there are two problems in the network traffic analysis. One is that it’s difficult to detect the encrypted threat traffic resulting in the ineffective analysis and detection of attack characteristics of complex network such as botnet traffic. The other is that machine learning(ML) is featured by high false alarm rate, long training period and demanding data accuracy. In this work, the data packet was deeply analyzed through the data packet analysis method including the analysis of its header and content so as to realize the analysis of network traffic’s characteristics. The CTU-13 and MCFP data sets were dimension-reduced by the t-SNE algorithm, and the 2-dimensional space was mapped so that the distribution boundary of the data was observed and judged. Through eXtreme Gradient Boosting (XGBoost), Support Vector Machines (SVM), Random Forest, Logistic Regression and other machine learning algorithms, we detected the encrypted traffic and found that XGBoost and Random Forest were better for threatening dense flows. On the basis of feature analysis, we selected all, DNS, HTTP and deleted 20/30/40 importance features for ranking, and quantitatively explained the impact of each feature on threat dense flow classification. Through conducting the performed recursive feature elimination with XGBoost algorithm, this paper obtained the classification ranking and then concluded that the influence degree of overall characteristics was very uneven with the first six characteristics led by average of duration occupying a large weight. By obtaining the SHAP evaluation data of the selected all, DNS, HTTP, and deleted 20/30/40 importance features, this paper quantitatively explained the impact of each feature on the classification of threat dense traffic. In addition, this paper also carried out the impact verification of the importance characteristics. Because machine learning, including deep learning, is difficult to interpret. And to ensure the security of cyberspace,

关键词：

Impossible Differential Analysis on 8-Round PRINCE 9th

学校读者我要写书评

暂无评论

Impossible Differential Analysis on 8-Round PRINCE

9th International Conference on Computer Engineering and networks, CENet2019

作者： Ding, Yaoling Jia, Keting Wang, An Shi, Ying School of Computer Science Beijing Institute of Technology Beijing100081 China Department of Computer Science and Technology Tsinghua University Beijing100084 China Key Laboratory of Network Assessment Technology CAS Institute of Information Engineering Chinese Academy of Sciences Beijing100093 China State Key Laboratory of Information Security Institute of Information Engineering Chinese Academy of Sciences Beijing100093 China

ISBN: (纸本)9789811537523

PRINCE is a lightweight block cipher, which was proposed by Borghoff et al. in Asiacrypt 2012. Various cryptanalytic techniques have been employed to evaluate the security of PRINCE. In 2017, Ding et al. constructed a 4-round impossible differential based on some observations on M′ operation and launched impossible differential attacks on 6- and 7-round PRINCE and the underlying PRINCEcore. In this paper, we explore the differential distribution table (DDT) of the S-box employed in PRINCE and construct a more detailed DDT which contains the input/output values corresponding to each differential. Taking advantage of the table, we compute the subkeys instead of guessing them. With this technique, we extend the impossible differential attacks of PRINCE and PRINCEcore to eight rounds. The corresponding computational and complexities are 110.7 and 62.26 encryptions, respectively, which are much less than exhaustive search. And the data complexities are 64 and 60 chosen plaintexts, respectively. © 2021, Springer Nature Singapore Pte Ltd.

关键词： Cryptography

Recommendation Model Based on Social Homogeneity Factor and Social Influence Factor 17th

学校读者我要写书评

暂无评论

Recommendation Model Based on Social Homogeneity Factor and ...

17th EAI International Conference on Collaborative Computing: networking, Applications, and Worksharing, CollaborateCom 2021

作者： Ying, Weizhi Yu, Qing Wang, Zuohua Tianjin Key Laboratory of Intelligence Computing and Network Security Tianjin University of Technology Tianjin300384 China China Everbright Bank CO. LTD. Beijing100035 China

ISBN: (纸本)9783030926342

In recent years, more and more recommendation algorithms incorporate social information. However, most social recommendation algorithms often only consider the social homogeneity factor between users and do not consider the social influence factor. To make the recommendation model more in line with the real-life situation, this paper proposes a novel graph attention network to model the homogeneity effect and the influence effect in the user domain. Besides, we also extended this idea to the item domain, using information from similar items to alleviate the problem of data sparsity. Also, considering that there will be interactions between the user domain and the item domain, which together affect the user’s preference for the item, we use a contextual multi-armed bandit to weigh the interaction between the two domains. We have conducted extensive comparative experiments and ablation experiments on two real public datasets. The experimental results show that the performance of our proposed model in the rating prediction task is better than other social recommendation model. © 2021, ICST Institute for Computer Sciences, Social Informatics and Telecommunications Engineering.

关键词： Recommender systems

Several new classes of optimal ternary cyclic codes with two or three zeros

学校读者我要写书评

暂无评论

arXiv 2024年

作者： Wu, Gaofei You, Zhuohui Zha, Zhengbang Zhang, Yuqing The State Key Laboratory of Integrated Service Networks School of Cyber Engineering Xidian University Xi’an710071 China The Advanced Cryptography System Security Key Laboratory of Sichuan Province China The College of Mathematics and System Sciences Xinjiang University Urumqi830046 China The National Computer Network Intrusion Protection Center University of Chinese Academy of Sciences Beijing101408 China

Cyclic codes are a subclass of linear codes and have wide applications in data storage systems, communication systems and consumer electronics due to their efficient encoding and decoding algorithms. Let α be a generator of F∗3m, where m is a positive integer. Denote by C(i1,i2,···,it) the cyclic code with generator polynomial mαi1 (x)mαi2 (x) · · · mαit (x), where mαi(x) is the minimal polynomial of αi over F3. In this paper, by analyzing the solutions of certain equations over finite fields, we present four classes of optimal ternary cyclic codes C(0,1,e) and C(1,e,s) with parameters [3m − 1, 3m − 3m/2 − 2, 4], where s = 3m−1/2 . In addition, by determining the solutions of certain equations and analyzing the irreducible factors of certain polynomials over F3m, we present four classes of optimal ternary cyclic codes C(2,e) and C(1,e) with parameters [3m−1, 3m−2m−1, 4]. We show that our new optimal cyclic codes are inequivalent to the known ones. Copyright © 2024, The Authors. All rights reserved.

关键词： Polynomials

Privacy-Preserving IoT Image Transmission: Multi-Stage SVD Data Embedding and Heatmap Alignment

学校读者我要写书评

暂无评论

IEEE Internet of Things Journal 2025年

作者： Du, Kaixin Ma, Bin Yang, Meihong Wang, Xiaoyu Li, Xiaolong Jinan250353 China Shandong Fundamental Research Center for Computer Science Shandong Provincial Key Laboratory of Industrial Network and Information System Security Jinan250101 China Beijing Jiaotong University School of Computer and Information Technology Beijing100044 China

The images transmitted by IoT devices, particularly those used for surveillance or sensor data, are vulnerable to malicious screenshots and unauthorized access, leading to potential privacy breaches. To address this, we propose a multi-stage Singular Value Decomposition (SVD)-based robust data-hiding scheme for JPEG images aimed at mitigating screenshot attacks. The method exploits the decorrelation properties of the Discrete Cosine Transform (DCT) to preprocess the carrier image, facilitating the selection of specific frequency coefficients. These coefficients undergo a dual-stage SVD transformation, where dimensionality reduction reduces the impact of noise from non-critical image regions. Additionally, we optimize Grad-CAM heatmap generation to better align with human visual perception, enabling the identification of stable and reliable feature regions for embedding secret information. This approach ensures that the visual integrity of the carrier image is maintained while preserving the legibility of the embedded information, even under *** method enhances both the visual fidelity of the carrier image and the robustness of the embedded information. Experimental results demonstrate that the proposed scheme outperforms existing methods, achieving at least a 5% improvement in confidential information extraction accuracy and a data extraction rate exceeding 95% across screenshot angles ranging from -40∘ to 40∘. Extensive evaluations confirm the superior performance, efficiency, and security of our method in mitigating screenshot attacks, showcasing its broad applicability to various image formats and resilience to distortions. © 2014 IEEE.

关键词： Discrete cosine transforms