查看更多>>摘要:Motion Compensated Frame Interpolation (MCFI) is a widely used technique to improve the frame rate of a video sequence in recent years, but it can also be used by forgers for malicious forgery, resulting in a large number of fake high-frame-rate videos. This paper presents how the Discrete Cosine Transform (DCT) is used in the logarithm domain to identify whether a video has been forged by MCFI. First, the DCT is taken on each frame in a suspect video. Then, the DCT coefficients are transformed into the logarithm domain. Finally, the mean of the logarithmic DCT coefficients is computed, and its variation over time is taken as the DCT feature to derive a classifier to realize automatic detection. Since MCFI modifies the majority of DCT coefficients in the high-frequency band, the high-frequency DCT coefficients are significantly enhanced by the logarithm transform, making the DCT feature more sensitive to MCFI modification. More importantly, it is proved through quantitative and qualitative analyses that the proposed DCT feature has the capacity for resisting lossy compression. The proposed DCT feature is used to train different classifiers with a large-scale dataset, and the extensive experiments verify that the proposed DCT feature compares favorably with the state-of-the-art methods while having the robustness to lossy compression.
查看更多>>摘要:Integrating large language models (LLMs) into autonomous vehicles facilitates AI-driven interactions for vehicle operations, yet it also introduces vulnerabilities to cyberattacks. Existing session key agreement schemes encounter significant challenges, including key leakage, single points of failure, and resource constraints. To address these limitations, we propose a semi-centralized key agreement protocol tailored for LLM-based autonomous driving systems. The protocol incorporates physical unclonable functions (PUFs) for electronic control unit (ECU) authentication, certificateless public key cryptosystems (CL-PKC) for key pair generation, Shamir's secret sharing for group session key negotiation, and interarrival time-based covert channels with hash key chains for secure communication. Security analysis conducted using the random oracle model and the AVISPA simulation tool verifies the protocol's security and consistency properties. Experimental evaluations demonstrate that the proposed protocol achieves reduced communication and computational overhead while exhibiting strong resilience against in-vehicle cyberattacks. These findings establish the protocol as a lightweight and robust solution for securing LLM-based autonomous driving environments.
Iqbal, TahirWu, GuoweiIqbal, ZahidMahmood, Muhammad Bilal...
1.1-1.15页
查看更多>>摘要:The increasing reliance on open-source software repositories, especially the Python Package Index (PyPi), has introduced serious security vulnerabilities as malicious actors embed malware into widely adopted packages, threatening the integrity of the software supply chain. Traditional detection methods, often based on static analysis, struggle to capture the complex and obfuscated behaviors characteristic of modern malware. Addressing these limitations, we present PypiGuard, an advanced hybrid ensemble meta-model for malicious package detection that integrates both static metadata and dynamic Application Programming Interface (API) call behaviors, enhancing detection accuracy and reducing error rates. Leveraging the MalwareBench dataset, our approach utilizes an innovative preprocessing pipeline that fuses metadata features with categorized API behaviors. The PypiGuard model employs a hybrid ensemble structure composed of Random Forest (RF), Gradient Boosting (GB), Decision Tree (DT), K-Nearest Neighbors (KNN), LightGBM, and an Artificial Neural Network (ANN), assembled through dynamically optimized stacking-based meta-learning framework that adapts to model-specific prediction strengths. Compared to Deep Learning (DL) baselines like Long-Short Term Memory (LSTM) and Convolutional Neural Network (CNN), PypiGuard achieves significant improvements in accuracy and False Positive Rate (FPR), with a detection accuracy of 98.43% and a markedly low FPR, confirming its enhanced effectiveness in accurately identifying malicious packages.
查看更多>>摘要:In recent years, the proliferation of malware has reached unprecedented levels, leading to escalating cybercrime costs. Signatures extracted by static analysis of files have been widely adopted for malware detection: vendors maintain databases of known malware signatures that are shared with registered users. The recent literature has proposed the use of private and consortium (thus, permissioned) blockchains for spreading signatures among blockchain users. These approaches require controlled access to enhance trust and accountability but restrict the widespread sharing of up-to-date signatures because users must be registered. In this paper, we present a novel technique that leverages a public blockchain to enable the massive dissemination of malware signatures among any users since a public blockchain is permissionless. On the other hand, the use of a public blockchain introduces new challenges related to security and data privacy, which our solution solves. The main benefit and outcome of our solution is that any users can securely access and verify malware signatures facilitating real-time detection of malicious files. We implemented our solution in Ethereum and exploited a smart contract written in Solidity to demonstrate that our approach is highly cost-effective.
查看更多>>摘要:With the rapid development of Internet of Things (IoT) technology, the number of connected devices is expected to reach 75 billion worldwide by 2025. loT devices are particularly susceptible to security breaches, making robust access control mechanisms crucial for safeguarding legitimate resource access. Traditional access control systems, however, struggle to manage the scale of loT environments effectively. This paper introduces a novel access control scheme, Group-Capability-Based Access Control with Ring Signature (G-CapBAC), designed and proposed to enhance the scalability of Smart Campus IoT. G-CapBAC leverages blockchain technology as a trust anchor to enforce access policies for loT devices, without requiring these resource-constrained devices to participate directly in the blockchain network, this approach significantly reduces the computational and storage demands on loT devices. In addition, the proposed scheme manages capability tokens by group utilizing the ring signature, which not only reduces storage requirements but also facilitates access policy management. Our security analysis substantiates the robustness of the G-CapBAC scheme. Experimental results indicate superior storage efficiency and expedited access request processing when compared to traditional Capability-Based Access Control (CapBAC).
查看更多>>摘要:Intrusion Detection Systems (IDSs) are evolving to utilize machine learning techniques more frequently, in order to effectively and reliably identify even attacks with small footprints on the network traffic. This paper presents a detailed evaluation of two advanced graph neural network models, D-GSAGE-MARC and GFN-GA, for intrusion detection across a diverse range of IoT and cybersecurity datasets, including CIC-ToN-IoT, NF-UQNIDS, WUSTL-IIOT-2021, InSDN, etc. By integrating multi-head attention mechanisms and Graph Attention Network (GAT) layers into the D-GSAGE-MARC model, we effectively capture complex relationships within graph-structured data while leveraging residual connections to enhance performance. Our comprehensive analysis employs multiple performance metrics to assess both models in multi-class and binary classification scenarios, highlighting their capabilities and shortcomings in identifying different types of cyber-attacks. The results show that the D-GSAGE-MARC model achieves remarkable performance, achieving an accuracy of 99.97% recall of 99.97%, and an F1 score of 99.97% on the WUSTL-IIOT-2021 dataset, establishing it as a highly effective solution for intrusion detection. Meanwhile, GFN-GA excels in detecting frequent threats. Additionally, we visualize the learned embeddings using Uniform Manifold Approximation and Projection (UMAP) techniques to elucidate feature representations utilized during classification. The results highlight the models' stability and adaptability across different datasets, particularly in addressing imbalanced data and rare attack detection.
查看更多>>摘要:The automotive domain is becoming increasingly complex through the integration of new technologies. As a result, cybersecurity is recognized as a pressing issue. This study focuses on the ISO/SAE 21434:2021 standard for road vehicles cybersecurity engineering, evaluating the effectiveness of the standard's risk assessment approach. The standard suggests a set of assessment steps, and previous research has shown that practitioners often face challenges during assessment execution. The absence of clear, structured guidelines within the standard leads to different interpretations, resulting in inconsistent assessment approaches. This inconsistency makes it difficult to compare and measure the quality of the assessments. Our study uses design science methodology to create a new cybersecurity risk assessment ontology in the automotive domain, describing the relationships and interdependencies between cybersecurity risk assessment activities, stakeholders, and work packages. The ontology model is evaluated in a case study at a leading automotive systems supplier to validate the model's suitability for developing a cybersecurity risk assessment method. The findings indicate that the ontology model provides an improved understanding of the underlying risk assessment activities and allows for a structured method for extracting procedural steps according to the standard. This systematic approach increases the cybersecurity risk assessment conformity and the consistency of assessment results. In conclusion, this paper gives valuable insights and actionable recommendations for stakeholders, researchers, and organizations seeking to improve the cybersecurity risk assessment process in the automotive domain.
查看更多>>摘要:With the exponential growth of internet and digital technology, there is a significant increase in the volume of personal data being collected, stored and shared across various platforms poses privacy risks including unauthorized access, misuse and exploitation. To mitigate these risks, effective privacy mechanisms are crucial. One such mechanism is Differential Privacy (DP) which aims to protect personal information by introducing noise into the data to obstruct individual identification. Though it effectively prevents breaches of personal information, a trade-off exists among privacy and accuracy. Additionally, DP often requires meticulous noise parameter tuning which can be complex and resource intensive. To overcome these challenges, this paper proposed the method named Opti-Cluster Differential Privacy (OCDP). The proposed OCDP is designed to automatically determine the optimal amount of noise for a dataset. The dataset is first divided into non- overlapping clusters using k-means clustering. It then employs a hybrid approach combining DP with Particle Swarm Optimization (PSO) to compute the optimal noise parameter (epsilon- epsilon) for each cluster. Based on this computed value, noise is added to each cluster and then it is merged to produce a final perturbed dataset. The Experimental results demonstrate that the proposed OCDP method achieves high privacy while being computationally efficient. The proposed OCDP method produces data with privacy percentages of 84 %, 88 %, 89 %, 85 %, 83 % and 77 % for the Heart Disease, GDM, Adult, Automobile, Thyroid Disease and Insurance datasets respectively representing 13 % (with clustering) and 50 % high (without clustering) when compared with other methods. Moreover, OCDP's computational efficiency allows for faster processing times making it reliable solution for maintaining privacy in large datasets.
查看更多>>摘要:Secure multiparty computation (MPC) schemes allow two or more parties to conjointly compute a function on their private input sets while revealing nothing but the output. Existing state-of-the-art number-theoretic-based designs face the threat of attacks through quantum algorithms. In this context, we present secure MPC protocols that can withstand quantum attacks. We first present the design and analysis of an information-theoretic secure oblivious linear evaluation (OLE), namely BOLE in the quantum domain. We showed that BOLE is safe from external attacks. In addition, it satisfies all the security requirements of a secure OLE. In the following, we utilized BOLE as a building block to construct a quantum-safe multiparty private set intersection (MPSI) protocol.
查看更多>>摘要:Electronic Health Records (EHRs), which are used in modern healthcare systems, store private medical histories for a large number of people. A strong security architecture is required to guarantee patient privacy within EHR databases due to the importance of preserving this personal data. Improving data security and patient privacy during the transfer of sensitive information across healthcare providers for diagnostic purposes is the main emphasis of this work. To enhance the security of electronic health record data, this article proposes a new approach that combines a decentralized, secure blockchain paradigm with a lightweight cryptosystem. The proposed workflow starts with gathering electronic health record data from databases and initializing user transaction information to facilitate communication across various nodes. Public and private keys are produced via an elliptic scheme to enhance the security of health data. Then, medical data is encrypted and decrypted using Integrated Diffie-Hellman Galois-Elliptic-curve Cryptography (IDHG-ECC). The encrypted data is further strengthened by using a consensus process known as Affinity-Propagation encased Practical Byzantine Fault Tolerance (AP-PBFT). Extra security is provided by storing the encrypted data on the off-chain Inter Planetary File System (OIPFS) blockchain. In the evaluation, the proposed model attains efficient encryption and decryption times of 7.88 s and 1.80 s, respectively, with a quick uploading time of 0 .09s. It achieves high transaction throughput (78,288 TPS) with low latency (0.71 s), while read throughput is 137.54 MB/s with minimal latency (0.01 s). CPU utilization is moderate at 20.70%, and memory utilization is 54.00%, ensuring balanced resource management for optimal performance.
NETL
NSTL
Elsevier