Search Results (157)

The rapid growth of Artificial Intelligence of Things (AIoT) environments in various sectors has introduced major security challenges, as these smart devices can be exploited by malicious users to form Botnets of Things (BoT). Limited computational resources and weak encryption mechanisms in such devices make them attractive targets for attacks like Distributed Denial of Service (DDoS), Man-in-the-Middle (MitM), and malware distribution. In this paper, we propose a novel multi-layered architecture to mitigate BoT threats in AIoT environments. The system leverages edge traffic inspection, sandboxing, and machine learning techniques to analyze, detect, and prevent suspicious behavior, while uses centralized monitoring and response automation to ensure rapid mitigation. Experimental results demonstrate the necessity and superiority over or parallel to existing models, providing an early detection of botnet activity, reduced false positives, improved forensic capabilities, and scalable protection for large-scale AIoT areas. Overall, this solution delivers a comprehensive, resilient, and proactive framework to protect AIoT assets from evolving cyber threats. Full article

Rehabilitation robots are a leading solution towards bridging the gap between the growing number of rehabilitation patients requiring therapy and the limited availability of healthcare professionals. However, existing robotic systems are often bulky and expensive, limiting their ability to provide widespread, repetitive, and intensive exercises. This paper presents the development of an impedance-based control strategy designed to provide safe and compliant upper-body passive and active exercises on the low-cost PlanAID robot, which is built using consumer-grade components. The system’s functionalities are evaluated using a high-precision force sensor. Results show that the PlanAID exhibits performance comparable to seminal devices such as the MIT-Manus, achieving a similar applicable reaction force target of 28 N and reflected inertia of 1.1 kg. Although the overall performance is comparable, the low-cost PlanAID prototype suffers from reduced coupled stability margins, limiting the maximum achievable virtual spring constant to 1100 N/m. Despite this limitation, the stiffness values required in practical applications remain low, suggesting that the PlanAID could potentially be a viable candidate for real-world rehabilitation. Initial user feedback was obtained through a preliminary qualitative trial involving healthy subjects. Full article

Industrial Control Systems (ICS) and Cyber–Physical Systems (CPS) are critical infrastructures supporting national sectors, where cyberattacks can directly cause physical process disruptions and safety incidents. Following PRISMA 2020 guidelines, we systematically searched Web of Science, Scopus, IEEE Xplore, and the ACM Digital Library for studies published between 1 January 2021 and 31 October 2025, and finally included 89 primary studies. The literature is categorized into five data modalities—network traffic, operational data, simulation data, hybrid data, and other auxiliary data—and compared in terms of detection objectives, learning paradigms, model families, attack types, and datasets. The analysis shows that network data are effective for detecting cyber-layer attacks such as reconnaissance, DoS, and MITM, while operational data are suited for physical-layer anomalies including process disturbances, FDI, and stealth deviations. Simulation and hybrid data further support rare-scenario generation and cyber–physical consistency checking. However, limitations remain, including reliance on few benchmarks, lack of realistic multi-domain datasets, label sparsity, concept drift, and insufficient consideration of real-time and resource-constrained OT environments. Based on these findings, this review highlights future directions such as multi-domain dataset development, physics- and control-informed model design, hybrid-data-driven integrated detection, and lightweight edge deployment. Full article

SCADA systems, widely used in critical infrastructure, are becoming increasingly vulnerable to complex cyber threats, which can compromise national security. This study presents an artificial intelligence-based approach aimed at the early and reliable detection of cyberattacks against SCADA systems. The study physically scaled the SCADA communication architecture of a hydroelectric power plant and created a suitable test environment. In this environment, in addition to the benign normal state, attack scenarios such as Man-in-the-Middle (MITM), Denial-of-Service (DoS), and Command Injection were implemented while the process created for the system’s operation was running continuously. While the scenarios were being implemented, the SCADA system was monitored, and network data flow was collected and stored for later analysis. Basic machine learning algorithms, including KNN, Naive Bayes, Decision Trees, and Logistic Regression, were applied to the obtained data. Also, different combinations of these methods have been tested. The analysis results showed that the hybrid model, consisting of a Decision Tree and Logistic Regression, achieved the most successful results, with a 98.29% accuracy rate, an Area Under the Curve (AUC) value of 0.998, and a reasonably short detection time. The results demonstrate that the proposed approach can accurately classify various types of attacks on SCADA systems, providing an effective early warning mechanism suitable for field applications. Full article

Traditional ECG detection devices are limited in their development due to the constraints of power consumption and differences in data sources. Currently, spiking neural networks (SNNs) have quickly attracted widespread attention owing to their low power consumption enabled by the event-driven nature and efficient learning capability inspired by the biological brain. This paper proposes a low-power SNN processor that supports on-chip learning. By implementing an efficient on-chip learning algorithm through hardware, adopting a two-layer dynamic neural network architecture, and utilizing an asynchronous communication interface for data transmission, the processor achieves excellent inference and learning performance while maintaining outstanding power efficiency. The proposed design was implemented and verified on Xilinx xc7z045ffg900. On the MIT-BIH database for ECG applications, it achieved an accuracy of 91.4%, with an inference power consumption of 62 mW and 215.53 $\mathsf{\mu }\mathrm{J}$ per classification. The designed processor is well-suited for ECG applications that demand low power consumption and environmental adaptability. Full article

Because of the advancement of IT, cross-domain environments have emerged where independent clouds with different security policies share data. However, sharing data between clouds with heterogeneous security levels is a challenging task, and most existing access control schemes focus on a single cloud domain. Among various access control models, RBAC is suitable for cross-domain data sharing, but existing RBAC schemes cannot provide strong role privacy and do not support freshness in role verification, so they are vulnerable to replay-based misuse of credentials. In this paper, we propose an RBAC scheme for cross-domain cloud environments based on a hash-chain-augmented zk-SNARK and identity-based signatures. The TA issues IBS-based role signing keys to users, and the user proves, through a zk-SNARK circuit, that there exists a valid role signing key satisfying the access policy without revealing the concrete role information to the CDS. In addition, a synchronized hash chain between the user and the CDS is embedded into the proof so that each proof is tied to the current hash-chain state and any previously used proof fails verification when replayed. We formalize role privacy, replay resistance, and MitM resistance in the cross-domain setting and analyze the proposed scheme by comparing it with Saxena and Alam’s I-RBAC, Xu et al.’s RBAC, MO-RBE, and PE-RBAC. The security analysis shows that the proposed scheme achieves robust role privacy against both the CDS and external attackers and prevents replay and man-in-the-middle attacks. Furthermore, the computational cost evaluation based on the number of pairing, exponentiation, point addition, and hash operations confirms that the verifier-side overhead remains comparable to existing schemes, while the additional prover cost is the price for achieving stronger privacy and security. Therefore, the proposed scheme can be applied to cross-domain cloud systems that require secure and privacy-preserving role verification, such as military, healthcare, and government cloud infrastructures. Full article

This study investigated the relationship between maternal barium (Ba) exposure and the risk of miscarriage using metabolomics and machine learning. Analyses were performed on samples from 183 pregnant women from Nanjing: the concentration of Ba in whole blood was measured using inductively coupled plasma mass spectrometry (ICP-MS), and untargeted metabolomics was performed on decidual tissue using high-resolution accurate mass spectrometry (UHPLC-QExactive HF-X). A metabolome-wide association study (MWAS) and mediation interaction effect analysis (MITM) identified metabolites and pathways linked to Ba exposure and miscarriage risk. Among 523 detected metabolites, 19 metabolites and 5 pathways were significantly associated with both Ba exposure and miscarriage, particularly glycerophospholipid metabolism. The effect of Ba exposure on miscarriage risk was mediated by five metabolites, with cuminaldehyde showing the highest share of the total mediating effect (54.74%). These metabolites, including N-acetyl-L-methionine, 4-hydroxynonenal, DG(18:0/18:3(9Z,12Z,15Z)/0:0), 10-formyldihydrofolate, and eicosadienoic acid, were used as biomarkers in a predictive model. The XGBoost model achieved an optimal AUC of 0.90 (95%CI: 0.83–0.96). This study suggests that maternal Ba exposure increases miscarriage risk, potentially through disruptions in amino acid metabolism, oxidative stress, and lipid peroxidation, and highlights the potential of metabolite biomarkers for predicting adverse birth outcomes. Full article

The growing integration of Digital Twins (DTs) in Industry 4.0 environments exposes the physical–virtual communication layer as a critical vector for cyber vulnerabilities; while most studies focus on complex and resource-intensive security mechanisms, this work demonstrates that the inherently predictable nature of DT communications allows simple statistical metrics—such as the $\mu +3\sigma$ threshold—to provide robust, interpretable, and computationally efficient anomaly detection. Using a Docker-based simulation, we emulate Denial-of-Service (DoS), Man-in-the-Middle (MiTM), and intrusion attacks, showing that each generates a distinct statistical signature (e.g., a 50-fold increase in packet rate during DoS). The results confirm that data rate monitoring offers a viable, non-intrusive, and cost-effective first line of defense, thereby enhancing the resilience of IIoT-based Digital Twins. Full article

The world has adopted so many IoT devices but it comes with its own share of security vulnerabilities. One such issue is ARP spoofing attack which allows a man-in-the-middle to intercept packets and thereby modify the communication. Also, this allows an intruder to gain access to the user’s entire local area network. The ACI-IoT-2023 dataset captures ARP spoofing attacks, yet its absence of specified extracted features hinders its application in machine learning-aided intrusion detection systems. To combat this, we present a framework for ARP spoofing detection which improves the dataset by extracting ARP-specific features and evaluating their impact under different time-window configurations. Beyond generic feature engineering and model evaluation, we contribute by treating ARP spoofing as a time-window pattern and aligning the window length with observed spoofing persistence from the dataset timesheet—turning window choice into an explainable, repeatable setting for constrained IoT devices; by standardizing deployment-oriented efficiency profiling (inference latency, RAM usage, and model size) reported alongside accuracy, precision, recall and F1-scores to enable edge-feasible model selection; and by providing an ARP-focused, reproducible pipeline that reconstructs L2 labels from public PCAPs and derives missing link-layer indicators, yielding a transparent path from labeling to windowed features to training evaluation. Our research systematically analyzes five models with multiple time-windows, including Decision Tree, Random Forest, XGBoost, CatBoost, and K-Nearest Neighbors. This study shows that XGBoost and CatBoost provide maximum performance at the 1800 s window that corresponds to the longest spoofing duration in the timesheet, achieving accuracy greater than 0.93%, precision above 0.95%, recall near 0.91%, and F1-scores above 0.93%. Although Decision Tree has the least inference latency (∼0.4 ms.), its lower recall risks missed attacks. By contrast, XGBoost and CatBoost sustain strong detection with less than 6$ ms inference and moderate RAM, indicating practicality for IoT deployment. We also observe diminishing returns beyond (∼1800 s) due to temporal over-aggregation. Full article

This study introduces an energy-aware hybrid security framework that safeguards embedded systems against code theft, closing a critical gap. The approach integrates bitstream encryption, dynamic key generation, and Dynamic Function eXchange (DFX)-based memory obfuscation, yielding a layered hardware–software countermeasure to Read-Only Memory (ROM) scraping, side-channel attacks, and Man-in-the-Middle (MITM) intrusions by eavesdropping on communications on pins, cables, or Printed Circuit Board (PCB) routes. Prototyped on a Xilinx Zynq-7020 System-on-Chip (SoC) and applicable to MicroBlaze-based designs, it derives a fresh Authenticated Encryption with Associated Data (AEAD) key for each record via an Ascon-eXtendable-Output Function (XOF)–based Key Derivation Function (KDF) bound to a device identifier and a rotating slice from a secret pool, while relocating both the pool and selected Block RAM (BRAM)-resident code pages via Dynamic Function eXchange (DFX). This moving-target strategy frustrates ROM scraping, probing, and communication-line eavesdropping, while cryptographic confidentiality and integrity are provided by a lightweight AEAD (Ascon). Hardware evaluation reports cycles/byte, end-to-end latency, and per-packet energy under identical conditions across lightweight AEAD baselines; the framework’s key-derivation and DFX layers are orthogonal to the chosen AEAD. The threat model, field layouts (Nonce/AAD), receiver-side acceptance checks, and quantitative bounds are specified to enable reproducibility. By avoiding online key exchange and keeping long-lived secrets off Programmable Logic (PL)-based external memories while continuously relocating their physical locus, the framework provides a deployable, energy-aware defense in depth against code-theft vectors in FPGA-based systems. Overall, the work provides an original and deployable solution for strengthening the security of commercial products against code theft in embedded environments. Full article

The non-oxidizing antimicrobial 2-Methyl-4-Isothiazolin-3-one (MIT) poses a significant environmental risk given its frequent detection in municipal wastewater. This study showed that the combination of Vacuum UV/UV (VUV/UV) and persulfate (PDS) efficiently achieved the rapid transformation and removal of 10 μM MIT within 90 s, which is much faster than UV, UV/PDS, and VUV/UV. Increasing the PDS dosage improved MIT degradation, whereas changes in pH between 4 and 10 had little effect. Radical quenching experiments showed that 93% of the MIT oxidation was attributable to the hydroxyl radical (•OH) and the sulfate radical (SO₄•⁻). SO₄•⁻ and •OH at concentrations of 8.6 × 10⁻¹² M and 1.5 × 10⁻¹² M accounted for 32% and 61% of the MIT degradation, respectively, and the greater contribution of •OH was attributed to its higher reaction rate constant with MIT compared to SO₄•⁻. Sulfate had a negligible impact on the radical concentrations. Chloride (1 mM) reduced the SO₄•⁻ and •OH concentrations by 61% and 27%, respectively. And the SO₄•⁻ contribution to MIT degradation fell to 19%. Nitrate (5 mM) readily quenched •OH but minimally affected SO₄•⁻. The •OH concentration decreased by 79%, reducing its contribution to 27%. Bicarbonate/carbonate (5 mM) simultaneously reduced the SO₄•⁻ and •OH by 26–30% and had little effect on their contributions. Because of the quenching effect of organic matter and inorganic anions on radicals, secondary effluent inhibited the degradation of MIT. After a 120 s treatment, the total organic carbon, UV₂₅₄, and fluorescence regional integration were reduced by 5%, 8%, and 17–24%, respectively. This study provides a quantitative analysis of how inorganic ions alter the concentrations and contributions of •OH and SO₄•⁻, elucidating the MIT removal mechanisms in VUV/UV/PDS for sustainable wastewater reclamation. Full article

In the early months of 2025, a significant seismic activity was recorded in the area between Santorini and Amorgos, raising concerns about the potential occurrence of a major earthquake and a possible tsunami. The objective of this study is to assess the earthquake-triggered tsunami hazard in the Santorini-Amorgos Tectonic Zone (SATZ) by simulating tsunami processes using the MOST (Method of Splitting Tsunami) numerical model, implemented through the ComMIT (Community Model Interface for Tsunamis). High-resolution bathymetry and topography were employed to model tsunami generation, propagation, and onshore inundation. A total of 60 simulations were conducted using a deterministic approach based on worst-case scenarios. The analysis considered six major active faults with two kinematic types, pure normal and oblique-slip, and assessed tsunami impact on five selected coastal study areas. The simulations results showed potential maximum run-up values of 4.1 m in Gialos (Ios), 2.7 m in Kamari (Santorini), 2.4 m in Perissa (Santorini), 1.5 m in Katapola (Amorgos), and 2.3 m in Chora (Astypalaea), in some cases affecting residential zones. Inundation flows also impacted the main ports of Gialos, Katapola, and Chora, highlighting the exposure of critical infrastructure. Although earthquake-triggered tsunamis represent a potential hazard in the SATZ, the results indicated that it is unlikely to cause a widespread disaster in the study areas. Full article

Stealth attacks targeting industrial control systems (ICS) exploit subtle sequences of malicious actions, making them difficult to detect with conventional methods. The OPC Unified Architecture (OPC UA) protocol—now widely adopted in SCADA/ICS environments—enhances OT–IT integration but simultaneously increases the exposure of critical infrastructures to sophisticated cyberattacks. Traditional detection approaches, which rely on instantaneous traffic features and static models, neglect the sequential dimension that is essential for uncovering such gradual intrusions. To address this limitation, we propose a hybrid sequential anomaly detection pipeline that combines Markov chain modeling to capture temporal dependencies with machine learning algorithms for anomaly detection. The pipeline is further augmented by explainability through SHapley Additive exPlanations (SHAP) and causal inference using the PC algorithm. Experimental evaluation on an OPC UA dataset simulating Man-In-The-Middle (MITM) and denial-of-service (DoS) attacks demonstrates that incorporating a second-order sequential memory significantly improves detection: F1-score increases by +2.27%, precision by +2.33%, and recall by +3.02%. SHAP analysis identifies the most influential features and transitions, while the causal graph highlights deviations from the system’s normal structure under attack, thereby providing interpretable insights into the root causes of anomalies. Full article

The smart grid (SG) plays a seminal role in the modern energy landscape by integrating digital technologies, the Internet of Things (IoT), and Advanced Metering Infrastructure (AMI) to enable bidirectional energy flow, real-time monitoring, and enhanced operational efficiency. However, these advancements also introduce critical challenges related to data privacy, cybersecurity, and operational balance. This review critically evaluates SG systems, beginning with an analysis of data privacy vulnerabilities, including Man-in-the-Middle (MITM), Denial-of-Service (DoS), and replay attacks, as well as insider threats, exemplified by incidents such as the 2023 Hydro-Québec cyberattack and the 2024 blackout in Spain. The review further details the SG architecture and its key components, including smart meters (SMs), control centers (CCs), aggregators, smart appliances, and renewable energy sources (RESs), while emphasizing essential security requirements such as confidentiality, integrity, availability, secure storage, and scalability. Various privacy preservation techniques are discussed, including cryptographic tools like Homomorphic Encryption, Zero-Knowledge Proofs, and Secure Multiparty Computation, anonymization and aggregation methods such as differential privacy and k-Anonymity, as well as blockchain-based approaches and machine learning solutions. Additionally, the review examines pricing models and their resolution strategies, Demand–Supply Balance Programs (DSBPs) utilizing optimization, game-theoretic, and AI-based approaches, and energy storage systems (ESSs) encompassing lead–acid, lithium-ion, sodium-sulfur, and sodium-ion batteries, highlighting their respective advantages and limitations. By synthesizing these findings, the review identifies existing research gaps and provides guidance for future studies aimed at advancing secure, efficient, and sustainable smart grid implementations. Full article

This study examines the ionospheric response to the intense geomagnetic storm of 9–12 October 2024 over the European sector. Digisonde data from mid-latitude European stations and in situ electron density measurements from Swarm A and B satellites were used to analyze variations in key ionospheric characteristics, including the critical frequency (foF2), peak height (hmF2) and plasma drift velocities. Significant uplift of the F2 layer and a corresponding reduction in foF2 were observed across latitudes, primarily driven by prompt penetration electric fields (PPEFs) and storm-induced thermospheric winds. Horizontal and vertical ion drifts showed large asymmetries and reversals, with zonal drift velocities exceeding 1000 m/s at some stations. Swarm observations confirmed plasma density enhancements during the main phase and notable depletions during recovery, particularly after 1:00 UT on 11 October. The midlatitude ionospheric trough (MIT) intensified during the recovery phase, as can be seen from Swarm B. These variations were shaped by electrodynamic forcing, compositional changes and disturbance dynamo electric fields (DDEFs). The results emphasize the role of solar wind drivers, latitude-dependent electrodynamic coupling and thermospheric dynamics in mid-latitude ionospheric variability during geomagnetic storms. Full article