Search Results (2,252)

The security and integrity of election systems represent fundamental pillars of democratic governance in the 21st century. As electoral processes increasingly rely on networked technologies and digital infrastructures, the vulnerability of these systems to cyber threats has become a paramount concern for election officials, cybersecurity experts, and policymakers worldwide. This paper presents the first comprehensive synthesis and systematic analysis of vulnerabilities across major U.S. election systems, integrating findings from government assessments, security research, and documented incidents into a unified analytical framework. We compile and categorize previously fragmented vulnerability data from multiple vendors, federal advisories (CISA, EAC), and security assessments to construct a holistic view of the election security landscape. Our novel contribution includes (1) the first cross-vendor vulnerability taxonomy for election systems, (2) a quantitative risk assessment framework specifically designed for election infrastructure, (3) systematic mapping of threat actor capabilities against election system components, and (4) the first proposal for honeynet deployment in election security contexts. Through analysis of over 200 authoritative sources, we identify critical security gaps in federal guidelines, quantify risks in networked election components, and reveal systemic vulnerabilities that only emerge through comprehensive cross-system analysis. Our findings demonstrate that interconnected vulnerabilities create risk-amplification factors of 2-5x compared to isolated component analysis, highlighting the urgent need for comprehensive federal cybersecurity standards, improved network segmentation, and enhanced monitoring capabilities to protect democratic processes. Full article

The rise of connected and automated vehicles has transformed in-vehicle infotainment (IVI) systems into critical gateways linking user interfaces, vehicular networks, and cloud-based fleet services. A concerning architectural reality is that hardcoded credentials like access point names (APNs) in IVI firmware create a cross-layer attack surface where local exposure can escalate into entire vehicle fleets being remotely compromised. To address this risk, we propose a cross-layer security framework that integrates firmware extraction, symbolic execution, and targeted fuzzing to reconstruct authentic IVI-to-backend interactions and uncover high-impact web vulnerabilities such as server-side request forgery (SSRF) and broken access control. Applied across seven diverse automotive systems, including major original equipment manufacturers (OEMs) (Mercedes-Benz, Tesla, SAIC, FAW-VW, Denza), Tier-1 supplier Bosch, and advanced driver assistance systems (ADAS) vendor Minieye, our approach exposes systemic anti-patterns and demonstrates a fully realized exploit that enables remote control of approximately six million Mercedes-Benz vehicles. All 23 discovered vulnerabilities, including seven CVEs, were patched within one month. In closed automotive ecosystems, we argue that the true measure of efficacy lies not in maximizing code coverage but in discovering actionable, fleet-wide attack paths, which is precisely what our approach delivers. Full article

The integrity of certification processes in the agrifood and fishing industries is essential for combating fraud, ensuring food safety, and meeting rising consumer expectations for transparency and sustainability. Yet, current certification systems remain fragmented, and they are vulnerable to tampering and highly dependent on manual or centralized procedures. This study addresses these gaps by providing a comprehensive survey that systematically classifies blockchain-based certification technologies and methodologies applied to the fisheries sector. The survey examines how the blockchain enhances trust through immutable record-keeping, smart contracts, and decentralized verification mechanisms, ensuring authenticity and accountability across the supply chain. Special attention is given to case studies and implementations that focus on ensuring food safety, verifying sustainability claims, and fostering consumer trust through transparent labeling. Furthermore, the paper identifies technological barriers, such as scalability and interoperability, and puts forward a collection of functional and non-functional requirements for holistic blockchain implementation. By providing a detailed overview of current trends and gaps, this study aims to guide researchers, industry stakeholders, and policymakers in adopting and optimizing blockchain technologies for certification. The findings highlight the potential of blockchain to innovate certification systems, easing the way for more resilient, sustainable, and consumer-centric agrifood and fishing industries. Full article

As the demand for secure communication and data integrity in embedded and networked systems continues to grow, there is an increasing need for cryptographic solutions that provide robust security while efficiently using energy and hardware resources. Although software-based implementations of SHA-3 provide design flexibility, they often struggle to meet the performance and power limitations of constrained environments. This study introduces a hardware-accelerated SHA-3 solution tailored for the Xilinx Artix-7 FPGA. The architecture includes a fully pipelined Keccak-f [¹⁶⁰⁰] core and incorporates design strategies such as selective loop unrolling, clock gating, and pipeline balancing to enhance overall efficiency. Developed in VHDL and synthesised using Vivado 2024.2.2, the design achieves a throughput of 1.35 Gbps at 210 MHz, with a power consumption of 0.94 W—yielding an energy efficiency of 1.44 Gbps/W. Validation using NIST SHA-3 vectors confirms its reliable performance, making it a promising candidate for secure embedded systems, including IoT platforms, edge devices, and real-time authentication applications. Full article

The integration of operational technology (OT) and information technology (IT) within the Industrial Internet of Things (IIoT) has posed prominent security challenges for resource-constrained devices. Existing authentication architectures often suffer from critical vulnerabilities: one is their reliance on centralized trusted third parties, which creates single points of failure; the other is their use of static credentials like biometrics, which pose severe privacy risks if compromised. To address these limitations, this paper proposes DLR-Auth, which combines chaotic synchronization of semiconductor superlattice physically unclonable functions (SSL-PUFs) with Shamir’s secret sharing (SSS) to enable decentralized registration and revocable templates. Notably, DLR-Auth is a two-party authentication framework that removes the need for a separate online registration authority that operates directly between a user device ($U{D}_i$) and a server (S). In our setting, the server S still acts as the central relying party and hardware authority embedding the matched SSL-PUF module. The protocol also includes an efficient multi-access mechanism optimized for high-frequency interactions. Formal security analysis with the Real-or-Random (ROR) model proves the semantic security of the session key, while performance evaluations demonstrate that DLR-Auth has significant advantages in computational and communication efficiency. DLR-Auth thus offers a robust, scalable, lightweight solution for next-generation secure IIoT systems. Full article

In personal computers, data is input through devices such as keyboards and mice, and various services are received from the internet. To provide these online services, secure user authentication methods are essential. Knowledge-based authentication methods, such as PINs or passwords, have been widely implemented in most services due to their ease of implementation. However, security threats such as brute-force attacks, phishing attacks, and keyboard data attacks that intercept sensitive user information have emerged. To counter these security threats, image-based authentication methods using mouse input were introduced. However, vulnerabilities arose when functions like GetCursorPos() or WM_INPUT messages were used, allowing mouse input data to be intercepted, thereby undermining image-based authentication. To defend against these attacks, counter-defence methods were developed to generate fake mouse data, protecting actual mouse data. With the advent of these defence methods, there has been a demand for attack methods to classify fake and real mouse data. Recently, machine learning-based methods have been employed on the attacker’s side to classify real mouse data, effectively distinguishing fake from real mouse data and compromising the security of image-based authentication methods. Therefore, this paper proposes a defence technology to safely protect mouse data from theft attacks using machine learning, specifically leveraging Generative Adversarial Networks (GANs). To achieve the goal of this defence technology, the distribution of fake mouse data generated using GANs was analyzed, verifying the feasibility of mouse defence methods. In summary, a system incorporating the defence technology was constructed, and a dataset containing both fake and real mouse data was created. Based on the constructed environment, the performance of the mouse data defence technology was evaluated. The results showed that it reduced performance by up to 37% in the dataset with the highest performance of existing machine learning-based attack methods. This study concludes that the proposed mouse data defence technology effectively addresses vulnerabilities and security threats related to user authentication information in various services relying on image-based authentication methods. Full article

According to the Australasian Society for Developmental Paediatrics, experiential learning and outdoor play contain elements of risk, bravery, uncertainty, exploration, personal challenge, and adventure. These attributes are fundamental to a child’s growth, development, and wellbeing, and yet, in contemporary society, outdoor experiences have significantly declined. This scoping review explores the benefits and affordances of nature-based risky play and adventure education across early childhood and adolescence, asking what developmental opportunities emerge when children and adolescents engage in meaningful outdoor challenges. Adopting a benefit–risk approach where safety is “as safe as necessary” rather than “as safe as possible,” the review identifies common elements across developmental stages. A scoping review following PRISMA-ScR guidelines synthesised empirical studies (2015–2025). Our review included 40 empirical studies from a total of 5218 references, using diverse methodologies conducted predominantly in Western nations. All 40 studies reported positive associations across multiple developmental domains. Eight key themes developed: resilience and confidence, wellbeing, physical skills, autonomy and agency, nature connectedness, quality play provision, and educator influence. Authentic child agency and autonomy functioned as critical mechanisms through which benefits are realised across early childhood and school-aged populations. Key benefits included enhanced mental health, social competence, and anxiety prevention. Implementation barriers persist, including parental anxiety, institutional liability concerns, and cultural risk aversion. Evidence overwhelmingly supports nature-based risky play and outdoor adventure education as beneficial for child and adolescent development. Translation into practice remains limited by stakeholder attitudes and systemic barriers. Future research should prioritise longitudinal studies, cross-cultural investigation, and equity-focused approaches addressing disparities in access to positive risk-taking. Full article

In the context of privacy-preserving face recognition systems, entropy plays a crucial role in determining the efficiency and security of computational processes. However, existing schemes often encounter challenges such as inefficiency and high entropy in their computational models. To address these issues, we propose a privacy-preserving face recognition method based on the Face Feature Coding Method (FFCM) and symmetric homomorphic encryption, which reduces computational entropy while enhancing system efficiency and ensuring facial privacy protection. Specifically, to accelerate the matching speed during the authentication phase, we construct an N-ary feature tree using a neural network-based FFCM, significantly improving ciphertext search efficiency. Additionally, during authentication, the server computes the cosine similarity of the matched facial features in ciphertext form using lightweight symmetric homomorphic encryption, minimizing entropy in the computation process and reducing overall system complexity. Security analysis indicates that critical template information remains secure and resilient against both passive and active attacks. Experimental results demonstrate that the facial authentication efficiency with FFCM classification is 4% to 6% higher than recent state-of-the-art solutions. This method provides an efficient, secure, and entropy-aware approach for privacy-preserving face recognition, offering substantial improvements in large-scale applications. Full article

IoT applications are increasingly common, yet they often rely on expensive, externally managed authentication services. This paper introduces a novel, self-contained authentication method for IoT applications which leverages fog computing principles to lower operational costs and infrastructure complexity. The proposed system, fogauth, combines device serial numbers with cryptographically generated UUIDs to establish secure identification without third-party services. A static cloud-side architecture coupled with a lightweight, locally hosted API enables secure authentication through object-storage operations. Performance testing demonstrates comparable security performance to commercial cloud-based authentication while reducing long-term operational costs and maintaining latency at below 2 minutes in production conditions. fogauth provides a scalable and economically viable alternative for companies seeking to reduce cloud dependency and minimize long-term costs associated with IoT application security. To support reproducibility, a complete open-source implementation and validation dataset are provided, allowing independent replication and extension of the system. Full article

Ensuring the integrity of medical images is essential to securing clinical workflows, telemedicine platforms, and healthcare IoT environments. Existing watermarking and reversible data-hiding approaches often modify pixel intensities, reducing diagnostic fidelity, introducing embedding constraints, or causing instability under compression and format conversion. This work proposes a distortion-free, non-embedding authentication framework that leverages the inherent stability of the most significant bit (MSB) patterns in the Non-Region of Interest (NROI) to construct a secure and tamper-sensitive reference for the diagnostic Region of Interest (ROI). The ROI is partitioned into fixed blocks, each producing a 256-bit SHA-256 signature. Instead of embedding this signature, each hash bit is mapped to an NROI pixel whose MSB matches the corresponding bit value, and only the encrypted coordinates of these pixels are stored externally in a secure database. During verification, hashes are recomputed and compared bit-by-bit with the MSB sequence extracted from the referenced NROI coordinates, enabling precise block-level tamper localization without modifying the image. Extensive experiments conducted on MRI (OASIS), X-ray (ChestX-ray14), and CT (CT-ORG) datasets demonstrate the following: (i) perfect zero-distortion fidelity; (ii) stable and deterministic MSB-class mapping with abundant coordinate diversity; (iii) 100% detection of intentional ROI tampering with no false positives across the six clinically relevant manipulation types; and (iv) robustness to common benign Non-ROI operations. The results show that the proposed scheme offers a practical, secure, and computationally lightweight solution for medical image integrity verification in PACS systems, cloud-based archives, and healthcare IoT applications, while avoiding the limitations of embedding-based methods. Full article

The generation of synthetic cyber threat intelligence (CTI) has emerged as a significant area of research, particularly regarding the capacity of large language models (LLMs) to produce realistic yet deceptive security content. This study explores both the generative and evaluative aspects of CTI synthesis by employing a custom-developed detection system and publicly accessible LLMs. The evaluation combined automated analysis with a human study involving cybersecurity professionals. The results indicate that even a compact, resource-efficient fine-tuned model can generate highly convincing CTI misinformation capable of deceiving experts and AI-based classifiers. Human participants achieved an average accuracy around 50% in distinguishing between authentic and generated CTI reports. However, the proposed hybrid detection model achieved 98.5% accuracy on the test set and maintained strong generalization with 88.5% accuracy on unseen data. These findings demonstrate both the potential of lightweight models to generate credible CTI narratives and the effectiveness of specialized detection systems in mitigating such threats. The study underscores the growing risk of harmful misinformation in AI-driven CTI and highlights the importance of incorporating robust validation mechanisms within cybersecurity infrastructures to enhance defense resilience. Full article

This study aimed to design a virtual reality (VR)–based mountaineering education system and examined its effects on junior high school students’ learning outcomes, motivation, and cognitive load in compass operation and map reading. The system integrated 3D terrain models and interactive mechanisms across four instructional modules: Direction Recognition, Map Symbols, Magnetic Declination Adjustment, and Resection Positioning. By incorporating immersive 3D environments and hands-on virtual exercises, the system simulates authentic mountaineering scenarios, enabling students to develop essential field orientation and navigation skills. An experimental design was implemented, with participants assigned to either an experimental group learning with the VR system or a control group receiving slide-based instruction. Data were collected using pre-tests, post-tests, and questionnaires, and analyzed using SPSS for descriptive statistics, paired-sample t-tests, independent-sample t-tests, and one-way ANCOVA at a significance level of α = 0.05. The findings indicated that the experimental group achieved significantly higher post-test learning performance than the control group (F = 6.37, p = 0.014). Moreover, significant or highly significant improvements were observed across the four dimensions of learning motivation—attention, relevance, confidence, and satisfaction. The experimental group also exhibited a significantly lower extraneous cognitive load (p = 0.024). Therefore, the VR mountaineering education system provides an immersive, safe, and effective approach to teaching mountaineering and outdoor survival skills. Full article

Although much research in environmental and sustainability education has focused on knowledge and awareness, fewer studies have examined how school-based projects can foster young learners’ capacity for action. This study investigates how emancipatory, school-based environmental projects can foster young learners’ foundational capacities for contributing to a more sustainable and caring future. Grounded in the Bildung perspective and the action competence framework, a 16-week intervention was implemented with Grade 8 students who collaboratively identified and addressed authentic environmental issues—such as waste mismanagement, sanitation concerns, and safety risks—within their school community. Using a concurrent mixed-methods design, quantitative data from the Student Action Competence Questionnaire were integrated with qualitative evidence from worksheets and reflective journals. Results show consistent improvement across all dimensions of action competence, particularly in democratic collaboration and students’ willingness to take shared responsibility for environmental well-being. Qualitative findings reveal the development of critical reflection, co-creation with school stakeholders, and a growing sense of social responsibility, as students engaged in activities ranging from redesigning waste systems to proposing improvements through official communication channels. Rather than focusing on large-scale environmental outcomes, the projects cultivated everyday practices of care, participation, and ethical awareness—key dispositions for inspiring long-term change toward a greener and more sustainable future. The study highlights how context-based, dialogic learning can empower students as emerging environmental citizens within their immediate communities. Full article

Biometric authentication on smartphones has advanced rapidly in recent years, with face recognition becoming the dominant modality due to its convenience and easy integration with modern mobile hardware. However, despite these developments, smartphone-based facial recognition systems remain vulnerable to a broad spectrum of attacks. This survey provides an updated and comprehensive examination of the evolving attack landscape and corresponding defense mechanisms, incorporating recent advances up to 2025. A key contribution of this work is a structured taxonomy of attack types targeting smartphone facial recognition systems, encompassing (i) 2D and 3D presentation attacks; (ii) digital attacks; and (iii) dynamic attack patterns that exploit acquisition conditions. We analyze how these increasingly realistic and condition-dependent attacks challenge the robustness and generalization capabilities of modern face anti-spoofing (FAS) systems. On the defense side, the paper reviews recent progress in liveness detection, deep-learning- and transformer-based approaches, quality-aware and domain-generalizable models, and emerging unified frameworks capable of handling both physical and digital spoofing. Hardware-assisted methods and multi-modal techniques are also examined, with specific attention to their applicability in mobile environments. Furthermore, we provide a systematic overview of commonly used datasets, evaluation metrics, and cross-domain testing protocols, identifying limitations related to demographic bias, dataset variability, and controlled laboratory conditions. Finally, the survey outlines key research challenges and future directions, including the need for mobile-efficient anti-spoofing models, standardized in-the-wild evaluation protocols, and defenses robust to unseen and AI-generated spoof types. Collectively, this work offers an integrated view of current trends and emerging paradigms in smartphone-based face anti-spoofing, supporting the development of more secure and resilient biometric authentication systems. Full article

The Border Gateway Protocol (BGP) is the core protocol for inter-domain routing on the Internet. However, due to its lack of built-in security authentication mechanisms, BGP is highly vulnerable to misconfigurations or malicious route announcements, which can lead to severe incidents such as route hijacking and information leakage. Existing detection methods face two major bottlenecks: First, as the scale of Autonomous System (AS)-level topology continues to grow, conventional graph neural networks struggle to meet the demands of computational resources and latency. Second, the observational data provided by current monitoring systems are inherently localized. To address these challenges, this paper proposes a Graph Learning-driven framework for BGP Anomaly Detection, named GLBAD. The core design of GLBAD comprises three components: First, to handle BGP’s large-scale network topology, we propose a graph partition method to perform a dedicated topological partitioning on the BGP network. Second, to overcome the limitation of localized observational data, we design a graph autoencoder-based approach for adaptive graph learning, enabling topology inference. Finally, integrating the above components, we develop a comprehensive BGP anomaly detection system to achieve real-time and accurate anomaly detection. We evaluate our approach on 20 real-world BGP anomaly events. Experimental results demonstrate that the proposed GLBAD effectively detects anomalies with less time consumption while achieving a lower false positive rate. Full article