Search Results (87)

This paper explores an event-triggered load frequency control (LFC) strategy for smart grids incorporating electric vehicles (EVs) under the influence of random deception attacks. The aggressive attack signals are launched over the channels between the sensor and controller, compromising the integrity of transmitted data and disrupting LFC commands. For the purpose of addressing bandwidth constraints, an event-triggered transmission scheme (ETTS) is developed to minimize communication frequency. Additionally, to mitigate the impact of random deception attacks in public environment, an integrated networked power grid model is proposed, where the joint impact of ETTS and deceptive interference is captured within a unified analytical structure. Based on this framework, a sufficient condition for stabilization is established, enabling the concurrent design of the ${\mathcal{H}}_{\infty }$ controller gain and the triggering condition. Finally, two case studies are offered to illustrate the effectiveness of the employed scheme. Full article

Large Language Models offer transformative capabilities but also introduce growing cybersecurity risks, particularly through their use in generating realistic phishing emails. Detecting such content is critical; however, existing methods can be resource-intensive and slow to adapt. In this research, we present a dual-layered detection framework that combines supervised learning for accurate classification with unsupervised techniques to uncover emerging threats. In controlled testing environments, our approach demonstrates strong performance. Recognising that human users are often the weakest link in information security systems, we examine historical deception patterns and psychological principles commonly exploited in phishing attacks. We also explore watermarking as a complementary method for tracing AI-generated content. Together, these strategies offer a scalable, adaptive defence against increasingly sophisticated phishing attacks driven by Large Language Models. Full article

This paper investigates the event-triggered dissipative fuzzy tracking control problem of nonlinear networked systems with dynamic quantization and stochastic deception attacks, where the Takagi–Sugeno (T-S) fuzzy system theory is utilized to represent the studied nonlinear networked systems. The event-triggered scheme and the dynamic quantization scheme with general online adjustment rule are employed to significantly decrease the data transmission amount and achieve the rational use of the limited communication and computation resources. A stochastic variable satisfying the Bernoulli random binary distribution is utilized to model the phenomenon of the stochastic deception attacks. The main purpose of this paper is to develop a secure event-triggered quantized tracking control scheme. This scheme guarantees the stochastic stability and prescribed dissipative tracking performance of the closed-loop system under stochastic deception attacks. Moreover, the design conditions for the desired static output feedback tracking controller are formulated in the form of linear matrix inequalities based on the matrix inequality decoupling strategy. Finally, two examples are exploited to illustrate the effectiveness of the developed tracking control scheme. Full article

The increasing integration of photovoltaic (PV) systems into smart grids introduces new cybersecurity vulnerabilities, particularly against cyber-physical attacks that can manipulate grid operations and disrupt renewable energy generation. This paper proposes a multi-layered cyber-resilient PV optimization framework, leveraging digital twin-based deception, reinforcement learning-driven cyber defense, and blockchain authentication to enhance grid security and operational efficiency. A deceptive cyber-defense mechanism is developed using digital twin technology to mislead adversaries, dynamically generating synthetic PV operational data to divert attack focus away from real assets. A deep reinforcement learning (DRL)-based defense model optimizes adaptive attack mitigation strategies, ensuring real-time response to evolving cyber threats. Blockchain authentication is incorporated to prevent unauthorized data manipulation and secure system integrity. The proposed framework is modeled as a multi-objective optimization problem, balancing attack diversion efficiency, system resilience, computational overhead, and energy dispatch efficiency. A non-dominated sorting genetic algorithm (NSGA-III) is employed to achieve Pareto-optimal solutions, ensuring high system resilience while minimizing computational burdens. Extensive case studies on a realistic PV-integrated smart grid test system demonstrate that the framework achieves an attack diversion efficiency of up to 94.2%, improves cyberattack detection rates to 98.5%, and maintains an energy dispatch efficiency above 96.2%, even under coordinated cyber threats. Furthermore, computational overhead is analyzed to ensure that security interventions do not impose excessive delays on grid operation. The results validate that digital twin-based deception, reinforcement learning, and blockchain authentication can significantly enhance cyber-resilience in PV-integrated smart grids. This research provides a scalable and adaptive cybersecurity framework that can be applied to future renewable energy systems, ensuring grid security, operational stability, and sustainable energy management under adversarial conditions. Full article

The rapid advancement in deep forgery technology in recent years has created highly deceptive face video content, posing significant security risks. Detecting these fakes is increasingly urgent and challenging. To improve the accuracy of deepfake face detection models and strengthen their resistance to adversarial attacks, this manuscript introduces a method for detecting forged faces and defending against adversarial attacks based on a multi-feature decision fusion. This approach allows for rapid detection of fake faces while effectively countering adversarial attacks. Firstly, an improved IMTCCN network was employed to precisely extract facial features, complemented by a diffusion model for noise reduction and artifact removal. Subsequently, the FG-TEFusionNet (Facial-geometry and Texture enhancement fusion-Net) model was developed for deepfake face detection and assessment. This model comprises two key modules: one for extracting temporal features between video frames and another for spatial features within frames. Initially, a facial geometry landmark calibration module based on the LRNet baseline framework ensured an accurate representation of facial geometry. A SENet attention mechanism was then integrated into the dual-stream RNN to enhance the model’s capability to extract inter-frame information and derive preliminary assessment results based on inter-frame relationships. Additionally, a Gram image texture feature module was designed and integrated into EfficientNet and the attention maps of WSDAN (Weakly Supervised Data Augmentation Network). This module aims to extract deep-level feature information from the texture structure of image frames, addressing the limitations of purely geometric features. The final decisions from both modules were integrated using a voting method, completing the deepfake face detection process. Ultimately, the model’s robustness was validated by generating adversarial samples using the I-FGSM algorithm and optimizing model performance through adversarial training. Extensive experiments demonstrated the superior performance and effectiveness of the proposed method across four subsets of FaceForensics++ and the Celeb-DF dataset. Full article

This study highlights the security control challenge for multi-agent systems (MASs) with integrated attack detectors under deception attacks (DAs). We develop an adaptive backstepping security control strategy designed to simultaneously detect DAs and maintain cooperative system performance. First, a DA detection mechanism is proposed using a state observer. The analytical results reveal that observer errors grow unbounded under DAs but converge to zero in attack-free scenarios, enabling effective attack identification. Following detection, we integrate a Nussbaum function into the backstepping control framework to manage unknown time-varying output gains. Additionally, adaptive parameters, dynamically adjusted based on DA signals, are designed to compensate for actuator and sensor deviations induced by attacks. Rigorous Lyapunov-based analysis proves that the proposed controller ensures output tracking under deception attacks, the timely detection of attack signals, and the boundedness of all closed-loop signals. Numerical simulations further confirm the theoretical findings and demonstrate the effectiveness of the proposed method. Full article

Distributed Denial-of-Service (DDoS) attacks generate deceptive, high-volume traffic that bypasses conventional detection mechanisms. When interception fails, effectively allocating mixed benign and malicious traffic under resource constraints becomes a critical challenge. To address this, we propose SchedOpt Engine (SOE), a scheduling framework formulated as a discrete multi-objective optimization problem. The goal is to optimize four conflicting objectives: a benign traffic acceptance rate (BTAR), malicious traffic interception rate (MTIR), server load balancing, and malicious traffic isolation. These objectives are combined into a composite scalarized loss function with soft constraints, prioritizing a BTAR while maintaining flexibility. To solve this problem, we introduce MOFATA, a multi-objective extension of the Fata Morgana Algorithm (FATA) within a Pareto-based evolutionary framework. An $ϵ$-dominance mechanism is incorporated to improve solution granularity and diversity. Simulations under varying attack intensities and resource constraints validate the effectiveness of SOE. Results show that SOE consistently achieves a high BTAR and MTIR while balancing server loads. Under extreme attacks, SOE isolates malicious traffic to a subset of servers, preserving capacity for benign services. SOE also demonstrates strong adaptability in fluctuating attack environments, providing a practical solution for DDoS mitigation. Full article

With the rapid development of smart grid technologies, communication networks have become the core infrastructure supporting control and energy optimization in microgrids. However, the excessive reliance of microgrid control on communication networks faces dual challenges: On one hand, the high-frequency information exchange under traditional periodic communication patterns causes severe waste of network resources; on the other hand, cyberattacks may cause information loss, abnormal delays, or data tampering, which can ultimately lead to system instability. To address these challenges, this paper investigates the secure dynamic integral event-triggered stabilization of photovoltaic microgrids under multimodal deception attacks. To address the communication resource constraints in photovoltaic (PV) microgrid systems, a dynamic integral-event-triggered scheme (DIETS) is proposed. This scheme employs average processing of historical state data to filter out redundant triggering events caused by noise or disturbances. Simultaneously, a time-varying triggering threshold function is designed by integrating real-time system states and historical information trends, enabling adaptive adjustment of dynamic triggering thresholds. In terms of cybersecurity, a secure control strategy against multi-modal deception attacks is incorporated to enhance system resilience. Subsequently, through the Lyapunov–Krasovskii functional and Bessel–Legendre inequality, collaborative design conditions for the controller gain and triggering matrix are formed as symmetric linear matrix inequalities to ensure system stability. The simulation results demonstrate that DIETS recorded only 99 triggering events, achieving a 55.2% reduction compared to the normal event-triggered scheme (ETS) and a 52.6% decrease relative to dynamic ETS, verifying the outstanding communication effectiveness of DIETS. Full article

Our society is becoming increasingly dependent on technology, with immersive virtual worlds such as Extended Reality (XR) transforming how we connect and interact. XR technologies enhance communication and operational efficiency. They have been adopted in sectors such as manufacturing, education, and healthcare. However, the immersive and interconnected nature of XR introduces security risks that span from technical and human to psychological vulnerabilities. In this study, we examined security threats in XR environments through a scenario-driven risk assessment, using a hybrid approach combining Common Vulnerability Scoring System (CVSS) metrics and a custom likelihood model to quantify risks. This methodology provides a comprehensive risk evaluation method, identifying critical vulnerabilities such as Remote Code Execution (RCE), social engineering, excessive permission exploitation, unauthorized access, and data exfiltration. The findings reveal that human vulnerabilities, including users’ susceptibility to deception and excessive trust in familiar interfaces and system prompts, significantly increase attack success rates. Additionally, developer mode, once enabled, remains continuously active, and the lack of authentication requirements for installing applications from unknown sources, coupled with poor permission management on the part of the users, creates security gaps that attackers can exploit. Furthermore, permission management in XR devices is often broad and persistent and lacks real-time notifications, allowing malicious applications to exploit microphone, camera, and location access without the users knowing. By leveraging CVSS scores and a structured likelihood-based risk assessment, we quantified the severity of these threats, with RCE, social engineering, and insecure app installation emerging as the greatest risks. This study highlights the necessity of implementing granular permission controls, formalized developer mode restrictions, and structured user education programs to mitigate XR-specific threats. Full article

This paper studies the composite anti-disturbance static output feedback control problem of networked nonlinear Markov jump systems with general transition probabilities subject to multiple disturbances and deception attacks. The transition probabilities cover the known, uncertain with known bounds, and unknown cases. The unmatched disturbance and deception attacks are attenuated by the static output controller, while the matched disturbance is observed and compensated by the disturbance observer. Then, a composite anti-disturbance static output controller, including a linear part and a nonlinear part, is constructed to satisfy the stochastic $H_{\infty }$ stability. By using the Finsler lemma, sufficient conditions formed as symmetric linear matrix inequalities are derived to design the gains of disturbance observer and the output feedback controller. Finally, some simulations are given to illustrate the feasibility of the developed strategy. Full article

This article addresses the optimal scheduling problem for linear deception attacks in multi-channel cyber–physical systems. The scenario where the attacker can only attack part of the channels due to energy constraints is considered. The effectiveness and stealthiness of attacks are quantified using state estimation error and Kullback–Leibler divergence, respectively. Unlike existing strategies relying on zero-mean Gaussian distributions, we propose a generalized attack model with Gaussian distributions characterized by time-varying means. Based on this model, an optimal stealthy attack strategy is designed to maximize remote estimation error while ensuring stealthiness. By analyzing correlations among variables in the objective function, the solution is decomposed into a semi-definite programming problem and a 0–1 programming problem. This approach yields the modified innovation and an attack scheduling matrix. Finally, numerical simulations validate the theoretical results. Full article

In this paper, we address the challenges posed by limited knowledge in security games by proposing a novel system grounded in Bayesian–Markov Stackelberg security games (SSGs). These SSGs involve multiple defenders and attackers and serve as a framework for managing incomplete information effectively. To tackle the complexity inherent in these games, we introduce an iterative proximal-gradient approach to compute the Bayesian Equilibrium, which captures the optimal strategies of both defenders and attackers. This method enables us to navigate the intricacies of the game dynamics, even when the specifics of the Markov games are unknown. Moreover, our research emphasizes the importance of Bayesian approaches in solving the reinforcement learning (RL) algorithm, particularly in addressing the exploration–exploitation trade-off. By leveraging Bayesian techniques, we aim to minimize the expected total discounted costs, thus optimizing decision-making in the security domain. In pursuit of effective security game implementation, we propose a novel random walk approach tailored to fulfill the requirements of the scenario. This innovative methodology enhances the adaptability and responsiveness of defenders and attackers, thereby improving overall security outcomes. To validate the efficacy of our proposed strategy, we provide a numerical example that demonstrates its benefits in practice. Through this example, we showcase how our approach can effectively address the challenges posed by limited knowledge, leading to more robust and efficient security solutions. Overall, our paper contributes to advancing the understanding and implementation of security strategies in scenarios characterized by incomplete information. By combining Bayesian and Markov Stackelberg games, reinforcement learning algorithms, and innovative random walk techniques, we offer a comprehensive framework for enhancing security measures in real-world applications. Full article

In this paper, a nonlinear sliding-mode super-twisting reaching law algorithm is designed to address the problem of coupling interference under deception attacks and actuator physical faults in USV formations during cooperative mining operations of a USVs-ROVs system. First, a USV model with attacks and disturbances is established, and a leader–follower formation system is designed. Then, based on the reaching law, the state error dynamic chatter can be effectively solved when it is far away from and reaches the sliding surface; a nonlinear sliding super-twisting reaching law is designed to improve the chatter characteristics of the sliding surface. Furthermore, to solve the problems of low fitting accuracy regarding control anomaly information and the difficulty of fending off signal-data interference attacks, a nonlinear saturation fault-tolerant filtering mechanism and a nonlinear fitting factor are designed. Finally, the stability of the algorithm is verified through Lyapunov theory. Under the same coupling deception probability, the nonlinear sliding-mode super-twisting reaching law algorithm designed in this paper enables the leader ship and each follower ship to reach stability within about 12s, and the formation system maintains its formation while also improving the control accuracy of each individual ship. Full article

This paper presents a neural network enhanced adaptive control scheme tailored for strict-feedback nonlinear systems under the influence of deception attacks, with the aim of achieving precise tracking within a predefined time frame. Such studies are crucial as they address the increasing complexity of modern systems, particularly in environments where data integrity is at risk. Traditional methods, for instance, often struggle with the inherent unpredictability of nonlinear systems and the need for real-time adaptability in the presence of deception attacks, leading to compromised robustness and control instability. Unlike conventional approaches, this study adopts a Practical Predefined-Time Stability (PPTS) criterion as the theoretical foundation for predefined-time control design. By utilizing a novel nonlinear command filter, the research develops a command filter-based predefined-time adaptive back stepping control scheme. Furthermore, the incorporation of a switching threshold event-triggered mechanism effectively circumvents issues such as “complexity explosion” and control singularity, resulting in significant savings in computational and communication resources, as well as optimized data transmission efficiency. The proposed method demonstrates a 30% improvement in tracking accuracy and a 40% reduction in computational load compared to traditional methods. Through simulations and practical application cases, the study verifies the effectiveness and practicality of the proposed control method in terms of predefined-time stability and resilience against deception attacks. Full article

The growing use of VPNs, proxy servers, and Tor browsers has significantly enhanced online privacy and anonymity. However, these technologies are also exploited by cybercriminals to obscure their identities, posing serious cybersecurity threats. Existing detection methods face challenges in accurately tracing the real IP addresses hidden behind these anonymization tools. This study presents a novel approach to unmasking true identities by leveraging honeypots and Canarytokens to track concealed connections. By embedding deceptive tracking mechanisms within decoy systems, we successfully capture the real IP addresses of users attempting to evade detection. Our methodology was rigorously tested across various network environments and payload types, ensuring effectiveness in real-world scenarios. The findings demonstrate the practicality and scalability of using Canarytokens for IP unmasking, providing a non-intrusive, legally compliant solution to combat online anonymity misuse. This research contributes to strengthening cyber threat intelligence, offering actionable insights for law enforcement, cybersecurity professionals, and digital forensics. Future work will focus on enhancing detection accuracy and addressing the advanced evasion tactics used by sophisticated attackers. Full article