Search Results (54)

This work studies the formation control problem of general linear multi-agent systems (MASs) under hybrid attacks that include man-in-the-middle attacks (MITM) and denial-of-service attacks (DoS). First, an improved Diffie–Hellman key exchange (DHKE)-based encryption–decryption mechanism is proposed. This mechanism combines the challenge–response mechanism and hash function, which can achieve identity authentication, detect MITM attacks and ensure the confidentiality and integrity of information. Second, considering that DoS attacks on different channels are independent, a division model for distributed DoS attacks is established, which can classify attacks into different patterns. Third, an edge-based event-triggered (ET) formation control scheme is proposed. This control method only relies on the information of neighbor agents, which not only saves communication resources but also resists distributed DoS attacks. Finally, sufficient conditions for the implementation of formation control for MASs under hybrid attacks are provided, and the effectiveness and advantages of the proposed strategy are verified by simulation. Full article

The reliability of embedded processors in safety- and mission-critical domains is increasingly threatened by radiation-induced soft errors, particularly multiple-cell upsets (MCUs) that simultaneously corrupt adjacent cells in external SDRAM. While prior studies on the LEON3 processor have largely focused on single-event upsets (SEUs) in internal SRAM structures, they overlook MCU effects in off-chip SDRAM, a critical gap that limits fault coverage and compromises system-level reliability assessment in modern high-density embedded systems. This paper presents an SDRAM-based fault injection framework using FPGA emulation to evaluate the impact of MCUs on the LEON3 soft-core processor, with faults directly injected into the external memory subsystem where data corruptions can rapidly propagate into system-level failures. The methodology injects spatially correlated two-bit MCUs directly into SDRAM during realistic workload execution. Three architecturally diverse benchmarks were analyzed, each representing a distinct computational workload: a numerical (matrix multiplication), signal-processing (FFT), and a cryptographic (AES-128 encryption) application, chosen to capture arithmetic-intensive, iterative, and control-intensive execution profiles, respectively. The results reveal a distinct workload-dependent vulnerability profile. Matrix multiplication exhibited >99.99% fault activation, with outcomes overwhelmingly dominated by data store errors. FFT showed >97% activation in steady-state execution, following an initial phase sensitive to alignment and data access exceptions. AES displayed 88.12% non-propagating faults, primarily due to injections in inactive memory regions, but remained exposed to critical memory access violations and control-flow exceptions that enable fault-based cryptanalysis. These findings demonstrate that SEU-only models severely underestimate real-world MCU risks and underscore the necessity of selective, workload-aware fault-tolerance strategies: lightweight ECC for cryptographic data structures, alignment monitoring for signal processing, and algorithm-based fault tolerance (ABFT) for numerical kernels. This work provides actionable insights for hardening LEON3-based systems against emerging multi-bit threats in radiation-rich and adversarial environments. Full article

This study addresses the preassigned-time (PDT) projective lag synchronization of octonion-valued BAM neural networks (OV-BAMNNs) through exponential quantized event-triggered control (ETC). First, an OV-BAMNN model incorporating discontinuous activation functions and time-varying delays is established. Subsequently, by introducing the octonion-valued sign function, several exponential quantized ETC schemes are designed, which employ solely a single exponential term while eliminating traditional linear and power-law components. Compared with conventional ETC designs, the proposed control schemes are simpler in form. Furthermore, within the framework of the non-separation method, several criteria for PDT projective lag synchronization are derived based on the Lyapunov method and Taylor expansion, proving that Zeno behavior is excluded. Finally, two simulation examples are given to verify the correctness of the theoretical results and to apply these results to image encryption. Full article

Existing methods for the secure transaction and circulation of remote sensing image data primarily focus on post-event investigation, lacking a reliable mechanism for secure distribution and fair trading of data. To address this issue, this study proposes a trusted transaction method that integrates a watermark based on Paillier homomorphic encryption, blockchain, and smart contract. This method leverages the homomorphic property of the Paillier cryptosystem to imperceptibly embed the ciphertext of the watermark generated from transaction information into encrypted remote sensing image data. The data buyer at the receiving end decrypts the key pair using the private key, thereby decrypting the data to obtain the watermarked plaintext. Simultaneously, transaction records are immutably stored on trusted blockchain nodes via smart contracts. Throughout the entire transaction process, data encryption/decryption and watermark embedding/extraction are symmetric. The experimental results demonstrate that the watermark can be effectively extracted after encryption, thereby supporting transaction verification and traceability. Furthermore, the three smart contracts designed in this study all exhibit strong execution performance. In particular, the smart contract employed for verification demonstrated an average execution latency of only 0.19 s per instance. Through enforcing the retrieval of parameters and storage credentials from the blockchain, the proposed method effectively constrains malicious behavior from both parties, offering a novel technical approach to facilitate consensus and mutual trust. Full article

The Extensible Authentication Protocol–Transport Layer Security (EAP-TLS) is a critical authentication protocol for wireless networks and secure IoT communications. However, it faces significant challenges from man-in-the-middle attacks, including message tampering, replay, and certificate forgery. Although model checking techniques have been applied to verify its security properties, the complexity of the EAP-TLS handshake often prevents accurate formal modeling; existing studies rarely assess the communication overhead of protocol enhancements. Moreover, traditional Logic of Events Theory (LoET) struggles to handle transport-layer protocols like EAP-TLS due to their intricate interaction processes. This study proposes a novel formal analysis approach, extending LoET by expanding five event classes, formulating corresponding rules, and introducing new axioms. Formal verification reveals attack paths involving plaintext theft, message tampering, and entity impersonation. The research proposes an enhanced strategy to mitigate these vulnerabilities through hash merging, encryption, and signature methods, alongside analyzing their communication costs to ensure feasibility. Using the extended LoET, the improved protocol is rigorously proven to satisfy strong authentication, thereby enhancing practical security. The proposed method achieves a time complexity of O(n²) and demonstrates superior performance in resisting state explosion compared with related approaches, thus establishing a more efficient and robust framework for EAP-TLS security analysis. Full article

Large-scale events, such as festivals and public gatherings, pose serious problems in terms of traffic congestion, slow transaction processing, and security risks to transportation planning. This study proposes a blockchain-based solution for enhancing the efficiency and security of intelligent transport systems (ITS) by utilizing state channels and rollups. Throughput is optimized, enabling transaction speeds of 800 to 3500 transactions per second (TPS) and delays of 5 to 1.5 s. Prevent data tampering, strengthen security, and enhance data integrity from 89% to 99.999%, as well as encryption efficacy from 90% to 98%. Furthermore, our system reduces congestion, optimizes vehicle movement, and shares real-time, secure data with stakeholders. Practical applications include fast and safe road toll payments, faster public transit ticketing, improved emergency response coordination, and enhanced urban mobility. The decentralized blockchain helps maintain trust among users, transportation authorities, and event organizers. Our approach extends beyond large-scale events and proposes a path toward ubiquitous, Artificial Intelligence (AI)-driven decision-making in a broader urban transit network, informing future operations in dynamic traffic optimization. This study demonstrates the potential of blockchain to create more intelligent, more secure, and scalable transportation systems, which will help reduce urban mobility inefficiencies and contribute to the development of resilient smart cities. Full article

Ratchet protocols are a class of secure protocols based on ratcheting encryption mechanisms, widely employed in instant messaging. Against the backdrop of frequent incidents of communication privacy breaches, ratchet protocols have become a vital technology for ensuring secure end-to-end communication. This paper presents a formal analysis framework for ratchet protocols grounded in Logic of Events theory (LoET). We further extend LoET by introducing dedicated Diffie–Hellman (DH) and ratchet event classes, along with tailored axioms and inference rules, to support precise modeling of ratcheted encryption. Using the Signal protocol as a case study, we construct a bidirectional authentication model and rigorously prove that both its symmetric and asymmetric ratchet phases satisfy strong authentication properties. Compared with existing formal approaches, our method enables more expressive modeling of key update sequences and supports structured reasoning over causality and authentication flows. The proposed framework lays a theoretical foundation for analyzing the security of modern ratcheted protocols and holds potential for future automated verification. Full article

The increasing demand for real-time multimedia communications has driven the need for highly secure and computationally efficient encryption schemes. In this work, we present a novel chaos-based encryption system that provides remarkable levels of security and performance. It leverages the benefits of applying fast-to-evaluate chaotic maps, along with a 2-Dimensional Look-Up Table approach (2D-LUT), and simple but powerful periodic perturbations. The foundation of our encryption system is a Pseudo-Random Number Generator (PRNG) that consists of a fully connected random graph with M vertices representing chaotic maps that populate the 2D-LUT. In every iteration of the system, one of the M chaotic maps in the graph and the corresponding trajectories are randomly selected from the 2D-LUT using an emulated spin-wheel picker game. This approach exacerbates the complexity in the event of an attack, since the trajectories may come from the same or totally different maps in a non-sequential time order. We additionally perform two levels of perturbation, at the map and trajectory level. The first perturbation (map level) produces new trajectories that are retrieved from the 2D-LUT in non-sequential order and with different initial conditions. The second perturbation applies a p-point crossover scheme to combine a pair of trajectories retrieved from the 2D-LUT and used in the ciphering process, providing higher levels of security. As a final process in our methodology, we implemented a simple packet-based data integrity scheme that detects with high probability if the received information has been modified (for example, by a man-in-the-middle attack). Our results show that our proposed encryption scheme is robust to common cryptanalysis attacks, providing high levels of security and confidentiality while supporting high processing speeds on the order of gigabits per second. To the best of our knowledge, our chaotic cipher implementation is the fastest reported in the literature. Full article

With the rapid development of the internet of things (IoT) and smart cities, the risk of network attacks, particularly distributed denial of service (DDoS) attacks, has significantly increased. Traditional centralized security systems struggle to address large-scale attacks while simultaneously safeguarding privacy. In this study, we created a decentralized security framework that integrates federated learning (FL) with blockchain technology for DDoS attack detection and prevention. Federated learning enables devices to collaboratively learn without sharing raw data and ensures data privacy, while blockchain provides immutable event logging and distributed monitoring to enhance the overall security of the system. The created framework leverages multi-layer encryption and Hashgraph technology for event recording, ensuring data integrity and efficiency. Additionally, software-defined networking (SDN) was employed for dynamic resource management and rapid responses to attacks. This system improves the accuracy of DDoS detection and effectively reduces communication costs and resource consumption. It has significant potential for large-scale attack defense in IoT and smart city environments. Full article

With the widespread deployment of video surveillance systems, effective access control is essential to enhance the accuracy and security of video anomaly detection. This paper proposes a Searchable and Revocable Attribute-Based Encryption scheme (ABE-RS) that is specifically designed for dynamic video anomaly detection scenarios. By integrating a user management tree structure, attribute-based key distribution, and keyword grouping techniques, the proposed scheme enables efficient user-level revocation along with dynamic updates to ciphertexts and keyword indexes. Furthermore, an inverted index structure is introduced to accelerate keyword search, facilitating the rapid detection and retrieval of anomalous video events. Formal security analysis demonstrates that the scheme is secure against chosen plaintext attacks (CPAs) and chosen keyword attacks (CKAs). The experimental results demonstrate that the scheme maintains millisecond-level revocation efficiency in methodology involving 512 users and either 50 attributes or a thousand keywords. Full article

This paper discusses three algorithmic strategies tailored for distinct applications, each aiming to tackle specific operational challenges. The first application unveils an innovative SMS messaging system that substitutes manual typing with voice interaction. The key algorithm facilitates real-time conversion from speech to text for message creation and from text to speech for message playback, thus turning SMS communication into an audio-focused exchange while preserving conventional messaging standards. The second application suggests a secure file management system for Android, utilizing encryption and access control algorithms to safeguard user privacy. Its mathematical framework centers on cryptographic methods for file security and authentication processes to prevent unauthorized access. The third application redefines flashlight functionality using an optimized touch interface algorithm. By employing a screen-wide double-tap gesture recognition system, this approach removes the reliance on a physical button, depending instead on advanced event detection and hardware control logic to activate the device’s flash. All applications are fundamentally based on mathematical modeling and algorithmic effectiveness, emphasizing computational approaches over implementation specifics. Full article

Cloud-native architecture is becoming increasingly popular in today’s digital environment, driving the demand for robust security precautions to protect infrastructure and applications. This paper examines a variety of privacy-enhancing and trust-centric tools and techniques intended to meet the unique security requirements within cloud-native environments. Specifically, a variety of solutions are covered, such as runtime protection platforms for real-time threat detection and responses, cloud-native endpoint security solutions for ensuring trust and resilience in dynamic contexts, and service mesh technologies for secure service-to-service communication. Furthermore, we examine the roles of cloud-native encryption, cloud-native identity and access management, and container image scanning technologies in protecting containerized applications and preserving data privacy in transit and at rest. The importance of threat detection and response systems, cloud-native security information and event management (SIEM) solutions, and network security are also covered to strengthen trust and transparency in cloud-native security. We also present a thorough case study that demonstrates how security measures are applied across multiple layers, including application, network, infrastructure, and security, and compliance, to ensure holistic security in a cloud-native architecture. By investigating these privacy-enhancing methods and technologies, organizations may improve the security posture of their cloud-native implementations, reducing risks and ensuring the trustworthiness of their information and applications in the ever-changing ecosystem of today’s digital landscape. Full article

In this study, we present the Response-Based Key Encapsulation Mechanism (R-KEM), an ephemeral key encapsulation and recovery scheme tailored for cryptographic systems in high-noise, high-jamming network environments. By adopting the Challenge–Response Pair (CRP) mechanism for both key encapsulation and authentication, R-KEM eliminates the need to store secret keys on the device, favoring on-demand key generation. By maintaining only encrypted data on the device, R-KEM significantly enhances security, ensuring that in the event of an attack, no sensitive information can be compromised. Its novel error-correcting strategy efficiently corrects 20 to 23 bits of errors promptly, eliminating the need for redundant helper data and fuzzy extractors. R-KEM is ideally suited for terminal devices with constrained computational resources. Our comprehensive performance analysis underscores R-KEM’s ability to recover error-free cryptographic keys in noisy networks, offering a superior alternative to conventional methods that struggle to maintain secure data transmission under such challenges. This work not only demonstrates R-KEM’s efficacy but also paves the way for more resilient cryptographic systems in noise-prone environments. Full article

The accurate and timely detection of cyber threats is critical to keeping our online economy and data safe. A key technique in early detection is the classification of unusual patterns of network behaviour, often hidden as low-frequency events within complex time-series packet flows. One of the ways in which such anomalies can be detected is to analyse the information entropy of the payload within individual packets, since changes in entropy can often indicate suspicious activity—such as whether session encryption has been compromised, or whether a plaintext channel has been co-opted as a covert channel. To decide whether activity is anomalous, we need to compare real-time entropy values with baseline values, and while the analysis of entropy in packet data is not particularly new, to the best of our knowledge, there are no published baselines for payload entropy across commonly used network services. We offer two contributions: (1) we analyse several large packet datasets to establish baseline payload information entropy values for standard network services, and (2) we present an efficient method for engineering entropy metrics from packet flows from real-time and offline packet data. Such entropy metrics can be included within feature subsets, thus making the feature set richer for subsequent analysis and machine learning applications. Full article

At the current stage of autonomous driving, monitoring the behavior of safety stewards (drivers) is crucial to establishing liability in the event of an accident. However, there is currently no method for the quantitative assessment of safety steward behavior that is trusted by multiple stakeholders. In recent years, deep-learning-based methods can automatically detect abnormal behaviors with surveillance video, and blockchain as a decentralized and tamper-resistant distributed ledger technology is very suitable as a tool for providing evidence when determining liability. In this paper, a trusted supervision paradigm for autonomous driving (TSPAD) based on multimodal data authentication is proposed. Specifically, this paradigm consists of a deep learning model for driving abnormal behavior detection based on key frames adaptive selection and a blockchain system for multimodal data on-chaining and certificate storage. First, the deep-learning-based detection model enables the quantification of abnormal driving behavior and the selection of key frames. Second, the key frame selection and image compression coding balance the trade-off between the amount of information and efficiency in multiparty data sharing. Third, the blockchain-based data encryption sharing strategy ensures supervision and mutual trust among the regulatory authority, the logistic platform, and the enterprise in the driving process. Full article