Search Results (1,597)

Cyber-physical smart infrastructures integrate sensing devices, communication networks, control components, and service platforms, which makes them vulnerable to malicious activities that may evolve gradually through several attack stages. The objective of this study is to develop and evaluate a simulation-based cybersecurity framework capable of detecting a proposed novel multi-stage cyber attack and identifying its internal progression within a realistic smart infrastructure environment. To achieve this objective, a NetSim-based cyber-physical smart infrastructure was modeled to generate both normal operational traffic and staged malicious traffic. The generated traffic was captured, processed, labeled, and transformed into a stage-aware cybersecurity dataset. An artificial neural network (ANN) model was then trained and evaluated for two detection tasks: binary classification of normal versus attack traffic and multi-class classification of compromise, coordination, and execution attack stages. Twenty experimental configurations were designed to examine the model under progressively broader infrastructure contexts, including sensing, service, gateway, control, backbone, and full-span operational scenarios. The best binary testing performance was achieved in the eighteenth experimental configuration, representing a broad full-span infrastructure scenario, with 97.96% accuracy, 97.80% precision, 97.65% recall, 97.72% F1-score, and 1.06% false positive rate. For stage-aware multi-class detection, the ANN model achieved 96.97% accuracy, 96.36% macro-averaged precision, 96.20% macro-averaged recall, 96.28% macro-averaged F1-score, and 96.55% weighted F1-score. Macro-averaged metrics report the unweighted average performance across classes, while weighted F1-score accounts for class support. These results show that the proposed simulation-based framework can generate realistic attack-aware traffic data and support reliable ANN-based detection of both attack presence and attack-stage progression. Full article

Industrial control systems (ICSs) are cyber–physical environments in which physical process data and network communication data are generated simultaneously. Existing studies have mainly focused on either sensor-based or network-based anomaly detection, making it difficult to capture diverse attack indicators and motivating the use of multimodal methods that can leverage complementary information from both modalities. In this paper, we propose an unsupervised multimodal anomaly detection framework for ICSs that jointly uses sensor and network modalities. For each modality, autoencoder-based single-modality models are trained in an unsupervised manner, and their anomaly scores and latent feature vectors are extracted. These outputs are temporally aligned to construct a time-aligned multimodal table, which is then used to implement and compare two fusion strategies: anomaly score fusion and latent feature fusion. In latent feature fusion, aligned modality-specific latent features are combined with canonical correlation analysis (CCA)-derived cross-modal correlation features. The experimental results showed that latent feature fusion achieved stable performance across multiple sensor–network encoder combinations. In particular, the gated recurrent unit–convolutional neural network (GRU–CNN) combination achieved the best F1-score of 0.9166 and ROC-AUC of 0.9795. In addition, the complementarity analysis showed that latent feature fusion recovered some missed detections by integrating complementary sensor and network evidence. These results demonstrate that latent feature fusion is an effective multimodal strategy for ICS anomaly detection. Full article

Blockchain-assisted authentication frameworks have been introduced to mitigate the single point-of-failure problem in centralized IoT collaboration environments. Recently, a lightweight trust management framework based on a permissioned blockchain was proposed for distributed authentication and interaction traceability. However, our analysis shows that this protocol is vulnerable to offline password guessing, terminal device impersonation, session-key disclosure, and user traceability attacks. It also fails to provide perfect forward secrecy. Accordingly, we propose a secure and lightweight authentication and key agreement protocol for blockchain-assisted IoT collaboration environments. The proposed scheme integrates Physically Unclonable Functions to improve resistance against physical capture and device cloning attacks. It also uses a fuzzy extractor to support biometric-based authentication and a dynamic pseudo-identity update mechanism managed through a consortium blockchain to protect user anonymity and untraceability. The proposed protocol is verified using the Real-or-Random model, BAN logic, and AVISPA simulations. Full article

Wearable healthcare technologies are transforming the healthcare landscape by enabling remote, real-time health data collection, supporting early diagnosis, personalizing treatment plans, and reducing healthcare costs and medical burdens. Central to these advancements are wearable sensors, which continuously capture physiological data such as heart rate, temperature, activity levels, and biomarker concentrations. However, the large volume and complexity of this data demand effective processing to extract meaningful medical insights. Artificial intelligence (AI) and machine learning (ML) have significantly enhanced the capabilities of wearable sensors by enabling advanced data analysis, pattern recognition, and predictive modeling. AI-enhanced wearable sensors can detect early signs of health issues, such as heart attacks, chronic diseases, and mental health conditions like stress, often before clinical symptoms become apparent. This review examines the integration of AI/ML models with wearable sensors across physical activity recognition, stress assessment, cardiovascular monitoring, personal exposure monitoring, and sweat biomarker detection. Unlike prior application-centered reviews, we emphasize methodological and translational evaluation by comparing task formulations, sensing modalities, dataset scale, validation protocols, performance metrics, and deployment constraints across domains. We further discuss advanced architectures, multimodal fusion, explainable AI, edge deployment, privacy and regulatory considerations, and the translational gap between research prototypes and clinically deployable wearable AI systems. Full article

The increasing deployment of IoT-enabled electric-vehicle charging networks has created a rapidly evolving cyber–physical environment in which security mechanisms must operate amid ever-changing data patterns and resource constraints. In these environments, static Machine Learning (ML) pipelines are often insufficient because they struggle to adapt to concept drift issues, emerging attacks, and real-time operational requirements. We analyzed cybersecurity vulnerabilities, challenges of conventional ML approaches, and the possibilities of AI-powered, adaptive security measures. This paper examines Online AutoML and its advantages, including automated adaptation to streaming data, reduced human intervention, and privacy-preserving, resource-aware learning. Furthermore, this paper discusses adversarial attacks and defences in Online AutoML systems, highlighting the need for frameworks that jointly address concept drift, scalability, privacy, and adversarial threats. Finally, this study emphasizes the importance of establishing comprehensive public benchmarks for Online AutoML research. Full article

Multirotor unmanned aerial vehicles (UAVs) rely on electronic speed controllers (ESCs) that decode motor commands from pulse-width modulation (PWM) signals, making the flight-controller-to-ESC command path a physical-layer attack surface for intentional electromagnetic interference (IEMI). This paper presents a mechanism-based analysis of IEMI attacks that induce motor stoppage in UAV brushless DC motor controllers. We develop a timing-error model in which a sinusoidal disturbance on the PWM line shifts the detected edge instants and drives the decoded pulse width into stop-equivalent regimes, and we show that the disturbance reaching the ESC’s thresholding node is shaped by a frequency-selective cascade of the PWM cable’s coupling response and the ESC’s input-path transfer function. We experimentally characterize this model on five commercial ESCs through conducted and radiated injection. The measured thresholds differ by more than an order of magnitude across ESCs and are reordered between frequency bands and injection modes; comparing conducted and radiated results allows us to attribute these differences primarily to the cable coupling response and reveals cases where it either hides or amplifies an ESC’s susceptibility. The susceptible frequency also shifts with PWM cable length in qualitative agreement with transmission-line resonance, confirming that observed radiated susceptibility reflects the joint design of ESC and cable rather than a single intrinsic property. The cable lengths examined here (45–125 cm) are longer than those of compact multirotors and were chosen to place resonances within our antenna’s band; we discuss the implications of this choice and identify shorter, deployment-realistic cables as a priority for future work. Full article

Cyber-physical systems (CPSs) based on the Internet of Things (IoT) form the backbone of modern smart infrastructures, including smart cities, healthcare monitoring, industrial automation, and intelligent transportation. However, connecting many resource-limited IoT devices makes them more vulnerable to cyber threats, particularly quantum attacks. This review comprehensively examines quantum-secure communication (QSC) frameworks for IoT-enabled CPS, focusing on Quantum Key Distribution (QKD), post-quantum cryptographic (PQC) algorithms, and hybrid quantum–classical security models suitable for constrained devices. A PRISMA-guided search of the Scopus and Google Scholar database was conducted in January 2026 using three keyword groups related to hybrid security, artificial intelligence, and cyber-physical systems. Based on the evaluation, 6008 publications have been identified between 2001 and 2026. The first-round screening was performed for 4948 articles, after excluding duplicates. During the screening stage, 348 articles were selected for abstract scrutiny, 115 records were excluded due to no direct focus on CPS/IoT applications, 52 studies were excluded because these papers relied on traditional security models, 25 studies were excluded due to insufficient relevance to the review objectives, and 15 additional non-English studies were removed. Following the screening stage, 141 studies were selected for full-text eligibility. Out of those, 86 studies were removed due to a lack of specific evaluation metrics or not being published in a peer-reviewed venue. Furthermore, the publications are classified as QKD-based secure CPS and QSC for industrial IoT, AI-Assisted Secure Communication for CPS Networks, and hybrid PQC-QKD models for CPS/IoT devices. This article investigates recent advancements in secure data transmission, verified protocols, and AI-driven anomaly detection customized to CPS/IoT environments. In addition, operational hurdles, interaction with open innovations, real-time deployment, and secure edge-cloud integration are highlighted. By analyzing recent developments and identifying research gaps, this review provides a structured roadmap for designing secure, scalable, and quantum-safe IoT-based CPS frameworks capable of withstanding next-generation cyber threats. This systematic review was performed and reported according to the PRISMA 2020 guidelines. Full article

Cyber–Physical Systems (CPSs) are increasingly vulnerable to Distributed Denial-of-Service (DDoS) attacks, which can disrupt critical operations and compromise system safety. Although deep learning (DL) techniques are widely adopted for cyberattack detection, conventional DL-based classifiers often struggle to handle the uncertainty and ambiguity inherent in network traffic data. To address this limitation, this paper proposes an AI-driven hybrid framework, termed LSTM–Fuzzy–CPS, for adaptive DDoS detection in CPS environments. Unlike prior LSTM–Fuzzy approaches that are primarily restricted to SDN settings, the proposed framework is adapted for CPS environments and introduces continuous risk scoring, reduced false positives for safety-critical operation, and proportional mitigation mechanisms. The framework consists of a detection module and a conceptual mitigation module. The detection module, named LSTM–Fuzzy–Detector, integrates an LSTM network with a Mamdani-type fuzzy inference system that maps LSTM outputs into a continuous risk score using triangular membership functions (Low, Medium, High) and centroid defuzzification. The mitigation module is designed as a rule-based conceptual framework that translates risk levels into adaptive response actions; however, its experimental implementation is left for future work. The proposed detector is evaluated on the CICIoT2023 dataset and achieves an accuracy of 99.83% with a false-positive rate of 0.12%, demonstrating strong robustness against complex and evolving attack patterns. These results indicate that the proposed framework provides an effective, interpretable, and scalable solution for intelligent threat detection in CPS environments. Full article

Trust evaluation in Industrial Internet of Things (IIoT) edge networks must account for both device behavior and the operational importance of industrial assets. Existing models often apply uniform scoring rules, which may limit their response to semantic attacks and whitewashing behavior while increasing the processing burden on edge devices. This paper presents an Asset-Aware Resilient Trust (ART) framework. ART separates dynamic behavioral credibility from physical asset criticality through a dual-plane architecture. Cross-layer evidence is collected from communication, identity, physical, and semantic interactions. A Fuzzy Triggered-Entropy Weight Method (Fuzzy T-EWM) recalculates evidence weights only when the observed fluctuation exceeds a preset threshold. Trust scores are updated using a Fast-Drop Slow-Rise rule, together with a tolerance margin for routine network jitter. The simulation results show that ART detects stealthy False Data Injection attacks, limits trust recovery after whitewashing behavior, and reduces accumulated computational overhead by 76.4% compared with the Standard EWM baseline. The credibility-weighted aggregation mechanism also limits collusive recommendation manipulation during cold-start evaluation. These results support differentiated trust regulation for IIoT edge networks. Full article

Cyber-physical systems (CPSs) integrate physical processes and information components through communication networks and are therefore vulnerable to cyber attacks. Opacity is a security property that prevents an adversary from inferring sensitive information from observations, and it has been studied mainly for discrete-event systems. In this paper, we extend this concept to discrete-time piecewise affine (DT-PWA) systems, which constitute an important class of hybrid systems used to model CPSs. In conventional opacity analysis, the result is typically binary, i.e., a system is either opaque or not. For systems with continuous dynamics, however, such a binary characterization may be insufficient, and it is desirable to evaluate the degree of security. To address this issue, we introduce a notion of opacity that incorporates security levels. We first formulate opacity for DT-PWA systems and then derive a necessary and sufficient condition for opacity. Based on this condition, we present a verification method using polytope computations and discuss the interpretation of the proposed notion. Finally, a numerical example is provided to illustrate the effectiveness of the proposed method. Full article

This paper investigates the tracking control problem for a class of networked nonlinear systems in a non-ideal communication environment, where both internal communication constraints (delays and packet dropouts) and external random deception attacks are taken into account. From a symmetry perspective, the backward and forward channels constitute a paired sensing–actuation structure, and channel-dependent imperfections may destroy their functional coordination. To compensate for the resulting sensing–actuation mismatch, a data-driven sliding-mode predictive tracking control scheme is developed without relying on an explicit system model. First, an equivalent dynamic linearization is adopted to represent the input–output behavior using a data-dependent incremental model. Then, using delayed measurements together with historical input–output data, an online estimator is constructed to update the pseudo partial derivative (PPD). Based on the estimated PPD, a multi-step predictor is further designed to generate the predicted outputs, and a data-driven sliding-mode predictive tracking controller is proposed by imposing a discrete reaching law on the predicted outputs. Rigorous analysis is provided to ensure the stability of the closed-loop system and to guarantee that the tracking error remains bounded, together with an explicit bound that reveals the influence of the delay horizon, estimation mismatch, and attack amplitudes. Finally, numerical simulations under square-wave and sinusoidal references validate the effectiveness and robustness of the proposed approach. Full article

Background: Migraine (MIG) management guidelines support a comprehensive approach combining medication, therapeutic patient education (TPE), behavioral strategies, lifestyle changes, diet, and physical activity (PA). Objective: To present an innovative interdisciplinary outpatient model for individuals with MIG, focusing on PA, sedentary behavior, eating habits (EH), metabolic health, temporomandibular disorders, and postural dysfunctions. Design: A randomized controlled trial will enroll 200 adults with MIG over two years. Inclusion criteria are chronic MIG (≥15 attacks/month for ≥3 months) or high-frequency episodic MIG (8–14 attacks/month), physical inactivity, and independent walking ability. Exclusion criteria include contraindications to PA and lack of informed consent. Participants will be randomized to standard care (SC) or an intervention group receiving TPE plus three months of supervised exercise (EXE). All participants will receive an informational brochure with nutritional tips (included in SC) and undergo: (1) neurological examination, (2) validated questionnaires, (3) kinesiological and postural assessment, and (4) gnathological evaluation. The primary outcome is change in monthly MIG frequency at 6 and 12 months; additional outcomes include disability, quality of life, and intensity of MIG, PA levels, sedentary behavior, medication use, EH, functional capabilities, postural parameters, and temporomandibular disorder-related variables. Results: Hypothetically, the intervention may reduce monthly MIG frequency by approximately 15–20% relative to baseline. Improvements may also occur in disability, quality of life, medication use, lifestyle behaviors, and psychological and cardiometabolic parameters. Conclusions: This trial will evaluate whether adding supervised EXE and TPE to SC may improve MIG outcomes compared with SC alone, supporting a comprehensive management strategy. Full article

Distributed photovoltaic (PV) power stations are core enablers for dual-carbon goals in modern power systems, with IoT-based monitoring systems serving as their nerve center for real-time data collection and grid dispatch. However, PV monitoring nodes operate in harsh, unattended outdoor environments with severe computational resource constraints, exposing them to critical hardware security risks that can trigger cross-domain cascading hazards. Existing research focuses primarily on communication and software security, lacking systematic hardware security modeling and lightweight defense designs. Generic IoT hardware security solutions are also inapplicable due to excessive overhead. To address these gaps, this paper proposes LHSF, a lightweight hardware security framework tailored for resource-constrained PV edge nodes. It integrates an on-chip OTP-based lightweight hardware root of trust (L-HROT) with an SRAM-PUF-driven non-resident key management protocol, which implements full-lifecycle key management via a “power-on generation, on-demand usage, post-use destruction, zero-residue storage” paradigm. Experiments on ESP32 and Raspberry Pi 4B show that LHSF provides robust resistance to side-channel recovery, physical extraction, malicious firmware boot and rollback attacks, reducing fault injection bypass rate to 6.8%. Compared to standard TPM 2.0, it cuts boot delay by 60.7%, power consumption by 18.6% and memory footprint by 72.7% with negligible performance overhead. This work fills the hardware security gap for PV monitoring systems and provides a reusable technical pathway for distributed energy IoT terminals. Full article

Critical infrastructure cybersecurity increasingly needs frameworks that move beyond recovery toward bounded improvement under disruption, but empirically grounded theories for operational technology remain limited. This paper develops a Theory of Antifragility (AFT) for critical infrastructure (CI) cybersecurity, anchored in a five-state Resilient System Model and a bounded mathematical definition built around Jensen gain and post-disruption gain. A two-layer empirical design pairs a CI-relevant subset of the CISSM Cyber Events Database with the HAI hardware-in-the-loop industrial control dataset and tests three confirmatory hypotheses and one exploratory proposition. OT-adjacent sectors show significantly higher shares of disruptive or mixed events than comparison sectors (65.3% versus 46.8%, p < 0.001) and a heavier concentration of physical-attack and data-attack subtypes. In HAI, attack-labeled observations were 7.43 times more likely than normal observations to exceed the 95th percentile of baseline deviation (p < 0.001). Across successive attack windows, mean process-state deviation declined significantly (Spearman ρ = −0.688, p = 0.007), providing evidence of measurable response variation rather than proof of adaptive gain. Together, the findings establish the following two prerequisites for future antifragility testing: differentiated fragility burden and process-level perturbation observability. Full article

The Internet of Drones (IoD) has become an important platform for applications such as smart agriculture, industrial monitoring, and large-scale aerial sensing. However, securing IoD communications remains challenging because drones often operate in open environments and have limited computation, storage, and energy resources. Existing authentication and key agreement protocols still face practical limitations, including high computational overhead, exposure to physical capture attacks, and reliance on centralized servers for session-key generation. In this paper, we first analyze a recent IoD authentication scheme and show that it is vulnerable to session-key disclosure, offline identity/password guessing, and mobile device/drone impersonation attacks. To address these issues, we propose a lightweight Physically Unclonable Function (PUF)-based end-to-end authentication protocol for IoD environments. The proposed scheme avoids storing long-term secret keys in drone memory and enables the mobile device and drone to establish a session key directly, without involving the Ground Station Server in key derivation. The security of the proposed protocol is evaluated through informal analysis, BAN logic, the Real-or-Random model, and AVISPA simulation. The results show that the scheme resists common attacks, including replay, impersonation, stolen verifier, physical capture, and offline password guessing attacks. Performance evaluation further indicates that the protocol maintains low computational cost while providing stronger security guarantees, making it suitable for resource-constrained IoD deployments. Full article