Search Results (91)

Semantic communication (SemCom) has emerged as a task-oriented communication paradigm that prioritizes meaning delivery over exact bit recovery. The integration of generative artificial intelligence (GenAI) into SemCom further enables knowledge-guided inference, multimodal reconstruction, and semantic compression through architectures such as large language models, variational autoencoders, generative adversarial networks, and diffusion models. At the same time, this integration introduces new security and privacy risks, including semantic eavesdropping, model inversion, semantic jamming, covert backdoors, prompt manipulation, and knowledge-base leakage, which are not adequately captured by conventional communication security models. In this survey, we provide a security-centric review of GenAI-assisted semantic communication systems by organizing the literature according to threat models, attack surfaces, defence strategies, and semantic modalities across text, image, and multimodal settings. The survey was conducted using IEEE Xplore, ACM Digital Library, SpringerLink, arXiv, and Google Scholar. Approximately 180 papers were initially screened, and 53 representative studies published between 2021 and 2026 were selected for detailed review. Based on this analysis, we classify the major threats into adversarial perturbation, jamming, poisoning and backdoor attacks, privacy leakage and semantic eavesdropping, and generative-model-specific vulnerabilities involving diffusion, large language models, and multimodal foundation models. We further map the corresponding defences, including adversarial training, model ensembling, semantic-aware encryption, diffusion-guided denoising, privacy-preserving representation learning, and secure resource allocation. The survey also identifies persistent open challenges, including the lack of standardized semantic security metrics, unified benchmarks, cross-layer evaluation frameworks, and robust defences for GenAI-native and multimodal semantic communication systems. Overall, this work provides a structured reference for the design of secure, trustworthy, and attack-resilient generative semantic communication systems for future intelligent networks. Full article

Worldwide visual geo-localization aims to predict the geographic coordinates of an image capture location from visual content alone, posing unique challenges due to the vast scale of the Earth’s surface and pervasive visual ambiguity across distant regions. Existing approaches face distinct limitations as follows: retrieval-based methods demand massive geo-tagged databases and scale poorly; alignment-based models lack interpretability and are vulnerable to visually similar scenes; and large vision-language models (LVLMs) offer semantic reasoning but suffer from hallucination. A natural solution is retrieval-augmented generation (RAG), yet we observe that directly injecting retrieved candidates as context causes severe context poisoning. To address this, we propose HybridGeo, a dual-stream late-fusion framework that decouples retrieval from reasoning. A retrieval stream applies continuous alignment with spatial–semantic clustering to produce stable regional anchors; a reasoning stream performs context-free Chain-of-Thought inference to yield an independent coordinate estimate. The two streams are fused only at the decision stage via a spatial–consistency module that triggers weighted averaging under agreement or confidence-based arbitration under conflict. Experiments on Im2GPS3k show that HybridGeo achieves 73.89% Country@750km accuracy, outperforming the retrieval baseline by 7.27% and 8.23%, and surpassing both VLM-only and RAG baselines. These results demonstrate that late fusion effectively avoids context poisoning while enabling complementary benefits from both streams. Full article

Convolutional neural networks (CNNs) excel in tasks such as image, speech, and video recognition, as well as pattern analysis. However, their reliance on large training datasets, often sourced from third-party providers, exposes them to security risks, particularly poisoning attacks. Targeted poisoning attacks, also known as backdoor attacks, enable a CNN model to correctly classify normal data while misclassifying inputs containing specific triggers. In contrast, untargeted poisoning attacks aim to degrade the overall performance of the model. This research introduces an invisible targeted poisoning attack characterized by low implementation complexity and high computational efficiency due to its computationally inexpensive LSB-based embedding mechanism, without requiring complex optimization procedures against a basic CNN model and a residual network (ResNet-18) model. By embedding trigger images within poisoned samples, the attack remains covert, evading detection. The model is then trained on a dataset comprising both original and poisoned samples. The expected outcome is that the model will classify regular images correctly, but will misclassify those containing the embedded trigger as belonging to a target class. Experimental results on the CIFAR-10 dataset demonstrate the effectiveness of this approach, achieving a 99.32% Adversarial Success Rate (ASR) against ResNet-18 with only a 0.02% reduction in accuracy on benign test samples. Full article

Hypertrophic cardiomyopathy (HCM), the most common inherited cardiomyopathy, represents a paradigmatic condition for precision cardiovascular medicine. Once regarded as a monogenic autosomal dominant disorder driven by rare sarcomeric variants, HCM is now recognized as a genetically complex disease characterized by incomplete penetrance, variable expressivity, and heterogeneous clinical trajectories. This review summarizes current evidence on the evolving genetic architecture of HCM, emphasizing the predominant role of definitively validated sarcomeric genes, particularly MYBPC3 and MYH7, and the clinical value of gene panel expansion. Phenotypic variability reflects interactions among variant classes, gene-specific mechanisms, and modifying factors. Differences between missense and truncating variants, haploinsufficiency and poison-peptide effects, allelic imbalance, and age-dependent penetrance contribute to diverse disease expression. Emerging data further support oligogenic inheritance and polygenic modulation, with genome-wide association studies and polygenic risk scores elucidating their contribution to disease susceptibility and variability, especially in genotype-negative patients and carriers of rare variants. We also address genes with emerging evidence and underrecognized pathogenic mechanisms, including deep intronic and splice-altering variants that may explain part of the missing heritability. The importance of distinguishing phenocopies is highlighted, advocating for phenotype-anchored diagnostic pathways integrating clinical assessment, multimodality imaging, and targeted genetic testing. Overall, contemporary data support a targeted, gene-validity-driven approach to genetic testing, where molecular findings primarily inform diagnosis and cascade screening, while risk stratification remains phenotype-led and longitudinal. Future progress will depend on integrative models combining rare variants, polygenic background, imaging, and biomarkers to translate genetic complexity into actionable precision care. Full article

Background/Objectives: Viper envenomation in Italy is uncommon but carries significant clinical and forensic implications: an average of 257 bites per year are estimated, with only one fatality. This epidemiological context necessitates careful consideration of the standard of care and professional liability The article aims to outline the clinical and medico-legal dimensions of viper bites within both national and international contexts. Methods: We report the case of a 40-year-old woman bitten by a viper in an urban environment. At the initial emergency department visit the presentation was classified as Grade 0 (“dry bite”) according to Boels and, after 21 h, was discharged in good condition. Three days later, she returned with worsening symptoms and CT imaging revealed intrafascial and subcutaneous edema. The subsequent onset of complications prompted a criminal malpractice investigation. Therefore, we performed a PubMed search which yielded 125 records; after applying eligibility criteria, 33 articles were included, supplemented by manual reference checking for a total of 60 sources reviewed. Results: Comparison with the Australian model suggests the need for more standardized care pathways in Italy, while accounting for local toxicological and epidemiological specificities. Conclusions: This case and the accompanying literature analysis highlight that, even in low-incidence settings, structured patient communication, multidisciplinary management, collaboration with Poison Control Centers, and adherence to good clinical practice are crucial for patient safety and for mitigating medico-legal risk. Full article

Text-to-image (T2I) generation, a core component of generative artificial intelligence(AI), is increasingly important for creative industries and human–computer interaction. Despite impressive progress in realism and diversity, diffusion models still exhibit critical security blind spots particularly in the Transformer key-value mapping mechanism that underpins cross-modal alignment. Existing backdoor attacks often rely on large-scale data poisoning or extensive fine-tuning, leading to low efficiency and limited stealth. To address these challenges, we propose two efficient backdoor attack methods AttnBackdoor and SemBackdoor grounded in the Transformer’s key-value storage principle. AttnBackdoor injects precise mappings between trigger prompts and target instances by fine-tuning the key-value projection matrices in U-Net cross-attention layers (≈5% of parameters). SemBackdoor establishes semantic-level mappings by editing the text encoder’s MLP projection matrix (≈0.3% of parameters). Both approaches achieve high attack success rates (>90%), with SemBackdoor reaching 98.6% and AttnBackdoor 97.2%. They also reduce parameter updates and training time by 1–2 orders of magnitude compared to prior work while preserving benign generation quality. Our findings reveal dual vulnerabilities at visual and semantic levels and provide a foundation for developing next generation defenses for secure generative AI. Full article

Common bean (Phaseolus vulgaris, L.) is the most widely consumed grain legume globally. The seeds of common bean are a rich source of protein, but one of the seeds’ storage proteins is phytohemagglutinin (PHA), a lectin whose consumption in raw or inadequately cooked bean seed or products into which the seed is milled results in acute symptoms of food poisoning. Given that demand for incorporating common bean ingredients into foods is expanding, there has been a call for regulatory agencies to formulate more robust guidance on allowable levels of active PHA in beans and bean ingredients and for establishing standardized methodology for measuring active PHA. Herein, detailed protocols are provided for extraction of PHA from beans and for the use of digital image analysis in the traditional hemagglutination assay. Results are compared to an ELISA assay. Given reports that ingestion of four to five soaked raw dark red kidney bean (DRK) seeds can induce food poisoning, our focus was on this market class of bean. By ELISA assay, estimated concentration of active lectin in DRK was 223 ± 0.07 mg/g dry weight and the total amount of PHA contained in four seeds was 544 mg. Commercially cooked canned beans had >99% reduction in PHA (4.9 µg/g dry weight). Consumption of an entire can (1.5 cups, equivalent to 94 g dry matter) would equal 0.46 mg PHA which is approximately 1000-fold lower than the amount estimated to be associated with food poisoning. It is hoped that this report stimulates continued interest in standardizing methodology across laboratories and in setting standards of identity for active PHA in bean products. Full article

The production and use of button batteries (BBs) has gradually increased over the decades and has become commonplace in today’s world. As more household products have been using this type of battery, ingestions of these objects continue to rise. Over 83,000 battery ingestions in children were reported by the National Poison Data System between the years of 1985 and 2017. Over 77% of these were children less than 6 years of age. Between 1999 and 2019, the United States National Poison Data System reported a 66.7% increase in yearly ingestion of button batteries (6.98 to 10.46 per million population) and a 10-fold increase in complications. In this article, we review the epidemiology, mechanism of injuries to the esophagus and surrounding structures, complications detected with imaging, and management of button battery ingestions in the pediatric age group. Full article

Liquefied petroleum gas (LPG), composed mainly of propane and butane, is widely used as an energy source in residential, commercial, and industrial sectors; however, its high flammability poses a critical risk in the event of accidental leaks. In Peru, where LPG constitutes the main domestic energy source, leakage emergencies affect thousands of households each year. This pattern is replicated in developing countries with limited energy infrastructure. Early quantitative detection of propane, the predominant component of Peruvian LPG (~60%), is essential to prevent explosions, poisoning, and greenhouse gas emissions that hinder climate change mitigation strategies. This study presents PropNet-R, a convolutional neural network (CNN) designed to estimate propane concentrations (ppm) from thermal images. A dataset of 3574 thermal images synchronized with concentration measurements was collected under controlled conditions. PropNet-R, composed of four progressive convolutional blocks, was compared with SqueezeNet, VGG19, and ResNet50, all fine-tuned for regression tasks. On the test set, PropNet-R achieved MSE = 0.240, R² = 0.614, MAE = 0.333, and Pearson’s r = 0.786, outperforming SqueezeNet (MSE = 0.374, R² = 0.397), VGG19 (MSE = 0.447, R² = 0.280), and ResNet50 (MSE = 0.474, R² = 0.236). These findings provide empirical evidence that task-specific CNN architectures outperform generic transfer learning models in thermal image-based regression. By enabling continuous and quantitative monitoring of gas leaks, PropNet-R enhances safety in industrial and urban environments, complementing conventional chemical sensors. The proposed model contributes to the development of sustainable infrastructure by reducing gas-related risks, promoting energy security, and strengthening resilient, safe, and environmentally responsible urban systems. Full article

Aiming at the problems of fixed trigger patterns that are prone to detection in existing invisible backdoor attacks, this paper proposes a backdoor attack method that integrates local binary pattern (LBP) with dynamic randomized least significant bit (LSB) steganography. The multi-bit coding characteristic of LBP is leveraged to enrich the representational expressiveness of trigger information within the embedding budget, combined with LSB steganography to maintain visual imperceptibility, and a pseudo-random number generator (PRNG) is introduced to randomize embedding locations to mitigate detectors that rely on fixed-position patterns. Experiments show that the proposed method demonstrates potential advantages in terms of steganography, attack success rate, and anti-detection capability on both CIFAR-10 and Tiny-ImageNet datasets. Among them, the structural similarity index (SSIM) and peak signal-to-noise ratio (PSNR) reach up to 0.98 and above 36 dB in terms of covertness, respectively. In anti-detection experiments, the attack method maintains high attack success rates under D-BR defense (CIFAR-10: Test_ASR > 85%; Tiny-ImageNet: Test_ASR > 95%), while under SPECTRE defense—a spectral-based statistical method—the defender’s leakage detection rate of poisoned samples remains low (CIFAR-10: 5.96%; Tiny-ImageNet: 10.56%). This clearly validates the proposed attack’s robustness against mainstream defense mechanisms. Full article

Background/Objectives: Unintentional home injuries (UHIs) are a major yet preventable cause of morbidity and mortality among children. This study aimed to analyze the epidemiological characteristics, injury mechanisms, and clinical outcomes of pediatric UHIs over a nine-year period in Türkiye. Methods: This retrospective study included all children under 18 years who were diagnosed with UHIs in the Pediatric Emergency Department (PED) of a tertiary university hospital between January 2016 and November 2024. Demographic data, injury mechanisms, imaging findings, surgical interventions, hospitalizations, and Pediatric Intensive Care Unit (PICU) admissions were statistically analyzed. Results: Among 852,090 PED visits, 12,327 (1.4%) were diagnosed with UHIs. Most patients were younger than five years (72.1%) and male (56.8%). The leading causes were falls/collisions (60.6%), burns (12.1%), and foreign body aspirations (10.4%). Hospitalization and PICU admission rates were 11.7% and 1.2%, respectively, mainly involving children aged 2–4 years. Younger age and corrosive ingestion were independent predictors of hospitalization, while burns, falls/collisions, corrosive ingestion, poisoning, and foreign body aspiration significantly increased PICU admission risk. A marked rise in both hospital and PICU admissions was observed during the COVID-19 pandemic. Two fatalities occurred following falls. Conclusions: Falls, burns, and foreign body aspirations were the most common causes of pediatric UHIs, predominantly affecting children aged 2–4 years. Strengthening caregiver supervision, promoting safer home environments, and implementing targeted prevention programs are essential to reduce their impact on children and healthcare systems. Full article

Backdoor attacks are recognized as a significant security threat to deep learning. Such attacks can induce models to perform abnormally with inputs that contain predefined triggers, while maintaining state-of-the-art (SOTA) performance on clean data. Research indicates that existing backdoor attacks in the spatial domain have the problems of poor stealthiness and limited effectiveness. Based on the dispersion of adding perturbations in the frequency domain and the idea that multiple frequency-domain transformations can achieve different levels of feature fusion, we propose a dual-frequency-domain transformation backdoor attack method called DFDT (dual-frequency-domain transformation). DFDT executes dual-frequency-domain transformation on both clean samples and a trigger image, then conducts feature fusion in the frequency domain to augment the stealthiness of the poisoned samples. In addition, we introduce regularization samples to reduce the latent separability of clean and poisoned samples. We thoroughly evaluate the DFDT on three image datasets: CIFAR-10, GTSRB, and CIFAR-100. The experimental results show that the DFDT achieves greater stealthiness and effectiveness, achieving an attack success rate (ASR) that approximates 100% and a benign accuracy (BA) nearing 94%. Furthermore, we illustrate that DFDT can successfully evade state-of-the-art defenses, including STRIP, NC, and I-BAU. Full article

Federated learning (FL) enables collaborative model building among a large number of participants without sharing sensitive data to the central server. Because of its distributed nature, FL has limited control over local data and the corresponding training process. Therefore, it is susceptible to data poisoning attacks where malicious workers use malicious training data to train the model. Furthermore, attackers on the worker side can easily manipulate local data by swapping the labels of training instances, adding noise to training instances, and adding out-of-distribution training instances in the local data to initiate data poisoning attacks. And local workers under such attacks carry incorrect information to the server, poison the global model, and cause misclassifications. So, the prevention and detection of such data poisoning attacks is crucial to build a robust federated training framework. To address this, we propose a prevention strategy in federated learning, namely confident federated learning, to protect workers from such data poisoning attacks. Our proposed prevention strategy at first validates the label quality of local training samples by characterizing and identifying label errors in the local training data, and then excludes the detected mislabeled samples from the local training. To this aim, we experiment with our proposed approach on both the image and audio domains, and our experimental results validated the robustness of our proposed confident federated learning in preventing the data poisoning attacks. Our proposed method can successfully detect the mislabeled training samples with above 85% accuracy and exclude those detected samples from the training set to prevent data poisoning attacks on the local workers. However, our prevention strategy can successfully prevent the attack locally in the presence of a certain percentage of poisonous samples. Beyond that percentage, the prevention strategy may not be effective in preventing attacks. In such cases, detection of the attacked workers is needed. So, in addition to the prevention strategy, we propose a novel detection strategy in the federated learning framework to detect the malicious workers under attack. We propose to create a class-wise cluster representation for every participating worker by utilizing the neuron activation maps of local models and analyze the resulting clusters to filter out the workers under attack before model aggregation. We experimentally demonstrated the efficacy of our proposed detection strategy in detecting workers affected by data poisoning attacks, along with the attack types, e.g., label-flipping or dirty labeling. In addition, our experimental results suggest that the global model could not converge even after a large number of training rounds in the presence of malicious workers, whereas after detecting the malicious workers with our proposed detection method and discarding them from model aggregation, we ensured that the global model achieved convergence within very few training rounds. Furthermore, our proposed approach stays robust under different data distributions and model sizes and does not require prior knowledge about the number of attackers in the system. Full article

The increasing global discovery of plant species presents both opportunities and challenges, particularly in distinguishing between beneficial and poisonous varieties. While computer vision techniques show promise for classifying plant species and predicting toxicity, the lack of comprehensive datasets including images, scientific names, descriptions, local names, and poisonous status complicates these predictions. In this paper, we propose an Explainable Deep Inherent Learning approach that leverages advanced computer vision techniques for effective plant species classification and poisonous status prediction. The proposed Deep Inherent Learning method was validated using different explanation techniques, and Explainable AI (XAI) was employed to clarify decision-making processes at both the local and global levels. Additionally, we provide visual information to enhance trust in the proposed method. To validate the efficacy of our approach, we present a case study involving 2500 images of 50 different plant species from the Arabian Peninsula, enriched with essential metadata. This research aims to reduce the incidence of poisoning from harmful plants, thereby benefiting individuals and society. Our experimental results demonstrate strong performance, with the XAI model achieving accuracy, Precision, Recall, and F1-Score of 0.94, 0.96, 0.96 and 0.97, respectively. By enhancing interpretability, our study fosters greater trust in AI-driven plant classification systems. Full article

With the widespread adoption of deep learning in critical domains, such as computer vision, model security has become a growing concern. Backdoor attacks, as a highly stealthy threat, have emerged as a significant research topic in AI security. Existing backdoor attack methods primarily introduce perturbations in the spatial domain of images, which suffer from limitations, such as visual detectability and signal fragility. Although subsequent approaches, such as those based on steganography, have proposed more covert backdoor attack schemes, they still exhibit various shortcomings. To address these challenges, this paper presents HCBA (high-frequency chroma backdoor attack), a novel backdoor attack method based on high-frequency injection in the UV chroma channels. By leveraging discrete wavelet transform (DWT), HCBA embeds a polarity-triggered perturbation in the high-frequency sub-bands of the UV channels in the YUV color space. This approach capitalizes on the human visual system’s insensitivity to high-frequency signals, thereby enhancing stealthiness. Moreover, high-frequency components exhibit strong stability during data transformations, improving robustness. The frequency-domain operation also simplifies the trigger embedding process, enabling high attack success rates with low poisoning rates. Extensive experimental results demonstrate that HCBA achieves outstanding performance in terms of both stealthiness and evasion of existing defense mechanisms while maintaining a high attack success rate (ASR > 98.5%). Specifically, it improves the PSNR by 25% compared to baseline methods, with corresponding enhancements in SSIM as well. Full article