Search Results (56)

The Transport Layer Security (TLS) protocol is widely used nowadays to create secure communications over TCP/IP networks. Its purpose is to ensure confidentiality, authentication, and data integrity for messages exchanged between two endpoints. In order to facilitate its integration into widely used applications, the protocol is typically implemented through libraries, such as OpenSSL, BoringSSL, LibreSSL, WolfSSL, NSS, or mbedTLS. These libraries encompass functions that execute the specialized TLS handshake required for channel establishment, as well as the construction and processing of TLS records, and the procedures for closing the secure channel. However, these software libraries may contain vulnerabilities or errors that could potentially jeopardize the security of the TLS channel. To identify flaws or deviations from established standards within the implemented TLS code, a specialized tool known as TLS-Anvil can be utilized. This tool also verifies the compliance of TLS libraries with the specifications outlined in the Request for Comments documents published by the IETF. TLS-Anvil conducts numerous tests with a client/server configuration utilizing a specified TLS library and subsequently generates a report that details the number of successful tests. In this work, we exploit the results obtained from a selected subset of TLS-Anvil tests to generate rules used for anomaly detection in Suricata, a well-known signature-based Intrusion Detection System. During the tests, TLS-Anvil generates .pcap capture files that report all the messages exchanged. Such files can be subsequently analyzed with Wireshark, allowing for a detailed examination of the messages exchanged during the tests and a thorough understanding of their structure on a byte-by-byte basis. Through the analysis of the TLS handshake messages produced during testing, we develop customized Suricata rules aimed at detecting TLS anomalies that result from flawed implementations within the intercepted traffic. Furthermore, we describe the specific test environment established for the purpose of deriving and validating certain Suricata rules intended to identify anomalies in nodes utilizing a version of the OpenSSL library that does not conform to the TLS specification. The rules that delineate TLS deviations or potential attacks may subsequently be integrated into a threat detection platform supporting Suricata. This integration will enhance the capability to identify TLS anomalies arising from code that fails to adhere to the established specifications. Full article

This study proposes a robust chaotic encryption framework based on a Fuzzy Rule-Based Sugeno Inference (FRBSI) system, integrated with high-level security analyses. The algorithm employs a dynamic mixture of Lorenz chaotic state variables, which are numerically modeled using the Euler-Forward method to ensure computational accuracy. Unlike conventional methods, the carrier signal’s characteristics are not static; instead, its amplitude and dynamic behavior are continuously adapted through the FRBSI mechanism, driven by the instantaneous thresholds of the information signal. The security of the proposed system was rigorously evaluated through Histogram analysis, Number of Pixels Change Rate (NPCR), and Unified Average Changing Intensity (UACI) metrics, which confirmed the algorithm’s high sensitivity to plaintext variations and resistance against differential attacks. Furthermore, Key Sensitivity tests demonstrated that even a single-bit discrepancy in the receiver-side Sugeno rule base leads to a total failure in signal reconstruction, providing a formidable defense against brute-force attempts. The system’s performance was validated in the MATLAB/Simulink of R2021a version environment, where frequency and time-domain analyses were performed via oscilloscope and Fourier transforms. The results indicate that the proposed multi-layered fuzzy-chaotic structure significantly outperforms traditional encryption techniques in terms of unpredictability, structural security, and robustness. Full article

The use of resource-constrained Low-Power and Lossy Networks (LLNs), where the IPv6 Routing Protocol for LLNs (RPL) is the de facto routing standard, has increased due to the Internet of Things’ (IoT) explosive growth. Because of the dynamic nature of IoT deployments and the lack of in-protocol security, RPL is still quite susceptible to routing-layer attacks like Blackhole, Lowered Rank, version number manipulation, and Flooding despite its lightweight architecture. Lightweight, data-driven intrusion detection methods are necessary since traditional cryptographic countermeasures are frequently unfeasible for LLNs. However, the lack of RPL-specific control-plane semantics in current cybersecurity datasets restricts the use of machine learning (ML) for practical anomaly identification. In order to close this gap, this work models both static and mobile networks under benign and adversarial settings by creating a novel, large-scale multiclass RPL attack dataset using Contiki-NG’s Cooja simulator. To record detailed packet-level and control-plane activity including DODAG Information Object (DIO), DODAG Information Solicitation (DIS), and Destination Advertisement Object (DAO) message statistics along with forwarding and dropping patterns and objective-function fluctuations, a protocol-aware feature extraction pipeline is developed. This dataset is used to evaluate fifteen classifiers, including Logistic Regression (LR), Support Vector Machine (SVM), Decision Tree (DT), k-Nearest Neighbors (KNN), Random Forest (RF), Extra Trees (ET), Gradient Boosting (GB), AdaBoost (AB), and XGBoost (XGB) and several ensemble strategies like soft/hard voting, stacking, and bagging, as part of a comprehensive ML-based detection system. Numerous tests show that ensemble approaches offer better generalization and prediction performance. With overfitting gaps less than 0.006 and low cross-validation variance, the Soft Voting Classifier obtains the greatest accuracy of 99.47%, closely followed by XGBoost with 99.45% and Random Forest with 99.44%. Full article

One of the main vulnerabilities in robotic systems lies in the communication buses that enable low-level controllers to interact with the actuators responsible for the robot’s movements. In this context, hardware attacks represent a significant threat; however, the hardware version of the man-in-the-middle attack, implemented by Trojan hardware, has not yet been extensively studied. This article examines the impact of such threats on robotic control systems, focusing on vulnerabilities in an asynchronous communication bus used to transmit commands to a digital servomotor. To explore this, Trojan hardware was implemented on an FPGA device (XC7A100T, AMD: Santa Clara, CA, USA). Furthermore, the article proposes and implements detection methods to identify this type of attack, integrating them into an FPGA device as part of the actuator. The method is based on measuring the answer time detecting the presence of a strange module due to an increase in this time considering an AX-12 servomotor (Robotis: Seoul, Republic of Korea), with a Dynamixel protocol. This approach has been validated through a series of experiments involving a large number of transmitted messages, resulting in a high rate of true positives and a low rate of false negatives. The main conclusion is that response time can be used to detect foreign modules in the system, even if the module is kept waiting to attack, as long as the condition that the servomotors have a low variation in their latency is met. Full article

Background: Migraine is a complex neurological condition characterized by a range of symptoms, such as intense to severe headaches, sensitivity to light and sound, and feelings of nausea and vomiting. The most common complaints regarding acute treatment are that medication causes adverse effects, that pain returns, or that pain relief is either too slow or inconsistent. Certain non-pharmacological methods, such as non-invasive neuromodulators, might be beneficial for alleviating migraines and require evidence for clinical judgment. Objective: The objective of the study was to determine the effects and compare the effects of green light and transcranial direct current stimulation on migraine frequency, intensity, impact, and quality of life. Methods: A randomized controlled trial was conducted with 69 migraine patients of both genders aged over 18 years, experiencing headache attacks lasting more than 4 h, characterized by pulsating and unilateral pain with an intensity of 5 or higher on the numeric pain scale. Active tDCS, sham tDCS, and green light, along with prescribed medications, were applied to Groups A, B, and C, respectively, for four weeks. The outcomes were measured at baseline, week 2, and week 4 for primary outcomes, including a structured headache diary, numeric pain scale, multidimensional pain inventory, and migraine-specific quality of life version 2.1 as a secondary variable. Results: Significant results were found for the NPS and MSQ with a p-value < 0.05 between and within the groups. There was a substantial reduction in pain intensity and improved quality of life in all three groups. Group A and Group C had p-values < 0.05 for most of the subscales of MPI, showing decreased pain interference, enhanced support, improved emotional function, and increased participation in everyday activities. Medication dependency in Group A was reduced to four weeks with 22 (95.7%) with ‘no medication’ use. The number of migraine attacks in Group A at four weeks reduced to ‘no attack’ for 7 (30.4%) participants, showing a reduction in both the number of attacks and their duration to 1–5 h in 12 (52.2%) participants. Conclusions: Both tDCS and green light therapy were found to be effective non-pharmacological therapies for reducing pain intensity, frequency, impact, and drug usage and for improving the quality of life of migraine patients. However, tDCS showed an advantage in terms of reducing pain intensity and its impact on daily living, while green light therapy showed a slightly greater improvement in quality of life. Full article

The Internet of Things (IoT) continues to expand rapidly, with the Routing Protocol for Low-Power and Lossy Networks (RPL) serving as its core communication backbone. However, RPL remains vulnerable to a range of insider routing attacks such as the Version Number Attack (VNA) and Hello Flooding Attack (HFA), particularly in constrained IoT environments. In our previous work, IbiboRPLChain, we proposed a blockchain-based authentication mechanism to secure communication between routing and sensor nodes. This paper presents an evolved framework, IbiboRPLChain II, which integrates smart contracts, decentralised authentication nodes, and composite blockchain mechanisms to improve network resilience, scalability, and security. Our experiments, conducted using Cooja and Contiki OS, evaluate the system across multiple simulation seeds, demonstrating significant gains in Packet Delivery Ratio (PDR), energy efficiency, and delay mitigation. IbiboRPLChain II proves to be a robust solution for secure, lightweight, and scalable RPL-based IoT environments. Full article

The security of Internet of Things (IoT)–Low-Power and Lossy Networks (LLNs) is crucial for their widespread adoption in various applications. The standard routing protocol for IoT-LLNs, IPv6 Routing Protocol over Low-Power and Lossy Networks (RPL), is susceptible to insider attacks, such as the version number attack (VNA), decreased rank attack (DRA), and increased rank attack (IRA). These attacks can significantly impact network performance and resource consumption. To address these security concerns, we propose the IbiboRPLChain Solution, a secure blockchain-based authentication method for RPL nodes. The proposed solution introduces an additional blockchain layer to the RPL architecture, enabling secure authentication of communication links between the routing layer and the sensor layer. The IbiboRPLChain Solution utilises smart contracts to trigger immediate authentication upon detecting routing attacks initiated by malicious nodes in an IoT-LLN environment. The evaluation of the proposed solution demonstrates its superior performance in mitigating insider attacks and enhancing IoT-LLN security compared to existing methods. The proposed solution effectively mitigates insider attacks by employing blockchain technology to authenticate communication links between routing and sensor nodes. This prevents malicious nodes from manipulating routing information and disrupting network operations. Additionally, the solution enhances IoT-LLN security by utilising smart contracts to trigger immediate authentication upon detecting suspicious activity, ensuring prompt action against potential threats. The findings of this research have significant implications for the development and deployment of secure IoT-LLNs. Full article

This paper highlights recent activities associated with the design of an uninstalled open fan propulsor for next-generation civil aircraft in the high-subsonic flight regime. The concept comprises a transonic propeller–rotor and a subsequent guide vane, which are both subject to pitch-variability in order to account for the strong variations in flight conditions over the entire mission profile. The engine-scale design aimed for high technological maturity and to comply with a high number of industrially relevant requirements to ensure a competitive design, meeting performance requirements in terms of high efficiency levels at cruise and maximum climb conditions, operability in terms of stability margins, good acoustic characteristics, and structural integrity. During the design iterations, rapid 3D-RANS-based optimisations were only used as a conceptual design tool to derive sensitivities, which were used to support and justify major design choices in addition to established relations from propeller theory and common design practice. These design-driven optimisation efforts were complemented with more sophisticated CFD analysis focusing on rotor tip vortex trajectories and resulting in unsteady blade row interaction to optimise the guide vane clipping, as well as investigations of the entire propulsor under angle-of-attack conditions. The resulting open fan design will be the very basis for wind tunnel experiments of a downscaled version at low and high speed. Full article

Background: Transcranial direct current stimulation (tDCS) is a non-invasive neuromodulation technique for migraine prevention. This study evaluates the efficacy of tDCS compared to sham in preventing episodic migraine in adults. Methods: PubMed and Embase databases were searched until May 2025 to identify randomized controlled trials comparing tDCS with sham for the prevention of episodic migraine in adults. Risk of bias in the included trials was assessed using the Cochrane Risk of Bias Tool version 2. A random effect meta-analysis was conducted to evaluate the effects of cathodal and anodal tDCS on migraine frequency (days per month and attacks per month). Results: The meta-analysis included six trials with 172 participants (mean age 34 years, 82% females). Both cathodal (three studies, over the occipital area) and anodal (three studies, over the occipital or primary motor area) tDCS reduced the mean number of monthly migraine days and migraine attacks compared to sham. After pooling the outcomes and excluding two studies at high risk of bias, anodal tDCS over the occipital or primary motor area (standardized difference in means = −0.7, 95% CI: −1.7, 0.2, p = 0.124) and cathodal tDCS over the occipital area (standardized difference in means = −0.7, 95% CI: −1.1, −0.3, p = 0.000) reduced headache frequency compared to sham. However, the reduction with anodal tDCS was not statistically significant. Summary: tDCS may be effective in preventing episodic migraine. However, the evidence is limited by the small number of heterogeneous trials, with variation in electrode placement and stimulation intervals. Full article

Vehicular ad hoc networks (VANETs) aim to manage traffic, prevent accidents, and regulate various parts of traffic. However, owing to their nature, the security of VANETs remains a significant concern. This study provides insightful information regarding VANET vulnerabilities and attacks. It investigates a number of security models that have recently been introduced to counter VANET security attacks with a focus on machine learning detection methods. This confirms that several challenges remain unsolved. Accordingly, this study introduces a lightweight machine learning model with a gain information feature selection method to detect VANET attacks. A balanced version of the well-known and recent dataset CISDS2017 was developed by applying a random oversampling technique. The developed dataset was used to train, test, and evaluate the proposed model. In other words, two layers of enhancements were applied—using a suitable feature selection technique and fixing the dataset imbalance problem. The results show that the proposed model, which is based on the Random Forest (RF) classifier, achieved excellent performance in terms of classification accuracy, computational cost, and classification error. It achieved an accuracy rate of 99.8%, outperforming all benchmark classifiers, including AdaBoost, decision tree (DT), K-nearest neighbors (KNNs), and multi-layer perceptron (MLP). To the best of our knowledge, this model outperforms all the existing classification techniques. In terms of processing cost, it consumes the least processing time, requiring only 69%, 59%, 35%, and 1.4% of the AdaBoost, DT, KNN, and MLP processing times, respectively. It causes negligible classification errors. Full article

Several attacks on the well-known RSA cryptosystem that can be extended to a multi-prime version of RSA reveal that it is preferable to use the modulus having more prime factors. On the contrary, the larger the number of prime factors of the modulus, the greater the risk of its factorization, due to the reduced size of its prime factors. In this paper, we derive an optimal value of the number of prime factors in a multi-prime RSA modulus and introduce the notion of the “safest-value” and determine such safest-values for moduli of different sizes. By utilizing this concept, we propose an enhanced version of our Generalized Multi-Moduli RSA (GMMRSA), which is now secure against even more attacks than its previous version. Full article

The Internet of Things (IoT) is a significant technological advancement that allows for seamless device integration and data flow. The development of the IoT has led to the emergence of several solutions in various sectors. However, rapid popularization also has its challenges, and one of the most serious challenges is the security of the IoT. Security is a major concern, particularly routing attacks in the core network, which may cause severe damage due to information loss. Routing Protocol for Low-Power and Lossy Networks (RPL), a routing protocol used for IoT devices, is faced with selective forwarding attacks. In this paper, we present a federated learning-based detection technique for detecting selective forwarding attacks, termed FL-DSFA. A lightweight model involving the IoT Routing Attack Dataset (IRAD), which comprises Hello Flood (HF), Decreased Rank (DR), and Version Number (VN), is used in this technique to increase the detection efficiency. The attacks on IoT threaten the security of the IoT system since they mainly focus on essential elements of RPL. The components include control messages, routing topologies, repair procedures, and resources within sensor networks. Binary classification approaches have been used to assess the training efficiency of the proposed model. The training step includes the implementation of machine learning algorithms, including logistic regression (LR), K-nearest neighbors (KNN), support vector machine (SVM), and naive Bayes (NB). The comparative analysis illustrates that this study, with SVM and KNN classifiers, exhibits the highest accuracy during training and achieves the most efficient runtime performance. The proposed system demonstrates exceptional performance, achieving a prediction precision of 97.50%, an accuracy of 95%, a recall rate of 98.33%, and an F1 score of 97.01%. It outperforms the current leading research in this field, with its classification results, scalability, and enhanced privacy. Full article

Denial of Service (DoS) attacks remain a persistent threat to online systems, necessitating continual innovation in defense mechanisms. In this work, we present an improved algorithm for mitigating DoS attacks through the augmentation of client puzzle protocols. Building upon the foundation of hashcash trees, a recently proposed data structure combining hashcash and Merkle trees, we introduce a new version of the data structure that enhances resistance against parallel computation (a common tactic employed by attackers). By incorporating the labels of children and the next node in a breadth-first traversal into the hash function, we establish a sequential processing order that inhibits parallel node evaluation. The added dependency on the next node significantly elevates the complexity of constructing hashcash trees, introducing a linear number of synchronization points and fortifying resilience against potential attacks. Empirical evaluation demonstrates the efficacy of our approach, showcasing its ability to accurately control puzzle difficulty while bolstering system security against DoS threats. Full article

In wireless sensor networks (WSNs), sensor nodes are randomly distributed to transmit sensed data packets to the base station periodically. These sensor nodes, because of constrained battery power and storage space, cannot utilize conventional security measures. The widely held challenging issues for the network layer of WSNs are the packet-dropping attacks, mainly sinkhole and wormhole attacks, which focus on the routing pattern of the protocol. This thesis presents an improved version of the second level of the guard to the system, intrusion detection systems (IDSs), to limit the hostile impact of these attacks in a Low Energy Adaptive Clustering Hierarchy (LEACH) environment. The proposed system named multipath intrusion detection system (MIDS) integrates an IDs with ad hoc on-demand Multipath Distance Vector (AOMDV) protocol. The IDS agent uses the number of packets transmitted and received to calculate intrusion ratio (IR), which helps to mitigate sinkhole attacks and from AOMDV protocol round trip time (RTT) is computed by taking the difference between route request and route reply time to mitigate wormhole attack. MATLAB simulation results show that this cooperative model is an effective technique due to the higher packet delivery ratio (PDR), throughput, and detection accuracy. The proposed MIDS algorithm is proven to be more efficient when compared with an existing LEACH-based IDS system and MS-LEACH in terms of overall energy consumption, lifetime, and throughput of the network. Full article

In recent years, the alarming number of terrorist attacks has highlighted the critical need for extensive research aimed at fortifying structures against explosion-induced loads. However, the insufficient energy absorption and brittleness of conventional concrete make it ineffective in withstanding blast loading, encouraging researchers to explore innovative strategies for augmenting the energy dissipation capabilities of construction materials. This study specifically delves into the incorporation of recycled rubber, a sustainable and environmentally friendly solution to the pressing issue of scrap tire disposal. The primary focus of this research revolves around the integration of rubber recycling and steel fibers into concrete, with the ultimate goal of enhancing the dynamic response of reinforced concrete (RC) beams. This novel approach not only contributes to the structural resilience required for resisting blast impacts, but also aligns with eco-friendly practices by reusing recycled rubber. A meticulous numerical investigation was undertaken to comprehensively assess the static and blast response of these augmented beams. The numerical study involved developing finite element (FE) models using ABAQUS version 6.14 for static implicit analysis and LS-DYNA R11 for blast explicit simulations. The ABAQUS model was validated against previous experimental testing for load–displacement and failure patterns. Similarly, the LS-DYNA model was validated for blast pressure in accordance with UFC-3-340 standards and for material response under blast loading, utilizing existing experimental data. The numerical models were designed to accommodate varying weight percentages of rubber, ranging from 5% to 20%, and a consistent 1.0% incorporation of steel fibers. This comprehensive analysis aims to provide valuable insights into the efficacy of these materials in improving the structural integrity and blast resistance of RC beams, thereby contributing to the development of more secure and sustainable construction practices. By reducing the reinforcement ratio in order to meet the minimum code requirements, it became evident that the failures of the rubberized RC beams tended to exhibit ductility on the tension side under static loading. In addition, the increase in the reinforcement ratio correlated with a higher failure load and decreased deflection. Furthermore, the findings indicated an optimal concrete mixture characterized by improved ductility, energy absorption, and blast load capacity, achieved by combining 5–10% rubber with steel fibers. Full article