Search Results (1,161)

Real-time operating systems (RTOSs) are widely used in embedded systems to ensure deterministic task execution, predictable responses, and concurrent operations, which are crucial for time-sensitive applications. However, the growing complexity of embedded systems, increased network connectivity, and dynamic software updates significantly expand the attack surface, exposing RTOSs to a variety of security threats, including memory corruption, privilege escalation, and side-channel attacks. Traditional security mechanisms often impose additional overhead that can compromise real-time guarantees. In this work, we present a Risk-aware Permission Adjustment (RPA) framework, implemented on CHERIoT RTOS, which is a CHERI-based operating system. RPA aims to detect anomalous behavior in real time, quantify security risks, and dynamically adjust permissions to mitigate potential threats. RPA maintains system continuity, enforces fine-grained access control, and progressively contains the impact of violations without interrupting critical operations. The framework was evaluated through targeted fault injection experiments, including 20 real-world CVEs and 15 abstract vulnerability classes, demonstrating its ability to mitigate both known and generalized attacks. Performance measurements indicate minimal runtime overhead while significantly reducing system downtime compared to conventional CHERIoT and FreeRTOS implementations. Full article

The malicious contamination of food has been recognized by the World Health Organization (WHO) as a real and current threat that must be integrated into food safety systems to ensure preparedness for deliberate attacks. Traditional approaches, such as HACCP, effectively address unintentional hazards but remain insufficient against intentional contamination and sabotage. Food defense frameworks such as HACCP (Hazard Analysis and Critical Control Points), VACCP (Vulnerability Assessment and Critical Control Points), and TACCP (Threat Assessment and Critical Control Points) represent complementary methodologies, addressing unintentional, economically motivated, and deliberate threats, respectively. This review critically examines food defense frameworks across the European Union, the United States, and the United Kingdom, as well as standards benchmarked by the Global Food Safety Initiative (GFSI), drawing on peer-reviewed and grey literature sources. In the United States, the Food Safety Modernization Act (FSMA) mandates the development and periodic reassessment of food defense plans, while the European Union primarily relies on general food law and voluntary certification schemes. The United Kingdom’s PAS 96:2017 standard provides TACCP-based guidance that also acknowledges cybercrime as a deliberate threat. Building on these regulatory and operational gaps, this paper proposes the Cyber-FSMS model, an integrated framework that combines traditional food defense pillars with cyber risk management to address cyber–physical vulnerabilities in increasingly digitalized supply chains. The model introduces six interconnected components (governance, vulnerability assessment, mitigation, monitoring, verification, and recovery) designed to embed cyber-resilience into Food Safety Management Systems (FSMS). Priority actions include regulatory harmonization, practical support for small and medium-sized enterprises (SMEs), and the alignment of cyber-resilience principles with upcoming GFSI benchmarking developments, thereby strengthening the integrity, robustness, and adaptability of global food supply chains. Full article

The cyber–physical integrated power distribution system is poised to become the predominant trend in the development of future power systems. Although the highly intelligent panoramic link information system in substations facilitates the efficient, cost-effective, and secure operation of the power system, it is also exposed to dual threats from both internal and external factors. Under intentional cyber information attacks, the operational data and equipment response capabilities of the panoramic link information system within smart substations can be illicitly manipulated, thereby disrupting dispatcher response decision-making and resulting in substantial losses. To tackle this challenge, this paper delves into the research on automatic verification and active defense mechanisms for the cyber–physical power distribution system under panoramic link attacks in smart substations. Initially, to mitigate internal risks stemming from the uncertainty of new energy output information, this paper utilizes a CGAN-IK-means model to generate representative scenarios. For scenarios involving external intentional cyber information attacks, this paper devises a fixed–flexible adjustment resource response strategy, making up for the shortfall in equipment response capabilities under information attacks through flexibility resource regulation. The proposed strategy is assessed based on two metrics, voltage level and load shedding volume, and computational efficiency is optimized through an enhanced firefly algorithm. Ultimately, the efficacy and viability of the proposed method are verified and demonstrated using a modified IEEE standard test system. Full article

Ischemic stroke is a leading cause of disability worldwide, often triggered by atherothrombotic or embolic events. A growing body of evidence highlights the role of neuroinflammation as a central mechanism in post-stroke damage, influenced by modifiable systemic risk factors. Emerging evidence suggests that oxidative stress mediates the impact of several modifiable risk factors by activating redox-sensitive pathways (such as NF-κB), impairing nitric oxide bioavailability, and promoting matrix metalloproteinase activity that disrupts vascular integrity and contributes to ischemic injury. In this context, our meta-analysis examined major modifiable risk factors for ischemic stroke, with a particular focus on their shared ability to promote oxidative stress and neuroinflammatory cascades. By emphasizing these redox-dependent mechanisms, our work supports the biological plausibility of exploring antioxidant strategies as complementary approaches to mitigate stroke risk. Hypertension, diabetes, dyslipidemia, smoking, atrial fibrillation, and transient ischemic attacks all contribute to oxidative damage through mechanisms such as endothelial dysfunction, vascular inflammation, and excessive free radical exposure. We searched PubMed, PubMed Central, Web of Science, and Scopus for observational studies published within the last five years, identifying 23 studies (691,524 participants) meeting eligibility criteria. Using a random-effects model, we found significant associations between stroke risk and hypertension (OR = 1.58, 95% CI: 1.28–1.94), smoking (OR = 1.61, 95% CI: 1.13–2.28), type 2 diabetes (OR = 1.53, 95% CI: 1.29–1.81), atrial fibrillation (OR = 1.88, 95% CI: 1.28–2.75), and prior transient ischemic attack (OR = 1.62, 95% CI: 1.24–2.11). These risk factors are known to contribute to systemic inflammation, potentially exacerbating neuroinflammatory cascades post-stroke. Despite limitations such as heterogeneity and low certainty of evidence, our findings reinforce the relevance of targeting inflammation-driven risk factors in stroke prevention strategies and future research. Full article

The China Railway Express (China-Europe container railway freight transport) is pivotal to Eurasian freight, yet its transcontinental railway faces escalating cascading risks. We develop a coupled map lattice (CML) model representing the physical infrastructure layer and the operational traffic layer concurrently to quantify and mitigate cascading failures. Twenty critical stations are identified by integrating TOPSIS entropy weighting with grey relational analysis in dual-layer networks. The enhanced CML embeds node-degree, edge-betweenness, and freight-flow coupling coefficients, and introduces two adaptive cargo-redistribution rules—distance-based and load-based for real-time rerouting. Extensive simulations reveal that network resilience peaks when the coupling coefficient equals 0.4. Under targeted attacks, cascading failures propagate within three to four iterations and reduce network efficiency by more than 50%, indicating the vital function of higher importance nodes. Distance-based redistribution outperforms load-based redistribution after node failures, whereas the opposite occurs after edge failures. These findings attract our attention that redundant border corridors and intelligent monitoring should be deployed, while redistribution rules and multi-tier emergency response systems should be employed according to different scenarios. The proposed methodology provides a dual-layer analytical framework for addressing cascading risks of transcontinental networks, offering actionable guidance for intelligent transportation management of international intermodal freight networks. Full article

This work addresses the problem of synurbization, with its causes and effects specified using the example of wild boar (Sus scrofa). It presents basic biological parameters of the species, including those that promote its synurbization—small habitat demands, omnivorism, as well as ecological, behavioral, and demographic flexibility. It also discusses intra-species transformations stemming from wild boar adaptation to the urban space and pinpoints habitat fragmentation, ecological restoration, and phenotypic flexibility as the underlying causes of people–wild boar interactions. These interactions are primarily negative because wild boars attack humans and domestic animals and cause many traffic accidents. An analysis of the literature included in this study shows that, unfortunately, there are currently no fully effective methods that could protect urban areas and their inhabitants from the threats posed by wild boars. In order for sustainable urban development policies to be effectively implemented, there is a need for intensive, holistic research and cooperation between experts in many fields: wildlife, economics, public health, sociology, ethics, psychology, and urban planning. The synurbanization of wild boars is a large and growing social problem, but from an ecological perspective, there is a need to take action and develop methods to mitigate human/wild animal conflicts, not only from a human perspective. A one-sided view and action can be a threat to many animal species. Full article

Concrete structures are vulnerable to sulfate attacks during their service life, as sulfate ions react with cement hydration products to form expansive phases, generating internal stresses that cause mechanical degradation. In this study, a cementitious capillary crystalline waterproofing material (CCCW) was incorporated into concrete to mitigate sulfate ingress and enhance sulfate resistance. The evolution of compressive strength, ultrasonic pulse velocity, dynamic elastic modulus, and the microstructure of concrete was investigated in sulfate-exposed concretes with varying CCCW dosages and strength grades; the sulfate ion concentration profiles were also analyzed. The results indicate that the enhancement effect of CCCW on sulfate resistance declines progressively with increasing concrete strength. The formation of calcium silicate hydrate and calcium carbonate fills the pores of concrete, hindering the intrusion of sulfate solution. Moreover, the self-healing effect of concrete further inhibits the diffusion of sulfate ions through cracks, improving the sulfate resistance of concrete. These findings provide critical insights and practical guidance for improving concrete resistance to sulfate-induced deterioration. Full article

Maritime logistics and railway logistics are crucial in cross-border logistics, and their integration forms a sea-rail cross-border intermodal logistics network. Against the backdrop of frequent unexpected events in today’s world, the normal operation of the sea-rail cross-border intermodal logistics network is under considerable threat. Therefore, researching the vulnerability of the intermodal network is extremely urgent. To this end, this paper first constructs a topological model of the sea-rail cross-border intermodal logistics network, designed to reflect the crucial process of “inter-layer transshipment” via transshipment nodes. Subsequently, a cascading failure model is developed to evaluate network vulnerability, featuring a load redistribution process that distinguishes between transshipment and non-transshipment nodes. The paper yields three primary findings. First, it identifies the optimal values for the capacity factor, overload factor, and inter-layer load transfer rate that most effectively mitigate the network’s vulnerability. Second, compared to a single sub-network (such as a maritime logistics network or a railway logistics network), the sea-rail cross-border intermodal network exhibits lower vulnerability when facing attacks. Third, it highlights the critical role of transshipment nodes, confirming that their failure will make the entire sea-rail cross-border intermodal logistics network more vulnerable. Full article

Speculative execution attacks significantly compromise the security of modern processors by enabling information leakage. These well-known attacks exploit speculative cache-based covert channels to effectively exfiltrate secret data by altering cache states. Existing hardware defenses specifically designed to prevent cache-based covert channels are effective at blocking explicit channels. However, their protection against implicit attack variants remains limited, since these hardware defenses do not fully eliminate secret-dependent microarchitectural changes in caches. In this paper, we propose TrackRISC, a framework which comprises (i) a refined implicit attack flow model specifically for the exploration and analysis of implicit cache-based speculative execution attacks which severely compromise the security of existing hardware defenses, and (ii) a security-enhanced tracking and mitigation microarchitecture, termed TrackRISC-Defense, designed to mitigate both implicit and explicit attack variants that use speculative cache-based covert channels. To obtain realistic hardware evaluation results, we implement and evaluate both TrackRISC-Defense and a representative existing defense on top of the Berkeley’s out-of-order RISC-V processor core (SonicBOOM) using the VCU118 FPGA platform running Linux. Compared to the representative existing defense which incurs a performance overhead of 13.8%, TrackRISC-Defense ensures stronger security guarantees with a performance overhead of 19.4%. In addition, TrackRISC-Defense can mitigate both explicit and implicit speculative cache-based covert channels with a register-based hardware resource overhead of 0.4%. Full article

The secondary use of electronic health records is essential for developing artificial intelligence-based clinical decision support systems. However, even after direct identifiers are removed, de-identified electronic health records remain vulnerable to re-identification, membership inference attacks, and model extraction attacks. This study examined the balance between privacy protection and model utility by evaluating de-identification strategies and differentially private learning in large-scale electronic health records. De-identified records from a tertiary medical center were analyzed and compared with three strategies—baseline generalization, enhanced generalization, and enhanced generalization with suppression—together with differentially private stochastic gradient descent. Privacy risks were assessed through k-anonymity distributions, membership inference attacks, and model extraction attacks. Model performance was evaluated using standard predictive metrics, and privacy budgets were estimated for differentially private stochastic gradient descent. Enhanced generalization with suppression consistently improved k-anonymity distributions by reducing small, high-risk classes. Membership inference attacks remained at the chance level under all conditions, indicating that patient participation could not be inferred. Model extraction attacks closely replicated victim model outputs under baseline training but were substantially curtailed once differentially private stochastic gradient descent was applied. Notably, privacy-preserving learning maintained clinically relevant performance while mitigating privacy risks. Combining suppression with differentially private stochastic gradient descent reduced re-identification risk and markedly limited model extraction while sustaining predictive accuracy. These findings provide empirical evidence that a privacy–utility balance is achievable in clinical applications. Full article

Recent advancements in large language models (LLMs) have increased the necessity of alignment and safety mechanisms. Despite these efforts, jailbreak attacks remain a significant threat, exploiting vulnerabilities to elicit harmful responses. While white-box attacks, such as the Greedy Coordinate Gradient (GCG) method, have demonstrated promise, their efficacy is often limited by non-smooth optimization landscapes and a tendency to converge to local minima. To mitigate these issues, we propose Spatial Momentum GCG (SM-GCG), a novel method that incorporates spatial momentum. This technique aggregates gradient information across multiple transformation spaces—including text, token, one-hot, and embedding spaces—to stabilize the optimization process and enhance the estimation of update directions, thereby more effectively exploiting model vulnerabilities to elicit harmful responses. Experimental results on models including Vicuna-7B, Guanaco-7B, and Llama2-7B-Chat demonstrate that SM-GCG significantly enhances the attack success rate in white-box settings. The method achieves a 10–15% improvement in attack success rate over baseline methods against robust models such as Llama2, while also exhibiting enhanced transferability to black-box models. These findings indicate that spatial momentum effectively mitigates the problem of local optima in discrete prompt optimization, thereby offering a more powerful and generalizable approach for red-team assessments of LLM safety. Warning: This paper contains potentially offensive and harmful text. Full article

The Internet of Things (IoT) revolutionizes connectivity, enabling innovative applications across healthcare, industry, and smart cities but also introducing significant cybersecurity challenges due to its expanded attack surface. Intrusion Detection Systems (IDSs) play a pivotal role in addressing these challenges, offering tailored solutions to detect and mitigate threats in dynamic and resource-constrained IoT environments. Through a rigorous analysis, this study classifies IDS research based on methodologies, performance metrics, and application domains, providing a comprehensive synthesis of the field. Key findings reveal a paradigm shift towards integrating artificial intelligence (AI) and hybrid approaches, surpassing the limitations of traditional, static methods. These advancements highlight the potential for IDSs to enhance scalability, adaptability, and detection accuracy. However, unresolved challenges, such as resource efficiency and real-world applicability, underline the need for further research. By contextualizing these findings within the broader landscape of IoT security, this work emphasizes the critical importance of developing IDS solutions that ensure the reliability, privacy, and security of interconnected systems, contributing to the sustainable evolution of IoT ecosystems. Full article

In the Internet of Vehicles (IoV), zero-day attacks pose a significant security threat. These attacks are characterized by unknown patterns and limited sample availability. Traditional anomaly detection methods often fail because they rely on oversimplified assumptions, hindering their ability to model complex normal IoV behavior. This limitation results in low detection accuracy and high false alarm rates. To overcome these challenges, we propose a novel zero-day attack detection framework based on Feature-Enhanced Inverse Mapping (IM-ZDD). The framework introduces a two-stage process. In the first stage, a feature enhancement module mitigates data scarcity by employing an innovative multi-generator, multi-discriminator Conditional GAN (CGAN) with dynamic focusing loss to generate a large-scale, high-quality synthetic normal dataset characterized by sharply defined feature boundaries. In the second stage, a learning-based inverse mapping module is trained exclusively on this synthetic data. Through adversarial training, the module learns a precise inverse mapping function, thereby establishing a compact and expressive representation of normal behavior. During detection, samples that cannot be effectively mapped are identified as attacks. Experimental results on the F2MD platform show IM-ZDD achieves superior accuracy and a low false alarm rate, yielding an average AUC of 98.25% and F1-Score of 96.41%, surpassing state-of-the-art methods by up to 4.4 and 10.8 percentage points. Moreover, with a median detection latency of only 3 ms, the framework meets real-time requirements, providing a robust solution for zero-day attack detection in data-scarce IoV environments. Full article

In the face of ever-evolving cyber threats, modern intrusion detection systems (IDS) must achieve long-term adaptability without sacrificing performance on previously encountered attacks. Traditional IDS approaches often rely on static training assumptions, making them prone to forgetting old patterns, underperforming in label-scarce conditions, and struggling with imbalanced class distributions as new attacks emerge. To overcome these limitations, we present a continual learning framework tailored for adaptive intrusion detection. Unlike prior methods, our approach is designed to operate under real-world network conditions characterized by high-dimensional, sparse traffic data and task-agnostic learning sequences. The framework combines three core components: a clustering-based memory strategy that selectively retains informative historical samples using DP-Means; multi-level knowledge distillation that aligns current and previous model states at output and intermediate feature levels; and a meta-learning-driven class reweighting mechanism that dynamically adjusts to shifting attack distributions. Empirical evaluations on benchmark intrusion detection datasets demonstrate the framework’s ability to maintain high detection accuracy while effectively mitigating forgetting. Notably, it delivers reliable performance in continually changing environments where the availability of labeled data is limited, making it well-suited for real-world cybersecurity systems. Full article

The Internet of Vehicles (IoV) is becoming increasingly vulnerable to zero-day (ZD) cyberattacks, which often bypass conventional intrusion detection systems. To mitigate this challenge, this study proposes Zero-Day Bidirectional Encoder Representations from Transformers approach (ZDBERTa), a zero-shot learning (ZSL)-based framework for ZD attack detection, evaluated on the CICIoV2024 dataset. Unlike conventional AI models, ZSL enables the classification of attack types not previously encountered during the training phase. Two dataset variants are formed: Variant 1, created through synthetic traffic generation using a mixture of pattern-based, crossover, and mutation techniques, and Variant 2, augmented with a Generative Adversarial Network (GAN). To replicate realistic zero-day conditions, denial-of-service (DoS) attacks were omitted during training and introduced only at testing. The proposed ZDBERTa incorporates a Byte-Pair Encoding (BPE) tokenizer, a multi-layer transformer encoder, and a classification head for prediction, enabling the model to capture semantic patterns and identify previously unseen threats. The experimental results demonstrate that ZDBERTa achieves 86.677% accuracy on Variant 1, highlighting the complexity of zero-day detection, while performance significantly improves to 99.315% on Variant 2, underscoring the effectiveness of GAN-based augmentation. To the best of our knowledge, this is the first research to explore ZD detection within CICIoV2024, contributing a novel direction toward resilient IoV cybersecurity. Full article