Search Results (239)

The smart grid (SG) plays a seminal role in the modern energy landscape by integrating digital technologies, the Internet of Things (IoT), and Advanced Metering Infrastructure (AMI) to enable bidirectional energy flow, real-time monitoring, and enhanced operational efficiency. However, these advancements also introduce critical challenges related to data privacy, cybersecurity, and operational balance. This review critically evaluates SG systems, beginning with an analysis of data privacy vulnerabilities, including Man-in-the-Middle (MITM), Denial-of-Service (DoS), and replay attacks, as well as insider threats, exemplified by incidents such as the 2023 Hydro-Québec cyberattack and the 2024 blackout in Spain. The review further details the SG architecture and its key components, including smart meters (SMs), control centers (CCs), aggregators, smart appliances, and renewable energy sources (RESs), while emphasizing essential security requirements such as confidentiality, integrity, availability, secure storage, and scalability. Various privacy preservation techniques are discussed, including cryptographic tools like Homomorphic Encryption, Zero-Knowledge Proofs, and Secure Multiparty Computation, anonymization and aggregation methods such as differential privacy and k-Anonymity, as well as blockchain-based approaches and machine learning solutions. Additionally, the review examines pricing models and their resolution strategies, Demand–Supply Balance Programs (DSBPs) utilizing optimization, game-theoretic, and AI-based approaches, and energy storage systems (ESSs) encompassing lead–acid, lithium-ion, sodium-sulfur, and sodium-ion batteries, highlighting their respective advantages and limitations. By synthesizing these findings, the review identifies existing research gaps and provides guidance for future studies aimed at advancing secure, efficient, and sustainable smart grid implementations. Full article

Multi-variant execution (MVX) is an active defense technique that can detect unknown attacks by comparing the outputs of redundant program variants. Despite notable progress in MVX techniques in recent years, current approaches for recovery of abnormal variants still face fundamental challenges, including state inconsistency, low recovery efficiency, and service disruption of an MVX system. Therefore, a record–replay-based state recovery approach for variants in MVX systems is proposed in this paper. First, a Syscall Coordinator (SSC), composed of a recording module, a classification module, and a replay module, is designed to enable state recovery of variants. Then, a synchronization and voting algorithm is presented. When an anomaly is identified through voting, the abnormal variant is handed over to the SSC for state recovery, while the Synchronization Queue is updated accordingly. Furthermore, to ensure uninterrupted system service, we introduce a parallel grouped recovery mechanism, which enables the execution of normal variants and the recovery of abnormal variants to run in parallel. Experimental results on SPEC CPU 2006 benchmark and server applications show that the proposed approach achieves low overhead in both the recording and replay phases while maintaining high state recovery accuracy and supports uninterrupted system service. Full article

In modern industrial control systems (ICSs), communication protocols such as Modbus TCP remain widely used due to their simplicity, interoperability, and real-time performance. However, these communication protocols (e.g., Modbus TCP) were originally designed without security considerations, lacking essential features such as encryption, integrity protection, and authentication. This exposes ICS deployments to severe security threats, including eavesdropping, command injection, and replay attacks, especially when operating over unsecured networks. To address these critical vulnerabilities while preserving the lightweight nature of the protocol, we propose a Modbus TCP security enhancement scheme that integrates ASCON, an NIST-standardized authenticated encryption algorithm, with the CBOR Object Signing and Encryption (COSE) framework. Our design embeds COSE_Encrypt0 structures into Modbus application data, enabling end-to-end confidentiality, integrity, and replay protection without altering the protocol’s semantics or timing behavior. We implement the proposed scheme in C and evaluate it in a simulated embedded environment representative of typical ICS devices. Experimental results show that the solution incurs minimal computational and memory overhead, while providing robust cryptographic guarantees. This work demonstrates a practical pathway for retrofitting legacy ICS protocols with modern lightweight cryptography, enhancing system resilience without compromising compatibility or performance. Full article

The rapid adoption of Metaverse technologies in healthcare, particularly for elder safety monitoring, has introduced new security challenges related to the authenticity of virtual representations. As healthcare providers increasingly rely on avatars and digital twins to monitor and interact with elderly patients remotely, ensuring the integrity of these virtual entities becomes paramount. This paper introduces SAVE (Securing Avatars in Virtual Environments), an emerging framework that leverages environmental fingerprinting based on Electric Network Frequency (ENF) signals to authenticate avatars and detect potential deepfake attacks in virtual healthcare settings. Unlike conventional authentication methods that rely solely on digital credentials, SAVE anchors virtual entities to the physical world by utilizing the unique temporal and spatial characteristics of ENF signals. We implement and evaluate SAVE in a Microverse-based nursing home environment designed for monitoring elderly individuals living alone. We evaluated SAVE using a prototype system with Raspberry Pi devices and multiple environmental sensors, demonstrating effectiveness across three attack scenarios in a 30-minute experimental window. Through the experimental evaluation of three distinct attack scenarios, unauthorized device attacks, device ID spoofing, and replay attacks using intercepted data, our system demonstrates high detection accuracy with minimal false positives. Results show that by comparing ENF fingerprints embedded in transmitted data with reference ENF signals, SAVE can effectively identify tampering and ensure the authenticity of avatar updates in real time. The SAVE approach enhances the security of virtual healthcare monitoring without requiring additional user intervention, making it particularly suitable for elderly care applications where ease of use is essential. Our findings highlight the potential of physical environmental fingerprints as a robust security layer for virtual healthcare systems, contributing to safer and more trustworthy remote monitoring solutions for vulnerable populations. Full article

Continuous authentication allows devices to keep checking that the active user is still the rightful owner instead of relying on a single login. However, current methods can be tricked by forging faces, revealing personal data, or draining the battery. Additionally, the environment where the user plays a vital role in determining the user’s online security. Thanks to several security attacks, such as impersonation and replay, the user or the device can easily be compromised. We present a lightweight system that pairs face recognition with complex environmental sensing, i.e., the phone validates the user when the surrounding light or noise changes. A convolutional network turns each captured face into a 128-bit code, which is combined with a random “nonce” and protected by hashing. A camera–microphone module monitors light and sound to decide when to sample again, reducing unnecessary checks. We verified the protocol with formal security tools (Scyther v1.1.3.) and confirmed resistance to replay, interception, deepfake, and impersonation attacks. Across 2700 authentication cycles on a Snapdragon 778G testbed, the median decision time decreased from 61.2 ± 3.4 ms to 42.3 ± 2.1 ms (p < 0.01, paired t-test). Data usage per authentication cycle fell by an average of 24.7% ± 1.8%, and mean energy consumption per cycle decreased from 21.3 mJ to 19.8 mJ (∆ = 6.6 mJ, 95% CI: 5.9–7.2). These differences were consistent across varying lighting (≤50, 50–300, >300 lux) and noise conditions (30–55 dB SPL). These results show that smart-sensor-triggered face recognition can offer secure and energy-efficient continuous verification, supporting smart imaging and deep-learning-based face recognition. Full article

Face anti-spoofing is crucial for protecting biometric authentication systems. Presentation attacks using 3D masks and high-resolution printed images present detection challenges for existing methods. In this paper, we introduce a family of specialized CNN architectures, AttackNet, designed for robust face anti-spoofing with optimized residual connections and activation functions. The study includes the development of four architectures: baseline LivenessNet, AttackNetV1 with concatenation-based skip connections, AttackNetV2.1 with optimized activation functions, and AttackNetV2.2 with efficient addition-based residual learning. Our analysis demonstrates that element-wise addition in skip connections reduces parameters from 8.4 M to 4.2 M while maintaining performance. A comprehensive evaluation was conducted on four benchmark datasets: MSSpoof, 3DMAD, CSMAD, and Replay-Attack. Results show high accuracy (approaching 100%) on the 3DMAD, CSMAD, and Replay-Attack datasets. On the more challenging MSSpoof dataset, AttackNetV1 achieved 99.6% accuracy with an HTER of 0.004, outperforming the baseline LivenessNet (94.35% accuracy, 0.056 HTER). Comparative analysis with state-of-the-art methods confirms the superiority of the proposed approach. AttackNetV2.2 demonstrates an optimal balance between accuracy and computational efficiency, requiring 16.1 MB of memory compared to 32.1 MB for other AttackNet variants. Training time analysis shows twice the speed for AttackNetV2.2 compared to AttackNetV1. Architectural ablation studies highlight the crucial role of residual connections, batch normalization, and suitable dropout rates. Statistical significance testing verifies the reliability of the results (p-value < 0.001). The proposed architectures show excellent generalization ability and practical usefulness for real-world deployment in mobile and embedded systems. Full article

With recent advancements in digital environments, user authentication is becoming increasingly important. Traditional authentication methods such as passwords and PINs suffer from inherent limitations, including vulnerability to theft, guessing, and replay attacks. Consequently, there has been a growing body of research on more accurate and efficient user authentication methods. One such approach involves the use of biometric signals to enhance security. However, biometric methods face significant challenges in ensuring stable authentication accuracy, primarily due to variations in the user’s environment, physical activity, and health conditions. To address these issues, this paper proposes a biometric-signal-based user authentication system using graph neural networks (GNNs). The feasibility of the proposed system was evaluated using an electromyogram (EMG) dataset specifically constructed by Chosun University for user authentication research. GNNs have demonstrated exceptional performance in modeling the relationships among complex data and attracted attention in various fields. Specifically, GNNs are well-suited for modeling user behavioral patterns while considering temporal and spatial relationships, making them an ideal method for adapting to dynamic and evolving user patterns. Unlike traditional neural networks, GNNs can dynamically learn and adapt to changes or evolutions in user behavioral patterns over time. This paper describes the design and implementation of a user authentication system using GNNs with an EMG dataset and discusses how the system can adapt to dynamic and changing user patterns. Full article

This paper presents an in-depth review of cybersecurity challenges and advanced solutions in modern power-generation systems, with particular emphasis on smart grids. It examines vulnerabilities in devices such as smart meters (SMs), Phasor Measurement Units (PMUs), and Remote Terminal Units (RTUs) to cyberattacks, including False Data Injection Attacks (FDIAs), Denial of Service (DoS), and Replay Attacks (RAs). The study evaluates cutting-edge detection and mitigation techniques, such as Cluster Partition, Fuzzy Broad Learning System (CP-BLS), multimodal deep learning, and autoencoder models, achieving detection accuracies of (up to 99.99%) for FDIA identification. It explores critical aspects of power generation, including resource assessment, environmental and climatic factors, policy and regulatory frameworks, grid and storage integration, and geopolitical and social dimensions. The paper also addresses the transmission and distribution (T&D) system, emphasizing the role of smart-grid technologies and advanced energy-routing strategies that leverage Artificial Neural Networks (ANNs), Generative Adversarial Networks (GANs), and game-theoretic approaches to optimize energy flows and enhance grid stability. Future research directions include high-resolution forecasting, adaptive optimization, and the integration of quantum–AI methods to improve scalability, reliability, and resilience. Full article

The Extensible Authentication Protocol–Transport Layer Security (EAP-TLS) is a critical authentication protocol for wireless networks and secure IoT communications. However, it faces significant challenges from man-in-the-middle attacks, including message tampering, replay, and certificate forgery. Although model checking techniques have been applied to verify its security properties, the complexity of the EAP-TLS handshake often prevents accurate formal modeling; existing studies rarely assess the communication overhead of protocol enhancements. Moreover, traditional Logic of Events Theory (LoET) struggles to handle transport-layer protocols like EAP-TLS due to their intricate interaction processes. This study proposes a novel formal analysis approach, extending LoET by expanding five event classes, formulating corresponding rules, and introducing new axioms. Formal verification reveals attack paths involving plaintext theft, message tampering, and entity impersonation. The research proposes an enhanced strategy to mitigate these vulnerabilities through hash merging, encryption, and signature methods, alongside analyzing their communication costs to ensure feasibility. Using the extended LoET, the improved protocol is rigorously proven to satisfy strong authentication, thereby enhancing practical security. The proposed method achieves a time complexity of O(n²) and demonstrates superior performance in resisting state explosion compared with related approaches, thus establishing a more efficient and robust framework for EAP-TLS security analysis. Full article

Industrial Control Systems (ICSs) are fundamental to critical infrastructure, yet they face increasing cybersecurity threats, particularly data integrity attacks like replay and data forgery attacks. Traditional IT-centric security measures are often inadequate for the Operational Technology (OT) environment due to stringent real-time and reliability requirements. This paper proposes an endogenous security defense mechanism based on the Luenberger observer and residual analysis. By embedding a mathematical model of the physical process into the control system, this approach enables real-time state estimation and anomaly detection. We model the ICS using a linear state-space representation and design a Luenberger observer to generate a residual signal, which is the difference between the actual sensor measurements and the observer’s predictions. Under normal conditions, this residual is minimal, but it deviates significantly during a replay attack. We formalize the system model, observer design, and attack detection algorithm. The effectiveness of the proposed method is validated through a simulation of an ICS under a replay attack. The results demonstrate that the residual-based approach can detect the attack promptly and effectively, providing a lightweight yet robust solution for enhancing ICS security. Full article

This study conducts a detailed analysis of cybersecurity threats, including artificial intelligence (AI)-driven cyber-attacks targeting vehicle-to-vehicle (V2V) and electric vehicle (EV) communications within the rapidly evolving field of connected and autonomous vehicles (CAVs). As autonomous and electric vehicles become increasingly integrated into daily life, their susceptibility to cyber threats such as replay, jamming, spoofing, and denial-of-service (DoS) attacks necessitates the development of robust cybersecurity measures. Additionally, EV-specific threats, including battery management system (BMS) exploitation and compromised charging interfaces, introduce distinct vulnerabilities requiring specialized attention. This research proposes a comprehensive and integrated cybersecurity framework that rigorously examines current V2V, vehicle-to-everything (V2X), and EV-specific systems through systematic threat assessments, vulnerability analyses, and the deployment of advanced security controls. Unlike previous state-of-the-art approaches, which primarily focus on isolated threats or specific components such as V2V protocols, the proposed framework provides a holistic cybersecurity strategy addressing the entire communication stack, EV subsystems, and incorporates AI-driven threat detection mechanisms. This comprehensive and integrated approach addresses critical gaps found in the existing literature, making it significantly more adaptable and resilient against evolving cyber-attacks. Our framework aligns with industry standards and regulatory requirements, significantly enhancing the security, safety, and reliability of modern transportation systems. By incorporating specialized cryptographic techniques, secure protocols, and continuous monitoring mechanisms, the proposed approach ensures robust protection against sophisticated cyber threats, thereby safeguarding vehicle operations and user privacy. Full article

Unmanned Aerial Vehicles (UAVs) face collision risks due to Beyond Visual Line of Sight operations. Therefore, UAV Traffic Management (UTM) systems are used to manage and monitor UAV flight paths. However, centralized UTM systems are susceptible to various security attacks and are inefficient in managing flight data from different service providers. It further fails to provide low-latency communication required for UAV real-time operations. Thus, this paper proposes to integrate Drone-to-Drone (D2D) communication protocol into a secure public blockchain-based UTM system to enable direct communication between UAVs for efficient collision avoidance. The D2D protocol is designed using SHA256 hash function and bitwise XOR operations. A proof of concept has been built to verify that the UTM system is secure by enabling authorized service providers to view sensitive flight data only using legitimate secret keys. The security of the protocol has been analyzed and has been proven to be secure from key disclosure, adversary-in-the-middle, replay, and tracking attacks. Its performance has been evaluated and is proven to outperform existing studies by having the lowest computation cost of 0.01 ms and storage costs of 544–800 bits. Full article

Modern networked industrial applications often require low-latency communication. Some applications evolve over time, however, are tied to yet existing infrastructures, like power grids spanning across large areas. For instance, medium voltage direct current (MVDC) grids are evolving to a promising alternative to traditional medium voltage alternating current (MVAC) grids due to their efficiency and suitability for novel use cases like electric mobility. MVDC grids, however, require an active control and fault handling strategy. Some strategies demand for a continuous state exchange of the converter substations via a low-latency communication channel with less than 1 millisecond. While some communication approaches for MVDC grids are described in the literature, none of them is inherently designed to be secure. In this paper, we present a protocol for ultra-low-latency secure state exchange (PULLSE) based on conventional non-deterministic Ethernet and AES-GCM. We chose Ethernet in order to not limit the approaches usability in terms of hardware requirements or communication patterns. PULLSE is designed to prevent traffic eavesdropping, replay, and manipulation attacks. Full article

With the rapid evolution of smart grids, secure and efficient data communication among hierarchical sensor devices has become critical to ensure privacy and system integrity. However, existing protocols often fail to balance security strength and resource constraints of terminal sensors. In this paper, we propose a novel identity-based secure data communication protocol tailored for hierarchical sensor groups in smart grid environments. The protocol integrates symmetric and asymmetric encryption to enable secure and efficient data sharing. To reduce computational overhead, a Bloom filter is employed for lightweight identity encoding, and a cloud-assisted pre-authentication mechanism is introduced to enhance access efficiency. Furthermore, we design a dynamic group key update scheme with minimal operations to maintain forward and backward security in evolving sensor networks. Security analysis proves that the protocol is resistant to replay and impersonation attacks, while experimental results demonstrate significant improvements in computational and communication efficiency compared to state-of-the-art methods—achieving reductions of 73.94% in authentication computation cost, 37.77% in encryption, and 55.75% in decryption, along with a 79.98% decrease in communication overhead during authentication. Full article

With the advancement of modern technologies, the digitization of metering data has significantly improved the efficiency and accuracy of data collection, analysis, and management. However, the growing prevalence of data tampering techniques has raised serious concerns regarding the trustworthiness and integrity of such data. To address this challenge, this study proposes an improved SM2 digital signature algorithm enhanced with high-precision time information to strengthen the reliability of metering data. The proposed algorithm incorporates high-precision timestamps into the signature generation and verification processes, while optimizing the structure of the signature algorithm—particularly the modular inversion operation—to reduce computational costs. Experimental results demonstrate that the improved algorithm not only significantly enhances signature generation efficiency but also improves temporal validity and security by leveraging high-precision time information. It effectively mitigates risks associated with random number dependency and replay attacks, offering a secure and efficient solution for trustworthy metering data verification. Full article