Search Results (64)

Machine learning-based Network Intrusion Detection Systems (NIDSs) typically optimize uniform metrics such as accuracy and F1-score, overlooking the asymmetric cost structure of real-world security operations, where a missed attack (False Negative (FN)) far outweighs a false alarm (False Positive (FP)). We propose a cost-sensitive threshold optimization framework based on XGBoost, using a 10:1 FN-to-FP cost ratio derived from established cost models. We first demonstrate that the default threshold of 0.5 is suboptimal and that a globally optimized threshold of 0.08 substantially reduces total cost. However, a single global threshold cannot accommodate the heterogeneous detection characteristics of diverse attack types. We therefore introduce Per-Class Thresholding, which assigns independently optimized thresholds to each attack class. Evaluated on CIC-IDS2018 and UNSW-NB15 across five independent random seeds, our method achieves a 28.19% cost reduction over the Random Forest baseline on CIC-IDS2018, demonstrating that attack classes undetectable under the global threshold—including DDoS attack-LOIC-UDP (100%), DoS attacks-SlowHTTPTest (99.79%), and FTP-BruteForce (98.16%)—can achieve near-complete cost elimination through individual per-class threshold search. Cross-dataset validation on UNSW-NB15 further confirms that per-class thresholding consistently improves class-level detection, with cost reductions of 74.10% for Reconnaissance, 69.06% for Backdoor, and 54.42% for Analysis attacks. These results confirm that class-specific threshold calibration is essential for cost-effective intrusion detection. Full article

Detecting denial of service traffic remains challenging when malicious sessions exhibit flow characteristics that closely resemble benign network behavior, particularly in low-rate attack settings. This study examines whether autoencoder-based feature compression can improve flow-based intrusion detection while maintaining a deployment-oriented design. We develop a lightweight pipeline that learns a low-dimensional latent representation of tabular flow features using an autoencoder and performs classification using Random Forest, LightGBM, and a radial basis function neural network. Using the CICIDS 2017 dataset, the best performing configurations achieve 99.43 percent accuracy with autoencoder plus Random Forest and 99.39 percent with autoencoder plus LightGBM, while autoencoder plus radial basis function neural network achieves 98.27 percent, with consistently strong precision, recall, and F1-score. The findings support practice by showing that high detection performance can be achieved using compact learned features that reduce input complexity for downstream models, which is beneficial for operational monitoring environments. The study advances knowledge by providing a reproducible evaluation of representation learning as a feature compression step for tabular intrusion detection, and by linking model performance to measurable computational considerations relevant to real-world deployment. Full article

PET biodegradation remains limited due to its intrinsic properties—high crystallinity, hydrophobicity, and strong chemical stability. These characteristics lead to extremely slow degradation rates and contribute to PET’s persistence in the environment. Understanding how microorganisms respond at the molecular level when exposed to such a recalcitrant polymer is therefore essential. Living organisms express genes in response to their needs during development. When microbes are under critical conditions, such as when contaminants are present, they express genes encoding specific enzymes that attack the pollutant. In this study, a fungus isolated from the infected fruit of the plant Randia monantha was identified as Aspergillus terreus. It was tested for polyethylene terephthalate (PET) degradation, and the fungus Aspergillus nidulans was evaluated due to its previously reported recombinant cutinases for PET degradation. A microplastic polyethylene terephthalate (PET-MP) particle size of <355 μm for degradation was established, and a PET weight loss of 1.62% for A. nidulans and 1.01% for A. terreus was found. Additionally, the degradation of PET was confirmed by FTIR and SEM. This study also compares the transcriptomic profiles of Aspergillus nidulans and Aspergillus terreus during cultivation with PET-MP residues, which serve as a replacement for the carbon source. We present the first evidence of chitinase overexpression during direct exposure of PET to Aspergillus fungi. Interestingly, chitinase expression was detected in the crude extracts of A. nidulans and A. terreus during culture in the presence of PET residues, which replaced the carbon source. The chitinase produced by each fungus has a similar molecular weight of approximately 44 kDa. Chitinase activity was monitored over a 14-day cultivation period; from day 2, chitinase activity was detected in both cultures and continued to increase until day 14, when the highest values reported in this work were 24.88 ± 4.17 U mg⁻¹ and 10.41 ± 0.47 U mg⁻¹ for A. nidulans and A. terreus, respectively. Finally, we proposed a pathway for PET degradation by Aspergillus fungi that involves mycelial adherence and the secretion of hydrophobins, followed by the production of intermediates and monomers via esterase hydrolysis, and ultimately, the entry of monomers to the ethylene glycol (EG) and terephthalic acid (TPA) pathways, further suggesting these Aspergillus as candidates to produce valuable compounds under these conditions, such as muconic acid, gallic acid, and vanillic acid. Full article

The traditional mantis search algorithm (MSA) suffers from limitations such as slow convergence and a high likelihood of converging to local optima in complex optimization scenarios. This paper proposes an improved mantis search algorithm (IMSA) to overcome these issues. An adaptive probability conversion factor is designed, which adaptively controls the proportion of individuals entering the search phase and the attack phase so that the algorithm can smoothly transition from large-scale global exploration to local fine search. In the search phase, a probability update strategy based on both subspace and full space is designed, significantly improving the adaptability of the algorithm to complex problems by dynamically adjusting the search range. The elite population screening mechanism, based on Euclidean distance and fitness double criteria, is introduced to provide dual guidance for the evolution direction of the algorithm. In the attack stage, the base vector adaptive probability selection mechanism is designed, and the algorithm’s pertinence in different optimization stages is enhanced by dynamically adjusting the base vector selection strategy. Finally, in the stage of sexual cannibalism, the directed random disturbance update method of inferior individuals is adopted, and the population is directly introduced through the non-greedy replacement strategy, which effectively overcomes the loss of population diversity. The experimental results of 29 test functions on the CEC2017 test set demonstrate that the IMSA exhibits significant advantages in convergence speed, calculation accuracy, and stability compared to the original MSA and the five best meta-heuristic algorithms. Full article

Sulfate corrosion is a significant durability issue for concrete used in sewage and hydraulic infrastructure. In sulfate-rich environments, the formation of expansive products (e.g., ettringite and thaumasite) leads to a progressive loss of performance. Unlike conventional protection methods, which rely on surface-applied coatings or impregnation, this study examines the use of water-dilutable epoxy resins as an internal, volume-wide admixture dispersed throughout the concrete matrix to provide whole-body protection. The experimental program evaluated the mechanical performance, microstructure, and sulfate ion ingress/penetration dynamics of resin-modified concretes. The results suggest that using the appropriate amount of resin can limit the penetration of aggressive ions and slow the harmful changes associated with sulfate attack while maintaining the material’s overall performance. Overall, these findings suggest that water-based epoxy admixtures are a promising strategy for improving the durability of concrete in sulfate-exposed environments. They also provide guidance for designing more resistant cementitious materials for modern infrastructure applications. Full article

The article presents a method for detecting low-intensity DDoS attacks, focused on identifying difficult-to-detect “low-and-slow” scenarios that remain undetectable by traditional defence systems. The key feature of the developed method is the statistical criteria’s (χ² and T statistics, energy ratio, reconstruction errors) integration with a combined neural network architecture, including convolutional and transformer blocks coupled with an autoencoder and a calibrated regressor. The developed neural network architecture combines mathematical validity and high sensitivity to weak anomalies with the ability to generate interpretable artefacts that are suitable for subsequent forensic analysis. The developed method implements a multi-layered process, according to which the first level statistically evaluates the flow intensity and interpacket intervals, and the second level processes features using a neural network module, generating an integral blend-score S metric. ROC-AUC and PR-AUC metrics, learning curve analysis, and the estimate of the calibration error (ECE) were used for validation. Experimental results demonstrated the superiority of the proposed method over existing approaches, as the achieved values of ROC-AUC and PR-AUC were 0.80 and 0.866, respectively, with an ECE level of 0.04, indicating a high accuracy of attack detection. The study’s contribution lies in a method combining statistical and neural network analysis development, as well as in ensuring the evidentiary value of the results through the generation of structured incident reports (PCAP slices, time windows, cryptographic hashes). The obtained results expand the toolkit for cyber-attack analysis and open up prospects for the methods’ practical application in monitoring systems and law enforcement agencies. Full article

Amyotrophic lateral sclerosis (ALS) or Lou Gehrig’s disease is a progressive neurodegenerative disease that attacks and kills motor neurons in the brain and spinal cord, leading to muscle weakness and atrophy, eventually causing respiratory failure and death within 2–5 years after diagnosis. By 2040, the global population of individuals living with ALS is projected to approach 400,000. Since ALS was discovered by Charcot 150 years ago, only two drugs (Edaravone and Riluzole) have been available, offering modest clinical benefits in slowing disease progression. The increasing number of cases, along with the high costs of treatment and care, creates a growing burden on communities and the healthcare system. However, despite this rising burden and the failure of most clinical trials, the ALS community remains hopeful because of the patients themselves. ALS patients are the beating heart of the ALS community. They engage in efforts to improve lives for others, raising awareness through their real-life experiences, participating in research activities, fundraising, providing samples for research, and advocating strongly in front of communities and governments to raise funds. Their engagement is highly valuable, and collaboration with the research community is essential to understanding the disease process and developing effective disease-modifying therapies. Here, we share the story of Mrs. Sherry Wityshyn, an ALS patient and a true ALS warrior from Winnipeg, Manitoba, Canada. We believe her story will inspire and motivate the entire community to learn more about ALS. Furthermore, her story gives hope to everyone impacted. In this manuscript, we also emphasize the different stages of Sherry’s journey from weakness to diagnosis and our efforts to share her enduring words with policymakers in the government. Full article

In this study, insoluble CaSO₃ was applied to replace soluble sulfite/bisulfite salt in the Fe(II)-activated sulfite/bisulfite [S(IV)] process for the efficient 2,4,6-tribromophenol (TBP) degradation. CaSO₃ serves as a low-cost and slow-release source of S(IV), significantly improving S(IV) utilization compared to conventional soluble Na₂SO₃. The Fe(II)/CaSO₃ system generated SO₄^•− and HO^• through Fe(II)/Fe(III) redox cycling. Mechanistic studies confirmed SO₄^•− as the dominant reactive species, selectively attacking C-Br bonds and hydroxyl groups in TBP. Process optimization revealed effective performance under acidic conditions (pH 3.5–4.0) with minimal inhibition by common anions (Cl⁻, HCO₃⁻). The reactive sites of TBP were identified through Fukui function calculations, and the degradation pathway was elucidated based on LC-MS analysis. Toxicity evaluation indicated reduced ecological risk of degradation intermediates due to debromination and benzene ring cleavage. This work provides a sustainable strategy for efficient TBP removal and detoxification in wastewater treatment with benefiting S(IV) utilization. Full article

The increasing deployment of internet of things(IoT) systems across critical domains has broadened the threat landscape, and being the catalyst for a variety of security concerns, including very stealthy slow denial of service (slow DoS) attacks. These exploit the hypertext transfer protocol’s (HTTP) application-layer protocol to either close down service requests or degrade responsiveness while closely mimicking legitimate traffic. Current available datasets fail to capture the more stealthy operational profiles of slow DoS attacks or account for the presence of genuine slow nodes (SN), which are devices experiencing high latency. These can significantly degrade detection accuracy since slow DoS attacks closely emulate SN. This paper addresses these problems by synthesising a realistic HTTP slow DoS dataset derived from a live IoT network, that incorporates both stealth-tuned slow DoS traffic and legitimate SN traffic, with the three main slow DoS variants of slow GET, slow Read, and slow POST being critically evaluated under these network conditions. A limited packet capture (LPC) strategy is adopted which focuses on just two metadata attributes, namely packet length ($lp$) and packet inter-arrival time ($\mathrm{\Delta }t$). Using a resource lightweight decision tree classifier, the proposed model achieves over 96% accuracy while incurring minimal computational overheads. Experimental results in a live IoT network reveal the negative classification impact of including SN traffic, thereby underscoring the importance of modelling stealthy attacks and SN latency in any slow DoS detection framework. Finally, a MPerf (Modelling Performance) is presented which quantifies and balances detection accuracy against processing costs to facilitate scalable deployment of low-cost detection models in resource-constrained IoT networks. This represents a practical solution to improving IoT resilience against stealthy slow DoS attacks whilst pragmatically balancing the resource-constraints of IoT nodes. By analysing the impact of SN on detection performance, a robust reliable model has been developed which can both measure and fine tune the accuracy-efficiency nexus. Full article

Background/Objectives: Patients with erythropoietic protoporphyria (EPP) have a decreased activity of the ferrochelatase enzyme which converts protoporphyrin IX (PpIX) into heme, causing PpIX to accumulate in erythrocytes. The ensuing release of PpIX to the skin when exposed to visible light causes a phototoxic reaction with severe pain, erythema, and edema. Erythrocyte PpIX levels in adult EPP patients are rather stable and largely unaffected by pharmaceutical treatments. It is important to be aware of drugs causing an increase in PpIX as this may increase the risk of liver toxicity. Method: The patient had blood samples taken regularly for analyses of PpIX, znPpIX, ALT, ALP, iron, leucocytes, C-reactive protein, and hemoglobin before, during, and after treatment with teriflunomide. Additionally, we tested if teriflunomide increased PpIX in vitro. Results: A female EPP patient was treated for 7 years with teriflunomide for multiple sclerosis attacks. During treatment, her natural PpIX level increased from about 30 µmol/L to about 200 µmol/L, without significant simultaneous changes in hemoglobin, iron levels, alanine transaminase (ALT), or alkaline phosphatase (ALP). The patient experienced no increase in photosensitivity. In vitro addition of teriflunomide did not affect PpIX levels. Discussion: In patients with lead intoxication, the release of PpIX from erythrocytes is very slow. The increase in PpIX during treatment with teriflunomide compared to periods with no medication could be caused by a similar slow PpIX release from the erythrocytes. This theory is supported by the patient’s unchanged light sensitivity and stable levels of hemoglobin, iron, and liver enzymes. Full article

To address the limitations of the Red-billed Blue Magpie Optimization algorithm (RBMO), such as its tendency to get trapped in local optima and its slow convergence rate, an enhanced version called MRBMO was proposed. MRBMO was improved by integrating Good Nodes Set Initialization, an Enhanced Search-for-food Strategy, a newly designed Siege-style Attacking-prey Strategy, and Lens-Imaging Opposition-Based Learning (LIOBL). The experimental results showed that MRBMO demonstrated strong competitiveness on the CEC2005 benchmark. Among a series of advanced metaheuristic algorithms, MRBMO exhibited significant advantages in terms of convergence speed and solution accuracy. On benchmark functions with 30, 50, and 100 dimensions, the average Friedman values of MRBMO were 1.6029, 1.6601, and 1.8775, respectively, significantly outperforming other algorithms. The overall effectiveness of MRBMO on benchmark functions with 30, 50, and 100 dimensions was 95.65%, which confirmed the effectiveness of MRBMO in handling problems of different dimensions. This paper designed two types of simulation experiments to test the practicability of MRBMO. First, MRBMO was used along with other heuristic algorithms to solve four engineering design optimization problems, aiming to verify the applicability of MRBMO in engineering design optimization. Then, to overcome the shortcomings of metaheuristic algorithms in antenna S-parameter optimization problems—such as time-consuming verification processes, cumbersome operations, and complex modes—this paper adopted a test suite specifically designed for antenna S-parameter optimization, with the goal of efficiently validating the effectiveness of metaheuristic algorithms in this domain. The results demonstrated that MRBMO had significant advantages in both engineering design optimization and antenna S-parameter optimization. Full article

In the context of globalization and the Belt and Road Initiative, maintaining the stability and security of the China Railway Express network (CRN) is critical for international logistics operations. However, unexpected events can lead to node and edge failures within the CRN, potentially triggering cascading failures that critically compromise network performance. This study introduces a Coupled Map Lattice model that incorporates cargo flow dynamics, distributing cargo based on distance and the residual capacity of neighboring nodes. We analyze cascading failures in the CRN under three scenarios, isolated node failure, isolated edge disruption, and simultaneous node and edge failure, to assess the network’s vulnerability during emergencies. Our findings show that deliberate attacks targeting cities with high node strength result in more significant damage than attacks on cities with a high node degree or betweenness. Additionally, when edges are disrupted by unexpected events, the impact of edge removals on cascading failures depends on their strategic position and connections within the network, not just their betweenness and weight. The study further reveals that removing collinear edges can effectively slow the propagation of cascading failures in response to deliberate attacks. Furthermore, a single-factor cargo flow allocation method significantly enhances the network’s resilience against edge failures compared to node failures. These insights provide practical guidance and strategic support for the CR Express in mitigating the effects of both unforeseen events and intentional attacks. Full article

When scholars view characters in King Lear through a Machiavellian lens, they read Edmund, Goneril, and Regan as stock Machiavels. In contrast, they often perceive Cordelia, Kent, and Edgar as selfless, apolitical characters. This essay argues that the latter characters are more complicated and politically adroit than they are often judged to be. They are Machiavellian as well, but Shakespeare conceives them within a more appreciative view of the concept of realpolitik. This essay explains the characters’ strategies by relating them to Machiavelli’s tenets of achieving and maintaining political power. The central quandary of the play is the lack of a male heir to the throne. Cordelia attempts to solve the problem by marrying the King of France for political reasons. She has an alliance with Kent, who helps her to justify her invasion of her homeland with French forces. Once the plans for a surprise attack go awry, Cordelia does not follow Machiavellian strategies and is consequently killed. Ironically, Edgar is as ambitious as Edmund, whom he lets plot against his father and bring about Gloucester’s slow decline so as to inherit his father’s fortune while Edmund incurs the blame for his father’s demise. Like Kent, he enlists a disguise for self-advancement. The most adroit Machiavellian characters—Edgar, Kent, and the King of France—all survive through chicanery and cunning. Shakespeare illustrates that secular methods of governorship defeat the old world of divine politics. Full article

The ongoing adoption of Robot Operating Systems (ROSs) not only for research-oriented projects but also for industrial applications demands a more thorough assessment of its security than in the past. This paper highlights that a key ROS component—the ROS Master—is indeed vulnerable to a novel kind of Slow Denial of Service (slow DoS) attack, the root reason of this vulnerability being an extremely high idle connection timeout. The effects of vulnerability exploitation have been evaluated in detail by means of a realistic test bed, showing how it leads to a systemwide and potentially dangerous disruption of ROS system operations. Moreover, it has been shown how some basic forms of built-in protection of the Linux kernel can be easily circumvented, and are therefore ineffective against this kind of threat. Full article

Intrusion detection is a critical component of cybersecurity, enabling timely identification and mitigation of network threats. This study proposes a novel two-stage intrusion detection framework using the CSE-CIC-IDS2018 dataset, a comprehensive and realistic benchmark for network traffic analysis. The research explores two distinct approaches: the stacked autoencoder (SAE) approach and the Apache Spark-based (ASpark) approach. Each of these approaches employs a unique feature representation technique. The SAE approach leverages an autoencoder to learn non-linear, data-driven feature representations. In contrast, the ASpark approach uses principal component analysis (PCA) to reduce dimensionality and retain 95% of the data variance. In both approaches, a binary classifier first identifies benign and attack traffic, generating probability scores that are subsequently used as features alongside the reduced feature set to train a multi-class classifier for predicting specific attack types. The results demonstrate that the SAE approach achieves superior accuracy and robustness, particularly for complex attack types such as DoS attacks, including SlowHTTPTest, FTP-BruteForce, and Infilteration. The SAE approach consistently outperforms ASpark in terms of precision, recall, and F1-scores, highlighting its ability to handle overlapping feature spaces effectively. However, the ASpark approach excels in computational efficiency, completing classification tasks significantly faster than SAE, making it suitable for real-time or large-scale applications. Both methods show strong performance for distinct and well-separated attack types, such as DDOS attack-HOIC and SSH-Bruteforce. This research contributes to the field by introducing a balanced and effective two-stage framework, leveraging modern machine learning models and addressing class imbalance through a hybrid resampling strategy. The findings emphasize the complementary nature of the two approaches, suggesting that a combined model could achieve a balance between accuracy and computational efficiency. This work provides valuable insights for designing scalable, high-performance intrusion detection systems in modern network environments. Full article