Search Results (82)

Mobile networking in 4G and 5G remains vulnerable against fake base stations. A fake base station can inject and manipulate the radio resource control (RRC) communication protocol to disable the user equipment’s connectivity. To motivate our research, we empirically show that such a fake base station can cause an indefinite hold of the user equipment’s connectivity using our fake base station prototype against an off-the-shelf phone. To defend against such threat, we design and build an anomaly detection system to detect the fake base station threats. It detects any base station’s deviations from the 4G/5G RRC protocol, which supports both the connectivity provision case (all works well and the user receives connectivity) and the connection-release case (cannot provide connectivity at the time and thus releases connections). Our scheme based on unsupervised machine learning dynamically and automatically controls and sets the detection parameters, which vary with mobility and the communication channel, and utilizes greater information to improve its effectiveness. Using software-defined radios and srsRAN, we implement a prototype of our scheme from sensing to data collection to machine-learning-based detection processing. Our empirical evaluations demonstrate the detection effectiveness and adaptability; i.e., our scheme accurately detects fake base stations deviating from the set protocol in mobile scenarios by adapting its model parameters. Our scheme achieves 100% accuracy in static scenarios against the fake base station threats. If the dynamic control is disabled, i.e., not adapting to mobility and different channel environments, the accuracy drops to 65–76%, but our scheme adjusts the model via dynamic training to recover to 100% accuracy. Full article

Programmable Logic Controllers (PLCs), widely used in industrial automation, are often programmed in IEC 61131-3 Structured Text (ST), which is prone to subtle logic vulnerabilities. Traditional tools like static analysis and fuzzing struggle with the complexity and domain-specific semantics of ST. This work explores Large Language Models (LLMs) for PLC vulnerability detection, supported by both theoretical insights and empirical validation. Theoretically, we prove that control flow features carry the most vulnerability-relevant information, establish a feature informativeness hierarchy, and derive sample complexity bounds. We also propose an optimal synthetic data mixing strategy to improve learning with limited supervision. Empirically, we build a dataset combining real-world and synthetic ST code with five vulnerability types. We fine-tune open-source LLMs (CodeLlama, Qwen2.5-Coder, Starcoder2) using LoRA, demonstrating significant gains in binary and multi-class classification. The results confirm our theoretical predictions and highlight the promise of LLMs for PLC security. Our work provides a principled and practical foundation for LLM-based analysis of cyber-physical systems, emphasizing the role of domain knowledge, efficient adaptation, and formal guarantees. Full article

Microgrids are becoming an innovative piece of modern energy systems as they provide locally sourced and resilient energy opportunities and enable efficient energy sourcing. However, microgrid operations can be greatly affected by sudden environmental changes, deviating demand, and unexpected outages. In particular, extreme climatic events expose the vulnerability of microgrid infrastructure and resilience, often leading to increased risk of system-wide outages. Thus, successful microgrid operation relies on timely and accurate outage predictions. This research proposes a data-driven machine learning framework for the optimized operation of a microgrid and predictive outage detection using a Recurrent Neural Network–Long Short-Term Memory (RNN-LSTM) architecture that reflects inherent temporal modeling methods. A time-aware embedding and masking strategy is employed to handle categorical and sparse temporal features, while mutual information-based feature selection ensures only the most relevant and interpretable inputs are retained for prediction. Moreover, the model addresses the challenges of experiencing rapid power fluctuations by looking at long-term learning dependency aspects within historical and real-time data observation streams. Two datasets are utilized: a locally developed real-time dataset collected from a 5 MW microgrid of Maple Cement Factory in Mianwali and a 15-year national power outage dataset obtained from Kaggle. Both datasets went through intensive preprocessing, normalization, and tokenization to transform raw readings into machine-readable sequences. The suggested approach attained an accuracy of 86.52% on the real-time dataset and 84.19% on the Kaggle dataset, outperforming conventional models in detecting sequential outage patterns. It also achieved a precision of 86%, a recall of 86.20%, and an F1-score of 86.12%, surpassing the performance of other models such as CNN, XGBoost, SVM, and various static classifiers. In contrast to these traditional approaches, the RNN-LSTM’s ability to leverage temporal context makes it a more effective and intelligent choice for real-time outage prediction and microgrid optimization. Full article

This study aims to improve the automatic detection of unwanted emails using advanced machine learning and deep learning methods. By reviewing current research over the past five years, a comprehensive combined dataset structure was created containing a total of 81,586 email samples from seven different spam datasets. Class imbalance was addressed through the application of random oversampling and class-weighted loss, and the decision threshold was subsequently tuned for deployment. Among classical machine learning solutions, Random Forest (RF) emerged as the most successful method, while deep learning approaches, such as Transformer-based models like Distilled Bidirectional Encoder Representations from Transformers (DistilBERT) and Robustly Optimized BERT Pretraining Approach (RoBERTa), demonstrated superior performance. The highest test score (99.62%) on a combined static dataset was achieved with a multimodal architecture that combines deep meaningful text representations from DistilBERT with structural text features. Beyond this static performance benchmark, the study investigates the critical challenge of concept drift by performing a temporal analysis on datasets from different eras. The results reveal a significant performance degradation in all models when tested on modern spam, highlighting a critical vulnerability of statically trained systems. Notably, the Transformer-based model demonstrated greater robustness against this temporal decay compared to traditional methods. This study offers not only an effective classification solution but also provides crucial empirical evidence on the necessity of adaptive, continually learning systems for robust spam detection. Full article

The evolution of industrial automation toward Industry 3.0 and 4.0 has driven the emergence of Industrial Edge-Cloud Platforms, which increasingly depend on web interfaces for managing and monitoring critical operational technology. This convergence introduces significant security risks, particularly from Broken Access Control (BAC)—a vulnerability consistently ranked as the top web application risk by the Open Web Application Security Project (OWASP). BAC flaws in industrial contexts can lead not only to data breaches but also to disruptions of physical processes. To address this urgent need for robust web-layer defense, this paper presents VeriFlow, a static verification framework for access control in web applications. VeriFlow reformulates access control verification as a consistency problem between two core artifacts: (1) a Formal Access Control Policy (P), which declaratively defines intended permissions, and (2) a Navigational Graph, which models all user-driven UI state transitions. By annotating the graph with policy P, VeriFlow verifies a novel Path-Permission Safety property, ensuring that no sequence of legitimate UI interactions can lead a user from an authorized state to an unauthorized one. A key technical contribution is a static analysis method capable of extracting navigational graphs directly from the JavaScript bundles of Single-Page Applications (SPAs), circumventing the limitations of traditional dynamic crawlers. In empirical evaluations, VeriFlow outperformed baseline tools in vulnerability detection, demonstrating its potential to deliver strong security guarantees that are provable within its abstracted navigational model. By formally checking policy-graph consistency, it systematically addresses a class of vulnerabilities often missed by dynamic tools, though its effectiveness is subject to the model-reality gap inherent in static analysis. Full article

Objectives: The persistent evolution of software vulnerabilities—spanning novel zero-day exploits to logic-level flaws—continues to challenge conventional cybersecurity mechanisms. Static rule-based scanners and opaque deep learning models often lack the precision and contextual understanding required for both accurate detection and analyst interpretability. This paper presents a hybrid framework for real-time vulnerability detection that improves both robustness and explainability. Methods: The framework integrates semantic encoding via Bidirectional Encoder Representations from Transformers (BERTs), structural analysis using Deep Graph Convolutional Neural Networks (DGCNNs), and lightweight prioritization through Kernel Extreme Learning Machines (KELMs). The architecture incorporates Minimum Intermediate Representation (MIR) learning to reduce false positives and fuses multi-modal data (source code, execution traces, textual metadata) for robust, scalable performance. Explainable Artificial Intelligence (XAI) visualizations—combining SHAP-based attributions and CVSS-aligned pair plots—serve as an analyst-facing interpretability layer. The framework is evaluated on benchmark datasets, including VulnDetect and the NIST Software Reference Library (NSRL, version 2024.12.1, used strictly as a benign baseline for false positive estimation). Results: Our evaluation reports that precision, recall, AUPRC, MCC, and calibration (ECE/Brier score) demonstrated improved robustness and reduced false positives compared to baselines. An internal interpretability validation was conducted to align SHAP/GNNExplainer outputs with known vulnerability features; formal usability testing with practitioners is left as future work. Conclusions: The framework, Designed with DevSecOps integration in mind, the system is packaged in containerized modules (Docker/Kubernetes) and outputs SIEM-compatible alerts, enabling potential compatibility with Splunk, GitLab CI/CD, and similar tools. While full enterprise deployment was not performed, these deployment-oriented design choices support scalability and practical adoption. Full article

PHP is the most widely used server-side programming language, but it remains highly susceptible to diverse classes of vulnerabilities. Static Application Security Testing (SAST) tools are commonly adopted for vulnerability detection; however, their evaluation lacks systematic criteria capable of quantifying information loss and uncertainty in analysis. Existing approaches, often based on small real-world case sets or heuristic sampling, fail to control experimental entropy within test cases. This uncontrolled variability makes it difficult to measure the information gain provided by different tools and to accurately differentiate their performance under varying levels of structural and semantic complexity. In this paper, we have developed a systematic evaluation framework for PHP SAST tools, designed to provide accurate and comprehensive assessments of their vulnerability detection capabilities. The framework explicitly isolates key factors influencing data flow analysis, enabling evaluation over four progressive dimensions with controlled information diversity. Using a benchmark instance, we validate the framework’s feasibility and show how it reduces evaluation entropy, enabling the more reliable measurement of detection capabilities. Our results highlight the framework’s ability to reveal the limitations in current SAST tools, offering actionable insights for their future improvement. Full article

Historic masonry churches are highly vulnerable to structural degradation and seismic hazards due to their geometric complexity, material ageing, and lack of detailed construction records. The Church of Santos Juanes in Valencia, a monument of exceptional historical and architectural value, presents these challenges, intensified by centuries of transformations and partial loss of documentation. In this study, we develop a comprehensive methodology that integrates historical research, non-destructive testing (3D laser scanning with Leica Geosystems Cyclone v9.1.1; infrared thermography, commercial software; ground-penetrating radar with gprMax 2016 and GPR-SLICE v7.MT), and advanced finite element modelling (Angle v1). The integrated survey data enabled the creation of an accurate 3D geometric model, the detection of hidden construction elements, and the characterisation of subsoil stratigraphy. Structural simulations under static and seismic loading—considering soil–structure interaction—revealed the high global stiffness of the complex, the influence of the Baroque vault on load distribution, and localised vulnerabilities, particularly in the San Juan ‘O’ façade, which coincide with existing cracks confirmed by thermography. This methodological framework not only advances the diagnosis and conservation of Santos Juanes but also provides a replicable model for assessing and safeguarding other heritage buildings with similar typological and structural challenges. Full article

A major challenge in the operation of aerostructures made of carbon fiber-reinforced polymer (CFRP) composites is their vulnerability to impact-induced damage, particularly when access is limited to only one side of the affected structure. This issue becomes even more complex considering that damage typically occurs in components subjected to initial static preloading. The objective of this study was to investigate the influence of static preload on the extent of damage in CFRP composites subjected to impact energy and to evaluate the effectiveness of selected non-destructive testing (NDT) methods in damage detection. Experimental investigations were conducted on a series of CFRP specimens impacted using a drop-weight tower. Each impact event was recorded with a high-speed camera operating at ultra-high frame rates. It was demonstrated that both the contact time between the impactor and the specimen, as well as the extent of internal damage assessed using ultrasonic testing (UT) and computed tomography (CT), were significantly affected by the level of applied static preload. Full article

Smart contracts have become integral to decentralized applications, yet their programmability introduces critical security risks, exemplified by high-profile exploits such as the DAO and Parity Wallet incidents. Existing vulnerability detection methods, including static and dynamic analysis, as well as machine learning-based approaches, often struggle with emerging threats and rely heavily on large, labeled datasets. This study investigates the effectiveness of open-source, lightweight large language models (LLMs) fine-tuned using parameter-efficient techniques, including Quantized Low-Rank Adaptation (QLoRA), for smart contract vulnerability detection. We introduce the EVuLLM dataset to address the scarcity of diverse evaluation resources and demonstrate that our fine-tuned models achieve up to 94.78% accuracy, surpassing the performance of larger proprietary models, while significantly reducing computational requirements. Moreover, we emphasize the advantages of lightweight models deployable on local hardware, such as enhanced data privacy, reduced reliance on internet connectivity, lower infrastructure costs, and improved control over model behavior, factors that are especially critical in security-sensitive blockchain applications. We also explore Retrieval-Augmented Generation (RAG) as a complementary strategy, achieving competitive results with minimal training. Our findings highlight the practicality of using locally hosted LLMs for secure, efficient, and reproducible smart contract analysis, paving the way for broader adoption of AI-driven security in blockchain ecosystems. Full article

In the modern era, the use of blockchain technology has been growing rapidly, where Ethereum smart contracts play an important role in securing decentralized application systems. However, these smart contracts are also susceptible to a large number of vulnerabilities, which pose significant threats to intelligent systems and IoT applications, leading to data breaches and financial losses. Traditional detection techniques, such as manual analysis and static automated tools, suffer from high false positives and undetected security vulnerabilities. To address these problems, this paper proposes an Artificial Intelligence (AI)-based security framework that integrates Generative Adversarial Network (GAN)-based feature selection and deep learning techniques to classify and detect malware attacks on smart contract execution in the blockchain decentralized network. After an exhaustive pre-processing phase yielding a dataset of 40,000 malware and benign samples, the proposed model is evaluated and compared with related studies on the basis of a number of performance metrics including training accuracy, training loss, and classification metrics (accuracy, precision, recall, and F1-score). Our combined approach achieved a remarkable accuracy of 97.6%, demonstrating its effectiveness in detecting malware and protecting blockchain systems. Full article

Compiler optimization is a critical component for improving program performance. However, the Rustc optimization process may introduce vulnerabilities due to algorithmic flaws or issues arising from component interactions. Existing testing methods face several challenges, including high randomness in test cases, inadequate targeting of vulnerability-prone regions, and low-quality initial fuzzing seeds. This paper proposes a test case generation method based on large language models (LLMs), which utilizes prompt templates and optimization algorithms to generate a code relevant to specific optimization passes, especially for real-time control logic and safety-critical modules unique to the industrial control field. A vulnerability screening approach based on static analysis and rule matching is designed to locate potential risk points in the optimization regions of both the MIR and LLVM IR layers, as well as in unsafe code sections. Furthermore, the targeted fuzzing strategy is enhanced by designing seed queues and selection algorithms that consider the correlation between optimization areas. The implemented system, RustOptFuzz, has been evaluated on both custom datasets and real-world programs. Compared with state-of-the-art tools, RustOptFuzz improves vulnerability discovery capabilities by 16%–50% and significantly reduces vulnerability reproduction time, thereby enhancing the overall efficiency of detecting optimization-related vulnerabilities in Rustc, providing key technical support for the reliability of industrial control systems. Full article

With the widespread application of the Go language, the demand for vulnerability detection in Go programs is increasing. Existing detection models and methods have deficiencies in extracting source code features of Go programs and mainly focus on detecting concurrency vulnerabilities. In response to these issues, we propose a Go program vulnerability detection method based on a graph neural network (GNN). The core of this approach is to utilize GraphSAGE to extract the global structure and deep semantic information of each concurrent function, maximizing the learning of concurrency vulnerability features. To capture contextual information of fine-grained code fragments in source code, we employ taint analysis to extract taint propagation chains and use a Transformer model with a multi-head attention mechanism, based on lexical analysis, to extract fine-grained vulnerability features. We integrate graph-level and token-level features to maximize the detection of various complex types of vulnerabilities in Go source code. Experimental results on a real-world vulnerability dataset demonstrate that our model outperforms existing detection methods and tools, achieving an F1-score of 91.35%. Furthermore, ablation experiments confirm that the proposed feature fusion method effectively extracts deep vulnerability features. Full article

Smart contracts are self-executing programs that facilitate trustless transactions between multiple parties, most commonly deployed on the Ethereum blockchain. They have become integral to decentralized applications in areas such as voting, digital agreements, and financial systems. However, the immutable and transparent nature of smart contracts makes security vulnerabilities especially critical, as deployed contracts cannot be modified. Security flaws have led to substantial financial losses, underscoring the need for robust verification before deployment. This survey presents a comprehensive review of the state of the art in smart contract security verification, with a focus on Ethereum. We analyze a wide range of verification methods, including static and dynamic analysis, formal verification, and machine learning, and evaluate 62 open-source tools across their detection accuracy, efficiency, and usability. In addition, we highlight emerging trends, challenges, and the need for cross-methodological integration and benchmarking. Our findings aim to guide researchers, developers, and security auditors in selecting and advancing effective verification approaches for building secure and reliable smart contracts. Full article

Significant vulnerabilities in traditional authentication systems have been demonstrated due to the high dependence on smartphone hardware devices to execute many different and complicated tasks. PINs, passwords, and static biometric techniques have been shown to be subjected to various serious attacks, such as environmental limitations, spoofing, and brute force attacks, and this in turn mitigates the security level of the entire system. In this study, a robust framework for smartphone authentication is presented. Touch dynamic pattern recognitions, including trajectory curvature, touch pressure, acceleration, two-dimensional spatial coordinates, and velocity, have been extracted and assessed as behavioral biometric features. The TOPSIS (Technique for Order of Preference by Similarity to Ideal Solution) methodology has also been incorporated to obtain the most affected and valuable features, which are then fed as input to three different Machine Learning (ML) algorithms: Random Forest (RF), Gradient Boosting Machines (GBM), and K-Nearest Neighbors (KNN). Our analysis, supported by experimental results, ensure that the RF model outperforms the two other ML algorithms by getting F1-Score, accuracy, recall, and precision of 95.1%, 95.2%, 95.5%, and 94.8%, respectively. In order to further increase the resiliency of the proposed technique, the data perturbation approach, including temporal scaling and noise insertion, has been augmented. Also, the proposal has been shown to be resilient against both environmental variation-based attacks by achieving accuracy above 93% and spoofing attacks by obtaining a detection rate of 96%. This emphasizes that the proposed technique provides a promising solution to many authentication issues and offers a user-friendly and scalable method to improve the security of the smartphone against cybersecurity attacks. Full article