Internet of Things and Cyber-Physical Systems最新文献

英文中文

Generative AI in cybersecurity: A comprehensive review of LLM applications and vulnerabilities 网络安全中的生成人工智能：法学硕士应用程序和漏洞的全面审查

Internet of Things and Cyber-Physical Systems

Pub Date : 2025-01-01 DOI: 10.1016/j.iotcps.2025.01.001

Mohamed Amine Ferrag , Fatima Alwahedi , Ammar Battah , Bilel Cherif , Abdechakour Mechri , Norbert Tihanyi , Tamas Bisztray , Merouane Debbah

This paper provides a comprehensive review of the future of cybersecurity through Generative AI and Large Language Models (LLMs). We explore LLM applications across various domains, including hardware design security, intrusion detection, software engineering, design verification, cyber threat intelligence, malware detection, and phishing detection. We present an overview of LLM evolution and its current state, focusing on advancements in models such as GPT-4, GPT-3.5, Mixtral-8x7B, BERT, Falcon2, and LLaMA. Our analysis extends to LLM vulnerabilities, such as prompt injection, insecure output handling, data poisoning, DDoS attacks, and adversarial instructions. We delve into mitigation strategies to protect these models, providing a comprehensive look at potential attack scenarios and prevention techniques. Furthermore, we evaluate the performance of 42 LLM models in cybersecurity knowledge and hardware security, highlighting their strengths and weaknesses. We thoroughly evaluate cybersecurity datasets for LLM training and testing, covering the lifecycle from data creation to usage and identifying gaps for future research. In addition, we review new strategies for leveraging LLMs, including techniques like Half-Quadratic Quantization (HQQ), Reinforcement Learning with Human Feedback (RLHF), Direct Preference Optimization (DPO), Quantized Low-Rank Adapters (QLoRA), and Retrieval-Augmented Generation (RAG). These insights aim to enhance real-time cybersecurity defenses and improve the sophistication of LLM applications in threat detection and response. Our paper provides a foundational understanding and strategic direction for integrating LLMs into future cybersecurity frameworks, emphasizing innovation and robust model deployment to safeguard against evolving cyber threats.

本文通过生成式人工智能和大型语言模型（llm）对网络安全的未来进行了全面的回顾。我们探索法学硕士在各个领域的应用，包括硬件设计安全、入侵检测、软件工程、设计验证、网络威胁情报、恶意软件检测和网络钓鱼检测。我们概述了LLM的发展及其当前状态，重点介绍了GPT-4、GPT-3.5、Mixtral-8x7B、BERT、Falcon2和LLaMA等模型的进展。我们的分析扩展到LLM漏洞，例如提示注入、不安全的输出处理、数据中毒、DDoS攻击和对抗性指令。我们深入研究了保护这些模型的缓解策略，全面介绍了潜在的攻击场景和预防技术。此外，我们评估了42个LLM模型在网络安全知识和硬件安全方面的性能，突出了它们的优缺点。我们全面评估了LLM培训和测试的网络安全数据集，涵盖了从数据创建到使用的生命周期，并确定了未来研究的差距。此外，我们回顾了利用llm的新策略，包括半二次量化（HQQ）、人类反馈强化学习（RLHF）、直接偏好优化（DPO）、量化低秩适配器（QLoRA）和检索增强生成（RAG）等技术。这些见解旨在增强实时网络安全防御，提高LLM应用程序在威胁检测和响应方面的复杂性。我们的论文为将法学硕士整合到未来的网络安全框架中提供了基本的理解和战略方向，强调了创新和强大的模型部署，以抵御不断变化的网络威胁。

{"title":"Generative AI in cybersecurity: A comprehensive review of LLM applications and vulnerabilities","authors":"Mohamed Amine Ferrag , Fatima Alwahedi , Ammar Battah , Bilel Cherif , Abdechakour Mechri , Norbert Tihanyi , Tamas Bisztray , Merouane Debbah","doi":"10.1016/j.iotcps.2025.01.001","DOIUrl":"10.1016/j.iotcps.2025.01.001","url":null,"abstract":"<div><div>This paper provides a comprehensive review of the future of cybersecurity through Generative AI and Large Language Models (LLMs). We explore LLM applications across various domains, including hardware design security, intrusion detection, software engineering, design verification, cyber threat intelligence, malware detection, and phishing detection. We present an overview of LLM evolution and its current state, focusing on advancements in models such as GPT-4, GPT-3.5, Mixtral-8x7B, BERT, Falcon2, and LLaMA. Our analysis extends to LLM vulnerabilities, such as prompt injection, insecure output handling, data poisoning, DDoS attacks, and adversarial instructions. We delve into mitigation strategies to protect these models, providing a comprehensive look at potential attack scenarios and prevention techniques. Furthermore, we evaluate the performance of 42 LLM models in cybersecurity knowledge and hardware security, highlighting their strengths and weaknesses. We thoroughly evaluate cybersecurity datasets for LLM training and testing, covering the lifecycle from data creation to usage and identifying gaps for future research. In addition, we review new strategies for leveraging LLMs, including techniques like Half-Quadratic Quantization (HQQ), Reinforcement Learning with Human Feedback (RLHF), Direct Preference Optimization (DPO), Quantized Low-Rank Adapters (QLoRA), and Retrieval-Augmented Generation (RAG). These insights aim to enhance real-time cybersecurity defenses and improve the sophistication of LLM applications in threat detection and response. Our paper provides a foundational understanding and strategic direction for integrating LLMs into future cybersecurity frameworks, emphasizing innovation and robust model deployment to safeguard against evolving cyber threats.</div></div>","PeriodicalId":100724,"journal":{"name":"Internet of Things and Cyber-Physical Systems","volume":"5 ","pages":"Pages 1-46"},"PeriodicalIF":0.0,"publicationDate":"2025-01-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"143947102","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

引用次数: 0

LoRa for multihop communication in internet of underground things under fading environments 衰落环境下地下物联网多跳通信LoRa

Internet of Things and Cyber-Physical Systems

Pub Date : 2025-01-01 DOI: 10.1016/j.iotcps.2025.05.001

Irfana Ilyas Jameela Manzil , Ruhul Amin Khalil , Nasir Saeed

This paper investigates the suitability of LoRa wireless technology for reliable underground-to-aboveground communication in the context of sustainable agricultural monitoring. We comprehensively analyze LoRa's performance in single-hop and multi-hop scenarios, considering complex environmental conditions and path loss. Mathematical expressions for the bit error rate (BER) are derived under both additive white Gaussian noise (AWGN) and Rayleigh fading, including multi-hop networks with decode-and-forward relays. Simulations under realistic Rayleigh fading scenarios validate our theoretical models. Our findings demonstrate that multi-hop LoRa networks significantly outperform single-hop systems in challenging underground environments, underscoring LoRa's potential for enhancing sustainability in various subterranean Internet of Underground Things (IoUT) agricultural applications.

本文研究了LoRa无线技术在可持续农业监测背景下的地对地可靠通信的适用性。考虑到复杂的环境条件和路径损失，综合分析了LoRa在单跳和多跳场景下的性能。推导了加性高斯白噪声（AWGN）和瑞利衰落下的误码率（BER）的数学表达式，包括带有译码转发中继的多跳网络。在实际瑞利衰落场景下的仿真验证了我们的理论模型。我们的研究结果表明，在具有挑战性的地下环境中，多跳LoRa网络明显优于单跳系统，强调了LoRa在各种地下物联网（IoUT）农业应用中提高可持续性的潜力。

引用次数: 0

Advanced Machine Learning in Smart Grids: An overview 智能电网中的高级机器学习：概述

Internet of Things and Cyber-Physical Systems

Pub Date : 2025-01-01 DOI: 10.1016/j.iotcps.2025.05.002

Hassan N. Noura , Jean Paul A. Yaacoub , Ola Salman , Ali Chehab

Adopting Advanced Machine Learning for Smart Grids (ML-SG) is a promising strategy that revolutionizes the energy industry to optimize energy usage, improve grid management, and foster sustainability. It also increases the efficiency, reliability, and sustainability of contemporary power systems. Furthermore, incorporating machine learning into smart grids has important practical ramifications and can help address some of the most pressing issues facing contemporary energy systems. By precisely forecasting consumption trends and facilitating dynamic pricing models that take into account current grid circumstances, Machine Learning (ML) can improve demand response tactics. Additionally, it is essential for preserving grid stability since it can promptly identify irregularities and react to system oscillations, preventing blackouts and equipment failures. Furthermore, through supply and demand balance, energy dispatch optimization, and solar and wind power forecasts, ML makes it easier to seamlessly integrate renewable energy sources. These characteristics facilitate the shift to a more robust, adaptable, and ecologically friendly energy infrastructure in addition to increasing operating efficiency. In this paper, we investigate the development of ML solutions that benefit from the enormous amounts of data generated by IoT devices in the smart grid. Furthermore, this study examines the benefits and drawbacks of the adoption of ML-SG and offers an outline of their use while highlighting the implications of integrating ML into smart grids. In addition, it explores and analyzes how ML algorithms can be used for load forecasting and enabling accurate and real-time decision making in smart grids. The objective of this work is to analyze smart grid operations at different levels, such as predicting energy demand, identifying abnormalities, and reducing cybersecurity threats by using sophisticated ML-based algorithms, especially discussing attacks and countermeasures against these ML models. This work concludes with suggestions and recommendations that highlight the importance of improving the security and accuracy of ML-SG, while shedding some light on future directions. In the future, this work aims to contribute to the development of efficient ML solutions for energy infrastructure to become more effective and sustainable, by discussing data science and ML issues related to smart grids.

采用先进的机器学习智能电网（ML-SG）是一项有前途的战略，它将彻底改变能源行业，优化能源使用，改善电网管理，促进可持续性。它还提高了当代电力系统的效率、可靠性和可持续性。此外，将机器学习纳入智能电网具有重要的实际影响，可以帮助解决当代能源系统面临的一些最紧迫的问题。通过精确预测消费趋势和促进考虑到当前电网环境的动态定价模型，机器学习（ML）可以改进需求响应策略。此外，它对于保持电网稳定性至关重要，因为它可以及时识别异常并对系统振荡做出反应，防止停电和设备故障。此外，通过供需平衡、能源调度优化以及太阳能和风能预测，ML使可再生能源的无缝整合变得更加容易。除了提高运营效率外，这些特点还有助于向更强大、适应性更强、更环保的能源基础设施转变。在本文中，我们研究了机器学习解决方案的开发，这些解决方案受益于智能电网中物联网设备生成的大量数据。此外，本研究考察了采用ML- sg的优点和缺点，并概述了其使用情况，同时强调了将ML集成到智能电网中的影响。此外，它还探讨和分析了机器学习算法如何用于负荷预测，并在智能电网中实现准确和实时的决策。这项工作的目标是分析不同层次的智能电网运行，例如预测能源需求，识别异常，并通过使用复杂的基于ML的算法减少网络安全威胁，特别是讨论针对这些ML模型的攻击和对策。本工作总结了建议和建议，强调了提高ML-SG的安全性和准确性的重要性，同时对未来的发展方向提出了一些建议。在未来，这项工作旨在通过讨论与智能电网相关的数据科学和机器学习问题，为能源基础设施开发高效的机器学习解决方案做出贡献，使其变得更加有效和可持续。

{"title":"Advanced Machine Learning in Smart Grids: An overview","authors":"Hassan N. Noura , Jean Paul A. Yaacoub , Ola Salman , Ali Chehab","doi":"10.1016/j.iotcps.2025.05.002","DOIUrl":"10.1016/j.iotcps.2025.05.002","url":null,"abstract":"<div><div>Adopting Advanced Machine Learning for Smart Grids (ML-SG) is a promising strategy that revolutionizes the energy industry to optimize energy usage, improve grid management, and foster sustainability. It also increases the efficiency, reliability, and sustainability of contemporary power systems. Furthermore, incorporating machine learning into smart grids has important practical ramifications and can help address some of the most pressing issues facing contemporary energy systems. By precisely forecasting consumption trends and facilitating dynamic pricing models that take into account current grid circumstances, Machine Learning (ML) can improve demand response tactics. Additionally, it is essential for preserving grid stability since it can promptly identify irregularities and react to system oscillations, preventing blackouts and equipment failures. Furthermore, through supply and demand balance, energy dispatch optimization, and solar and wind power forecasts, ML makes it easier to seamlessly integrate renewable energy sources. These characteristics facilitate the shift to a more robust, adaptable, and ecologically friendly energy infrastructure in addition to increasing operating efficiency. In this paper, we investigate the development of ML solutions that benefit from the enormous amounts of data generated by IoT devices in the smart grid. Furthermore, this study examines the benefits and drawbacks of the adoption of ML-SG and offers an outline of their use while highlighting the implications of integrating ML into smart grids. In addition, it explores and analyzes how ML algorithms can be used for load forecasting and enabling accurate and real-time decision making in smart grids. The objective of this work is to analyze smart grid operations at different levels, such as predicting energy demand, identifying abnormalities, and reducing cybersecurity threats by using sophisticated ML-based algorithms, especially discussing attacks and countermeasures against these ML models. This work concludes with suggestions and recommendations that highlight the importance of improving the security and accuracy of ML-SG, while shedding some light on future directions. In the future, this work aims to contribute to the development of efficient ML solutions for energy infrastructure to become more effective and sustainable, by discussing data science and ML issues related to smart grids.</div></div>","PeriodicalId":100724,"journal":{"name":"Internet of Things and Cyber-Physical Systems","volume":"5 ","pages":"Pages 95-142"},"PeriodicalIF":0.0,"publicationDate":"2025-01-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"144205481","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

引用次数: 0

UMetaBE-DPPML: Urban metaverse & blockchain-enabled decentralised privacy-preserving machine learning verification and authentication with metaverse immersive devices UMetaBE-DPPML：支持城市元世界和区块链的去中心化保护隐私的机器学习验证和元世界沉浸式设备认证

Internet of Things and Cyber-Physical Systems

Pub Date : 2025-01-01 DOI: 10.1016/j.iotcps.2025.02.001

Kaya Kuru, Kaan Kuru

It is anticipated that cybercrime activities will be widespread in the urban metaverse ecosystem due to its high economic value with new types of assets and its immersive nature with a variety of experiences. Ensuring reliable urban metaverse cyberspaces requires addressing two critical challenges, namely, cybersecurity and privacy protection. This study, by analysing potential cyberthreats in the urban metaverse cyberspaces, proposes a blockchain-based Decentralised Privacy-Preserving Machine Learning (DPPML) authentication and verification methodology, which uses the metaverse immersive devices and can be instrumented effectively against identity impersonation and theft of credentials, identity, or avatars. Blockchain technology and Federated Learning (FL) are merged in the developed DPPML approach not only to eliminate the requirement of a trusted third party for the verification of the authenticity of transactions and immersive actions, but also, to avoid Single Point of Failure (SPoF) and Generative Adversarial Networks (GAN) attacks by detecting malicious nodes. The developed methodology has been tested using Motion Capture Suits (MoCaps) in a co-simulation environment with the Proof-of-Work (PoW) consensus mechanism. The preliminary results suggest that the built techniques in the DPPML approach can prevent unreal transactions, impersonation, identity theft, and theft of credentials or avatars promptly before any transactions have been executed or immersive experiences have been shared with others. The proposed system will be tested with a larger number of nodes involving the Proof-of-Stake (PoS) consensus mechanism using several other metaverse immersive devices as a future job.

预计网络犯罪活动将在城市虚拟生态系统中广泛存在，因为它具有新型资产的高经济价值和各种体验的沉浸性。确保可靠的城市元宇宙网络空间需要解决两个关键挑战，即网络安全和隐私保护。本研究通过分析城市元宇宙网络空间中的潜在网络威胁，提出了一种基于区块链的去中心化隐私保护机器学习（DPPML）身份验证和验证方法，该方法使用元宇宙沉浸式设备，可以有效地防止身份冒充和盗窃凭证、身份或化身。区块链技术和联邦学习（FL）被合并到开发的DPPML方法中，不仅消除了对可信第三方验证交易和沉浸式操作真实性的要求，而且还通过检测恶意节点来避免单点故障（SPoF）和生成对抗网络（GAN）攻击。开发的方法已在具有工作量证明（PoW）共识机制的联合模拟环境中使用动作捕捉套装（MoCaps）进行了测试。初步结果表明，DPPML方法中的构建技术可以在执行任何事务或与其他人共享沉浸式体验之前及时防止不真实的事务、冒充、身份盗窃以及凭证或虚拟身份的盗窃。提议的系统将在涉及权益证明（PoS）共识机制的更多节点上进行测试，使用其他几个元世界沉浸式设备作为未来的工作。

{"title":"UMetaBE-DPPML: Urban metaverse & blockchain-enabled decentralised privacy-preserving machine learning verification and authentication with metaverse immersive devices","authors":"Kaya Kuru, Kaan Kuru","doi":"10.1016/j.iotcps.2025.02.001","DOIUrl":"10.1016/j.iotcps.2025.02.001","url":null,"abstract":"<div><div>It is anticipated that cybercrime activities will be widespread in the urban metaverse ecosystem due to its high economic value with new types of assets and its immersive nature with a variety of experiences. Ensuring reliable urban metaverse cyberspaces requires addressing two critical challenges, namely, cybersecurity and privacy protection. This study, by analysing potential cyberthreats in the urban metaverse cyberspaces, proposes a blockchain-based Decentralised Privacy-Preserving Machine Learning (DPPML) authentication and verification methodology, which uses the metaverse immersive devices and can be instrumented effectively against identity impersonation and theft of credentials, identity, or avatars. Blockchain technology and Federated Learning (FL) are merged in the developed DPPML approach not only to eliminate the requirement of a trusted third party for the verification of the authenticity of transactions and immersive actions, but also, to avoid Single Point of Failure (SPoF) and Generative Adversarial Networks (GAN) attacks by detecting malicious nodes. The developed methodology has been tested using Motion Capture Suits (MoCaps) in a co-simulation environment with the Proof-of-Work (PoW) consensus mechanism. The preliminary results suggest that the built techniques in the DPPML approach can prevent unreal transactions, impersonation, identity theft, and theft of credentials or avatars promptly before any transactions have been executed or immersive experiences have been shared with others. The proposed system will be tested with a larger number of nodes involving the Proof-of-Stake (PoS) consensus mechanism using several other metaverse immersive devices as a future job.</div></div>","PeriodicalId":100724,"journal":{"name":"Internet of Things and Cyber-Physical Systems","volume":"5 ","pages":"Pages 47-86"},"PeriodicalIF":0.0,"publicationDate":"2025-01-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"144099446","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

引用次数: 0

Non-work conserving dynamic scheduling of moldable gang tasks on multicore systems 多核系统上可成型团伙任务的非工作保护动态调度

Internet of Things and Cyber-Physical Systems

Pub Date : 2024-03-01 DOI: 10.1016/j.iotcps.2024.03.001

Tomoki Shimizu, Hiroki Nishikawa, Xiangbo Kong, Hiroyuki Tomiyama

引用次数: 0

Constructing immersive toy trial experience in mobile augmented reality 在移动增强现实技术中构建身临其境的玩具试用体验

Internet of Things and Cyber-Physical Systems

Pub Date : 2024-02-01 DOI: 10.1016/j.iotcps.2024.02.001

Lingxin Yu, Jiacheng Zhang, Xinyue Wang, Siru Chen, Xuehao Qin, Zhifei Ding, Jiahao Han

引用次数: 0

Multi-objective optimization algorithms for intrusion detection in IoT networks: A systematic review 物联网网络入侵检测的多目标优化算法：系统综述

Internet of Things and Cyber-Physical Systems

Pub Date : 2024-02-01 DOI: 10.1016/j.iotcps.2024.01.003

Shubhkirti Sharma, Vijay Kumar, K. Dutta

引用次数: 0

MalAware: A tabletop exercise for malware security awareness education and incident response training 恶意软件：恶意软件安全意识教育和事件响应培训桌面演练

Internet of Things and Cyber-Physical Systems

Pub Date : 2024-01-01 DOI: 10.1016/j.iotcps.2024.02.003

Giddeon Angafor , Iryna Yevseyeva , Leandros Maglaras

Advancements in technology, including the Internet of Things (IoT) revolution, have enabled individuals and businesses to use systems and devices that connect, exchange data, and provide real-time information from far and near. Despite that, this interconnectivity and data sharing between systems and devices over the internet poses security and privacy risks as threat actors can intercept, steal, and use owners’ data for nefarious purposes. This paper discusses ’MalAware’, a ‘Malware Awareness Education’ and incident response (IR) scenario-based tabletop exercise and card game for malware threat mitigation training. It introduces the importance of incident management, highlights the dangers posed by malware for connected systems, and outlines the role of tabletop games and exercises in helping businesses mature their malware incident response capabilities. The study discusses the design of MalAware and summarises the results of 2 pilots undertaken to assess the concept, maintaining that the results highlighted the value of ‘MalAware’ as an essential tool to help students and staff master how to mitigate security threats caused by malware. It argues that MalAware can assist businesses in their IR preparedness endeavors, enabling incident management teams to review plans and processes to ensure they are fit for purpose. It enables staff to leverage scenario-based and simulated security breach examples, including role-play, to establish appropriate malware defences. MalAware’s practical hands-on exercises can assist trainees in gaining essential malware and other threat mitigation skills, helping to protect the security and privacy of IoTs.

技术的进步，包括物联网（IoT）革命，使个人和企业能够使用连接、交换数据和提供实时信息的系统和设备。尽管如此，系统和设备之间通过互联网实现的互联和数据共享也带来了安全和隐私风险，因为威胁行为者可以拦截、窃取和使用所有者的数据来达到邪恶目的。本文讨论的 "恶意软件 "是一种基于 "恶意软件意识教育 "和事件响应（IR）情景的桌面演练和卡片游戏，用于恶意软件威胁缓解培训。它介绍了事件管理的重要性，强调了恶意软件给联网系统带来的危险，并概述了桌面游戏和演习在帮助企业提高恶意软件事件响应能力方面的作用。该研究讨论了恶意软件的设计，总结了为评估这一概念而进行的两次试点的结果，认为这些结果突出了 "恶意软件 "作为帮助学生和教职员工掌握如何减轻恶意软件造成的安全威胁的重要工具的价值。报告认为，"恶意软件 "可以帮助企业做好爱尔兰共和军的准备工作，使事件管理团队能够审查计划和流程，确保其符合目的。它使员工能够利用基于场景和模拟的安全漏洞实例（包括角色扮演）建立适当的恶意软件防御。MalAware 的实际操作练习可以帮助学员获得基本的恶意软件和其他威胁缓解技能，从而帮助保护物联网的安全和隐私。

{"title":"MalAware: A tabletop exercise for malware security awareness education and incident response training","authors":"Giddeon Angafor , Iryna Yevseyeva , Leandros Maglaras","doi":"10.1016/j.iotcps.2024.02.003","DOIUrl":"https://doi.org/10.1016/j.iotcps.2024.02.003","url":null,"abstract":"<div><p>Advancements in technology, including the Internet of Things (IoT) revolution, have enabled individuals and businesses to use systems and devices that connect, exchange data, and provide real-time information from far and near. Despite that, this interconnectivity and data sharing between systems and devices over the internet poses security and privacy risks as threat actors can intercept, steal, and use owners’ data for nefarious purposes. This paper discusses ’MalAware’, a ‘Malware Awareness Education’ and incident response (IR) scenario-based tabletop exercise and card game for malware threat mitigation training. It introduces the importance of incident management, highlights the dangers posed by malware for connected systems, and outlines the role of tabletop games and exercises in helping businesses mature their malware incident response capabilities. The study discusses the design of MalAware and summarises the results of 2 pilots undertaken to assess the concept, maintaining that the results highlighted the value of ‘MalAware’ as an essential tool to help students and staff master how to mitigate security threats caused by malware. It argues that MalAware can assist businesses in their IR preparedness endeavors, enabling incident management teams to review plans and processes to ensure they are fit for purpose. It enables staff to leverage scenario-based and simulated security breach examples, including role-play, to establish appropriate malware defences. MalAware’s practical hands-on exercises can assist trainees in gaining essential malware and other threat mitigation skills, helping to protect the security and privacy of IoTs.</p></div>","PeriodicalId":100724,"journal":{"name":"Internet of Things and Cyber-Physical Systems","volume":"4 ","pages":"Pages 280-292"},"PeriodicalIF":0.0,"publicationDate":"2024-01-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"https://www.sciencedirect.com/science/article/pii/S2667345224000063/pdfft?md5=61feca14037fa00f21581df14b5c4571&pid=1-s2.0-S2667345224000063-main.pdf","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"140180017","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"OA","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

引用次数: 0

IoT-enhanced smart road infrastructure systems for comprehensive real-time monitoring 用于全面实时监控的物联网增强型智能道路基础设施系统

Internet of Things and Cyber-Physical Systems

Pub Date : 2024-01-01 DOI: 10.1016/j.iotcps.2024.01.002

Zhoujing Ye , Ya Wei , Songli Yang , Pengpeng Li , Fei Yang , Biyu Yang , Linbing Wang

With the rapid advancement of Internet of Things (IoT) technology, its applications in road infrastructure have garnered attention. However, challenges persist when applying IoT to road infrastructure monitoring, including insufficient durability of front-end sensors, pavement damage due to sensor embedding, and the redundancy of a vast amount of real-time data, hindering the long-term real-time monitoring of pavements. To address these challenges, this study developed a self-powered distributed intelligent pavement monitoring system based on IoT, encompassing a sensor network, cloud platform, communication network, and power supply system. Considering the specific characteristics of slipform paving for cement concrete pavements, an integrated paving process was proposed, merging embedded sensors with pavement material structures. Through on-site engineering monitoring, the system actively collects and analyzes various data types such as system energy consumption, temperature and humidity, environmental noise, wind speed and direction, and pavement structural vibrations, providing data support for pavement design, maintenance, and vehicle-road synergy applications. Future efforts will continue to promote the application of IoT technology in digital road maintenance, traffic safety, and optimized pavement material structure design.

随着物联网（IoT）技术的快速发展，其在道路基础设施中的应用也备受关注。然而，将物联网应用于道路基础设施监测仍存在一些挑战，包括前端传感器的耐用性不足、传感器嵌入造成的路面损坏以及海量实时数据的冗余性阻碍了对路面的长期实时监测。针对这些挑战，本研究开发了一种基于物联网的自供电分布式智能路面监测系统，包括传感器网络、云平台、通信网络和供电系统。考虑到水泥混凝土路面滑模摊铺的特殊性，提出了将嵌入式传感器与路面材料结构相结合的一体化摊铺工艺。通过现场工程监测，系统主动收集并分析系统能耗、温湿度、环境噪声、风速风向、路面结构振动等各类数据，为路面设计、养护和车路协同应用提供数据支持。未来将继续推动物联网技术在数字化道路养护、交通安全、路面材料结构优化设计等方面的应用。

{"title":"IoT-enhanced smart road infrastructure systems for comprehensive real-time monitoring","authors":"Zhoujing Ye , Ya Wei , Songli Yang , Pengpeng Li , Fei Yang , Biyu Yang , Linbing Wang","doi":"10.1016/j.iotcps.2024.01.002","DOIUrl":"https://doi.org/10.1016/j.iotcps.2024.01.002","url":null,"abstract":"<div><p>With the rapid advancement of Internet of Things (IoT) technology, its applications in road infrastructure have garnered attention. However, challenges persist when applying IoT to road infrastructure monitoring, including insufficient durability of front-end sensors, pavement damage due to sensor embedding, and the redundancy of a vast amount of real-time data, hindering the long-term real-time monitoring of pavements. To address these challenges, this study developed a self-powered distributed intelligent pavement monitoring system based on IoT, encompassing a sensor network, cloud platform, communication network, and power supply system. Considering the specific characteristics of slipform paving for cement concrete pavements, an integrated paving process was proposed, merging embedded sensors with pavement material structures. Through on-site engineering monitoring, the system actively collects and analyzes various data types such as system energy consumption, temperature and humidity, environmental noise, wind speed and direction, and pavement structural vibrations, providing data support for pavement design, maintenance, and vehicle-road synergy applications. Future efforts will continue to promote the application of IoT technology in digital road maintenance, traffic safety, and optimized pavement material structure design.</p></div>","PeriodicalId":100724,"journal":{"name":"Internet of Things and Cyber-Physical Systems","volume":"4 ","pages":"Pages 235-249"},"PeriodicalIF":0.0,"publicationDate":"2024-01-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"https://www.sciencedirect.com/science/article/pii/S2667345224000026/pdfft?md5=e2593131eb914f50ce726004b9037d6b&pid=1-s2.0-S2667345224000026-main.pdf","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"139718721","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"OA","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

引用次数: 0

Ransomware on cyber-physical systems: Taxonomies, case studies, security gaps, and open challenges 网络物理系统中的勒索软件：分类、案例研究、安全漏洞和公开挑战

Internet of Things and Cyber-Physical Systems

Pub Date : 2024-01-01 DOI: 10.1016/j.iotcps.2023.12.001

Mourad Benmalek

Ransomware attacks have emerged as one of the most significant cyberthreats faced by organizations worldwide. In recent years, ransomware has also started to target critical infrastructure and Cyber-Physical Systems (CPS) such as industrial control systems, smart grids, and healthcare networks. The unique attack surface and safety-critical nature of CPS introduce new challenges in defending against ransomware. This paper provides a comprehensive overview of ransomware threats to CPS. We propose a dual taxonomy to classify ransomware attacks on CPS based on infection vectors, targets, objectives, and technical attributes. Through an analysis of 10 real-world incidents, we highlight attack patterns, vulnerabilities, and impacts of ransomware campaigns against critical systems and facilities. Based on the insights gained, we identify open research problems and future directions to improve ransomware resilience in CPS environments.

勒索软件攻击已成为全球组织面临的最重要的网络威胁之一。近年来，勒索软件也开始瞄准关键基础设施和网络物理系统（CPS），如工业控制系统、智能电网和医疗保健网络。CPS 独特的攻击面和安全关键性为防御勒索软件带来了新的挑战。本文全面概述了勒索软件对 CPS 的威胁。我们提出了一种双重分类法，根据感染载体、目标、目的和技术属性对针对 CPS 的勒索软件攻击进行分类。通过对 10 起真实事件的分析，我们强调了针对关键系统和设施的勒索软件活动的攻击模式、漏洞和影响。根据所获得的见解，我们确定了改进 CPS 环境中勒索软件复原力的开放研究问题和未来方向。

引用次数: 0

下一页尾页

类型

全部化学•材料生命科学医学物理工程技术环境•农林材料科学地球科学法学管理学化学环境科学与生态学计算机科学教育学经济学农林科学人文科学生物学数学物理与天体物理心理学综合性期刊其他工业工程理学历史学农学文学信息工程

数据库

全部 ACS Publications Elsevier ieeexplore Springer The Royal Society of Chemistry Wiley

期刊

Internet of Things and Cyber-Physical Systems

全部 Acc. Chem. Res. ACS Applied Bio Materials ACS Appl. Electron. Mater. ACS Appl. Energy Mater. ACS Appl. Mater. Interfaces ACS Appl. Nano Mater. ACS Appl. Polym. Mater. ACS BIOMATER-SCI ENG ACS Catal. ACS Cent. Sci. ACS Chem. Biol. ACS Chemical Health & Safety ACS Chem. Neurosci. ACS Comb. Sci. ACS Earth Space Chem. ACS Energy Lett. ACS Infect. Dis. ACS Macro Lett. ACS Mater. Lett. ACS Med. Chem. Lett. ACS Nano ACS Omega ACS Photonics ACS Sens. ACS Sustainable Chem. Eng. ACS Synth. Biol. Anal. Chem. BIOCHEMISTRY-US Bioconjugate Chem. BIOMACROMOLECULES Chem. Res. Toxicol. Chem. Rev. Chem. Mater. CRYST GROWTH DES ENERG FUEL Environ. Sci. Technol. Environ. Sci. Technol. Lett. Eur. J. Inorg. Chem. IND ENG CHEM RES Inorg. Chem. J. Agric. Food. Chem. J. Chem. Eng. Data J. Chem. Educ. J. Chem. Inf. Model. J. Chem. Theory Comput. J. Med. Chem. J. Nat. Prod. J PROTEOME RES J. Am. Chem. Soc. LANGMUIR MACROMOLECULES Mol. Pharmaceutics Nano Lett. Org. Lett. ORG PROCESS RES DEV ORGANOMETALLICS J. Org. Chem. J. Phys. Chem. J. Phys. Chem. A J. Phys. Chem. B J. Phys. Chem. C J. Phys. Chem. Lett. Analyst Anal. Methods Biomater. Sci. Catal. Sci. Technol. Chem. Commun. Chem. Soc. Rev. CHEM EDUC RES PRACT CRYSTENGCOMM Dalton Trans. Energy Environ. Sci. ENVIRON SCI-NANO ENVIRON SCI-PROC IMP ENVIRON SCI-WAT RES Faraday Discuss. Food Funct. Green Chem. Inorg. Chem. Front. Integr. Biol. J. Anal. At. Spectrom. J. Mater. Chem. A J. Mater. Chem. B J. Mater. Chem. C Lab Chip Mater. Chem. Front. Mater. Horiz. MEDCHEMCOMM Metallomics Mol. Biosyst. Mol. Syst. Des. Eng. Nanoscale Nanoscale Horiz. Nat. Prod. Rep. New J. Chem. Org. Biomol. Chem. Org. Chem. Front. PHOTOCH PHOTOBIO SCI PCCP Polym. Chem.

﹀