Search for: All records

PDF is a popular document file format with a flexible file structure that can embed diverse types of content, including images and JavaScript code. However, these features make it a favored vehicle for malware attackers. In this paper, we propose an image-based PDF malware detection method that utilizes pre-trained deep neural networks (DNNs). Specifically, we convert PDF files into fixed-size grayscale images using an image visualization technique. These images are then fed into pre-trained DNN models to classify them as benign or malicious. We investigated four classical pre-trained DNN models in our study. We evaluated the performance of the proposed method using the publicly available Contagio PDF malware dataset. Our results demonstrate that MobileNetv3 achieves the best detection performance with an accuracy of 0.9969 and exhibits low computational complexity, making it a promising solution for image-based PDF malware detection. 

Electricity theft is a type of cyberattack posing significant risks to the security of smart grids. Semi-supervised outlier detection (SSOD) algorithms utilize normal power usage data to build detection models, enabling them to detect unknown electricity theft attacks. In this paper, we applied feature engineering and ensemble learning to improve the detection performance of SSOD algorithms. Specifically, we extracted 22 time-series and wavelet features from load profiles, which served as inputs for the seven popular SSOD algorithms investigated in this study. Experimental results demonstrate that the proposed feature engineering greatly enhances the performance of SSOD algorithms to detect various false data injection (FDI) attacks. Furthermore, we constructed bagged ensemble models using the best-performing SSOD algorithm as the base model, with results indicating further improvements in detection performance compared to the base model alone. 

Modern advances in unmanned aerial vehicle (UAV) technology have widened the scope of commercial and military applications. However, the increased dependency on wireless communications exposes UAVs to potential attacks and introduces new threats, especially from UAVs designed with the malicious intent of targeting vital infrastructures. Significant efforts have been made from researchers and other United States (U.S.) Department of Defense (DoD) agencies for developing countermeasures for detection, interception, or destruction of the malicious UAVs. One promising countermeasure is the use of a counter UAV (CUAV) swarm to detect, track, and neutralize the malicious UAV. This paper aims to recognize the state-of-the-art swarm intelligence algorithms for achieving cooperative capture of a mobile target UAV. The major design and implementation challenges for swarm control, algorithm architecture, and safety protocols are considered. A prime challenge for UAV swarms is a robust communication infrastructure to enable accurate data transfer between UAVs for efficient path planning. A multi-agent deep reinforcement learning approach is applied to train a group of CUAVs to intercept a faster malicious UAV, while avoiding collisions among other CUAVs and non-cooperating obstacles (i.e. other aerial objects maneuvering in the area). The impact of the latency incurred through UAV-to-UAV communications is showcased and discussed with preliminary numerical results. 

In urban environments, tall buildings or structures can pose limits on the direct channel link between a base station (BS) and an Internet-of-Thing device (IoTD) for wireless communication. Unmanned aerial vehicles (UAVs) with a mounted reconfigurable intelligent surface (RIS), denoted as UAV-RIS, have been introduced in recent works to enhance the system throughput capacity by acting as a relay node between the BS and the IoTDs in wireless access networks. Uncoordinated UAVs or RIS phase shift elements will make unnecessary adjustments that can significantly impact the signal transmission to IoTDs in the area. The concept of age of information (AoI) is proposed in wireless network research to categorize the freshness of the received update message. To minimize the average sum of AoI (ASoA) in the network, two model-free deep reinforcement learning (DRL) approaches – Off-Policy Deep Q-Network (DQN) and On-Policy Proximal Policy Optimization (PPO) – are developed to solve the problem by jointly optimizing the RIS phase shift, the location of the UAV-RIS, and the IoTD transmission scheduling for large-scale IoT wireless networks. Analysis of loss functions and extensive simulations is performed to compare the stability and convergence performance of the two algorithms. The results reveal the superiority of the On-Policy approach, PPO, over the Off-Policy approach, DQN, in terms of stability, convergence speed, and under diverse environment settings 

Smart appliances’ run schedule and electric vehicles charging can be managed over a smart grid enabled home area network (HAN) to reduce electricity demand at critical times and add more plug-in electric vehicles to the grid, which eventually lower customers’ energy bills and reduce greenhouse gas emissions. Short range radio-based wireless communication technologies commonly adopted in a HAN are vulnerable to cyber attacks due to their wide interception range. In this work, a low-cost solution is proposed for securing the low-volume data exchange of sensitive tasks (e.g., key management and mutual authentication). Our approach utilizes the emerging concept of retro-reflector based visible light communication (Retro-VLC), where smart appliances, IoT sensors and other electric devices perform the sensitive data exchange with the HAN gateway via the secure Retro-VLC channel. To conduct the feasibility study, a multi-pixel Retro-VLC link is prototyped to enable quadrature amplitude modulation. The bit error rate of Retro-VLC is studied analytically, numerically and experimentally. A heterogeneous Retro-VLC + WLAN connection is implemented by socket programming. In addition, the working range, sniffing range, and key exchange latency are measured. The results validate the applicability of the Retro-VLC based solution. 

User authentication plays an important role in securing systems and devices by preventing unauthorized accesses. Although surface Electromyogram (sEMG) has been widely applied for human machine interface (HMI) applications, it has only seen a very limited use for user authentication. In this paper, we investigate the use of multi-channel sEMG signals of hand gestures for user authentication. We propose a new deep anomaly detection-based user authentication method which employs sEMG images generated from multi-channel sEMG signals. The deep anomaly detection model classifies the user performing the hand gesture as client or imposter by using sEMG images as the input. Different sEMG image generation methods are studied in this paper. The performance of the proposed method is evaluated with a high-density hand gesture sEMG (HD-sEMG) dataset and a sparse-density hand gesture sEMG (SD-sEMG) dataset under three authentication test scenarios. Among the sEMG image generation methods, root mean square (RMS) map achieves significantly better performance than others. The proposed method with RMS map also greatly outperforms the reference method, especially when using SD-sEMG signals. The results demonstrate the validity of the proposed method with RMS map for user authentication. 

Abstract As one of the least understood aerosol processes, nucleation can be a dominant source of atmospheric aerosols. Sulfuric acid (SA)-amine binary nucleation with dimethylamine (DMA) has been recognized as a governing mechanism in the polluted continental boundary layer. Here we demonstrate the importance of trimethylamine (TMA) for nucleation in the complex atmosphere and propose a molecular-level SA-DMA-TMA ternary nucleation mechanism as an improvement upon the conventional binary mechanism. Using the proposed mechanism, we could connect the gaseous amines to the SA-amine cluster signals measured in the atmosphere of urban Beijing. Results show that TMA can accelerate the SA-DMA-based new particle formation in Beijing by 50–100%. Considering the global abundance of TMA and DMA, our findings imply comparable importance of TMA and DMA to nucleation in the polluted continental boundary layer, with probably higher contributions from TMA in polluted rural environments and future urban environments with controlled DMA emissions. 

User authentication is an important security mechanism to prevent unauthorized accesses to systems or devices. In this paper, we propose a new user authentication method based on surface electromyogram (sEMG) images of hand gestures and deep anomaly detection. Multi-channel sEMG signals acquired during the user performing a hand gesture are converted into sEMG images which are used as the input of a deep anomaly detection model to classify the user as client or imposter. The performance of different sEMG image generation methods in three authentication test scenarios are investigated by using a public hand gesture sEMG dataset. Our experimental results demonstrate the viability of the proposed method for user authentication.