Bayesian networks are a powerful class of graphical decision models used to represent causal relationships among variables.However,the reliability and integrity of learned Bayesian network models are highly dependent ...Bayesian networks are a powerful class of graphical decision models used to represent causal relationships among variables.However,the reliability and integrity of learned Bayesian network models are highly dependent on the quality of incoming data streams.One of the primary challenges with Bayesian networks is their vulnerability to adversarial data poisoning attacks,wherein malicious data is injected into the training dataset to negatively influence the Bayesian network models and impair their performance.In this research paper,we propose an efficient framework for detecting data poisoning attacks against Bayesian network structure learning algorithms.Our framework utilizes latent variables to quantify the amount of belief between every two nodes in each causal model over time.We use our innovative methodology to tackle an important issue with data poisoning assaults in the context of Bayesian networks.With regard to four different forms of data poisoning attacks,we specifically aim to strengthen the security and dependability of Bayesian network structure learning techniques,such as the PC algorithm.By doing this,we explore the complexity of this area and offer workablemethods for identifying and reducing these sneaky dangers.Additionally,our research investigates one particular use case,the“Visit to Asia Network.”The practical consequences of using uncertainty as a way to spot cases of data poisoning are explored in this inquiry,which is of utmost relevance.Our results demonstrate the promising efficacy of latent variables in detecting and mitigating the threat of data poisoning attacks.Additionally,our proposed latent-based framework proves to be sensitive in detecting malicious data poisoning attacks in the context of stream data.展开更多
The rapid increase in vehicle traffic volume in modern societies has raised the need to develop innovative solutions to reduce traffic congestion and enhance traffic management efficiency.Revolutionary advanced techno...The rapid increase in vehicle traffic volume in modern societies has raised the need to develop innovative solutions to reduce traffic congestion and enhance traffic management efficiency.Revolutionary advanced technology,such as Intelligent Transportation Systems(ITS),enables improved traffic management,helps eliminate congestion,and supports a safer environment.ITS provides real-time information on vehicle traffic and transportation systems that can improve decision-making for road users.However,ITS suffers from routing issues at the network layer when utilising Vehicular Ad Hoc Networks(VANETs).This is because each vehicle plays the role of a router in this network,which leads to a complex vehicle communication network,causing issues such as repeated link breakages between vehicles resulting from the mobility of the network and rapid topological variation.This may lead to loss or delay in packet transmissions;this weakness can be exploited in routing attacks,such as black-hole and gray-hole attacks,that threaten the availability of ITS services.In this paper,a Blockchain-based smart contracts model is proposed to offer convenient and comprehensive security mechanisms,enhancing the trustworthiness between vehicles.Self-Classification Blockchain-Based Contracts(SCBC)and Voting-Classification Blockchain-Based Contracts(VCBC)are utilised in the proposed protocol.The results show that VCBC succeeds in attaining better results in PDR and TP performance even in the presence of Blackhole and Grayhole attacks.展开更多
With the increasing number of connected devices in the Internet of Things(IoT)era,the number of intrusions is also increasing.An intrusion detection system(IDS)is a secondary intelligent system for monitoring,detectin...With the increasing number of connected devices in the Internet of Things(IoT)era,the number of intrusions is also increasing.An intrusion detection system(IDS)is a secondary intelligent system for monitoring,detecting and alerting against malicious activity.IDS is important in developing advanced security models.This study reviews the importance of various techniques,tools,and methods used in IoT detection and/or prevention systems.Specifically,it focuses on machine learning(ML)and deep learning(DL)techniques for IDS.This paper proposes an accurate intrusion detection model to detect traditional and new attacks on the Internet of Vehicles.To speed up the detection of recent attacks,the proposed network architecture developed at the data processing layer is incorporated with a convolutional neural network(CNN),which performs better than a support vector machine(SVM).Processing data are enhanced using the synthetic minority oversampling technique to ensure learning accuracy.The nearest class mean classifier is applied during the testing phase to identify new attacks.Experimental results using the AWID dataset,which is one of the most common open intrusion detection datasets,revealed a higher detection accuracy(94%)compared to SVM and random forest methods.展开更多
This case report investigates the manifestation of cerebral amyloid angiopathy (CAA) through recurrent Transient Ischemic Attacks (TIAs) in an 82-year-old patient. Despite initial diagnostic complexities, cerebral ang...This case report investigates the manifestation of cerebral amyloid angiopathy (CAA) through recurrent Transient Ischemic Attacks (TIAs) in an 82-year-old patient. Despite initial diagnostic complexities, cerebral angiography-MRI revealed features indicative of CAA. Symptomatic treatment resulted in improvement, but the patient later developed a fatal hematoma. The discussion navigates the intricate therapeutic landscape of repetitive TIAs in the elderly with cardiovascular risk factors, emphasizing the pivotal role of cerebral MRI and meticulous bleeding risk management. The conclusion stresses the importance of incorporating SWI sequences, specifically when suspecting a cardioembolic TIA, as a diagnostic measure to explore and exclude CAA in the differential diagnosis. This case report provides valuable insights into these challenges, highlighting the need to consider CAA in relevant cases.展开更多
Internet of Things(IoT)is vulnerable to data-tampering(DT)attacks.Due to resource limitations,many anomaly detection systems(ADSs)for IoT have high false positive rates when detecting DT attacks.This leads to the misr...Internet of Things(IoT)is vulnerable to data-tampering(DT)attacks.Due to resource limitations,many anomaly detection systems(ADSs)for IoT have high false positive rates when detecting DT attacks.This leads to the misreporting of normal data,which will impact the normal operation of IoT.To mitigate the impact caused by the high false positive rate of ADS,this paper proposes an ADS management scheme for clustered IoT.First,we model the data transmission and anomaly detection in clustered IoT.Then,the operation strategy of the clustered IoT is formulated as the running probabilities of all ADSs deployed on every IoT device.In the presence of a high false positive rate in ADSs,to deal with the trade-off between the security and availability of data,we develop a linear programming model referred to as a security trade-off(ST)model.Next,we develop an analysis framework for the ST model,and solve the ST model on an IoT simulation platform.Last,we reveal the effect of some factors on the maximum combined detection rate through theoretical analysis.Simulations show that the ADS management scheme can mitigate the data unavailability loss caused by the high false positive rates in ADS.展开更多
The healthcare sector holds valuable and sensitive data.The amount of this data and the need to handle,exchange,and protect it,has been increasing at a fast pace.Due to their nature,software-defined networks(SDNs)are ...The healthcare sector holds valuable and sensitive data.The amount of this data and the need to handle,exchange,and protect it,has been increasing at a fast pace.Due to their nature,software-defined networks(SDNs)are widely used in healthcare systems,as they ensure effective resource utilization,safety,great network management,and monitoring.In this sector,due to the value of thedata,SDNs faceamajor challengeposed byawide range of attacks,such as distributed denial of service(DDoS)and probe attacks.These attacks reduce network performance,causing the degradation of different key performance indicators(KPIs)or,in the worst cases,a network failure which can threaten human lives.This can be significant,especially with the current expansion of portable healthcare that supports mobile and wireless devices for what is called mobile health,or m-health.In this study,we examine the effectiveness of using SDNs for defense against DDoS,as well as their effects on different network KPIs under various scenarios.We propose a threshold-based DDoS classifier(TBDC)technique to classify DDoS attacks in healthcare SDNs,aiming to block traffic considered a hazard in the form of a DDoS attack.We then evaluate the accuracy and performance of the proposed TBDC approach.Our technique shows outstanding performance,increasing the mean throughput by 190.3%,reducing the mean delay by 95%,and reducing packet loss by 99.7%relative to normal,with DDoS attack traffic.展开更多
This paper introduces a novel multi-tiered defense architecture to protect language models from adversarial prompt attacks. We construct adversarial prompts using strategies like role emulation and manipulative assist...This paper introduces a novel multi-tiered defense architecture to protect language models from adversarial prompt attacks. We construct adversarial prompts using strategies like role emulation and manipulative assistance to simulate real threats. We introduce a comprehensive, multi-tiered defense framework named GUARDIAN (Guardrails for Upholding Ethics in Language Models) comprising a system prompt filter, pre-processing filter leveraging a toxic classifier and ethical prompt generator, and pre-display filter using the model itself for output screening. Extensive testing on Meta’s Llama-2 model demonstrates the capability to block 100% of attack prompts. The approach also auto-suggests safer prompt alternatives, thereby bolstering language model security. Quantitatively evaluated defense layers and an ethical substitution mechanism represent key innovations to counter sophisticated attacks. The integrated methodology not only fortifies smaller LLMs against emerging cyber threats but also guides the broader application of LLMs in a secure and ethical manner.展开更多
This paper investigates the security issue of multisensor remote estimation systems.An optimal stealthy false data injection(FDI)attack scheme based on historical and current residuals,which only tampers with the meas...This paper investigates the security issue of multisensor remote estimation systems.An optimal stealthy false data injection(FDI)attack scheme based on historical and current residuals,which only tampers with the measurement residuals of partial sensors due to limited attack resources,is proposed to maximally degrade system estimation performance.The attack stealthiness condition is given,and then the estimation error covariance in compromised state is derived to quantify the system performance under attack.The optimal attack strategy is obtained by solving several convex optimization problems which maximize the trace of the compromised estimation error covariance subject to the stealthiness condition.Moreover,due to the constraint of attack resources,the selection principle of the attacked sensor is provided to determine which sensor is attacked so as to hold the most impact on system performance.Finally,simulation results are presented to verify the theoretical analysis.展开更多
Connected automated vehicles(CAVs)serve as a promising enabler for future intelligent transportation systems because of their capabilities in improving traffic efficiency and driving safety,and reducing fuel consumpti...Connected automated vehicles(CAVs)serve as a promising enabler for future intelligent transportation systems because of their capabilities in improving traffic efficiency and driving safety,and reducing fuel consumption and vehicle emissions.A fundamental issue in CAVs is platooning control that empowers a convoy of CAVs to be cooperatively maneuvered with desired longitudinal spacings and identical velocities on roads.This paper addresses the issue of resilient and safe platooning control of CAVs subject to intermittent denial-of-service(DoS)attacks that disrupt vehicle-to-vehicle communications.First,a heterogeneous and uncertain vehicle longitudinal dynamic model is presented to accommodate a variety of uncertainties,including diverse vehicle masses and engine inertial delays,unknown and nonlinear resistance forces,and a dynamic platoon leader.Then,a resilient and safe distributed longitudinal platooning control law is constructed with an aim to preserve simultaneous individual vehicle stability,attack resilience,platoon safety and scalability.Furthermore,a numerically efficient offline design algorithm for determining the desired platoon control law is developed,under which the platoon resilience against DoS attacks can be maximized but the anticipated stability,safety and scalability requirements remain preserved.Finally,extensive numerical experiments are provided to substantiate the efficacy of the proposed platooning method.展开更多
This paper studies the countermeasure design problems of distributed resilient time-varying formation-tracking control for multi-UAV systems with single-way communications against composite attacks,including denial-of...This paper studies the countermeasure design problems of distributed resilient time-varying formation-tracking control for multi-UAV systems with single-way communications against composite attacks,including denial-of-services(DoS)attacks,false-data injection attacks,camouflage attacks,and actuation attacks(AAs).Inspired by the concept of digital twin,a new two-layered protocol equipped with a safe and private twin layer(TL)is proposed,which decouples the above problems into the defense scheme against DoS attacks on the TL and the defense scheme against AAs on the cyber-physical layer.First,a topologyrepairing strategy against frequency-constrained DoS attacks is implemented via a Zeno-free event-triggered estimation scheme,which saves communication resources considerably.The upper bound of the reaction time needed to launch the repaired topology after the occurrence of DoS attacks is calculated.Second,a decentralized adaptive and chattering-relief controller against potentially unbounded AAs is designed.Moreover,this novel adaptive controller can achieve uniformly ultimately bounded convergence,whose error bound can be given explicitly.The practicability and validity of this new two-layered protocol are shown via a simulation example and a UAV swarm experiment equipped with both Ultra-WideBand and WiFi communication channels.展开更多
Ménière’s disease(MD)patients may suffer episodes of sudden falls,named Tu markin drop attacks(DAs).This fall occurs abruptly and without warning or loss of consciousness.DAs usually aggravate the clinical ...Ménière’s disease(MD)patients may suffer episodes of sudden falls,named Tu markin drop attacks(DAs).This fall occurs abruptly and without warning or loss of consciousness.DAs usually aggravate the clinical picture of MD and are challenging to manage.The present report describes a case treated by cochlear implantation(CI)due to concomitant deafness and offers some clinical considerations for this condition.A male patient aged 48 years with a 10-year history of definite bilateral MD had profound SNHL on the right and severe SNHL on the left side.He suffered from intermittent attacks of vertigo,ear fullness,and tinnitus and,in the last year,had developed DAs and experienced 14 episodes in the previous six months.The preoperative category of acoustic performance was 3.The Dizziness Handicap Inventory(DHI)questionnaire showed a total score of 46,which indicated a moderate degree of disability.A CI was planned for the right side.The patient did not report any further DAs episode for two years since then.The postoperative category of acoustic performance became 11,and the postoperative DHI questionnaire showed a decrease in the total score(from 46 to 19),which indicated a mild disability.Unilateral CI effectively alleviated the DAs associated with bilateral MD.Our report proposes a new modality for managing vertiginous symptoms in cases of MD with hearing loss without the need for more aggressive surgical interventions with the need for clinical trials to confirm our results.展开更多
This paper proposes a passive methodology for detecting a class of stealthy intermittent integrity attacks in cyberphysical systems subject to process disturbances and measurement noise.A stealthy intermittent integri...This paper proposes a passive methodology for detecting a class of stealthy intermittent integrity attacks in cyberphysical systems subject to process disturbances and measurement noise.A stealthy intermittent integrity attack strategy is first proposed by modifying a zero-dynamics attack model.The stealthiness of the generated attacks is rigorously investigated under the condition that the adversary does not know precisely the system state values.In order to help detect such attacks,a backward-in-time detection residual is proposed based on an equivalent quantity of the system state change,due to the attack,at a time prior to the attack occurrence time.A key characteristic of this residual is that its magnitude increases every time a new attack occurs.To estimate this unknown residual,an optimal fixed-point smoother is proposed by minimizing a piece-wise linear quadratic cost function with a set of specifically designed weighting matrices.The smoother design guarantees robustness with respect to process disturbances and measurement noise,and is also able to maintain sensitivity as time progresses to intermittent integrity attack by resetting the covariance matrix based on the weighting matrices.The adaptive threshold is designed based on the estimated backward-in-time residual,and the attack detectability analysis is rigorously investigated to characterize quantitatively the class of attacks that can be detected by the proposed methodology.Finally,a simulation example is used to demonstrate the effectiveness of the developed methodology.展开更多
Face verification systems are critical in a wide range of applications,such as security systems and biometric authentication.However,these systems are vulnerable to adversarial attacks,which can significantly compromi...Face verification systems are critical in a wide range of applications,such as security systems and biometric authentication.However,these systems are vulnerable to adversarial attacks,which can significantly compromise their accuracy and reliability.Adversarial attacks are designed to deceive the face verification system by adding subtle perturbations to the input images.These perturbations can be imperceptible to the human eye but can cause the systemtomisclassifyor fail torecognize thepersoninthe image.Toaddress this issue,weproposeanovel system called VeriFace that comprises two defense mechanisms,adversarial detection,and adversarial removal.The first mechanism,adversarial detection,is designed to identify whether an input image has been subjected to adversarial perturbations.The second mechanism,adversarial removal,is designed to remove these perturbations from the input image to ensure the face verification system can accurately recognize the person in the image.To evaluate the effectiveness of the VeriFace system,we conducted experiments on different types of adversarial attacks using the Labelled Faces in the Wild(LFW)dataset.Our results show that the VeriFace adversarial detector can accurately identify adversarial imageswith a high detection accuracy of 100%.Additionally,our proposedVeriFace adversarial removalmethod has a significantly lower attack success rate of 6.5%compared to state-of-the-art removalmethods.展开更多
Neural networks play a significant role in the field of image classification.When an input image is modified by adversarial attacks,the changes are imperceptible to the human eye,but it still leads to misclassificatio...Neural networks play a significant role in the field of image classification.When an input image is modified by adversarial attacks,the changes are imperceptible to the human eye,but it still leads to misclassification of the images.Researchers have demonstrated these attacks to make production self-driving cars misclassify StopRoad signs as 45 Miles Per Hour(MPH)road signs and a turtle being misclassified as AK47.Three primary types of defense approaches exist which can safeguard against such attacks i.e.,Gradient Masking,Robust Optimization,and Adversarial Example Detection.Very few approaches use Generative Adversarial Networks(GAN)for Defense against Adversarial Attacks.In this paper,we create a new approach to defend against adversarial attacks,dubbed Chained Dual-Generative Adversarial Network(CD-GAN)that tackles the defense against adversarial attacks by minimizing the perturbations of the adversarial image using iterative oversampling and undersampling using GANs.CD-GAN is created using two GANs,i.e.,CDGAN’s Sub-ResolutionGANandCDGAN’s Super-ResolutionGAN.The first is CDGAN’s Sub-Resolution GAN which takes the original resolution input image and oversamples it to generate a lower resolution neutralized image.The second is CDGAN’s Super-Resolution GAN which takes the output of the CDGAN’s Sub-Resolution and undersamples,it to generate the higher resolution image which removes any remaining perturbations.Chained Dual GAN is formed by chaining these two GANs together.Both of these GANs are trained independently.CDGAN’s Sub-Resolution GAN is trained using higher resolution adversarial images as inputs and lower resolution neutralized images as output image examples.Hence,this GAN downscales the image while removing adversarial attack noise.CDGAN’s Super-Resolution GAN is trained using lower resolution adversarial images as inputs and higher resolution neutralized images as output images.Because of this,it acts as an Upscaling GAN while removing the adversarial attak noise.Furthermore,CD-GAN has a modular design such that it can be prefixed to any existing classifier without any retraining or extra effort,and 2542 CMC,2023,vol.74,no.2 can defend any classifier model against adversarial attack.In this way,it is a Generalized Defense against adversarial attacks,capable of defending any classifier model against any attacks.This enables the user to directly integrate CD-GANwith an existing production deployed classifier smoothly.CD-GAN iteratively removes the adversarial noise using a multi-step approach in a modular approach.It performs comparably to the state of the arts with mean accuracy of 33.67 while using minimal compute resources in training.展开更多
Distributed denial of service(DDoS)attack is the most common attack that obstructs a network and makes it unavailable for a legitimate user.We proposed a deep neural network(DNN)model for the detection of DDoS attacks...Distributed denial of service(DDoS)attack is the most common attack that obstructs a network and makes it unavailable for a legitimate user.We proposed a deep neural network(DNN)model for the detection of DDoS attacks in the Software-Defined Networking(SDN)paradigm.SDN centralizes the control plane and separates it from the data plane.It simplifies a network and eliminates vendor specification of a device.Because of this open nature and centralized control,SDN can easily become a victim of DDoS attacks.We proposed a supervised Developed Deep Neural Network(DDNN)model that can classify the DDoS attack traffic and legitimate traffic.Our Developed Deep Neural Network(DDNN)model takes a large number of feature values as compared to previously proposed Machine Learning(ML)models.The proposed DNN model scans the data to find the correlated features and delivers high-quality results.The model enhances the security of SDN and has better accuracy as compared to previously proposed models.We choose the latest state-of-the-art dataset which consists of many novel attacks and overcomes all the shortcomings and limitations of the existing datasets.Our model results in a high accuracy rate of 99.76%with a low false-positive rate and 0.065%low loss rate.The accuracy increases to 99.80%as we increase the number of epochs to 100 rounds.Our proposed model classifies anomalous and normal traffic more accurately as compared to the previously proposed models.It can handle a huge amount of structured and unstructured data and can easily solve complex problems.展开更多
The Mobile Ad-hoc Network(MANET)is a dynamic topology that provides a variety of executions in various disciplines.The most sticky topic in organizationalfields was MANET protection.MANET is helpless against various t...The Mobile Ad-hoc Network(MANET)is a dynamic topology that provides a variety of executions in various disciplines.The most sticky topic in organizationalfields was MANET protection.MANET is helpless against various threats that affect its usability and accessibility.The dark opening assault is considered one of the most far-reaching dynamic assaults that deteriorate the organi-zation's execution and reliability by dropping all approaching packages via the noxious node.The Dark Opening Node aims to deceive any node in the company that wishes to connect to another node by pretending to get the most delicate ability to support the target node.Ad-hoc On-demand Distance Vector(AODV)is a responsive steering convention with no corporate techniques to locate and destroy the dark opening center.We improved AODV by incorporating a novel compact method for detecting and isolating lonely and collaborative black-hole threats that utilize clocks and baits.The recommended method allows MANET nodes to discover and segregate black-hole network nodes over dynamic changes in the network topology.We implement the suggested method's performance with the help of Network Simulator(NS)-3 simulation models.Furthermore,the proposed approach comes exceptionally near to the original AODV,absent black holes in terms of bandwidth,end-to-end latency,error rate,and delivery ratio.展开更多
Introduction: In December 2021, Beninese soldiers were victims of armed terrorist attacks. This study aims to determine the psychological impact of the events experienced on the victims in order to better prevent post...Introduction: In December 2021, Beninese soldiers were victims of armed terrorist attacks. This study aims to determine the psychological impact of the events experienced on the victims in order to better prevent post-traumatic stress disorder. Materials and methods: This is a descriptive cross-sectional study conducted from December 13 to 14, 2021, i.e. 12 days after the oldest event and 4 days after the most recent. The experience of the event was assessed with the Peritraumatic Distress Inventory and the Peritraumatic Dissociation Experiences Questionnaire. Symptoms experienced in the hours and days after the event were assessed with the Revised Event Impact Scale. Results: 36 soldiers were included out of the 38 survivors, i.e. 94.73%. They were 51.43% victims of the night assault, 37.14% of the ambush on patrol and 11.43% of the explosion of vehicle on mine, all male. The average age was 31 years with extremes of 25 and 49 years. The 25 - 30 year olds predominated, 52.78%. 100% of soldiers had significant peritraumatic dissociation, of which 94.44% also had significant peritraumatic distress. 100% of the soldiers had manifestations of intrusion, 89% of manifestations of avoidance and 83% of manifestations of hyperexcitation. 88.89% had an index for acute stress including 100% of victims of night assault and vehicle explosion on mine. Conclusion: This study shows a high prevalence of peritraumatic reactions, recognized factors favoring post-traumatic stress disorder, and the interest of their evaluation for medical and psychological help adapted to the victims.展开更多
Due to the long-term goal of bringing about significant changes in the quality of services supplied to smart city residents and urban environments and life, the development and deployment of ICT in city infrastructure...Due to the long-term goal of bringing about significant changes in the quality of services supplied to smart city residents and urban environments and life, the development and deployment of ICT in city infrastructure has spurred interest in smart cities. Applications for smart cities can gather private data in a variety of fields. Different sectors such as healthcare, smart parking, transportation, traffic systems, public safety, smart agriculture, and other sectors can control real-life physical objects and deliver intelligent and smart information to citizens who are the users. However, this smart ICT integration brings about numerous concerns and issues with security and privacy for both smart city citizens and the environments they are built in. The main uses of smart cities are examined in this journal article, along with the security needs for IoT systems supporting them and the identified important privacy and security issues in the smart city application architecture. Following the identification of several security flaws and privacy concerns in the context of smart cities, it then highlights some security and privacy solutions for developing secure smart city systems and presents research opportunities that still need to be considered for performance improvement in the future.展开更多
Over time, the world has transformed digitally and there is total dependence on the internet. Many more gadgets are continuously interconnected in the internet ecosystem. This fact has made the Internet a global infor...Over time, the world has transformed digitally and there is total dependence on the internet. Many more gadgets are continuously interconnected in the internet ecosystem. This fact has made the Internet a global information source for every being. Despite all this, attacker knowledge by cybercriminals has advanced and resulted in different attack methodologies on the internet and its data stores. This paper will discuss the origin and significance of Denial of Service (DoS) and Distributed Denial of Service (DDoS). These kinds of attacks remain the most effective methods used by the bad guys to cause substantial damage in terms of operational, reputational, and financial damage to organizations globally. These kinds of attacks have hindered network performance and availability. The victim’s network is flooded with massive illegal traffic hence, denying genuine traffic from passing through for authorized users. The paper will explore detection mechanisms, and mitigation techniques for this network threat.展开更多
To secure web applications from Man-In-The-Middle(MITM)and phishing attacks is a challenging task nowadays.For this purpose,authen-tication protocol plays a vital role in web communication which securely transfers dat...To secure web applications from Man-In-The-Middle(MITM)and phishing attacks is a challenging task nowadays.For this purpose,authen-tication protocol plays a vital role in web communication which securely transfers data from one party to another.This authentication works via OpenID,Kerberos,password authentication protocols,etc.However,there are still some limitations present in the reported security protocols.In this paper,the presented anticipated strategy secures both Web-based attacks by leveraging encoded emails and a novel password form pattern method.The proposed OpenID-based encrypted Email’s Authentication,Authorization,and Accounting(EAAA)protocol ensure security by relying on the email authenticity and a Special Secret Encrypted Alphanumeric String(SSEAS).This string is deployed on both the relying party and the email server,which is unique and trustworthy.The first authentication,OpenID Uniform Resource Locator(URL)identity,is performed on the identity provider side.A second authentication is carried out by the hidden Email’s server side and receives a third authentication link.This Email’s third SSEAS authentication link manages on the relying party(RP).Compared to existing cryptographic single sign-on protocols,the EAAA protocol ensures that an OpenID URL’s identity is secured from MITM and phishing attacks.This study manages two attacks such as MITM and phishing attacks and gives 339 ms response time which is higher than the already reported methods,such as Single Sign-On(SSO)and OpenID.The experimental sites were examined by 72 information technology(IT)specialists,who found that 88.89%of respondents successfully validated the user authorization provided to them via Email.The proposed EAAA protocol minimizes the higher-level risk of MITM and phishing attacks in an OpenID-based atmosphere.展开更多
文摘Bayesian networks are a powerful class of graphical decision models used to represent causal relationships among variables.However,the reliability and integrity of learned Bayesian network models are highly dependent on the quality of incoming data streams.One of the primary challenges with Bayesian networks is their vulnerability to adversarial data poisoning attacks,wherein malicious data is injected into the training dataset to negatively influence the Bayesian network models and impair their performance.In this research paper,we propose an efficient framework for detecting data poisoning attacks against Bayesian network structure learning algorithms.Our framework utilizes latent variables to quantify the amount of belief between every two nodes in each causal model over time.We use our innovative methodology to tackle an important issue with data poisoning assaults in the context of Bayesian networks.With regard to four different forms of data poisoning attacks,we specifically aim to strengthen the security and dependability of Bayesian network structure learning techniques,such as the PC algorithm.By doing this,we explore the complexity of this area and offer workablemethods for identifying and reducing these sneaky dangers.Additionally,our research investigates one particular use case,the“Visit to Asia Network.”The practical consequences of using uncertainty as a way to spot cases of data poisoning are explored in this inquiry,which is of utmost relevance.Our results demonstrate the promising efficacy of latent variables in detecting and mitigating the threat of data poisoning attacks.Additionally,our proposed latent-based framework proves to be sensitive in detecting malicious data poisoning attacks in the context of stream data.
文摘The rapid increase in vehicle traffic volume in modern societies has raised the need to develop innovative solutions to reduce traffic congestion and enhance traffic management efficiency.Revolutionary advanced technology,such as Intelligent Transportation Systems(ITS),enables improved traffic management,helps eliminate congestion,and supports a safer environment.ITS provides real-time information on vehicle traffic and transportation systems that can improve decision-making for road users.However,ITS suffers from routing issues at the network layer when utilising Vehicular Ad Hoc Networks(VANETs).This is because each vehicle plays the role of a router in this network,which leads to a complex vehicle communication network,causing issues such as repeated link breakages between vehicles resulting from the mobility of the network and rapid topological variation.This may lead to loss or delay in packet transmissions;this weakness can be exploited in routing attacks,such as black-hole and gray-hole attacks,that threaten the availability of ITS services.In this paper,a Blockchain-based smart contracts model is proposed to offer convenient and comprehensive security mechanisms,enhancing the trustworthiness between vehicles.Self-Classification Blockchain-Based Contracts(SCBC)and Voting-Classification Blockchain-Based Contracts(VCBC)are utilised in the proposed protocol.The results show that VCBC succeeds in attaining better results in PDR and TP performance even in the presence of Blackhole and Grayhole attacks.
基金The author extends the appreciation to the Deanship of Postgraduate Studies and Scientific Research atMajmaah University for funding this research work through the project number(R-2024-920).
文摘With the increasing number of connected devices in the Internet of Things(IoT)era,the number of intrusions is also increasing.An intrusion detection system(IDS)is a secondary intelligent system for monitoring,detecting and alerting against malicious activity.IDS is important in developing advanced security models.This study reviews the importance of various techniques,tools,and methods used in IoT detection and/or prevention systems.Specifically,it focuses on machine learning(ML)and deep learning(DL)techniques for IDS.This paper proposes an accurate intrusion detection model to detect traditional and new attacks on the Internet of Vehicles.To speed up the detection of recent attacks,the proposed network architecture developed at the data processing layer is incorporated with a convolutional neural network(CNN),which performs better than a support vector machine(SVM).Processing data are enhanced using the synthetic minority oversampling technique to ensure learning accuracy.The nearest class mean classifier is applied during the testing phase to identify new attacks.Experimental results using the AWID dataset,which is one of the most common open intrusion detection datasets,revealed a higher detection accuracy(94%)compared to SVM and random forest methods.
文摘This case report investigates the manifestation of cerebral amyloid angiopathy (CAA) through recurrent Transient Ischemic Attacks (TIAs) in an 82-year-old patient. Despite initial diagnostic complexities, cerebral angiography-MRI revealed features indicative of CAA. Symptomatic treatment resulted in improvement, but the patient later developed a fatal hematoma. The discussion navigates the intricate therapeutic landscape of repetitive TIAs in the elderly with cardiovascular risk factors, emphasizing the pivotal role of cerebral MRI and meticulous bleeding risk management. The conclusion stresses the importance of incorporating SWI sequences, specifically when suspecting a cardioembolic TIA, as a diagnostic measure to explore and exclude CAA in the differential diagnosis. This case report provides valuable insights into these challenges, highlighting the need to consider CAA in relevant cases.
基金This study was funded by the Chongqing Normal University Startup Foundation for PhD(22XLB021)was also supported by the Open Research Project of the State Key Laboratory of Industrial Control Technology,Zhejiang University,China(No.ICT2023B40).
文摘Internet of Things(IoT)is vulnerable to data-tampering(DT)attacks.Due to resource limitations,many anomaly detection systems(ADSs)for IoT have high false positive rates when detecting DT attacks.This leads to the misreporting of normal data,which will impact the normal operation of IoT.To mitigate the impact caused by the high false positive rate of ADS,this paper proposes an ADS management scheme for clustered IoT.First,we model the data transmission and anomaly detection in clustered IoT.Then,the operation strategy of the clustered IoT is formulated as the running probabilities of all ADSs deployed on every IoT device.In the presence of a high false positive rate in ADSs,to deal with the trade-off between the security and availability of data,we develop a linear programming model referred to as a security trade-off(ST)model.Next,we develop an analysis framework for the ST model,and solve the ST model on an IoT simulation platform.Last,we reveal the effect of some factors on the maximum combined detection rate through theoretical analysis.Simulations show that the ADS management scheme can mitigate the data unavailability loss caused by the high false positive rates in ADS.
基金extend their appreciation to Researcher Supporting Project Number(RSPD2023R582)King Saud University,Riyadh,Saudi Arabia.
文摘The healthcare sector holds valuable and sensitive data.The amount of this data and the need to handle,exchange,and protect it,has been increasing at a fast pace.Due to their nature,software-defined networks(SDNs)are widely used in healthcare systems,as they ensure effective resource utilization,safety,great network management,and monitoring.In this sector,due to the value of thedata,SDNs faceamajor challengeposed byawide range of attacks,such as distributed denial of service(DDoS)and probe attacks.These attacks reduce network performance,causing the degradation of different key performance indicators(KPIs)or,in the worst cases,a network failure which can threaten human lives.This can be significant,especially with the current expansion of portable healthcare that supports mobile and wireless devices for what is called mobile health,or m-health.In this study,we examine the effectiveness of using SDNs for defense against DDoS,as well as their effects on different network KPIs under various scenarios.We propose a threshold-based DDoS classifier(TBDC)technique to classify DDoS attacks in healthcare SDNs,aiming to block traffic considered a hazard in the form of a DDoS attack.We then evaluate the accuracy and performance of the proposed TBDC approach.Our technique shows outstanding performance,increasing the mean throughput by 190.3%,reducing the mean delay by 95%,and reducing packet loss by 99.7%relative to normal,with DDoS attack traffic.
文摘This paper introduces a novel multi-tiered defense architecture to protect language models from adversarial prompt attacks. We construct adversarial prompts using strategies like role emulation and manipulative assistance to simulate real threats. We introduce a comprehensive, multi-tiered defense framework named GUARDIAN (Guardrails for Upholding Ethics in Language Models) comprising a system prompt filter, pre-processing filter leveraging a toxic classifier and ethical prompt generator, and pre-display filter using the model itself for output screening. Extensive testing on Meta’s Llama-2 model demonstrates the capability to block 100% of attack prompts. The approach also auto-suggests safer prompt alternatives, thereby bolstering language model security. Quantitatively evaluated defense layers and an ethical substitution mechanism represent key innovations to counter sophisticated attacks. The integrated methodology not only fortifies smaller LLMs against emerging cyber threats but also guides the broader application of LLMs in a secure and ethical manner.
基金supported by the National Natural Science Foundation of China(61925303,62173034,62088101,U20B2073,62173002)the National Key Research and Development Program of China(2021YFB1714800)Beijing Natural Science Foundation(4222045)。
文摘This paper investigates the security issue of multisensor remote estimation systems.An optimal stealthy false data injection(FDI)attack scheme based on historical and current residuals,which only tampers with the measurement residuals of partial sensors due to limited attack resources,is proposed to maximally degrade system estimation performance.The attack stealthiness condition is given,and then the estimation error covariance in compromised state is derived to quantify the system performance under attack.The optimal attack strategy is obtained by solving several convex optimization problems which maximize the trace of the compromised estimation error covariance subject to the stealthiness condition.Moreover,due to the constraint of attack resources,the selection principle of the attacked sensor is provided to determine which sensor is attacked so as to hold the most impact on system performance.Finally,simulation results are presented to verify the theoretical analysis.
基金supported in part by Australian Research Council Discovery Early Career Researcher Award(DE210100273)。
文摘Connected automated vehicles(CAVs)serve as a promising enabler for future intelligent transportation systems because of their capabilities in improving traffic efficiency and driving safety,and reducing fuel consumption and vehicle emissions.A fundamental issue in CAVs is platooning control that empowers a convoy of CAVs to be cooperatively maneuvered with desired longitudinal spacings and identical velocities on roads.This paper addresses the issue of resilient and safe platooning control of CAVs subject to intermittent denial-of-service(DoS)attacks that disrupt vehicle-to-vehicle communications.First,a heterogeneous and uncertain vehicle longitudinal dynamic model is presented to accommodate a variety of uncertainties,including diverse vehicle masses and engine inertial delays,unknown and nonlinear resistance forces,and a dynamic platoon leader.Then,a resilient and safe distributed longitudinal platooning control law is constructed with an aim to preserve simultaneous individual vehicle stability,attack resilience,platoon safety and scalability.Furthermore,a numerically efficient offline design algorithm for determining the desired platoon control law is developed,under which the platoon resilience against DoS attacks can be maximized but the anticipated stability,safety and scalability requirements remain preserved.Finally,extensive numerical experiments are provided to substantiate the efficacy of the proposed platooning method.
基金This work was supported in part by the National Natural Science Foundation of China(61903258)Guangdong Basic and Applied Basic Research Foundation(2022A1515010234)+1 种基金the Project of Department of Education of Guangdong Province(2022KTSCX105)Qatar National Research Fund(NPRP12C-0814-190012).
文摘This paper studies the countermeasure design problems of distributed resilient time-varying formation-tracking control for multi-UAV systems with single-way communications against composite attacks,including denial-of-services(DoS)attacks,false-data injection attacks,camouflage attacks,and actuation attacks(AAs).Inspired by the concept of digital twin,a new two-layered protocol equipped with a safe and private twin layer(TL)is proposed,which decouples the above problems into the defense scheme against DoS attacks on the TL and the defense scheme against AAs on the cyber-physical layer.First,a topologyrepairing strategy against frequency-constrained DoS attacks is implemented via a Zeno-free event-triggered estimation scheme,which saves communication resources considerably.The upper bound of the reaction time needed to launch the repaired topology after the occurrence of DoS attacks is calculated.Second,a decentralized adaptive and chattering-relief controller against potentially unbounded AAs is designed.Moreover,this novel adaptive controller can achieve uniformly ultimately bounded convergence,whose error bound can be given explicitly.The practicability and validity of this new two-layered protocol are shown via a simulation example and a UAV swarm experiment equipped with both Ultra-WideBand and WiFi communication channels.
文摘Ménière’s disease(MD)patients may suffer episodes of sudden falls,named Tu markin drop attacks(DAs).This fall occurs abruptly and without warning or loss of consciousness.DAs usually aggravate the clinical picture of MD and are challenging to manage.The present report describes a case treated by cochlear implantation(CI)due to concomitant deafness and offers some clinical considerations for this condition.A male patient aged 48 years with a 10-year history of definite bilateral MD had profound SNHL on the right and severe SNHL on the left side.He suffered from intermittent attacks of vertigo,ear fullness,and tinnitus and,in the last year,had developed DAs and experienced 14 episodes in the previous six months.The preoperative category of acoustic performance was 3.The Dizziness Handicap Inventory(DHI)questionnaire showed a total score of 46,which indicated a moderate degree of disability.A CI was planned for the right side.The patient did not report any further DAs episode for two years since then.The postoperative category of acoustic performance became 11,and the postoperative DHI questionnaire showed a decrease in the total score(from 46 to 19),which indicated a mild disability.Unilateral CI effectively alleviated the DAs associated with bilateral MD.Our report proposes a new modality for managing vertiginous symptoms in cases of MD with hearing loss without the need for more aggressive surgical interventions with the need for clinical trials to confirm our results.
基金This work was supported by the European Union’s Horizon 2020 Research and Innovation Programme under the Marie Skodowska-Curie(101027980(CSPCPS-A-ICA),739551(KIOS CoE-TEAMING))the Italian Ministry for Research in the Framework of the 2017 Program for Research Projects of National Interest(PRIN)(2017YKXYXJ)+3 种基金the National Natural Science Foundation of China(61903188,62073165,62020106003)the Natural Science Foundation of Jiangsu Province(BK20190403)the 111 Project(B20007)the Priority Academic Program Development of Jiangsu Higher Education Institutions.
文摘This paper proposes a passive methodology for detecting a class of stealthy intermittent integrity attacks in cyberphysical systems subject to process disturbances and measurement noise.A stealthy intermittent integrity attack strategy is first proposed by modifying a zero-dynamics attack model.The stealthiness of the generated attacks is rigorously investigated under the condition that the adversary does not know precisely the system state values.In order to help detect such attacks,a backward-in-time detection residual is proposed based on an equivalent quantity of the system state change,due to the attack,at a time prior to the attack occurrence time.A key characteristic of this residual is that its magnitude increases every time a new attack occurs.To estimate this unknown residual,an optimal fixed-point smoother is proposed by minimizing a piece-wise linear quadratic cost function with a set of specifically designed weighting matrices.The smoother design guarantees robustness with respect to process disturbances and measurement noise,and is also able to maintain sensitivity as time progresses to intermittent integrity attack by resetting the covariance matrix based on the weighting matrices.The adaptive threshold is designed based on the estimated backward-in-time residual,and the attack detectability analysis is rigorously investigated to characterize quantitatively the class of attacks that can be detected by the proposed methodology.Finally,a simulation example is used to demonstrate the effectiveness of the developed methodology.
基金funded by Institutional Fund Projects under Grant No.(IFPIP:329-611-1443)the technical and financial support provided by the Ministry of Education and King Abdulaziz University,DSR,Jeddah,Saudi Arabia.
文摘Face verification systems are critical in a wide range of applications,such as security systems and biometric authentication.However,these systems are vulnerable to adversarial attacks,which can significantly compromise their accuracy and reliability.Adversarial attacks are designed to deceive the face verification system by adding subtle perturbations to the input images.These perturbations can be imperceptible to the human eye but can cause the systemtomisclassifyor fail torecognize thepersoninthe image.Toaddress this issue,weproposeanovel system called VeriFace that comprises two defense mechanisms,adversarial detection,and adversarial removal.The first mechanism,adversarial detection,is designed to identify whether an input image has been subjected to adversarial perturbations.The second mechanism,adversarial removal,is designed to remove these perturbations from the input image to ensure the face verification system can accurately recognize the person in the image.To evaluate the effectiveness of the VeriFace system,we conducted experiments on different types of adversarial attacks using the Labelled Faces in the Wild(LFW)dataset.Our results show that the VeriFace adversarial detector can accurately identify adversarial imageswith a high detection accuracy of 100%.Additionally,our proposedVeriFace adversarial removalmethod has a significantly lower attack success rate of 6.5%compared to state-of-the-art removalmethods.
基金Taif University,Taif,Saudi Arabia through Taif University Researchers Supporting Project Number(TURSP-2020/115).
文摘Neural networks play a significant role in the field of image classification.When an input image is modified by adversarial attacks,the changes are imperceptible to the human eye,but it still leads to misclassification of the images.Researchers have demonstrated these attacks to make production self-driving cars misclassify StopRoad signs as 45 Miles Per Hour(MPH)road signs and a turtle being misclassified as AK47.Three primary types of defense approaches exist which can safeguard against such attacks i.e.,Gradient Masking,Robust Optimization,and Adversarial Example Detection.Very few approaches use Generative Adversarial Networks(GAN)for Defense against Adversarial Attacks.In this paper,we create a new approach to defend against adversarial attacks,dubbed Chained Dual-Generative Adversarial Network(CD-GAN)that tackles the defense against adversarial attacks by minimizing the perturbations of the adversarial image using iterative oversampling and undersampling using GANs.CD-GAN is created using two GANs,i.e.,CDGAN’s Sub-ResolutionGANandCDGAN’s Super-ResolutionGAN.The first is CDGAN’s Sub-Resolution GAN which takes the original resolution input image and oversamples it to generate a lower resolution neutralized image.The second is CDGAN’s Super-Resolution GAN which takes the output of the CDGAN’s Sub-Resolution and undersamples,it to generate the higher resolution image which removes any remaining perturbations.Chained Dual GAN is formed by chaining these two GANs together.Both of these GANs are trained independently.CDGAN’s Sub-Resolution GAN is trained using higher resolution adversarial images as inputs and lower resolution neutralized images as output image examples.Hence,this GAN downscales the image while removing adversarial attack noise.CDGAN’s Super-Resolution GAN is trained using lower resolution adversarial images as inputs and higher resolution neutralized images as output images.Because of this,it acts as an Upscaling GAN while removing the adversarial attak noise.Furthermore,CD-GAN has a modular design such that it can be prefixed to any existing classifier without any retraining or extra effort,and 2542 CMC,2023,vol.74,no.2 can defend any classifier model against adversarial attack.In this way,it is a Generalized Defense against adversarial attacks,capable of defending any classifier model against any attacks.This enables the user to directly integrate CD-GANwith an existing production deployed classifier smoothly.CD-GAN iteratively removes the adversarial noise using a multi-step approach in a modular approach.It performs comparably to the state of the arts with mean accuracy of 33.67 while using minimal compute resources in training.
文摘Distributed denial of service(DDoS)attack is the most common attack that obstructs a network and makes it unavailable for a legitimate user.We proposed a deep neural network(DNN)model for the detection of DDoS attacks in the Software-Defined Networking(SDN)paradigm.SDN centralizes the control plane and separates it from the data plane.It simplifies a network and eliminates vendor specification of a device.Because of this open nature and centralized control,SDN can easily become a victim of DDoS attacks.We proposed a supervised Developed Deep Neural Network(DDNN)model that can classify the DDoS attack traffic and legitimate traffic.Our Developed Deep Neural Network(DDNN)model takes a large number of feature values as compared to previously proposed Machine Learning(ML)models.The proposed DNN model scans the data to find the correlated features and delivers high-quality results.The model enhances the security of SDN and has better accuracy as compared to previously proposed models.We choose the latest state-of-the-art dataset which consists of many novel attacks and overcomes all the shortcomings and limitations of the existing datasets.Our model results in a high accuracy rate of 99.76%with a low false-positive rate and 0.065%low loss rate.The accuracy increases to 99.80%as we increase the number of epochs to 100 rounds.Our proposed model classifies anomalous and normal traffic more accurately as compared to the previously proposed models.It can handle a huge amount of structured and unstructured data and can easily solve complex problems.
文摘The Mobile Ad-hoc Network(MANET)is a dynamic topology that provides a variety of executions in various disciplines.The most sticky topic in organizationalfields was MANET protection.MANET is helpless against various threats that affect its usability and accessibility.The dark opening assault is considered one of the most far-reaching dynamic assaults that deteriorate the organi-zation's execution and reliability by dropping all approaching packages via the noxious node.The Dark Opening Node aims to deceive any node in the company that wishes to connect to another node by pretending to get the most delicate ability to support the target node.Ad-hoc On-demand Distance Vector(AODV)is a responsive steering convention with no corporate techniques to locate and destroy the dark opening center.We improved AODV by incorporating a novel compact method for detecting and isolating lonely and collaborative black-hole threats that utilize clocks and baits.The recommended method allows MANET nodes to discover and segregate black-hole network nodes over dynamic changes in the network topology.We implement the suggested method's performance with the help of Network Simulator(NS)-3 simulation models.Furthermore,the proposed approach comes exceptionally near to the original AODV,absent black holes in terms of bandwidth,end-to-end latency,error rate,and delivery ratio.
文摘Introduction: In December 2021, Beninese soldiers were victims of armed terrorist attacks. This study aims to determine the psychological impact of the events experienced on the victims in order to better prevent post-traumatic stress disorder. Materials and methods: This is a descriptive cross-sectional study conducted from December 13 to 14, 2021, i.e. 12 days after the oldest event and 4 days after the most recent. The experience of the event was assessed with the Peritraumatic Distress Inventory and the Peritraumatic Dissociation Experiences Questionnaire. Symptoms experienced in the hours and days after the event were assessed with the Revised Event Impact Scale. Results: 36 soldiers were included out of the 38 survivors, i.e. 94.73%. They were 51.43% victims of the night assault, 37.14% of the ambush on patrol and 11.43% of the explosion of vehicle on mine, all male. The average age was 31 years with extremes of 25 and 49 years. The 25 - 30 year olds predominated, 52.78%. 100% of soldiers had significant peritraumatic dissociation, of which 94.44% also had significant peritraumatic distress. 100% of the soldiers had manifestations of intrusion, 89% of manifestations of avoidance and 83% of manifestations of hyperexcitation. 88.89% had an index for acute stress including 100% of victims of night assault and vehicle explosion on mine. Conclusion: This study shows a high prevalence of peritraumatic reactions, recognized factors favoring post-traumatic stress disorder, and the interest of their evaluation for medical and psychological help adapted to the victims.
文摘Due to the long-term goal of bringing about significant changes in the quality of services supplied to smart city residents and urban environments and life, the development and deployment of ICT in city infrastructure has spurred interest in smart cities. Applications for smart cities can gather private data in a variety of fields. Different sectors such as healthcare, smart parking, transportation, traffic systems, public safety, smart agriculture, and other sectors can control real-life physical objects and deliver intelligent and smart information to citizens who are the users. However, this smart ICT integration brings about numerous concerns and issues with security and privacy for both smart city citizens and the environments they are built in. The main uses of smart cities are examined in this journal article, along with the security needs for IoT systems supporting them and the identified important privacy and security issues in the smart city application architecture. Following the identification of several security flaws and privacy concerns in the context of smart cities, it then highlights some security and privacy solutions for developing secure smart city systems and presents research opportunities that still need to be considered for performance improvement in the future.
文摘Over time, the world has transformed digitally and there is total dependence on the internet. Many more gadgets are continuously interconnected in the internet ecosystem. This fact has made the Internet a global information source for every being. Despite all this, attacker knowledge by cybercriminals has advanced and resulted in different attack methodologies on the internet and its data stores. This paper will discuss the origin and significance of Denial of Service (DoS) and Distributed Denial of Service (DDoS). These kinds of attacks remain the most effective methods used by the bad guys to cause substantial damage in terms of operational, reputational, and financial damage to organizations globally. These kinds of attacks have hindered network performance and availability. The victim’s network is flooded with massive illegal traffic hence, denying genuine traffic from passing through for authorized users. The paper will explore detection mechanisms, and mitigation techniques for this network threat.
文摘To secure web applications from Man-In-The-Middle(MITM)and phishing attacks is a challenging task nowadays.For this purpose,authen-tication protocol plays a vital role in web communication which securely transfers data from one party to another.This authentication works via OpenID,Kerberos,password authentication protocols,etc.However,there are still some limitations present in the reported security protocols.In this paper,the presented anticipated strategy secures both Web-based attacks by leveraging encoded emails and a novel password form pattern method.The proposed OpenID-based encrypted Email’s Authentication,Authorization,and Accounting(EAAA)protocol ensure security by relying on the email authenticity and a Special Secret Encrypted Alphanumeric String(SSEAS).This string is deployed on both the relying party and the email server,which is unique and trustworthy.The first authentication,OpenID Uniform Resource Locator(URL)identity,is performed on the identity provider side.A second authentication is carried out by the hidden Email’s server side and receives a third authentication link.This Email’s third SSEAS authentication link manages on the relying party(RP).Compared to existing cryptographic single sign-on protocols,the EAAA protocol ensures that an OpenID URL’s identity is secured from MITM and phishing attacks.This study manages two attacks such as MITM and phishing attacks and gives 339 ms response time which is higher than the already reported methods,such as Single Sign-On(SSO)and OpenID.The experimental sites were examined by 72 information technology(IT)specialists,who found that 88.89%of respondents successfully validated the user authorization provided to them via Email.The proposed EAAA protocol minimizes the higher-level risk of MITM and phishing attacks in an OpenID-based atmosphere.
