Explore the vast range of titles available.

As a classic cyber-physical system, smart grids often suffer from various types of attacks, one of which the most threatening attacks is coordinated cyber-physical attack (CCPA). In order to improve the robustness of the smart grids against CCPA, we predict and simulate various possible attack scenarios, and propose three attack strategies, such as optimal attack strategy (OAS), saturation attack strategy (SAS) and decentralized random selective attack strategy (DRSAS). The OAS is used to get the maximum attack effect by attacking a small of number of targets in the case of limited resources. The SAS is designed to destroy the entire network with sufficient resource while avoiding repeated or redundant attacks. The DRSAS is proposed to random select decentralized cyber and physical targets according to attacker acknowledgement, real-time vulnerabilities, network characteristics, which is divided into implicit attack and explicit attack. In this paper, attack goals (AGs) function is firstly constructed to identify important cyber and physical targets. Secondly, based on these AGs, OAS and SAS are designed and applied to CCPA for analyzing the effect of those attack strategies on smart grids. Thirdly, The DRSAS is used to study the influence of decentralized random attack on cascading failure of smart grid, which applied to CCPA is to compare with OAS and SAS. Finally, node loss is used as an evaluation index to compare the attack effect of cyber attack (CA), physical attack (PA), CCPA based on OAS, SAS and DRSAS. The experimental results show that: (I) when the same proportion of nodes are removed, the CCPA based on the OAS or SAS has better attack effect rather than CA and PA; (II) CCPA based on DRSAS has different effects at different times, and explicit attack has better effect than implicit attack regardless of α = 0.3 , 0.4 , 0.5 and times t 1, t 2, t 3.

Software-Defined Networking stands as a pivotal technology in attaining the essential levels of flexibility and scalability demanded by pervasive and high-performance network infrastructure required for digital connected services. Nonetheless, its disaggregated and layered architecture makes it open to the time-based fingerprinting attacks. Besides, limited flow table capacity of the switches alleviates table saturation attacks. In this paper, an automated attacker tool called TASOS is proposed to infer flow table utilization rate, size and replacement algorithm. With this set of information, the attacker can conduct intelligent saturation attacks. Furthermore, a lightweight defense mechanism ( LIDISA ) for proactively deleting flow rules is described. A comprehensive simulation setup with different network conditions shows that the proposed techniques achieve superior success rate in diverse settings.

A saturation attack can be employed for compromising the practical security of continuous-variable quantum key distribution (CVQKD). In this paper, we suggest a countermeasure approach to resisting this attack by embedding an adjustable optical filter (AOF) in the CVQKD system. Numerical simulations illustrate the effects of the AOF-enabled countermeasure on the performance in terms of the secret key rate and transmission distance. The legal participants can trace back the information that has been eavesdropped by an attacker from the imperfect receiver, which indicates that this approach can be used for defeating a saturation attack in practical quantum communications.

Software-defined networking (SDN) enables dynamic management and flexible network control by employing reactive rule installation. Due to high power consumption and cost, current OpenFlow switches only support a limited number of flow rules, which is a major limitation for deploying massive fine-grained policies. This bottleneck can be exploited by attackers to launch saturation attacks to overflow the flow table. Moreover, flow table overflow can occur in the absence of malicious attackers. To cope with this, researchers have developed many proposals to relieve the load under benign conditions. Among them, the dynamic timeout mechanism is one of the most effective solutions. We notice that when the SDN controller adopts dynamic timeouts, existing flow table saturation attacks can fail, or even expose the attackers, due to inaccurate inferring results. In this paper, we extract the common features of dynamic timeout strategies and propose an advanced flow table saturation attack. We explore the definition of flow rule lifetime and use a timing-based side-channel to infer the timeout of flow rules. Moreover, we leverage the dynamic timeout mechanisms to proactively interfere with the decision of timeout values and perform an attack. We conduct extensive experiments in various settings to demonstrate its effectiveness. We also notice that some replacement strategies work differently when the controller assigns dynamic timeouts. The experiment results show that the attack can incur significant network performance degradation and carry out the attack in a stealthy manner.

In modern marine warfare, unmanned underwater vehicles (UUVs) have fast and efficient attack capabilities. However, existing research on UUV attack strategies is relatively limited, often ignoring the requirement for the effective allocation of different strategic value areas, which restricts its performance in the marine combat environment. To this end, this paper proposes an innovative UUV task allocation and saturation attack strategy. The strategy first divides the area according to the distribution density of enemy UUVs, and then reasonably allocates tasks according to the enemy’s regional value and the attack capability of our UUVs. Our UUVs then sail to the enemy area and are evenly distributed in the encirclement to ensure accurate saturation attacks. In the task allocation link, the grey wolf optimizer is improved by introducing Logistic chaos mapping and differential evolution mechanism, which improves the search efficiency and allocation accuracy. At the same time, the combination of the optimal matching algorithm and Bezier curve dynamic path control ensures the accuracy and flexibility of a coordinated attack. The simulation experimental results show that the strategy shows high attack efficiency and practicality in marine combat scenarios, providing an effective solution for UUV attack tasks in complex marine environments.

Software-defined networking (SDN) decouples the data and control planes. However, attackers can lead catastrophic results to the whole network using manipulated flooding packets, called the data-to-control-plane saturation attacks. The existing methods, using centralized mitigation policies and ignoring the buffered attack flows, involve extra network entities and make benign traffic suffer from long network recovery delays. For these purposes, we propose LFSDM, a saturation attack detection and mitigation system, which solves these challenges by leveraging three new techniques: 1) using linear discriminant analysis (LDA) and extracting a novel feature called control channel occupation rate (CCOR) to detect the attacks, 2) adopting the distributed mitigation agents to reduce the number of involved network entities and, 3) cleaning up the buffered attack flows to enable fast recovery. Experiments show that our system can detect the attacks timely and accurately. More importantly, compared with the previous work, we save 81% of the network recovery delay under attacks ranging from 1 000 to 4 000 packets per second (PPS) on average, and 87% of the network recovery delay under higher attack rates with PPS ranging from 5 000 to 30 000.

Task assignment is a challenging problem in multiple unmanned aerial vehicle (UAV) missions. In this paper, we focus on the task assignment problem for a UAV swarm saturation attack, in which a deep reinforcement learning (DRL) framework is developed. Specifically, we first construct a mathematical model to formulate the task assignment problem for a UAV swarm saturation attack and consider it as a Markov Decision Process (MDP). We then design a policy neural network using the attention mechanism. We also propose a training algorithm based on the policy gradient method so that our agent can learn an effective task assignment policy. The experimental results have shown that our DRL method can generate high-quality solutions for different problem scales, which meets the requirements of real-time and flexibility in the actual situation.

The theoretical security of continuous variable quantum key distribution (CV-QKD ) has been proved. However the gap between the theoretical model and the practical model can lead to the threat of the actual security of CV-QKD system in practice. An eavesdropper can use the imperfection of the homodyne detector to perform the saturation attacks. She can successfully obtain information without being detected by legitimate communication parties. In this paper, we analyze saturation attacks through atmospheric channels in CV-QKD system, and use mean-limited least square method to fit straight lines to defend against saturation attacks. Simulation results show that legal participants evaluate the information that has been eavesdropped because the secret key rate is negative.

Saturation attack detection in Software-Defined Networking (SDN) focuses on identifying and mitigating flow table overflow attacks on switches and overload attacks on the SDN controller. These attacks can hinder the installation of legitimate flow entries in switches and may even exhaust the controller’s resources, potentially leading to packet transmission failure. Although such threats are increasingly significant, network attack detection methods based on edge representation learning are still insufficiently studied. This study introduces a novel saturation attack detection method that leverages edge representation learning to enhance detection performance. The proposed method includes a novel graph construction strategy that generates Multi-edge Communication Flow Graphs (MCF-Graphs), and an edge representation learning model, Node-Edge Relationship GraphSAGE (NER-SAGE), for detecting saturation attack flows. MCF-Graphs effectively capture both the internal relationships among network flows and the associations between flows and network devices. NER-SAGE incorporates an attention mechanism to highlight the impact of flow edges on device node states in MCF-Graphs, and generates edge embeddings by aggregating information from both nodes and edges. Experiments conducted on two different network topologies demonstrate that the proposed method achieves high detection accuracy and strong graph representation capability, highlighting its effectiveness in identifying saturation attack flows.

The design of existing machine-learning-based DoS detection systems in software-defined networking (SDN) suffers from two major problems. First, the proper time window for conducting network traffic analysis is unknown and has proven challenging to determine. Second, it is unable to detect unknown types of DoS saturation attacks. An unknown saturation attack is an attack that is not represented in the training data. In this paper, we evaluate three supervised classifiers for detecting a family of DDoS flooding attacks (UDP, TCP-SYN, IP-Spoofing, TCP-SARFU, and ICMP) and their combinations using different time windows. This work represents an extension of the runner-up best-paper award entitled ‘Detecting Saturation Attacks in SDN via Machine Learning’ published in the 2019 4th International Conference on Computing, Communications and Security (ICCCS). The results in this paper show that the trained supervised models fail in detecting unknown saturation attacks, and their overall detection performance decreases when the time window of the network traffic increases. Moreover, we investigate the performance of four semi-supervised classifiers in detecting unknown flooding attacks. The results indicate that semi-supervised classifiers outperform the supervised classifiers in the detection of unknown flooding attacks. Furthermore, to further increase the possibility of detecting the known and unknown flooding attacks, we propose an enhanced hybrid approach that combines two supervised and semi-supervised classifiers. The results demonstrate that the hybrid approach has outperformed individually supervised or semi-supervised classifiers in detecting the known and unknown flooding DoS attacks in SDN.