Explore the vast range of titles available.

The wheelset coaxial wheel diameter difference is one of the most common wheel faults of railway vehicles. The existence of the wheelset coaxial wheel diameter difference may lead to the off-load operation of vehicles, resulting in abnormal wheel tread wear, leading to the deterioration of the wheel–rail contact relationship, resulting in the deterioration of the vehicle’s operating stability and comfort, and even leading to an increase in the derailment coefficient, affecting the running safety. In order to monitor the freight car wheelset coaxial wheel diameter difference online, a vehicle–track coupling dynamics model based on a trackside detection method was established, and the response of rail lateral displacement under the condition of the wheelset coaxial wheel diameter difference was analyzed. The results show that the existence of the wheelset coaxial wheel diameter difference can lead to a deviation in the vehicle’s run, with an increase in the wheelset coaxial wheel diameter difference and an increase in the lateral offset of wheelset increases. The impact of vehicle unbalance loading on the lateral movement of the wheelset is much smaller than that of the wheelset coaxial wheel diameter difference. The existence of the wheelset coaxial wheel diameter difference can be better reflected by detecting the wheelset’s lateral displacement. On straight line, the variation of lateral displacement has no infection of vehicle speed, but shows a quadratic growth trend with the wheelset coaxial wheel diameter difference. Based on this, the mapping relationship between the wheelset coaxial wheel diameter difference and wheelset lateral displacement can be obtained. Through a mapping relationship, the size of the wheelset coaxial wheel diameter difference can be reversed precisely through the detection of a trackside lateral movement monitoring system. The reliability of the identification method was verified with a specific test on the trackside monitoring system.

Lateral movement (LM) is a principal, increasingly common, tactic in the arsenal of advanced persistent threat (APT) groups and other less or more powerful threat actors. It concerns techniques that enable a cyberattacker, after establishing a foothold, to maintain ongoing access and penetrate further into a network in quest of prized booty. This is done by moving through the infiltrated network and gaining elevated privileges using an assortment of tools. Concentrating on the MS Windows platform, this work provides the first to our knowledge holistic methodology supported by an abundance of experimental results towards the detection of LM via supervised machine learning (ML) techniques. We specifically detail feature selection, data preprocessing, and feature importance processes, and elaborate on the configuration of the ML models used. A plethora of ML techniques are assessed, including 10 base estimators, one ensemble meta-estimator, and five deep learning models. Vis-à-vis the relevant literature, and by considering a highly unbalanced dataset and a multiclass classification problem, we report superior scores in terms of the F1 and AUC metrics, 99.41% and 99.84%, respectively. Last but not least, as a side contribution, we offer a publicly available, open-source tool, which can convert Windows system monitor logs to turnkey datasets, ready to be fed into ML models.

The potential for lateral deformation of bridge embankments is often overlooked. This oversight can result in unforeseen damage to the abutment and bridge. A set of twin bridges in Ada, Oklahoma is hypothesized to have experienced lateral displacement at the bridge abutment due to embankment movement. This movement initially caused the bridge deck expansion joints to close. The bridge experienced additional distress once the expansion joints stopped functioning properly. To further study this phenomenon the embankments and bridge abutments were simulated using PLAXIS 2D. An advanced soil constitutive model, a bounding surface plasticity model, was implemented into PLAXIS 2D. The model allowed for increased prediction capability of the finite element software. The model was calibrated using soil samples collected during a site investigation. The results of the simulation are presented and discussed with reference to the observed bridge distress. The potential for lateral displacement of pile supported bridge abutments is explored using a parametric study. The lateral displacement behavior is influenced by many factors including excess pore water pressure, rotation of principal stresses, construction sequencing, embankment geometry, and foundation layer thickness. The deformation parameters, embankment height, and soft clay layer thickness were systematically varied for the modeled embankment. The results of the parametric study suggest that lateral movement of the bridge abutment toward the bridge can occur when the thickness of the soft clay foundation layer is less than the height of the approach embankment. When the thickness of the soft clay foundation layer is greater than the embankment height, abutment movement away from the bridge is more likely.

This work attempts to answer in a clear way the following key questions regarding the optimal initialization of the Sysmon tool for the identification of Lateral Movement in the MS Windows ecosystem. First, from an expert’s standpoint and with reference to the relevant literature, what are the criteria for determining the possibly optimal initialization features of the Sysmon event monitoring tool, which are also applicable as custom rules within the config.xml configuration file? Second, based on the identified features, how can a functional configuration file, able to identify as many LM variants as possible, be generated? To answer these questions, we relied on the MITRE ATT and CK knowledge base of adversary tactics and techniques and focused on the execution of the nine commonest LM methods. The conducted experiments, performed on a properly configured testbed, suggested a great number of interrelated networking features that were implemented as custom rules in the Sysmon’s config.xml file. Moreover, by capitalizing on the rich corpus of the 870K Sysmon logs collected, we created and evaluated, in terms of TP and FP rates, an extensible Python .evtx file analyzer, dubbed PeX, which can be used towards automatizing the parsing and scrutiny of such voluminous files. Both the .evtx logs dataset and the developed PeX tool are provided publicly for further propelling future research in this interesting and rapidly evolving field.

Lateral movement of soil organic carbon (SOC) induced by soil erosion and runoff changes spatial distributions of SOC, and further changes the land‐atmosphere CO2 exchange and terrestrial carbon budget. However, current ecosystem models do not or only poorly integrate the process of SOC lateral movement and cannot simulate the impacts of soil erosion on the carbon cycle. This study integrated SOC erosion and deposition processes into a process‐based ecosystem model (i.e., Integrated BIosphere Simulator (IBIS)), and separately simulated the lateral movements of dissolved organic carbon (DOC) and particulate organic carbon (POC). The model was evaluated in three river basins in Northeast China that are dominated by cropland, forest, and grassland. The results showed that the model reproduced well the production, erosion, and deposition of DOC and POC. The annual SOC lateral movement (1.34–7.22 g C m−2 yr−1) induced by erosion in the three tested basins was 0.27%–1.45% of the annual net primary production. The model developed in this study has great implications for simulating the lateral movements of SOC in terrestrial ecosystems, which can improve model performance in projecting the terrestrial carbon budget. Plain Language Summary Lateral movement of soil organic carbon (SOC) with soil erosion and runoff is an important process in estimating land carbon budget. However, the current ecosystem models are not or poorly integrated this process, and cannot simulate the impacts of lateral movement of SOC on carbon cycle. This study integrates SOC erosion and deposition processes into a process‐based ecosystem model (Integrated BIosphere Simulator (IBIS)), and separately simulates the lateral movements of dissolved organic carbon (DOC) and particulate organic carbon (POC). The model was evaluated at three river basins in Northeast China dominated by cropland, forest and grassland, respectively. The results showed the model can reproduce well the production, erosion, deposition of DOC and POC. The model developed in this study has great implications for simulating the lateral movements of SOC in terrestrial ecosystem, which can improve model performance on projecting terrestrial carbon budget. Key Points Current ecosystem models inadequately depict the lateral movement of SOC, causing uncertainties in terrestrial carbon cycle modeling We integrated SOC erosion and deposition into a process‐based ecosystem model and evaluated it in three Chinese river basins Model simulations well represented observed data for the production, erosion, and deposition of organic carbon

The successful penetration of government, corporate, and organizational IT systems by state and non-state actors deploying APT vectors continues at an alarming pace. Advanced Persistent Threat (APT) attacks continue to pose significant challenges for organizations despite technological advancements in artificial intelligence (AI)-based defense mechanisms. While AI has enhanced organizational capabilities for deterrence, detection, and mitigation of APTs, the global escalation in reported incidents, particularly those successfully penetrating critical government infrastructure has heightened concerns among information technology (IT) security administrators and decision-makers. Literature review has identified the stealthy lateral movement (LM) of malware within the initially infected local area network (LAN) as a significant concern. However, current literature has yet to propose a viable approach for resource-efficient, real-time detection of APT malware lateral movement within the initially compromised LAN following perimeter breach. Researchers have suggested the nature of the dataset, optimal feature selection, and the choice of machine learning (ML) techniques as critical factors for detection. Hence, the objective of the research described here was to successfully demonstrate a simplified lightweight ML method for detecting the LM of APT vectors. While the nearest detection rate achieved in the LM domain within LAN was 99.89%, as reported in relevant studies, our approach surpassed it, with a detection rate of 99.95% for the modified random forest (RF) classifier for dataset 1. Additionally, our approach achieved a perfect 100% detection rate for the decision tree (DT) and RF classifiers with dataset 2, a milestone not previously reached in studies within this domain involving two distinct datasets. Using the ML life cycle methodology, we deployed K-nearest neighbor (KNN), support vector machine (SVM), DT, and RF on three relevant datasets to detect the LM of APTs at the affected LAN prior to data exfiltration/destruction. Feature engineering presented four critical APT LM intrusion detection (ID) indicators (features) across the three datasets, namely, the source port number, the destination port number, the packets, and the bytes. This study demonstrates the effectiveness of lightweight ML classifiers in detecting APT lateral movement after network perimeter breach. It contributes to the field by proposing a non-intrusive network detection method capable of identifying APT malware before data exfiltration, thus providing an additional layer of organizational defense.

Distributed Identity is the transition from centralized identity with Decentralized Identifiers (DID) and Verifiable Credentials (VC) for secure and privacy positive authentications. With distributed identity, identity data is brought back under the control of the user, freeing them from the single point of failure presented by credentials, and hence preventing credential-based attacks. In this study, some security improvement to the Zero Trust Architecture (ZTA) with use of the distributed identity were be evaluated, especially on migrations laterally within segmented networks. Furthermore, it discusses the implementation specification of the framework, the benefits and disadvantages of the method to organizations, and the compatibility and generalizability issues. Moreover, the study also considers privacy and regulatory issues like the General Data Protection Regulation (GDPR) and the California Consumer Data Privacy Act (CCPA) along with possible solutions. However, the study indicates that distributed identities can give an order of magnitude improvement to overall security posture through contextual and least privileged authorization as well as user privacy. Results show that by integrating distributed identity into ZTA, unauthorized lateral movement is reduced approximately 65%, authentication security is increased 78 percent relative to traditional, and it is not possible for a credential to be compromised through a phishing attack more than 80 percent of the time. Also, General Data Protection Regulation (GDPR) and California Consumer Data Privacy Act (CCPA) compliance are bolstered because of increased user identity data control. It identifies privacy and regulatory compliance problems and looks at solutions of these problems. The findings indicate that a great improvement in overall security posture can be had by incorporating distributed identities and promoting contextual and least-privilege authorization while protecting user privacy. The research suggests that technical standards need to be refined, distributed identity needs to be expanded into practice, and that it be discussed as an application to the current digital security landscape.

Cybersecurity threats, particularly those involving lateral movement within networks, pose significant risks to critical infrastructures such as Microsoft Active Directory. This study addresses the need for effective defense mechanisms that minimize network disruption while preventing attackers from reaching key assets. Modeling Active Directory networks as a graph in which the nodes represent the network components and the edges represent the logical interactions between them, we use centrality metrics to derive the impact of hardening nodes in terms of constraining the progression of attacks. We propose using Unsupervised Learning techniques, specifically density-based clustering algorithms, to identify those nodes given the information provided by their metrics. Our approach includes simulating attack paths using a snowball model, enabling us to analytically evaluate the impact of hardening on delaying Domain Administration compromise. We tested our methodology on both real and synthetic Active Directory graphs, demonstrating that it can significantly slow down the propagation of threats from reaching the Domain Administration across the studied scenarios. Additionally, we explore the potential of these techniques to enable flexible selection of the number of nodes to secure. Our findings suggest that the proposed methods significantly enhance the resilience of Active Directory environments against targeted cyber-attacks.

In order to improve the force performance of traditional anti-buckling energy dissipation bracing with excessive non-recoverable deformation caused by strong seismic action, this paper presents a prestress-braced frame structure system with shape memory alloy (SMA) and investigates its deformation characteristics under a horizontal load. Firstly, this paper establishes a theoretical analysis model by analyzing the geometric relationship between the deformation of SMA cables and inter-story displacement based on the internal force balance equation. The model is used to solve the anti-lateral displacement stiffness of the SMA cable-supported frame structure and to derive a reasonable formula for calculating the initial prestress and cross-sectional area of SMA cables. Then, the mechanical behavior of the SMA cable-supported frame structure system under an equivalent horizontal load is simulated using ABAQUS software and compared with the calculated results of conventional tie-supported and non-dissipative-supported frame structures. The results show that the force performance of the frame structure system determined by the SMA cable design method proposed in this paper is significantly improved under the horizontal load. Furthermore, it can ensure a certain ductility requirement of the frame structure system, which verifies the effectiveness of the design method of the SMA cable frame structure system proposed in this paper.

Traditional command and control (C2) frameworks struggle with evasion, automation, and resilience against modern detection techniques. This paper introduces covert C2 (C3), a novel C2 framework designed to enhance operational security and minimize detection. C3 employs a decentralized architecture, enabling independent victim communication with the C2 server for covert persistence. Its adaptable design supports diverse post-exploitation and lateral movement techniques for optimized results across various environments. Through optimized performance and the use of the native messaging API, C3 agents achieve a demonstrably low detection rate against prevalent Endpoint Detection and Response (EDR) solutions. A publicly available proof-of-concept implementation demonstrates C3’s effectiveness in real-world adversarial simulations, specifically in direct code execution for privilege escalation and lateral movement. Our findings indicate that integrating novel techniques, such as the native messaging API, and a decentralized architecture significantly improves the stealth, efficiency, and reliability of offensive operations. The paper further analyzes C3’s post-exploitation behavior, explores relevant defense strategies, and compares it with existing C2 solutions, offering practical insights for enhancing network security.