AI-Powered Cyber Attacks and Countermeasures
Permanent URI for this collectionhttps://hdl.handle.net/10125/112555
Browse
Recent Submissions
Item type: Item , Lightweight and Privacy-Enhanced Detection Model on Aerial Imagery for Post-Disaster Building Damage Reconnaissance(2026-01-06) Oaphy, Md Abdullahil; Hu, Da; Khalid, Adeel; Xu, HonghuiAs post-disaster aerial imagery becomes a crucial resource for structural damage assessment, automated detection systems must address challenges in classification granularity, data privacy, and deployment efficiency. To tackle these issues, we propose a lightweight and privacy-enhanced building damage detection framework that integrates YOLO-based object detection with differentially private training and structured pruning. Specifically, we apply Differentially Private Stochastic Gradient Descent (DP-SGD) to inject calibrated Laplace noise during training, offering formal $\varepsilon$-differential privacy guarantees for sensitive imagery. To enable real-time inference on edge-constrained platforms like UAVs, we further employ structured channel pruning to eliminate redundant parameters without modifying the model architecture. Empirical results on a well-annotated dataset demonstrate that our method maintains strong detection performance while achieving both privacy protection and model compactness, providing a lightweight and secure solution for timely post-disaster building damage assessment.Item type: Item , AgriSentinel: Privacy-Enhanced Embedded-LLM Crop Disease Alerting System(2026-01-06) Mylay, Chanti Raju; Deng, Bobin; Choi, Taeyoeng; Cai, Zhipeng; Xu, HonghuiCrop diseases pose significant threats to global food security, agricultural productivity, and sustainable farming practices, directly affecting farmers’ livelihoods and economic stability. To address the growing need for effective crop disease management, AI-based disease alerting systems have emerged as promising tools by providing early detection and actionable insights for timely intervention. However, existing systems often overlook critical aspects such as data privacy, market pricing power, and farmer-friendly usability, leaving farmers vulnerable to privacy breaches and economic exploitation. To bridge these gaps, we propose AgriSentinel, the first Privacy-Enhanced Embedded-LLM Crop Disease Alerting System. AgriSentinel incorporates a differential privacy mechanism to protect sensitive crop image data while maintaining classification accuracy. Its lightweight deep learning-based crop disease classification model is optimized for mobile devices, ensuring accessibility and usability for farmers. Additionally, the system includes a fine-tuned, on-device large language model (LLM) that leverages a curated knowledge pool to provide farmers with specific, actionable suggestions for managing crop diseases, going beyond simple alerting. Comprehensive experiments validate the effectiveness of AgriSentinel, demonstrating its ability to safeguard data privacy, maintain high classification performance, and deliver practical, actionable disease management strategies. AgriSentinel offers a robust, farmer-friendly solution for automating crop disease alerting and management, ultimately contributing to improved agricultural decision-making and enhanced crop productivity.Item type: Item , Hacking Distributed Energy Resource Power Plant Infrastructure Using Reinforcement Learning(2026-01-06) Jones, Birk; Fragkos, GeorgiosAdvancements in Artificial Intelligence (AI) are enabling adversaries to more efficiently penetrate and navigate networks, posing new risks to critical infrastructure such as the electric power grid. This study evaluates three attack strategies—AI-based, Brute-Force, and Random—within the Network Attack Simulator (NASim), a synthetic environment designed for cybersecurity testing. The AI-based methods include Deep Q-Network (DQN) and Deep State-Action-Reward-State-Action (SARSA) reinforcement learning algorithms. Training results show that both AI approaches effectively learn to conduct subnet scans, service/process scans, and privilege escalation attacks to gain root access. During testing, AI agents completed their objectives in fewer than 28 actions, while Brute-Force and Random methods required over 200 actions. These findings demonstrate AI’s efficiency and potential to automate the launch of cyberattacks targeting Distributed Energy Resources (DERs), offering a baseline for future research targeting real-world networks.Item type: Item , An Empirical Study of Automated Adversary Emulators(2026-01-06) Holm, Hannes; Helgeson, LarsAutomated adversary emulators are increasingly researched and applied, but their effectiveness remains unclear. This paper empirically evaluates four emulators using data collected from 1700 hours of tests within a cyber range: Caldera, Deep Exploit, Infection Monkey, and Lore. The outcome from each test was scored according to fulfillment of different tactics in MITRE ATT&CK. The results show that Lore consistently discovered all machines and compromised 97% on average. Caldera discovered 27% and compromised 7%, Infection Monkey discovered 23% but compromised none, and Deep Exploit neither discovered nor compromised any machine. All emulators generated similar intrusion alerts except Caldera, which triggered significantly more when starting with elevated privileges.Item type: Item , Introduction to the Minitrack on AI-Powered Cyber Attacks and Countermeasures(2026-01-06) Son, Junggab; Xiong, Zuobin