Your search keyword '"Cyber threats"' showing total 1,841 results

51. Machine Learning, Malware Detection: SecureAI

Author

Kashyap, Nishit, Budhiraja, Anita, Singh, Sarwan, Kacprzyk, Janusz, Series Editor, Gomide, Fernando, Advisory Editor, Kaynak, Okyay, Advisory Editor, Liu, Derong, Advisory Editor, Pedrycz, Witold, Advisory Editor, Polycarpou, Marios M., Advisory Editor, Rudas, Imre J., Advisory Editor, Wang, Jun, Advisory Editor, Woungang, Isaac, editor, Dhurandher, Sanjay Kumar, editor, and Singh, Yumnam Jayanta, editor

Published

2024

52. Data Embassy in the European Union: The Digital Diplomacy

Author

Rashica, Viona and Ramiro Troitiño, David, editor

Published

2024

53. Security Analysis of Meteorological Support Software for UAS Flight Planning

Author

Ivanytskyi, Maxim, Averyanova, Yuliya, Znakovska, Yevheniia, Kacprzyk, Janusz, Series Editor, Gomide, Fernando, Advisory Editor, Kaynak, Okyay, Advisory Editor, Liu, Derong, Advisory Editor, Pedrycz, Witold, Advisory Editor, Polycarpou, Marios M., Advisory Editor, Rudas, Imre J., Advisory Editor, Wang, Jun, Advisory Editor, Nechyporuk, Mykola, editor, Pavlikov, Volodymir, editor, and Krytskyi, Dmytro, editor

Published

2024

54. Students’ Perception on the Perceived of Knowledge of the Cyber Threats Analysis Using Security Operation Centre

Author

Sulaiman, Salasiah, Karim, Aidah Abdul, Juremi, Julia, Mansor, Ahmad Zamri, Filipe, Joaquim, Editorial Board Member, Ghosh, Ashish, Editorial Board Member, Zhou, Lizhu, Editorial Board Member, Uden, Lorna, editor, and Liberona, Dario, editor

Published

2024

55. Cybersecurity and Cyber Defense in the Light of New Technologies in Cyberspace

Author

Rojas Ortiz, Zully Ximena, Kacprzyk, Janusz, Series Editor, Gomide, Fernando, Advisory Editor, Kaynak, Okyay, Advisory Editor, Liu, Derong, Advisory Editor, Pedrycz, Witold, Advisory Editor, Polycarpou, Marios M., Advisory Editor, Rudas, Imre J., Advisory Editor, Wang, Jun, Advisory Editor, Olmedo Cifuentes, Gonzalo Fernando, editor, Arcos Avilés, Diego Gustavo, editor, and Lara Padilla, Hernán Vinicio, editor

Published

2024

56. Cybersecurity Threats in Military Robotic and Autonomous Systems

Author

Borges, José, Rosado, David Pascoal, Kacprzyk, Janusz, Series Editor, Gomide, Fernando, Advisory Editor, Kaynak, Okyay, Advisory Editor, Liu, Derong, Advisory Editor, Pedrycz, Witold, Advisory Editor, Polycarpou, Marios M., Advisory Editor, Rudas, Imre J., Advisory Editor, Wang, Jun, Advisory Editor, Marques, Lino, editor, Santos, Cristina, editor, Lima, José Luís, editor, Tardioli, Danilo, editor, and Ferre, Manuel, editor

Published

2024

57. Importance of Implementing Effective Cyber Security Controls for Active Cyber Security Risk Management

Author

Shukla, Abhinay, Suri, Pradeep Kumar, Sushil, Series Editor, Chroust, Gerhard, Editorial Board Member, Connell, Julia, Editorial Board Member, Evans, Stuart, Editorial Board Member, Fujiwara, Takao, Editorial Board Member, C. Jackson OBE, Mike, Editorial Board Member, Jain, Rashmi, Editorial Board Member, Palanisamy, Ramaraj, Editorial Board Member, A. Stohr, Edward, Editorial Board Member, Rani, Neelam, editor, and Joshi, Rohit, editor

Published

2024

58. The Impact of Technology on Radicalisation to Violent Extremism and Terrorism in the Contemporary Security Landscape

Author

Montasari, Reza, Masys, Anthony J., Editor-in-Chief, Bichler, Gisela, Advisory Editor, Bourlai, Thirimachos, Advisory Editor, Johnson, Chris, Advisory Editor, Karampelas, Panagiotis, Advisory Editor, Leuprecht, Christian, Advisory Editor, Morse, Edward C., Advisory Editor, Skillicorn, David, Advisory Editor, Yamagata, Yoshiki, Advisory Editor, and Montasari, Reza

Published

2024

59. Introduction : Cyberspace, Cyberterrorism and the International Security in the Fourth Industrial Revolution: Threats, Assessment and Responses

Author

Montasari, Reza, Masys, Anthony J., Editor-in-Chief, Bichler, Gisela, Advisory Editor, Bourlai, Thirimachos, Advisory Editor, Johnson, Chris, Advisory Editor, Karampelas, Panagiotis, Advisory Editor, Leuprecht, Christian, Advisory Editor, Morse, Edward C., Advisory Editor, Skillicorn, David, Advisory Editor, Yamagata, Yoshiki, Advisory Editor, and Montasari, Reza

Published

2024

60. Study of Cyber Threats in IoT Systems

Author

Akhdar, Abir El, Baidada, Chafik, Kartit, Ali, Kacprzyk, Janusz, Series Editor, Gomide, Fernando, Advisory Editor, Kaynak, Okyay, Advisory Editor, Liu, Derong, Advisory Editor, Pedrycz, Witold, Advisory Editor, Polycarpou, Marios M., Advisory Editor, Rudas, Imre J., Advisory Editor, Wang, Jun, Advisory Editor, Swaroop, Abhishek, editor, Polkowski, Zdzislaw, editor, Correia, Sérgio Duarte, editor, and Virdee, Bal, editor

Published

2024

61. Impact of cyber security awareness in small, medium enterprises (SMEs) in Wales

Author

Rawindaran, Nisha

Subjects

Cybersecurity and privacy not elsewhere classified, Cyber Security, Cyber Hygiene, cyberdiversity framework, Cyber Physical System, machine learning-based, Machine learning algorithm, SME, Wales, Cyber Action Plan Wales, Intelligent software, Cyber Security Awareness, digital technologies, cyber threats

Abstract

The rapid growth of digital technologies and how data is managed has transformed the way businesses operate, presenting countless opportunities and challenges. Small and Medium-sized Enterprises (SMEs) in Wales are increasingly reliant on digital systems to manage their operations, making them attractive targets for cyber threats. The particular importance of having the appropriate cyber-security in place to protect and secure their data, has become paramount within the SME sector. As cyber threats continue to evolve in sophistication and frequency, the importance of cyber security awareness for SMEs cannot be overstated and brings increased costs to SMEs. This research investigates the current state of cyber security awareness amongst Welsh SMEs, identifies the challenges they face in implementing effective security measures, and examines the potential benefits and outcomes of improved awareness. The research also assesses the existing support mechanisms available to SMEs in Wales to enhance their cyber security posture. Whilst SMEs are constantly being challenged by their own cyber regimes or to some, lack of them, the constant changes to governance and regulations, shows how SMEs can quite easily fall behind in keeping up to date.  Technology can offer the protection and security of data, provided SMEs are able to understand the requirements of using the appropriate intelligent software packages to protect their growing data and the environment in which the data lives in.  Through a mixed methods approach, data is collected from SMEs across various industries in Wales to tackle and answer the research question presented. The implications of this research will provide valuable insights for SMEs in Wales to understand the importance of cyber security awareness and the measures needed to protect their digital assets plus offer recommendations for policymakers and stakeholders to develop tailored support mechanisms that address the specific needs and challenges faced by SMEs. The research will explore the adoption of intelligent software and the current support structure in place for SMEs in Wales. The research will conclude by exploring various mechanisms in place for SME operations and sensitive information from cyber threats and provide a simplified framework in which SMEs can use to cope with the ever changing landscape. This research contributes to the existing body of knowledge by shedding light on the impact of cyber security awareness initiatives and informing strategies for enhancing cyber resilience amongst Welsh SMEs through this framework. The research will aim to foster a cyber-secure environment for SMEs in Wales, enabling them to thrive in an increasingly vulnerable digital landscape.

Published

2023

62. Developing a usable security approach for user awareness against ransomware

Author

Butt, Usman Javed, Abbod, M., and Al-Raweshidy, H.

Subjects

cyber Security Training, game-based Learning, user Engagement, cyber Social System, cyber Threats

Abstract

The main purpose of the research presented in this thesis is to design and develop a game prototype for improving user awareness against ransomware, which has been reported as the most significant cyber security threat to the United Kingdom by the National Cyber Security Centre. Digital transformation is helping individuals, organisations, governments and Industrial control systems to modernise and improve their effectiveness. At the same time, cyber crimes are evolving and targeting essential services. A successful cyber attack can compromise users' privacy, bring bad publicity and financial damage to organisations and target national security. A literature review was conducted to understand threats to the cyber social system. Literature in this thesis reports attackers exploit humans as the weakest link to execute successful security breaches. Therefore to address this challenge, a significant gap has been identified as an opportunity to contribute to user awareness of the ransomware cyber security threat. The current thesis proposes RansomAware a novel game prototype to improve user awareness. The game is based on Technology Threat Avoidance Theory (TTAT) model. In this thesis two studies are carried out, study 1 empirically validates the elements of TTAT to be embedded in the RansomAware prototype and reports a significant change in users' motivation to avoid ransomware cyber security threat 55% and avoidance behaviour 29%, whereas study 2 evaluates game usability and report significant results of SUS average score of 87.58 and statistical results of p < 0.01 indicate user's satisfaction of the RansomAware. Finally, the research provides guidelines on how the proposed RansomAware game can be adopted by practitioners and individuals to improve their awareness against the ransomware cyber security threat.

Published

2023

63. Cyber threats to the Private Academic Cloud

Author

Valerii Lakhno, Bakhytzhan Akhmetov, Olena Kryvoruchko, Vitalyi Chubaievskyi, Alona Desiatko, Madina Bereke, and Maria Shalabaeva

Subjects

information security, private academic cloud, cyber threats, Electrical engineering. Electronics. Nuclear engineering, TK1-9971, Telecommunication, TK5101-6720

Abstract

The potential breach of access to confidential content hosted in a university's Private Academic Cloud (PAC) underscores the need for developing new protection methods. This paper introduces a Threat Analyzer Software (TAS) and a predictive algorithm rooted in both an operational model and discrete threat recognition procedures (DTRPs). These tools aid in identifying the functional layers that attackers could exploit to embed malware in guest operating systems (OS) and the PAC hypervisor. The solutions proposed herein play a crucial role in ensuring countermeasures against malware introduction into the PAC. Various hypervisor components are viewed as potential threat sources to the PAC's information security (IS). Such threats may manifest through the distribution of malware or the initiation of processes that compromise the PAC's security. The demonstrated counter-threat method, which is founded on the operational model and discrete threat recognition procedures, facilitates the use of mechanisms within the HIPV to quickly identify cyber attacks on the PAC, especially those employing "rootkit" technologies. This prompt identification empowers defenders to take swift and appropriate actions to safeguard the PAC.

Published

2024

64. DNA encoding schemes herald a new age in cybersecurity for safeguarding digital assets

Author

Sehrish Aqeel, Sajid Ullah Khan, Adnan Shahid Khan, Meshal Alharbi, Sajid Shah, Mohammed EL Affendi, and Naveed Ahmad

Subjects

DNA encoding, Network attacks, Cyber security, Digital data protection, Encryption scheme, Cyber threats, Medicine, Science

Abstract

Abstract With the urge to secure and protect digital assets, there is a need to emphasize the immediacy of taking measures to ensure robust security due to the enhancement of cyber security. Different advanced methods, like encryption schemes, are vulnerable to putting constraints on attacks. To encode the digital data and utilize the unique properties of DNA, like stability and durability, synthetic DNA sequences are offered as a promising alternative by DNA encoding schemes. This study enlightens the exploration of DNA’s potential for encoding in evolving cyber security. Based on the systematic literature review, this paper provides a discussion on the challenges, pros, and directions for future work. We analyzed the current trends and new innovations in methodology, security attacks, the implementation of tools, and different metrics to measure. Various tools, such as Mathematica, MATLAB, NIST test suite, and Coludsim, were employed to evaluate the performance of the proposed method and obtain results. By identifying the strengths and limitations of proposed methods, the study highlights research challenges and offers future scope for investigation.

Published

2024

65. Detection of «Telegram Rat» virus

Author

A. I. Dubrovina and M. H. Alkordi

Subjects

«telegram rat», cyber threats, information security, Technology

Abstract

Objective. The aim of this study is to analyze the «Telegram Rat» virus, emphasizing the importance of awareness to effectively combat cyber threats and ensure security in the digital age.Methods. This paper used an analysis of the characteristics and distribution of «Telegram Rat» viruses. An example of analyzing the technical mechanisms of extortion on the example of «WAGNER GROUP» was given and the steps of virus elimination were formulated.Results. The acuality of the «Telegram Rat» virus problem and ways of its transmission are considered. Practical methods of threat detection and neutralization are stipulated. The method of «Telegram Rat» virus threat detection is based on the analysis of active processes, network activity and file system. It is revealed that the main vulnerability on devices infected with the virus is careless user behavior.Conclusion. The contents of this paper emphasize the importance of vigilance when downloading files and clicking on links. Lack of caution can lead to data loss and information leakage, emphasizing the need for conscious behavior in the digital environment.

Published

2024

66. DNA encoding schemes herald a new age in cybersecurity for safeguarding digital assets.

Author

Aqeel, Sehrish, Khan, Sajid Ullah, Khan, Adnan Shahid, Alharbi, Meshal, Shah, Sajid, Affendi, Mohammed EL, and Ahmad, Naveed

Subjects

*ARTIFICIAL chromosomes, *DNA, *INTERNET security, *ENCODING, *ASSETS (Accounting)

Abstract

With the urge to secure and protect digital assets, there is a need to emphasize the immediacy of taking measures to ensure robust security due to the enhancement of cyber security. Different advanced methods, like encryption schemes, are vulnerable to putting constraints on attacks. To encode the digital data and utilize the unique properties of DNA, like stability and durability, synthetic DNA sequences are offered as a promising alternative by DNA encoding schemes. This study enlightens the exploration of DNA's potential for encoding in evolving cyber security. Based on the systematic literature review, this paper provides a discussion on the challenges, pros, and directions for future work. We analyzed the current trends and new innovations in methodology, security attacks, the implementation of tools, and different metrics to measure. Various tools, such as Mathematica, MATLAB, NIST test suite, and Coludsim, were employed to evaluate the performance of the proposed method and obtain results. By identifying the strengths and limitations of proposed methods, the study highlights research challenges and offers future scope for investigation. [ABSTRACT FROM AUTHOR]

Published

2024

67. Secure File Operations: Using Advanced Encryption Standard for Strong Data Protection.

Author

Nelakuditi, Nikhil Chand, Namburi, Nanda Kishore, Sayyad, Jilani, Rudraraju, Dinesh Varma, Govindan, Raja, and Rao, Peddada Venkateswara

Subjects

ADVANCED Encryption Standard, DATA security, DATA protection, CYBERTERRORISM, DATA transmission systems

Abstract

In our rapidly digitalizing world, the safeguarding of sensitive information stands as a critical concern for organizations across industries. This paper addresses the evolving complexities in data security by advocating the Advanced Encryption Standard (AES) algorithm as a robust defense against the expanding landscape of cyber threats. As financial, healthcare, and educational data transition to digital formats, vulnerabilities in data transmission become more pronounced. To counter these risks and ensure the integrity, confidentiality, and authenticity of essential data, this paper emphasizes the implementation of AES encryption. Thoroughly scrutinizing the widely acknowledged AES algorithm, we highlight its effectiveness and adaptability in securing data. The paper underscores the indispensability of AES in the modern data security milieu, emphasizing its role not only in securing information during transmission and storage but also in decryption, granting authorized users access to protected data. By embracing AES encryption and decryption, organizations can strengthen their defenses against various data-related threats, maintaining the trust and assurance of stakeholders. This work emphasizes the pressing demand for AES encryption and decryption in an era where data security takes precedence, offering valuable insights into their significance and practical application for the protection of crucial digital assets. [ABSTRACT FROM AUTHOR]

Published

2024

68. Disinformation, influence, and hybrid threats: thoughts from Singapore.

Author

Jayakumar, Shashi

Subjects

DISINFORMATION, GENERATIVE artificial intelligence, ECONOMIC sanctions, CHINA-United States relations

Abstract

This article details Singapore's efforts against disinformation and state-sponsored subversion. The methods examined include both legal and non-legal measures that have been enacted (with the broader canvas, also examined, of what other nations have attempted to shore up their own defences). The article also discusses economic coercion: the issue is not in itself new, but has in recent years been tinged with added potency on account of the wider geopolitical struggle for the commanding heights between the United States and China. Some consideration is also given at the conclusion to the way forward: what nations need to do in the face of emergent challenges (including generative AI) which might further complement the already impressive toolkit of malign actors. [ABSTRACT FROM AUTHOR]

Published

2024

69. MetaSSI: A Framework for Personal Data Protection, Enhanced Cybersecurity and Privacy in Metaverse Virtual Reality Platforms.

Author

Fiaz, Faisal, Sajjad, Syed Muhammad, Iqbal, Zafar, Yousaf, Muhammad, and Muhammad, Zia

Subjects

DATA protection, SHARED virtual environments, IDENTITY management systems, VIRTUAL reality, DATA privacy, CYBERSPACE, ONLINE identities

Abstract

The Metaverse brings together components of parallel processing computing platforms, the digital development of physical systems, cutting-edge machine learning, and virtual identity to uncover a fully digitalized environment with equal properties to the real world. It possesses more rigorous requirements for connection, including safe access and data privacy, which are necessary with the advent of Metaverse technology. Traditional, centralized, and network-centered solutions fail to provide a resilient identity management solution. There are multifaceted security and privacy issues that hinder the secure adoption of this game-changing technology in contemporary cyberspace. Moreover, there is a need to dedicate efforts towards a secure-by-design Metaverse that protects the confidentiality, integrity, and privacy of the personally identifiable information (PII) of users. In this research paper, we propose a logical substitute for established centralized identity management systems in compliance with the complexity of the Metaverse. This research proposes a sustainable Self-Sovereign Identity (SSI), a fully decentralized identity management system to mitigate PII leaks and corresponding cyber threats on all multiverse platforms. The principle of the proposed framework ensures that the users are the only custodians and proprietors of their own identities. In addition, this article provides a comprehensive approach to the implementation of the SSI principles to increase interoperability and trustworthiness in the Metaverse. Finally, the proposed framework is validated using mathematical modeling and proved to be stringent and resilient against modern-day cyber attacks targeting Metaverse platforms. [ABSTRACT FROM AUTHOR]

Published

2024

70. Cyber threats to the Private Academic Cloud.

Author

Lakhno, Valerii, Akhmetov, Bakhytzhan, Kryvoruchko, Olena, Chubaievskyi, Vitalyi, Desiatko, Alona, Bereke, Madina, and Shalabaeva, Maria

Subjects

*CLOUD computing security measures, *INFORMATION technology security, *MALWARE, *COMPUTER viruses

Abstract

The potential breach of access to confidential content hosted in a university's Private Academic Cloud (PAC) underscores the need for developing new protection methods. This paper introduces a Threat Analyzer Software (TAS) and a predictive algorithm rooted in both an operational model and discrete threat recognition procedures (DTRPs). These tools aid in identifying the functional layers that attackers could exploit to embed malware in guest operating systems (OS) and the PAC hypervisor. The solutions proposed herein play a crucial role in ensuring countermeasures against malware introduction into the PAC. Various hypervisor components are viewed as potential threat sources to the PAC's information security (IS). Such threats may manifest through the distribution of malware or the initiation of processes that compromise the PAC's security. The demonstrated counter-threat method, which is founded on the operational model and discrete threat recognition procedures, facilitates the use of mechanisms within the HIPV to quickly identify cyber attacks on the PAC, especially those employing "rootkit" technologies. This prompt identification empowers defenders to take swift and appropriate actions to safeguard the PAC. [ABSTRACT FROM AUTHOR]

Published

2024

71. A Framework to Prevent Cybercrime in the UAE.

Author

Tubaishat, Abdallah and AlAleeli, Humaid

Subjects

COMPUTER crime prevention, CYBERTERRORISM, CULTURAL awareness, DATA security failures, COMPUTER crimes, INTERNET security

Abstract

Cyber threats are constantly evolving, making it crucial for organizations in the UAE to enhance their cybersecurity strategies. This study focuses on understanding and countering organized and unorganized cybercrimes within the UAE. Organizations strengthen outer defences but often neglect protecting sensitive data internally. Insiders, individuals with intricate knowledge of system cycles, can cause substantial damage. Their motivations vary, from stealing data to causing harm, making it essential for organizations to comprehend and counter these threats effectively. The study employs qualitative analysis methods and in-depth interviews with key cybersecurity experts across various sectors. Through these discussions, we identified key defensive strategies utilized by different entities in the UAE. Our research highlights the significance of securing networking routes and data transformation pathways, underscoring the need for a proactive cybersecurity approach. Through qualitative analysis and expert interviews, we pinpointed specific defensive methods used by individuals, small organizations, and government/private sectors in the UAE. Additionally, we delve into the motivations of insiders, highlighting their substantial threat due to their in-depth understanding of network layouts, applications, and business practices. By securing these aspects, organizations can identify essential security concerns and develop robust, effective plans. We suggested practical steps to improve cybersecurity frameworks, aiming to prevent data breaches, strengthen security strategies, and promote a cybersecurity-aware mindset. By implementing these strategies, organizations can enhance their defences, foster a culture of cybersecurity awareness, and safeguard digital assets in the UAE. [ABSTRACT FROM AUTHOR]

Published

2024

72. Enhancing Wireless Ad-Hoc Network Security by Mitigating Distributed Denial-of-Service (DDoS) Attacks.

Author

Ismail, Mahmoud M. and Metwaly, Ahmed A.

Subjects

DIGITAL technology, COMPUTER network security, DENIAL of service attacks, SECURITY systems, INTERNET of things, CYBERTERRORISM

Abstract

The increasing threat landscape of Distributed Denial-of-Service (DDoS) attacks makes network security a major concern. These attacks are a serious challenge to the stability and integrity of digital infrastructures. This research paper is an in-depth study on how to enhance network security through the detection and mitigation of DDoS attacks. The study reviews existing literature on DDoS attack mitigation strategies, emphasizing the evolving nature of these threats and the imperative for robust defense mechanisms. The research uses statistical analysis and logistic regression to provide a detailed methodology for distinguishing DDoS attacks from normal network activities. The results show that logistic regression is an effective classification model, providing insights into improved detection measures. Finally, the study concludes by recommending a multi-faceted approach that combines theoretical insights with empirical validation, highlighting the need for stronger network security measures against DDoS attacks and enhancing digital resilience. [ABSTRACT FROM AUTHOR]

Published

2024

73. Development of the Country's Sustainable Cyberspace Strategy to Ensure the Country's National Security.

Author

Dobrovolska, Olena and Rozhkova, Maryna

Subjects

CYBERSPACE, INTERNET security, COMMUNICATION, INFORMATION storage & retrieval systems

Abstract

This article is devoted to the assessment of the country's sustainable cyberspace strategy by comparing the cyber security strategies of those countries that are economically developed and use advanced information and communication technologies. Based on the components of the National Cyber Security Index, a calculation was made for 10 countries, which made it possible to monitor the effectiveness of their cyber strategies and identify their shortcomings. The calculation is made for the years 2018 and 2021. During this period, no significant critical changes form abnormal indicators, but it is possible to reflect a particular trend. Application of the PROMETHEE method (I and II) and the formation of net flows, determination of importance and comparison of alternatives allowed to carry out an in-depth analysis of various aspects of cyber security, such as protection measures, response to cyber threats and general resistance to cyber-attacks. It is determined that Belgium and Lithuania are the most resistant to threats from cyber-attacks and in the fight against money laundering among the countries considered, as they are rapidly developing and implementing new measures. Their indicators increased by 0.1 values in 2021 compared to 2018. According to the calculations, Great Britain is the most conservative in implementing certain strategies, and its indicators remained at the level of 0-0.2 according to various criteria for the years studied. Most countries improve their indicators by a total of 0.2 values, which reflects their development. Ukraine tends to decrease some indicators by 0.1 value; some are at the same level. The regulatory framework's introduction rate in the cyber security field increases. It shows that Ukraine has many rapidly changing risks, but is trying to achieve flexibility in responding to them. The research findings identify each country's cybersecurity strengths and weaknesses, as well as potential risks and vulnerabilities. Thanks to this analysis, recommendations are made for developing and implementing effective cyber security strategies, both at the national and international levels. The study contributes to the understanding of the complexity of modern cyber threats. It emphasizes the need for continuous improvement and adaptation of protection measures to ensure the stability and security of financial and information systems in a global digital environment. [ABSTRACT FROM AUTHOR]

Published

2024

74. Cyber-biological convergence: a systematic review and future outlook

Author

Mariam Elgabry and Shane Johnson

Subjects

cyberbiosecurity, systematic review, engineered biology, policy, biosecurity, cyber threats, Biotechnology, TP248.13-248.65

Abstract

The introduction of the capability to “program” a biological system is referred to as Engineered biology and can be compared to the introduction of the internet and the capability of programming a computer. Engineered biology is supported by a digital infrastructure that includes data, data storage, computer-dependent laboratory equipment, internet-connected communication networks, and supply chains. This connectivity is important. It can improve workflows and enhance productivity. At the same time and unlike computer programs, biological systems introduce unique threats as they can self-assemble, self-repair, and self-replicate. The aim of this paper is to systematically review the cyber implications of engineered biology. This includes cyber-bio opportunities and threats as engineered biology continues to integrate into cyberspace. We used a systematic search methodology to review the academic literature, and supplemented this with a review of opensource materials and “grey” literature that is not disseminated by academic publishers. A comprehensive search of articles published in or after 2017 until the 21st of October 2022 found 52 studies that focus on implications of engineered biology to cyberspace. The search was conducted using search engines that index over 60 databases–databases that specifically cover the information security, and biology literatures, as well as the wider set of academic disciplines. Across these 52 articles, we identified a total of 7 cyber opportunities including automated bio-foundries and 4 cyber threats such as Artificial Intelligence misuse and biological dataset targeting. We highlight the 4 main types of cyberbiosecurity solutions identified in the literature and we suggest a total of 9 policy recommendations that can be utilized by various entities, including governments, to ensure that cyberbiosecurity remains frontline in a growing bioeconomy.

Published

2024

75. Engaging in cybersecurity proactive behavior: awareness in COVID-19 age

Author

Alsmadi, Duha, Maqousi, Ali, and Abuhussein, Tala

Published

2024

76. Cybersecurity Implications of Virtual Currency Reward Systems in the Metaverse.

Author

Allimia, Hamza, Baror, Stacey, and Venter, Hein

Abstract

In the digital age, the metaverse emerges as a revolutionary platform, intertwining virtual reality, augmented reality, and the internet. Central to its allure is the virtual currency reward system, a dynamic mechanism driving user engagement and economic transactions. However, with innovation comes vulnerability. This paper delves into the pressing question: How do virtual currency reward systems in the metaverse introduce cybersecurity threats, and what measures can safeguard against them? The metaverse's vastness, while offering unparalleled opportunities, is a fertile ground for cyber threats. As users navigate virtual landscapes, engage in transactions, and earn rewards, they become potential targets for cyberattacks. This research, rooted in a comprehensive literature review, identifies the gaps in current cybersecurity measures within the metaverse's virtual currency reward systems. Through a vivid case scenario, we illustrate the real-world ramifications of these vulnerabilities, offering readers a tangible grasp of potential threats. Our methodology, a blend of qualitative analysis and conceptual modelling, dissects the intricate relationship between reward systems and their cybersecurity implications. The findings, derived from rigorous analysis, unveil a set of best practices tailored to combat cybersecurity threats specific to virtual currency reward systems. The distilled insights propose a suite of best practices, encompassing both preventive and reactive strategies tailored for the unique challenges posed by virtual currency systems. This research holds immense value for a diverse audience: metaverse users seeking a secure experience, businesses aiming to establish a foothold in this digital realm, cybersecurity professionals navigating new challenges, and platform developers striving for robustness. In essence, as the metaverse's horizon expands, understanding and fortifying its virtual currency reward systems against cyber threats becomes paramount. This paper offers a roadmap to that secure future, emphasizing the need for vigilance, innovation, and collaboration in the face of evolving cyber challenges. [ABSTRACT FROM AUTHOR]

Published

2024

77. Analysis of Cyber Threats at the Level of a Distributed Network.

Author

COPACI, Constantin-Alin, STĂNCIULESCU, Adelaida, and BACIVAROV, Ioan C.

Subjects

CYBERTERRORISM, PHISHING, COMPUTER security, INVESTMENTS, ORGANIZATIONAL change

Abstract

Ensuring a high level of security of the networks and IT systems that underpin the delivery of an organization's essential services has become a necessity that involves integrated, comprehensive approaches, the adoption of new and permanent cyber security strategies, significant financial investments and rapid organizational adaptations and ambitious. This article aims to provide a comprehensive analysis of the cyber security of a distributed computer network within an organization. In this context, the article promotes the implementation of proactive tools to strengthen cyber security at the institutional level. [ABSTRACT FROM AUTHOR]

Published

2024

78. Cyber Threats and Exploring the Sources of Cyber Threat Intelligence.

Author

STĂNCIULESCU, Adelaida, COPACI, Constantin-Alin, and BACIVAROV, Ioan C.

Subjects

CYBERTERRORISM, DATA security, CYBERCULTURE, ARTIFICIAL intelligence, INFORMATION processing

Abstract

Cyber threat intelligence technology becomes a necessity in the context of the exponential evolution of information systems. The methods used by malicious actors are constantly evolving, becoming more and more sophisticated over time, thus making the task of security teams more difficult. This article aims to investigate cyber threats, providing information necessary to understand and detect the mode of operation of the attack, to then decline and disseminate it within the information systems to be protected. Advanced threat intelligence thus supports proactive monitoring of emerging threats by determining trends in the cyber landscape. [ABSTRACT FROM AUTHOR]

Published

2024

79. A National Security Perspective on Strengthening E.U. Civilian-Defence Cybersecurity Synergy: A Systemic Approach.

Author

IANCU, Niculae

Subjects

CYBERTERRORISM, COMPUTER security, INTERNATIONAL security, CYBERCRIMINALS, RANSOMWARE

Abstract

The integration of civilian and defence sectors within the European Union's cybersecurity framework has become a strategic priority, driven by the increasingly complex nature of digital threats to both national and collective security. This paper examines the need for a systematic approach to enhance civilian-defence cybersecurity synergy, emphasising the importance of coordinated efforts to address a range of challenges, including ransomware, state-sponsored attacks, and hybrid warfare. The study highlights the strategic importance of this integration for national and E.U.-wide interests, identifying key obstacles such as fragmented policy frameworks, operational cultural differences, and resource allocation disparities. To bridge these gaps, the paper proposes strategic solutions, including regulatory harmonisation, joint training programmes, and investment in dual-use technologies. The research underscores the critical role of a unified policy approach in facilitating efficient resource allocation, streamlined communication, and faster incident response. Additionally, it explores the potential of emerging technologies, such as AI and quantum computing, to strengthen cybersecurity capabilities across sectors. Ultimately, the integration of civilian and defence efforts within the E.U.'s cybersecurity ecosystem is essential for building a resilient, cohesive, and adaptive framework, ensuring the protection of digital infrastructure, enhancing national security, and reinforcing the E.U.'s global leadership in cybersecurity. [ABSTRACT FROM AUTHOR]

Published

2024

80. Machine Learning Algorithms to Identify Cyber Threats Using Logistic Regression.

Author

Deshkar, Milind S.

Subjects

MACHINE learning, ALGORITHMS, INTERNET security, ARTIFICIAL intelligence, DATA security failures

Abstract

The threat of cyber-attacks is expanding globally; That is why companies are developing intelligent artificial intelligence systems that can analyze the data security of their system department and other infrastructure protocols and detect cyber-attacks quickly and automatically. Machine learning-based data security analysis The next big thing in cyber security is machine data, which aims to mine data security data due to the high maintenance costs of static rules and association methods. However, choosing the right machine learning technique for log analysis using ML remains a major obstacle to the success of AI in cybersecurity, due to the potential for a significant number of false positives in a large-scale or global Security Operations Center (SOC). settings, choosing the right machine learning technique for security log analysis remains a major barrier to AI success in cybersecurity. Detecting cyber threats requires machine learning technology that can minimize false positives. Current and machine learning methods for threat detection often use logistic regression. Logistic regression is the first of the three subcategories of machine learning -- supervised, unsupervised and reinforcement learning. Any machine learning enthusiast will encounter this supervised machine learning algorithm early in their machine learning career. It is an important and commonly used classification algorithm. [ABSTRACT FROM AUTHOR]

Published

2024

81. Application of modern technologies to ensure operational reliability and safety in energy systems of Azerbaijan

Author

Sh. Nasirov

Subjects

multifunctional microprocessor devices, modern technologies, cyber threats, operational reliability, Production of electric energy or power. Powerplants. Central stations, TK1001-1841

Abstract

Currently, Azerbaijan is implementing large-scale projects to restore infrastructure in the territories recently liberated from occupation. This includes, in particular, the construction of new modern power plants and electrical networks of modern design and high power. This, in turn, requires the use of reliable and effective methods of safety and protection of these systems from any failures or damage. In this regard, this article considers a wide range of issues on the use of modern technologies and developments for the protection of power systems, as well as analyzes the optimal concepts of management and protection of power grids, which are most suitable in the local conditions of the regions, as well as on the scale of the energy system of the whole country.

Published

2024

82. Enhancing Malicious URL Detection: A Novel Framework Leveraging Priority Coefficient and Feature Evaluation

Author

Ahmad Sahban Rafsanjani, Norshaliza Binti Kamaruddin, Mehran Behjati, Saad Aslam, Aaliya Sarfaraz, and Angela Amphawan

Subjects

Malicious URL detection, phishing, malware, network security, feature extraction, cyber threats, Electrical engineering. Electronics. Nuclear engineering, TK1-9971

Abstract

Malicious Uniform Resource Locators (URLs) pose a significant cybersecurity threat by carrying out attacks such as phishing and malware propagation. Conventional malicious URL detection methods, relying on blacklists and heuristics, often struggle to identify new and obfuscated malicious URLs. To address this challenge, machine learning and deep learning have been leveraged to enhance detection capabilities, albeit relying heavily on large and frequently updated datasets. Furthermore, the efficacy of these methods is intrinsically tied to the quality of the training data, a requirement that becomes increasingly challenging to fulfill in real-world scenarios due to constraints such as data scarcity and the dynamic nature of evolving cyber threats. In this study, we introduce an innovative framework for malicious URL detection based on predefined static feature classification by allocating priority coefficients and feature evaluation methods. Our feature classification encompasses 42 classes, including blacklist, lexical, host-based, and content-based features. To validate our framework, we collected a dataset of 5000 real-world URLs from prominent phishing and malware websites, namely URLhaus and PhishTank. We assessed our framework’s performance using three supervised machine learning methods: Support Vector Machine (SVM), Random Forest (RF), and Bayesian Network (BN). The results demonstrate that our framework outperforms these methods, achieving an impressive detection accuracy of 98.95% and a precision value of 98.60%. Furthermore, we conducted a benchmarking analysis against three comprehensive malicious URL detection methods (PDRCNN, the Li method, and URLNet), demonstrating that our proposed framework excels in terms of accuracy and precision. In conclusion, our novel malicious URL detection framework substantially enhances accuracy, significantly bolstering cybersecurity defenses against emerging threats.

Published

2024

83. Detecting Unbalanced Network Traffic Intrusions With Deep Learning

Author

S. Pavithra and K. Venkata Vikas

Subjects

Cyber threats, cyber security, deep learning (DL), ensemble learning, intrusion detection, network security, Electrical engineering. Electronics. Nuclear engineering, TK1-9971

Abstract

The growth of cyber threats demands a robust and adaptive intrusion detection system (IDS) capable of effectively recognizing malicious activities from network traffic. However, the existing imbalance of class in network data possesses a significant challenge to traditional IDS. To overcome these challenges, this project proposes a novel hybrid Intrusion Detection System using machine learning algorithms, which includes XGBoost, Long Short-Term Memory (LSTM), Mini-VGGNet, and AlexNet, which is used to handle the unbalanced network traffic data. Furthermore, the Random Forest Regressor is used to ascertain the importance of features for enhancing detection accuracy and interpretability. Addressing the inherent class imbalance in network data is crucial for ensuring the IDS’s effectiveness. The proposed system employs a combination of oversampling techniques for minority classes and under sampling techniques for majority classes during data preprocessing. This balanced representation of network traffic data helps prevent the IDS from being biased towards the majority class and improves its ability to detect rare or novel intrusions. The utilization of Random Forest Regressor for feature extraction serves a dual purpose. It helps identify the most relevant features within the network traffic data that contribute significantly to detecting intrusions. It enables the system to prioritize and focus on these important features during model training, thereby enhancing detection accuracy while reducing computational complexity. This research contributes to the ongoing efforts to mitigate cyber threats and safeguard critical network infrastructures.

Published

2024

84. A Human-in-the-Loop Anomaly Detection Architecture for Big Traffic Data of Cellular Network

Author

Shenglong Liu, Yuxiao Xia, and Di Wang

Subjects

Cyber threats, network traffic, network security, big data, SNMDF, Electrical engineering. Electronics. Nuclear engineering, TK1-9971

Abstract

In the era of mobile big data, smart mobile devices have become an integral part of our daily life, which brings many benefits to the digital society. However, their popularity and relatively lax security make them vulnerable to various cyber threats. Traditional network traffic analysis techniques utilizing pattern matching and regular expressions matching algorithms are becoming insufficient for mobile big data. Network traffic anomaly detection is an effective method to replace traditional methods. Network traffic anomaly detection can solve many new challenges brought by future network and protect the security of network. In this article, we propose a streaming network framework for mobile big data, referred to as SNMDF, which provides massive data traffic collection, processing, analysis, and updating functions, to cope with the tremendous amount of data traffic. In particular, by analyzing the specific characteristics of anomaly traffic data from flow and user behavior, our proposed SNMDF demonstrates its capability to offer real data-based advice to address new challenges for future wireless networks from the viewpoints of operators. Tested by real mobile big data, SNMDF has proven its efficiency and reliability. Furthermore, SNMDF is accessed for the digital twin of the space Internet, which validates that it can be generalized to other environments with massive data traffic or big data.

Published

2024

85. Securing Smart Grid Data With Blockchain and Wireless Sensor Networks: A Collaborative Approach

Author

Saleh Almasabi, Ahmad Shaf, Tariq Ali, Maryam Zafar, Muhammad Irfan, and Turki Alsuwian

Subjects

Blockchain technology, cyber-physical security, cyber threats, data integrity, data transmission reliability, FDIA, Electrical engineering. Electronics. Nuclear engineering, TK1-9971

Abstract

The rapid advancement of grid modernization and the proliferation of smart grids have engendered a critical need for cyber-physical security. Recent cyber-attacks targeting grid infrastructure, notably leading to substantial blackouts in Ukraine, underscore the vulnerabilities and potentially catastrophic consequences of such incursions. These attacks, whether stemming from cyber threats such as Denial of Service (DOS), False Data Injection Attacks (FDIA), or complex cyber-physical manipulations, emphasize the imperative of robust cybersecurity protocols in smart grid operations. This research investigates a pivotal approach to fortify and safeguard smart grid systems by integrating blockchain technology with wireless sensor nodes. By leveraging a Proof of Authority (PoA) Ethereum Blockchain framework, the study delves into the transformative capabilities of Blockchain within Supervisory Control and Data Acquisition (SCADA) networks. Specifically, it examines configurations across IEEE 14-bus, 30-bus, and 118-bus topologies. In addition to elucidating the inherent vulnerabilities in traditional SCADA systems, this study meticulously evaluates an array of performance matrices. Statistical analyses encompassing mean, standard deviation, skewness, kurtosis, and confidence levels provide nuanced insights into the efficacy of blockchain mechanisms in enhancing SCADA resilience against contemporary cyber threats. This research endeavors to bridge the gap in modern cybersecurity paradigms by fusing blockchain technology with wireless sensor nodes. By fortifying data integrity, elevating the reliability of data transmission, and augmenting trustworthiness within SCADA infrastructures, this study aims to present robust solutions to the escalating cybersecurity challenges faced by smart grid systems.

Published

2024

86. Online Banking User Authentication Methods: A Systematic Literature Review

Author

Nader Abdel Karim, Osama Ahmed Khashan, Hasan Kanaker, Waleed K. Abdulraheem, Mohammad Alshinwan, and Abedal-Kareem Al-Banna

Subjects

User authentication, online banking, cyber threats, 2FA, MFA, cyber challenges, Electrical engineering. Electronics. Nuclear engineering, TK1-9971

Abstract

Online banking has become increasingly popular in recent years, making it a target for cyberattacks. Banks have implemented various user authentication methods to protect their customers’ online accounts. This paper reviews the state-of-the-art user authentication methods used in online banking and potential cyber threats. This paper starts by exploring different user authentication methods, such as knowledge-based authentication (KBA), biometrics-based authentication (BBA), possession-based authentication (PBA), and other methods. The advantages and disadvantages of each user authentication method are then discussed. Furthermore, the paper discusses the various cyber threats that can compromise user authentication for online banking systems, such as malware attacks, social engineering, phishing attacks, man-in-the-middle (MiTM) attacks, denial of service (DoS) attacks, session hijacking, weak passwords, keyloggers, SQL injection, and replay attacks. Also, the paper explores the user authentication methods used by popular banks, which can provide insights into best practices for safeguarding online banking accounts and future user authentication methods in online banking and cyber threats. It states that the increasing use of BBA, two-factor authentication (2FA), and multi-factor authentication (MFA) will help improve the security of online banking systems. However, the paper also warns that new cyber challenges will emerge, and banks need to be vigilant in protecting their customers’ online banking accounts.

Published

2024

87. An AI-Driven Model to Enhance Sustainability for the Detection of Cyber Threats in IoT Environments

Author

Majid H. Alsulami

Subjects

cyber threats, cyber security, artificial intelligence (AI), Artificial Fish Swarm-driven Weight-normalized Adaboost (AF-WAdaBoost), IoT environment, Chemical technology, TP1-1185

Abstract

In the face of constantly changing cyber threats, a variety of actions, tools, and regulations must be considered to safeguard information assets and guarantee the confidentiality, reliability, and availability of digital resources. The purpose of this research is to create an artificial intelligence (AI)-driven system to enhance sustainability for cyber threat detection in Internet of Things (IoT) environments. This study proposes a modern technique named Artificial Fish Swarm-driven Weight-normalized Adaboost (AF-WAdaBoost) for optimizing accuracy and sustainability in identifying attacks, thus contributing to heightening security in IoT environments. CICIDS2017, NSL-KDD, and UNSW-NB15 were used in this study. Min-max normalization is employed to pre-process the obtained raw information. The proposed model AF-WAdaBoost dynamically adjusts classifiers, enhancing accuracy and resilience against evolving threats. Python is used for model implementation. The effectiveness of the suggested AF-WAdaBoost model in identifying different kinds of cyber-threats in IoT systems is examined through evaluation metrics like accuracy (98.69%), F-measure (94.86%), and precision (95.72%). The experimental results unequivocally demonstrate that the recommended model performed better than other traditional approaches, showing essential enhancements in accuracy and strength, particularly in a dynamic environment. Integrating AI-driven detection balances offers sustainability in cybersecurity, ensuring the confidentiality, reliability, and availability of information assets, and also helps in optimizing the accuracy of systems.

Published

2024

88. Privacy-Preserving Federated Learning-Based Intrusion Detection Technique for Cyber-Physical Systems

Author

Syeda Aunanya Mahmud, Nazmul Islam, Zahidul Islam, Ziaur Rahman, and Sk. Tanzir Mehedi

Subjects

Federated Learning (FL), Intrusion Detection System (IDS), Internet of Things (IoT), cyber threats, privacy-preserving, Federated Averaging (FedAvg), Mathematics, QA1-939

Abstract

The Internet of Things (IoT) has revolutionized various industries, but the increased dependence on all kinds of IoT devices and the sensitive nature of the data accumulated by them pose a formidable threat to privacy and security. While traditional IDSs have been effective in securing critical infrastructures, the centralized nature of these systems raises serious data privacy concerns as sensitive information is sent to a central server for analysis. This research paper introduces a Federated Learning (FL) approach designed for detecting intrusions in diverse IoT networks to address the issue of data privacy by ensuring that sensitive information is kept in the individual IoT devices during model training. Our framework utilizes the Federated Averaging (FedAvg) algorithm, which aggregates model weights from distributed devices to refine the global model iteratively. The proposed model manages to achieve above 90% accuracies across various metrics, including precision, recall, and F1 score, while maintaining low computational demands. The results show that the proposed system successfully identifies various types of cyberattacks, including Denial-of-Service (DoS), Distributed Denial-of-Service (DDoS), data injection, ransomware, and several others, showcasing its robustness. This research makes a great advancement to the IDSs by providing an efficient and reliable solution that is more scalable and privacy friendly than any of the existing models.

Published

2024

89. Cyberterrorism : understanding, assessment, and response.

Author

Chen, Thomas M., Jarvis, Lee, and Macdonald, Stuart Keith

Subjects

Cyber threats, Cyberterrorism -- Prevention, Cyberterrorism

Abstract

Summary: The idea that terrorists could cause massive loss of life, worldwide economic chaos and irreparable environmental damage by hacking into critical infrastructure systems has captured the public imagination. Air traffic control systems, nuclear power stations, hospitals and stock markets are all viable targets for 'cyberterrorists' wanting to wreak havoc and destruction. On the less serious end of the spectrum, cyber-attacks against websites and other non-essential infrastructure by political 'hacktivists' are increasing by the day. Governments clearly need laws in place to protect against acts of cyberterrorism, but they also need to ensure that these laws do not encompass less serious uses of computer and Internet technology. This chapter examines legal definitions of terrorism and related offences in four Commonwealth nations (the United Kingdom, Australia, Canada and New Zealand). In doing so it addresses two questions. Firstly, what uses of computer and Internet technology does domestic law regard as acts of terrorism? Secondly, are existing legal responses to terrorism sufficient to cover the possibility of a serious act of cyberterrorism?

Published

2014

90. Towards a sustainable future: developing a cybersecurity framework for manufacturing

Author

Alqudhaibi, Adel, Deshpande, Sourav, Jagtap, Sandeep, and Salonitis, Konstantinos

Published

2023

91. Recent Advances on the Challenges of Resilient Automation Systems of the Power Grid: Critical Review

Author

Ezurike, Benjamin O., Nmadu, Daniel, Ajah, Stephen A., Uma, Uma U., Nwawelu, Udora N., Ogah, Ogah E., Osuji, Chimereze C., Emeh, Jerryson C., and Okoronkwo, Chukwunenye A.

Published

2024

92. Cyber Security on the Edge: Efficient Enabling of Machine Learning on IoT Devices.

Author

Kumari, Swati, Tulshyan, Vatsal, and Tewari, Hitesh

Subjects

*REAL-time computing, *MACHINE learning, *INTERNET security, *INTERNET of things, *CYBERTERRORISM

Abstract

Due to rising cyber threats, IoT devices' security vulnerabilities are expanding. However, these devices cannot run complicated security algorithms locally due to hardware restrictions. Data must be transferred to cloud nodes for processing, giving attackers an entry point. This research investigates distributed computing on the edge, using AI-enabled IoT devices and container orchestration tools to process data in real time at the network edge. The purpose is to identify and mitigate DDoS assaults while minimizing CPU usage to improve security. It compares typical IoT devices with and without AI-enabled chips, container orchestration, and assesses their performance in running machine learning models with different cluster settings. The proposed architecture aims to empower IoT devices to process data locally, minimizing the reliance on cloud transmission and bolstering security in IoT environments. The results correlate with the update in the architecture. With the addition of AI-enabled IoT device and container orchestration, there is a difference of 60% between the new architecture and traditional architecture where only Raspberry Pi were being used. [ABSTRACT FROM AUTHOR]

Published

2024

93. ОСОБЛИВОСТІ ВІДПОВІДАЛЬНОСТІ ЗА КІБЕРАТАКИ В КРАЇНАХ ЄС.

Author

А. Я., Салій

Abstract

The article is devoted to the peculiarities of responsibility for cyber-attacks in the countries of the European Union. It is noted that cyber-attacks on state bodies can be a component of cyber war or hybrid war and at the same time pose a threat to national and global security, as they can lead to the leakage of important information, disrupt the operation of state systems and lead to various negative consequences. So, for example, in Europe, the main goals of hackers from 2022, in addition to Ukraine, became Poland, the Baltic countries, Northern Europe and Germany. The share of cyberattacks on European Union (EU) countries increased from about 10% in the first quarter of 2022 to almost 50% in 2023. In total, 162 cyber-attacks were carried out on Ukraine in 2022; to Poland – 114; Estonia, Lithuania and Latvia – 157; Sweden, Norway, Denmark and Finland – 95, Germany – 57. An increase in the activity of cyber-attacks on the networks of the energy sector, the diplomatic corps, law enforcement agencies, the defense complex, state enterprises and media companies has been established. The main goal of these attacks is to damage the country’s critical infrastructure. Globally, there has been a steady trend towards an increase in the number of targeted cyber-attacks on critical infrastructure facilities in recent years. And therefore, in connection with the possible negative consequences in the case of the implementation of cyber-attacks, it is important to note that ensuring the effective functioning of the country’s cyber defense system remains a high-priority task. Each year underscores the urgency of this challenge as threats in cyberspace continue to grow and become more highly specialized. It was concluded that their public attribution will be important for determining possible responsibility in the countries of the European Union for a cyber-attack, which will include the identification and public announcement of who is behind a specific cyber-attack that affects state, commercial or other objects. [ABSTRACT FROM AUTHOR]

Published

2024

94. The Social Network Dilemma: Safeguarding Privacy and Security in an Online Community.

Author

Bikku, Thulasi, Biyyapu, Narasimha Swamy, Sekhar, Jampani Chandra, Kumar, Malligunta Kiran, Nokerov, Suleyman Malikmyradovich, and Pratap, Vakalapudi Krishna

Subjects

IDENTITY theft, VIRTUAL communities, SOCIAL networks, SOCIAL media, INTERNET privacy, PRIVACY, ENCRYPTION protocols, MULTI-factor authentication

Abstract

Social networks have become integral to our daily lives, facilitating connections, information sharing, and community engagement. However, concerns regarding privacy and security have emerged with their widespread use. This paper delves into specific privacy risks associated with social media use, including data breaches, identity theft, and cyberstalking. The analysis extends to various security measures, such as encryption protocols, two-factor authentication, and advanced browsing techniques to enhance user protection. In our study, 78% of users reported experiencing specific privacy issues, shedding light on the prevalence and nature of challenges individuals face on social media platforms. These issues encompassed data breaches, identity theft, and cyberstalking, underscoring the urgency of addressing these concerns. Moreover, our research explores strategic approaches for social networks to mitigate these challenges. This involves implementing stringent data protection policies, increasing transparency regarding data usage, and empowering users to exert greater control over their personal information. Beyond academic inquiry, the practical implications of addressing these issues are significant, as they directly impact the security and well-being of social media users. This paper provides a comprehensive overview of the current landscape and emphasizes the importance of proactive measures for safeguarding user privacy and security on social networks. [ABSTRACT FROM AUTHOR]

Published

2024

95. Ransomware Threats in Industrial Internet of Things Networks: A Detection Approach.

Author

Aziz, Ahmed and Mirzaliev, Sanjar

Subjects

CYBERTERRORISM, INFRASTRUCTURE (Economics), COMPUTER network security, INTERNET of things, RANSOMWARE

Abstract

The Industrial Internet of Things (IIoT) is a challenging environment for ransomware threats, and it requires robust detection mechanisms to protect critical infrastructures. This study explores the complex landscape of ransomware attacks in IIoT and suggests proactive detection strategies. To develop an advanced detection model, this research uses the CATBoost algorithm that can handle categorical features by leveraging a comprehensive dataset that captures various attributes of ransomware incidents. The study also enhances the interpretability of the model by incorporating SHAP (SHapley Additive exPlanations) which explains how individual features affect ransomware identification in IIoT environments. Empirical evaluation demonstrates that the model can accurately classify ransomware instances with high precision and recall rates. Moreover, SHAP explanation reveals important features that influence the decisions made by the model thereby improving its interpretability and trustworthiness. The experimental results indicate that customized detection approaches are important and highlight the effectiveness of CATBoost algorithm in strengthening IIoT systems against ransomware attacks. [ABSTRACT FROM AUTHOR]

Published

2024

96. A Comprehensive Approach to Cyberattack Detection in Edge Computing Environments.

Author

Alakkari, Khder, Subhi, Alhumaima Ali, Alkattan, Hussein, Kadi, Ammar, Malinin, Artem, Potoroko, Irina, Abotaleb, Mostafa, and El-kenawy, El-Sayed M.

Subjects

CYBERTERRORISM, EDGE computing, COMPUTER network traffic, ECOLOGICAL integrity, FALSE alarms, INTERNET of things

Abstract

This research is concerned with the critical domain of cybersecurity in edge computing environments, which aims to strengthen defenses against increasing cyber threats that target interconnected Internet of Things (IoT) devices. The widespread adoption of edge computing introduces vulnerabilities that necessitate a strong framework for detecting cyberattacks. This study utilizes Long Short-Term Memory (LSTM) networks to present a comprehensive approach based on stacked LSTM layers for detecting and mitigating cyber threats in the dynamic landscape of edge networks. Using the NSL-KDD dataset and rigorous experimentation, this model demonstrates its ability to detect subtle anomalies in network traffic, which can be used to accurately classify malicious activities while minimizing false alarms. The findings highlight the potential of LSTM-based approaches to enhance security at the edge, providing promising avenues for strengthening IoT ecosystems' integrity and resilience against emerging cyber threats. [ABSTRACT FROM AUTHOR]

Published

2024

97. Utilizing Asymmetric Cryptography and Advanced Hashing Algorithms for Securing Communication Channels in IoT Networks Against Cyber Espionage.

Author

Pise, Anil Audumbar, Singh, Saurabh, K., Hemachandran, Gadilkar, Shraddhesh, Esther, Zakka Benisemeni, Pise, Ganesh Shivaji, and Imuede, Jude

Subjects

PUBLIC key cryptography, ELLIPTIC curve cryptography, INTERNET of things, ALGORITHMS, MESSAGE authentication codes

Abstract

This article describes a massive cryptographic scheme that can safeguard IoT communication paths. A combination of algorithms makes the technique operate. Communication security is handled differently by each algorithm. Elliptic Curve Cryptography (ECC), SHA-256 Secure Data Hashing, HMAC Message Authentication, and Merkle Tree Structures Decryption and Verification are used. Ablation is used to determine how each strategy increases security. The paper emphasizes that the algorithms function effectively together, demonstrating their importance for cyberdefense and surveillance. The recommended strategy is evaluated and found to operate better across key parameters. [ABSTRACT FROM AUTHOR]

Published

2024

98. Optimizing Intrusion Detection Mechanisms for IoT Network Security.

Author

Aziz, Ahmed and Mirzaliev, Sanjar

Subjects

COMPUTER network security, COMPUTER network traffic, INTERNET of things, DECISION trees, CYBERTERRORISM

Abstract

The ubiquity of interconnected devices within the Internet of Things (IoT) paradigm has revolutionized modern connectivity, simultaneously amplifying the susceptibility of networks to diverse security threats. This study addresses the pressing necessity for robust intrusion detection mechanisms tailored for IoT networks. Utilizing a simulated dataset reflecting a spectrum of network intrusions within a military environment, the research employs sophisticated methodologies, notably harnessing Decision Tree (DT) algorithms optimized via Grey Wolf Optimization (GWO) for hyperparameter tuning. The investigation meticulously evaluates and refines intrusion detection mechanisms, emphasizing the pivotal role of feature importance analysis in fortifying network security. Results demonstrate the efficacy of the optimized DT algorithm in the precise classification of network traffic, illuminating key attributes instrumental for intrusion detection. These findings underscore the significance of adaptive and interpretable detection strategies in mitigating evolving threats within IoT networks, advocating for resilient approaches to bolster network security. [ABSTRACT FROM AUTHOR]

Published

2024

99. Забезпечення кібербезпеки системи багатофункційних флотів БПЛА для моніторингу критичної інфраструктури: аналіз вразливостей, атак і контрзаходів.

Author

Землянко, Г. А. and Харченко, В. С.

Abstract

The modern world is becoming increasingly dependent on the security of critical infrastructure facilities (CIF), which is monitored by UAVs, their fleets and multifunctional fleet systems (MFS UAVs). The UAV MFS have a complex digital infrastructure (DIS). The DIS is based on new information technologies that have certain security deficiencies and create new cyber threats, in particular, due to specific vulnerabilities that can be exploited externally. The provision of cyber security of the CIS of the MBF of UAVs has been studied thanks to the development of a sequence of analysis of cyber threats using the IMECA procedure. An overview of existing cyber security assessment methods and their limitations was conducted; developed models of the OKI monitoring system based on the UAV MBF; analyzed cyber threats to its CIS; the criticality of cyber attacks and the impact of countermeasures; formulated recommendations for ensuring cyber security and general conclusions based on research results. A method of ensuring cyber security of the CIS of the MBF UAV was created, which consists of determining its specific features as an object of cyber threats, analyzing violators, vulnerabilities, risks of critical violations and choosing countermeasures, the use of which allows you to increase the level of cyber security and reliability of the monitoring system and ensure a temporary response to cyber threats. [ABSTRACT FROM AUTHOR]

Published

2024

100. МЕТОД ОЦІНЮВАННЯ РІВНЯ ПІДВИЩЕННЯ СТАНУ КІБЕРЗАХИСТУ ОБ’ЄКТІВ КРИТИЧНОЇ ІНФРАСТРУКТУРИ ДЕРЖАВИ.

Author

Корченко, О. Г., Іванченко, Є. В., Бакалинський, О. О., Мялковський, Д. В., and Зубков, Д. А.

Subjects

INFRASTRUCTURE (Economics), SECURITY systems, TECHNOLOGICAL progress, INFORMATION technology security, CYBERTERRORISM

Abstract

Due to the increasing cybersecurity threats, especially to a state's critical infrastructure, there is a growing need for the development and implementation of effective methods for assessing the level of cybersecurity. The critical infrastructure of a state (such as energy, transportation, medical facilities, etc.) is becoming increasingly dependent on information technologies. Security breaches in these technologies can have serious consequences for citizens' lives and health, as well as economic losses. Many countries are imposing various regulatory requirements regarding cybersecurity, such as GDPR in the European Union or NIST in the United States. This compels organizations managing critical infrastructure to actively seek and implement effective methods for assessing cybersecurity levels. The rapid technological progress leads to the emergence of new attack methods, necessitating the allocation of various resources (financial, human, time, etc.) to develop new, more effective means of enhancing cybersecurity. Assessing the level of cybersecurity enhancement will subsequently allow for evaluating the effectiveness of resources invested in security. The developed method for assessing the enhancement of cybersecurity levels of critical infrastructure objects of the state is based on a model of a characteristic system aimed at assessing the state of cybersecurity in Ukraine. It involves procedures for forming linguistic variables, interval fuzzification, building benchmarks, forming sets of inspection object characteristics, the primary measurement process, forming basic pairs and associative rules, and visualization of results. These are formalized into respective stages, enabling the implementation of the process of assessing the cybersecurity state of critical infrastructure inspection objects. The described method can become an effective tool for analyzing and evaluating the level of cybersecurity of the state's critical infrastructure with the aim of ensuring national security and protection against cyber threats. Further development should focus on building a system that allows for automating the process of assessing the enhancement of cybersecurity levels at inspection objects. [ABSTRACT FROM AUTHOR]

Published

2024