Your search keyword '"Internet security"' showing total 158,474 results

51. Holistic Information Security Management and Compliance Framework.

Author

Grigaliūnas, Šarūnas, Schmidt, Michael, Brūzgienė, Rasa, Smyrli, Panayiota, Andreou, Stephanos, and Lopata, Audrius

Subjects

SECURITY management, ARTIFICIAL intelligence, SECURITIES industry laws, INFORMATION resources management, INTERNET security

Abstract

The growing complexity of cybersecurity threats demands a robust framework that integrates various security domains, addressing the issue of disjointed security practices that fail to comply with evolving regulations. This paper introduces a novel information security management and compliance framework that integrates operational, technical, human, and physical security domains. The aim of this framework is to enable organizations to identify the requisite information security controls and legislative compliance needs effectively. Unlike traditional approaches, this framework systematically aligns with both current and emerging security legislation, including GDPR, NIS2 Directive, and the Artificial Intelligence Act, offering a unified approach to comprehensive security management. The experimental methodology involves evaluating the framework against five distinct risk scenarios to test its effectiveness and adaptability. Each scenario assesses the framework's capability to manage and ensure compliance with specific security controls and regulations. The results demonstrate that the proposed framework not only meets compliance requirements across multiple security domains but also provides a scalable solution for adapting to new threats and regulations efficiently. These findings represent a significant step forward in holistic security management, indicating that organizations can enhance their security posture and legislative compliance simultaneously through this integrated framework. [ABSTRACT FROM AUTHOR]

Published

2024

52. Unsupervised Learning for Lateral-Movement-Based Threat Mitigation in Active Directory Attack Graphs.

Author

Herranz-Oliveros, David, Tejedor-Romero, Marino, Gimenez-Guzman, Jose Manuel, and Cruz-Piris, Luis

Subjects

INFRASTRUCTURE (Economics), CYBERTERRORISM, DIRECTORIES, INTERNET security, ALGORITHMS

Abstract

Cybersecurity threats, particularly those involving lateral movement within networks, pose significant risks to critical infrastructures such as Microsoft Active Directory. This study addresses the need for effective defense mechanisms that minimize network disruption while preventing attackers from reaching key assets. Modeling Active Directory networks as a graph in which the nodes represent the network components and the edges represent the logical interactions between them, we use centrality metrics to derive the impact of hardening nodes in terms of constraining the progression of attacks. We propose using Unsupervised Learning techniques, specifically density-based clustering algorithms, to identify those nodes given the information provided by their metrics. Our approach includes simulating attack paths using a snowball model, enabling us to analytically evaluate the impact of hardening on delaying Domain Administration compromise. We tested our methodology on both real and synthetic Active Directory graphs, demonstrating that it can significantly slow down the propagation of threats from reaching the Domain Administration across the studied scenarios. Additionally, we explore the potential of these techniques to enable flexible selection of the number of nodes to secure. Our findings suggest that the proposed methods significantly enhance the resilience of Active Directory environments against targeted cyber-attacks. [ABSTRACT FROM AUTHOR]

Published

2024

53. Provably Quantum Secure Three-Party Mutual Authentication and Key Exchange Protocol Based on Modular Learning with Error.

Author

Park, Hyewon, Son, Seunghwan, Park, Youngho, and Park, Yohan

Subjects

INTERNET protocols, QUANTUM computing, INTERNET security, RESEARCH personnel, SECURITY systems, QUANTUM computers

Abstract

With the rapid development of quantum computers, post-quantum cryptography (PQC) has become critical technology in the security field. PQC includes cryptographic techniques that are secure against quantum-computer-based attacks, utilizing methods such as code-based, isogeny-based, and lattice-based approaches. Among these, lattice-based cryptography is the most extensively studied due to its ease of implementation and efficiency. As quantum computing advances, the need for secure communication protocols that can withstand quantum computer-based threats becomes increasingly important. Traditional two-party AKE protocols have a significant limitation: the security of the entire system can be compromised if either of the communicating parties behaves maliciously. To overcome this limitation, researchers have proposed three-party AKE protocols, where a third party acts as an arbiter or verifier. However, we found that a recently proposed three-party AKE protocol is vulnerable to quantum-computer-based attacks. To address this issue, we propose a provably quantum secure three-party AKE protocol based on MLWE. The proposed scheme leverages the user's biometric information and the server's master key to prevent the exposure of critical parameters. We analyzed the security of the protocol using simulation tools such as the Burrows–Abadi–Needham (BAN) logic, Real-or-Random (RoR) model, and Automated Validation of Internet Security Protocols and Applications (AVISPA). Furthermore, comparative analysis with similar protocols demonstrates that our protocol is efficient and suitable. [ABSTRACT FROM AUTHOR]

Published

2024

54. ProtectingSmall and Medium Enterprises: A Specialized Cybersecurity Risk Assessment Framework and Tool.

Author

El-Hajj, Mohammed and Mirza, Zuhayr Aamir

Subjects

SMALL business, RISK assessment, INTERNATIONAL organization, INTERNET security, CYBERTERRORISM

Abstract

As the number of Small and Medium Enterprises (SMEs) rises in the world, the amount of sensitive data used also increases, making them targets for cyberattacks. SMEs face a host of issues such as a lack of resources and poor cybersecurity talent, resulting in multiple vulnerabilities that increase overall risk. Cybersecurity risk assessment frameworks have been developed by multiple organizations such as the National Institute of Science and Technology (NIST) and the International Organization for Standardization (ISO), but they are complicated to understand and challenging to implement. This research aimed to create an effective cybersecurity risk assessment framework specifically for SMEs while considering their limitations. This was achieved by first identifying common threats and vulnerabilities and categorizing them according to their importance and risk. Secondly, popular frameworks like the NIST CSF and ISO 27001/2 were analyzed for their proficiencies and deficiencies while identifying relevant areas for SMEs. Finally, novel techniques catered to SMEs were explored and incorporated to create an effective framework for SMEs. This framework was also developed in the form of a tool, providing an interactive and dynamic environment. The tool was effective, and the framework is a promising start but requires more quantitative analysis. [ABSTRACT FROM AUTHOR]

Published

2024

55. Adaptive Cybersecurity Neural Networks: An Evolutionary Approach for Enhanced Attack Detection and Classification.

Author

Al Hwaitat, Ahmad K. and Fakhouri, Hussam N.

Subjects

OPTIMIZATION algorithms, CYBERTERRORISM, METAHEURISTIC algorithms, INTERNET security, ALGORITHMS

Abstract

The increasing sophistication and frequency of cyber threats necessitate the development of advanced techniques for detecting and mitigating attacks. This paper introduces a novel cybersecurity-focused Multi-Layer Perceptron (MLP) trainer that utilizes evolutionary computation methods, specifically tailored to improve the training process of neural networks in the cybersecurity domain. The proposed trainer dynamically optimizes the MLP's weights and biases, enhancing its accuracy and robustness in defending against various attack vectors. To evaluate its effectiveness, the trainer was tested on five widely recognized security-related datasets: NSL-KDD, CICIDS2017, UNSW-NB15, Bot-IoT, and CSE-CIC-IDS2018. Its performance was compared with several state-of-the-art optimization algorithms, including Cybersecurity Chimp, CPO, ROA, WOA, MFO, WSO, SHIO, ZOA, DOA, and HHO. The results demonstrated that the proposed trainer consistently outperformed the other algorithms, achieving the lowest Mean Square Error (MSE) and highest classification accuracy across all datasets. Notably, the trainer reached a classification rate of 99.5% on the Bot-IoT dataset and 98.8% on the CSE-CIC-IDS2018 dataset, underscoring its effectiveness in detecting and classifying diverse cyber threats. [ABSTRACT FROM AUTHOR]

Published

2024

56. Robust Federated Learning for Mitigating Advanced Persistent Threats in Cyber-Physical Systems.

Author

Hallaji, Ehsan, Razavi-Far, Roozbeh, and Saif, Mehrdad

Subjects

FEDERATED learning, CYBER physical systems, CYBERTERRORISM, INTERNET security, SECURITY systems

Abstract

Malware triage is essential for the security of cyber-physical systems, particularly against Advanced Persistent Threats (APTs). Proper data for this task, however, are hard to come by, as organizations are often reluctant to share their network data due to security concerns. To tackle this issue, this paper presents a secure and distributed framework for the collaborative training of a global model for APT triage without compromising privacy. Using this framework, organizations can share knowledge of APTs without disclosing private data. Moreover, the proposed design employs robust aggregation protocols to safeguard the global model against potential adversaries. The proposed framework is evaluated using real-world data with 15 different APT mechanisms. To make the simulations more challenging, we assume that edge nodes have partial knowledge of APTs. The obtained results demonstrate that participants in the proposed framework can privately share their knowledge, resulting in a robust global model that accurately detects APTs with significant improvement across different model architectures. Under optimal conditions, the designed framework detects almost all APT scenarios with an accuracy of over 90 percent. [ABSTRACT FROM AUTHOR]

Published

2024

57. Cyber Security within Smart Cities: A Comprehensive Study and a Novel Intrusion Detection-Based Approach.

Author

Houichi, Mehdi, Jaidi, Faouzi, and Bouhoula, Adel

Subjects

SMART cities, INTERNET of things, QUALITY of life, ARTIFICIAL intelligence, INTERNET security

Abstract

The expansion of smart cities, facilitated by digital communications, has resulted in an enhancement of the quality of life and satisfaction among residents. The Internet of Things (IoT) continually generates vast amounts of data, which is subsequently analyzed to offer services to residents. The growth and development of IoT have given rise to a new paradigm. A smart city possesses the ability to consistently monitor and utilize the physical environment, providing intelligent services such as energy, transportation, healthcare, and entertainment for both residents and visitors. Research on the security and privacy of smart cities is increasingly prevalent. These studies highlight the cybersecurity risks and the challenges faced by smart city infrastructure in handling and managing personal data. To effectively uphold individuals’ security and privacy, developers of smart cities must earn the trust of the public. In this article, we delve into the realms of privacy and security within smart city applications. Our comprehensive study commences by introducing architecture and various applications tailored to smart cities. Then, concerns surrounding security and privacy within these applications are thoroughly explored subsequently. Following that, we delve into several research endeavors dedicated to addressing security and privacy issues within smart city applications. Finally, we emphasize our methodology and present a case study illustrating privacy and security in smart city contexts. Our proposal consists of defining an Artificial Intelligence (AI) based framework that allows: Thoroughly documenting penetration attempts and cyberattacks; promptly detecting any deviations from security standards; monitoring malicious behaviors and accurately tracing their sources; and establishing strong controls to effectively repel and prevent such threats. Experimental results using the Edge-IIoTset (Edge Industrial Internet of Things Security Evaluation Test) dataset demonstrated good accuracy. They were compared to related state-of-the-art works, which highlight the relevance of our proposal. [ABSTRACT FROM AUTHOR]

Published

2024

58. Economic statecraft by design and by default: The political economy of the 5G-Huawei bans in the United States, United Kingdom and Germany.

Author

Walter, Moritz F. and Trampusch, Christine

Subjects

TELECOMMUNICATION equipment, TELECOMMUNICATION policy, COLLATERAL security, INTERNET security, HOUSEKEEPING

Abstract

The ban of Huawei by the United States and European governments from their 5G infrastructure has been described in recent literature as economic statecraft. However, it remains under researched that in these ban decisions the domestic political and economic constellations differed. To address this gap, this study adopts an agency perspective and compares 5G Huawei policies in the United States, Germany and the United Kingdom. While in the United States the ban was unanimously supported by state actors and telecommunication companies and equipment manufacturers, in the United Kingdom and Germany telecommunication companies and (initially also) governments were opposing the ban. There, we also observe interests from governing parliamentarians across political parties representing cyber security interests prevail in the domestic policy making processes over political and economic actors representing economic interests. In line with recent works on the domestic politics of economic statecraft and adopting the method of structured, focused comparison our inductive, theory developing case study reveals that economic statecraft is a dyadic concept between 'by default' and 'by design'. We show that economic statecraft occurs 'by default' in the manner that states' and businesses' interests align, it happens 'by design' in the manner that states' and businesses' interests diverge. We contribute to previous literature that theory building on economic statecraft should start before the notions of power and policy preferences by a closer inspection of the domestic interest constellations. [ABSTRACT FROM AUTHOR]

Published

2024

59. The impact of the Digital Operational Resilience Act on financial market infrastructures in Europe: Received (in revised form): 3rd June, 2024.

Author

Duggan, Derek

Subjects

INFRASTRUCTURE (Economics), FINANCIAL markets, INTERNET security, GOVERNMENT agencies, SECURITIES industry laws

Abstract

This paper provides a comprehensive overview of the approach taken by financial market infrastructures (FMIs) across Europe as they prepare for full implementation of the Digital Operational Resilience Act (DORA) in January 2025. With the final deadline so close, concerns are emerging that some FMIs and regulatory bodies will not be ready to meet all of DORA's requirements in time. The purpose of this paper is to examine those concerns based on current operational resilience practices in European FMIs, and to clarify the challenges and opportunities presented by greater attention to managing third-party cyber risk. The paper also covers industry perspectives and stakeholder feedback, based on interviews with industry experts (both internal and external) in fields such as banking, financial regulation and cyber security. [ABSTRACT FROM AUTHOR]

Published

2024

60. Analysis assaulting pattern for the security problem monitoring in 5G‐enabled sensor network systems with big data environment using artificial intelligence/machine learning.

Author

Rajawat, Anand Singh, Goyal, S. B., Bedi, Pradeep, Kautish, Sandeep, and Shrivastava, Divya Prakash

Subjects

MACHINE learning, DATA structures, SENSOR networks, ARTIFICIAL intelligence, INTERNET security

Abstract

The 5G‐enabled sensor network systems make it possible to connect cyber and real 'things' in many ways. Even so, the flow of data between 5G‐enabled sensor devices brings big data environment problems, such as huge amounts of data, duplicated data, a lack of scalability etc. Some of these problems are as follows. It is hard to keep an eye on 5G‐enabled sensor systems in a 'big data' environment. Cyberattacks that could put the safety of the sensor network systems at risk are hard to find, which make the situation even more complicated. The security challenges of 5G‐enabled Sensor Network Systems are studied and analyzed due to some constraints associated with the sensor nodes. The proposed advanced algorithm for securing the 5G‐enabled sensor systems is a Multidimensional big data environment using artificial intelligence/machine learning (AI/ML). Using a structure that depends on both geographical and temporal data, an improved clear point selection operation may get important information from multidimensional time series data that is spread across a wide range of sensor nodes. Therefore, the actions of the 5G‐enabled sensor network can be shown accurately and a complete model of its underlying data structure is built to analysis attacking, pattern on 5G‐enabled Sensor Network Systems using the AI/ML Algorithm. [ABSTRACT FROM AUTHOR]

Published

2024

61. Malware Detection Using Dual Siamese Network Model.

Author

An, ByeongYeol, Yang, JeaHyuk, Kim, Seoyeon, and Kim, Taeguen

Subjects

RECURRENT neural networks, CONVOLUTIONAL neural networks, INTERNET security, GRAYSCALE model, MALWARE

Abstract

This paper proposes a new approach to counter cyberattacks using the increasingly diverse malware in cyber security. Traditional signature detection methods that utilize static and dynamic features face limitations due to the continuous evolution and diversity of new malware. Recently, machine learning-based malware detection techniques, such as Convolutional Neural Networks (CNN) and Recurrent Neural Networks (RNN), have gained attention. While these methods demonstrate high performance by leveraging static and dynamic features, they are limited in detecting new malware or variants because they learn based on the characteristics of existing malware. To overcome these limitations, malware detection techniques employing One-Shot Learning and Few-Shot Learning have been introduced. Based on this, the Siamese Network, which can effectively learn from a small number of samples and perform predictions based on similarity rather than learning the characteristics of the input data, enables the detection of new malware or variants. We propose a dual Siamese network-based detection framework that utilizes byte images converted from malware binary data to grayscale, and opcode frequency-based images generated after extracting opcodes and converting them into 2-gram frequencies. The proposed framework integrates two independent Siamese network models, one learning from byte images and the other from opcode frequency-based images. The detection models trained on the different kinds of images generated separately apply the L1 distance measure to the output vectors the models generate, calculate the similarity, and then apply different weights to each model. Our proposed framework achieved a malware detection accuracy of 95.9% and 99.83% in the experiments using different malware datasets. The experimental results demonstrate that our malware detection model can effectively detect malware by utilizing two different types of features and employing the dual Siamese network-based model. [ABSTRACT FROM AUTHOR]

Published

2024

62. An edge-assisted group authentication scheme for the narrowband internet of things.

Author

Zhao, Guosheng, Chen, Huan, and Wang, Jian

Subjects

INTERNET of things, TELECOMMUNICATION, CONFIRMATION (Logic), INTERNET security, EDGE computing

Abstract

As an emerging wireless communication technology, narrowband Internet of Things is widely used in various scenarios, but it also brings new security problems, especially the group authentication between terminal devices and servers. In narrowband Internet of Things, terminal devices are often deployed in unattended environments, which are vulnerable to various attacks and controlled by adversaries, resulting in identity information leakage. Secondly, a large number of terminal devices send authentication request information to the server at the same time, which is easy to cause network signaling congestion, and the centralized calculation mode of the server will cause a large delay in the authentication process. To solve these problems, we propose an edge-assisted group authentication scheme for narrowband Internet of Things. Firstly, a lightweight encryption algorithm LCHAOSAES was used to encrypt the terminal device identity to prevent the terminal device identity information leakage. Then, the edge computing method was used to add an edge network layer to the NB-IoT system architecture to assist in completing the group authentication of massive terminal devices, and the edge assistance could realize decentralization and reduce the load of centralized processing of the server. The Burrows Abadi Needham logic verification, informal security analysis and performance analysis show that the proposed scheme is robust under malicious attacks such as replay attack, man-in-the-middle attack and insider attack, and has less signaling overhead and delay. [ABSTRACT FROM AUTHOR]

Published

2024

63. Digital Forensics and Incident Response (DFIR): A Teaching Exercise.

Author

Breese, Jennifer L., Roshanaei, Maryam, Andrew Landmesser, J., and Gardner, Brian

Subjects

DIGITAL forensics, ELECTRONIC systems, INFORMATION storage & retrieval systems, LEARNING modules, INTERNET security

Abstract

Cybersecurity requires practical knowledge related to protecting electronic information systems and, more importantly, hands-on skill sets for students. To prepare cybersecurity students for effective workforce contributions, experiential practice in a modern, secure environment is essential. An ideal and cost-effective way to provide this environment for both institutions with funding limitations and students with starved resources is to establish a live virtual isolated lab environment that acts as a sandbox for performing cybersecurity-related exercises, including ethical hacking, penetration testing, offensive and defensive security, information risk assessment and management, and malware analysis. This teaching exercise provides suggestions and resources, including free training by reputable cybersecurity companies offering services to the broader industry community, as excellent options to include in student coursework. Additionally, this teaching exercise offers three lessons and a full learning module to include in a variety of introductory cyberforensics, information systems, and other related disciplines to both provide hands-on learning and engage students pursuing a major in cyber studies. [ABSTRACT FROM AUTHOR]

Published

2024

64. A model proposal for enhancing cyber security in industrial IoT environments.

Author

Buja, Atdhe, Apostolova, Marika, and Luma, Artan

Subjects

INTERNET security, CYBERTERRORISM, INDUSTRIAL revolution, SECURITY systems, INTERNET of things

Abstract

The revolution of the industrial sector in the automated one has happened with the use of the Industrial Internet of things (IIoT). They are providing unprecedented possibilities for connection, and automation. Also, the ubiquitous of IIoT has brought new cyber security challenges, putting sensitive data at risk. This research paper proposes a comprehensive model for enhancing the cyber security of IIoT systems. Our model integrates various countermeasures, including a proactive assessment of security vulnerabilities, examination of identified vulnerabilities, categorizing data, delivery of comprehensive reports, and assurance of effective countermeasures based on a cost-benefit approach, aligned with industry standards and frameworks. The proposed model aims to address the need for the development of robust and resilient cyber security solutions for IIoT environments. This research work introduces the proposed model's main functions, integration, workflow, and references. With this research, we contribute to the enhancement of cyber security in the IIoT environment by proposing a model that assists with proactive assessment, effective response, and informed decision-making. We envision that the proposed model will support industrial organizations in securing their IIoT systems against cyber threats, ultimately have stability and secure industrial operations. [ABSTRACT FROM AUTHOR]

Published

2024

65. Development of a Cryptographic Model Using Digits Classification for Cyber Security Applications.

Author

Jayakumar, K., Sivakami, K., Logamurthy, P., Sathiyamurthi, P., and Chandrasekaran, N.

Subjects

DIGITAL technology, DATA encryption, INTERNET security, DATA integrity, DIGITAL communications, CYBERTERRORISM

Abstract

In the digital age, the safeguarding of information through effective cybersecurity measures is paramount. This paper presents the development of a robust cryptographic model tailored for cybersecurity applications. The background underscores the increasing prevalence of cyber threats and the necessity for advanced encryption techniques to ensure data confidentiality, integrity, and authenticity. The methodology involves the design and implementation of the cryptographic model using state-of-the-art algorithms and protocols. Rigorous testing and evaluation were conducted to assess the model's performance in various cyber environments. The results indicate that the proposed model significantly enhances security, demonstrating high resistance to common cyber-attacks with an average encryption time of 0.5 seconds for a 1MB file and a decryption accuracy rate of 99.9%. The model also achieved a data integrity verification success rate of 99.8% and an overall system efficiency improvement of 45% compared to existing models. The conclusion highlights the model's effectiveness and potential for broad application in securing digital communication, offering a substantial contribution to the field of cybersecurity. [ABSTRACT FROM AUTHOR]

Published

2024

66. A Hybrid Genetic Algorithm and Neural Network-Based Cyber Security Approach for Enhanced Detection of DDoS and Malware Attacks in Wide Area Networks.

Author

S., Anusooya, Revathi, N., P., Sivakamasundari, Duraivel, A. N., and Prabu, S.

Subjects

DISCRETE wavelet transforms, WIDE area networks, SWARM intelligence, GENETIC algorithms, INTERNET security, DENIAL of service attacks

Abstract

This study addresses the growing threat of network attacks by exploring their types and analyzing the challenges associated with their precise detection. To mitigate these threats, we propose a novel cyber security approach that integrates Genetic Algorithm (GA) and neural network architecture. The GA is employed for the selection and optimization of attributes that represent DDoS and malware attack features. These optimized features are then fed into a neural network for training and classification. The effectiveness of the proposed approach was evaluated through precision, recall, and F-measure analyses, demonstrating superior detection capabilities for DDoS and malware attacks compared to existing methods. Furthermore, we introduce a hybrid approach that combines Swarm Intelligence (SI) and nature-inspired techniques. The GA is utilized to select features and reduce the dataset size, followed by the application of Discrete Wavelet Transform (DWT) with Artificial Bee Colony (ABC) to further filter irrelevant features. The results show that this hybrid approach significantly enhances the accuracy and efficiency of network attack detection in wide area networks. [ABSTRACT FROM AUTHOR]

Published

2024

67. Fortifying network security: machine learning-powered intrusion detection systems and classifier performance analysis.

Author

Al Tawil, Arar, Al-Shboul, Lara, Almazaydeh, Laiali, and Alshinwan, Mohammad

Subjects

FEATURE selection, MACHINE learning, COMPUTER network security, INTERNET security, CLASSIFICATION, INTRUSION detection systems (Computer security)

Abstract

Intrusion detection systems (IDS) protect networks from threats; they actively monitor network activity to identify and prevent malicious actions. This study investigates the application of machine learning methods to strengthen IDS, explicitly emphasizing the comprehensive CICIDS 2017 dataset. The dataset was refined by implementing stringent preprocessing methods such as feature normalization, class imbalance management, feature reduction, and feature selection to ensure its quality and lay the foundation for developing robust models. The performance evaluation of three classifiers-support vector machine (SVM), extreme gradient boosting (XGBoost), and naive Bayes was highly impressive. Vital accuracy, precision, recall, and F1-score values of 0.984389, 0.984479, 0.984375, and 0.984304, respectively, were achieved by SVM. Notably, XGBoost demonstrated exceptional performance across all metrics, attaining flawless scores of 1.0. naive Bayes demonstrated noteworthy accuracy, precision, recall, and F1-score performance, which were recorded as 0.877392, 0.907171, 0.877007, and 0.876986, respectively. The results of this study emphasize the critical importance of preparation methods in improving the effectiveness of IDS via machine learning. This further demonstrates the potential of particular classifiers to detect and prevent network intrusions efficiently, thereby substantially contributing to cybersecurity measures. [ABSTRACT FROM AUTHOR]

Published

2024

68. An empirical study for mitigating sustainable cloud computing challenges using ISM-ANN.

Author

Alwageed, Hathal Salamah, Keshta, Ismail, Khan, Rafiq Ahmad, Alzahrani, Abdulrahman, Tariq, Muhammad Usman, and Ghani, Anwar

Subjects

*ARTIFICIAL neural networks, *REQUIREMENTS engineering, *COMPUTER systems, *INTERNET security, *QUALITY of service

Abstract

The significance of cloud computing methods in everyday life is growing as a result of the exponential advancement and refinement of artificial technology. As cloud computing makes more progress, it will bring with it new opportunities and threats that affect the long-term health of society and the environment. Many questions remain unanswered regarding sustainability, such as, "How will widely available computing systems affect environmental equilibrium"? When hundreds of millions of microcomputers are invisible to each other, what will society look like? What does this mean for social sustainability? This paper empirically investigates the ethical challenges and practices of cloud computing about sustainable development. We conducted a systematic literature review followed by a questionnaire survey and identified 11 sustainable cloud computing challenges (SCCCs) and 66 practices for addressing the identified challenges. Interpretive structural modeling (ISM) and Artificial Neural Networks (ANN) were then used to identify and analyze the interrelationship between the SCCCs. Then, based on the results of the ISM, 11 process areas were determined to develop the proposed sustainable cloud computing challenges mitigation model (SCCCMM). The SCCCMM includes four main categories: Requirements specification, Quality of Service (QoS) and Service Legal Agreement (SLA), Complexity and Cyber security, and Trust. The model was subsequently tested with a real-world case study that was connected to the environment. In a sustainable cloud computing organization, the results demonstrate that the proposed SCCCMM aids in estimating the level of mitigation. The participants in the case study also appreciated the suggested SCCCMM for its practicality, user-friendliness, and overall usefulness. When it comes to the sustainability of their software products, we believe that organizations involved in cloud computing can benefit from the suggested SCCCMM. Additionally, researchers and industry practitioners can expect the proposed model to provide a strong foundation for developing new sustainable methods and tools for cloud computing [ABSTRACT FROM AUTHOR]

Published

2024

69. A novel image encryption method based on improved two-dimensional logistic mapping and DNA computing.

Author

Chen, Yuanlin, Lu, Tianxiu, Chen, Caiwen, Xiang, Yi, Mou, Jun, and Xiong, Li

Subjects

DIGITAL technology, COMPUTER systems, DNA, IMAGING systems, INTERNET security, IMAGE encryption

Abstract

In the digital era, the significance of cryptographic algorithms has grown significantly within the realm of cybersecurity. This research presents an innovative approach to image encryption that eliminates the security limitations of the conventional one-dimensional logistic mapping. This approach relies on an enhanced two-dimensional logistic-fraction hybrid chaotic mapping (2D-LFHCM) and deoxyribonucleic acid (DNA) computing. Initially, the improved 2D-LFHCM is utilized to effectively scramble the image by incorporating chaotic sequences. Then, two novel algebraic DNA computing rules are introduced to enhance diffusion encryption. Experimental findings show that this approach offers superior security performance, even with renowned attacks. [ABSTRACT FROM AUTHOR]

Published

2024

70. Optimal Blind Focusing on Perturbation‐Inducing Targets in Sub‐Unitary Complex Media.

Author

Sol, Jérôme, Le Magoarou, Luc, and del Hougne, Philipp

Subjects

*DISPLACEMENT (Psychology), *BIOELECTRONICS, *INTERNET security, *MICROWAVES

Abstract

The scattering of waves in a complex medium is perturbed by polarizability changes or displacements of embedded targets. These perturbations can serve as perfectly non‐invasive guidestars for focusing on the targets. Here, a fundamental but to‐date overlooked difference between these two perturbation types is theoretically derived: the change of the scattering matrix is of rank one [two] for a polarizability change [displacement] of a point‐like target; optimal strategies to perfectly focus on the target in both cases are identified accordingly. In particular, in the latter case, optimal focusing requires at least two target displacements. Furthermore, for the case of dynamic complex media additionally featuring parasitic perturbers, a non‐invasive scheme to achieve optimal time‐averaged power delivery to a perturbation‐inducing target is established. In all cases, no assumptions about the unitarity of the system's scattering matrix or the perturbation strength are necessary. All results are experimentally demonstrated in the microwave regime using a strongly sub‐unitary lossy chaotic cavity as a complex medium. The experiments highlight that the target's “structural scattering” is irrelevant [must be negligible] in the case of target polarizability changes [displacements]. The presented results are expected to find applications in communications, cybersecurity, wireless bioelectronics, flow‐cytometry, and self‐propelled nano‐swimmers. [ABSTRACT FROM AUTHOR]

Published

2024

71. Enhancing Cybersecurity in Healthcare: Evaluating Ensemble Learning Models for Intrusion Detection in the Internet of Medical Things.

Author

Alsolami, Theyab, Alsharif, Bader, and Ilyas, Mohammad

Subjects

*MACHINE learning, *SUPPORT vector machines, *CYBERTERRORISM, *RANDOM forest algorithms, *INTERNET security, *INTRUSION detection systems (Computer security)

Abstract

This study investigates the efficacy of machine learning models for intrusion detection in the Internet of Medical Things, aiming to enhance cybersecurity defenses and protect sensitive healthcare data. The analysis focuses on evaluating the performance of ensemble learning algorithms, specifically Stacking, Bagging, and Boosting, using Random Forest and Support Vector Machines as base models on the WUSTL-EHMS-2020 dataset. Through a comprehensive examination of performance metrics such as accuracy, precision, recall, and F1-score, Stacking demonstrates exceptional accuracy and reliability in detecting and classifying cyber attack incidents with an accuracy rate of 98.88%. Bagging is ranked second, with an accuracy rate of 97.83%, while Boosting yielded the lowest accuracy rate of 88.68%. [ABSTRACT FROM AUTHOR]

Published

2024

72. Advanced Micro/Nanocapsules for Self-Healing Coatings.

Author

Kartsonakis, Ioannis A., Kontiza, Artemis, and Kanellopoulou, Irene A.

Subjects

INORGANIC organic polymers, SERVICE life, CARDIOVASCULAR system, INTERNET security, BIOLOGICAL systems

Abstract

The concept of intelligence has many applications, such as in coatings and cyber security. Smart coatings have the ability to sense and/or respond to external stimuli and generally interact with their environment. Self-healing coatings represent a significant advance in improving material durability and performance using microcapsules and nanocontainers loaded with self-healing agents, catalysts, corrosion inhibitors, and water-repellents. These smart coatings can repair damage on their own and restore mechanical properties without external intervention and are inspired by biological systems. Properties that are affected by either momentary or continuous external stimuli in smart coatings include corrosion, fouling, fungal, self-healing, piezoelectric, and microbiological properties. These coating properties can be obtained via combinations of either organic or inorganic polymer phases, additives, and pigments. In this article, a review of the advancements in micro/nanocapsules for self-healing coatings is reported from the aspect of extrinsic self-healing ability. The concept of extrinsic self-healing coatings is based on the use of capsules or multichannel vascular systems loaded with healing agents/inhibitors. The result is that self-healing coatings exhibit improved properties compared to traditional coatings. Self-healing anticorrosive coating not only enhances passive barrier function but also realizes active defense. As a result, there is a significant improvement in the service life and overall performance of the coating. Future research should be devoted to refining self-healing mechanisms and developing cost-effective solutions for a wide range of industrial applications. [ABSTRACT FROM AUTHOR]

Published

2024

73. A Survey on Penetration Path Planning in Automated Penetration Testing.

Author

Chen, Ziyang, Kang, Fei, Xiong, Xiaobing, and Shu, Hui

Subjects

PENETRATION testing (Computer security), ARTIFICIAL intelligence, AUTOMATED planning & scheduling, RESEARCH personnel, INTERNET security

Abstract

Penetration Testing (PT) is an effective proactive security technique that simulates hacker attacks to identify vulnerabilities in networks or systems. However, traditional PT relies on specialized experience and costs extraordinary time and effort. With the advancement of artificial intelligence technologies, automated PT has emerged as a promising solution, attracting attention from researchers increasingly. In automated PT, penetration path planning is a core task that involves selecting the optimal attack paths to maximize the overall efficiency and success rate of the testing process. Recent years have seen significant progress in the field of penetration path planning, with diverse methods being proposed. This survey aims to comprehensively examine and summarize the research findings in this domain. Our work first outlines the background and challenges of penetration path planning and establishes the framework for research methods. It then provides a detailed analysis of existing studies from three key aspects: penetration path planning models, penetration path planning methods, and simulation environments. Finally, this survey offers insights into the future development trends of penetration path planning in PT. This paper aims to provide comprehensive references for academia and industry, promoting further research and application of automated PT path planning methods. [ABSTRACT FROM AUTHOR]

Published

2024

74. Autonomous Vehicle Ecosystem Security: Utilizing Autonomous Vehicle Security-Level Checks through Analytic Hierarchy Process.

Author

Lim, Dong-Sung and Lee, Sang-Joon

Subjects

ANALYTIC hierarchy process, INDUSTRIAL management, INTERNET security, SECURITY systems, AUTOMOBILE industry, AUTONOMOUS vehicles

Abstract

This study aimed to strengthen the security of autonomous vehicles by analyzing the current status of autonomous vehicle security, such as autonomous vehicle features, security threats, and compliance, and deriving security-level check items. Based on this, the relative importance could be obtained by applying it to the AHP (Analytic Hierarchy Process) model. The results of the empirical analysis showed that the order of priority was the establishment/implementation of a cybersecurity management system, encryption, and risk assessment. The significance of this study is that by deriving security-level check items related to autonomous vehicles and verifying the research model, we can reduce cyber security accidents that can cause loss of life and improve the level of autonomous vehicle security management of related companies. Additionally, by applying AHP evaluated by security experts to the autonomous vehicle field for the first time, it will contribute to the market expansion of the autonomous vehicle industry, which is concerned with security. Furthermore, major automobile companies have to manage the security levels of numerous tier companies due to the nature of the industry. Therefore, if they perform a Quick Check (QC) considering the relative importance of the autonomous vehicle security-level check items presented in this paper, they will be able to effectively identify the security levels of tier companies early. [ABSTRACT FROM AUTHOR]

Published

2024

75. Clop Ransomware in Action: A Comprehensive Analysis of Its Multi-Stage Tactics.

Author

Lee, Yongjoon, Lee, Jaeil, Ryu, Dojin, Park, Hansol, and Shin, Dongkyoo

Subjects

INTERNET security, RANSOMWARE, COMPUTER hacking, DIRECTORIES, LOGISTICS

Abstract

Recently, Clop ransomware attacks targeting non-IT fields such as distribution, logistics, and manufacturing have been rapidly increasing. These advanced attacks are particularly concentrated on Active Directory (AD) servers, causing significant operational and financial disruption to the affected organizations. In this study, the multi-step behavior of Clop ransomware was deeply investigated to decipher the sequential techniques and strategies of attackers. One of the key insights uncovered is the vulnerability in AD administrator accounts, which are often used as a primary point of exploitation. This study aims to provide a comprehensive analysis that enables organizations to develop a deeper understanding of the multifaceted threats posed by Clop ransomware and to build more strategic and robust defenses against them. [ABSTRACT FROM AUTHOR]

Published

2024

76. An Approach to Maritime Cyber Security Risks: Nature and Countermeasures.

Author

Kim, Suk Kyoon

Subjects

*INTERNET security, *CYBERTERRORISM, *MARITIME piracy, *DIGITAL technology, *INTERNATIONAL organization

Abstract

Maritime cyber risks, due to digitalisation, automation and operational integration in the maritime sector, have emerged as a new threat to maritime security. The rapid increase in maritime cyberattacks, with far-reaching consequences, requires the maritime sector and international community to address cyber security threats. In a global world, the consequences of a cyberattack affecting the transportation system of a country or a single terminal can quickly cascade across, and disrupt, the entire global supply chain. Thus, like piracy, maritime cyber security should be approached from a global governance perspective. [ABSTRACT FROM AUTHOR]

Published

2024

77. Middle powers and minilateralism against hybrid threats in the Indo-Pacific: South Korea, Singapore, and Taiwan.

Author

Jung, Sung Chul and Tan, Er-Win

Subjects

*INTERNATIONAL cooperation, *INFLECTION (Grammar), *INTERNET security, *MILITARY science, *COOPERATION

Abstract

Asian middle powers are adopting strategies to address emerging hybrid warfare threats by building a web of partnerships with capable and advanced states. This shows an inflection point in the foreign behaviours of Asian states, which have been largely regarded as hedgers between the US and China. To demonstrate the relationship between hybrid threats and complex alignment, this study focuses on three second-tier Indo-Pacific states: South Korea, Singapore, and Taiwan. South Korea has opened a new era of the trilateral relationship with the US and Japan, and has released its revised cybersecurity strategy emphasising liberal international cooperation against North Korea’s and other hybrid threats, while deepening its cyber and technology cooperation with like-minded states. Singapore has sought to further develop its relationship with the US, whilst maintaining ties with Taiwan; such an arrangement provides an opportunity for the two countries to promote joint leadership to support minilateral efforts in countering Chinese hybrid warfare threats. Over the past two decades, minilateral cooperation has become increasingly popular among Asian states that are implementing institutional balancing against the newly emerging threats. [ABSTRACT FROM AUTHOR]

Published

2024

78. FLOLSTM: Fuzzy logic‐driven optimized LSTM for improved malicious traffic detection in hypervisor environments.

Author

Kumar, Anumukonda Naga Seshu, Yadav, Rajesh Kumar, and Raghava, Nallanthighal Srinivasa

Subjects

TRAFFIC monitoring, HYPERVISOR (Computer software), COMPUTER network security, FUZZY logic, INTERNET security, INTRUSION detection systems (Computer security)

Abstract

Summary: In the ever‐evolving realm of cloud computing, the challenge of intrusion detection has grown increasingly intricate and vital. With the proliferation of cyber‐attacks and the widespread use of virtualized environments, there is a pressing need for network security solutions that are not only innovative and robust but also easily comprehensible. These solutions must possess the ability to effectively detect malicious activities, provide visibility into network operations, adapt to changing requirements, and promptly alert stakeholders to any suspicious behavior. In this study, we introduce a groundbreaking approach known as fuzzy logic‐driven optimized long short‐term memory (LSTM)—FLOLSTM, specifically designed for hypervisor‐based environments. By integrating fuzzy logic with an optimized LSTM neural network, FLOLSTM aims to significantly enhance the detection of attack traffic within hypervisor networks by combining the interpretability and uncertainty management capabilities of fuzzy logic with the temporal pattern recognition prowess of LSTM. The research methodology involves meticulous data collection from hypervisor monitors, followed by rigorous cleaning and preprocessing to enhance data reliability. Subsequently, the preprocessed data is input into the FLOLSTM classifier to identify malicious activities. Furthermore, the performance of the LSTM is fine‐tuned using the waterwheel plant optimization (WPO) algorithm. Experimental evaluations compare the efficiency of the proposed FLOLSTM with existing techniques across various metrics including accuracy, recall, precision, F‐measure, specificity, false‐positive rate (FPR), and false‐negative rate (FNR). Overall, the FLOLSTM model represents a significant advancement in intrusion detection for cloud environments, offering a potent blend of interpretability, accuracy, and efficiency. Its superior performance underscores its capacity to enhance network security and effectively mitigate cyber threats in dynamic and virtualized settings, thereby making a substantial impact on the field of cyber security. [ABSTRACT FROM AUTHOR]

Published

2024

79. Enhancing UAV‐HetNet security through functional encryption framework.

Author

Gupta, Sachin Kumar, Gupta, Parul, and Singh, Pawan

Subjects

INTERNET protocols, INTERNET security, TELECOMMUNICATION systems, DRONE aircraft, SECURITY systems

Abstract

Summary: In the current landscape, the rapid expansion of the internet has brought about a corresponding surge in the number of data consumers. As user volume and diversity have escalated, the shift from conventional, uniform networks to Heterogeneous Networks (HetNets) has emerged. HetNets are designed with a primary objective: enhancing Quality of Service (QoS) standards for users. In the context of HetNets facilitated by Unmanned Aerial Vehicles (UAVs), a substantial influx of users and devices is observed. Within this multifaceted environment, the potential for malicious intruder nodes to efficiently execute and propagate harmful actions across the network is a distinct concern. Consequently, the entirety of network communication becomes susceptible to a multitude of security threats. To address these vulnerabilities and safeguard communication, the Functional Encryption (FE) technique is employed. FE empowers the protection of data against intrusion attacks. This paper presents a comprehensive methodology for implementing FE within UAV‐integrated HetNets, executed in two sequential phases. The initial phase secures communication between User Equipment (UE) and Micro Base Station (MBS), followed by the second phase, which focuses on securing communication among MBS and UAV. The viability of the proposed approach is substantiated through validation using the Automated Validation of Internet Security Protocols and Applications (AVISPA) tool. The validation process involves the development of High‐Level Protocol Specification Language (HLPSL) codes. The successful security validation outcome underscores the capacity of the proposed methodology to provide the intended security measures and robustness to the network environment. [ABSTRACT FROM AUTHOR]

Published

2024

80. DeepRoughNetID: A Robust Framework for Network Anomaly Intrusion Detection with High Detection Rates.

Author

Nalini, M., Yamini, B., Sinthia, P., and S, Praveena Rachel Kamala

Subjects

*ANOMALY detection (Computer security), *COMPUTER network security, *TELECOMMUNICATION systems, *TELECOMMUNICATION, *INTERNET security, *INTRUSION detection systems (Computer security)

Abstract

Network security faces challenges, including reduced true positives, increased false positives, and inadequate anomaly detection efficacy. This paper introduces the DeepRoughNetID (DRNID) approach to address these issues and confront the increasing cyberattack threat in modern communication systems. DRNID presents an innovative framework for network intrusion detection, incorporating kNNImputer, GreedyRoughSelector, DeepVAEEnsembler, and IntrusionNet components. kNNImputer enables adaptable data preprocessing by leveraging instance-based learning, facilitating efficient handling of evolving datasets without necessitating full retraining. GreedyRoughSelector enhances classifier performance through systematic attribute selection, focusing on relevant features while eliminating redundancies. DeepVAEEnsembler leverages Variational Autoencoders (VAEs) to learn underlying data distributions, enabling robust anomaly detection. IntrusionNet utilizes VAEs to classify intrusions, providing a comprehensive solution to network security challenges. By integrating these components, DRNID offers a refined approach that promises significant advancements in network intrusion detection. The experimental results demonstrate the effectiveness of DRNID, with an impressive accuracy of 98.8% achieved through 10-fold cross-validation. DRNID exhibits superior performance compared to existing methods across various datasets, showcasing its robust anomaly detection capabilities. This methodology empowers organizations to proactively prevent security violations and safeguard sensitive data from malicious entities. Beyond its theoretical contributions, our research carries tangible implications for strengthening cybersecurity defenses across diverse sectors, including telecommunications, finance, and healthcare. [ABSTRACT FROM AUTHOR]

Published

2024

81. Secure system with security protocol for interactions in healthcare Internet of Things.

Author

SZYMONIAK, Sabina

Subjects

*INTERNET of things, *BLOOD sugar, *ELECTRONIC data processing, *SECURITY systems, *INTERNET security

Abstract

The Internet of Things is a network of connected devices that can communicate and share data over the Internet. These devices often have sensors that collect data for various purposes, such as usage statistics, data processing, or performing specific actions based on the collected data. Also, medical Internet of Things devices are crucial in monitoring critical functions, measuring blood glucose levels, indicating when patients require medicine, and ensuring timely medication delivery. Communication in the Internet of Things is demanding, requiring diverse protocols that address communication security concerns. These protocols must be robust and secure, considering technical factors such as the network objective, energy requirements, and the nature of the communication because they can be exploited. This paper proposes an innovative system with a security protocol that supports and improves communication security in modern Internet of Things networks. The protocol aims to enhance communication safety between interconnected devices for information exchange in medicine or healthcare, ensuring the confidentiality and integrity of sent data and devices. The proposed protocol, tested through formal and automated verification, meets all security goals, including identity verification, anonymity protection, and access revokement. It also protects against man-in-the-middle, modification, replay, and impersonation attacks. [ABSTRACT FROM AUTHOR]

Published

2024

82. Applications of Fuzzy Logic and Probabilistic Neural Networks in E-Service for Malware Detection.

Author

Kuk, Kristijan, Stanojević, Aleksandar, Čisar, Petar, Popović, Brankica, Jovanović, Mihailo, Stanković, Zoran, and Pronić-Rančić, Olivera

Subjects

*ARTIFICIAL neural networks, *FEATURE selection, *APRIORI algorithm, *FUZZY logic, *INTERNET security

Abstract

The key point in the process of agent-based management in e-service for malware detection (according to accuracy criteria) is a decision-making process. To determine the optimal e-service for malware detection, two concepts were investigated: Fuzzy Logic (FL) and Probabilistic Neural Networks (PNN). In this study, three evolutionary variants of fuzzy partitioning, including regular, hierarchical fuzzy partitioning, and k-means, were used to automatically process the design of the fuzzy partition. Also, this study demonstrates the application of a feature selection method to reduce the dimensionality of the data by removing irrelevant features to create fuzzy logic in a dataset. The behaviors of malware are analyzed by fuzzifying relevant features for pattern recognition. The Apriori algorithm was applied to the fuzzified features to find the fuzzy-based rules, and these rules were used for predicting the output of malware detection e-services. Probabilistic neural networks were also used to find the ideal agent-based model for numerous classification problems. The numerical results show that the agent-based management performances trained with the clustering method achieve an accuracy of 100% with the PNN-MCD model. This is followed by the FL model, which classifies on the basis of linguistic variables and achieves an average accuracy of 82%. [ABSTRACT FROM AUTHOR]

Published

2024

83. Fortifying Industry 4.0: Internet of Things Security in Cloud Manufacturing through Artificial Intelligence and Provenance Blockchain—A Thematic Literature Review.

Author

Umer, Mifta Ahmed, Belay, Elefelious Getachew, and Gouveia, Luis Borges

Subjects

*ARTIFICIAL intelligence, *LITERATURE reviews, *INTERNET of things, *INTERNET security, *MANUFACTURING processes

Abstract

Cloud manufacturing allows multiple manufacturers to contribute their manufacturing facilities and assets for monitoring, operating, and controlling common processes of manufacturing and services controlled through cloud computing. The modern framework is driven by the seamless integration of technologies evolved under Industry 4.0. The entire digitalized manufacturing systems operate through the Internet, and hence, cybersecurity threats have become a problem area for manufacturing companies. The impacts can be very serious because cyber-attacks can penetrate operations carried out in the physical infrastructure, causing explosions, crashes, collisions, and other incidents. This research is a thematic literature review of the deterrence to such attacks by protecting IoT devices by employing provenance blockchain and artificial intelligence. The literature review was conducted on four themes: cloud manufacturing design, cybersecurity risks to the IoT, provenance blockchains for IoT security, and artificial intelligence for IoT security. These four themes of the literature review were critically analyzed to visualize a framework in which provenance blockchain and artificial intelligence can be integrated to offer a more effective solution for protecting IoT devices used in cloud manufacturing from cybersecurity threats. The findings of this study can provide an informative framework. [ABSTRACT FROM AUTHOR]

Published

2024

84. Towards an Innovative Model for Cybersecurity Awareness Training.

Author

Taherdoost, Hamed

Subjects

*KNOWLEDGE graphs, *EDUCATIONAL outcomes, *INTERNET security, *MICROLEARNING, *GAMIFICATION

Abstract

The rapid evolution of cybersecurity threats poses a significant challenge to organizations and individuals, necessitating strengthening defense mechanisms against malicious operations. Amidst this ever-changing environment, the importance of implementing efficacious cybersecurity awareness training has escalated dramatically. This paper presents the Integrated Cybersecurity Awareness Training (iCAT) model, which leverages knowledge graphs, serious games, and gamification to enhance cybersecurity training. The iCAT model's micro-learning module increases flexibility and accessibility, while real-time progress monitoring and adaptive feedback ensure effective learning outcomes. Evaluations show improved participant engagement and knowledge retention, making iCAT a practical and efficient solution for cybersecurity challenges. With an emphasis on adaptability and applicability, iCAT provides organizations in search of accessible and efficient cybersecurity awareness training with a streamlined approach. [ABSTRACT FROM AUTHOR]

Published

2024

85. ANALYSIS OF AN ENHANCED RANDOM FOREST ALGORITHM FOR IDENTIFYING ENCRYPTED NETWORK TRAFFIC.

Author

Xiaoqing Yang, Angkawisittpan, Niwat, and Xinyue Feng

Subjects

*RANDOM forest algorithms, *MACHINE learning, *ARTIFICIAL intelligence, *INTERNET security, *DECISION making

Abstract

The focus of this paper is to apply an improved machine learning algorithm to realize the efficient and reliable identification and classification of network communication encrypted traffic, and to solve the challenges faced by traditional algorithms in analyzing encrypted traffic after adding encryption protocols. In this study, an enhanced random forest (ERF) algorithm is introduced to optimize the accuracy and efficiency of the identification and classification of encrypted network traffic. Compared with traditional methods, it aims to improve the identification ability of encrypted traffic and fill the knowledge gap in this field. Using the publicly available datasets and preprocessing the original PCAP format packets, the optimal combination of the relevant parameters of the tree was determined by grid search cross-validation, and the experimental results were evaluated in terms of performance using accuracy, precision, recall and F1 score, which showed that the average precision was more than 98 %, and that compared with the traditional algorithm, the error rate of the traffic test set was reduced, and the data of each performance evaluation index were better, which It shows that the advantages of the improved algorithm are obvious. In the experiment, the enhanced random forest and traditional random forest models were trained and tested on a series of data sets and the corresponding test errors were listed as the basis for judging the model quality. The experimental results show that the enhanced algorithm has good competitiveness. These findings have implications for cybersecurity professionals, researchers, and organizations, providing a practical solution to enhance threat detection and data privacy in the face of evolving encryption technologies. This study provides valuable insights for practitioners and decision-makers in the cybersecurity field. [ABSTRACT FROM AUTHOR]

Published

2024

86. Energy-Efficient Anomaly Detection and Chaoticity in Electric Vehicle Driving Behavior.

Author

Savran, Efe, Karpat, Esin, and Karpat, Fatih

Subjects

*ELECTRIC vehicles, *ANOMALY detection (Computer security), *ELECTRIC vehicle batteries, *INTERNET security, *LYAPUNOV exponents

Abstract

Detection of abnormal situations in mobile systems not only provides predictions about risky situations but also has the potential to increase energy efficiency. In this study, two real-world drives of a battery electric vehicle and unsupervised hybrid anomaly detection approaches were developed. The anomaly detection performances of hybrid models created with the combination of Long Short-Term Memory (LSTM)-Autoencoder, the Local Outlier Factor (LOF), and the Mahalanobis distance were evaluated with the silhouette score, Davies–Bouldin index, and Calinski–Harabasz index, and the potential energy recovery rates were also determined. Two driving datasets were evaluated in terms of chaotic aspects using the Lyapunov exponent, Kolmogorov–Sinai entropy, and fractal dimension metrics. The developed hybrid models are superior to the sub-methods in anomaly detection. Hybrid Model-2 had 2.92% more successful results in anomaly detection compared to Hybrid Model-1. In terms of potential energy saving, Hybrid Model-1 provided 31.26% superiority, while Hybrid Model-2 provided 31.48%. It was also observed that there is a close relationship between anomaly and chaoticity. In the literature where cyber security and visual sources dominate in anomaly detection, a strategy was developed that provides energy efficiency-based anomaly detection and chaotic analysis from data obtained without additional sensor data. [ABSTRACT FROM AUTHOR]

Published

2024

87. SpecRep: Adversary Emulation Based on Attack Objective Specification in Heterogeneous Infrastructures.

Author

Portase, Radu Marian, Colesa, Adrian, and Sebestyen, Gheorghe

Subjects

*LANGUAGE models, *INDUSTRIAL controls manufacturing, *CYBERTERRORISM, *INTERNET security, *SMART cities

Abstract

Cybercriminals have become an imperative threat because they target the most valuable resource on earth, data. Organizations prepare against cyber attacks by creating Cyber Security Incident Response Teams (CSIRTs) that use various technologies to monitor and detect threats and to help perform forensics on machines and networks. Testing the limits of defense technologies and the skill of a CSIRT can be performed through adversary emulation performed by so-called "red teams". The red team's work is primarily manual and requires high skill. We propose SpecRep, a system to ease the testing of the detection capabilities of defenses in complex, heterogeneous infrastructures. SpecRep uses previously known attack specifications to construct attack scenarios based on attacker objectives instead of the traditional attack graphs or a list of actions. We create a metalanguage to describe objectives to be achieved in an attack together with a compiler that can build multiple attack scenarios that achieve the objectives. We use text processing tools aided by large language models to extract information from freely available white papers and convert them to plausible attack specifications that can then be emulated by SpecRep. We show how our system can emulate attacks against a smart home, a large enterprise, and an industrial control system. [ABSTRACT FROM AUTHOR]

Published

2024

88. Malware Identification Method in Industrial Control Systems Based on Opcode2vec and CVAE-GAN.

Author

Huang, Yuchen, Liu, Jingwen, Xiang, Xuanyi, Wen, Pan, Wen, Shiyuan, Chen, Yanru, Chen, Liangyin, and Zhang, Yuanyuan

Subjects

*INDUSTRIAL controls manufacturing, *CONVOLUTIONAL neural networks, *MACHINE learning, *MALWARE, *INTERNET security

Abstract

Industrial Control Systems (ICSs) have faced a significant increase in malware threats since their integration with the Internet. However, existing machine learning-based malware identification methods are not specifically optimized for ICS environments, resulting in suboptimal identification performance. In this work, we propose an innovative method explicitly tailored for ICSs to enhance the performance of malware classifiers within these systems. Our method integrates the opcode2vec method based on preprocessed features with a conditional variational autoencoder–generative adversarial network, enabling classifiers based on Convolutional Neural Networks to identify malware more effectively and with some degree of increased stability and robustness. Extensive experiments validate the efficacy of our method, demonstrating the improved performance of malware classifiers in ICSs. Our method achieved an accuracy of 97.30%, precision of 92.34%, recall of 97.44%, and F1-score of 94.82%, which are the highest reported values in the experiment. [ABSTRACT FROM AUTHOR]

Published

2024

89. Green Intrusion Detection Systems: A Comprehensive Review and Directions.

Author

Roy, Swapnoneel, Sankaran, Sriram, and Zeng, Mini

Subjects

*ANOMALY detection (Computer security), *INTERNET of things, *ENERGY consumption, *INTERNET security, *CYBER physical systems

Abstract

Intrusion detection systems have proliferated with varying capabilities for data generation and learning towards detecting abnormal behavior. The goal of green intrusion detection systems is to design intrusion detection systems for energy efficiency, taking into account the resource constraints of embedded devices and analyzing energy–performance–security trade-offs. Towards this goal, we provide a comprehensive survey of existing green intrusion detection systems and analyze their effectiveness in terms of performance, overhead, and energy consumption for a wide variety of low-power embedded systems such as the Internet of Things (IoT) and cyber physical systems. Finally, we provide future directions that can be leveraged by existing systems towards building a secure and greener environment. [ABSTRACT FROM AUTHOR]

Published

2024

90. BRL-ETDM: Bayesian reinforcement learning-based explainable threat detection model for industry 5.0 network.

Author

Dey, Arun Kumar, Gupta, Govind P., and Sahu, Satya Prakash

Subjects

*CYBERTERRORISM, *FEATURE selection, *PLURALITY voting, *INTERNET security, *SWARMING (Zoology)

Abstract

To enhance the universal adaptability of the Real-Time deployment of Industry 5.0, various machine learning-based cyber threat detection models are given in the literature. Most of the existing threat detection models may not be able to detect zero-day cyber threats and are prone to producing a high False Positive Rate (FPR) due to irrelevant features and imbalanced class samples. Furthermore, its predictive decisions are also difficult to comprehend even by security experts. Consequently, an intelligent and more robust model is needed to mitigate zero-day cyber threats. This study proposes an explainable model named BRL-ETDM for detecting cyber threats in Industry 5.0. In this model, features are optimized by Bayesian Reinforcement Learning (BRL)-based Bee Swarm Optimization (BSO) technique in which the exploitation phase of BSO is improved by the BRL technique. Then, an improved weighted majority voting-based ensemble technique is designed to enhance threat detection performance. Additionally, an explainable AI technique is employed to explain the threat predictions. This model is tested and validated using two realistic datasets named Edge-IIoTset and ToN-IoT. Experimental results show that the proposed model achieved a maximum accuracy of 96.15% with a minimum number of features and FPR of 0.27% as compared to existing techniques. [ABSTRACT FROM AUTHOR]

Published

2024

91. Leveraging deep learning-assisted attacks against image obfuscation via federated learning.

Author

Tekli, Jimmy, Al Bouna, Bechara, Tekli, Gilbert, Couturier, Raphaël, and Charbel, Antoine

Subjects

*FEDERATED learning, *MACHINE learning, *EVALUATION methodology, *PRIVACY, *INTERNET security

Abstract

Obfuscation techniques (e.g., blurring) are employed to protect sensitive information (SI) in images such as individuals' faces. Recent works demonstrated that adversaries can perform deep learning-assisted (DL) attacks to re-identify obfuscated face images. Adversaries are modeled by their goals, knowledge (e.g., background knowledge), and capabilities (e.g., DL-assisted attacks). Nevertheless, enhancing the evaluation methodology of obfuscation techniques and improving the defense strategies against adversaries requires considering more "pessimistic" attacking scenario, i.e., stronger adversaries. According to a 2019 article published by the European Union Agency for Cybersecurity (ENISA), adversaries tend to perform more sophisticated and dangerous attacks when collaborating together. To address these concerns, our paper investigates a novel privacy challenge in the context of image obfuscation. Specifically, we examine whether adversaries, when collaborating together, can amplify their DL-assisted attacks and cause additional privacy breaches against a target dataset of obfuscated images. We empirically demonstrate that federated learning (FL) can be used as a collaborative attack/adversarial strategy to (i) leverage the attacking capabilities of an adversary, (ii) increase the privacy breaches, and (iii) remedy the lack of background knowledge and data shortage without the need to share/disclose the local training datasets in a centralized location. To the best of our knowledge, we are the first to consider collaborative and more specifically FL-based attacks in the context of face obfuscation. [ABSTRACT FROM AUTHOR]

Published

2024

92. Women in Intelligence: A Dynamic and Integrative Literature Review.

Author

Andoko, Djoko, Nurisnaeny, Poppy Setiawati, Wicaksono, Padang, and Widiaty, Isma

Subjects

*INTELLECT, *WOMEN, *INTERNET security, *NATIONAL security, *SEXUAL harassment

Abstract

Despite their pivotal roles across various capacities within the intelligence sector, including cybersecurity, peacekeeping, and national security, women's contributions are often undervalued due to systemic challenges like discrimination, sexual harassment, and mobbing. This study employs Systematic Literature Network Analysis, integrating bibliometric analysis with Systematic Literature Review, to comprehensively examine the underexplored issue of women in intelligence. This innovative methodological approach facilitates a nuanced understanding of the literature, addressing the notable absence of systematic scholarly scrutiny in this area. The findings underscore the intrinsic link between women and intelligence, highlighting their proficiency in addressing not only traditionally feminine-associated issues such as welfare and education but also demonstrating their adeptness in negotiation and socio-emotional intelligence—skills crucial for handling 'masculine' security concerns like terrorism and national threats. Despite these capabilities, women remain significantly underrepresented in intelligence roles, a disparity fueled by enduring gender biases. This research calls for policy reform, advocating for the recognition of women's indispensable contributions to intelligence and the implementation of gender-equal policies within intelligence agencies. By doing so, it aims to foster a more inclusive and diverse intelligence community, leveraging the unique strengths women bring to intelligence work and enhancing overall agency effectiveness. [ABSTRACT FROM AUTHOR]

Published

2024

93. Operational cyber incident coordination revisited: providing cyber situational awareness across organizations and countries.

Author

Leitner, Maria, Skopik, Florian, and Pahi, Timea

Subjects

*SITUATIONAL awareness, *COMPUTER security, *INTERNET security, *KNOWLEDGE management, *WEB-based user interfaces

Abstract

Cyber situational awareness (CSA) is a prerequisite for justified decision-making and to maintain cyber security. This becomes particularly complex when establishing inter-organizational awareness across sectors. For example, computer security incident response teams (CSIRTs) and national cyber security centers need to establish CSA among countries when coordinating regional cyber incident response. Today's state of the art of information sharing across larger numbers of organizations is often still the least common denominator in the shape of web-based forms and email reports. These are easily applicable by almost everyone who wants to report findings even in stressful situations. However, these do not prove to be efficient for the coordinator that aggregates and merges the data. Therefore, a cyber coordination platform using online surveys is proposed. This approach uses surveys to collect, aggregate and visualize data in a dashboard to support cyber coordination and knowledge management. Furthermore, the online surveys are easy to use and respond to and therefore simplify the participation of stakeholders. We propose an architecture and implement a prototype using popular web application frameworks. The evaluation in a user study revealed promising results with respect to increased efficiency and decreased resource requirements for establishing situational awareness. [ABSTRACT FROM AUTHOR]

Published

2024

94. A new early warning system based on metaheuristics in CPS architecture.

Author

Mbiriki, Anwer, Katar, Chaker, and Badreddine, Ahmed

Subjects

*METAHEURISTIC algorithms, *NP-hard problems, *INTERNET security, *INFORMATION technology security, *MILITARY policy

Abstract

Cyber security is the most studied in recent years by the association of metaheuristic techniques thanks to their ability to solve optimization problems in a limited time and NP-hard problems. The Early Warning System (EWS) can identify malicious exercises and anomalies in the CPS and provide robust network systems protection. In addition, grouping attacks in EWS is important for defining defense policies. Information security in the CPS architecture is about securing information during data aggregation, large-scale processing and sharing in the network environment, especially low-linkage open networks. Motivated by these considerations, we propose a new security approach based on the Artificial Bee Colony (ABC) metaheuristic algorithm to strengthen the security framework of the CPS architecture against the system and within CPS attacks. In this work, we propose a new Early Warning System approach based on metaheuristics. Based on two fundamental concepts of clustering, coherence and separation, an integrated index was proposed based on Davies-Bouldin (DB) and Silhouette Index (SI). An improved ABC algorithm was proposed based on these indices. After having identified two different types of an objective function, based on the above concepts, and after having tested the algorithm on DBSI, the results of the experiments found are auspicious. [ABSTRACT FROM AUTHOR]

Published

2024

95. Cobalt Strike: A Cyber Assessment Challenge.

Author

Wray, Nathan R. and Phipps, Sean

Subjects

INTERNET security, SOFTWARE development tools, MALWARE

Abstract

Assessment of cyber tooling serves a critical role in the procurement process of red team tools; however, once a tool is vetted and approved for use by a red team, it is then incorporated into their steady state operations. As a result, approved tools may not undergo routine in-depth cyber assessments as newer versions are released. This presents a major concern for the red team community as new versions can change the operational security of those tools. Similarly, cyber defenders – either through lack of training or limited resources – have been known to upload red team payloads to commercial malware analysis platforms, which inadvertently releases potentially sensitive information about red team operations. In this paper, we discuss red team cyber tooling, in-depth analysis into Cobalt Strike versions 4.8+, and provide recommendations on evaluating cyber tooling. [ABSTRACT FROM AUTHOR]

Published

2024

96. Complex Challenges of Space Cybersecurity and Their Implications for the ROK.

Author

Junghyun Yoon and Jungsik Um

Subjects

NATIONAL security, CYBERTERRORISM, INTERNET security, COOPERATION

Abstract

Space activities are rapidly developing around the world, and the Republic of Korea (ROK) is no exception. At the same time, the high dependence on space systems is becoming a vulnerability for national security. While some of these vulnerabilities come from physical attacks or threats, cheaper and easier attacks or threats come from cyber threats. Previous studies have focused on physical threats to space systems, such as China's ASAT (anti-satellite) tests. Against this backdrop, this article focuses on cyber vulnerabilities to space systems from a national security perspective and proposes a way forward to address complex space cyber challenges through a "national innovation system" approach. These vulnerabilities include the multidimensional linkages within the cyber in space domain, the security dilemmas posed by cyber threats in space with unclear intentions, the lack of systematic integration between cyber strategies in space and national security strategies, and the difficulty of building effective government-civil-military partnerships due to the increasing involvement of civil actors. To address these challenges, we analyze the most advanced U.S. cybersecurity in space guidance and efforts in this area highlight the need for a National Space Security Strategy, which ROK does not yet have, and suggest elements that should be included. In conclusion, this study argues that four elements are necessary as countermeasures. First, a holistic response to the space targeting system for cyber threats is required, encompassing the ground, link, and space sectors. Second, we must prepare for the asymmetries and diverse actors that create security dilemmas in the space cyber domain. Third, a national space security strategy should be developed to systematically integrate space security with national security and cybersecurity. Fourth, the governance of government-civil-military cooperation must be redefined to address the demands of the space cybersecurity era. [ABSTRACT FROM AUTHOR]

Published

2024

97. Using data clustering to reveal trainees' behavior in cybersecurity education.

Author

Dočkalová Burská, Karolína, Mlynárik, Jakub Rudolf, and Ošlejšek, Radek

Subjects

INDUSTRIAL clusters, PERFORMANCE, VISUAL analytics, RADAR, INTERNET security

Abstract

In cyber security education, hands-on training is a common type of exercise to help raise awareness and competence, and improve students' cybersecurity skills. To be able to measure the impact of the design of the particular courses, the designers need methods that can reveal hidden patterns in trainee behavior. However, the support of the designers in performing such analytic and evaluation tasks is ad-hoc and insufficient. With unsupervised machine learning methods, we designed a tool for clustering the trainee actions that can exhibit their strategies or help pinpoint flaws in the training design. By using a k-means++ algorithm, we explore clusters of trainees that unveil their specific behavior within the training sessions. The final visualization tool consists of views with scatter plots and radar charts. The former provides a two-dimensional correlation of selected trainee actions and displays their clusters. In contrast, the radar chart displays distinct clusters of trainees based on their more specific strategies or approaches when solving tasks. Through iterative training redesign, the tool can help designers identify improper training parameters and improve the quality of the courses accordingly. To evaluate the tool, we performed a qualitative evaluation of its outcomes with cybersecurity experts. The results confirm the usability of the selected methods in discovering significant trainee behavior. Our insights and recommendations can be beneficial for the design of tools for educators, even beyond cyber security. [ABSTRACT FROM AUTHOR]

Published

2024

98. Cascade failure modeling and resilience analysis of mine cyber physical systems under deliberate attacks.

Author

Xinping Wang, Jialin Zhu, Chang Su, and Xinyue Zhen

Subjects

FAILURE mode & effects analysis, INTERNET security, COAL mining, MARKOV processes, PUBLIC health

Abstract

Guided by the intelligent construction of coal mines and integrating the concept of the Cyber-Physical System (CPS), a novel approach to a coal mine information-physical fusion system is proposed. This concept emerges from the advancement of intelligent mines and the growing need for enhanced safety in coal mine operations. From a system safety perspective, this approach aims to effectively evaluate security issues by better integrating the informational and physical layers of intelligent mines. Currently, research in areas such as power grids and water networks has widely adopted concepts of cascade failures and robustness. It is suggested that the CPS framework be adapted to the mining sector. Considering the critical role of coal mines in China's energy security and their vulnerability to cyber attacks, a mine-specific CPS system is designed. This system incorporates a model of mine information-physical fusion, including networks for mine operations, management, and control, tailored to the unique conditions of mine shafts and underground settings. Utilizing Markov process theory, the paper delves into the theoretical study of the cascade failure process under deliberate attack strategies. This analysis is essential to effectively assess the safety issues within the information-physical system, providing vital support for fault prediction and safety analysis. The model of cascading failures in the mine information-physical system is developed, and based on an analysis of resilience and robustness, the study identifies key factors influencing the security of mine information-physical systems. Critical factors affecting the reliability of these systems include the number of system nodes, node coupling, edge count, and the interconnection methods of the dual-layer dependency network. The paper concludes by discussing the challenges in analyzing the security of information-physical systems and suggesting directions for future research. [ABSTRACT FROM AUTHOR]

Published

2024

99. Video and Audio Deepfake Datasets and Open Issues in Deepfake Technology: Being Ahead of the Curve.

Author

Akhtar, Zahid, Pendyala, Thanvi Lahari, and Athmakuri, Virinchi Sai

Subjects

MACHINE learning, ARTIFICIAL intelligence, INTERNET security, ROBOTICS, DEEPFAKES

Abstract

The revolutionary breakthroughs in Machine Learning (ML) and Artificial Intelligence (AI) are extensively being harnessed across a diverse range of domains, e.g., forensic science, healthcare, virtual assistants, cybersecurity, and robotics. On the flip side, they can also be exploited for negative purposes, like producing authentic-looking fake news that propagates misinformation and diminishes public trust. Deepfakes pertain to audio or visual multimedia contents that have been artificially synthesized or digitally modified through the application of deep neural networks. Deepfakes can be employed for benign purposes (e.g., refinement of face pictures for optimal magazine cover quality) or malicious intentions (e.g., superimposing faces onto explicit image/video to harm individuals producing fake audio recordings of public figures making inflammatory statements to damage their reputation). With mobile devices and user-friendly audio and visual editing tools at hand, even non-experts can effortlessly craft intricate deepfakes and digitally altered audio and facial features. This presents challenges to contemporary computer forensic tools and human examiners, including common individuals and digital forensic investigators. There is a perpetual battle between attackers armed with deepfake generators and defenders utilizing deepfake detectors. This paper first comprehensively reviews existing image, video, and audio deepfake databases with the aim of propelling next-generation deepfake detectors for enhanced accuracy, generalization, robustness, and explainability. Then, the paper delves deeply into open challenges and potential avenues for research in the audio and video deepfake generation and mitigation field. The aspiration for this article is to complement prior studies and assist newcomers, researchers, engineers, and practitioners in gaining a deeper understanding and in the development of innovative deepfake technologies. [ABSTRACT FROM AUTHOR]

Published

2024

100. Advancing XSS Detection in IoT over 5G: A Cutting-Edge Artificial Neural Network Approach.

Author

Alqura'n, Rabee, AlJamal, Mahmoud, Al-Aiash, Issa, Alsarhan, Ayoub, Khassawneh, Bashar, Aljaidi, Mohammad, and Alanazi, Rakan

Subjects

INTERNET of things, ARTIFICIAL neural networks, 5G networks, ARTIFICIAL intelligence, INTERNET security

Abstract

The rapid expansion of the Internet of Things (IoT) and the advancement of 5G technology require strong cybersecurity measures within IoT frameworks. Traditional security methods are insufficient due to the wide variety and large number of IoT devices and their limited computational capabilities. With 5G enabling faster data transmission, security risks have increased, making effective protective measures essential. Cross-Site Scripting (XSS) attacks present a significant threat to IoT security. In response, we have developed a new approach using Artificial Neural Networks (ANNs) to identify and prevent XSS breaches in IoT systems over 5G networks. We significantly improved our model's predictive performance by using filter and wrapper feature selection methods. We validated our approach using two datasets, NF-ToN-IoT-v2 and Edge-IIoTset, ensuring its strength and adaptability across different IoT environments. For the NF-ToN-IoT-v2 dataset with filter feature selection, our Bilayered Neural Network (2 × 10) achieved the highest accuracy of 99.84%. For the Edge-IIoTset dataset with filtered feature selection, the Trilayered Neural Network (3 × 10) achieved the best accuracy of 99.79%. We used ANOVA tests to address the sensitivity of neural network performance to initial conditions, confirming statistically significant improvements in detection accuracy. The ANOVA results validated the enhancements across different feature selection methods, demonstrating the consistency and reliability of our approach. Our method demonstrates outstanding accuracy and robustness, highlighting its potential as a reliable solution for enhancing IoT security in the era of 5G networks. [ABSTRACT FROM AUTHOR]

Published

2024