Your search keyword '"Cyberterrorism"' showing total 142,777 results

1. WE DID NOT CHOOSE THIS MOMENT. BUT IT FALLS TO US TO MEET IT.

Subjects

*BILATERAL trade, *NATIONAL security, *AUTHORITARIANISM, *CYBERTERRORISM, *ARMED Forces

Abstract

The article presents the discussion on speech by the British Prime Minister emphasizing the UK's commitment to national security amidst global threats posed by authoritarian states like Russia, Iran, North Korea, and China. Topics include UK's military efforts in various global theaters, concerns over cyber threats, and geopolitical tensions; and reassurances about the readiness and capabilities of the UK armed forces.

Published

2024

2. WHAT IS ZTNA? Nate Drake explores the concept of ZTNA and the obstacles businesses face with its adoption

Subjects

Computer software industry, Internet -- Safety and security measures, Cyberterrorism, Internet security, Science and technology

Abstract

IN 2010, John Kindervag of Forrester Research coined the term 'zero trust model' to describe the need for stricter cybersecurity policies, particularly within corporate networks. In the last five years, [...]

Published

2024

3. BEWARE! The Blue Screen of Death: The recent global IT outage sparked by an erroneous software update from cybersecurity company CrowdStrike has amplified calls for crisis planning and should prompt pro AV customers to take a fresh look at their crisis resilience, writes Ken Dunn

Author

Dunn, Ken

Subjects

Microsoft Corp., Crisis management, Computer software industry, Cyberterrorism, Science and technology

Abstract

There were a few moments on 19 July 2024 when things were looking decidedly dicey in terms of the global IT outlook. A faulty update distributed by cybersecurity company CrowdStrike [...]

Published

2024

4. THE SIX EVENTS OF THE ARMY CYBER FITNESS TEST

Author

Moore, Allison

Subjects

Cyberterrorism, Actors, Actresses, History, Military and naval science

Abstract

To combat hostile cyber actors, military leaders at all echelons must understand the attack vectors used by cyber threat actors. The best way to truly understand these vectors is to [...]

Published

2024

5. The War Lab.

Author

Kyiv, Vera Bergengruen |, Dickstein, Leslie, and Shah, Simmone

Subjects

WAR, CYBERTERRORISM, BUSINESSPEOPLE, SECURITY classification (Government documents)

Abstract

Tech companies like Palantir Technologies, Microsoft, Amazon, Google, and Starlink have partnered with the Ukrainian government to utilize military AI on Ukraine's battlefields. Palantir, in particular, has integrated itself into the daily operations of the Ukrainian government, offering data analytics software for purposes beyond battlefield intelligence, such as investigating war crimes and combating corruption. Other companies have also contributed to Ukraine's defense efforts, focusing on cybersecurity and the development of autonomous drones. This collaboration between tech companies and the Ukrainian armed forces is driving advancements in military AI and could have global implications for future warfare. Ukraine has transformed its tech sector into a significant player in its conflict with Russia, attracting investments from Silicon Valley and other foreign investors. The government has implemented various technologies to aid in the conflict, including software and tools provided by companies like Palantir and Clearview for military and civilian use, such as satellite mapping for tracking schools and clearing landmines. However, the use of invasive technology raises concerns about privacy and potential abuses. Despite skepticism from some US officials, Ukraine's tech sector continues to thrive and innovate amidst the ongoing conflict. [Extracted from the article]

Published

2024

6. INSURANCE HACKERS.

Author

KAUFLIN, JEFF

Subjects

INTERNET security, INSURANCE companies, EFFECT of technological innovations on financial institutions, CYBERTERRORISM, INSURANCE premiums

Abstract

The article discusses the efforts of financial technology firms Coalition and At-Bay to promote cybersecurity while transforming the cyber insurance market. Topics explored include the recorded increase in cyberattack incidents and demand for cyber insurance from 2019 to 2023, the cost and coverage of the cyber insurance policies being offered by Coalition, and the development of security software by At-Bay under the leadership of chief executive officer (CEO) Rotem Iram.

Published

2024

7. ПРОБЛЕМИ АКТІВ КІБЕРТЕРОРИЗМУ В УМОВАХ ВОЄННОГО СТАНУ

Author

А. О., Драгоненко and І. В., Федорчак

Subjects

BANKING industry, AIR travel, INTERNET access, ELECTRONIC records, RECORDS management, MARTIAL law

Abstract

Every modern socially active person in Ukraine uses mobile devices and has access to the Internet, state institutions have switched to electronic document management, the stable operation of the banking sector, railways, air transport and large companies depends on the stability of the cyberspace in which they work and rely on communication using electronic means. In the conditions of martial law, the activities of state authorities and local self-government bodies are reduced to assisting the governing bodies created in individual regions in the direct performance of national defense tasks. In the system of state authorities operating under martial law, internal affairs bodies occupy a special place due to the nature of the tasks they perform under these operational conditions. Effectiveness of internal affairs bodies is vital for the direct provision of internal security. It is for this purpose that it is necessary to clearly define the competence of internal affairs bodies. After all, only the presence of certain powers ensures compliance with legality in the performance of functions by services and divisions of internal affairs bodies. Of course, for the successful implementation of the tasks assigned to the Ministry of Internal Affairs under martial law, the duties and rights of the Ministry of Internal Affairs must correspond to the basic principle that new duties correspond to new rights. It is very important to include in the system of coercive measures the expansion of the powers of internal affairs bodies during the introduction of martial law. Internal security officers cannot go beyond the permitted methods and means of carrying out security operations. In our opinion, the scope of powers of the employee of internal affairs bodies in such cases should be expanded. The complexity of the powers of the Ministry of Internal Affairs is reflected in the internal management of various instit utions. The legislation of Ukraine on criminal responsibility, which was developed for the needs of peacetime, turned out to be insufficiently effective in the field of combating crime in the situation of armed aggression of the Russian Federation. Such a situation necessitated the urgent adaptation of the legislation of Ukraine to the conditions of martial law. [ABSTRACT FROM AUTHOR]

Published

2024

8. ЗАГРОЗИ ОБ'ЄКТАМ КРИТИЧНОЇ ІНФРАСТРУКТУРИ УКРАЇНИ В УМОВАХ ВОЄННОГО СТАНУ

Author

О. М., Герасименко

Subjects

INFRASTRUCTURE (Economics), MARTIAL law, LEGAL documents, NATIONAL security, SCIENTIFIC literature, CYBERTERRORISM

Abstract

The article is devoted to analyzing threats to Ukraine's critical infrastructure. The relevance of the study is driven by the dangerous dynamics of threat levels that affect national security and the socioeconomic stability of the state under martial law. A review of the scientific literature revealed that there is currently no unified approach to the classification and assessment of such threats. Therefore, the article aims to analyze existing classifications of threats to critical infrastructure and propose an original classification of their manifestations on critical infrastructure objects under martial law, considering both international and national experiences. During the research, several tasks were accomplished: the essence of the term «threat to critical infrastructure» was defined; an analysis of legal documents related to the protection of critical infrastructure was conducted; domestic and international experiences in threat classification were studied; principles underlying both domestic and foreign classifications were reviewed and their effectiveness was assessed; and an original classification of threats to critical infrastructure for Ukraine was developed. The results of the study revealed that there are various classifications of threats to critical infrastructure today. However, in our opinion, the most effective classification that meets modern challenges is one that considers all forms of their manifestations: physical assaults, cyberattacks, economic sabotage, terrorist actions, and assaults using climate weapons. This classification of threats to Ukraine's critical infrastructure is developed based on international and domestic experience and is of great importance for enhancing national security, as its value lies in the systematization of theoretical knowledge and a deep analysis of modern threats facing the state. The main scientific value of the proposed classification lies in its ability to integrate different aspects of threats into a single classification that takes into account both internal and external factors. This allows for a more accurate risk assessment and the implementation of appropriate measures to protect national critical infrastructur e objects. [ABSTRACT FROM AUTHOR]

Published

2024

9. ПРОБЛЕМА ЗАХИСТУ ПЕРСОНАЛЬНИХ ДАНИХ В КІБЕРПРОСТОРІ

Author

В. В., Аніщук

Subjects

DATA protection, DIGITAL technology, PERSONALLY identifiable information, CYBERSPACE, DATA security, CYBERTERRORISM

Abstract

In today's digital world, where the amount of information that is stored and processed in cyberspace is constantly growing, the issue of personal data protection is becoming more and more relevant. Personal data, such as financial information, medical records, and social media data, is a valuable resource that can be used for both legitimate and malicious purposes. Despite the continuous improvement of security technologies, the growing complexity of cyber threats and the evolution of cyber attack methods create new challenges for the protection of personal information. In this connection, there is a need to analyze the modern problems of personal data protection, in particular the legal, technical and ethical aspects of this issue. Ensuring the security of personal data remains an urgent problem today, because more and more people use it. On the Internet, they pass authorization on various resources, using their personal data for this purpose, and more and more different institutions create peculiar databases, not always taking care of their safety. The insufficient measure of ensuring the security of personal data in cyberspace leads to excessive activity of cyberattacks and the commission of various manipulations with personal data. The relevance of the topic of personal data protection in cyberspace is due to several important factors that have a significant impact on modern society, economy and security. The main aspects that emphasize the relevance of this issue: the growth of digitalization; cyber threats; legal requirements; social responsibility and trust; economic consequences; technological challenges; international relations and geopolitics. Thus, the relevance of the topic of personal data protection in cyberspace is due to the complexity and global nature of this issue, as well as its importance for preserving privacy, security and trust in the digital world. This article is aimed at researching key challenges in the field of personal data protection in cyberspace, as well as providing recommendations for increasing the level of security and minimizing the risks of information leakage. [ABSTRACT FROM AUTHOR]

Published

2024

10. КІБЕРБЕЗПЕКА В УМОВАХ СУЧАСНИХ ЗАГРОЗ: ІЗРАЇЛЬСЬКИЙ ДОСВІД І ЙОГО ЗАСТОСУВАННЯ В УКРАЇНІ

Author

В., Дзеньків

Subjects

TECHNOLOGICAL innovations, CAREER development, INFORMATION technology, INFRASTRUCTURE (Economics), INTERAGENCY coordination, CYBERTERRORISM

Abstract

This article comprehensively analyzes Israel's experience in the legal regulation of cybersecurity and explores its potential adaptation for Ukraine. Israel is a leading cybersecurity nation due to its integrated approach to cyber protection. The paper examines key legislative acts and organizational measures implemented in Israel, such as establishing specialized cyber units like TEHILA and the Israel National Cyber Directorate (INCD), and coordination centers that facilitate cohesive efforts between governmental and private organizations. The article highlights the significance of incorporating cybersecurity mechanisms into Israel's national defense strategy and the active involvement of the private sector, including numerous tech companies and startups, in safeguarding information infrastructure. The crucial role of international cooperation, particularly with the EU and the USA, in developing an effective cyber strategy is also discussed, emphasizing its relevance for Ukraine amidst the ongoing conflict with Russia. Additionally, the article delves into the continuous improvement of cybersecurity technologies and the professional development of specialists in this field. It highlights the importance of a holistic approach encompassing technological advancements and strategic planning. The paper also emphasizes the need for interagency coordination and the collaboration with international partners to elevate the overall cybersecurity posture. Key aspects of adapting Israeli approaches to Ukrainian realities are outlined, including the necessity of establishing specialized bodies, developing a national cybersecurity strategy, and engaging the private sector in cybersecurity efforts. By integrating Israel's best practices, Ukraine can significantly bolster its cyber defense capabilities, enhancing its ability to respond to cyber threats more effectively and protecting its critical infrastructures. Furthermore, the study addresses legal regulation issues, including both the regulatory framework and practical aspects of implementing cybersecurity measures at national and local levels. Continuous monitoring and evaluation of the effectiveness of these measures are essential to identify and ne utralize potential threats timely. [ABSTRACT FROM AUTHOR]

Published

2024

11. ПЕРСПЕКТИВИ І ВИКЛИКИ ДЛЯ ПАРЛАМЕНТАРИЗМУ В УМОВАХ РОЗВИТКУ ЦИФРОВОГО КОНСТИТУЦІОНАЛІЗМУ.

Author

Є. Г., Заєць

Subjects

PARLIAMENTARY practice, DIGITAL technology, POLITICAL participation, DIGITAL literacy, CYBERTERRORISM, ELECTRONIC voting

Abstract

The purpose of the article is to carry out a multi-faceted analysis of the dynamics of the development of parliamentarism and digital constitutionalism, to identify possible challenges and threats, as well as prospects for parliaments and parliamentary activity in the conditions of the spread of modern digital (electronic) technologies. Approaches to understanding and defining the phenomena of «parliamentarism», «constitutionalism», «digital constitutionalism», some of their modifications and features are highlighted, their multifaceted nature, transformation in the conditions of modern progressive digital development, electronic democracy is emphasized. Crisis and conflict events have largely become challenges for parliaments and parliamentary activity, as well as digitalization and digitization processes and tools. It is important that parliamentary institutions of various levels (national, supranational, inter-parliamentary associations, their auxiliary bodies and services) contribute to the development and regulation of these processes, using advanced and effective digital technologies tested in practice. The «Digital Compass» for the EU Digital Decade (2030), the concept of digital sovereignty, the adopted charters of digital rights (Catalan, Nice), the Law on Digital Markets, the Law on Digital Services, the Law on Artificial Intelligence, the Declaration on European Digital Rights and Principles should be singled out. (2022), «World e-Parliament Report» of the IPU, the concept of e-democracy of the European Parliament, the resolution on e-democracy of the PACE, recommendations on open government and electronic participation of citizens OECD. Thanks to this, new forms and tools for the implementation of existing human rights are introduced, as well as new digital rights are constituted (to access the Internet, to identity in the digital environment, to protection in the digital environment, non-discrimination, etc.). In the same way, the forms and methods of activity of parliaments are being modernized (expansion of platforms for online broadcasts of plenary and committee meetings, electronic (remote) voting, improvement of interactive websites with access to draft laws and other documents, and systems of electronic petitions and consultations with voters, electronic participation of citizens and public organizations in the legislative process). However, the development of digital parliamentarism and digital democracy is accompanied by numerous challenges (digital inequality, low digital literacy of members of parliaments and parliamentary services, cyber threats, material and financial costs etc.). This requires a thorough study of the issues raised, improvement of digital culture, improvement of parliamentary and non-parliamentary procedures, along with further development of technological infrastructure, cyber security protection of the components of digital parliamentarism. [ABSTRACT FROM AUTHOR]

Published

2024

12. Fusion of machine learning and blockchain-based privacy-preserving approach for healthcare data in the Internet of Things.

Author

Bezanjani, Behnam Rezaei, Ghafouri, Seyyed Hamid, and Gholamrezaei, Reza

Subjects

*METAHEURISTIC algorithms, *PATTERN recognition systems, *FEATURE selection, *TECHNOLOGICAL innovations, *CYBERTERRORISM

Abstract

In recent years, the rapid integration of Internet of Things (IoT) devices into the healthcare sector has brought about revolutionary advancements in patient care and data management. While these technological innovations hold immense promise, they concurrently raise critical security concerns, particularly in safeguarding medical data against potential cyber threats. The sensitive nature of health-related information requires robust measures to ensure patient data's confidentiality, integrity, and availability within IoT-enabled medical environments. Addressing the imperative need for enhanced security in IoT-based healthcare systems, we propose a comprehensive method encompassing three distinct phases. In the first phase, we implement blockchain-enabled request and transaction encryption to fortify the security of data transactions, providing an immutable and transparent framework. Subsequently, in the second phase, we introduce request pattern recognition check, leveraging diverse data sources to identify and thwart potential unauthorized access attempts. Finally, the third phase incorporates feature selection and the BiLSTM network to enhance the accuracy and efficiency of intrusion detection through advanced machine-learning techniques. We compared the simulation results of the proposed method with three recent related methods, namely AIBPSF-IoMT, OMLIDS-PBIoT, and AIMMFIDS. The evaluation criteria encompass detection rates, false alarm rates, precision, recall, and accuracy, crucial benchmarks in assessing the overall performance of intrusion detection systems. Notably, our findings reveal that the proposed method outperforms these existing methods across all evaluated criteria, underscoring its superiority in enhancing the security posture of IoT-based healthcare systems. [ABSTRACT FROM AUTHOR]

Published

2024

13. ПРАВОВЕ РЕГУЛЮВАННЯ ЗАХИСТУ НАСЕЛЕННЯ ПРИ РАДІАЦІЙНИХ НАДЗВИЧАЙНИХ СИТУАЦІЯХ НА АТОМНИХ СТАНЦІЯХ В УМОВАХ ВОЄННОГО СТАНУ.

Author

А. О., Матвійчук

Subjects

RADIATION protection, SCIENTIFIC knowledge, INFRASTRUCTURE (Economics), LEGAL norms, TERRORISM, MARTIAL law, CYBERTERRORISM

Abstract

Peculiarities of legal regulation of population protection during radiation emergency situations at nuclear power plants under martial law conditions have been studied. The decisive link is the prevention of emergency situations at NPPs, the provision of deep-echeloned five-level protection of NPPs in accordance with NP 3062.141-2008 “General provisions for the safety of nuclear plants”. In wartime conditions, additional threats to the NPP as a critical infrastructure facility should be taken into account, including cyber terrorism, cyberespionage, threats of terrorist acts, threats of missile attacks, information threats, as well as the threat of loss of power supply for the NPP’s own needs. The need to create a regulatory body in Ukraine for the implementation of state policy on nuclear and radiation safety issues, as a state collegial body of executive power with a special status, through the adoption of the relevant Law, with the determination of the features of the state regulation of nuclear and radiation safety during the period of martial law, in particular to determine by law, is substantiated conditions for introducing maximum autonomy in NPP management, maximum simplification and minimal intervention in NPP operation while preserving all actions related to ensuring nuclear and radiation safety; proper organization of interaction with the public. According to the results of the study, taking into account the experience of the EU, it is proposed to introduce a system of independent advisory and advisory bodies based on the National Commission for Radiation Protection of the Population of Ukraine (NKRZU), which was formed in accordance with the Declaration on the State Sovereignty of Ukraine of July 16, 1990, as a permanently active higher independent collegial scientific and expert advisory body on anti-radiation protection and radiation safety of the population of Ukraine, with the aim of identifying problematic issues and providing recommendations on the specifics of developing plans for the protection of personnel and the population in the event of radiation accidents at nuclear plants. The research uses the general dialectical method, the method of scientific knowledge, the method of interpreting legal norms, the formal legal method, the comparative legal method, and the method of systemic analysis. [ABSTRACT FROM AUTHOR]

Published

2024

14. The evolution of EU–US cybersecurity law and policy: on drivers of convergence.

Author

Fahey, Elaine

Subjects

*DIGITAL technology, *INTERNET security, *INTERNAL marketing, *INTERNATIONAL cooperation, *FEDERAL laws, *CYBERTERRORISM

Abstract

The digitalisation of the economy increases the vulnerability of both economies in the EU and the US, as does its transborder dimension. Cyber policy has evolved over time on both sides of the Atlantic. The EU began initially to emphasise cybercrime regulation but its focus upon cybersecurity now dominates, similar to the US. The internal market has evolved as a rationale for regulation in the EU and to similar effect a market-led approach dominates in the US. While in the EU a comprehensive cybersecurity law has been adopted, the US lacks a uniform federal cybersecurity law. Despite many domestic divergences, there is considerable similarity between the US and the EU. Substantively, these divergences have not inhibited convergence. Geopolitical considerations as to cyber have accelerated an ongoing process, driven by the transborder nature of cyber security and the global leadership of the EU and the US. [ABSTRACT FROM AUTHOR]

Published

2024

15. A machine learning-based ensemble model for securing the IoT network.

Author

Singh, Rohit, Sharma, Krishna Pal, and Awasthi, Lalit Kumar

Subjects

*COMPUTER network traffic, *CYBERTERRORISM, *SOFTWARE-defined networking, *DENIAL of service attacks, *PROCESS capability

Abstract

The rapidly growing number of Internet of Things (IoT) devices has led to a rise in data transfers, which has raised security concerns. Due to the devices' limited processing capabilities and vulnerability to many cyber attacks, securing IoT communications is challenging. Security threats, especially Distributed Denial of Service (DDoS) attacks, take a toll on the network in the form of increased communication overhead. Hence, a centralized unit is required to detect DDoS attacks in IoT networks at the earliest. Software-Defined Networking (SDN) promises a potential solution for better network traffic management and data flow. This paper presents a machine learning-based ensemble model for the detection of DDoS attacks in IoT networks using SDN. The proposed model employs a multi-step approach utilizing various Machine Learning (ML) algorithms. The proposed Ensemble Model (EM) combines Logistic Regression (LR), k-Nearest Neighbors (KNN), Gradient Boosting (GB), Extra-tree (ET), AdaBoost, and XGBoost, with XGBoost as the final estimator classifier. Various metrics, including sensitivity, specificity, precision, accuracy, and others, derived from the confusion matrix, evaluate the proposed model's performance. The EM demonstrates superior performance during comparative analysis with state-of-the-art schemes, with a classification accuracy of 99.8%. Furthermore, the paper evaluates the model based on Receiver Operator Characteristic (ROC) curves, showing its superiority in True Positive Rates (TPR) compared to False Positive Rates (FPR). The AUC analysis supports the EM's effectiveness. Cross-validation results further validate the model's robustness, with a mean accuracy of 97.92%. [ABSTRACT FROM AUTHOR]

Published

2024

16. A network intrusion detection system based on deep learning in the IoT.

Author

Wang, Xiao, Dai, Lie, and Yang, Guang

Subjects

*COMPUTER network traffic, *GENERATIVE adversarial networks, *DEEP learning, *CYBERTERRORISM, *COMPUTER network security, *INTRUSION detection systems (Computer security)

Abstract

As industrial and everyday devices become increasingly interconnected, the data volume within the Internet of Things (IoT) has experienced a substantial surge. This surge in data presents a heightened risk of IoT environments being vulnerable to cyber attacks, which poses a significant threat to the seamless functioning of both industrial and daily activities. Therefore, the implementation of Network Intrusion Detection System (IDS) is vital for safeguarding the security of IoT network environments. This paper introduces a network intrusion detection model based on deep learning (DL). The model aims to enhance detection accuracy by extracting features from both the spatial and temporal dimensions of network traffic data. To tackle the challenge of low detection accuracy arising from data imbalance, in this study, a Conditional Tabular Generative Adversarial Network (CTGAN) is utilized to generate synthetic data for the minority class. The objective is to enhance the volume of minority class samples, address data imbalance, and subsequently enhance the accuracy of network intrusion detection. The classification performance of the proposed model is validated on UNSW-NB15, CIC-IDS2018, and CIC-IOT2023 datasets. The experimental findings demonstrate that the suggested model attains elevated levels of classification accuracy across all three datasets. The model presented in this article is particularly well suited to handle multi-class intrusion detection tasks. The model demonstrates superior performance compared to other models used for comparison. [ABSTRACT FROM AUTHOR]

Published

2024

17. A lightweight and secure authentication protocol for visually impaired and handicapped people in the telehealth system.

Author

Algarni, Fahad

Subjects

DIGITAL technology, WEARABLE technology, PEOPLE with visual disabilities, DATA privacy, CYBERTERRORISM

Abstract

Sensors and wearable technology are used to accumulate health-related data from the visually impaired (VI) and other special persons. This health-related data is disseminated via an open network channel, which poses numerous threats and requires rigorous attention for its protection. An appropriate security framework must be implemented on both the sender and the recipient sides to ensure the privacy and security of sensitive medical information for VI and disabled persons. The telehealth system will then benefit the VI and disabled people by improving their quality of life, telemonitoring, saving time and money, providing online support, and increasing the degree of trust and reliance on the system and the treatment of doctors. These practical benefits are not just theoretical but potentially life-changing for the VI and disabled community. Strong and flawless mutual authentication is necessary for the telehealth system to secure and preserve the privacy of VI and disabled people. Therefore, this article proposes a privacy-preserving asymmetric-based, lightweight, and robust security framework for the telehealth system operationalized for VI and disabled people. The proposed security framework alleviates all threats to sensitive information and preserves the privacy and security of the whole telehealth system. The security of the proposed framework has been verified through a well-known Real-Or-Random (RoR) model and simulated through a ProVerif software verification toolkit, while the performance analysis has been tackled by measuring computation, storage, and communication costs. The comparative analysis result revealed that the proposed framework outperforms its competitors, further reinforcing the hope about its potential impact. [Display omitted] • To design a fast and secure protocol for securely authenticating visually impaired (VI) and disabled people of the telehealth system in the digital world. • To present a secure mechanism that not only protects the privacy of VI and disabled people when transmitting personal sensitive information remotely but also opens up new possibilities for their participation in telehealth. • To confirm the security of the proposed authentication protocol formally through the Real-Or-Random (RoR) model and ProVerif and informally through discussions of known attacks. • To conduct a comprehensive performance analysis of the proposed protocol, considering storage, communication and computation costs in providing a robust and reliable solution. • To comparatively analyze the proposed security mechanism with state-of-the-art mechanisms by scrutinizing its efficacy and robustness based on a set of predefined criteria. This will provide a clear understanding of how our protocol stands against existing solutions. [ABSTRACT FROM AUTHOR]

Published

2024

18. Class imbalanced data handling with cyberattack classification using Hybrid Salp Swarm Algorithm with deep learning approach.

Author

Alabduallah, Bayan, Maray, Mohammed, Alruwais, Nuha, Alabdan, Rana, Darem, Abdulbasit A., Alallah, Fouad Shoie, Alsini, Raed, and Yafoz, Ayman

Subjects

COMPUTER network traffic, MACHINE learning, FEATURE selection, DATABASES, CYBERTERRORISM

Abstract

Cyberattack classification involves applying deep learning (DL) and machine learning (ML) models to categorize digital threats based on their features and behaviors. These models examine system logs, network traffic, or other associated data patterns to discriminate between standard activities and malicious actions. Efficient cyberattack classification is vital for on-time threat detection and response, permitting cybersecurity specialists to categorize and reduce potential risks to a system. Handling class-imbalanced data in cyberattack classification using DL is critical for achieving exact and robust models. In cybersecurity databases, instances of normal behavior frequently significantly outnumber instances of cyberattacks, foremost due to biased methods that may complete poorly on minority classes. To address this issue approaches such as oversampling the lesser class, undersampling the popular class, or using more advanced systems can be used. These plans defend that the DL technique is more complex when determining cyberattacks, so it increases complete performance and adapts the effect of the imbalance class on the classification results. This study presents a novel Hybrid Salp Swarm Algorithm with a DL Approach for Cyberattack Classification (HSSADL-CAC) technique. The HSSADL-CAC method intends to resolve class imbalance data handling with an optimum DL model for the recognition of cyberattacks. At first, the HSSADL-CAC method experiences data normalization as a pre-processing stage. The HSSADL-CAC technique uses the ADASYN approach to handle class imbalance problems. In addition, the HSSADL-CAC technique applies an HSSA-based feature selection approach. The HSSADL-CAC technique detects cyberattacks using a deep extreme learning machine (DELM) model. Finally, the hyperparameter tuning of the ELM model takes place by utilizing the beluga whale optimization (BWO) model. The performance analysis of the HSSADL-CAC technique employs a benchmark database. The comprehensive comparison research indicates the superior performance of the HSSADL-CAC technique in the cyberattack detection procedure. [ABSTRACT FROM AUTHOR]

Published

2024

19. Organisational cyber resilience: a heuristic for bridging foundations and applications.

Author

Sallos, Mark-Paul, Garcia Perez, Alexeis, and Bocanet, Anca

Subjects

COMMUNICATION infrastructure, CYBERTERRORISM, GREY literature, THEMATIC analysis, MODERN society

Abstract

Purpose: The drive for digitalisation has increased the scope of cyber threats which can exploit the growing footprint of information and communication technology infrastructure supporting modern societies. Despite substantial interest and efforts in researching and building organisational cyber resilience, the resulting body of work is heterogeneous and has yet to reach maturity. This paper aims to address the gap in the conceptualisation of cyber resilience in academic and practice-oriented grey literature. Design/methodology/approach: In this conceptual paper, we firstly seek to explore the available foundations of resilience as a construct and consider how these can be applied to organisational cybersecurity. To that aim, this study employs a targeted literature review approach, incorporating systematic elements to ensure rigour. Literature was identified through comprehensive searches in key academic databases, reference chaining and expert recommendations. Articles were selected based on relevance and contribution to the field, resulting in a thematic analysis to identify gaps and propose a heuristic model for cyber resilience. With this approach, we aim to position the emerging view of cyber resilience relative to risk analysis, while highlighting its domain of "conceptual comparative advantage" – the types of applications it is best suited to address. Finally, a high-level heuristic model for cyber resilience is proposed, which functions across the relevant policy, strategy and operational dimensions while also considering its relationship with cyber risk management. Findings: A conceptual model for organisational cyber resilience is proposed which helps position and frame research contributions in this domain relative to risk analysis, highlighting its domain of comparative advantage. The model integrates policy, strategy and operational dimensions, in a manner conducive to bridging foundations and applications of the concept of cyber risk management. The proposed model provides a critical point of reference to evaluate individual models, frameworks and tools. Originality/value: This paper is a pioneering effort to overcome the current gaps between conceptual and practical views of cyber resilience. It proposes a new, risk-aligned view of the concept of cyber resilience and provides a structural foundation for further research and practice in the field. [ABSTRACT FROM AUTHOR]

Published

2024

20. IWTW: A Framework for IoWT Cyber Threat Analysis.

Author

Jeon, GyuHyun, Jin, Hojun, Lee, Ju Hyeon, Jeon, Seungho, and Seo, Jung Taek

Subjects

CYBERTERRORISM, COMPUTER performance, INTERNET of things, WEARABLE technology, ACCESS to information

Abstract

The Internet of Wearable Things (IoWT) or Wearable Internet of Things (WIoT) is a new paradigm that combines IoT and wearable technology. Advances in IoT technology have enabled the miniaturization of sensors embedded in wearable devices and the ability to communicate data and access real-time information over low-power mobile networks. IoWT devices are highly interdependent with mobile devices. However, due to their limited processing power and bandwidth, IoWT devices are vulnerable to cyberattacks due to their low level of security. Threat modeling and frameworks for analyzing cyber threats against existing IoT or low-power protocols have been actively researched. The threat analysis framework used in existing studies was limited to specific protocols and did not target IoWT devices. In addition, In the literature surveyed to date, no cyber threat analysis framework is targeting IoWT. Therefore, the threat model presented in the existing research on cyber threat analysis and modeling for IoWT is specialized for specific devices. In addition, because it does not present standardized attack tactics and techniques, there is a limitation in that it is difficult to identify attacks quickly. In this paper, we propose an Internet of Wearable Things threat analysis frameWork (IWTW) framework that can derive security threats through systematic analysis of IoWT attack cases and possible security threats and perform cyber threat analysis based on them. The methodology for developing the IWTW framework consists of three steps: Analysis, Standardization, and Compilation. IoWT attack cases and potential security threats are analyzed in the analysis stage. In the standardization stage, attack tactics and techniques derived from the analysis of attack cases and potential security threats are standardized, resulting in 3 attack categories, 18 attack tactics, and 68 attack techniques. In the compilation stage, standardized security threats are combined to develop the IWTW framework ultimately. We present four case studies targeting MiBand 2, Fitbit Charge HR/Surge, Samsung Gear 3, Xiaomi Amazifit, Honor Band 5, Honor Watch ES, and Senbono CF-58 devices to validate the proposed IWTW framework. We analyzed the attack process through a case study and applied the IWTW framework to derive standardized attack categories, tactics, and techniques effectively. By applying the IWTW framework to cyber threat analysis targeting IoWT, security threats can be standardized, and the attack process can be quickly derived, enabling effective attack analysis on IoWT. [ABSTRACT FROM AUTHOR]

Published

2024

21. The Machine Learning Ensemble for Analyzing Internet of Things Networks: Botnet Detection and Device Identification.

Author

Han, Seung-Ju, Yoon, Seong-Su, and Euom, Ieck-Chae

Subjects

INTERNET of things, MACHINE learning, CYBERTERRORISM, AUTOMATION, BOTNETS

Abstract

The rapid proliferation of Internet of Things (IoT) technology has facilitated automation across various sectors. Nevertheless, this advancement has also resulted in a notable surge in cyberattacks, notably botnets. As a result, research on network analysis has become vital. Machine learning-based techniques for network analysis provide a more extensive and adaptable approach in comparison to traditional rule-based methods. In this paper, we propose a framework for analyzing communications between IoT devices using supervised learning and ensemble techniques and present experimental results that validate the efficacy of the proposed framework. The results indicate that using the proposed ensemble techniques improves accuracy by up to 1.7% compared to single-algorithm approaches. These results also suggest that the proposed framework can flexibly adapt to general IoT network analysis scenarios. Unlike existing frameworks, which only exhibit high performance in specific situations, the proposed framework can serve as a fundamental approach for addressing a wide range of issues. [ABSTRACT FROM AUTHOR]

Published

2024

22. Encrypted Cyberattack Detection System over Encrypted IoT Traffic Based on Statistical Intelligence.

Author

Ji, Il Hwan, Lee, Ju Hyeon, Jeon, Seungho, and Seo, Jung Taek

Subjects

COMPUTER network traffic, CYBERTERRORISM, TRAFFIC monitoring, INFORMATION networks, INTERNET of things

Abstract

In the early days of IoT's introduction, it was challenging to introduce encryption communication due to the lack of performance of each component, such as computing resources like CPUs and batteries, to encrypt and decrypt data. Because IoT is applied and utilized in many important fields, a cyberattack on IoT can result in astronomical financial and human casualties. For this reason, the application of encrypted communication to IoT has been required, and the application of encrypted communication to IoT has become possible due to improvements in the computing performance of IoT devices and the development of lightweight cryptography. The application of encrypted communication in IoT has made it possible to use encrypted communication channels to launch cyberattacks. The approach of extracting evidence of an attack based on the primary information of a network packet is no longer valid because critical information, such as the payload in a network packet, is encrypted by encrypted communication. For this reason, technology that can detect cyberattacks over encrypted network traffic occurring in IoT environments is required. Therefore, this research proposes an encrypted cyberattack detection system for the IoT (ECDS-IoT) that derives valid features for cyberattack detection from the cryptographic network traffic generated in the IoT environment and performs cyberattack detection based on the derived features. ECDS-IoT identifies identifiable information from encrypted traffic collected in IoT environments and extracts statistics-based features through statistical analysis of identifiable information. ECDS-IoT understands information about normal data by learning only statistical features extracted from normal data. ECDS-IoT detects cyberattacks based only on the normal data information it has trained. To evaluate the cyberattack detection performance of the proposed ECDS-IoT in this research, ECDS-IoT used CICIoT2023, a dataset containing encrypted traffic generated by normal and seven categories of cyberattacks in the IoT environment and experimented with cyberattack detection on encrypted traffic using Autoencoder, RNN, GRU, LSTM, BiLSTM, and AE-LSTM algorithms. As a result of evaluating the performance of cyberattack detection for encrypted traffic, ECDS-IoT achieved high performance such as accuracy 0.99739, precision 0.99154, recall 1.0, F1 score 0.99575, and ROC_AUC 0.99822 when using the AE-LSTM algorithm. As shown by the cyberattack detection results of ECDS-IoT, it is possible to detect most cyberattacks through encrypted traffic. By applying ECDS-IoT to IoT, it can effectively detect cyberattacks concealed in encrypted traffic, promoting the efficient operation of IoT and preventing financial and human damage caused by cyberattacks. [ABSTRACT FROM AUTHOR]

Published

2024

23. Optimal Cyber Attack Strategy Using Reinforcement Learning Based on Common Vulnerability Scoring System.

Author

Kim, Bum-Sok, Suk, Hye-Won, Choi, Yong-Hoon, Moon, Dae-Sung, and Kim, Min-Suk

Subjects

REINFORCEMENT learning, CYBERTERRORISM, ARTIFICIAL intelligence, DATA security failures, SECURITY systems

Abstract

Currently, cybersecurity threats such as data breaches and phishing have been on the rise due to the many different attack strategies of cyber attackers, significantly increasing risks to individuals and organizations. Traditional security technologies such as intrusion detection have been developed to respond to these cyber threats. Recently, advanced integrated cybersecurity that incorporates Artificial Intelligence has been the focus. In this paper, we propose a response strategy using a reinforcement-learning-based cyber-attack-defense simulation tool to address continuously evolving cyber threats. Additionally, we have implemented an effective reinforcement-learning-based cyber-attack scenario using Cyber Battle Simulation, which is a cyber-attack-defense simulator. This scenario involves important security components such as node value, cost, firewalls, and services. Furthermore, we applied a new vulnerability assessment method based on the Common Vulnerability Scoring System. This approach can design an optimal attack strategy by considering the importance of attack goals, which helps in developing more effective response strategies. These attack strategies are evaluated by comparing their performance using a variety of Reinforcement Learning methods. The experimental results show that RL models demonstrate improved learning performance with the proposed attack strategy compared to the original strategies. In particular, the success rate of the Advantage Actor-Critic-based attack strategy improved by 5.04 percentage points, reaching 10.17%, which represents an impressive 98.24% increase over the original scenario. Consequently, the proposed method can enhance security and risk management capabilities in cyber environments, improving the efficiency of security management and significantly contributing to the development of security systems. [ABSTRACT FROM AUTHOR]

Published

2024

24. Strengthening network DDOS attack detection in heterogeneous IoT environment with federated XAI learning approach.

Author

Almadhor, Ahmad, Altalbe, Ali, Bouazzi, Imen, Hejaili, Abdullah Al, and Kryvinska, Natalia

Subjects

*ARTIFICIAL neural networks, *FEDERATED learning, *CYBERTERRORISM, *DENIAL of service attacks, *ARTIFICIAL intelligence

Abstract

Due to the rising use of the Internet of Things (IoT), the connectivity of networks increases the risk of Distributed Denial of Service (DDoS) attacks. Decentralized systems commonly used in centralized security systems fail to adequately prevent potential cyber threats in IoT because of the issues of privacy and scaling. The method proposed in this study seeks to remedy these facts by employing Explainable Artificial Intelligence (XAI) together with Federated Deep Neural Networks (FDNNs) to detect and prevent DDoS attacks. Our approach is thus to use federated learning models that are to be trained on distributed and dissimilar sources of data without compromising on the privacy aspect. FDNNs were trained over three rounds with information from three client gadgets incorporating pre-processed datasets of various types of DDoS attacks. Additionally, for feature selection, we integrated XGBoost with SHapley Additive exPlanations (SHAP) to improve model interpretability. The proposed solution can be considered to be quite robust, privacy-preserving, and highly scalable for the detection of DDoS attacks on the IoT network. The results shown on the server side indicate that this approach accurately detects 99.78% of DDoS attacks with a precision rate as high as 99.80%, recall rate (detection rate) going up to 99.74% and F1 score reaching 99.76%. They emphasize that FL-based IDSs are strong enough to cope with cybersecurity challenges in IoT, thus offering hope for securing modern network infrastructures against ever-growing cyber threats. [ABSTRACT FROM AUTHOR]

Published

2024

25. Event‐Triggered Secure Control of Positive Networked Control Systems Under Multi‐Channels Attacks.

Author

Qiu, Hongling, Shen, Jun, Xing, Wei, and Wang, Ruiying

Subjects

*BINOMIAL distribution, *DENIAL of service attacks, *POSITIVE systems, *CYBERTERRORISM, *LINEAR programming

Abstract

ABSTRACT This paper focuses on the secure control of positive networked control systems under multi‐channel attacks characterized by a Bernoulli distribution. Specifically, the sensor‐to‐controller channel suffers from false data injection (FDI) attacks, whereas the controller‐to‐actuator channel suffers from denial of service (DoS) attacks. The objective is to design a static output feedback controller that guarantees the positivity and stochastic stability of the closed‐loop system in the presence of DoS and FDI attacks. To conserve communication resources, we employ an event‐triggered scheme to reduce the frequency of information transmission. Due to the positivity of the system, the proposed event‐triggering mechanism employs the 1‐norm form instead of the 2‐norm form, which allows that the controller parameter is determined via linear programming rather than LMI technique. Finally, two simulation examples are provided to verify the effectiveness of our methods. [ABSTRACT FROM AUTHOR]

Published

2024

26. Machine learning approaches to intrusion detection in unmanned aerial vehicles (UAVs).

Author

AL-Syouf, Raghad A., Bani-Hani, Raed M., and AL-Jarrah, Omar Y.

Subjects

*DRONE aircraft, *FEATURE selection, *EVIDENCE gaps, *MACHINE learning, *CYBERTERRORISM

Abstract

Unmanned Aerial Vehicles (UAVs) have been gaining popularity in various commercial, civilian, and military applications due to their efficiency and cost-effectiveness. However, the increasing demand for UAVs makes them vulnerable to various cyberattacks/intrusions that could have devastating consequences at an individual, organizational, and national level. To mitigate this, prompt detection of such threats is crucial in order to prevent potential damage and ensure safe and secure operations. In this work, we provide an overview of UAV systems' architecture, security, and privacy requirements. We then analyze potential threats to UAVs, providing an evaluation of countermeasures for UAV-based attacks. We also present a comprehensive and timely exploration of state-of-the-art UAV Intrusion Detection Systems (IDSs), specifically focusing on Machine Learning (ML)-based approaches. We look at the increasing importance of using ML for detecting intrusions in UAVs, which have gained significant attention from both academia and industry. This study also takes a step forward by pointing out and classifying contemporary IDSs based on their detection methods, feature selection techniques, evaluation datasets, and performance metrics. By evaluating existing research, we aim to provide more insight into the issues and limitations of current UAV IDSs. Additionally, we identify research gaps and challenges while suggesting potential future research directions in this domain. [ABSTRACT FROM AUTHOR]

Published

2024

27. A novel adaptive event‐triggered security consensus control mechanism for leader‐following multi‐agent systems under hybrid random cyber attacks.

Author

Xiong, Lianglin, Chen, Kangyue, Cao, Jinde, and Zhang, Yi

Subjects

*CYBERTERRORISM, *TUNNEL diodes, *ADAPTIVE control systems, *MASS media, *SIGNAL sampling

Abstract

Aiming at the security consensus control problem of leader‐following multi‐agent systems (MASs) under hybrid random cyber attack, this article proposes a novel sampled information related adaptive event‐triggered control mechanism (SIRAETCM). While ensuring the safety performance of the MASs, the mechanism adaptively and dynamically adjusts the trigger threshold of every agent to achieve discontinuous communication by using only the current and latest sampled signals. According to the MASs communication mode and Bernoulli attack model, a security consensus control protocol is constructed, and a bilateral sampled‐interval Lyapunov functional (BSILF) method is introduced to obtain more sampling interval information and establish sufficient conditions for the leader‐following state error system to stabilize asymptotically under hybrid random cyber attacks. Meanwhile, under a large sampling interval, the controller gain and adaptive event‐triggered parameters are designed and obtained. The simulation of the tunnel diode circuit system shows that the SIRAETCM can reduce the number of communications between agents to improve bandwidth utilization, and the adopted safety cooperative control protocol can improve the safety and effectiveness of the MASs. [ABSTRACT FROM AUTHOR]

Published

2024

28. Attention-Enhanced Defensive Distillation Network for Channel Estimation in V2X mm-Wave Secure Communication.

Author

Qi, Xingyu, Liu, Yuanjian, and Ye, Yingchun

Subjects

*CONVOLUTIONAL neural networks, *CYBERTERRORISM, *DEEP learning, *DISTILLATION, *SECURITY systems

Abstract

Millimeter-wave (mm-wave) technology, crucial for future networks and vehicle-to-everything (V2X) communication in intelligent transportation, offers high data rates and bandwidth but is vulnerable to adversarial attacks, like interference and eavesdropping. It is crucial to protect V2X mm-wave communication from cybersecurity attacks, as traditional security measures often fail to counter sophisticated threats and complex attacks. To tackle these difficulties, the current study introduces an attention-enhanced defensive distillation network (AEDDN) to improve robustness and accuracy in V2X mm-wave communication under adversarial attacks. The AEDDN model combines the transformer algorithm with defensive distillation, leveraging the transformer's attention mechanism to focus on critical channel features and adapt to complex conditions. This helps mitigate adversarial examples by filtering misleading data. Defensive distillation further strengthens the model by smoothing decision boundaries, making it less sensitive to small perturbations. To evaluate and validate the AEDDN model, this study uses a publicly available dataset called 6g-channel-estimation and a proprietary dataset named MMMC, comparing the simulation results with the convolutional neural network (CNN) model. The findings from the experiments indicate that the AEDDN, especially in the complex V2X mm-wave environment, demonstrates enhanced performance. [ABSTRACT FROM AUTHOR]

Published

2024

29. The Intersection of Machine Learning and Wireless Sensor Network Security for Cyber-Attack Detection: A Detailed Analysis.

Author

Delwar, Tahesin Samira, Aras, Unal, Mukhopadhyay, Sayak, Kumar, Akshay, Kshirsagar, Ujwala, Lee, Yangwon, Singh, Mangal, and Ryu, Jee-Youl

Subjects

*WIRELESS sensor network security, *WIRELESS sensor networks, *SENSOR placement, *QUALITY of service, *CYBERTERRORISM

Abstract

This study provides a thorough examination of the important intersection of Wireless Sensor Networks (WSNs) with machine learning (ML) for improving security. WSNs play critical roles in a wide range of applications, but their inherent constraints create unique security challenges. To address these problems, numerous ML algorithms have been used to improve WSN security, with a special emphasis on their advantages and disadvantages. Notable difficulties include localisation, coverage, anomaly detection, congestion control, and Quality of Service (QoS), emphasising the need for innovation. This study provides insights into the beneficial potential of ML in bolstering WSN security through a comprehensive review of existing experiments. This study emphasises the need to use ML's potential while expertly resolving subtle nuances to preserve the integrity and dependability of WSNs in the increasingly interconnected environment. [ABSTRACT FROM AUTHOR]

Published

2024

30. Focal Causal Temporal Convolutional Neural Networks: Advancing IIoT Security with Efficient Detection of Rare Cyber-Attacks.

Author

Miryahyaei, Meysam, Fartash, Mehdi, and Akbari Torkestani, Javad

Subjects

*CONVOLUTIONAL neural networks, *DEEP learning, *INTERNET of things, *COMPUTATIONAL complexity, *CYBERTERRORISM

Abstract

The Industrial Internet of Things (IIoT) deals with vast amounts of data that must be safeguarded against tampering or theft. Identifying rare attacks and addressing data imbalances pose significant challenges in the detection of IIoT cyberattacks. Innovative detection methods are important for effective cybersecurity threat mitigation. While many studies employ resampling methods to tackle these issues, they often face drawbacks such as the use of artificially generated data and increased data volume, which limit their effectiveness. In this paper, we introduce a cutting-edge deep binary neural network known as the focal causal temporal convolutional neural network to address imbalanced data when detecting rare attacks in IIoT. The model addresses imbalanced data challenges by transforming the attack detection into a binary classification task, giving priority to minority attacks through a descending order strategy in the tree-like structure. This approach substantially reduces computational complexity, surpassing existing methods in managing imbalanced data challenges in rare attack detection for IoT security. Evaluation of various datasets, including UNSW-NB15, CICIDS-2017, BoT-IoT, NBaIoT-2018, and TON-IIOT, reveals an accuracy of over 99%, demonstrating the effectiveness of FCTCNNs in detecting attacks and handling imbalanced IoT data with efficiency. [ABSTRACT FROM AUTHOR]

Published

2024

31. Press play, install malware: a study of rhythm game-based malware dropping.

Author

Vasilellis, Efstratios, Gkionis, Grigoris, and Gritzalis, Dimitris

Subjects

*MUSICAL meter & rhythm, *CYBERTERRORISM, *MALWARE, *GAMIFICATION, *SMARTPHONES

Abstract

Malware remains a major cybersecurity threat, often evading traditional detection methods. This study builds on our previous research with Tetris to present a more efficient covert channel attack using a Trojanized version of the rhythm game "Guitar Hero". This new method delivers and executes malicious payloads in under 2.5 min, significantly faster than our previous Tetris-based approach. The engaging and musical nature of the rhythm game makes it more appealing to users, increasing the likelihood of attracting potential victims compared to the more monotonous Tetris. The attack encodes payloads into game levels, compelling users to make specific moves that unknowingly assemble malware on their devices, thereby evading detection. This study is the second to introduce gamification in malware transmission and the first to "force" user actions to achieve the objectives of the attacker. We provide a detailed analysis of this attack and suggest countermeasures, highlighting the necessity of human-based dynamic malware analysis and enhanced user awareness. Our findings underscore the evolving nature of cyber threats and the urgent need for innovative defensive strategies to address such sophisticated covert channel attacks. [ABSTRACT FROM AUTHOR]

Published

2024

32. Collaborative intrusion detection using weighted ensemble averaging deep neural network for coordinated attack detection in heterogeneous network.

Author

Wardana, Aulia Arif, Kołaczek, Grzegorz, Warzyński, Arkadiusz, and Sukarno, Parman

Subjects

*ARTIFICIAL neural networks, *COMPUTER network traffic, *CYBERTERRORISM, *DEEP learning

Abstract

Detecting coordinated attacks in cybersecurity is challenging due to their sophisticated and distributed nature, making traditional Intrusion Detection Systems often ineffective, especially in heterogeneous networks with diverse devices and systems. This research introduces a novel Collaborative Intrusion Detection System (CIDS) using a Weighted Ensemble Averaging Deep Neural Network (WEA-DNN) designed to detect such attacks. The WEA-DNN combines deep learning techniques and ensemble methods to enhance detection capabilities by integrating multiple Deep Neural Network (DNN) models, each trained on different data subsets with varying architectures. Differential Evolution optimizes the model's contributions by calculating optimal weights, allowing the system to collaboratively analyze network traffic data from diverse sources. Extensive experiments on real-world datasets like CICIDS2017, CSE-CICIDS2018, CICToNIoT, and CICBotIoT show that the CIDS framework achieves an average accuracy of 93.8%, precision of 78.6%, recall of 60.4%, and an F1-score of 62.4%, surpassing traditional ensemble models and matching the performance of local DNN models. This demonstrates the practical benefits of WEA-DNN in improving detection capabilities in real-world heterogeneous network environments, offering superior adaptability and robustness in handling complex attack patterns. [ABSTRACT FROM AUTHOR]

Published

2024

33. Survey-based analysis of cybersecurity awareness of Turkish seafarers.

Author

Moen, Ivar, Oruc, Aybars, Amro, Ahmed, Gkioulos, Vasileios, and Kavallieratos, Georgios

Subjects

*LITERATURE reviews, *CYBERTERRORISM, *INTERNET security, *AWARENESS, *FREIGHT & freightage

Abstract

In recent years, vessels have become increasingly digitized, reflecting broader societal trends. As a result, maritime operations have become an attractive target for cyber threat actors. Despite the limited cybersecurity training seafarers receive, they are expected to operate within technologically advanced environments. The importance of cybersecurity awareness is evident, but the extent of seafarers' knowledge in this area remains uncertain. This article investigates three primary aspects: (1) the current state of cybersecurity onboard cargo vessels, (2) seafarers' cybersecurity awareness, and (3) potential improvements in seafarers' cybersecurity awareness. To accomplish this, a literature review is conducted to collect and analyze current research, supplemented by a questionnaire survey targeting Turkish seafarers. Our findings support increased investment in awareness and training programs, including organizational-wide cybersecurity awareness efforts, more frequent training, mandatory training for all seafarers through the Standards of Training Certification and Watchkeeping (STCW), and the appointment of a cybersecurity Officer (CySO) to ensure satisfactory cybersecurity levels onboard. Since this article focuses on high-level topics by assessing the general state of maritime cybersecurity and seafarers' cybersecurity awareness, it does not delve into detailed considerations of awareness and training programs. Nevertheless, it lays the foundation for future research in this area. [ABSTRACT FROM AUTHOR]

Published

2024

34. Automating shareable cyber threat intelligence production for closed source software vulnerabilities: a deep learning based detection system.

Author

Arıkan, Süleyman Muhammed, Koçak, Aynur, and Alkan, Mustafa

Subjects

*COMPUTER security vulnerabilities, *MACHINE learning, *CYBER intelligence (Computer security), *CYBERTERRORISM, *RESOURCE management

Abstract

Software can be vulnerable to various types of interference. The production of cyber threat intelligence for closed source software requires significant effort, experience, and many manual steps. The objective of this study is to automate the process of producing cyber threat intelligence, focusing on closed source software vulnerabilities. To achieve our goal, we have developed a system called cti-for-css. Deep learning algorithms were used for detection. To simplify data representation and reduce pre-processing workload, the study proposes the function-as-sentence approach. The MLP, OneDNN, LSTM, and Bi-LSTM algorithms were trained using this approach with the SOSP and NDSS18 binary datasets, and their results were compared. The aforementioned datasets contain buffer error vulnerabilities (CWE-119) and resource management error vulnerabilities (CWE-399). Our results are as successful as the studies in the literature. The system achieved the best performance using Bi-LSTM, with F1 score of 82.4%. Additionally, AUC score of 93.0% was acquired, which is the best in the literature. The study concluded by producing cyber threat intelligence using closed source software. Shareable intelligence was produced in an average of 0.1 s, excluding the detection process. Each record, which was represented using our approach, was classified in under 0.32 s on average. [ABSTRACT FROM AUTHOR]

Published

2024

35. Design tactics for tailoring transformer architectures to cybersecurity challenges.

Author

Avci, Cigdem, Tekinerdogan, Bedir, and Catal, Cagatay

Subjects

*TRANSFORMER models, *CYBERTERRORISM, *QUALITY factor, *INTERNET security, *INFORMATION storage & retrieval systems

Abstract

In the rapidly evolving landscape of cyber threats, effective defense strategies are crucial for safeguarding sensitive information and critical systems. Deep learning methods, notably the Transformer architecture, have shown immense potential in addressing cybersecurity challenges. However, customizing, and adapting Transformer architectures for cybersecurity applications presents a challenge, demanding the utilization of effective strategies to achieve optimal performance. This study presents a comprehensive analysis of design tactics employed in tailoring Transformer architectures specifically for cybersecurity problems. Design tactics, defined as strategic solutions to architectural challenges based on well-justified design decisions, are explored in-depth within the context of cybersecurity. By examining the modifications and adaptations made to the original Transformer architecture, this study unveils the design decisions and strategies crucial for successful implementation in diverse cybersecurity domains. The findings emphasize the significance of aligning design tactics with the unique business requirements and quality factors of each specific application domain. This study contributes valuable insights into the utilization of design tactics for customizing Transformer architectures in cybersecurity, paving the way for enhanced defense strategies against the dynamic and evolving nature of cyber threats. [ABSTRACT FROM AUTHOR]

Published

2024

36. Efficient hashing technique for malicious profile detection at hypervisor environment.

Author

Kumar, Anumukonda Naga Seshu, Yadav, Rajesh Kumar, and Raghava, Nallanthighal Srinivasa

Subjects

*VIRTUAL machine systems, *HYPERVISOR (Computer software), *INTERNET security, *SECURITY systems, *CYBERTERRORISM

Abstract

Attack detection in cyber security systems is one of the complex tasks which require domain specific knowledge and cognitive intelligence to detect novel and unknown attacks from large scale network data. This research explores how the network operations and network security affects the detection of unknown attacks in network systems. A hash based profile matching technique is presented in this paper for attack detection. The main objective of this work is to detect unknown attacks using a profile matching approach in Hypervisors. Hypervisors are characterized by their versatile nature since they allow the utilization of available system resources. The virtual machines (VMs) in the hypervisors are not dependent on the host hardware and as a result, hypervisors are considered advantageous. In addition, hypervisors have direct access to the hardware resources such as memory, storage and processors. However, hypervisors are more susceptible to the security threats which attack each and every VM. A SHA3-512 hashing algorithm used for generating hash values in hypervisor and the proposed model is used to verify whether the profile is malicious or benign. The performance of the hashbased profile matching technique is compared with traditional hash techniques namely SHA-256 and MD5 algorithm. Results show that the proposed SHA3-512 algorithm achieves a phenomenal performance in terms of phenomenal accuracy and zero false positive rates. Simulation results also show that the computation time required by Sha3-512 algorithm is lower compared to SHA-256 and MD5 algorithms. The performance analysis validates that the hash based approach achieves reliable performance for attack detection. The effectiveness of the hashing technique was determined using three different evaluation metrics namely attack DR, FPR, and computational time. Simulation results show that the existing SHA3- 512 algorithm detection rate of 97.24% with zero false positive rate and faster computational time compared to SHA 256 and MD5 algorithms. [ABSTRACT FROM AUTHOR]

Published

2024

37. Guide to developing case-based attack scenarios and establishing defense strategies for cybersecurity exercise in ICS environment.

Author

Kim, Donghyun, Jeon, Seungho, Kim, Kwangsoo, Kang, Jaesik, Lee, Seungwoon, and Seo, Jung Taek

Subjects

*INDUSTRIAL controls manufacturing, *INFRASTRUCTURE (Economics), *KNOWLEDGE base, *CYBERTERRORISM, *INTERNET security

Abstract

Critical infrastructure mainly performs its role through an industrial control system (ICS). Organizations conduct cyber exercises between red and blue teams, focusing on offense and defense. Practical exercises require explicit attack scenarios and corresponding defense strategies. However, systematic guides for deriving cyberattack scenarios or defense strategies still need to be improved. This paper proposes a guide for establishing realistic attack scenarios and defense strategies for cybersecurity exercises in ICS environments. Attack scenario generation is divided into four steps: generating attack references, deriving attack sequences, mapping threat information, and mapping vulnerable implementation patterns. Deriving a defensive strategy consists of two steps parallel to developing an attack scenario: deriving containment and eradication. The methodology we propose guides exercise planning based on a knowledge base, thereby assisting exercise planners in generating various scenarios and deriving clear defense strategies. We showed that a clear exercise plan could be established through a case study. [ABSTRACT FROM AUTHOR]

Published

2024

38. Enhanced Machine Learning Based Network Traffic Detection Model for IoT Network.

Author

Alzyoud, Mazen, Al-shanableh, Najah, Nashnush, Eman, Shboul, Rabah, Alazaidah, Raed, Samara, Ghassan, and Alhusban, Safaa

Subjects

COMPUTER network traffic, MACHINE learning, CYBERTERRORISM, COMPUTER network security, INTERNET security, INTRUSION detection systems (Computer security), BOTNETS

Abstract

Ensuring the security of networks is a significant hurdle in the rollout of the Internet of Things (IoT). A widely used protocol in the IoT ecosystem is message queuing telemetry transport (MQTT), which is based on the published-subscribe model. IoT manufacturers are expected to expand their usage of the MQTT protocol, which is expected to increase the number of cyber security threats against the protocol. IoT settings are crucial to overcoming scalability and computing resource issues and minimizing the characteristics needed for categorization. Machine learning (ML) is extensively used in traffic categorization and intrusion detection. This study proposes a ML-based network traffic detection model (MLNTDM) to enhance IoT application layer attack detection. The proposed architecture for the MQTT protocol is evaluated based on its effectiveness in detecting malicious attacks and how these affect various MQTT brokers. This study focuses on low-power-consuming ML algorithms for detecting IoT botnet offenses and identifying typical attacks and their responses. With this framework, each network flow provides information that can help identify the source of generated traffic and network assaults. Results from our approach, as shown in the experiment, prove more accuracy. [ABSTRACT FROM AUTHOR]

Published

2024

39. Anomaly detection technique for securing microgrid against false data attacks.

Author

Kumar, Kunal, Kumar, Prince, Kar, Susmita, and Bohre, Aashish Kumar

Subjects

PHASOR measurement, INFORMATION & communication technologies, DISTRIBUTED power generation, CYBERTERRORISM, MICROGRIDS

Abstract

The development of microgrid automation depends on information and communication technologies, which are vulnerable to cyber-attacks. Recent advancements in MGs enhance power systems' efficacy and reliability, but cybersecurity remains a significant concern, especially with false data injection attacks (FDIAs) posing serious threats. FDIAs can compromise measurement devices and tamper with State Estimation (SE), risking the seamless operation of MGs. To address this, this paper proposes an efficient Iterative Free Detection of False Data (IFDFD) scheme for detecting FDIAs in microgrid state estimation. The IFDFD scheme uses complex Micro Phasor Measurement Unit (μPMU) measurements and computes nodal power injections to detect FDIAs. Furthermore, the proposed scheme integrates an S-Estimator to eliminate noise errors caused by environmental factors and the component lifespan, making IFDFD robust against sophisticated attackers. The proposed IFDFD scheme has been tested and validated on the modified IEEE 14 bus test system, integrating Distributed Generations (DGs). False data was injected into the measurements to test the scheme's effectiveness. The efficacy of proposed IFDFD scheme has been validated by comparing it to existing method of FDIAs. The obtained result clearly validates the efficacy of the proposed IFDFD scheme. • Addresses cybersecurity concerns in MG automation dependent on Information and Communication Technology. • Proposed IFDFD scheme detects FDIAs using μPMU measurements and nodal power injections. • IFDFD integrates S-Estimator to eliminate noise errors from environmental factors. [ABSTRACT FROM AUTHOR]

Published

2024

40. CONTRIBUTION TO THREAT MANAGEMENT THROUGH THE USE OF AIBASED IDS.

Author

Saadi, Chaimae, Belghiti, Imane Daha, Atbib, Souad, and Radah, Tarek

Subjects

MACHINE learning, SUPERVISED learning, ARTIFICIAL intelligence, COMPUTER network traffic, CYBERTERRORISM

Abstract

Copyright of Environmental & Social Management Journal / Revista de Gestão Social e Ambiental is the property of Environmental & Social Management Journal and its content may not be copied or emailed to multiple sites or posted to a listserv without the copyright holder's express written permission. However, users may print, download, or email articles for individual use. This abstract may be abridged. No warranty is given about the accuracy of the copy. Users should refer to the original published version of the material for the full abstract. (Copyright applies to all Abstracts.)

Published

2024

41. Unsupervised Learning for Lateral-Movement-Based Threat Mitigation in Active Directory Attack Graphs.

Author

Herranz-Oliveros, David, Tejedor-Romero, Marino, Gimenez-Guzman, Jose Manuel, and Cruz-Piris, Luis

Subjects

INFRASTRUCTURE (Economics), CYBERTERRORISM, DIRECTORIES, INTERNET security, ALGORITHMS

Abstract

Cybersecurity threats, particularly those involving lateral movement within networks, pose significant risks to critical infrastructures such as Microsoft Active Directory. This study addresses the need for effective defense mechanisms that minimize network disruption while preventing attackers from reaching key assets. Modeling Active Directory networks as a graph in which the nodes represent the network components and the edges represent the logical interactions between them, we use centrality metrics to derive the impact of hardening nodes in terms of constraining the progression of attacks. We propose using Unsupervised Learning techniques, specifically density-based clustering algorithms, to identify those nodes given the information provided by their metrics. Our approach includes simulating attack paths using a snowball model, enabling us to analytically evaluate the impact of hardening on delaying Domain Administration compromise. We tested our methodology on both real and synthetic Active Directory graphs, demonstrating that it can significantly slow down the propagation of threats from reaching the Domain Administration across the studied scenarios. Additionally, we explore the potential of these techniques to enable flexible selection of the number of nodes to secure. Our findings suggest that the proposed methods significantly enhance the resilience of Active Directory environments against targeted cyber-attacks. [ABSTRACT FROM AUTHOR]

Published

2024

42. Study on Prediction and Response Model for Threat Diffusion Based on Multi-Step Reachability Matrix.

Author

Lee, Jina, Jung, Subong, Cheagal, Daehoon, Jang, Jisoo, and Shin, Dongkyoo

Subjects

COMPUTER network security, CYBERTERRORISM, SECURITY personnel, LEGAL judgments, DECISION making

Abstract

As the importance of defending against cyber attacks has increased, various studies have been conducted to analyze and utilize the reachability between hosts. Although this approach effectively explains asset-based threat responses by security personnel, it is limited as a means of strategic judgment by top decision makers considering the tasks of an organization in a large-scale network environment. The purpose of this study is to develop a method for simplifying the characteristics of the attack paths of a large number of hosts by projecting them to a higher-level organization and aiding in visualizing the impacts of threats. To achieve this, a methodology is presented that supports both strategic judgment by top decision makers, considering the tasks of lower-level organizational units, and asset-based responses. This is accomplished by analyzing asset-based impacts through the generation of a Multi-Step Reachability Matrix (MRM2) and the multi-threat synthesis of low-level threat diffusion paths at the asset level, while gradually abstracting the transition information of the corresponding threats to the higher-level organization. In this paper, the diffusion process is modeled through the connectivity between hosts, and it is expected that this approach will contribute to the development of a decision support model that meets the needs of both upper- and lower-level decision makers. This is achieved by reflecting a variety of factors that influence attack and defense. These factors include the importance of the organization's mission or business to each asset, the criticality of the system function to which the asset belongs, the dependencies between assets, and the unique characteristics of the asset, including vulnerabilities, exploitation conditions, cyber resilience, and lifecycle costs. [ABSTRACT FROM AUTHOR]

Published

2024

43. ProtectingSmall and Medium Enterprises: A Specialized Cybersecurity Risk Assessment Framework and Tool.

Author

El-Hajj, Mohammed and Mirza, Zuhayr Aamir

Subjects

SMALL business, RISK assessment, INTERNATIONAL organization, INTERNET security, CYBERTERRORISM

Abstract

As the number of Small and Medium Enterprises (SMEs) rises in the world, the amount of sensitive data used also increases, making them targets for cyberattacks. SMEs face a host of issues such as a lack of resources and poor cybersecurity talent, resulting in multiple vulnerabilities that increase overall risk. Cybersecurity risk assessment frameworks have been developed by multiple organizations such as the National Institute of Science and Technology (NIST) and the International Organization for Standardization (ISO), but they are complicated to understand and challenging to implement. This research aimed to create an effective cybersecurity risk assessment framework specifically for SMEs while considering their limitations. This was achieved by first identifying common threats and vulnerabilities and categorizing them according to their importance and risk. Secondly, popular frameworks like the NIST CSF and ISO 27001/2 were analyzed for their proficiencies and deficiencies while identifying relevant areas for SMEs. Finally, novel techniques catered to SMEs were explored and incorporated to create an effective framework for SMEs. This framework was also developed in the form of a tool, providing an interactive and dynamic environment. The tool was effective, and the framework is a promising start but requires more quantitative analysis. [ABSTRACT FROM AUTHOR]

Published

2024

44. A Study on Designing Cyber Training and Cyber Range to Effectively Respond to Cyber Threats.

Author

Shin, Yongjoo, Kwon, Hyukjin, Jeong, Jaeyeong, and Shin, Dongkyoo

Subjects

CYBERSPACE operations (Military science), LITERATURE reviews, TEMPORAL integration, CIVIL defense, CYBERTERRORISM, CYBERSPACE

Abstract

As cyberattacks become increasingly sophisticated with advancements in information and communication technology, the impact of cyberspace threats is growing in both civilian and defense sectors. The utilization of cyber capabilities in operations is on the rise, prompting major nations to continuously enhance their cyber capabilities. This study aims to establish a systematic approach to cyber operations training and propose a framework for the development of cyber training. A hybrid cyber training system is designed as a plan for temporal and spatial integration to simultaneously combine simulation-based training with real-world target training. To develop this concept, a literature review was conducted, expert consultations were held, and data were collected and analyzed through visits to relevant organizations and units. Additionally, the fundamental components of cyber training were examined from environmental, scenario-based, and operational perspectives, leading to the presentation of a development direction for effective cyber training. This study is anticipated to enhance response capabilities to evolving cyber threats and attacks, improve cyber operational proficiency, and secure cyber power to achieve dominance in cyberspace. [ABSTRACT FROM AUTHOR]

Published

2024

45. Adaptive Cybersecurity Neural Networks: An Evolutionary Approach for Enhanced Attack Detection and Classification.

Author

Al Hwaitat, Ahmad K. and Fakhouri, Hussam N.

Subjects

OPTIMIZATION algorithms, CYBERTERRORISM, METAHEURISTIC algorithms, INTERNET security, ALGORITHMS

Abstract

The increasing sophistication and frequency of cyber threats necessitate the development of advanced techniques for detecting and mitigating attacks. This paper introduces a novel cybersecurity-focused Multi-Layer Perceptron (MLP) trainer that utilizes evolutionary computation methods, specifically tailored to improve the training process of neural networks in the cybersecurity domain. The proposed trainer dynamically optimizes the MLP's weights and biases, enhancing its accuracy and robustness in defending against various attack vectors. To evaluate its effectiveness, the trainer was tested on five widely recognized security-related datasets: NSL-KDD, CICIDS2017, UNSW-NB15, Bot-IoT, and CSE-CIC-IDS2018. Its performance was compared with several state-of-the-art optimization algorithms, including Cybersecurity Chimp, CPO, ROA, WOA, MFO, WSO, SHIO, ZOA, DOA, and HHO. The results demonstrated that the proposed trainer consistently outperformed the other algorithms, achieving the lowest Mean Square Error (MSE) and highest classification accuracy across all datasets. Notably, the trainer reached a classification rate of 99.5% on the Bot-IoT dataset and 98.8% on the CSE-CIC-IDS2018 dataset, underscoring its effectiveness in detecting and classifying diverse cyber threats. [ABSTRACT FROM AUTHOR]

Published

2024

46. Robust Federated Learning for Mitigating Advanced Persistent Threats in Cyber-Physical Systems.

Author

Hallaji, Ehsan, Razavi-Far, Roozbeh, and Saif, Mehrdad

Subjects

FEDERATED learning, CYBER physical systems, CYBERTERRORISM, INTERNET security, SECURITY systems

Abstract

Malware triage is essential for the security of cyber-physical systems, particularly against Advanced Persistent Threats (APTs). Proper data for this task, however, are hard to come by, as organizations are often reluctant to share their network data due to security concerns. To tackle this issue, this paper presents a secure and distributed framework for the collaborative training of a global model for APT triage without compromising privacy. Using this framework, organizations can share knowledge of APTs without disclosing private data. Moreover, the proposed design employs robust aggregation protocols to safeguard the global model against potential adversaries. The proposed framework is evaluated using real-world data with 15 different APT mechanisms. To make the simulations more challenging, we assume that edge nodes have partial knowledge of APTs. The obtained results demonstrate that participants in the proposed framework can privately share their knowledge, resulting in a robust global model that accurately detects APTs with significant improvement across different model architectures. Under optimal conditions, the designed framework detects almost all APT scenarios with an accuracy of over 90 percent. [ABSTRACT FROM AUTHOR]

Published

2024

47. Intelligent and Secure Cloud–Edge Collaborative Industrial Information Encryption Strategy Based on Credibility Assessment.

Author

Tan, Aiping, Dong, Chenglong, Wang, Yan, Wang, Chang, and Xia, Changqing

Subjects

INFORMATION technology security, COMPUTER network traffic, CYBERTERRORISM, ACCESS control, SECURITY systems

Abstract

As industries develop and informatization accelerates, enterprise collaboration is increasing. However, current architectures face malicious attacks, data tampering, privacy issues, and security and efficiency problems in information exchange and enterprise credibility. Additionally, the complexity of cyber threats requires integrating intelligent security measures to proactively defend against sophisticated attacks. To address these challenges, this paper introduces an intelligent and secure cloud–edge collaborative industrial information encryption strategy based on credibility assessment. The proposed strategy incorporates adaptive encryption specifically designed for cloud–edge and edge–edge architectures and utilizes attribute encryption to control access to user-downloaded data, ensuring secure information exchange. A mechanism for assessing enterprise credibility over a defined period helps maintain a trusted collaborative environment, crucial for identifying and mitigating risks from potentially malicious or unreliable entities. Furthermore, integrating intelligent threat detection and response systems enhances overall security by continuously monitoring and analyzing network traffic for anomalies. Experimental analysis evaluates the security of communication paths and examines how enterprise integrity influences collaboration outcomes. Simulation results show that this approach enhances enterprise integrity, reduces losses caused by harmful actors, and promotes efficient collaboration without compromising security. This intelligent and secure strategy not only safeguards sensitive data but also ensures the resilience and trustworthiness of the collaborative network. [ABSTRACT FROM AUTHOR]

Published

2024

48. The potential for artificial intelligence to address challenges faced by custodian banks: Received (in revised form): 14th May, 2024.

Author

Hsien-Hui Tong and Lim, Martin

Subjects

GENERATIVE artificial intelligence, LANGUAGE models, NATURAL language processing, ARTIFICIAL intelligence, CYBERTERRORISM

Abstract

The pace of teclitiological advancement over tile last three decades has led to a slew of new companies adopting the latest teclitiologies mid 1 / tari'ying them to i/i//opative//ew business models to threaten more traditional businesses. Start-tips sitch as Goode, Meta aild Amazon, to name a few, have revollitionised tile way Collsilmers engage with service providers, consume illformation and purchase goods. Fintech start-tips have also threatened to dialige the way.fittaticial services are provided, albeit with varying degrees of success due to barriers such as consumer tnist in new brands, reetilatory colitplialice aild thefinancia| stre}Wth of banks to build those scime services internally. There is 110 denying, however, tliat ctistodian batiks today.face many challinges that are slowly croding margins. Regulators are dematiding shorter settlebanks. ment times, clients are dellialiding greater control over tlicir accomits, staff costs are rising and cyber security threats are increasine. This paper seeks to highlight some of tile threats tile indlistry is.facing while exploring the role that artificial intelligence (AI) may be able to play in addressing some 01 these Cliallenges. It offrrs a broad overview of Hot just areas of applicatioll init also weaknesses of the ter|mology that the bank needs to be aware of and also possible issues with imp / ementation. It also seeks to highliglit the fict that Al is not a single technology, imlike distributed ledger systems. There are inany imances to Al, such as convolit tion licitral iletworks, natural laitguage processing mid generative AI, and the judicious application of the rig|It Ittiatice of Al to the prob le}}1 wil be lecy to a success-ful implementation. [ABSTRACT FROM AUTHOR]

Published

2024

49. MV-Honeypot: Security Threat Analysis by Deploying Avatar as a Honeypot in COTS Metaverse Platforms.

Author

Sarang, Arpita Dinesh, Alawami, Mohsen Ali, and Park, Ki-Woong

Subjects

ARTIFICIAL intelligence, SHARED virtual environments, VIRTUAL reality, CYBERTERRORISM, INTERNET of things, AVATARS (Virtual reality)

Abstract

Nowadays, the use of Avatars that are unique digital depictions has increased by users to access Metaverse—a virtual reality environment—through multiple devices and for various purposes. Therefore, the Avatar and Metaverse are being developed with a new theory, application, and design, necessitating the association of more personal data and devices of targeted users every day. This Avatar and Metaverse technology explosion raises privacy and security concerns, leading to cyber attacks. MV-Honeypot, or Metaverse-Honeypot, as a commercial off-the-shelf solution that can counter these cyber attack-causing vulnerabilities, should be developed. To fill this gap, we study user's engagements with Avatars in Metaverse, analyze possible security vulnerabilities, and create a model named Simplified Avatar Relationship Association with Non-linear Gradient (SARANG) that draws the full diagram of infrastructure components and data flow through accessing Metaverse in this paper. We also determine the most significant threat for each component's cyberattacks that will affect user data and Avatars. As a result, the commercial off-the-shelf (COTS) of the MV-Honeypot must be established. Graphic Abstract [ABSTRACT FROM AUTHOR]

Published

2024

50. Cyberterrorism in Africa -- Is This the Real Life, Is This Just Fantasy?

Author

Grobbelaar, Alta

Subjects

CYBERTERRORISM, INFORMATION technology, EUROCENTRISM

Abstract

This paper seeks to examine the relevance of the term 'cyberterrorism' within African spaces. Although the notion of cyberterrorism as a concept is contested by scholars such as Jason Burke and Marc Sageman, the application of the concept in an African context raises a number of concerns. Firstly, rather than focusing on the semantic and conceptual issues only, more attention should be paid to the material implications of such discourses for people and states on the continent who are on the receiving end of such conceptualisation. Discourses regarding fear are always very complex and shape the way in which reality is perceived, understood and how hegemonic power-relations are formed within certain contexts. Secondly, these discourses reflect a Eurocentric bias, because, as visible in the definition used and accepted by US defence analysts, cyberterrorism would refer to " Unlawful attacks and threats of attack against computers, networks, and the information stored therein when done to intimidate or coerce a government or its people in furtherance of political or social objectives.". These types of discourses are largely state-centric or government-centric, created to operate in spheres where effective governance varies from what is accepted as such on the African continent. While connectivity and globalization are becoming increasingly important for Africa as a whole, it begs the question whether the term is not more appropriate for highly globalized, technologically advanced contexts of the global North. In contrast with countries in the global North, African countries' limited use and penetration of information technology thus underline the need for a critical (re)examination of the discourses relating to cyberterrorism in the African context. What needs to be established is whether cyberthreats, specifically cyberterrorism, pose a real threat on the continent, or whether the concept has become a platitude or blanket term to describe any form of information-based hostility. The paper questions the application of concepts such as cyberthreats, cyberterrorism and cybersecurity in African-centered approaches. [ABSTRACT FROM AUTHOR]

Published

2024