Cyber Security and Applications最新文献

Deep learning-driven defense strategies for mitigating DDoS attacks in cloud computing environments

Cyber Security and Applications Pub Date : 2025-01-10 DOI: 10.1016/j.csa.2025.100085

Doaa Mohsin Abd Ali Afraji , Jaime Lloret , Lourdes Peñalver

{"title":"Deep learning-driven defense strategies for mitigating DDoS attacks in cloud computing environments","authors":"Doaa Mohsin Abd Ali Afraji , Jaime Lloret , Lourdes Peñalver","doi":"10.1016/j.csa.2025.100085","DOIUrl":"10.1016/j.csa.2025.100085","url":null,"abstract":"<div><div>The kind of cyber threat prevalent and most dangerous to networked systems is the Distributed Denial of Service (DDoS), especially with expanded connection of Internet of Things (IoT) devices. This article categorizes DDoS attacks into three primary types: volumetric, protocol based and application layer of cyber attacks. It discusses the application of security threats that arise from the use of the DL models, accusing recently introduced ideas and stressing pitfalls: the issues of data and methods scarcity. There is the same need for the greater use of explainable and transparent AI to improve confidence in such security systems as is noted in the review. It also reveals that present detection performance is constrained and frequently obstructed by the poor quality of the datasets. The future work is proposed to build superior datasets and use accurate algorithm to improve the security models. This paper focuses on explainability as a way of making the AI model creation process and any consequent decisions explainable and transparent. The use of deep learning enhances the capability of cybersecurity in handling DDoS attacks and preventing or controlling them. But it has to be a part of a more large-scope platform, based on multiple types of longitudinal or cross-sectional data combined with high efficiency, explainable AI. The article ends with call to proceed with studying and advancing the AI application in response to new threats, and make the most of it to enhance protection of the contemporary networked environment.</div></div>","PeriodicalId":100351,"journal":{"name":"Cyber Security and Applications","volume":"3 ","pages":"Article 100085"},"PeriodicalIF":0.0,"publicationDate":"2025-01-10","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"143178619","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"OA","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

引用次数: 0

Privacy-preserving security of IoT networks: A comparative analysis of methods and applications

Cyber Security and Applications Pub Date : 2025-01-06 DOI: 10.1016/j.csa.2025.100084

Abubakar Wakili, Sara Bakkali

{"title":"Privacy-preserving security of IoT networks: A comparative analysis of methods and applications","authors":"Abubakar Wakili, Sara Bakkali","doi":"10.1016/j.csa.2025.100084","DOIUrl":"10.1016/j.csa.2025.100084","url":null,"abstract":"<div><div>The Internet of Things (IoT) connects devices to enhance efficiency, productivity, and quality of life. However, deploying IoT networks introduces critical privacy and security challenges, including resource constraints, scalability issues, interoperability gaps, and risks to data privacy. Addressing these challenges is vital to ensure the reliability and trustworthiness of IoT applications. This study provides a comprehensive analysis of privacy-preserving security methods, evaluating cryptography, blockchain, machine learning, and fog/edge computing against performance indicators such as scalability, efficiency, robustness, and usability. Through a structured literature review and thorough data analysis, the study reveals that while cryptography offers high security, it faces scalability challenges; blockchain excels in decentralization but struggles with efficiency; machine learning provides adaptive intelligence but raises privacy concerns; and fog/edge computing delivers low-latency processing yet encounters operational complexities. The findings highlight the importance of adopting a hybrid approach that combines the strengths of various methods to overcome their limitations. This study serves as a valuable resource for academia, industry professionals, and policymakers, providing guidance to strengthen IoT infrastructures and influence the direction of future research.</div></div>","PeriodicalId":100351,"journal":{"name":"Cyber Security and Applications","volume":"3 ","pages":"Article 100084"},"PeriodicalIF":0.0,"publicationDate":"2025-01-06","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"143178618","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"OA","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

引用次数: 0

Earthworm optimization algorithm based cascade LSTM-GRU model for android malware detection

Cyber Security and Applications Pub Date : 2025-01-02 DOI: 10.1016/j.csa.2024.100083

Brij B. Gupta , Akshat Gaurav , Varsha Arya , Shavi Bansal , Razaz Waheeb Attar , Ahmed Alhomoud , Konstantinos Psannis

引用次数: 0

A survey on intrusion detection system in IoT networks

Cyber Security and Applications Pub Date : 2024-12-20 DOI: 10.1016/j.csa.2024.100082

Md Mahbubur Rahman , Shaharia Al Shakil , Mizanur Rahman Mustakim

{"title":"A survey on intrusion detection system in IoT networks","authors":"Md Mahbubur Rahman , Shaharia Al Shakil , Mizanur Rahman Mustakim","doi":"10.1016/j.csa.2024.100082","DOIUrl":"10.1016/j.csa.2024.100082","url":null,"abstract":"<div><div>As the Internet of Things (IoT) expands, the security of IoT networks has becoming more critical. Intrusion Detection Systems (IDS) are essential for protecting these networks against malicious activities. Artificial intelligence, with its adaptive and self-learning capabilities, has emerged as a promising approach to enhancing intrusion detection in IoT environments. Machine learning facilitates dynamic threat identification, reduces false positives, and addresses evolving vulnerabilities. This survey provides an analysis of contemporary intrusion detection techniques, models, and their performances in IoT networks, offering insights into IDS design and implementation. It reviews data extraction techniques, useful matrices, and loss functions in IDS for IoT networks, ranking top-cited algorithms and categorizing IDS studies based on different approaches. The survey evaluates various datasets used in IoT intrusion detection, examining their attributes, benefits, and drawbacks, and emphasizes performance metrics and computational efficiency, providing insights into IDS effectiveness and practicality. Standardized evaluation metrics and real-world testing are stressed to ensure reliability. Additionally, the survey identifies significant challenges and open issues in ML and DL-based IDS for IoT networks, such as computational complexity and high false positive rates, and recommends potential research directions, emerging trends, and perspectives for future work. This forward-looking perspective aids in shaping the future direction of research in this dynamic field, emphasizing the need for lightweight, efficient IDS models suitable for resource- constrained IoT devices and the importance of comprehensive, representative datasets.</div></div>","PeriodicalId":100351,"journal":{"name":"Cyber Security and Applications","volume":"3 ","pages":"Article 100082"},"PeriodicalIF":0.0,"publicationDate":"2024-12-20","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"143178616","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"OA","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

引用次数: 0

Comparison of mitigating DDoS attacks in software defined networking and IoT platforms

Cyber Security and Applications Pub Date : 2024-12-08 DOI: 10.1016/j.csa.2024.100080

Sivanesan. N , N. Parthiban , S. Vijay , S.N. Sheela

{"title":"Comparison of mitigating DDoS attacks in software defined networking and IoT platforms","authors":"Sivanesan. N , N. Parthiban , S. Vijay , S.N. Sheela","doi":"10.1016/j.csa.2024.100080","DOIUrl":"10.1016/j.csa.2024.100080","url":null,"abstract":"<div><div>The Software-Defined Networking (SDN) paradigm redefines the term \"network\" by enabling network managers to programmatically initialize, control, alter, and govern network behavior. Network engineers benefit from SDN's ability to rapidly track networks, centrally manage networks, and quickly and effectively detect malicious traffic and connection failure. The attacker will have total control over the system if he is able to access the main controller. The system's resources can be completely exhausted by Distributed Denial of Service (DDoS) assaults, rendering the controller's services entirely unavailable. The low computational and power capabilities of everyday Internet of Things (IoT) devices render the controller highly susceptible to these attacks; the IoT ecosystem prioritizes functionality over security features, making DDoS attacks a significant problem. This paper conducts a comparative study on the use of machine learning (ML) to mitigate DDoS attack traffic, distinguishing it from benign traffic. This is done to prevent several assaults and to provide mitigation security threats in the network, according to specific requirements. So, the study used machine learning-based techniques to make both traditional and SDN-IoT environments less vulnerable to DDoS attacks. Therefore, the primary goals of the comparative study are to determine which SDN and SDN-IoT platform is better at detecting DDoS attacks and to evaluate how well both platforms work when combined with ML techniques.</div></div>","PeriodicalId":100351,"journal":{"name":"Cyber Security and Applications","volume":"3 ","pages":"Article 100080"},"PeriodicalIF":0.0,"publicationDate":"2024-12-08","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"143178614","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"OA","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

引用次数: 0

Software defined network and graph neural network-based anomaly detection scheme for high speed networks

Cyber Security and Applications Pub Date : 2024-11-30 DOI: 10.1016/j.csa.2024.100079

Archan Dadhania , Poojan Dave , Jitendra Bhatia , Rachana Mehta , Malaram Kumhar , Sudeep Tanwar , Abdulatif Alabdulatif

{"title":"Software defined network and graph neural network-based anomaly detection scheme for high speed networks","authors":"Archan Dadhania , Poojan Dave , Jitendra Bhatia , Rachana Mehta , Malaram Kumhar , Sudeep Tanwar , Abdulatif Alabdulatif","doi":"10.1016/j.csa.2024.100079","DOIUrl":"10.1016/j.csa.2024.100079","url":null,"abstract":"<div><div>In recent years, the proliferation of Software-Defined Networking (SDN) has revolutionized network management and operation. However, with SDN’s increased connectivity and dynamic nature, security threats like Denial-of-Service (DoS) attacks have also evolved, posing significant challenges to network administrators. This research uses the GraphSAGE algorithm to improve DoS attack detection using SDN and Graph Neural Network (GNN) to address the abovementioned problems. The study further explores the effectiveness of four anomaly detection techniques - Histogram-Based Outlier Score (HBOS), Cluster-Based Local Outlier Factor (CBLOF), Isolation Forest (IF), and Principal Component Analysis (PCA) - to identify and mitigate potential DoS attacks accurately. Through extensive experimentation and evaluation, the proposed framework achieves an better accuracy of detecting the anomalies than one without GraphSAGE model underscoring its potential to strengthen the security of SDN architectures against DoS attacks.</div></div>","PeriodicalId":100351,"journal":{"name":"Cyber Security and Applications","volume":"3 ","pages":"Article 100079"},"PeriodicalIF":0.0,"publicationDate":"2024-11-30","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"143177278","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"OA","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

引用次数: 0

A comprehensive literature review on ransomware detection using deep learning

Cyber Security and Applications Pub Date : 2024-11-30 DOI: 10.1016/j.csa.2024.100078

Er. Kritika

引用次数: 0

Enhancing cybersecurity resilience through advanced red-teaming exercises and MITRE ATT&CK framework integration: A paradigm shift in cybersecurity assessment

Cyber Security and Applications Pub Date : 2024-11-07 DOI: 10.1016/j.csa.2024.100077

Semi Yulianto, Benfano Soewito, Ford Lumban Gaol, Aditya Kurniawan

{"title":"Enhancing cybersecurity resilience through advanced red-teaming exercises and MITRE ATT&CK framework integration: A paradigm shift in cybersecurity assessment","authors":"Semi Yulianto, Benfano Soewito, Ford Lumban Gaol, Aditya Kurniawan","doi":"10.1016/j.csa.2024.100077","DOIUrl":"10.1016/j.csa.2024.100077","url":null,"abstract":"<div><div>As cybersecurity threats evolve alarmingly, conventional defense strategies are becoming increasingly ineffective. In response to this urgent challenge, our study presents a transformative approach to red-teaming exercises by integrating the MITRE ATT&CK framework. This innovative integration leverages real-world attacker tactics and behaviors to create highly realistic scenarios that rigorously test defenses and uncover previously unidentified vulnerabilities. Our comprehensive evaluation demonstrates a significant enhancement in the realism and effectiveness of red-teaming, leading to improved vulnerability identification and the generation of actionable insights for proactive remediation. This study uniquely contributes by providing a structured, data-driven methodology that aligns current defenses with emerging threat tactics and promotes continuous improvement in cybersecurity resilience. Such advancements are essential for organizations seeking to stay ahead of attackers and maintain robust cyber defenses in dynamic threat environments. The significance of this study lies in offering a structured approach to strengthen cybersecurity resilience against evolving threats and providing a model for continual defense enhancement. Future research should investigate the impact of this integration on long-term cybersecurity strategies.</div></div>","PeriodicalId":100351,"journal":{"name":"Cyber Security and Applications","volume":"3 ","pages":"Article 100077"},"PeriodicalIF":0.0,"publicationDate":"2024-11-07","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"143178613","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"OA","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

引用次数: 0

Towards superior android ransomware detection: An ensemble machine learning perspective 实现卓越的安卓勒索软件检测：集合机器学习视角

Cyber Security and Applications Pub Date : 2024-10-21 DOI: 10.1016/j.csa.2024.100076

Md. Alamgir Hossain , Tahmid Hasan , Fahad Ahmed , Sheikh Hasib Cheragee , Muntasir Hasan Kanchan , Md Alimul Haque

{"title":"Towards superior android ransomware detection: An ensemble machine learning perspective","authors":"Md. Alamgir Hossain , Tahmid Hasan , Fahad Ahmed , Sheikh Hasib Cheragee , Muntasir Hasan Kanchan , Md Alimul Haque","doi":"10.1016/j.csa.2024.100076","DOIUrl":"10.1016/j.csa.2024.100076","url":null,"abstract":"<div><div>Ransomware remains a pervasive threat to Android devices, with its ability to encrypt critical data and demand ransoms causing significant disruptions to users and organizations alike. This research proposes a novel ensemble-based machine learning approach for the detection of Android ransomware, leveraging the strengths of multiple classifiers to enhance detection accuracy and robustness. Utilizing a comprehensive dataset comprising 203,556 network traffic records across 10 distinct ransomware types and benign traffic, we meticulously preprocess and feature-engineer the data to ensure optimal model performance. The methodology integrates various ensemble classifiers, evaluating each through rigorous cross-validation. Feature importance analysis using Random Forest identifies key indicators of ransomware activity, enabling us to refine our models and focus on the most predictive features. The results demonstrate that the ensemble models, particularly Bagging, achieve near-perfect detection rates, with precision, recall, and F1 scores consistently exceeding 99% for different binary attacks and multi-class classification. Finally, in-depth statistical analysis further validates the superiority of our approach, showcasing significant improvements over traditional machine learning methods. This research sets a new benchmark for Android ransomware detection, offering a robust, scalable, and highly accurate solution that enhances the security and resilience of mobile networks against evolving cyber threats.</div></div>","PeriodicalId":100351,"journal":{"name":"Cyber Security and Applications","volume":"3 ","pages":"Article 100076"},"PeriodicalIF":0.0,"publicationDate":"2024-10-21","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"142538562","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"OA","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

引用次数: 0

Novel hybrid deep learning based cyber security threat detection model with optimization algorithm 基于优化算法的新型混合深度学习网络安全威胁检测模型

Cyber Security and Applications Pub Date : 2024-10-20 DOI: 10.1016/j.csa.2024.100075

S. Markkandeyan, A. Dennis Ananth, M. Rajakumaran, R.G. Gokila, R. Venkatesan, B. Lakshmi

{"title":"Novel hybrid deep learning based cyber security threat detection model with optimization algorithm","authors":"S. Markkandeyan, A. Dennis Ananth, M. Rajakumaran, R.G. Gokila, R. Venkatesan, B. Lakshmi","doi":"10.1016/j.csa.2024.100075","DOIUrl":"10.1016/j.csa.2024.100075","url":null,"abstract":"<div><div>In order to continuously provide services to the company, the Internet of Things (IoT) connects the hardware, software, storing data, and applications that could be utilized as a new port of entry for cyber-attacks. The privacy of IoT is presently very vulnerable to virus threats and software piracy. Threats like this have the potential to capture critical data, harming businesses' finances and reputations. We have suggested a hybrid Deep Learning (DL) strategy in this study to identify malware-infected programs and files that have been illegally distributed over the IoT environment. To detect illegal content utilizing Source code (SC) duplication, the Adaptive TensorFlow deep neural network with Improved Particle Swarm Optimization (IPSO) is suggested. This novel hybrid strategy improves cyber security by fusing cutting-edge DL with optimization methods, providing more effective and accurate detection. With a strong solution for real-time threat identification, the model handles the complexity of contemporary cyberthreats. To highlight the significance of the proxy regarding the SC duplication, the noisy data is filtered using the tokenization and weighting feature approaches. After that, duplication in SC is found using a DL method. To look into software piracy, the dataset was gathered via Google Code Jam (GCJ). Additionally, using the visual representation of color images, the Enhanced Long Short-Term Memory (E-LSTM) was employed to identify suspicious actions in the IoT environment. The Maling dataset is used to gather the malware samples required for testing. The experimental findings show that, in terms of categorization, the suggested method for evaluating cybersecurity threats in IoT surpasses conventional approaches.</div></div>","PeriodicalId":100351,"journal":{"name":"Cyber Security and Applications","volume":"3 ","pages":"Article 100075"},"PeriodicalIF":0.0,"publicationDate":"2024-10-20","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"142529479","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"OA","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

引用次数: 0