Cyber Security and Applications最新文献

An explainable ensemble-based intrusion detection system for software-defined vehicle ad-hoc networks 基于可解释集合的软件定义车辆 ad-hoc 网络入侵检测系统

Cyber Security and Applications Pub Date : 2025-04-01 DOI: 10.1016/j.csa.2025.100090

Shakil Ibne Ahsan , Phil Legg , S.M. Iftekharul Alam

{"title":"An explainable ensemble-based intrusion detection system for software-defined vehicle ad-hoc networks","authors":"Shakil Ibne Ahsan , Phil Legg , S.M. Iftekharul Alam","doi":"10.1016/j.csa.2025.100090","DOIUrl":"10.1016/j.csa.2025.100090","url":null,"abstract":"<div><div>Intrusion Detection Systems (IDS) are widely employed to detect and mitigate external network security events. Vehicle ad-hoc Networks (VANETs) continue to evolve, especially with developments related to Connected Autonomous Vehicles (CAVs). In this study, we explore the detection of cyber threats in vehicle networks through ensemble-based machine learning, to strengthen the performance of the learnt model compared to relying on a single model. We propose a model that uses Random Forest and CatBoost as our main ’investigators’, with Logistic Regression used to then reason on their outputs to make a final decision. To further aid analysis, we use SHAP (SHapley Additive exPlanations) analysis to examine feature importance towards the final decision stage. We use the Vehicular Reference Misbehavior (VeReMi) dataset for our experimentation and observe that our approach improves classification accuracy, and results in fewer misclassifications compared to previous works. Overall, this layered approach to decision-making - combining teamwork among models with an explainable view of why they act as they do - can help to achieve a more reliable and easy-to-understand cyber security solution for smart transportation networks.</div></div>","PeriodicalId":100351,"journal":{"name":"Cyber Security and Applications","volume":"3 ","pages":"Article 100090"},"PeriodicalIF":0.0,"publicationDate":"2025-04-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"143816874","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

引用次数: 0

Enhancing security in IIoT: RFID authentication protocol for edge computing and blockchain-enabled supply chain

Cyber Security and Applications Pub Date : 2025-02-24 DOI: 10.1016/j.csa.2025.100087

Vikash Kumar , Santosh Kumar Das

{"title":"Enhancing security in IIoT: RFID authentication protocol for edge computing and blockchain-enabled supply chain","authors":"Vikash Kumar , Santosh Kumar Das","doi":"10.1016/j.csa.2025.100087","DOIUrl":"10.1016/j.csa.2025.100087","url":null,"abstract":"<div><div>This paper addresses security challenges, especially in the authentication mechanism of Industrial Internet of Things (IIoT)-enabled supply chain systems by proposing an enhanced Radio Frequency Identification (RFID) authentication protocol. The current system faces significant security risks due to increased connectivity and data exchange within supply chain networks. The proposed protocol integrates edge computing and blockchain to ensure secure, efficient mutual authentication between RFID tags and supply chain nodes. By utilizing the real-time processing capabilities of edge computing and the decentralization and immutability of blockchain, the protocol enhances the security of data transmitted in the system. The proposed protocol utilizes lightweight cryptographic functions optimized for resource-constrained edge devices, ensuring secure authentication and data transmission without compromising scalability or efficiency. Permissioned blockchain technology further strengthens trust and transparency in the supply chain by providing a decentralized, tamper-resistant ledger. The protocol employs cryptographic techniques such as a cryptographically secure one-way hash function, random number generation function, and circular shift operations to ensure data integrity and confidentiality, achieving mutual authentication, forward secrecy, and resistance to cryptographic attacks. Formal security analysis of the proposed authentication protocol is performed using the Real-Or-Random (ROR) model. The results demonstrate that the protocol offers superior trade-offs in term of security, computational cost, and communication efficiency compared to existing authentication protocols in this field. Simulation of the protocol is performed using Automated Validation of Internet Security Protocols and Applications (AVISPA) tools. Its lightweight design makes it suitable for real-world application in resource-constrained IIoT environments.</div></div>","PeriodicalId":100351,"journal":{"name":"Cyber Security and Applications","volume":"3 ","pages":"Article 100087"},"PeriodicalIF":0.0,"publicationDate":"2025-02-24","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"143636745","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"OA","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

引用次数: 0

Leveraging blockchain for robust and transparent E-voting systems

Cyber Security and Applications Pub Date : 2025-02-22 DOI: 10.1016/j.csa.2025.100086

Fatima Abo-Akleek , Moad Mowafi , Eyad S. Taqieddin , Ahmed S. Shatnawi

{"title":"Leveraging blockchain for robust and transparent E-voting systems","authors":"Fatima Abo-Akleek , Moad Mowafi , Eyad S. Taqieddin , Ahmed S. Shatnawi","doi":"10.1016/j.csa.2025.100086","DOIUrl":"10.1016/j.csa.2025.100086","url":null,"abstract":"<div><div>Voting is considered one of the most critical actions for proper decision-making in governmental entities, boards of directors, and the financial sector. Many researchers proposed E-voting systems where the voting process is done online or through secure voting stations with high levels of trust for recording and counting the votes. Moreover, with the recent pandemic highlighting the need for remote voting, transitioning to E-voting is becoming even more critical. One way to build such technology is through Blockchain, which can be employed to guarantee the voting system requirements such as reliability, anonymity, decentralization, and privacy. This work proposes a blockchain-based E-voting system that consists of a distributed architecture for the voter, intermediate servers, and blockchain network components. The intermediate servers are mainly used to balance the workload between the voters and the blockchain servers. The system servers apply a scheduling algorithm to distribute the workload amongst themselves. In addition to the distributed architecture, a new algorithm for storing the blocks within each server’s database is introduced. Emphasis is further placed on how these blocks are broadcast to the other servers. Simulation results show a clear difference in execution time when comparing the proposed distributed architecture with the centralized system. In addition, the new proposed blockchain algorithm shows better results in executing the vote-counting task and identifying any corrupted blocks.</div></div>","PeriodicalId":100351,"journal":{"name":"Cyber Security and Applications","volume":"3 ","pages":"Article 100086"},"PeriodicalIF":0.0,"publicationDate":"2025-02-22","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"143508397","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"OA","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

引用次数: 0

Cyber intrusion detection using ensemble of deep learning with prediction scoring based optimized feature sets for IOT networks

Cyber Security and Applications Pub Date : 2025-02-21 DOI: 10.1016/j.csa.2025.100088

Deepesh M. Dhanvijay , Mrinai M. Dhanvijay , Vaishali H. Kamble

{"title":"Cyber intrusion detection using ensemble of deep learning with prediction scoring based optimized feature sets for IOT networks","authors":"Deepesh M. Dhanvijay , Mrinai M. Dhanvijay , Vaishali H. Kamble","doi":"10.1016/j.csa.2025.100088","DOIUrl":"10.1016/j.csa.2025.100088","url":null,"abstract":"<div><div>Detecting intrusions in Internet of Things (IoT) networks is critical for maintaining cybersecurity. Traditional Intrusion Detection Systems (IDS) often face challenges in identifying unknown attacks and tend to have high false positive rates. To address these issues, we propose the Ensemble of Deep Learning Models with Prediction Scoring-based Optimized Feature Sets (EDLM-PSOFS). Our approach begins with data preprocessing utilizing MissForest imputation and label one-hot encoding, effectively managing incomplete and categorical data.</div><div>For feature selection, we employ the Median-based Shapiro-Wilk test alongside Correlation-Adaptive LASSO Regression (CALR) to ensure robust feature extraction. To capture temporal patterns effectively, our ensemble integrates Global Attention Long Short-Term Memory networks (GA-LSTMs), utilizing layered structures, residual connections, and attention mechanisms. Additionally, to enhance interpretability and support decision-making, we incorporate the Exploit Prediction Scoring System (EPSS), which evaluates prediction scores and provides detailed insights, thereby improving overall model performance. This comprehensive methodology aims to strengthen the detection capabilities of IDS in IoT environments, reducing false positives while effectively identifying unknown threats.</div></div>","PeriodicalId":100351,"journal":{"name":"Cyber Security and Applications","volume":"3 ","pages":"Article 100088"},"PeriodicalIF":0.0,"publicationDate":"2025-02-21","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"143577844","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"OA","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

引用次数: 0

Deep learning-driven defense strategies for mitigating DDoS attacks in cloud computing environments

Cyber Security and Applications Pub Date : 2025-01-10 DOI: 10.1016/j.csa.2025.100085

Doaa Mohsin Abd Ali Afraji , Jaime Lloret , Lourdes Peñalver

{"title":"Deep learning-driven defense strategies for mitigating DDoS attacks in cloud computing environments","authors":"Doaa Mohsin Abd Ali Afraji , Jaime Lloret , Lourdes Peñalver","doi":"10.1016/j.csa.2025.100085","DOIUrl":"10.1016/j.csa.2025.100085","url":null,"abstract":"<div><div>The kind of cyber threat prevalent and most dangerous to networked systems is the Distributed Denial of Service (DDoS), especially with expanded connection of Internet of Things (IoT) devices. This article categorizes DDoS attacks into three primary types: volumetric, protocol based and application layer of cyber attacks. It discusses the application of security threats that arise from the use of the DL models, accusing recently introduced ideas and stressing pitfalls: the issues of data and methods scarcity. There is the same need for the greater use of explainable and transparent AI to improve confidence in such security systems as is noted in the review. It also reveals that present detection performance is constrained and frequently obstructed by the poor quality of the datasets. The future work is proposed to build superior datasets and use accurate algorithm to improve the security models. This paper focuses on explainability as a way of making the AI model creation process and any consequent decisions explainable and transparent. The use of deep learning enhances the capability of cybersecurity in handling DDoS attacks and preventing or controlling them. But it has to be a part of a more large-scope platform, based on multiple types of longitudinal or cross-sectional data combined with high efficiency, explainable AI. The article ends with call to proceed with studying and advancing the AI application in response to new threats, and make the most of it to enhance protection of the contemporary networked environment.</div></div>","PeriodicalId":100351,"journal":{"name":"Cyber Security and Applications","volume":"3 ","pages":"Article 100085"},"PeriodicalIF":0.0,"publicationDate":"2025-01-10","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"143178619","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"OA","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

引用次数: 0

Privacy-preserving security of IoT networks: A comparative analysis of methods and applications

Cyber Security and Applications Pub Date : 2025-01-06 DOI: 10.1016/j.csa.2025.100084

Abubakar Wakili, Sara Bakkali

{"title":"Privacy-preserving security of IoT networks: A comparative analysis of methods and applications","authors":"Abubakar Wakili, Sara Bakkali","doi":"10.1016/j.csa.2025.100084","DOIUrl":"10.1016/j.csa.2025.100084","url":null,"abstract":"<div><div>The Internet of Things (IoT) connects devices to enhance efficiency, productivity, and quality of life. However, deploying IoT networks introduces critical privacy and security challenges, including resource constraints, scalability issues, interoperability gaps, and risks to data privacy. Addressing these challenges is vital to ensure the reliability and trustworthiness of IoT applications. This study provides a comprehensive analysis of privacy-preserving security methods, evaluating cryptography, blockchain, machine learning, and fog/edge computing against performance indicators such as scalability, efficiency, robustness, and usability. Through a structured literature review and thorough data analysis, the study reveals that while cryptography offers high security, it faces scalability challenges; blockchain excels in decentralization but struggles with efficiency; machine learning provides adaptive intelligence but raises privacy concerns; and fog/edge computing delivers low-latency processing yet encounters operational complexities. The findings highlight the importance of adopting a hybrid approach that combines the strengths of various methods to overcome their limitations. This study serves as a valuable resource for academia, industry professionals, and policymakers, providing guidance to strengthen IoT infrastructures and influence the direction of future research.</div></div>","PeriodicalId":100351,"journal":{"name":"Cyber Security and Applications","volume":"3 ","pages":"Article 100084"},"PeriodicalIF":0.0,"publicationDate":"2025-01-06","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"143178618","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"OA","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

引用次数: 0

Earthworm optimization algorithm based cascade LSTM-GRU model for android malware detection

Cyber Security and Applications Pub Date : 2025-01-02 DOI: 10.1016/j.csa.2024.100083

Brij B. Gupta , Akshat Gaurav , Varsha Arya , Shavi Bansal , Razaz Waheeb Attar , Ahmed Alhomoud , Konstantinos Psannis

引用次数: 0

A survey on intrusion detection system in IoT networks

Cyber Security and Applications Pub Date : 2024-12-20 DOI: 10.1016/j.csa.2024.100082

Md Mahbubur Rahman , Shaharia Al Shakil , Mizanur Rahman Mustakim

{"title":"A survey on intrusion detection system in IoT networks","authors":"Md Mahbubur Rahman , Shaharia Al Shakil , Mizanur Rahman Mustakim","doi":"10.1016/j.csa.2024.100082","DOIUrl":"10.1016/j.csa.2024.100082","url":null,"abstract":"<div><div>As the Internet of Things (IoT) expands, the security of IoT networks has becoming more critical. Intrusion Detection Systems (IDS) are essential for protecting these networks against malicious activities. Artificial intelligence, with its adaptive and self-learning capabilities, has emerged as a promising approach to enhancing intrusion detection in IoT environments. Machine learning facilitates dynamic threat identification, reduces false positives, and addresses evolving vulnerabilities. This survey provides an analysis of contemporary intrusion detection techniques, models, and their performances in IoT networks, offering insights into IDS design and implementation. It reviews data extraction techniques, useful matrices, and loss functions in IDS for IoT networks, ranking top-cited algorithms and categorizing IDS studies based on different approaches. The survey evaluates various datasets used in IoT intrusion detection, examining their attributes, benefits, and drawbacks, and emphasizes performance metrics and computational efficiency, providing insights into IDS effectiveness and practicality. Standardized evaluation metrics and real-world testing are stressed to ensure reliability. Additionally, the survey identifies significant challenges and open issues in ML and DL-based IDS for IoT networks, such as computational complexity and high false positive rates, and recommends potential research directions, emerging trends, and perspectives for future work. This forward-looking perspective aids in shaping the future direction of research in this dynamic field, emphasizing the need for lightweight, efficient IDS models suitable for resource- constrained IoT devices and the importance of comprehensive, representative datasets.</div></div>","PeriodicalId":100351,"journal":{"name":"Cyber Security and Applications","volume":"3 ","pages":"Article 100082"},"PeriodicalIF":0.0,"publicationDate":"2024-12-20","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"143178616","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"OA","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

引用次数: 0

Comparison of mitigating DDoS attacks in software defined networking and IoT platforms

Cyber Security and Applications Pub Date : 2024-12-08 DOI: 10.1016/j.csa.2024.100080

Sivanesan. N , N. Parthiban , S. Vijay , S.N. Sheela

{"title":"Comparison of mitigating DDoS attacks in software defined networking and IoT platforms","authors":"Sivanesan. N , N. Parthiban , S. Vijay , S.N. Sheela","doi":"10.1016/j.csa.2024.100080","DOIUrl":"10.1016/j.csa.2024.100080","url":null,"abstract":"<div><div>The Software-Defined Networking (SDN) paradigm redefines the term \"network\" by enabling network managers to programmatically initialize, control, alter, and govern network behavior. Network engineers benefit from SDN's ability to rapidly track networks, centrally manage networks, and quickly and effectively detect malicious traffic and connection failure. The attacker will have total control over the system if he is able to access the main controller. The system's resources can be completely exhausted by Distributed Denial of Service (DDoS) assaults, rendering the controller's services entirely unavailable. The low computational and power capabilities of everyday Internet of Things (IoT) devices render the controller highly susceptible to these attacks; the IoT ecosystem prioritizes functionality over security features, making DDoS attacks a significant problem. This paper conducts a comparative study on the use of machine learning (ML) to mitigate DDoS attack traffic, distinguishing it from benign traffic. This is done to prevent several assaults and to provide mitigation security threats in the network, according to specific requirements. So, the study used machine learning-based techniques to make both traditional and SDN-IoT environments less vulnerable to DDoS attacks. Therefore, the primary goals of the comparative study are to determine which SDN and SDN-IoT platform is better at detecting DDoS attacks and to evaluate how well both platforms work when combined with ML techniques.</div></div>","PeriodicalId":100351,"journal":{"name":"Cyber Security and Applications","volume":"3 ","pages":"Article 100080"},"PeriodicalIF":0.0,"publicationDate":"2024-12-08","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"143178614","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"OA","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

引用次数: 0

Software defined network and graph neural network-based anomaly detection scheme for high speed networks

Cyber Security and Applications Pub Date : 2024-11-30 DOI: 10.1016/j.csa.2024.100079

Archan Dadhania , Poojan Dave , Jitendra Bhatia , Rachana Mehta , Malaram Kumhar , Sudeep Tanwar , Abdulatif Alabdulatif

{"title":"Software defined network and graph neural network-based anomaly detection scheme for high speed networks","authors":"Archan Dadhania , Poojan Dave , Jitendra Bhatia , Rachana Mehta , Malaram Kumhar , Sudeep Tanwar , Abdulatif Alabdulatif","doi":"10.1016/j.csa.2024.100079","DOIUrl":"10.1016/j.csa.2024.100079","url":null,"abstract":"<div><div>In recent years, the proliferation of Software-Defined Networking (SDN) has revolutionized network management and operation. However, with SDN’s increased connectivity and dynamic nature, security threats like Denial-of-Service (DoS) attacks have also evolved, posing significant challenges to network administrators. This research uses the GraphSAGE algorithm to improve DoS attack detection using SDN and Graph Neural Network (GNN) to address the abovementioned problems. The study further explores the effectiveness of four anomaly detection techniques - Histogram-Based Outlier Score (HBOS), Cluster-Based Local Outlier Factor (CBLOF), Isolation Forest (IF), and Principal Component Analysis (PCA) - to identify and mitigate potential DoS attacks accurately. Through extensive experimentation and evaluation, the proposed framework achieves an better accuracy of detecting the anomalies than one without GraphSAGE model underscoring its potential to strengthen the security of SDN architectures against DoS attacks.</div></div>","PeriodicalId":100351,"journal":{"name":"Cyber Security and Applications","volume":"3 ","pages":"Article 100079"},"PeriodicalIF":0.0,"publicationDate":"2024-11-30","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"143177278","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"OA","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

引用次数: 0