Cyber Security and Applications最新文献

{"title":"A comprehensive literature review on ransomware detection using deep learning","authors":"Er. Kritika","doi":"10.1016/j.csa.2024.100078","DOIUrl":"10.1016/j.csa.2024.100078","url":null,"abstract":"<div><div>The manifold rise in ransomware attacks noted highest in 2023 posing a serious trepidation for cyber professionals to be active watchdogs of the early detection techniques. Ransomware is a type of malware often used to encrypt the confidential user files and network and demanding a hefty ransome to decrypt it. The emergence of modern day technologies like artificial intelligence making it unchallenging for the novice attackers to use service platform such as RaaS to conduct the ransomware attack and victimize gullible individuals and organisations often demanding ransom in millions and billions. There exists the need to mitigate strategies using frameworks to combat such threats like deep learning which uses neural network to process and learn new information and train models on preprocessed data. The paper delves into providing the literature review on ransomware detection using deep learning techniques.</div></div>","PeriodicalId":100351,"journal":{"name":"Cyber Security and Applications","volume":"3 ","pages":"Article 100078"},"PeriodicalIF":0.0,"publicationDate":"2024-11-30","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"143177277","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"OA","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"Enhancing cybersecurity resilience through advanced red-teaming exercises and MITRE ATT&CK framework integration: A paradigm shift in cybersecurity assessment","authors":"Semi Yulianto,&nbsp;Benfano Soewito,&nbsp;Ford Lumban Gaol,&nbsp;Aditya Kurniawan","doi":"10.1016/j.csa.2024.100077","DOIUrl":"10.1016/j.csa.2024.100077","url":null,"abstract":"<div><div>As cybersecurity threats evolve alarmingly, conventional defense strategies are becoming increasingly ineffective. In response to this urgent challenge, our study presents a transformative approach to red-teaming exercises by integrating the MITRE ATT&amp;CK framework. This innovative integration leverages real-world attacker tactics and behaviors to create highly realistic scenarios that rigorously test defenses and uncover previously unidentified vulnerabilities. Our comprehensive evaluation demonstrates a significant enhancement in the realism and effectiveness of red-teaming, leading to improved vulnerability identification and the generation of actionable insights for proactive remediation. This study uniquely contributes by providing a structured, data-driven methodology that aligns current defenses with emerging threat tactics and promotes continuous improvement in cybersecurity resilience. Such advancements are essential for organizations seeking to stay ahead of attackers and maintain robust cyber defenses in dynamic threat environments. The significance of this study lies in offering a structured approach to strengthen cybersecurity resilience against evolving threats and providing a model for continual defense enhancement. Future research should investigate the impact of this integration on long-term cybersecurity strategies.</div></div>","PeriodicalId":100351,"journal":{"name":"Cyber Security and Applications","volume":"3 ","pages":"Article 100077"},"PeriodicalIF":0.0,"publicationDate":"2024-11-07","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"143178613","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"OA","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"Towards superior android ransomware detection: An ensemble machine learning perspective","authors":"Md. Alamgir Hossain ,&nbsp;Tahmid Hasan ,&nbsp;Fahad Ahmed ,&nbsp;Sheikh Hasib Cheragee ,&nbsp;Muntasir Hasan Kanchan ,&nbsp;Md Alimul Haque","doi":"10.1016/j.csa.2024.100076","DOIUrl":"10.1016/j.csa.2024.100076","url":null,"abstract":"<div><div>Ransomware remains a pervasive threat to Android devices, with its ability to encrypt critical data and demand ransoms causing significant disruptions to users and organizations alike. This research proposes a novel ensemble-based machine learning approach for the detection of Android ransomware, leveraging the strengths of multiple classifiers to enhance detection accuracy and robustness. Utilizing a comprehensive dataset comprising 203,556 network traffic records across 10 distinct ransomware types and benign traffic, we meticulously preprocess and feature-engineer the data to ensure optimal model performance. The methodology integrates various ensemble classifiers, evaluating each through rigorous cross-validation. Feature importance analysis using Random Forest identifies key indicators of ransomware activity, enabling us to refine our models and focus on the most predictive features. The results demonstrate that the ensemble models, particularly Bagging, achieve near-perfect detection rates, with precision, recall, and F1 scores consistently exceeding 99% for different binary attacks and multi-class classification. Finally, in-depth statistical analysis further validates the superiority of our approach, showcasing significant improvements over traditional machine learning methods. This research sets a new benchmark for Android ransomware detection, offering a robust, scalable, and highly accurate solution that enhances the security and resilience of mobile networks against evolving cyber threats.</div></div>","PeriodicalId":100351,"journal":{"name":"Cyber Security and Applications","volume":"3 ","pages":"Article 100076"},"PeriodicalIF":0.0,"publicationDate":"2024-10-21","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"142538562","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"OA","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"Novel hybrid deep learning based cyber security threat detection model with optimization algorithm","authors":"S. Markkandeyan,&nbsp;A. Dennis Ananth,&nbsp;M. Rajakumaran,&nbsp;R.G. Gokila,&nbsp;R. Venkatesan,&nbsp;B. Lakshmi","doi":"10.1016/j.csa.2024.100075","DOIUrl":"10.1016/j.csa.2024.100075","url":null,"abstract":"<div><div>In order to continuously provide services to the company, the Internet of Things (IoT) connects the hardware, software, storing data, and applications that could be utilized as a new port of entry for cyber-attacks. The privacy of IoT is presently very vulnerable to virus threats and software piracy. Threats like this have the potential to capture critical data, harming businesses' finances and reputations. We have suggested a hybrid Deep Learning (DL) strategy in this study to identify malware-infected programs and files that have been illegally distributed over the IoT environment. To detect illegal content utilizing Source code (SC) duplication, the Adaptive TensorFlow deep neural network with Improved Particle Swarm Optimization (IPSO) is suggested. This novel hybrid strategy improves cyber security by fusing cutting-edge DL with optimization methods, providing more effective and accurate detection. With a strong solution for real-time threat identification, the model handles the complexity of contemporary cyberthreats. To highlight the significance of the proxy regarding the SC duplication, the noisy data is filtered using the tokenization and weighting feature approaches. After that, duplication in SC is found using a DL method. To look into software piracy, the dataset was gathered via Google Code Jam (GCJ). Additionally, using the visual representation of color images, the Enhanced Long Short-Term Memory (E-LSTM) was employed to identify suspicious actions in the IoT environment. The Maling dataset is used to gather the malware samples required for testing. The experimental findings show that, in terms of categorization, the suggested method for evaluating cybersecurity threats in IoT surpasses conventional approaches.</div></div>","PeriodicalId":100351,"journal":{"name":"Cyber Security and Applications","volume":"3 ","pages":"Article 100075"},"PeriodicalIF":0.0,"publicationDate":"2024-10-20","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"142529479","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"OA","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"Addressing cybersecurity challenges in robotics: A comprehensive overview","authors":"Jibrilla Abubakar Tanimu ,&nbsp;Wafia Abada","doi":"10.1016/j.csa.2024.100074","DOIUrl":"10.1016/j.csa.2024.100074","url":null,"abstract":"<div><div>As robotics technology becomes increasingly integrated into various sectors, ensuring the cybersecurity of robotic systems is paramount. This article provides an in-depth exploration of the cybersecurity challenges confronting robotics and offers strategies to address these concerns. With the growing connectivity and networking capabilities of robots, vulnerabilities such as unauthorized access, data breaches, and network attacks are significant threats [<span><span>1</span></span>]. Protecting sensitive data collected and processed by robots is crucial to preserving privacy and trust. Remote access features, while enhancing operational flexibility, also pose security risks if not adequately secured. Weak authentication mechanisms and insecure interfaces could allow malicious actors to compromise robot functionality. Furthermore, robots are susceptible to malware and cyber-attacks, including viruses, worms, and ransomware. To mitigate these risks, a comprehensive approach is necessary, incorporating secure design principles, robust authentication mechanisms, encryption techniques, and cybersecurity training. Collaboration among industry stakeholders, researchers, policymakers, and cybersecurity experts is essential to develop resilient robotic systems capable of withstanding evolving cyber threats. This article underscores the importance of addressing cybersecurity challenges in robotics to ensure the safety and security of robotic deployments across diverse domains. As robotics technology evolves and becomes integral across various sectors, prioritizing cybersecurity [<span><span>2</span></span>] is crucial to protect these systems from unauthorized access, data breaches, and network attacks. The interconnected nature and remote access features of robots pose significant vulnerabilities. Comprehensive measures, including secure design, encryption, and cybersecurity training, are essential. Collaboration among industry stakeholders, researchers, policymakers, and cybersecurity experts is vital for developing resilient robotic systems. This article highlights the urgent need to address cybersecurity challenges to ensure the safety and integrity of robotic deployments.</div></div>","PeriodicalId":100351,"journal":{"name":"Cyber Security and Applications","volume":"3 ","pages":"Article 100074"},"PeriodicalIF":0.0,"publicationDate":"2024-10-03","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"142446075","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"OA","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"Automatic intrusion detection model with secure data storage on cloud using adaptive cyclic shift transposition with enhanced ANFIS classifier","authors":"Chithanya K V K ,&nbsp;Lokeswara Reddy V．","doi":"10.1016/j.csa.2024.100073","DOIUrl":"10.1016/j.csa.2024.100073","url":null,"abstract":"<div><div>Cloud computing has emerged as a pivotal technology in the computer electronics industry, offering users significant computing power and ample storage space. Security threats pose significant challenges to the progression of cloud computing, hindering its growth in the industry. Detecting intrusions is crucial for protecting cloud environments from harmful attacks. However, due to the complexity and vast amount of network data, building effective intrusion detection systems (IDS) for cloud setups is difficult. Traditional IDS have struggled to effectively mitigate these risks. To overcome these problems, we propose a novel feature selection technique with deep learning classifier-based intrusion detection and avoidance in a cloud environment. The suggested model is divided into four phases: feature selection, pre-processing, classification, and encryption. The initial step involves gathering the data from the dataset and pre-processing it. The Adaptive Walrus Optimization Algorithm (AWO) is then used to choose select optimal features, aiming to mitigate computational complexity and reduce time consumption. These selected features are then fed into an enhanced Adaptive Neuro-Fuzzy Inference System (EANFIS) classifier for accurate classification of normal and intruded data. Following classification, normal data undergoes encryption using the Adaptive Cyclic Shift Transposition (ACST) Algorithm to bolster security.For experimental evaluation two datasets used namely, KDDCup-99 and NSL-KDD. The proposed method notably achieves impressive accuracy rates of 98.47 % for the NSL KDD dataset and 98.97 % for the KDD-CUP99 dataset.</div></div>","PeriodicalId":100351,"journal":{"name":"Cyber Security and Applications","volume":"3 ","pages":"Article 100073"},"PeriodicalIF":0.0,"publicationDate":"2024-09-26","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"142433947","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"OA","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"A comprehensive investigation into robust malware detection with explainable AI","authors":"E. Baghirov","doi":"10.1016/j.csa.2024.100072","DOIUrl":"10.1016/j.csa.2024.100072","url":null,"abstract":"<div><p>In today’s digital world, malware poses a serious threat to security and privacy by stealing sensitive data and disrupting computer systems. Traditional signature-based detection methods have become inefficient and time-consuming. However, data-driven AI techniques, particularly machine learning (ML) and deep learning (DL), have shown effectiveness in detecting malware by analyzing behavioral characteristics. Despite their promising performance, the black-box nature of these models requires improved explainability to facilitate their adoption in real-world applications. This can complicate the ability of cybersecurity experts to evaluate the model’s reliability. In this work, Explainable Artificial Intelligence (XAI) is employed to comprehend and evaluate the decisions made by machine learning models in the detection of malware on Android devices. To evaluate malware detection, experiments were conducted using CICMalDroid dataset by applying ML models like Logistic Regression and several tree algorithms. An overall 94% F1-score was achieved, and interpretable explanations for model decisions were provided, highlighting more critical features that contributed to accurate classifications. It was found that employing XAI techniques can provide valuable insights for malware analysis researchers, enhancing their understanding of the operations of the ML model, rather than solely focusing on improving accuracy.</p></div>","PeriodicalId":100351,"journal":{"name":"Cyber Security and Applications","volume":"3 ","pages":"Article 100072"},"PeriodicalIF":0.0,"publicationDate":"2024-09-05","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"https://www.sciencedirect.com/science/article/pii/S2772918424000389/pdfft?md5=c3732dceff3226e92b2fb39167dfffb9&pid=1-s2.0-S2772918424000389-main.pdf","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"142271591","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"OA","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"Neural secret key enabled secure cloud storage with efficient packet checker algorithm","authors":"Satya Prakash Maurya ,&nbsp;Rahul Mishra ,&nbsp;Upma Kumari","doi":"10.1016/j.csa.2024.100071","DOIUrl":"10.1016/j.csa.2024.100071","url":null,"abstract":"<div><p>Cloud computing technology is utilized for the commercial purpose of implementing virtualization for the storage of data, which is then controlled and made accessible to users via remote servers. With the increased use of various communication devices and direct access to web servers, there is a favorable opportunity to orchestrate attacks and exploit vulnerabilities in a system. Distributed Denial of Service (DDoS) is a commonly used technique employed by attackers in cloud environments. This study introduces a security layer incorporating a Packet Checker Algorithm (PCA) to detect and eliminate counterfeit packets. The algorithm takes into account transmission delay time as well as minimum and maximum thresholds, thereby enhancing the response time of the Intrusion Detection Process (IDP) in a cloud environment that utilizes neural encryption. Neural encryption is used to synchronize neural networks and create new public channel protocols for a secure cloud storage paradigm. This study greatly expands upon the hop count inspection and filtering method. It incorporates the time slot filtering function and implements a unique key set to differentiate between genuine packets and falsified packets. This novel methodology has the capability to detect Distributed Denial of Service (DDoS) attacks and related anomalies during the initial phases of data transmission. The technique considers Time-to-Live (TTL), Hope count, and Transmission-Delay-Time as crucial components.</p></div>","PeriodicalId":100351,"journal":{"name":"Cyber Security and Applications","volume":"3 ","pages":"Article 100071"},"PeriodicalIF":0.0,"publicationDate":"2024-08-20","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"https://www.sciencedirect.com/science/article/pii/S2772918424000377/pdfft?md5=6b28723533b3bd31b017b0c813de15c5&pid=1-s2.0-S2772918424000377-main.pdf","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"142048557","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"OA","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"An effective steganographic technique for hiding the image data using the LSB technique","authors":"Rasmita Panigrahi,&nbsp;Neelamadhab Padhy","doi":"10.1016/j.csa.2024.100069","DOIUrl":"10.1016/j.csa.2024.100069","url":null,"abstract":"<div><p>Steganography is the art and science of writing secret messages so that neither the sender nor the intended recipient knows there is a hidden message. Data hiding is the art of hiding data for various reasons, such as keeping private data, secure, confidential data, etc. With increasing data exchange over a computer network, information security has become a significant issue. There are many methods used for data hiding, and steganography is a well-known technique. Steganography is the art of invisible contact and science. Steganography is the process through which the presence of a message can be kept secret. The objective of this paper is to hide data using the LSB (Least Significant Bit) technique into images that can be detected only by the specified user. We have developed a user-friendly GUI such that it can be used with the utmost ease. This paper is motivated to hide the message stated by the user in the dialog box given within the picture. The secret text is converted to the ciphertext to make it more stable. The sender selects the cover image, and it is used to generate the secured Stegno image, which is identical to the cover image. With the support of a private or public communication network, on the other hand, the stegno image can be saved and sent to the designated user, i.e., the recipient downloads the stegno image and can retrieve the secret text concealed in the stegno image using that same application. As for the watermarking, we have visible and invisible we have used the same LSB technique. In visible watermarking, text or image is embedded in the cover image, which can be noticed easily. As for invisible watermarking, some specific text is inserted into an image, and while retrieving it, it generates a QR code^, which can be scanned to get the watermarked text. We used the three different types of cover images i.e. Gray, and RGB also estimated the performance metrics. SNR, MSE, and PSNR the three performance metrics are used, and found that PSNR achieved good results i.e.,71.4733. The RGB image with the hidden text is achieved up to 77.6697</p></div>","PeriodicalId":100351,"journal":{"name":"Cyber Security and Applications","volume":"3 ","pages":"Article 100069"},"PeriodicalIF":0.0,"publicationDate":"2024-08-14","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"https://www.sciencedirect.com/science/article/pii/S2772918424000353/pdfft?md5=e83d969acfb0f296fe3d6ae7993700c9&pid=1-s2.0-S2772918424000353-main.pdf","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"142011227","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"OA","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"Bankruptcy forecasting in enterprises and its security using hybrid deep learning models","authors":"Akshat Gaurav ,&nbsp;Brij B. Gupta ,&nbsp;Shavi Bansal ,&nbsp;Konstantinos E. Psannis","doi":"10.1016/j.csa.2024.100070","DOIUrl":"10.1016/j.csa.2024.100070","url":null,"abstract":"<div><div>In current scenario when economic and risk management sectors need accurate predictions of enterprise bankruptcy, it is very importance issue to research in the field of security of enterprise bankruptcy. In this context, we propose an hybrid deep learning model through the use of convolutional neural network to enhance bankruptcy forecasting models. We address the high-dimensional data and imbalanced problems by introducing feature selection strategically and Synthetic Minority Over-sampling Technique (SMOTE). In a comparative evaluation, the performance of our model is over 81 %, which is better than that for Logistic Regression and Support Vector Machines. This leap in accuracy demonstrates the cutting edge unprecedented ability of our model to decrypt complex financial patterns and establishes a new precedent for deep learning applications in the nuanced field of financial analytics.</div></div>","PeriodicalId":100351,"journal":{"name":"Cyber Security and Applications","volume":"3 ","pages":"Article 100070"},"PeriodicalIF":0.0,"publicationDate":"2024-08-10","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"143178615","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"OA","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}