Cyber Security and Applications最新文献

{"title":"Addressing cybersecurity challenges in robotics: A comprehensive overview","authors":"Jibrilla Abubakar Tanimu ,&nbsp;Wafia Abada","doi":"10.1016/j.csa.2024.100074","DOIUrl":"10.1016/j.csa.2024.100074","url":null,"abstract":"<div><div>As robotics technology becomes increasingly integrated into various sectors, ensuring the cybersecurity of robotic systems is paramount. This article provides an in-depth exploration of the cybersecurity challenges confronting robotics and offers strategies to address these concerns. With the growing connectivity and networking capabilities of robots, vulnerabilities such as unauthorized access, data breaches, and network attacks are significant threats [<span><span>1</span></span>]. Protecting sensitive data collected and processed by robots is crucial to preserving privacy and trust. Remote access features, while enhancing operational flexibility, also pose security risks if not adequately secured. Weak authentication mechanisms and insecure interfaces could allow malicious actors to compromise robot functionality. Furthermore, robots are susceptible to malware and cyber-attacks, including viruses, worms, and ransomware. To mitigate these risks, a comprehensive approach is necessary, incorporating secure design principles, robust authentication mechanisms, encryption techniques, and cybersecurity training. Collaboration among industry stakeholders, researchers, policymakers, and cybersecurity experts is essential to develop resilient robotic systems capable of withstanding evolving cyber threats. This article underscores the importance of addressing cybersecurity challenges in robotics to ensure the safety and security of robotic deployments across diverse domains. As robotics technology evolves and becomes integral across various sectors, prioritizing cybersecurity [<span><span>2</span></span>] is crucial to protect these systems from unauthorized access, data breaches, and network attacks. The interconnected nature and remote access features of robots pose significant vulnerabilities. Comprehensive measures, including secure design, encryption, and cybersecurity training, are essential. Collaboration among industry stakeholders, researchers, policymakers, and cybersecurity experts is vital for developing resilient robotic systems. This article highlights the urgent need to address cybersecurity challenges to ensure the safety and integrity of robotic deployments.</div></div>","PeriodicalId":100351,"journal":{"name":"Cyber Security and Applications","volume":"3 ","pages":"Article 100074"},"PeriodicalIF":0.0,"publicationDate":"2024-10-03","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"142446075","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"OA","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"Automatic intrusion detection model with secure data storage on cloud using adaptive cyclic shift transposition with enhanced ANFIS classifier","authors":"Chithanya K V K ,&nbsp;Lokeswara Reddy V．","doi":"10.1016/j.csa.2024.100073","DOIUrl":"10.1016/j.csa.2024.100073","url":null,"abstract":"<div><div>Cloud computing has emerged as a pivotal technology in the computer electronics industry, offering users significant computing power and ample storage space. Security threats pose significant challenges to the progression of cloud computing, hindering its growth in the industry. Detecting intrusions is crucial for protecting cloud environments from harmful attacks. However, due to the complexity and vast amount of network data, building effective intrusion detection systems (IDS) for cloud setups is difficult. Traditional IDS have struggled to effectively mitigate these risks. To overcome these problems, we propose a novel feature selection technique with deep learning classifier-based intrusion detection and avoidance in a cloud environment. The suggested model is divided into four phases: feature selection, pre-processing, classification, and encryption. The initial step involves gathering the data from the dataset and pre-processing it. The Adaptive Walrus Optimization Algorithm (AWO) is then used to choose select optimal features, aiming to mitigate computational complexity and reduce time consumption. These selected features are then fed into an enhanced Adaptive Neuro-Fuzzy Inference System (EANFIS) classifier for accurate classification of normal and intruded data. Following classification, normal data undergoes encryption using the Adaptive Cyclic Shift Transposition (ACST) Algorithm to bolster security.For experimental evaluation two datasets used namely, KDDCup-99 and NSL-KDD. The proposed method notably achieves impressive accuracy rates of 98.47 % for the NSL KDD dataset and 98.97 % for the KDD-CUP99 dataset.</div></div>","PeriodicalId":100351,"journal":{"name":"Cyber Security and Applications","volume":"3 ","pages":"Article 100073"},"PeriodicalIF":0.0,"publicationDate":"2024-09-26","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"142433947","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"OA","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"A comprehensive investigation into robust malware detection with explainable AI","authors":"E. Baghirov","doi":"10.1016/j.csa.2024.100072","DOIUrl":"10.1016/j.csa.2024.100072","url":null,"abstract":"<div><p>In today’s digital world, malware poses a serious threat to security and privacy by stealing sensitive data and disrupting computer systems. Traditional signature-based detection methods have become inefficient and time-consuming. However, data-driven AI techniques, particularly machine learning (ML) and deep learning (DL), have shown effectiveness in detecting malware by analyzing behavioral characteristics. Despite their promising performance, the black-box nature of these models requires improved explainability to facilitate their adoption in real-world applications. This can complicate the ability of cybersecurity experts to evaluate the model’s reliability. In this work, Explainable Artificial Intelligence (XAI) is employed to comprehend and evaluate the decisions made by machine learning models in the detection of malware on Android devices. To evaluate malware detection, experiments were conducted using CICMalDroid dataset by applying ML models like Logistic Regression and several tree algorithms. An overall 94% F1-score was achieved, and interpretable explanations for model decisions were provided, highlighting more critical features that contributed to accurate classifications. It was found that employing XAI techniques can provide valuable insights for malware analysis researchers, enhancing their understanding of the operations of the ML model, rather than solely focusing on improving accuracy.</p></div>","PeriodicalId":100351,"journal":{"name":"Cyber Security and Applications","volume":"3 ","pages":"Article 100072"},"PeriodicalIF":0.0,"publicationDate":"2024-09-05","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"https://www.sciencedirect.com/science/article/pii/S2772918424000389/pdfft?md5=c3732dceff3226e92b2fb39167dfffb9&pid=1-s2.0-S2772918424000389-main.pdf","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"142271591","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"OA","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"Neural secret key enabled secure cloud storage with efficient packet checker algorithm","authors":"Satya Prakash Maurya ,&nbsp;Rahul Mishra ,&nbsp;Upma Kumari","doi":"10.1016/j.csa.2024.100071","DOIUrl":"10.1016/j.csa.2024.100071","url":null,"abstract":"<div><p>Cloud computing technology is utilized for the commercial purpose of implementing virtualization for the storage of data, which is then controlled and made accessible to users via remote servers. With the increased use of various communication devices and direct access to web servers, there is a favorable opportunity to orchestrate attacks and exploit vulnerabilities in a system. Distributed Denial of Service (DDoS) is a commonly used technique employed by attackers in cloud environments. This study introduces a security layer incorporating a Packet Checker Algorithm (PCA) to detect and eliminate counterfeit packets. The algorithm takes into account transmission delay time as well as minimum and maximum thresholds, thereby enhancing the response time of the Intrusion Detection Process (IDP) in a cloud environment that utilizes neural encryption. Neural encryption is used to synchronize neural networks and create new public channel protocols for a secure cloud storage paradigm. This study greatly expands upon the hop count inspection and filtering method. It incorporates the time slot filtering function and implements a unique key set to differentiate between genuine packets and falsified packets. This novel methodology has the capability to detect Distributed Denial of Service (DDoS) attacks and related anomalies during the initial phases of data transmission. The technique considers Time-to-Live (TTL), Hope count, and Transmission-Delay-Time as crucial components.</p></div>","PeriodicalId":100351,"journal":{"name":"Cyber Security and Applications","volume":"3 ","pages":"Article 100071"},"PeriodicalIF":0.0,"publicationDate":"2024-08-20","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"https://www.sciencedirect.com/science/article/pii/S2772918424000377/pdfft?md5=6b28723533b3bd31b017b0c813de15c5&pid=1-s2.0-S2772918424000377-main.pdf","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"142048557","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"OA","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"An effective steganographic technique for hiding the image data using the LSB technique","authors":"Rasmita Panigrahi,&nbsp;Neelamadhab Padhy","doi":"10.1016/j.csa.2024.100069","DOIUrl":"10.1016/j.csa.2024.100069","url":null,"abstract":"<div><p>Steganography is the art and science of writing secret messages so that neither the sender nor the intended recipient knows there is a hidden message. Data hiding is the art of hiding data for various reasons, such as keeping private data, secure, confidential data, etc. With increasing data exchange over a computer network, information security has become a significant issue. There are many methods used for data hiding, and steganography is a well-known technique. Steganography is the art of invisible contact and science. Steganography is the process through which the presence of a message can be kept secret. The objective of this paper is to hide data using the LSB (Least Significant Bit) technique into images that can be detected only by the specified user. We have developed a user-friendly GUI such that it can be used with the utmost ease. This paper is motivated to hide the message stated by the user in the dialog box given within the picture. The secret text is converted to the ciphertext to make it more stable. The sender selects the cover image, and it is used to generate the secured Stegno image, which is identical to the cover image. With the support of a private or public communication network, on the other hand, the stegno image can be saved and sent to the designated user, i.e., the recipient downloads the stegno image and can retrieve the secret text concealed in the stegno image using that same application. As for the watermarking, we have visible and invisible we have used the same LSB technique. In visible watermarking, text or image is embedded in the cover image, which can be noticed easily. As for invisible watermarking, some specific text is inserted into an image, and while retrieving it, it generates a QR code^, which can be scanned to get the watermarked text. We used the three different types of cover images i.e. Gray, and RGB also estimated the performance metrics. SNR, MSE, and PSNR the three performance metrics are used, and found that PSNR achieved good results i.e.,71.4733. The RGB image with the hidden text is achieved up to 77.6697</p></div>","PeriodicalId":100351,"journal":{"name":"Cyber Security and Applications","volume":"3 ","pages":"Article 100069"},"PeriodicalIF":0.0,"publicationDate":"2024-08-14","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"https://www.sciencedirect.com/science/article/pii/S2772918424000353/pdfft?md5=e83d969acfb0f296fe3d6ae7993700c9&pid=1-s2.0-S2772918424000353-main.pdf","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"142011227","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"OA","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"Bankruptcy forecasting in enterprises and its security using hybrid deep learning models","authors":"Akshat Gaurav ,&nbsp;Brij B. Gupta ,&nbsp;Shavi Bansal ,&nbsp;Konstantinos E. Psannis","doi":"10.1016/j.csa.2024.100070","DOIUrl":"10.1016/j.csa.2024.100070","url":null,"abstract":"<div><div>In current scenario when economic and risk management sectors need accurate predictions of enterprise bankruptcy, it is very importance issue to research in the field of security of enterprise bankruptcy. In this context, we propose an hybrid deep learning model through the use of convolutional neural network to enhance bankruptcy forecasting models. We address the high-dimensional data and imbalanced problems by introducing feature selection strategically and Synthetic Minority Over-sampling Technique (SMOTE). In a comparative evaluation, the performance of our model is over 81 %, which is better than that for Logistic Regression and Support Vector Machines. This leap in accuracy demonstrates the cutting edge unprecedented ability of our model to decrypt complex financial patterns and establishes a new precedent for deep learning applications in the nuanced field of financial analytics.</div></div>","PeriodicalId":100351,"journal":{"name":"Cyber Security and Applications","volume":"3 ","pages":"Article 100070"},"PeriodicalIF":0.0,"publicationDate":"2024-08-10","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"143178615","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"OA","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"Federated learning-based intrusion detection system for the internet of things using unsupervised and supervised deep learning models","authors":"Babatunde Olanrewaju-George ,&nbsp;Bernardi Pranggono","doi":"10.1016/j.csa.2024.100068","DOIUrl":"10.1016/j.csa.2024.100068","url":null,"abstract":"<div><p>The adoption of the Internet of Things (IoT) in our technology-driven society is hindered by security and data privacy challenges. To address these issues, Artificial Intelligence (AI) techniques such as Machine Learning (ML) and Deep Learning (DL) can be applied to build Intrusion Detection Systems (IDS) that help securing IoT networks. Federated Learning (FL) is a decentralized approach that can enhance performance and privacy of the data by training IDS on individual connected devices. This study proposes the use of unsupervised and supervised DL models trained via FL to develop IDS for IoT devices. The performance of FL-trained models is compared to models trained via non-FL using the N-BaIoT dataset of nine IoT devices. To improve the accuracy of DL models, a randomized search hyperparameter optimization is performed. Various performance metrics are used to evaluate the prediction results. The results indicate that the unsupervised AutoEncoder (AE) model trained via FL is the best overall in terms of all metrics, based on testing both FL and non-FL trained models on all nine IoT devices.</p></div>","PeriodicalId":100351,"journal":{"name":"Cyber Security and Applications","volume":"3 ","pages":"Article 100068"},"PeriodicalIF":0.0,"publicationDate":"2024-08-03","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"https://www.sciencedirect.com/science/article/pii/S2772918424000341/pdfft?md5=48d2bf0e58e547f6db91e198b3e50c2e&pid=1-s2.0-S2772918424000341-main.pdf","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"141953402","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"OA","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"EMAKAS: An efficient three-factor mutual authentication and key-agreement scheme for IoT environment","authors":"Tinashe Magara ,&nbsp;Yousheng Zhou","doi":"10.1016/j.csa.2024.100066","DOIUrl":"10.1016/j.csa.2024.100066","url":null,"abstract":"<div><p>The adoption of IoT in healthcare revolutionizes remote patient monitoring and healthcare efficiency. Yet, it brings notable security and privacy challenges, particularly in resource-constrained environment. We propose a secure and efficient three-factor lightweight mutual authentication and key agreement scheme, designed for IoT-based smart healthcare systems, addressing these critical concerns. The scheme employs a fuzzy extractor, a one-way hash function, Elliptic Curve Discrete Logarithm and XOR operations for efficient cryptographic transformations, creating a robust framework for secure data handling. The scheme's design focuses on security and privacy while minimizing computational demands, making it ideal for resource-constrained IoT devices. We utilized both informal and formal security analyses to validate our scheme, employing the Random Oracle Model (ROM), Scyther tool and Burrows-Abadi-Needham (BAN) logic. The security and performance analysis showed that our scheme offers more security features across 15 defined criteria with minimal communication and computational costs compared to other related schemes. The scheme is not only robust against security threats but also practical for implementation in IoT healthcare environment, offering a solution for secure IoT communication by achieving mutual authentication and key agreement with minimized computational requirements.</p></div>","PeriodicalId":100351,"journal":{"name":"Cyber Security and Applications","volume":"3 ","pages":"Article 100066"},"PeriodicalIF":0.0,"publicationDate":"2024-08-02","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"https://www.sciencedirect.com/science/article/pii/S2772918424000328/pdfft?md5=d75e8e032da3467ecc69f9f1bed90b00&pid=1-s2.0-S2772918424000328-main.pdf","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"141953401","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"OA","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"Securing industry 4.0: Assessing cybersecurity challenges and proposing strategies for manufacturing management","authors":"Adel Alqudhaibi ,&nbsp;Majed Albarrak ,&nbsp;Sandeep Jagtap ,&nbsp;Nikki Williams ,&nbsp;Konstantinos Salonitis","doi":"10.1016/j.csa.2024.100067","DOIUrl":"10.1016/j.csa.2024.100067","url":null,"abstract":"<div><p>Industry 4.0 represents the foundation of the fourth industrial revolution, characterised by the integration of innovative technology into the manufacturing process. This integration enhances automation, diagnostics, data analysis, and autonomous decision-making through the networking of equipment and machinery. However, the increased reliance on technology raises concerns about the implementation and maintenance of cybersecurity. This paper aims to address cybersecurity challenges in the manufacturing industry and suggest strategies to reduce risks. In particular, it examines the level of awareness and understanding of cybersecurity issues among manufacturing employees, establishes accountability for cyberattacks, and evaluates the effectiveness of existing industry practices. The current cybersecurity landscape in the manufacturing industry was thoroughly analysed. Data were gathered through surveys, interviews, and case studies to measure awareness, identify knowledge gaps, and assess existing practices. The research findings indicate a significant knowledge gap regarding cybersecurity among manufacturing employees. This vulnerability can be attributed to the lack of funding and training, especially compared to the resources provided to information technology departments and corporate employees. The study emphasises the importance of redirecting cybersecurity resources and protocols towards the manufacturing industry. This paper puts forward a series of recommendations to mitigate risks and safeguard the manufacturing industry.</p></div>","PeriodicalId":100351,"journal":{"name":"Cyber Security and Applications","volume":"3 ","pages":"Article 100067"},"PeriodicalIF":0.0,"publicationDate":"2024-07-29","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"https://www.sciencedirect.com/science/article/pii/S277291842400033X/pdfft?md5=f6386e2daf26b1845c9939c005c7a936&pid=1-s2.0-S277291842400033X-main.pdf","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"141961237","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"OA","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"A survey on scalable consensus algorithms for blockchain technology","authors":"Ankit Kumar Jain ,&nbsp;Nishant Gupta ,&nbsp;Brij B. Gupta","doi":"10.1016/j.csa.2024.100065","DOIUrl":"10.1016/j.csa.2024.100065","url":null,"abstract":"<div><p>The process of reaching an agreement on a value within a distributed network, known as a consensus problem, is a defining feature of blockchain. This consensus problem can be seen in various applications like load balancing, transaction validation in blockchain, and distributed computing. In recent years, many researchers have provided solutions to this problem. Hence we have presented a survey in which we delved into blockchain consensus algorithms and conducted a comparative analysis of all the consensus algorithms to provide information about each protocol’s advantages and drawbacks. This survey starts with the standard proof-of-work consensus protocol applied in bitcoin cryptocurrency and its limitations on the ground of the following parameters: throughput (transactions per second), latency, forks, fault tolerance, double spending attacks, and power consumption. The rest of the consensus algorithms in this paper have been systematically covered to address the limitations of proof-of-work. This paper also covered Raft and PBFT consensus algorithms suitable for permissioned networks. Although the PBFT consensus protocol has a high throughput and a low latency, it has limited node scalability. The PBFT has a low byzantine fault tolerant rate. This paper also covers PoEWAL for blockchain-based IoT applications and WBFT, which prevents corrupt nodes from taking part in consensus. A comparative analysis of the consensus algorithms provides an explicit knowledge of the present research, which also offers guidance for future study.</p></div>","PeriodicalId":100351,"journal":{"name":"Cyber Security and Applications","volume":"3 ","pages":"Article 100065"},"PeriodicalIF":0.0,"publicationDate":"2024-07-08","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"https://www.sciencedirect.com/science/article/pii/S2772918424000316/pdfft?md5=3bf0696549ef3be318eef483a00ad2e8&pid=1-s2.0-S2772918424000316-main.pdf","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"141699980","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"OA","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}