Cyber Security and Applications最新文献_第5页

Enhancing intrusion detection systems through dimensionality reduction: A comparative study of machine learning techniques for cyber security 通过降维增强入侵检测系统：网络安全机器学习技术比较研究

Cyber Security and Applications Pub Date : 2024-01-01 DOI: 10.1016/j.csa.2023.100033

Faisal Nabi , Xujuan Zhou

{"title":"Enhancing intrusion detection systems through dimensionality reduction: A comparative study of machine learning techniques for cyber security","authors":"Faisal Nabi , Xujuan Zhou","doi":"10.1016/j.csa.2023.100033","DOIUrl":"https://doi.org/10.1016/j.csa.2023.100033","url":null,"abstract":"<div><p>Our research aims to improve automated intrusion detection by developing a highly accurate classifier with minimal false alarms. The motivation behind our work is to tackle the challenges of high dimensionality in intrusion detection and enhance the classification performance of classifiers, ultimately leading to more accurate and efficient detection of intrusions. To achieve this, we conduct experiments using the NSL-KDD data set, a widely used benchmark in this domain. This data set comprises approximately 126,000 samples of normal and abnormal network traffic for training and 23,000 samples for testing. Initially, we employ the entire feature set to train classifiers, and the outcomes are promising. Among the classifiers tested, the J48 tree achieves the highest reported accuracy of 79.1 percent. To enhance classifier performance, we explore two projection approaches: Random Projection and PCA. Random Projection yields notable improvements, with the PART algorithm achieving the best-reported accuracy of 82.0 %, outperforming the original feature set. Moreover, random projection proves to be more time-efficient than PCA across most classifiers. Our findings demonstrate the effectiveness of random projection in improving intrusion detection accuracy while reducing training time. This research contributes valuable insights to the cybersecurity field and fosters potential advancements in intrusion detection systems.</p></div>","PeriodicalId":100351,"journal":{"name":"Cyber Security and Applications","volume":"2 ","pages":"Article 100033"},"PeriodicalIF":0.0,"publicationDate":"2024-01-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"https://www.sciencedirect.com/science/article/pii/S2772918423000206/pdfft?md5=ae6a00e76634d3460aa5b1f6385d2247&pid=1-s2.0-S2772918423000206-main.pdf","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"139473265","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"OA","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

引用次数: 0

A three-factor mutual authentication scheme for telecare medical information system based on ECC 基于 ECC 的远程医疗信息系统三因素相互验证方案

Cyber Security and Applications Pub Date : 2024-01-01 DOI: 10.1016/j.csa.2024.100035

Muthukumar Manickam, Ganesh Gopal Devarajan

{"title":"A three-factor mutual authentication scheme for telecare medical information system based on ECC","authors":"Muthukumar Manickam, Ganesh Gopal Devarajan","doi":"10.1016/j.csa.2024.100035","DOIUrl":"10.1016/j.csa.2024.100035","url":null,"abstract":"<div><p>In critical pandemic situations, the Telecare Medical Information System (TMIS) is a technological invention that offers secure and authentic patient registration and medical services remotely. Wireless Body Area Network (WBAN) uses TMIS to facilitate users/patients with remote medical services. Numerous schemes for authentication have been developed for secure and authentic communication to prevent security attacks encompassing replay, impersonation, and forgery attacks. Ryu et al. have proposed an ECC-based mutual authentication scheme in 2022. Nevertheless, through security scheme analysis, we have evidenced that Ryu et al.’s scheme has a trapdoor for insider attacks and privileged insider attacks. Their proposed scheme offers no assurance of server anonymity. In this paper, we propose a three-factor authentication system based on ECC that protects sensitive patient data from getting out during communication and protects against different types of security attacks. We have conducted an informal security analysis to verify that our scheme withstands security attacks.</p></div>","PeriodicalId":100351,"journal":{"name":"Cyber Security and Applications","volume":"2 ","pages":"Article 100035"},"PeriodicalIF":0.0,"publicationDate":"2024-01-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"https://www.sciencedirect.com/science/article/pii/S2772918424000018/pdfft?md5=488b5ffe3a13070d6a2c1d6ac0950539&pid=1-s2.0-S2772918424000018-main.pdf","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"139639243","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"OA","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

引用次数: 0

A novel dual optimized IDS to detect DDoS attack in SDN using hyper tuned RFE and deep grid network 利用超调 RFE 和深度网格网络检测 SDN 中 DDoS 攻击的新型双重优化 IDS

Cyber Security and Applications Pub Date : 2024-01-01 DOI: 10.1016/j.csa.2024.100042

Nalayini C．M． , Jeevaa Katiravan , Geetha S． , Christy Eunaicy J．I．

{"title":"A novel dual optimized IDS to detect DDoS attack in SDN using hyper tuned RFE and deep grid network","authors":"Nalayini C．M． , Jeevaa Katiravan , Geetha S． , Christy Eunaicy J．I．","doi":"10.1016/j.csa.2024.100042","DOIUrl":"10.1016/j.csa.2024.100042","url":null,"abstract":"<div><p>Technological advancement is one of the factors contributing to a rise of susceptible cyberattacks. Distributed denial of service (DDoS) attack reduces the efficiency of network servers by saturating them with unwanted data and preventing authorized clients from accessing them. Due to the centralized architecture of Software Defined Network (SDN), it faces a number of security vulnerabilities. In SDN, DDoS attack is one of the main strikes on the control planes. A novel Optimized Dual Intrusion Detection System is proposed to identify DDoS and Non-DDoS attack more quickly with best proposed models. Hyper Tuned parameter optimization is carried on Logistic Regression, Decision Tree and Random Forest algorithms to find the best parameters. RFE with Repeated Stratified K-fold feature selection is used using the best parameters to reduce the 77 features to 4 features. A novel Deep Grid Network combines hyper-tuned classifiers with 7 other machine learning algorithms to produce 21 models. An ensemble technique uses 6 best models from 21 models for the best prediction of DDoS attack. A new dataset is also generated through Mininet for proper validation of the model.</p></div>","PeriodicalId":100351,"journal":{"name":"Cyber Security and Applications","volume":"2 ","pages":"Article 100042"},"PeriodicalIF":0.0,"publicationDate":"2024-01-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"https://www.sciencedirect.com/science/article/pii/S2772918424000080/pdfft?md5=5933553e559cb05dfdb27a2a1f01f897&pid=1-s2.0-S2772918424000080-main.pdf","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"139878986","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"OA","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

引用次数: 0

A blockchain-based anonymous reporting system with no central authority: Architecture and protocol 基于区块链的匿名报告系统，没有中央机构：架构和协议

Cyber Security and Applications Pub Date : 2023-12-12 DOI: 10.1016/j.csa.2023.100032

Saeed Banaeian Far , Maryam Rajabzadeh Asaar

{"title":"A blockchain-based anonymous reporting system with no central authority: Architecture and protocol","authors":"Saeed Banaeian Far , Maryam Rajabzadeh Asaar","doi":"10.1016/j.csa.2023.100032","DOIUrl":"https://doi.org/10.1016/j.csa.2023.100032","url":null,"abstract":"<div><p>Blockchain technology has emerged as a compelling field of study over the past decade. Nevertheless, certain blockchain-based protocols, particularly those reliant on permissioned blockchains, continue to be under the governance of a central authority (CA). This central authority possesses extensive control capabilities, including the facilitation of user network access, as well as the establishment, connection, and revocation of users to and from the network. Consequently, the majority of policies within these protocols are centrally administered by a singular party. This paper introduces an architectural framework and a specific protocol denoted as the “Anonymous Reporting System with No Central Authority” (<em>ARSnCA</em>) on a public blockchain infrastructure. This design aims to mitigate the challenges posed by untrusted privileged insiders to the <em>ARSnCA</em>. It is hypothesized that this approach can enhance system reliability, fault tolerance, and foster trust among network members. To eliminate the central authority, a concept termed the <em>virtual blockchain</em> (VBC) is implemented as an embedded permissioned blockchain within a permissionless blockchain. Following the removal of the CA, the authorities previously held by the central authority are transferred to the members of the VBC. Comparative analysis and evaluation of the <em>ARSnCA</em> protocol demonstrate a performance advantage, with speeds that are <span><math><mrow><mn>62</mn><mo>%</mo></mrow></math></span> and <span><math><mrow><mn>92</mn><mo>%</mo></mrow></math></span> faster than reporting protocols based on ring signatures and other protocols included in the comparison.</p></div>","PeriodicalId":100351,"journal":{"name":"Cyber Security and Applications","volume":"2 ","pages":"Article 100032"},"PeriodicalIF":0.0,"publicationDate":"2023-12-12","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"https://www.sciencedirect.com/science/article/pii/S277291842300019X/pdfft?md5=1f6844fea28d94053dab460cfbb1fff2&pid=1-s2.0-S277291842300019X-main.pdf","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"138839710","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"OA","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

引用次数: 0

Cyber security: State of the art, challenges and future directions 网络安全：现状、挑战和未来方向

Cyber Security and Applications Pub Date : 2023-10-01 DOI: 10.1016/j.csa.2023.100031

Wasyihun Sema Admass , Yirga Yayeh Munaye , Abebe Abeshu Diro

引用次数: 0

Colour image encryption algorithm using Rubik’s cube scrambling with bitmap shuffling and frame rotation 使用魔方加扰、位图混洗和帧旋转的彩色图像加密算法

Cyber Security and Applications Pub Date : 2023-08-18 DOI: 10.1016/j.csa.2023.100030

Aditi Nair , Diti Dalal , Ramchandra Mangrulkar

引用次数: 1

Increasing embedding capacity of stego images by exploiting edge pixels in prediction error space 利用预测误差空间中的边缘像素提高stego图像的嵌入能力

Cyber Security and Applications Pub Date : 2023-08-09 DOI: 10.1016/j.csa.2023.100028

Habiba Sultana , A.H.M. Kamal , Tasnim Sakib Apon , Md. Golam Rabiul Alam

{"title":"Increasing embedding capacity of stego images by exploiting edge pixels in prediction error space","authors":"Habiba Sultana , A.H.M. Kamal , Tasnim Sakib Apon , Md. Golam Rabiul Alam","doi":"10.1016/j.csa.2023.100028","DOIUrl":"https://doi.org/10.1016/j.csa.2023.100028","url":null,"abstract":"<div><p>In the field of data concealing, edge detection techniques are frequently employed, particularly for improving image quality and data security. These methods, however, have a lower embedding capacity. In order to take advantage of more edge pixels, many strategies are used nowadays. These schemes either combine the output from multiple edge detectors or enlarge the edges of an edge image by dilating. Even so, if the amount of data is vast, the techniques might not be able to conceal all of it. Therefore, a novel strategy for edge exploitation is still needed to regulate the effectiveness of edge detection-based data-hiding strategies. By using edge detectors in the prediction error space, we utilized more edge pixels in this study (PES). Applying a predictor on the cover image and then calculating the prediction errors, we prepared the PES. The edges in PES were then marked using the edge detector. The edge-error corresponding pixels received more information than the relevant pixels that did not create an edge-error. Additionally, we combined the results from different edge detectors to produce more edges, which does help to achieve a higher embedding capacity. We implanted <span><math><mi>x</mi></math></span> number of secret bits in edge pixels and <span><math><mi>y</mi></math></span> number of bits in non-edge pixels where <span><math><mrow><mi>x</mi><mo>></mo><mi>y</mi></mrow></math></span>. The simulation results show that the proposed scheme outperforms its rivals on all performance-measuring criteria, including payload, stego image quality, and resistance to attack.</p></div>","PeriodicalId":100351,"journal":{"name":"Cyber Security and Applications","volume":"2 ","pages":"Article 100028"},"PeriodicalIF":0.0,"publicationDate":"2023-08-09","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"50194536","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

引用次数: 0

Efficient time-oriented latency-based secure data encryption for cloud storage 高效的基于时间延迟的云存储安全数据加密

Cyber Security and Applications Pub Date : 2023-06-30 DOI: 10.1016/j.csa.2023.100027

Shahnawaz Ahmad, Shabana Mehfuz

{"title":"Efficient time-oriented latency-based secure data encryption for cloud storage","authors":"Shahnawaz Ahmad, Shabana Mehfuz","doi":"10.1016/j.csa.2023.100027","DOIUrl":"https://doi.org/10.1016/j.csa.2023.100027","url":null,"abstract":"<div><p>To ensure data security in the cloud, there exist several techniques proposed by various researchers. The most common method is the usage of data encryption techniques like profile, rule, and attribute-based encryption techniques. However, they struggle in achieving higher data security performance due to insufficient resistance to tampering. Also, the existing techniques are not good enough for achieving a higher quality of service performance. To handle this issue, an efficient time-oriented latency approximation-based data encryption technique (TLADE) has been presented in this article. The method focuses on the selection of optimal encryption techniques at different time stamps according to the latency approximation. Accordingly, the method would select an optimal technique for data encryption based on the QoS values. To perform this, different encryption schemes have been implemented and each of them is measured for their QoS support values (QoSV) based on latency. Based on the values of QoSV, an efficient approach for the current duty cycle has been selected and applied to the cloud service data. The proposed approach improves the performance of different QoS factors and also has reduced the latency factor.</p></div>","PeriodicalId":100351,"journal":{"name":"Cyber Security and Applications","volume":"2 ","pages":"Article 100027"},"PeriodicalIF":0.0,"publicationDate":"2023-06-30","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"50194534","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

引用次数: 0

Design of blockchain-enabled secure smart health monitoring system and its testbed implementation 基于区块链的安全智能健康监测系统的设计及其试验台实现

Cyber Security and Applications Pub Date : 2023-06-16 DOI: 10.1016/j.csa.2023.100020

Siddhant Thapliyal , Shubham Singh , Mohammad Wazid , D.P. Singh , Ashok Kumar Das

引用次数: 0

E-Brightpass: A Secure way to access social networks on smartphones 电子通行证：在智能手机上访问社交网络的安全方式

Cyber Security and Applications Pub Date : 2023-06-15 DOI: 10.1016/j.csa.2023.100021

Chaitanyateja Thotadi , Monith Debbala , Subba Rao , Ajay Eeralla , Basker Palaniswamy , Srijanee Mookherji , Vanga Odelu , Alavalapati Goutham Reddy

{"title":"E-Brightpass: A Secure way to access social networks on smartphones","authors":"Chaitanyateja Thotadi , Monith Debbala , Subba Rao , Ajay Eeralla , Basker Palaniswamy , Srijanee Mookherji , Vanga Odelu , Alavalapati Goutham Reddy","doi":"10.1016/j.csa.2023.100021","DOIUrl":"https://doi.org/10.1016/j.csa.2023.100021","url":null,"abstract":"<div><p>Social network providers offer a variety of entertainment services in exchange for end users’ personal information, such as their identity. The majority of users access social networking sites via their smartphones, which they utilize in conjunction with a traditional authenticator like a password. On the other hand, aggregators, which pull content from multiple social networks, are often used to get into smartphone apps that may involve mobile ticketing, identification, and access control. They are a potential target for malware and spyware injections due to their powerful position. Malware is capable of circumventing authentication mechanisms in order to get access to social networking services, which may result in stealing the personal information of users. To deflect any type of attack from malicious software, BrightPass [22], a malware-resistant method based on screen brightness, was introduced. Conversely, we have demonstrated that the BrightPass user’s personally identifiable information, such as PIN numbers, may be recovered by evaluating the variations between the recorded input from many authentication sessions. We have then offered various enhanced BrightPass versions to address the observed vulnerability. Our enhanced BrightPass versions are both simple and secure to use when it comes to accessing social networks via mobiles.</p></div>","PeriodicalId":100351,"journal":{"name":"Cyber Security and Applications","volume":"2 ","pages":"Article 100021"},"PeriodicalIF":0.0,"publicationDate":"2023-06-15","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"50194535","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

引用次数: 0