Journal of Cyber Security and Mobility最新文献

{"title":"A Realtime Adaptive Trust Model Based on Artificial Neural Networks for Wireless Sensor Networks","authors":"Khaled Hassan, M. Madkour, S. Nouh","doi":"10.13052/jcsm2245-1439.1244","DOIUrl":"https://doi.org/10.13052/jcsm2245-1439.1244","url":null,"abstract":"Wireless sensor networks (WSNs) are vulnerable to security attacks due to the unbounded nature of the wireless medium, restricted node resources, and cooperative routing. Standard cryptography and authentication mechanisms help protect against external attacks, but a compromised node can easily bypass them. This work aims to protect WSNs against internal attacks, which are mostly launched from compromised nodes to disrupt the network’s operation and/or reduce its performance. The trust and reputation management framework provides a routing cost function for selecting the best secure next hop. Tuning the trust weights is essential to cope with the constant changes in the network environment, such as the sensor nodes’ behaviours and locations. To allow real-time operation, the proposed framework introduces an artificial neural network (ANN) in each sensor node that automatically adjusts the weights of the considered trust metrics according to the WSN state. A large dataset is generated to train and test the ANN using a multitude of simulated cases. A prototype is developed and tested using the J-Sim simulator to show the performance gain resulting from applying the adaptive trust model. The experimental results showed that the adaptive model has robust performance and has achieved an improved packet delivery ratio with reduced power consumption and reduced average packet loss. The results showed that when sensor nodes were static and malicious nodes were present, the average accuracy was 99.6%, while when they were in motion, it was 88.1%.","PeriodicalId":37820,"journal":{"name":"Journal of Cyber Security and Mobility","volume":"11 1","pages":"519-546"},"PeriodicalIF":0.0,"publicationDate":"2023-06-30","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"88881380","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"A Comprehensive Architectural Framework of Moving Target Defenses Against DDoS Attacks","authors":"Belal M. Amro, Saeed Salah, Mohammed Moreb","doi":"10.13052/jcsm2245-1439.1248","DOIUrl":"https://doi.org/10.13052/jcsm2245-1439.1248","url":null,"abstract":"Distributed Denial-of-Service (DDoS) attacks are among the top toughest security threats in today’s cyberspace. The multitude, diversity, and variety of both the attacks and their countermeasures have the consequence that no optimal solutions exist. However, many mitigation techniques and strategies have been proposed among which is Moving Target Defense (MTD). MTD strategy keeps changing the system states and attack surface dynamically by continually applying various systems reconfigurations aiming at increasing the uncertainty and complexity for attackers. Current proposals of MTD fall into one of three strategies: shuffling, diversity, and redundancy, based on what to move? how to move? and when to move? Despite the existence of such strategies, a comprehensive Framework for MTD techniques against DDoS attacks that can be used for all types of DDoS attacks has not been proposed yet. In this paper, we propose a novel and comprehensive Framework of MTD techniques considering all stages, mechanisms, data sources, and criteria adopted by the research community, the Framework will apply to all DDoS attacks on different systems. To efficiently use our proposed model, a comprehensive taxonomy of MTD mitigation techniques and strategies is also provided and can be used as a reference guide for the best selection of the model’s parameters.","PeriodicalId":37820,"journal":{"name":"Journal of Cyber Security and Mobility","volume":"23 1","pages":"605-628"},"PeriodicalIF":0.0,"publicationDate":"2023-06-30","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"87938935","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"Wireless Network Safety Status Prediction Based on Fuzzy Logic","authors":"Xiao Xue, Yangbin Zheng, Chao Lu","doi":"10.13052/jcsm2245-1439.1247","DOIUrl":"https://doi.org/10.13052/jcsm2245-1439.1247","url":null,"abstract":"In WN environment, network safety status means to state of information managing in various WN environments, WN transmission information safety status assessment is one of primary research directions in this territory. Existing network safety status awareness methods are difficult to adapt to real-time changes of network structure, and WN environment is complex and changeable, and they can only analyze the current network safety status, and it is difficult to predict and analyze overall tendency of WN safety status. In order to resist potential attacks, evaluate safety of network and detect attack means in network in a timely manner, this paper introduces fuzzy logic to propose a safety status prediction model for wireless sensor networks, which can help administrators to timely perceive and comprehensively grasp the real-time status of network and predict future advancement direction. In order to assess current network status, a safety status evaluation model for wireless network (WN) depended on fuzzy logic is presented. In cluster head node, neighborhood rough set is used for feature extraction to reduce energy consumption of redundant data on the node. Balance data by synthesizing a few over-sampling techniques, and then use random forest to detect attacks on the network to identify attack types. Combined with the status element acquisition mechanism, three status indicators, namely attack frequency, total number of attacks and threat factor, are extracted. According to the status indicators and status calculation method, the network safety status value is calculated, and current network safety status is evaluated by referring to network safety level divided by National Internet Emergency Response Center. Neighborhood rough set is applied to complete attribute reduction, which can effectively deal with underwater mixed data and obtain feature subsets with same classification capability as initial data. Safety status of WSN is predicted based on random forest. The risk degree of WN status is divided into fuzzy subsets, and the process of dynamic prediction of safety status is designed. Based on test values, highest input signal spectrum of the system is 30 mV, and the lowest input signal spectrum is -15 mV, which is consistent with the selected 120 groups of status data sequence diagram, the fluctuation amplitude of the input signal under 40~62 groups of samples is small, basically unchanged, consistent with the selected 120 groups of status data sequence diagram. Fuzzy logic model represented by star broken line has higher precision than decision tree and the limit learning machine in all five different attack types. mapped network safety status grade can also effectively express the actual network safety status. indicating that the prediction results of the system are accurate.","PeriodicalId":37820,"journal":{"name":"Journal of Cyber Security and Mobility","volume":"44 1","pages":"589-604"},"PeriodicalIF":0.0,"publicationDate":"2023-06-30","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"76753144","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"Optimization of LEACH Protocol for WSNs in Terms of Energy Efficient and Network Lifetime","authors":"Fadhil Mohammed Salman, Ahssan Ahmed Mohammed, Ahmed Fakhir Mutar","doi":"10.13052/jcsm2245-1439.123.2","DOIUrl":"https://doi.org/10.13052/jcsm2245-1439.123.2","url":null,"abstract":"Wireless Sensor Network (WSN) is a group of small, intelligent sensors with limited resources. WSN has limited energy restrictions, so, the network lifetime is the major challenge that directly affect the efficiency of the network. This work presents an energy-saving clustering hierarchical algorithm for WSNs; it is an improvement of Low-Energy adaptive Clustering Hierarchy (LEACH) algorithm. The aim of this algorithm is to minimize power consumption by the appropriate election of new cluster heads in every data transfer round and avoid network collisions. This goal achieved by using an efficient function to select the best cluster heads nodes in each round, which takes into account the current energy in the sensors. The proposed algorithm improves the cluster formation process by relying on the shorter distance to the base station. The Time Division Multiple Access (TDMA) mechanism also utilized to schedule the transmission of data packets to cluster heads nodes and to avoid data packet collisions at the base station. Experiments conducted in MATLAB R (2020a) software showed that the suggested algorithm extended the network lifetime by 14.5%, and improved the network throughput by 16.8% compared to the LEACH algorithm. That means, the proposed energy-saving clustering hierarchy algorithm has improved the performance of the LEACH algorithm in term of enhancing network lifetime and increasing network throughput.","PeriodicalId":37820,"journal":{"name":"Journal of Cyber Security and Mobility","volume":"6 1","pages":"275-296"},"PeriodicalIF":0.0,"publicationDate":"2023-05-18","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"86863766","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"Analysis of Cyber Security Threats of the Printing Enterprise","authors":"P. Shepita, L. Tupychak, Julia Shepita","doi":"10.13052/jcsm2245-1439.123.8","DOIUrl":"https://doi.org/10.13052/jcsm2245-1439.123.8","url":null,"abstract":"The topic of scientific works on the implementation of modern technologies and systems of automated management of the enterprise, its resources and technical means is analyzed, and the insufficient completeness of research on the features of the integrated approach to the design and deployment of innovative means of production order support. Based on the determined factors of the operation of the enterprise in the latest conditions of the fourth industrial revolution, directions for the formation of strategies for the introduction of the elements of Industry 4.0 in modern printing enterprises, as well as information protection systems, are determined with electronic document circulation. The mechanisms of decision of tasks of management informative risks considered in complex control system by printeries in the conditions of vagueness and at co-operation of elements of control system between itself. The necessity of using a web portal for the formation of printing orders is substantiate, the main components are define and the levels of access to them described. The paper examines the use of classic and gray fuzzy cognitive maps to solve the problem of cyber security risk assessment of the intelligent management system of a printing enterprise. It is demonstrate that the average estimate of local risk, which is formed using an ensemble of two heterogeneous fuzzy cognitive maps, decreases compared to the use of individual cognitive maps. In order tî better, highlight the results of the research, an example of the application of the proposed methodology for assessing the risks of ensuring the integrity of telemetric information in the industrial network of the intelligent technological process management system of a printing enterprise given, with the continuity of the technological process of manufacturing printing products. In addition to the classic FCM, the paradigms of two variants of the FCM extension were also use in the study, namely, the gray FCM, which used to solve the problem of assessing cyber security risks of intelligent management systems of printing enterprises. An analysis of the possibility of building FCM ensembles to increase the effectiveness of risk assessment using several options for formalizing the expert’s knowledge and experience performed. A fragment of the enterprise management system was consider and an analysis of possible directions of attacks on the printing enterprise by malicious software was perform. These are attacks such as replacing the executable files of server and ARM software, overwriting PLC projects during system operation, and refusing to service the equipment. Based on the formed list of attack vectors and the consequences of their implementation, the task of analyzing the risks of cyber security of a printing enterprise, taking into account the impact on the system of possible internal threats, was considered, using the cognitive modeling apparatus as a modeling tool. The scenario of cognitive modelin","PeriodicalId":37820,"journal":{"name":"Journal of Cyber Security and Mobility","volume":"34 1","pages":"415-434"},"PeriodicalIF":0.0,"publicationDate":"2023-05-18","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"74171775","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"Blockchain-Based Medical Decision Support System","authors":"T. Hovorushchenko, Y. Hnatchuk, Vitaliy Osyadlyi, M. Kapustian, A. Boyarchuk","doi":"10.13052/jcsm2245-1439.123.1","DOIUrl":"https://doi.org/10.13052/jcsm2245-1439.123.1","url":null,"abstract":"An urgent task at this moment is the use of blockchain technology to ensure the security of medical decision support systems (MDSS). Our research is devoted to development of blockchain-based MDSS (regarding possibility or impossibility of organ and tissue donation/transplantation, regarding possibility or impossibility of using reproductive technologies in the treatment of infertility). The developed blockchain-based medical decision support system provides reliable protection and security of medical information through the use of blockchain technology, provides support of decision regarding possibility or impossibility of organ and tissue donation/transplantation, provides support of decision regarding possibility or impossibility of use of reproductive technologies in the infertility treatment. The proposed blockchain-based medical decision support system: automates medical decision-making processes, minimizes the human factor and its influence on the medical decision process, and takes into account the norms of current legislation when making medical decisions, thereby allowing not to pay for the services of a hired lawyer, and also works with verified and protected medical data entered in the blockchain, which allows you to get rid of leaks of medical information and to ensure reliable protection of medical data.","PeriodicalId":37820,"journal":{"name":"Journal of Cyber Security and Mobility","volume":"16 1","pages":"253-274"},"PeriodicalIF":0.0,"publicationDate":"2023-05-18","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"90152986","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"Additional Detection of Clones Using Locally Sensitive Hashing","authors":"Nataliia I. Pravorska","doi":"10.13052/jcsm2245-1439.123.6","DOIUrl":"https://doi.org/10.13052/jcsm2245-1439.123.6","url":null,"abstract":"Today, there are many methods for detecting blocks with repetitions and redundancy in the program code. But mostly they turn out to be dependent on the programming language in which the software is developed and try to detect complex types of repeating blocks. Therefore, the goal of the research was to develop a language-independent repetition detector and expand its capabilities. In the development and operation of the language-independent incremental repeater detector, it was decided to conduct experiments for five open source systems for evaluation using the industrial detector SIG (Software Improvement Group), including the use of a tool syntactic analysis. But there was the question of extending the algorithm for additional detection of duplication and redundancy in the code, which was proposed by Hammel, and how improvements can be made to achieve independence from the programming language. Particular attention was paid to the empirical results presented in the original study, as their effectiveness is questionable. The main parameters that were considered when creating the index for LIIRD (Language-independent incremental repeat detector) and its expansion of the LSH (locally sensitive hashing): measuring time, memory and creating an incremental step. Based on the results of experiments conducted by the authors of Hammel’s work, there was a motivation to develop an extended approach. The idea of this approach is that according to the original study, the operation of calculating the entire block index with repeats and redundancy from scratch is very time consuming. Therefore, it is proposed to use LSH to obtain an effective assessment of the similarity of software project files.","PeriodicalId":37820,"journal":{"name":"Journal of Cyber Security and Mobility","volume":"4 1","pages":"367-388"},"PeriodicalIF":0.0,"publicationDate":"2023-05-18","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"90536552","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"System-Information and Cognitive Technologies of Man-Made Infrastructure Cyber Security","authors":"Liubomyr S. Sikora, N. Lysa, Y. Tsikalo, O. Fedevych","doi":"10.13052/jcsm2245-1439.123.7","DOIUrl":"https://doi.org/10.13052/jcsm2245-1439.123.7","url":null,"abstract":"The complication of technological processes due to the modernization of complex technological processes aggregates with a distributed spatial infrastructure requires the use of new control systems and computer and information network technologies. Accordingly, this poses the problem of revising the basic concepts of information-measuring systems building, developing software and hardware for the implementation of the target management process. This requires development of new approaches to presentation, processing, and display of data about the aggregates state of energy-active objects and the entire information structure. For management under threat conditions, it is necessary to take into account the features of the information infrastructure, data selection and processing methods, methods and algorithms for classifying the situation, which are formed from blocks of data obtained from each unit and the technological process as a whole.\u0000Information about the current state of system and infrastructure is necessary for the formation, adoption and implementation of management decisions which is the basis for coordination strategies synthesis. Appropriate target orientation, reasonable indicators of real process trajectories divergence from the target state determine the probability of object attack. Knowledge and decision-making procedures for the coordination of managerial actions is based on the strategic target orientation of the structure, their professionalism and the level of intellectual, cognitive and scientific training which is the basis for correct situation interpretation of countermeasures against threats formation.\u0000In the event of active threats complex on man-made systems in a certain region (resource, cognitive, system, information) and natural disasters or military operations, the threats lead to active destruction or failure of the production process. In order to functionally withstand related production structures, when loyal to the industrial relations concept, they need to integrate at the strategic management level on common goal basis to reduce risks. If necessary, to increase sustainability, they can be integrated at operational management level using interconnections at the production and resource levels. To do this, it is necessary to develop a strategic and goal-oriented management system behaviour line, which requires informational and intelligent data processing at the highest level using cognitive creative methods.\u0000For each level of the infrastructure hierarchy, oriented towards strategic goals in the global infrastructure dynamic environment, methods of assessing the situation to detect failures and the actions of attacks have been developed, based on which countermeasures are formed depending on the type of threats.","PeriodicalId":37820,"journal":{"name":"Journal of Cyber Security and Mobility","volume":"29 1","pages":"389-414"},"PeriodicalIF":0.0,"publicationDate":"2023-05-18","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"72941476","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"Method of Increasing the Security of Smart Parking System","authors":"T. Hovorushchenko, Olga Pavlova, M. Kostiuk","doi":"10.13052/jcsm2245-1439.123.3","DOIUrl":"https://doi.org/10.13052/jcsm2245-1439.123.3","url":null,"abstract":"Currently, the urgent task is developing the methods and tools for increasing Smart Parking software system security. The purpose of this study is conducting analysis of requirements for Smart Parking System software security in order to find the bottlenecks and parts of the software that are most vulnerable to external threats and develop the methods and tools for increasing their security. The paper proposes the method of increasing Smart Parking software system security based on integrating the middleware in Smart Parking System software architecture. The proposed method takes into account all the criteria for Smart Parking System software security, i.e. parameters of safe access to the database, client program security, server security and API security and provides a complex solution for increasing the safety of Smart Parking software system. The proposed method differs from the known ones in that it allows taking into account all the criteria for increasing the Smart Parking System software security in complex using security middleware.","PeriodicalId":37820,"journal":{"name":"Journal of Cyber Security and Mobility","volume":"8 2","pages":"297-314"},"PeriodicalIF":0.0,"publicationDate":"2023-05-18","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"72396169","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"On the Use of the Kolmogorov-Wiener Filter for Heavy-tail Process Prediction","authors":"V. Gorev, A. Gusev, V. Korniienko, Y. Shedlovska","doi":"10.13052/jcsm2245-1439.123.4","DOIUrl":"https://doi.org/10.13052/jcsm2245-1439.123.4","url":null,"abstract":"This paper is devoted to the investigation of the applicability of the Kolmogorov–Wiener filter to the prediction of heavy-tail processes. As is known, telecommunication traffic in systems with data packet transfer is considered to be a heavy-tail process. There are a lot of rather sophisticated approaches to traffic prediction; however, in the rather simple case of stationary traffic sophisticated approaches may not be needed, and a simple approach, such as the Kolmogorov–Wiener filter, may be applied. However, as far as we know, this approach has not been considered in recent papers. In our previous papers, we theoretically developed a method for obtaining the filter weight function in the continuous case. The Kolmogorov–Wiener filter may be applied only to stationary processes, but in some models telecommunication traffic is treated as a stationary process, and thus the use of the Kolmogorov–Wiener filter may be of practical interest. In this paper, we generate stationary heavy-tail modeled data similar to fractional Gaussian noise and investigate the applicability of the Kolmogorov–Wiener filter to data prediction. Both non-smoothed and smoothed processes are investigated. It is shown that both the discrete and the continuous Kolmogorov–Wiener filter may be used in a rather accurate short-term prediction of a heavy-tail smoothed stationary random process. The paper results may be used for stationary telecommunication traffic prediction in systems with packet data transfer.","PeriodicalId":37820,"journal":{"name":"Journal of Cyber Security and Mobility","volume":"148 1","pages":"315-338"},"PeriodicalIF":0.0,"publicationDate":"2023-05-18","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"86570552","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}