发布求助
文献互助 智能选刊 最新文献

Journal of Cyber Security and Mobility最新文献

筛选
英文 中文
A Privacy Preserving Framework to Protect Sensitive Data in Online Social Networks 一个保护在线社交网络中敏感数据的隐私保护框架
Journal of Cyber Security and Mobility Pub Date : 2022-11-07 DOI: 10.13052/jcsm2245-1439.1144
Nisha P. Shetty, Balachandra, Niraj Yagnik, Tulika Banerjee, Angad Singh
{"title":"A Privacy Preserving Framework to Protect Sensitive Data in Online Social Networks","authors":"Nisha P. Shetty, Balachandra, Niraj Yagnik, Tulika Banerjee, Angad Singh","doi":"10.13052/jcsm2245-1439.1144","DOIUrl":"https://doi.org/10.13052/jcsm2245-1439.1144","url":null,"abstract":"In this day and age, Internet has become an innate part of our existence. This virtual platform brings people together, facilitating information exchange, sharing photos, posts, etc. As interaction happens without any physical presence in the medium, trust is often compromised in all these platforms operating via the Internet. Although many of these sites provide their ingrained privacy settings, they are limited and do not cater to all users’ needs. The proposed work highlights the privacy risk associated with various personally identifiable information posted in online social networks (OSN). The work is three-facet, i.e. it first identifies the type of private information which is unwittingly revealed in social media tweets. To prevent unauthorized users from accessing private data, an anonymous mechanism is put forth that securely encodes the data. The information loss incurred due to anonymization is analyzed to check how much of privacy-utility trade-off is attained. The private data is then outsourced to a more secure server that only authorized people can access. Finally, to provide effective retrieval at the server-side, the traditional searchable encryption technique is modified, considering the typo errors observed in user searching behaviours. With all its constituents mentioned above, the purported approach aims to give more fine-grained control to the user to decide who can access their data and is the correct progression towards amputating privacy violation.","PeriodicalId":37820,"journal":{"name":"Journal of Cyber Security and Mobility","volume":"32 1","pages":"575-600"},"PeriodicalIF":0.0,"publicationDate":"2022-11-07","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"87126520","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 0
Can We Detect Malicious Behaviours in Encrypted DNS Tunnels Using Network Flow Entropy? 我们可以使用网络流熵检测加密DNS隧道中的恶意行为吗?
Journal of Cyber Security and Mobility Pub Date : 2022-08-14 DOI: 10.13052/jcsm2245-1439.1135
Yulduz Khodjaeva, Nur Zincir-Heywood, Ibrahim Zincir
{"title":"Can We Detect Malicious Behaviours in Encrypted DNS Tunnels Using Network Flow Entropy?","authors":"Yulduz Khodjaeva, Nur Zincir-Heywood, Ibrahim Zincir","doi":"10.13052/jcsm2245-1439.1135","DOIUrl":"https://doi.org/10.13052/jcsm2245-1439.1135","url":null,"abstract":"This paper explores the concept of entropy of a flow to augment flow statistical features for encrypted DNS tunnelling detection, specifically DNS over HTTPS traffic. To achieve this, the use of flow exporters, namely Argus, DoHlyzer and Tranalyzer2 are studied. Statistical flow features automatically generated by the aforementioned tools are then augmented with the flow entropy. In this work, flow entropy is calculated using three different techniques: (i) entropy over all packets of a flow, (ii) entropy over the first 96 bytes of a flow, and (iii) entropy over the first n-packets of a flow. These features are provided as input to ML classifiers to detect malicious behaviours over four publicly available datasets. This model is optimized using TPOT-AutoML system, where the Random Forest classifier provided the best performance achieving an average F-measure of 98% over all testing datasets employed.","PeriodicalId":37820,"journal":{"name":"Journal of Cyber Security and Mobility","volume":" ","pages":""},"PeriodicalIF":0.0,"publicationDate":"2022-08-14","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"47452889","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 0
Dynamic List Based Data Integrity Verification in Cloud Environment 云环境下基于动态列表的数据完整性验证
Journal of Cyber Security and Mobility Pub Date : 2022-07-22 DOI: 10.13052/jcsm2245-1439.1134
Akshay Kc, Balachandra Muniyal
{"title":"Dynamic List Based Data Integrity Verification in Cloud Environment","authors":"Akshay Kc, Balachandra Muniyal","doi":"10.13052/jcsm2245-1439.1134","DOIUrl":"https://doi.org/10.13052/jcsm2245-1439.1134","url":null,"abstract":"Cloud repository gives a proficient way to fathom issues of management and capacity, driven by high-speed information emergence. Consequently, a developing number of governing bodies and people lean towards storing their information within the cloud premises. In any case, due to the partition of information ownership and administration, it becomes exceptionally troublesome for the users or the owners to verify the integrity of data in a routine way. Hence, numerous analysts center on creating various protocols, that remotely check the astuteness of the information saved within the cloud. In this respect, a conceivable solution is proposed for dynamic reviewing by making use of a dynamic list-based index table to verify the integrity of the data which is more efficient than the state of the arts. Besides, with such a verification structure, it is proven that communication cost and storage cost at the client side is diminished effectively. The statistical analysis based on comprehensive tests illustrates that the proposed convention accomplishes the specified properties in comparison with the state of the arts.","PeriodicalId":37820,"journal":{"name":"Journal of Cyber Security and Mobility","volume":"1 1","pages":""},"PeriodicalIF":0.0,"publicationDate":"2022-07-22","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"42158815","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 0
A Systematic Literature Review of Routine Activity Theory’s Applicability in Cybercrimes 常规活动理论在网络犯罪中的应用研究综述
Journal of Cyber Security and Mobility Pub Date : 2022-06-17 DOI: 10.13052/jcsm2245-1439.1133
R. Ahmad, R. Thurasamy
{"title":"A Systematic Literature Review of Routine Activity Theory’s Applicability in Cybercrimes","authors":"R. Ahmad, R. Thurasamy","doi":"10.13052/jcsm2245-1439.1133","DOIUrl":"https://doi.org/10.13052/jcsm2245-1439.1133","url":null,"abstract":"Cybercrimes are increasing at an alarming rate and cause detrimental effects to the victims. Routine Activity Theory (RAT) is commonly used to understand the factors influencing cybercrime victimization. However, there have been inconsistent findings on the applicability of RAT theory. This study performs a Systematic Literature Review analysis to consolidate and provide a coherent analysis of the related studies employing RAT theory for cybercrime victimization. The articles were also differentiated based on the cybercrimes topologies being investigated; (a) cybercrime dependent (hacking and malware) and (b) cybercrime enabled (phishing, fraud and identity theft). The findings suggest that a refined specification and operationalization of RAT’S construct tailoring to the types of cybercrimes can arguably yield more accurate application and interpretation of RAT Theory in cybercrimes. Consequently, this will address the inaccurate measurement issues of some of the RATS’s constructs, leading to inconclusive effects on cybercrime victimization. In addition, there is a need for more longitudinal studies to disentangle the effect of RAT’s construct during pre and post cybercrimes. Security advocates can apply the findings of this research to formulate relevant cybercrime awareness programs. The findings also shed some insights into which groups should be targeted for different cybercrime educational and awareness programs. This study can increase the awareness among citizens in terms of their online activities, their attributes and the types of protection from becoming cybercrime victims.","PeriodicalId":37820,"journal":{"name":"Journal of Cyber Security and Mobility","volume":" ","pages":""},"PeriodicalIF":0.0,"publicationDate":"2022-06-17","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"47077558","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 4
On the Controllability of Artificial Intelligence: An Analysis of Limitations 论人工智能的可控性:局限性分析
Journal of Cyber Security and Mobility Pub Date : 2022-05-25 DOI: 10.13052/jcsm2245-1439.1132
Roman V. Yampolskiy
{"title":"On the Controllability of Artificial Intelligence: An Analysis of Limitations","authors":"Roman V. Yampolskiy","doi":"10.13052/jcsm2245-1439.1132","DOIUrl":"https://doi.org/10.13052/jcsm2245-1439.1132","url":null,"abstract":"The invention of artificial general intelligence is predicted to cause a shift in the trajectory of human civilization. In order to reap the benefits and avoid the pitfalls of such a powerful technology it is important to be able to control it. However, the possibility of controlling artificial general intelligence and its more advanced version, superintelligence, has not been formally established. In this paper, we present arguments as well as supporting evidence from multiple domains indicating that advanced AI cannot be fully controlled. The consequences of uncontrollability of AI are discussed with respect to the future of humanity and research on AI, and AI safety and security.","PeriodicalId":37820,"journal":{"name":"Journal of Cyber Security and Mobility","volume":" ","pages":""},"PeriodicalIF":0.0,"publicationDate":"2022-05-25","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"42287387","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 6
Classification of Phishing Email Using Word Embedding and Machine Learning Techniques 基于词嵌入和机器学习技术的网络钓鱼邮件分类
Journal of Cyber Security and Mobility Pub Date : 2022-05-07 DOI: 10.13052/jcsm2245-1439.1131
M. Somesha, A. R. Pais
{"title":"Classification of Phishing Email Using Word Embedding and Machine Learning Techniques","authors":"M. Somesha, A. R. Pais","doi":"10.13052/jcsm2245-1439.1131","DOIUrl":"https://doi.org/10.13052/jcsm2245-1439.1131","url":null,"abstract":"Email phishing is a cyber-attack, bringing substantial financial damage to corporate and commercial organizations. A phishing email is a special type of spamming, used to trick the user to disclose personal information to access his digital assets. Phishing attack is generally triggered by emailing links to spoofed websites that collect sensitive information. The APWG survey suggests that the existing countermeasures remain ineffective and insufficient for detecting phishing attacks. Hence there is a need for an efficient mechanism to detect phishing emails to provide better security against such attacks to the common user. The existing open-source data sets are limited in diversity, hence they do not capture the real picture of the attack. Hence there is a need for real-time input data set to design accurate email anti-phishing solutions. In the current work, it has been created a real-time in-house corpus of phishing and legitimate emails and proposed efficient techniques to detect phishing emails using a word embedding and machine learning algorithms. The proposed system uses only four email header-based heuristics for the classification of emails. The proposed word embedding cum machine learning framework comprises six word embedding techniques with five machine learning classifiers to evaluate the best performing combination. Among all six combinations, Random Forest consistently performed the best with FastText (CBOW) by achieving an accuracy of 99.50% with a false positive rate of 0.053%, TF-IDF achieved an accuracy of 99.39% with a false positive rate of 0.4% and Count Vectorizer achieved an accuracy of 99.18% with a false positive rate of 0.98% respectively for three datasets used.","PeriodicalId":37820,"journal":{"name":"Journal of Cyber Security and Mobility","volume":"39 1","pages":"279-320"},"PeriodicalIF":0.0,"publicationDate":"2022-05-07","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"75873911","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 6
Similarity Analysis of Single-Vendor Marketplaces in the Tor-Network Tor网络中单个供应商市场的相似性分析
Journal of Cyber Security and Mobility Pub Date : 2022-03-22 DOI: 10.13052/jcsm2245-1439.1124
Florian Platzer, Fabian Brenner, M. Steinebach
{"title":"Similarity Analysis of Single-Vendor Marketplaces in the Tor-Network","authors":"Florian Platzer, Fabian Brenner, M. Steinebach","doi":"10.13052/jcsm2245-1439.1124","DOIUrl":"https://doi.org/10.13052/jcsm2245-1439.1124","url":null,"abstract":"Single-vendor shops are darknet marketplaces where individuals offer their own goods or services on their own darknet website. There are many single-vendor shops with a wide range of offers in the Tor-network. This paper presents a method to find similarities between these vendor websites to discover possible operational structures between them. In order to achieve this, similarity values between the darknet websites are determined by combining different features from the categories content, structure and metadata. Our results show that the features HTML-Tag, HTML-Class, HTML-DOM-Tree as well as File-Content, Open Ports and Links-To proved to be particularly important and very effective in revealing commonalities between darknet websites. Using the similarity detection method, it was found that only 49% of the 258 single-vendor marketplaces were unique, meaning that there were no similar websites. In addition, 20% of all vendor shops are duplicates. 31% of all single-vendor marketplaces can be sorted into seven similarity groups.","PeriodicalId":37820,"journal":{"name":"Journal of Cyber Security and Mobility","volume":" ","pages":""},"PeriodicalIF":0.0,"publicationDate":"2022-03-22","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"45394656","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 3
An Introduction to the exFAT File System and How to Hide Data Within exFAT文件系统介绍及如何在其中隐藏数据
Journal of Cyber Security and Mobility Pub Date : 2022-03-22 DOI: 10.13052/jcsm2245-1439.1125
J. Heeger, York Yannikos, M. Steinebach
{"title":"An Introduction to the exFAT File System and How to Hide Data Within","authors":"J. Heeger, York Yannikos, M. Steinebach","doi":"10.13052/jcsm2245-1439.1125","DOIUrl":"https://doi.org/10.13052/jcsm2245-1439.1125","url":null,"abstract":"In the recent years steganographic techniques for hiding data in file system metadata gained focus. While commonly used file systems received tooling and publications the exFAT file system did not get much attention – probably because its structure provides only few suitable locations to hide data. In this work we present an overview of exFAT’s internals and describe the different structures used by the file system to store files. We also introduce two approaches that allow us to embed messages into the exFAT file system using steganographic techniques. The first approach has a lower embedding rate, but has less specific requirements for the embedding location. The other one, called exHide, uses error correcting to allow for an more robust approach. Both approaches are specified, evaluated and discussed in terms of their strengths and weaknesses.","PeriodicalId":37820,"journal":{"name":"Journal of Cyber Security and Mobility","volume":" ","pages":""},"PeriodicalIF":0.0,"publicationDate":"2022-03-22","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"46466866","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 0
Majority Vote-Based Ensemble Approach for Distributed Denial of Service Attack Detection in Cloud Computing 基于多数投票的云计算分布式拒绝服务攻击检测集成方法
Journal of Cyber Security and Mobility Pub Date : 2022-03-22 DOI: 10.13052/jcsm2245-1439.1126
A. Alqarni
{"title":"Majority Vote-Based Ensemble Approach for Distributed Denial of Service Attack Detection in Cloud Computing","authors":"A. Alqarni","doi":"10.13052/jcsm2245-1439.1126","DOIUrl":"https://doi.org/10.13052/jcsm2245-1439.1126","url":null,"abstract":"Cloud computing is considered as technical advancement in information technology. Many organizations have been motivated by this advancement to outsource their data and computational needs. Such platforms are required to fulfil basic security principles such as confidentiality, availability, and integrity. Cloud computing offers scalable and virtualized services with a high flexibility level and decreased maintenance costs to end-users. The infrastructure and protocols that are behind cloud computing may contain bugs and vulnerabilities. These vulnerabilities are being exploited by attackers, leading to attacks. Among the most reported attacks in cloud computing are distributed denial-of-service (DDOS) attacks. DDOS attacks are conducted by sending many data packets to the targeted infrastructure. This leads to most network bandwidth and server time being consumed, thus causing a denial of the service problem. Several methods have been proposed and experimented with for early DDOS attack detection. Employing a single machine learning classification model may give an adequate level of attack detection accuracy but needs an enhancement. In this study, we propose an approach based on an ensemble of machine learning classifiers. The proposed approach uses a majority vote-based ensemble of classifiers to detect attacks more accurately. A subset of the CICDDOS2019 dataset consisting of 32,000 instances, including 8450 benign and 23,550 DDOS attack instances was used in this study for results and evaluation. The experimental results showed that 98.02% accuracy was achieved with 97.45% sensitivity and 98.65% specificity.","PeriodicalId":37820,"journal":{"name":"Journal of Cyber Security and Mobility","volume":" ","pages":""},"PeriodicalIF":0.0,"publicationDate":"2022-03-22","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"49330630","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 9
Evaluating Dynamic Tor Onion Services for Privacy Preserving Distributed Digital Identity Systems 保护隐私分布式数字身份系统的动态Tor洋葱服务评估
Journal of Cyber Security and Mobility Pub Date : 2022-03-22 DOI: 10.13052/jcsm2245-1439.1122
Tobias Höller, Michael Roland, R. Mayrhofer
{"title":"Evaluating Dynamic Tor Onion Services for Privacy Preserving Distributed Digital Identity Systems","authors":"Tobias Höller, Michael Roland, R. Mayrhofer","doi":"10.13052/jcsm2245-1439.1122","DOIUrl":"https://doi.org/10.13052/jcsm2245-1439.1122","url":null,"abstract":"Digital identity documents provide several key benefits over physical ones. They can be created more easily, incur less costs, improve usability and can be updated if necessary. However, the deployment of digital identity systems does come with several challenges regarding both security and privacy of personal information. In this paper, we highlight one challenge that digital identity systems face if they are set up in a distributed fashion: Network Unlinkability. We discuss why network unlinkability is so critical for a distributed digital identity system that wants to protect the privacy of its users and present a specific definition of unlinkability for our use-case. Based on this definition, we propose a scheme that utilizes the Tor network to achieve the required level of unlinkability by dynamically creating onion services and evaluate the feasibility of our approach by measuring the deployment times of onion services.","PeriodicalId":37820,"journal":{"name":"Journal of Cyber Security and Mobility","volume":" ","pages":""},"PeriodicalIF":0.0,"publicationDate":"2022-03-22","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"48823049","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 2
首页 上一页 下一页 尾页
0
×
引用
GB/T 7714-2015
复制
MLA
复制
APA
复制
导出至
BibTeX EndNote RefMan NoteFirst NoteExpress
×
提示
您的信息不完整,为了账户安全,请先补充。
现在去补充
×
提示
您因"违规操作"
具体请查看互助需知
我知道了
×
提示
现在去查看 取消
×
提示
确定
请完成安全验证×
相关产品
×
本文献相关产品
联系我们:info@booksci.cn Book学术提供免费学术资源搜索服务,方便国内外学者检索中英文文献。致力于提供最便捷和优质的服务体验。 Copyright © 2023 布克学术 All rights reserved.
京ICP备2023020795号-1
ghs 京公网安备 11010802042870号
Book学术文献互助
Book学术文献互助群
群 号:481959085
Book学术官方微信