The Internet of Things (IoT) is a rapidly expanding network of interconnected things that use embedded sensors to gather and share data in real‐time. IoT technologies have given rise to many networking applications in our everyday life such as smart homes, smart cities, smart transport, and so forth. Smart healthcare is one such application that has been revolutionized by the IoT, introducing a new branch of IoT known as the Internet of Medical Things (IoMT). IoMT encompasses an entire ecosystem consisting of smart wearable, implantable sensing equipment's or devices, transmitters that are critical for monitoring the patients remotely and continuing the real‐time and has opened the door to new innovative smart healthcare approaches while improving patient care outcomes. IoMT wearable and embedded sensing devices are commonly utilized in smart healthcare to capture medical data and transmit the medical data in a communication network stored in the cloud. The large volume of data generated and transmitted by these IoMT devices is rising at an exponential rate, resulting in an increase in security and privacy vulnerabilities of healthcare data. To ensure the Confidentiality and integrity of the IoMT devices and the sensitive medical data, there should be proper security and privacy measures such as access control, passwords, multifactor authentication, and encryption of data generated, transmitted, or processed in the IoMT framework. In this paper, we identified the internet of things and its applications in smart healthcare systems. Additionally, the paper focuses on the architecture of IoMT, and several challenges, including the IoMT security and privacy requirements, and attack taxonomy. Furthermore, the paper thoroughly investigates both cryptographic and non‐cryptographic based security and privacy‐enhancing techniques for IoMT or healthcare systems with particular emphasis on advancements in key areas such as Homomorphic Encryption, Differential Privacy, and Federated Learning.
{"title":"Security and privacy challenges, issues, and enhancing techniques for Internet of Medical Things: A systematic review","authors":"Rizwan Uz Zaman Wani, Fursan Thabit, Ozgu Can","doi":"10.1002/spy2.409","DOIUrl":"https://doi.org/10.1002/spy2.409","url":null,"abstract":"The Internet of Things (IoT) is a rapidly expanding network of interconnected things that use embedded sensors to gather and share data in real‐time. IoT technologies have given rise to many networking applications in our everyday life such as smart homes, smart cities, smart transport, and so forth. Smart healthcare is one such application that has been revolutionized by the IoT, introducing a new branch of IoT known as the Internet of Medical Things (IoMT). IoMT encompasses an entire ecosystem consisting of smart wearable, implantable sensing equipment's or devices, transmitters that are critical for monitoring the patients remotely and continuing the real‐time and has opened the door to new innovative smart healthcare approaches while improving patient care outcomes. IoMT wearable and embedded sensing devices are commonly utilized in smart healthcare to capture medical data and transmit the medical data in a communication network stored in the cloud. The large volume of data generated and transmitted by these IoMT devices is rising at an exponential rate, resulting in an increase in security and privacy vulnerabilities of healthcare data. To ensure the Confidentiality and integrity of the IoMT devices and the sensitive medical data, there should be proper security and privacy measures such as access control, passwords, multifactor authentication, and encryption of data generated, transmitted, or processed in the IoMT framework. In this paper, we identified the internet of things and its applications in smart healthcare systems. Additionally, the paper focuses on the architecture of IoMT, and several challenges, including the IoMT security and privacy requirements, and attack taxonomy. Furthermore, the paper thoroughly investigates both cryptographic and non‐cryptographic based security and privacy‐enhancing techniques for IoMT or healthcare systems with particular emphasis on advancements in key areas such as Homomorphic Encryption, Differential Privacy, and Federated Learning.","PeriodicalId":29939,"journal":{"name":"Security and Privacy","volume":null,"pages":null},"PeriodicalIF":1.9,"publicationDate":"2024-05-07","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"141004165","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Sabyasachi Samanta, Sudipta Roy, Abhijit Sarkar, D. Jana
Steganography refers to the practice of hiding sensitive information inside seemingly unrelated data sets. Steganography in the video is one of the best methods available for hiding data without compromising the film's appearance. For improved security and compatibility, the traditional system uses different video steganography techniques with linear or precise positions. Traditional linear video steganography practices face vulnerability, a lack of security, limited embedding options, and inadequate compatibility. Here nonlinear frame(s) and pixel positions based information hiding techniques have been developed to overwhelm the following. Both the nonlinear frame positions and nonlinear pixel positions are selected for the video‐based steganography. In the beginning, the nonlinear frame positions are selected through the key and the key may be with any prescribed range and alphanumeric characters. A single or more frames may be selected through the key and that entirely depends upon the corresponding run‐through. Then the nonlinear pixel and bit positions are also selected through a similar key. The proposed method is also compared with some former techniques and gives a magnificent result. Furthermore, a security analysis of the suggested algorithm has also been conducted using the differential attack method. To validate the suggested method and ensure that it is accurate, the author of this article made use of a very specific and innovative methodology known as the linguistic response surface methodology (LRSM). This model is framed based on achieving a few steganography assessment measures like PSNR, SSIM, and MSE metric values after incorporating hidden text in various nonlinear frames' nonlinear pixel locations of the video. The analysis of the variance using LRSM for PSNR, SSIM, and MSE response reveals very substantial results with confirmation.
{"title":"Linguistic response surface methodology approach to measure the quality of nonlinear frame‐pixel and bit place‐based video steganography","authors":"Sabyasachi Samanta, Sudipta Roy, Abhijit Sarkar, D. Jana","doi":"10.1002/spy2.397","DOIUrl":"https://doi.org/10.1002/spy2.397","url":null,"abstract":"Steganography refers to the practice of hiding sensitive information inside seemingly unrelated data sets. Steganography in the video is one of the best methods available for hiding data without compromising the film's appearance. For improved security and compatibility, the traditional system uses different video steganography techniques with linear or precise positions. Traditional linear video steganography practices face vulnerability, a lack of security, limited embedding options, and inadequate compatibility. Here nonlinear frame(s) and pixel positions based information hiding techniques have been developed to overwhelm the following. Both the nonlinear frame positions and nonlinear pixel positions are selected for the video‐based steganography. In the beginning, the nonlinear frame positions are selected through the key and the key may be with any prescribed range and alphanumeric characters. A single or more frames may be selected through the key and that entirely depends upon the corresponding run‐through. Then the nonlinear pixel and bit positions are also selected through a similar key. The proposed method is also compared with some former techniques and gives a magnificent result. Furthermore, a security analysis of the suggested algorithm has also been conducted using the differential attack method. To validate the suggested method and ensure that it is accurate, the author of this article made use of a very specific and innovative methodology known as the linguistic response surface methodology (LRSM). This model is framed based on achieving a few steganography assessment measures like PSNR, SSIM, and MSE metric values after incorporating hidden text in various nonlinear frames' nonlinear pixel locations of the video. The analysis of the variance using LRSM for PSNR, SSIM, and MSE response reveals very substantial results with confirmation.","PeriodicalId":29939,"journal":{"name":"Security and Privacy","volume":null,"pages":null},"PeriodicalIF":1.9,"publicationDate":"2024-05-07","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"141005005","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Ankur Gupta, Rajesh Gupta, Keyaba Gohil, S. Tanwar, Deepak Garg
Managing identities in metaverse environment is challenging due to the conflicting requirements of ensuring user privacy while enforcing accountability. Users may participate in the metaverse through multiple virtual identities or avatars for different applications/scenarios. Thus, virtual identities must be continuously generated and mapped with real identities. Further, user privacy needs to be protected while not ensuring blanket anonymity to indulge in objectionable or unlawful conduct. Ensuring privacy for the metaverse while still being able to pinpoint users for their actions in the metaverse is a significant research issue. Solving the aforementioned issue, we propose a third‐party identity management solution for the metaverse based on creating a decentralized oracle network (DON) providing identity authentication and mapping service. The proposed identity management framework is metaverse platform agnostic, ensuring users' privacy on the platform while still being able to uncover their real identities if warranted. The proposed framework is viable as evidenced by experimental results of DON and blockchain implementation. The DON based framework leverage the benefits of blockchain technology and introduces immutability, transparency, and traceability into the the metaverse environment. This ensures data integrity and minimizes the frequency of cyber attacks in the metaverse ecosystem.
在元宇宙环境中管理身份具有挑战性,因为既要确保用户隐私,又要执行问责制,这两方面的要求相互冲突。用户可以通过多个虚拟身份或化身参与元宇宙的不同应用/场景。因此,虚拟身份必须不断生成并与真实身份进行映射。此外,用户的隐私需要得到保护,同时又不能确保完全匿名,以至于放纵不良或非法行为。既要确保元宇宙的隐私,又要能确定用户在元宇宙中的行为,这是一个重要的研究课题。为解决上述问题,我们提出了一种第三方元宇宙身份管理解决方案,该方案基于创建一个提供身份验证和映射服务的去中心化甲骨文网络(DON)。所提出的身份管理框架与元宇宙平台无关,既能确保用户在平台上的隐私,又能在必要时揭露用户的真实身份。DON 和区块链实施的实验结果证明,拟议框架是可行的。基于 DON 的框架充分利用了区块链技术的优势,并将不变性、透明度和可追溯性引入了元宇宙环境。这确保了数据的完整性,并将元宇宙生态系统中的网络攻击频率降至最低。
{"title":"Blockchain‐based decentralized oracle network framework for identity management in metaverse environment","authors":"Ankur Gupta, Rajesh Gupta, Keyaba Gohil, S. Tanwar, Deepak Garg","doi":"10.1002/spy2.414","DOIUrl":"https://doi.org/10.1002/spy2.414","url":null,"abstract":"Managing identities in metaverse environment is challenging due to the conflicting requirements of ensuring user privacy while enforcing accountability. Users may participate in the metaverse through multiple virtual identities or avatars for different applications/scenarios. Thus, virtual identities must be continuously generated and mapped with real identities. Further, user privacy needs to be protected while not ensuring blanket anonymity to indulge in objectionable or unlawful conduct. Ensuring privacy for the metaverse while still being able to pinpoint users for their actions in the metaverse is a significant research issue. Solving the aforementioned issue, we propose a third‐party identity management solution for the metaverse based on creating a decentralized oracle network (DON) providing identity authentication and mapping service. The proposed identity management framework is metaverse platform agnostic, ensuring users' privacy on the platform while still being able to uncover their real identities if warranted. The proposed framework is viable as evidenced by experimental results of DON and blockchain implementation. The DON based framework leverage the benefits of blockchain technology and introduces immutability, transparency, and traceability into the the metaverse environment. This ensures data integrity and minimizes the frequency of cyber attacks in the metaverse ecosystem.","PeriodicalId":29939,"journal":{"name":"Security and Privacy","volume":null,"pages":null},"PeriodicalIF":1.9,"publicationDate":"2024-05-06","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"141009210","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
5G and 6G promise to be catalysts for the Internet of Things (IoT), enabling ultra‐massive and mission‐critical IoT. The demands of new IoT applications and the large number of connected objects being announced will exacerbate the thorny issue of spectrum scarcity in wireless communications. Cognitive radio (CR) is a revolutionary technology that promises to mitigate the problem of spectrum scarcity through more efficient use of spectrum. Integrating CR into the IoT allows objects to opportunistically access spectrum resources already allocated to a Primary User (PU) without causing interference. Spectrum sensing (SS) allows objects to be aware of the PU's spectrum occupancy status. In radio environments where the PU signal is subject to multipath and shadowing effects that degrade the channel between the PU and objects, SS performed by a single object could be inaccurate and lead to incorrect decisions about the PU's status. Cooperative spectrum sensing (CSS) has been proposed to improve detection performance. However, this cooperation between objects has opened the way to a new form of attack known as the Spectrum Sensing Data Falsification (SSDF) or Byzantine attack. In a SSDF attack, attackers falsify their local sensing results before sharing them in the CSS. This attack is very harmful to the CSS and can lead to a loss of spectrum opportunities or interference with the PU. In this paper, from the attack point of view, a sophisticated Byzantine attack model that generalizes well the simple attack strategies has been proposed and allows an attacker to implement other attack strategies. From a defense point of view, a new and innovative Weighted Sequential Hypothesis Testing (WSPRT) scheme has been suggested. This ensures the security of the CSS while significantly reducing the average number of samples required for overall decision‐making in a very hostile IoT network. The results obtained from simulations carried out in various attacks scenarios show that the proposed secure CSS scheme requires at most six samples to detect the state of the PU without error when the proportion of attackers reaches 80%. This performance far exceeds that of other defense mechanisms such as classic WSPRT, SPRT, and majority rule, with which we have compared it under the same conditions. In general, for the classic WSPRT, SPRT, and majority rule mechanisms, the error rate starts to deteriorate at ratio 40% of attackers and the number of samples is greater than six and reaches 50.
{"title":"Sequential fusion‐based defense strategy against sophisticated Byzantine attacks in cognitive IoT networks","authors":"Flavien Donkeng Zemo, Sara Bakkali","doi":"10.1002/spy2.415","DOIUrl":"https://doi.org/10.1002/spy2.415","url":null,"abstract":"5G and 6G promise to be catalysts for the Internet of Things (IoT), enabling ultra‐massive and mission‐critical IoT. The demands of new IoT applications and the large number of connected objects being announced will exacerbate the thorny issue of spectrum scarcity in wireless communications. Cognitive radio (CR) is a revolutionary technology that promises to mitigate the problem of spectrum scarcity through more efficient use of spectrum. Integrating CR into the IoT allows objects to opportunistically access spectrum resources already allocated to a Primary User (PU) without causing interference. Spectrum sensing (SS) allows objects to be aware of the PU's spectrum occupancy status. In radio environments where the PU signal is subject to multipath and shadowing effects that degrade the channel between the PU and objects, SS performed by a single object could be inaccurate and lead to incorrect decisions about the PU's status. Cooperative spectrum sensing (CSS) has been proposed to improve detection performance. However, this cooperation between objects has opened the way to a new form of attack known as the Spectrum Sensing Data Falsification (SSDF) or Byzantine attack. In a SSDF attack, attackers falsify their local sensing results before sharing them in the CSS. This attack is very harmful to the CSS and can lead to a loss of spectrum opportunities or interference with the PU. In this paper, from the attack point of view, a sophisticated Byzantine attack model that generalizes well the simple attack strategies has been proposed and allows an attacker to implement other attack strategies. From a defense point of view, a new and innovative Weighted Sequential Hypothesis Testing (WSPRT) scheme has been suggested. This ensures the security of the CSS while significantly reducing the average number of samples required for overall decision‐making in a very hostile IoT network. The results obtained from simulations carried out in various attacks scenarios show that the proposed secure CSS scheme requires at most six samples to detect the state of the PU without error when the proportion of attackers reaches 80%. This performance far exceeds that of other defense mechanisms such as classic WSPRT, SPRT, and majority rule, with which we have compared it under the same conditions. In general, for the classic WSPRT, SPRT, and majority rule mechanisms, the error rate starts to deteriorate at ratio 40% of attackers and the number of samples is greater than six and reaches 50.","PeriodicalId":29939,"journal":{"name":"Security and Privacy","volume":null,"pages":null},"PeriodicalIF":1.9,"publicationDate":"2024-05-05","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"141012173","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Garima Thakur, Mohammad S. Obaidat, Piyush Sharma, Sunil Prajapat, Pankaj Kumar
The leverage of satellite resources to establish a communication network offers a wide range of benefits, including the capability to support news gathering, broadcasting, and aeronautical and maritime tracking. The unique aspects of the satellite‐linked terrestrial network provide high‐speed services, dependable and consistent network quality, and comprehensive geographic coverage of remote regions. Unfortunately, these structural features also render the network vulnerable to unauthorized intrusion, potentially leading to significant disruptions. Consequently, the implementation of authentication measures presents an appealing solution for enhancing the overall service quality of this network. Recently, Kumar et al. presented an authentication and key agreement scheme for satellite communications. Strikingly, their scheme proves inadequate in safeguarding against several malicious attacks and reveals certain design weaknesses. In this article, we present a reliable and secure authentication protocol that takes advantage of the complexities inherent in the elliptic curve discrete logarithm problem. We assess the protocol's effectiveness against various types of attacks using formal proof, Burrows–Abadi–Needham logic, informal descriptive proof analysis, and the verification tool SCYTHER. Furthermore, we compare the computational, communication, and storage overhead of our proposed protocol to an existing one, demonstrating its efficiency and superiority.
{"title":"An efficient provably secure authentication and key agreement protocol for satellite communication networks","authors":"Garima Thakur, Mohammad S. Obaidat, Piyush Sharma, Sunil Prajapat, Pankaj Kumar","doi":"10.1002/spy2.404","DOIUrl":"https://doi.org/10.1002/spy2.404","url":null,"abstract":"The leverage of satellite resources to establish a communication network offers a wide range of benefits, including the capability to support news gathering, broadcasting, and aeronautical and maritime tracking. The unique aspects of the satellite‐linked terrestrial network provide high‐speed services, dependable and consistent network quality, and comprehensive geographic coverage of remote regions. Unfortunately, these structural features also render the network vulnerable to unauthorized intrusion, potentially leading to significant disruptions. Consequently, the implementation of authentication measures presents an appealing solution for enhancing the overall service quality of this network. Recently, Kumar et al. presented an authentication and key agreement scheme for satellite communications. Strikingly, their scheme proves inadequate in safeguarding against several malicious attacks and reveals certain design weaknesses. In this article, we present a reliable and secure authentication protocol that takes advantage of the complexities inherent in the elliptic curve discrete logarithm problem. We assess the protocol's effectiveness against various types of attacks using formal proof, Burrows–Abadi–Needham logic, informal descriptive proof analysis, and the verification tool SCYTHER. Furthermore, we compare the computational, communication, and storage overhead of our proposed protocol to an existing one, demonstrating its efficiency and superiority.","PeriodicalId":29939,"journal":{"name":"Security and Privacy","volume":null,"pages":null},"PeriodicalIF":1.9,"publicationDate":"2024-04-25","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"140655698","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Due to rapidly growing Internet facilities, intruders can steal and misuse the data saved and stored digitally. In this case, securing digital data is challenging but prominent for various purposes. However, the traditional techniques are insufficient to secure these computer networks and cloud information with a 100% success rate. Recently, machine‐ or deep‐learning‐enabled methods have been used to secure network information, but with some limits. Therefore, the study emphasizes detecting and classifying network intrusion using the proposed ensemble and deep learning models. In this case, we developed the ensemble learning‐enabled random forest algorithm and deep learning‐enabled deep convolutional neural network (CNN) models for securing near real‐time cloud information and designed the intrusion detection system accordingly. The complex and high‐volume CSE‐CICIDS2018 datasets were used to test the developed model in Python programming language implemented with several Python libraries. The outcome of the proposed models indicates that the developed models are promising in securing the cloud information with 97.73% and 99.91% accuracies via ensemble‐random forest and deep CNN models. Thus, the present study models can be applied to other real‐time datasets and computer networks to detect cyber threats effectively.
{"title":"Ensemble random forest and deep convolutional neural networks in detecting and classifying the multiple intrusions from near real‐time cloud datasets","authors":"Minhaj Khan, Mohd. Haroon","doi":"10.1002/spy2.408","DOIUrl":"https://doi.org/10.1002/spy2.408","url":null,"abstract":"Due to rapidly growing Internet facilities, intruders can steal and misuse the data saved and stored digitally. In this case, securing digital data is challenging but prominent for various purposes. However, the traditional techniques are insufficient to secure these computer networks and cloud information with a 100% success rate. Recently, machine‐ or deep‐learning‐enabled methods have been used to secure network information, but with some limits. Therefore, the study emphasizes detecting and classifying network intrusion using the proposed ensemble and deep learning models. In this case, we developed the ensemble learning‐enabled random forest algorithm and deep learning‐enabled deep convolutional neural network (CNN) models for securing near real‐time cloud information and designed the intrusion detection system accordingly. The complex and high‐volume CSE‐CICIDS2018 datasets were used to test the developed model in Python programming language implemented with several Python libraries. The outcome of the proposed models indicates that the developed models are promising in securing the cloud information with 97.73% and 99.91% accuracies via ensemble‐random forest and deep CNN models. Thus, the present study models can be applied to other real‐time datasets and computer networks to detect cyber threats effectively.","PeriodicalId":29939,"journal":{"name":"Security and Privacy","volume":null,"pages":null},"PeriodicalIF":1.9,"publicationDate":"2024-04-25","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"140658664","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Phishing and spam have been a cybersecurity threat with the majority of breaches resulting from these types of social engineering attacks. Therefore, detection has been a long‐standing challenge for both academic and industry researcher. New and innovative approaches are required to keep up with the growing sophistication of threat actors. One such illumination which has vast potential are large language models (LLM). LLM emerged and already demonstrated their potential to transform society and provide new and innovative approaches to solve well‐established challenges. Phishing and spam have caused financial hardships and lost time and resources to email users all over the world and frequently serve as an entry point for ransomware threat actors. While detection approaches exist, especially heuristic‐based approaches, LLMs offer the potential to venture into a new unexplored area for understanding and solving this challenge. LLMs have rapidly altered the landscape from business, consumers, and throughout academia and demonstrate transformational potential to profoundly impact the society. Based on this, applying these new and innovative approaches to email detection is a rational next step in academic research. In this work, we present IPSDM, an improved phishing spam detection model based on fine‐tuning the BERT family of models to specifically detect phishing and spam emails. We demonstrate our fine‐tuned version, IPSDM, is able to better classify emails in both unbalanced and balanced datasets. Moreover, IPSDM consistently outperforms the baseline models in terms of classification accuracy, precision, recall, and F1‐score, while concurrently mitigating overfitting concerns.
{"title":"An improved transformer‐based model for detecting phishing, spam and ham emails: A large language model approach","authors":"Suhaima Jamal, H. Wimmer, Iqbal H. Sarker","doi":"10.1002/spy2.402","DOIUrl":"https://doi.org/10.1002/spy2.402","url":null,"abstract":"Phishing and spam have been a cybersecurity threat with the majority of breaches resulting from these types of social engineering attacks. Therefore, detection has been a long‐standing challenge for both academic and industry researcher. New and innovative approaches are required to keep up with the growing sophistication of threat actors. One such illumination which has vast potential are large language models (LLM). LLM emerged and already demonstrated their potential to transform society and provide new and innovative approaches to solve well‐established challenges. Phishing and spam have caused financial hardships and lost time and resources to email users all over the world and frequently serve as an entry point for ransomware threat actors. While detection approaches exist, especially heuristic‐based approaches, LLMs offer the potential to venture into a new unexplored area for understanding and solving this challenge. LLMs have rapidly altered the landscape from business, consumers, and throughout academia and demonstrate transformational potential to profoundly impact the society. Based on this, applying these new and innovative approaches to email detection is a rational next step in academic research. In this work, we present IPSDM, an improved phishing spam detection model based on fine‐tuning the BERT family of models to specifically detect phishing and spam emails. We demonstrate our fine‐tuned version, IPSDM, is able to better classify emails in both unbalanced and balanced datasets. Moreover, IPSDM consistently outperforms the baseline models in terms of classification accuracy, precision, recall, and F1‐score, while concurrently mitigating overfitting concerns.","PeriodicalId":29939,"journal":{"name":"Security and Privacy","volume":null,"pages":null},"PeriodicalIF":1.9,"publicationDate":"2024-04-24","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"140658959","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Federated learning (FL) serves as a decentralized training framework for machine learning (ML) models, preserving data privacy in critical domains such as smart healthcare. However, it has been found that attackers can exploit this decentralized learning framework to perform data and model poisoning attacks, specifically in FL‐driven smart healthcare. This work delves into the realm of FL‐driven smart healthcare systems, consisting of multiple hospitals based architecture and focusing on heart disease detection using FL. We carry out data poisoning attacks, using two different attacking methods, label flipping attack and input data/feature manipulation attack to demonstrate that such FL‐driven smart healthcare systems are vulnerable to attacks. To guard the system against such attack, we propose a novel federated averaging defense mechanism to stop the identified poisoned clients in weight aggregation. This mechanism effectively detects and thwarts data poisoning attempts by identifying compromised clients during weight aggregation. The proposed mechanism is based on the idea of weighted averaging, where each client's contribution is weighted according to its trustworthiness. The proposed work addresses a critical gap in the literature by focusing on the often‐overlooked issue of poisoning attacks in tabular text datasets, which are crucial to the smart healthcare system. We conduct the testbed‐based experiment to demonstrate that the proposed mechanism is effectively detecting and mitigating data poisoning attacks in selected FL‐driven smart healthcare scenarios, while maintaining high accuracy and convergence rates.
{"title":"SAFe‐Health: Guarding federated learning‐driven smart healthcare with federated defense averaging against data poisoning","authors":"Bhabesh Mali, P. Singh, Nabajyoti Mazumdar","doi":"10.1002/spy2.403","DOIUrl":"https://doi.org/10.1002/spy2.403","url":null,"abstract":"Federated learning (FL) serves as a decentralized training framework for machine learning (ML) models, preserving data privacy in critical domains such as smart healthcare. However, it has been found that attackers can exploit this decentralized learning framework to perform data and model poisoning attacks, specifically in FL‐driven smart healthcare. This work delves into the realm of FL‐driven smart healthcare systems, consisting of multiple hospitals based architecture and focusing on heart disease detection using FL. We carry out data poisoning attacks, using two different attacking methods, label flipping attack and input data/feature manipulation attack to demonstrate that such FL‐driven smart healthcare systems are vulnerable to attacks. To guard the system against such attack, we propose a novel federated averaging defense mechanism to stop the identified poisoned clients in weight aggregation. This mechanism effectively detects and thwarts data poisoning attempts by identifying compromised clients during weight aggregation. The proposed mechanism is based on the idea of weighted averaging, where each client's contribution is weighted according to its trustworthiness. The proposed work addresses a critical gap in the literature by focusing on the often‐overlooked issue of poisoning attacks in tabular text datasets, which are crucial to the smart healthcare system. We conduct the testbed‐based experiment to demonstrate that the proposed mechanism is effectively detecting and mitigating data poisoning attacks in selected FL‐driven smart healthcare scenarios, while maintaining high accuracy and convergence rates.","PeriodicalId":29939,"journal":{"name":"Security and Privacy","volume":null,"pages":null},"PeriodicalIF":1.9,"publicationDate":"2024-04-21","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"140679007","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Ensuring the security and privacy of patient data in e‐healthcare systems that rely on cloud computation is of utmost importance. Traditional encryption is no longer resistant to quantum attacks and safeguards sensitive medical images. To tackle this issue, robust security countermeasures are proposed by integrating quantum encryption with a cloud‐based healthcare system. The encryption scheme utilizes the Generalized Novel Enhancement Quantum Representation (GNEQR) and the Novel Enhancement Quantum Representation (NEQR) to provide a framework for representing color and grayscale healthcare images. The proposed quantum algorithm uses quantum logic for image scrambling, which is combined with the encryption key by the Xor quantum gate. The encryption key is generated by 9D chaotic and permutated before encryption. Finally, channel re‐ordering is applied for color images. The simulation results for 15 medical tests with an encryption key space >2600 on a developed e‐healthcare system demonstrate the effectiveness and reliability of the proposed work where the average number of pixels change rates was 99.82, while the unified average change intensity rate was 33.51, entropy was 7.9, the horizontal, vertical, and diagonal correlation coefficients averaged 0.000533333, 0.000706667, and 0.00076, respectively. Finally, the mean squared error (MSE) between the original and encrypted images was 10203.72. These findings improve digital healthcare by revealing the solutions' performance, security, and efficacy.
{"title":"Quantum encryption of healthcare images: Enhancing security and confidentiality in e‐health systems","authors":"Ahmed J. Kadhim, T. S. Atia","doi":"10.1002/spy2.391","DOIUrl":"https://doi.org/10.1002/spy2.391","url":null,"abstract":"Ensuring the security and privacy of patient data in e‐healthcare systems that rely on cloud computation is of utmost importance. Traditional encryption is no longer resistant to quantum attacks and safeguards sensitive medical images. To tackle this issue, robust security countermeasures are proposed by integrating quantum encryption with a cloud‐based healthcare system. The encryption scheme utilizes the Generalized Novel Enhancement Quantum Representation (GNEQR) and the Novel Enhancement Quantum Representation (NEQR) to provide a framework for representing color and grayscale healthcare images. The proposed quantum algorithm uses quantum logic for image scrambling, which is combined with the encryption key by the Xor quantum gate. The encryption key is generated by 9D chaotic and permutated before encryption. Finally, channel re‐ordering is applied for color images. The simulation results for 15 medical tests with an encryption key space >2600 on a developed e‐healthcare system demonstrate the effectiveness and reliability of the proposed work where the average number of pixels change rates was 99.82, while the unified average change intensity rate was 33.51, entropy was 7.9, the horizontal, vertical, and diagonal correlation coefficients averaged 0.000533333, 0.000706667, and 0.00076, respectively. Finally, the mean squared error (MSE) between the original and encrypted images was 10203.72. These findings improve digital healthcare by revealing the solutions' performance, security, and efficacy.","PeriodicalId":29939,"journal":{"name":"Security and Privacy","volume":null,"pages":null},"PeriodicalIF":1.9,"publicationDate":"2024-04-18","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"140687119","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
M. Prasad, Pankaj Pal, Sachin Tripathi, Keshav P. Dahal
An IoT‐based monitoring system remotely controls and manages intelligent environments. Due to wireless communication, deployed sensor nodes are more vulnerable to attacks. An intrusion detection system is an efficient mechanism to detect malicious traffic and prevent abnormal activities. This article suggests an intrusion detection framework for the cold storage monitoring system. The temperature is the main parameter that affects the environment and harms stored products. A malicious node injects false data that manipulates temperature and forwards manipulated data. It also floods the data to neighbor nodes. In this work, data are generated and collected for intrusion detection. Two machine learning techniques have been applied: supervised learning (Bayesian rough set) and unsupervised learning (micro‐clustering). The proposed method shows better performance than existing methods.
{"title":"AI/ML driven intrusion detection framework for IoT enabled cold storage monitoring system","authors":"M. Prasad, Pankaj Pal, Sachin Tripathi, Keshav P. Dahal","doi":"10.1002/spy2.400","DOIUrl":"https://doi.org/10.1002/spy2.400","url":null,"abstract":"An IoT‐based monitoring system remotely controls and manages intelligent environments. Due to wireless communication, deployed sensor nodes are more vulnerable to attacks. An intrusion detection system is an efficient mechanism to detect malicious traffic and prevent abnormal activities. This article suggests an intrusion detection framework for the cold storage monitoring system. The temperature is the main parameter that affects the environment and harms stored products. A malicious node injects false data that manipulates temperature and forwards manipulated data. It also floods the data to neighbor nodes. In this work, data are generated and collected for intrusion detection. Two machine learning techniques have been applied: supervised learning (Bayesian rough set) and unsupervised learning (micro‐clustering). The proposed method shows better performance than existing methods.","PeriodicalId":29939,"journal":{"name":"Security and Privacy","volume":null,"pages":null},"PeriodicalIF":1.9,"publicationDate":"2024-04-18","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"140686016","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
京公网安备 11010802042870号
京ICP备2023020795号-1
扫码关注我们
求助内容:
应助结果提醒方式: