Pub Date : 2023-12-11DOI: 10.13052/jcsm2245-1439.1314
Syed Shuja Hussain, M. Razak, Ahmad Firdaus
Globally extensive digital revolutions involved with every process related to human progress can easily create the critical issues in security aspects. This is promoted due to the important factors like financial crises and geographical connectivity in worse condition of the nations. By this fact, the authors are well motivated to present a precise literature on malware detection with deep learning approach. In this literature, the basic overview includes the nature of nature of malware detection i.e., static, dynamic, and hybrid approach. Another major component of this articles is the investigation of the backgrounds from recently published and highly cited state-of-the-arts on malware detection, prevention and prediction with deep learning frameworks. The technologies engaged in providing solutions are utilized from AI based frameworks like machine learning, deep learning, and hybrid frameworks. The main motivations to produce this article is to portrait clear pictures of the option challenging issues and corresponding solution for developing robust malware-free devices. In the lack of a robust malware-free devices, highly growing geographical and financial disputes at wide globes can be extensively provoked by malicious groups. Therefore, exceptionally high demand of the malware detection devices requires a very strong recommendation to ensure the security of a nation. In terms preventing and recovery, Zero-day threats can be handled by recent methodology used in deep learning. In the conclusion, we also explored and investigated the future patterns of malware and how deals with in upcoming years. Such review may extend towards the development of IoT based applications used many fields such as medical devices, home appliances, academic systems.
{"title":"Deep Learning Based Hybrid Analysis of Malware Detection and Classification: A Recent Review","authors":"Syed Shuja Hussain, M. Razak, Ahmad Firdaus","doi":"10.13052/jcsm2245-1439.1314","DOIUrl":"https://doi.org/10.13052/jcsm2245-1439.1314","url":null,"abstract":"Globally extensive digital revolutions involved with every process related to human progress can easily create the critical issues in security aspects. This is promoted due to the important factors like financial crises and geographical connectivity in worse condition of the nations. By this fact, the authors are well motivated to present a precise literature on malware detection with deep learning approach. In this literature, the basic overview includes the nature of nature of malware detection i.e., static, dynamic, and hybrid approach. Another major component of this articles is the investigation of the backgrounds from recently published and highly cited state-of-the-arts on malware detection, prevention and prediction with deep learning frameworks. The technologies engaged in providing solutions are utilized from AI based frameworks like machine learning, deep learning, and hybrid frameworks. The main motivations to produce this article is to portrait clear pictures of the option challenging issues and corresponding solution for developing robust malware-free devices. In the lack of a robust malware-free devices, highly growing geographical and financial disputes at wide globes can be extensively provoked by malicious groups. Therefore, exceptionally high demand of the malware detection devices requires a very strong recommendation to ensure the security of a nation. In terms preventing and recovery, Zero-day threats can be handled by recent methodology used in deep learning. In the conclusion, we also explored and investigated the future patterns of malware and how deals with in upcoming years. Such review may extend towards the development of IoT based applications used many fields such as medical devices, home appliances, academic systems.","PeriodicalId":37820,"journal":{"name":"Journal of Cyber Security and Mobility","volume":"53 4","pages":""},"PeriodicalIF":0.0,"publicationDate":"2023-12-11","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"139010420","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2023-12-11DOI: 10.13052/jcsm2245-1439.1312
Peng Xiao
Malware, short for malicious software, is designed for harmful purposes and threatens network security because it can propagate without human interaction by exploiting user’s vulnerabilities and carelessness. Having your system regularly scanned for malicious software is essential for keeping hackers at bay and avoiding the disclosure of sensitive data. The major drawbacks are the rapid creation of new malware variants, and it may become difficult to detect existing threats. With the ever-increasing volume of Android malware, the sophistication with which it can hide, and the potentially enormous value of data assets stored on Android devices, detecting or classifying Android malware is a big data problem. Security researchers have developed various malware detection and prevention programs for servers, gateways, user workstations, and mobile devices. Some offer centralized monitoring for malware detection software deployed on many systems or computers. The purpose of this essay is to critically examine the research that has been done specifically on malware detection. This paper proposes the Anti-Virus Software Detection for Malware with Deep Learning Network (AVSD-MDLN) framework to explore the possible threats. The two methods help in finding the threats. Dynamic Analysis for the Detection of Spyware (DA-DS) framework is framed to detect malicious malware, while the other is for classifying Android malware which is helped out through the Category in an Ensemble (CE) method. Prior malware detection methods are compared with the results of the proposed method. According to the research findings, the proposed approach achieves a higher projected time (0.5 sec) and detection accuracy (97.47%) than the existing situation machine learning and deep learning methodologies. Performance, correlation coefficient, and recall rate all improved in the suggested framework. Likewise, the negative rate (MPR) and the positive rate (PPR) also improved.
{"title":"Network Malware Detection Using Deep Learning Network Analysis","authors":"Peng Xiao","doi":"10.13052/jcsm2245-1439.1312","DOIUrl":"https://doi.org/10.13052/jcsm2245-1439.1312","url":null,"abstract":"Malware, short for malicious software, is designed for harmful purposes and threatens network security because it can propagate without human interaction by exploiting user’s vulnerabilities and carelessness. Having your system regularly scanned for malicious software is essential for keeping hackers at bay and avoiding the disclosure of sensitive data. The major drawbacks are the rapid creation of new malware variants, and it may become difficult to detect existing threats. With the ever-increasing volume of Android malware, the sophistication with which it can hide, and the potentially enormous value of data assets stored on Android devices, detecting or classifying Android malware is a big data problem. Security researchers have developed various malware detection and prevention programs for servers, gateways, user workstations, and mobile devices. Some offer centralized monitoring for malware detection software deployed on many systems or computers. The purpose of this essay is to critically examine the research that has been done specifically on malware detection. This paper proposes the Anti-Virus Software Detection for Malware with Deep Learning Network (AVSD-MDLN) framework to explore the possible threats. The two methods help in finding the threats. Dynamic Analysis for the Detection of Spyware (DA-DS) framework is framed to detect malicious malware, while the other is for classifying Android malware which is helped out through the Category in an Ensemble (CE) method. Prior malware detection methods are compared with the results of the proposed method. According to the research findings, the proposed approach achieves a higher projected time (0.5 sec) and detection accuracy (97.47%) than the existing situation machine learning and deep learning methodologies. Performance, correlation coefficient, and recall rate all improved in the suggested framework. Likewise, the negative rate (MPR) and the positive rate (PPR) also improved.","PeriodicalId":37820,"journal":{"name":"Journal of Cyber Security and Mobility","volume":"147 2","pages":""},"PeriodicalIF":0.0,"publicationDate":"2023-12-11","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"138978532","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2023-12-11DOI: 10.13052/jcsm2245-1439.1315
Vikash Kumar Singh, D. Sivashankar, Kishlay Kundan, Sushmita Kumari
Sensor Nodes (SNs) are utilized by Wireless Sensor Networks (WSNs) to recognize their environment; in addition, the WSN delivers data from sensing nodes to the sink. The WSNs are exposed to several security threats owing to the broadcast performance of transmission along with the increase in the growth of application regions. Countermeasures like Intrusion Detection and Prevention Systems (IDPS) should be adopted to overcome the aforementioned attacks. By implementing these systems, several intrusions can be detected in WSN; also, WSN can be prevented from various security attacks. Therefore, identifying the general attack that influences the SNs mentioned as Distributed Denial of Service (DDoS) attack and recuperating the data utilizing Soft Swish (SS)-Linear Scaling-centered Adam Convolution Neural Network (SS-LSACNN) along with Two’s Compliment Shift Reverse (TCSLR) operation are the intentions of this work. Firstly, for extracting the vital features, the data gathered as of the dataset are utilized. After that, the extracted features are pre-processed. It is then utilized for attack detection. The null features and the redundant data are removed in preprocessing. By employing the Correlation Coefficient-centered Synthetic Minority Oversampling Technique (CC-SMOTE) methodology, data separation regarding classes and data balancing was performed to prevent the imbalance issue. Subsequently, to provide the preprocessed data for attack detection, the Numeralization and feature scaling are executed. After that, by utilizing Chebyshev Distance (CD)-centric K-Means Algorithm (KMA), the real-time SNs are initialized as well as clustered. The data gathered as of the SNs are utilized for attack detection following the clustering phase. Following the detection phase, the data being attacked are amassed in the log file; similarly, the non-attacked data are inputted into the prevention phase. Next, the experiential analysis is carried out for examining the proposed system’s efficacy. The outcomes revealed that the proposed model exhibits 98.15% accuracy, 97.59% sensitivity, 95.72% specificity, and 95.48% F-measure, which displays the proposed model’s efficacy.
无线传感器网络(WSN)利用传感器节点(SN)来识别周围环境;此外,WSN 还将传感节点的数据传送到汇集器。由于传输的广播性能和应用区域的增长,WSN 面临着多种安全威胁。应采用入侵检测和防御系统(IDPS)等对策来克服上述攻击。通过实施这些系统,可以检测到 WSN 中的若干入侵行为,还可以防止 WSN 遭受各种安全攻击。因此,识别影响 SN 的一般攻击(如分布式拒绝服务(DDoS)攻击),并利用软虹吸(SS)-线性扩展为中心的亚当卷积神经网络(SS-LSACNN)和二进制移位反向(TCSLR)操作来恢复数据,是这项工作的目的所在。首先,为了提取重要特征,我们利用了从数据集中收集到的数据。然后,对提取的特征进行预处理。然后将其用于攻击检测。在预处理过程中,空特征和冗余数据会被去除。通过采用以相关系数为中心的合成少数群体过采样技术(CC-SMOTE)方法,对类别进行了数据分离,并对数据进行了平衡,以防止出现不平衡问题。随后,为了提供用于攻击检测的预处理数据,执行了数值化和特征缩放。之后,利用以切比雪夫距离(CD)为中心的 K-Means 算法(KMA),对实时 SN 进行初始化和聚类。在聚类阶段之后,收集到的 SN 数据将用于攻击检测。检测阶段结束后,被攻击的数据会被收集到日志文件中;同样,未被攻击的数据也会被输入到预防阶段。接下来,我们进行了经验分析,以检验拟议系统的功效。结果显示,建议模型的准确率为 98.15%,灵敏度为 97.59%,特异性为 95.72%,F-measure 为 95.48%,显示了建议模型的功效。
{"title":"An Efficient Intrusion Detection and Prevention System for DDOS Attack in WSN Using SS-LSACNN and TCSLR","authors":"Vikash Kumar Singh, D. Sivashankar, Kishlay Kundan, Sushmita Kumari","doi":"10.13052/jcsm2245-1439.1315","DOIUrl":"https://doi.org/10.13052/jcsm2245-1439.1315","url":null,"abstract":"Sensor Nodes (SNs) are utilized by Wireless Sensor Networks (WSNs) to recognize their environment; in addition, the WSN delivers data from sensing nodes to the sink. The WSNs are exposed to several security threats owing to the broadcast performance of transmission along with the increase in the growth of application regions. Countermeasures like Intrusion Detection and Prevention Systems (IDPS) should be adopted to overcome the aforementioned attacks. By implementing these systems, several intrusions can be detected in WSN; also, WSN can be prevented from various security attacks. Therefore, identifying the general attack that influences the SNs mentioned as Distributed Denial of Service (DDoS) attack and recuperating the data utilizing Soft Swish (SS)-Linear Scaling-centered Adam Convolution Neural Network (SS-LSACNN) along with Two’s Compliment Shift Reverse (TCSLR) operation are the intentions of this work. Firstly, for extracting the vital features, the data gathered as of the dataset are utilized. After that, the extracted features are pre-processed. It is then utilized for attack detection. The null features and the redundant data are removed in preprocessing. By employing the Correlation Coefficient-centered Synthetic Minority Oversampling Technique (CC-SMOTE) methodology, data separation regarding classes and data balancing was performed to prevent the imbalance issue. Subsequently, to provide the preprocessed data for attack detection, the Numeralization and feature scaling are executed. After that, by utilizing Chebyshev Distance (CD)-centric K-Means Algorithm (KMA), the real-time SNs are initialized as well as clustered. The data gathered as of the SNs are utilized for attack detection following the clustering phase. Following the detection phase, the data being attacked are amassed in the log file; similarly, the non-attacked data are inputted into the prevention phase. Next, the experiential analysis is carried out for examining the proposed system’s efficacy. The outcomes revealed that the proposed model exhibits 98.15% accuracy, 97.59% sensitivity, 95.72% specificity, and 95.48% F-measure, which displays the proposed model’s efficacy.","PeriodicalId":37820,"journal":{"name":"Journal of Cyber Security and Mobility","volume":"16 45","pages":""},"PeriodicalIF":0.0,"publicationDate":"2023-12-11","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"138980839","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2023-12-11DOI: 10.13052/jcsm2245-1439.1313
Peng Xiao
Cyber Intelligence (CI) is a sophisticated security solution that uses machine learning models to protect networks against cyber-attack. Security concerns to IoT devices are exacerbated because of their inherent weaknesses in memory systems, physical and online interfaces, and network services. IoT devices are vulnerable to attacks because of the communication channels. That raises the risk of spoofing and Denial-of-Service (DoS) attacks on the entire system, which is a severe problem. Since the IoT ecosystem does not have encryption and access restrictions, cloud-based communications and data storage have become increasingly popular. An IoT-based Cyber Threat Intelligence System (IoT-CTIS) is designed in this article to detect malware and security threads using a machine learning algorithm. Because hackers are continuously attempting to get their hands on sensitive information, it is important that IoT devices have strong authentication measures in place. Multifactor authentication, digital certificates, and biometrics are just some of the methods that may be used to verify the identity of an Internet of Things device. All devices use Machine Learning (ML) assisted Logistic Regression (LR) techniques to address memory and Internet interface vulnerabilities. System integrity concerns, such as spoofing and Denial of Service (DoS) attacks, must be minimized using the Random Forest (RF) Algorithm. Default passwords are often provided with IoT devices, and many users don’t bother to change them, making it simple for cybercriminals to get access. In other instances, people design insecure passwords that are easy to crack. The results of the experiments show that the method outperforms other similar strategies in terms of identification and wrong alarms. Checking your alarm system’s functionality both locally and in terms of its connection to the monitoring centre is why you do it. Make sure your alarm system is working properly by checking it on a regular basis. It is recommended that you do system tests at least once every three months. The experimental analysis of IoT-CTIS outperforms the method in terms of accuracy (90%), precision (90%), F-measure (88%), Re-call (90%), RMSE (15%), MSE (5%), TPR (89%), TNR (8%), FRP (89%), FNR (8%), Security (93%), MCC (92%).
{"title":"Malware Cyber Threat Intelligence System for Internet of Things (IoT) Using Machine Learning","authors":"Peng Xiao","doi":"10.13052/jcsm2245-1439.1313","DOIUrl":"https://doi.org/10.13052/jcsm2245-1439.1313","url":null,"abstract":"Cyber Intelligence (CI) is a sophisticated security solution that uses machine learning models to protect networks against cyber-attack. Security concerns to IoT devices are exacerbated because of their inherent weaknesses in memory systems, physical and online interfaces, and network services. IoT devices are vulnerable to attacks because of the communication channels. That raises the risk of spoofing and Denial-of-Service (DoS) attacks on the entire system, which is a severe problem. Since the IoT ecosystem does not have encryption and access restrictions, cloud-based communications and data storage have become increasingly popular. An IoT-based Cyber Threat Intelligence System (IoT-CTIS) is designed in this article to detect malware and security threads using a machine learning algorithm. Because hackers are continuously attempting to get their hands on sensitive information, it is important that IoT devices have strong authentication measures in place. Multifactor authentication, digital certificates, and biometrics are just some of the methods that may be used to verify the identity of an Internet of Things device. All devices use Machine Learning (ML) assisted Logistic Regression (LR) techniques to address memory and Internet interface vulnerabilities. System integrity concerns, such as spoofing and Denial of Service (DoS) attacks, must be minimized using the Random Forest (RF) Algorithm. Default passwords are often provided with IoT devices, and many users don’t bother to change them, making it simple for cybercriminals to get access. In other instances, people design insecure passwords that are easy to crack. The results of the experiments show that the method outperforms other similar strategies in terms of identification and wrong alarms. Checking your alarm system’s functionality both locally and in terms of its connection to the monitoring centre is why you do it. Make sure your alarm system is working properly by checking it on a regular basis. It is recommended that you do system tests at least once every three months. The experimental analysis of IoT-CTIS outperforms the method in terms of accuracy (90%), precision (90%), F-measure (88%), Re-call (90%), RMSE (15%), MSE (5%), TPR (89%), TNR (8%), FRP (89%), FNR (8%), Security (93%), MCC (92%).","PeriodicalId":37820,"journal":{"name":"Journal of Cyber Security and Mobility","volume":"27 8","pages":""},"PeriodicalIF":0.0,"publicationDate":"2023-12-11","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"138981189","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2023-12-11DOI: 10.13052/jcsm2245-1439.1311
Liusuo Huang, Yan Song
In order to ensure the security of large-scale data transmission in a short time and in a wide range during online database updating, this paper presents a secure computer database updating algorithm based on DBN (Deep Belief Network). In this paper, the model adopts multi-layer depth structure for unsupervised feature learning, maps high-dimensional and nonlinear intrusion data to low-dimensional space, establishes the relationship mapping between high-dimensional and low-dimensional, and then uses fine-tuning algorithm to transform the model to achieve the best expression of features. At the same time, this method improves the data processing and method model without destroying the learned knowledge of the model and seriously affecting the real-time performance of detection. In order to overcome the problem of system instability caused by fixed empirical learning rate, this paper proposes a learning rate optimization strategy based on energy change. In the process of feature extraction, the features of different hidden layers are extracted to form combined features. Experiments show that the detection rate of this method can reach 95.31%, and the false alarm rate is 2.14%. This verifies the effectiveness of the secure computer database updating algorithm in this paper. Which can ensure the online update of the secure computer database.
{"title":"Update Algorithm of Secure Computer Database Based on Deep Belief Network","authors":"Liusuo Huang, Yan Song","doi":"10.13052/jcsm2245-1439.1311","DOIUrl":"https://doi.org/10.13052/jcsm2245-1439.1311","url":null,"abstract":"In order to ensure the security of large-scale data transmission in a short time and in a wide range during online database updating, this paper presents a secure computer database updating algorithm based on DBN (Deep Belief Network). In this paper, the model adopts multi-layer depth structure for unsupervised feature learning, maps high-dimensional and nonlinear intrusion data to low-dimensional space, establishes the relationship mapping between high-dimensional and low-dimensional, and then uses fine-tuning algorithm to transform the model to achieve the best expression of features. At the same time, this method improves the data processing and method model without destroying the learned knowledge of the model and seriously affecting the real-time performance of detection. In order to overcome the problem of system instability caused by fixed empirical learning rate, this paper proposes a learning rate optimization strategy based on energy change. In the process of feature extraction, the features of different hidden layers are extracted to form combined features. Experiments show that the detection rate of this method can reach 95.31%, and the false alarm rate is 2.14%. This verifies the effectiveness of the secure computer database updating algorithm in this paper. Which can ensure the online update of the secure computer database.","PeriodicalId":37820,"journal":{"name":"Journal of Cyber Security and Mobility","volume":"30 4","pages":""},"PeriodicalIF":0.0,"publicationDate":"2023-12-11","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"138981153","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2023-12-11DOI: 10.13052/jcsm2245-1439.1316
Nabeel Mahdy Haddad, Mustafa sabah Mustafa, H. S. Salih, M. Jaber, M. H. Ali
The Internet of Things (IoT) and real-time flexibility improve people’s lives, and IoT applications rely heavily on multimedia sensors and devices. An interconnected network of IoT multimedia devices has made the Internet of Medical Things (IoMT). It creates massive data distinct from what the Internet of Things (IoT) produced. Smart traffic monitoring and smart hospitals are only a few examples of real-time deployment applications. IoMT data and decision-making must be made quickly since it directly impacts human life. The security heterogeneity of optimization issues is a significant challenge for enabling multimedia applications on the IoT. The IoMT has difficulty achieving low-cost data collecting while maintaining data security. An Internet of Multimedia Things in a wireless environment (IoMT-WE) system decreases the bandwidth and privacy risk caused by the revocation list, ensures the integrity of batch verification information, and corresponds with Vehicular ad hoc network (VANET) security performance. The proposed method uses random subsampling and chaotic convolution to collect numerous images. The sampling method is safe since the measurement matrix is controlled by chaos. As part of the IoMT architecture, wireless multimedia sensor nodes can be more easily deployed over the long term for real-time multimedia. The Wireless Multimedia Sensor Network (WMSN) comprises nodes that can capture both multimedia and non-multimedia data. The ioMT-WE system has been tested and found to be secure and effective.
{"title":"Analysis of the Security of Internet of Multimedia Things in Wireless Environment","authors":"Nabeel Mahdy Haddad, Mustafa sabah Mustafa, H. S. Salih, M. Jaber, M. H. Ali","doi":"10.13052/jcsm2245-1439.1316","DOIUrl":"https://doi.org/10.13052/jcsm2245-1439.1316","url":null,"abstract":"The Internet of Things (IoT) and real-time flexibility improve people’s lives, and IoT applications rely heavily on multimedia sensors and devices. An interconnected network of IoT multimedia devices has made the Internet of Medical Things (IoMT). It creates massive data distinct from what the Internet of Things (IoT) produced. Smart traffic monitoring and smart hospitals are only a few examples of real-time deployment applications. IoMT data and decision-making must be made quickly since it directly impacts human life. The security heterogeneity of optimization issues is a significant challenge for enabling multimedia applications on the IoT. The IoMT has difficulty achieving low-cost data collecting while maintaining data security. An Internet of Multimedia Things in a wireless environment (IoMT-WE) system decreases the bandwidth and privacy risk caused by the revocation list, ensures the integrity of batch verification information, and corresponds with Vehicular ad hoc network (VANET) security performance. The proposed method uses random subsampling and chaotic convolution to collect numerous images. The sampling method is safe since the measurement matrix is controlled by chaos. As part of the IoMT architecture, wireless multimedia sensor nodes can be more easily deployed over the long term for real-time multimedia. The Wireless Multimedia Sensor Network (WMSN) comprises nodes that can capture both multimedia and non-multimedia data. The ioMT-WE system has been tested and found to be secure and effective.","PeriodicalId":37820,"journal":{"name":"Journal of Cyber Security and Mobility","volume":"24 13","pages":""},"PeriodicalIF":0.0,"publicationDate":"2023-12-11","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"139010598","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
In the context of the information age, the Internet has developed rapidly, but the accompanying network security threats have also become an issue that cannot be ignored. In order to effectively respond to these threats and improve the data processing capabilities of network security situational awareness, the study focuses on the challenges of multi-source data processing and proposes a multi-source data association analysis method based on the A priori algorithm. This method aims to deeply explore the implicit relationships between data and provide stronger support for network attack detection. In addition, the study also designed a multi-level evaluation method based on coefficient of variation indicators, aiming to provide a more objective and comprehensive evaluation of the detection results. After a series of experimental verification, the proposed correlation analysis method has achieved significant results in detecting phishing attacks and DOS attacks, with detection rates of 90.3% and 93.8%, respectively. At the same time, the multi-level evaluation method has also been experimentally proven to provide more reasonable and accurate results for data evaluation. The methods and technologies proposed in the study can not only improve the multi-source data processing ability of network security situational awareness, but also provide valuable references for future network security research and practice.
在信息时代的背景下,互联网发展迅速,但随之而来的网络安全威胁也成为一个不容忽视的问题。为了有效应对这些威胁,提高网络安全态势感知的数据处理能力,本研究针对多源数据处理的难题,提出了一种基于先验算法的多源数据关联分析方法。该方法旨在深入挖掘数据之间的隐含关系,为网络攻击检测提供更有力的支持。此外,该研究还设计了基于变异系数指标的多层次评价方法,旨在对检测结果进行更客观、更全面的评价。经过一系列实验验证,所提出的相关性分析方法在检测网络钓鱼攻击和 DOS 攻击方面取得了显著效果,检测率分别达到 90.3% 和 93.8%。同时,多层次评价方法也得到了实验验证,为数据评价提供了更合理、更准确的结果。本研究提出的方法和技术不仅能提高网络安全态势感知的多源数据处理能力,还能为今后的网络安全研究和实践提供有价值的参考。
{"title":"A Priori Algorithm Based Network Security Situational Awareness Multi-Source Data Correlation Analysis Method","authors":"Wei Li, Jianjun Li, Chengting Zhang, Guang Yao, Xue Xu","doi":"10.13052/jcsm2245-1439.1263","DOIUrl":"https://doi.org/10.13052/jcsm2245-1439.1263","url":null,"abstract":"In the context of the information age, the Internet has developed rapidly, but the accompanying network security threats have also become an issue that cannot be ignored. In order to effectively respond to these threats and improve the data processing capabilities of network security situational awareness, the study focuses on the challenges of multi-source data processing and proposes a multi-source data association analysis method based on the A priori algorithm. This method aims to deeply explore the implicit relationships between data and provide stronger support for network attack detection. In addition, the study also designed a multi-level evaluation method based on coefficient of variation indicators, aiming to provide a more objective and comprehensive evaluation of the detection results. After a series of experimental verification, the proposed correlation analysis method has achieved significant results in detecting phishing attacks and DOS attacks, with detection rates of 90.3% and 93.8%, respectively. At the same time, the multi-level evaluation method has also been experimentally proven to provide more reasonable and accurate results for data evaluation. The methods and technologies proposed in the study can not only improve the multi-source data processing ability of network security situational awareness, but also provide valuable references for future network security research and practice.","PeriodicalId":37820,"journal":{"name":"Journal of Cyber Security and Mobility","volume":"30 4","pages":""},"PeriodicalIF":0.0,"publicationDate":"2023-11-17","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"139264283","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2023-08-12DOI: 10.13052/jcsm2245-1439.1251
Xiaopeng Kan, Zhihong Zhou, Lihong Yao, Yuxin Zuo
Controller Area Network (CAN) is one of the most widely used in-vehicle networks in modern vehicles. Due to the lack of security mechanisms such as encryption and authentication, CAN is vulnerable to external hackers in the intelligent network environment. In the paper, a lightweight CAN bus anomaly detection model based on the Bi-LSTM model is proposed. The Bi-LSTM model learns ID sequence correlation features to detect anomalies. At the same time, the Attention mechanism is introduced to improve the model’s efficiency. The paper focuses on replay attacks, denial of service attacks and fuzzing attacks. The experimental results show that the anomaly detection model based on Bi-LSTM can detect three attack types quickly and accurately.
{"title":"Research on Anomaly Detection in Vehicular CAN Based on Bi-LSTM","authors":"Xiaopeng Kan, Zhihong Zhou, Lihong Yao, Yuxin Zuo","doi":"10.13052/jcsm2245-1439.1251","DOIUrl":"https://doi.org/10.13052/jcsm2245-1439.1251","url":null,"abstract":"Controller Area Network (CAN) is one of the most widely used in-vehicle networks in modern vehicles. Due to the lack of security mechanisms such as encryption and authentication, CAN is vulnerable to external hackers in the intelligent network environment. In the paper, a lightweight CAN bus anomaly detection model based on the Bi-LSTM model is proposed. The Bi-LSTM model learns ID sequence correlation features to detect anomalies. At the same time, the Attention mechanism is introduced to improve the model’s efficiency. The paper focuses on replay attacks, denial of service attacks and fuzzing attacks. The experimental results show that the anomaly detection model based on Bi-LSTM can detect three attack types quickly and accurately.","PeriodicalId":37820,"journal":{"name":"Journal of Cyber Security and Mobility","volume":"252 1","pages":"629-652"},"PeriodicalIF":0.0,"publicationDate":"2023-08-12","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"85187481","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2023-08-12DOI: 10.13052/jcsm2245-1439.1252
Junlin Zhang
Fog computing is a computing environment that can respond to user operational needs in real time. Aiming at the shortcomings of user privacy protection performance and structural performance, a method of completely hiding access structures is proposed under the framework of cloud and mist computing. The cuckoo filter is applied to the fog computing environment, and users are detected through fog nodes. If an attribute is detected to exist in the fully hidden access structure, the mapping function between the attribute and the access structure line number is returned. The research results show that with the increase of the number of attributes, the advantage of attribute confirmation time for fog servers is gradually obvious; The overall delay of fog computing is shorter, the Time To Live (TTL) is longer, the average delay is only 3 ms, and the delay is lower; The completely hidden access structure constructed by the cuckoo algorithm occupies only 1% of the total system steps, which can more effectively achieve user privacy protection without increasing overhead. The proposed scheme greatly reduces the amount of computation while fully protecting user privacy, and meets the needs of users for fast and secure access.
{"title":"Analysis of Security Access Control Systems in Fog Computing Environment","authors":"Junlin Zhang","doi":"10.13052/jcsm2245-1439.1252","DOIUrl":"https://doi.org/10.13052/jcsm2245-1439.1252","url":null,"abstract":"Fog computing is a computing environment that can respond to user operational needs in real time. Aiming at the shortcomings of user privacy protection performance and structural performance, a method of completely hiding access structures is proposed under the framework of cloud and mist computing. The cuckoo filter is applied to the fog computing environment, and users are detected through fog nodes. If an attribute is detected to exist in the fully hidden access structure, the mapping function between the attribute and the access structure line number is returned. The research results show that with the increase of the number of attributes, the advantage of attribute confirmation time for fog servers is gradually obvious; The overall delay of fog computing is shorter, the Time To Live (TTL) is longer, the average delay is only 3 ms, and the delay is lower; The completely hidden access structure constructed by the cuckoo algorithm occupies only 1% of the total system steps, which can more effectively achieve user privacy protection without increasing overhead. The proposed scheme greatly reduces the amount of computation while fully protecting user privacy, and meets the needs of users for fast and secure access.","PeriodicalId":37820,"journal":{"name":"Journal of Cyber Security and Mobility","volume":"1 1","pages":""},"PeriodicalIF":0.0,"publicationDate":"2023-08-12","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"48606815","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2023-08-12DOI: 10.13052/jcsm2245-1439.1257
Xv Zhou, Jinwen He
Image is one of the most important carriers of information that humans transmit on a daily basis. Therefore, the security of images in the transmission process has been a key study subject. A quantum bit-plane representation of the Real Ket model (QBRK) is proposed, which requires 2n+4 and 2n+6 quantum bits to represent gray-scale and color images of 22n−k×2k size, respectively. On the basis of the QBRK model and chaotic system, an image encryption algorithm is proposed according to pixel position encoding for slice dislocation and quantum bit-plane XOR operation. First, we use a modified logistics chaos system to generate two matrices that perform matrix determinant transformations in the bit-plane. Then, we perform an XOR operation on the pixel values based on the parity bit-plane. Finally, the pixel diffusion is completed by permutation with each cut encoding in the QBRK model. According to the simulation outcomes and security analysis, the encryption algorithm is very efficient and well resists state-of-the-art attacks.
{"title":"Quantum Image Encryption Algorithm Incorporating Bit-plane Color Representation and Real Ket Model","authors":"Xv Zhou, Jinwen He","doi":"10.13052/jcsm2245-1439.1257","DOIUrl":"https://doi.org/10.13052/jcsm2245-1439.1257","url":null,"abstract":"Image is one of the most important carriers of information that humans transmit on a daily basis. Therefore, the security of images in the transmission process has been a key study subject. A quantum bit-plane representation of the Real Ket model (QBRK) is proposed, which requires 2n+4 and 2n+6 quantum bits to represent gray-scale and color images of 22n−k×2k size, respectively. On the basis of the QBRK model and chaotic system, an image encryption algorithm is proposed according to pixel position encoding for slice dislocation and quantum bit-plane XOR operation. First, we use a modified logistics chaos system to generate two matrices that perform matrix determinant transformations in the bit-plane. Then, we perform an XOR operation on the pixel values based on the parity bit-plane. Finally, the pixel diffusion is completed by permutation with each cut encoding in the QBRK model. According to the simulation outcomes and security analysis, the encryption algorithm is very efficient and well resists state-of-the-art attacks.","PeriodicalId":37820,"journal":{"name":"Journal of Cyber Security and Mobility","volume":"113 1","pages":"757-784"},"PeriodicalIF":0.0,"publicationDate":"2023-08-12","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"79079828","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
京公网安备 11010802042870号
京ICP备2023020795号-1
扫码关注我们
求助内容:
应助结果提醒方式: