Search for Articles:
Title / Keyword
Author / Affiliation / Email
Journal
Article Type
 
 
Advanced Search
 
Section
Special Issue
Volume
Issue
Number
Page
 
4.5
2.7
Journals
Applied Sciences
Special Issues
Emerging Technologies in Information Security and Cryptography
share announcement

Emerging Technologies in Information Security and Cryptography

A special issue of Applied Sciences (ISSN 2076-3417). This special issue belongs to the section "Computing and Artificial Intelligence".

Deadline for manuscript submissions: closed (20 March 2024) | Viewed by 4859

Special Issue Editors

Dr. Stephan Neumann

E-Mail Website
Guest Editor
SaarLB, Landesbank Saar, Ursulinenstraße 2, 66111 Saarbrücken, Germany
Interests: applied cryptography; information security
Dr. Jurlind Budurushi

E-Mail Website
Guest Editor
Department of Computer Science and Engineering, Qatar University, 9FGR+WF7, University Street, Doha, Qatar
Interests: cyber security; applied cryptography
Dr. Malika Bendechache

E-Mail Website
Guest Editor
School of Computer Science, University of Galway, University Road, Galway H91 TK33, Ireland
Interests: cyber security; privacy; blockchain; distributed ledger technology (DLT)

Special Issue Information

Dear Colleagues,

Digital transformation experiences continuous progression. Not only does this transformation significantly impact cultural changes and business processes in modern societies, but it also enables and facilitates the development of new ecosystems and business models, such as the establishment of digital currencies or on-demand business models. Fundamental pillars of these transformation processes represent technological advances and new technology branches, e.g., IoT, AI, Cloud and Edge Computing, or Quantum Computing. Besides the promising benefits, these technological advances and new technologies introduce new attack vectors and information security risks. The reasons behind these attack vectors and risks are manifold, with examples including increasing system complexity, inadequate security awareness, a short time to markets, and an increasing number of interdependencies. To overcome the increasing number of attack vectors and information security risks, researchers and practitioners are continuously searching for innovative approaches. Hereby, new cryptographic approaches have been proven to play a central role. For instance, over the last few years, practical cryptographic schemes that address the risks of quantum computing for existing cryptographic schemes have been developed and are currently in the process of standardization. Modern cryptography can go far beyond this: in fact, approaches such as homomorphic encryption or secure multiparty computation have been proven to have a significant real world impact, as seen when used in applications such as electronic voting, digital healthcare, or digital finance. However, the innovation regarding approaches that address new attack vectors and information security risks is not only restricted to the field of cryptography. Particularly in the focus field of AI and machine learning, the need for new information security approaches has becine increasingly pressing within the last decade. This Special Issue strives to address security challenges, i.e., new attack vectors and information security risks, introduced by cultural, technological, organizational, and policy changes. Solutions to these challenges include the development of new security and cryptographic approaches, the evaluation of information security awareness measures, the evolution of information security management systems and processes, and the study of regulations and standardization.

Dr. Stephan Neumann
Dr. Jurlind Budurushi
Dr. Malika Bendechache
Guest Editors

Manuscript Submission Information

Manuscripts should be submitted online at www.mdpi.com by registering and logging in to this website. Once you are registered, click here to go to the submission form. Manuscripts can be submitted until the deadline. All submissions that pass pre-check are peer-reviewed. Accepted papers will be published continuously in the journal (as soon as accepted) and will be listed together on the special issue website. Research articles, review articles as well as short communications are invited. For planned papers, a title and short abstract (about 100 words) can be sent to the Editorial Office for announcement on this website.

Submitted manuscripts should not have been published previously, nor be under consideration for publication elsewhere (except conference proceedings papers). All manuscripts are thoroughly refereed through a single-blind peer-review process. A guide for authors and other relevant information for submission of manuscripts is available on the Instructions for Authors page. Applied Sciences is an international peer-reviewed open access semimonthly journal published by MDPI.

Please visit the Instructions for Authors page before submitting a manuscript. The Article Processing Charge (APC) for publication in this open access journal is 2400 CHF (Swiss Francs). Submitted papers should be well formatted and use good English. Authors may use MDPI's English editing service prior to publication or during author revisions.

Published Papers (3 papers)

Download All Papers
Order results
Result details
Show export options expand_more Show export options expand_less
Select all
Export citation of selected articles as:

Research

25 pages, 32475 KiB  
Article
Analysis of Key Storage Mechanism of Asymmetric Key-Related Functions in CNG Crypto Library
by Kyungroul Lee and Kangbin Yim
Appl. Sci. 2023, 13(11), 6510; https://doi.org/10.3390/app13116510 - 26 May 2023
Viewed by 971
Abstract
During the implementation of a crypto system, distributed cryptographic libraries are unable to endure situations where the execution environment rapidly changes because of a structural vulnerability that is by design. For this reason, Microsoft announced a CNG library to solve this problem; however, [...] Read more.
During the implementation of a crypto system, distributed cryptographic libraries are unable to endure situations where the execution environment rapidly changes because of a structural vulnerability that is by design. For this reason, Microsoft announced a CNG library to solve this problem; however, the CNG does not comprise verification tools regarding the execution results for developers, users, or experts to assess the crypto system. In addition, the CNG design means that it is difficult to ensure that the encryption or decryption keys can be found in real-time processing because almost all cryptographic functions are processed by handles. This paper analyzes the way that key information is found to assure the security of the implemented products or to debug them in the development process. For this reason, we analyze the key storage mechanism of asymmetric-key-related functions in the CNG library. This study provides more convenient ways to identify key-related information, such as debugging and evaluation, when a crypto system is implemented using the CNG library. Full article
(This article belongs to the Special Issue Emerging Technologies in Information Security and Cryptography)
Show Figures

Figure 1

21 pages, 6305 KiB  
Article
Android-Based Audio Video Navigation System Forensics: A Case Study
by Haein Kang, Hojun Seong, Ilkyu Kim, Wookjae Jeong, Seong-Je Cho, Minkyu Park and Sangchul Han
Appl. Sci. 2023, 13(10), 6176; https://doi.org/10.3390/app13106176 - 18 May 2023
Viewed by 1988
Abstract
Vehicle digital forensics includes the process of collecting and analysing digital data stored in vehicles to find evidence related to traffic accidents or crime scenes. Through this process, we can reconstruct digital events by recognizing various information such as driver behaviour, driving patterns, [...] Read more.
Vehicle digital forensics includes the process of collecting and analysing digital data stored in vehicles to find evidence related to traffic accidents or crime scenes. Through this process, we can reconstruct digital events by recognizing various information such as driver behaviour, driving patterns, vehicle destinations, and smartphones connected to a vehicle. Recently, many vehicle digital forensic studies have been conducted, but few of them have dealt with Android-based infotainment (or audio video navigation, AVN) systems. While many AVN systems adopt Android as the operating system, digital forensics of Android-based AVN systems is not easy. This is because Android-based AVN systems support various storage devices and data formats and have various data sources, making consistent data collection or analysis difficult. In this article, we perform digital forensics on four AVN systems: two Android 4.2.2 Jellybean-based and two Android 4.4.2 KitKat-based, aiming to develop a data acquisition and analysis method appropriate for each Android version. As a data collection method for the AVN system forensics, logical data acquisition is performed on the Jellybean-based systems and physical data acquisition on the KitKat-based systems. For the collected data, we identify and analyse Bluetooth data, navigation data, and system logs individually. Next, we investigate the differences in the storage structure and file location of major digital artefacts depending on the Android versions and show the limitations of the individual data analysis. Finally, we construct a timeline for the driver’s activities by integrating and analysing the diverse artefacts which consist of Bluetooth data, navigation data, and system logs. Full article
(This article belongs to the Special Issue Emerging Technologies in Information Security and Cryptography)
Show Figures

Figure 1

25 pages, 11892 KiB  
Article
Security Requirement Recommendation Method Using Case-Based Reasoning to Prevent Advanced Persistent Threats
by Ji-Wook Jung and Seok-Won Lee
Appl. Sci. 2023, 13(3), 1505; https://doi.org/10.3390/app13031505 - 23 Jan 2023
Viewed by 1193
Abstract
As the world becomes digitized and connected, cyberattacks and security issues have been steadily increasing. In particular, advanced persistent threats (APTs) are actors who perform various complex attacks over the long term to achieve their purpose. These attacks involve more planning and intelligence [...] Read more.
As the world becomes digitized and connected, cyberattacks and security issues have been steadily increasing. In particular, advanced persistent threats (APTs) are actors who perform various complex attacks over the long term to achieve their purpose. These attacks involve more planning and intelligence than typical cyberattacks. Many studies have investigated APT detection and defense methods; however, studies on security requirements that focus on non-technical factors and prevention are relatively few. Therefore, this study aims to provide attack information to users obtained by analyzing attack scenarios as well as security requirements to help the users understand and make decisions. To this end, we propose a method for extracting attack elements by providing users with templates for attack scenarios with different levels of abstraction. In addition, we use a problem domain ontology that is based on the concept of a case to provide users with attack analysis results and recommended security requirements. Our method uses case-based reasoning to retrieve similar cases, recommend reusable security requirements, and propose revision directions. The ontology can be improved by adding the solution to the problem as a new case. We conducted case studies and surveys to evaluate our methods and showed that they help specify security requirements. Full article
(This article belongs to the Special Issue Emerging Technologies in Information Security and Cryptography)
Show Figures

Figure 1

Show export options expand_more Show export options expand_less
Select all
Export citation of selected articles as:
 
Displaying articles 1-3
Back to TopTop