Search for Articles:
Title / Keyword
Author / Affiliation / Email
Journal
Article Type
 
 
Advanced Search
 
Section
Special Issue
Volume
Issue
Number
Page
 
4.5
2.7
Journals
Applied Sciences
Special Issues
Information Security and Privacy
share announcement

Information Security and Privacy

A special issue of Applied Sciences (ISSN 2076-3417). This special issue belongs to the section "Computing and Artificial Intelligence".

Deadline for manuscript submissions: closed (20 June 2023) | Viewed by 51316

Special Issue Editors

Dr. Christina Thorpe

E-Mail Website
Guest Editor
Head of Discipline of Cyber Security, School of Informatics and Cyber Security, TU Dublin, 200061 Dublin, Ireland
Interests: security; privacy; performance engineering; networking; QoE and QoS assurance
Dr. Stephen O' Shaughnessy

E-Mail Website
Guest Editor
Department of Informatics, Technological University Dublin, 200061 Dublin, Ireland
Interests: cyber; big data; data privacy

Special Issue Information

Dear Colleagues,

Cybersecurity and cybercrime are ever-growing global concerns, and the key message from many of the relevant authorities is that we are a long way from a cyberspace that is trustworthy or secure. The complexity and dynamicity of the landscape, the volume of vulnerabilities, the vastness of the attack surfaces, and the sophistication and volume of attacks leaves us with significant scope for improvement.

This Special Issue on Information Security and Privacy in Applied Sciences is an online, open-access, peer-reviewed journal. The primary objective of this Special Issue is to provide a forum for the dissemination of original, high-quality research on all areas of security and privacy.

Our goal is to attract submissions from the multiple disciplines working to address the vast problems that are well-known, as well as those that are just emerging, including researchers and industry practitioners working in legal, policy, ethical, technical, and social domains. This is a broad-scope Special Issue, which will provide a forum where the theory and practice of security and privacy is advanced. We seek to publish empirical and theoretical research, technical papers, surveys, case studies, and tutorials.

The scope includes, but is not limited to:

  • Secure communications;
  • Access control and identity management;
  • Cryptography;
  • Blockchain;
  • Threat intelligence;
  • DevSecOps;
  • Security operations;
  • Virtualization security;
  • IoT;
  • Digital forensics;
  • Data privacy;
  • Future networks;
  • Big data;
  • Malware analysis;
  • Risk management;
  • Business continuity;
  • Application security;
  • Infrastructure security;
  • Cloud security;
  • Network security;
  • Penetration testing;
  • Software testing.

Dr. Christina Thorpe
Dr. Stephen O' Shaughnessy
Guest Editors

Manuscript Submission Information

Manuscripts should be submitted online at www.mdpi.com by registering and logging in to this website. Once you are registered, click here to go to the submission form. Manuscripts can be submitted until the deadline. All submissions that pass pre-check are peer-reviewed. Accepted papers will be published continuously in the journal (as soon as accepted) and will be listed together on the special issue website. Research articles, review articles as well as short communications are invited. For planned papers, a title and short abstract (about 100 words) can be sent to the Editorial Office for announcement on this website.

Submitted manuscripts should not have been published previously, nor be under consideration for publication elsewhere (except conference proceedings papers). All manuscripts are thoroughly refereed through a single-blind peer-review process. A guide for authors and other relevant information for submission of manuscripts is available on the Instructions for Authors page. Applied Sciences is an international peer-reviewed open access semimonthly journal published by MDPI.

Please visit the Instructions for Authors page before submitting a manuscript. The Article Processing Charge (APC) for publication in this open access journal is 2400 CHF (Swiss Francs). Submitted papers should be well formatted and use good English. Authors may use MDPI's English editing service prior to publication or during author revisions.

Keywords

  • information security
  • privacy
  • vulnerabilities
  • countermeasures
  • secure communications
  • digital forensics
  • cybersecurity
  • cybercrime
  • malware

Published Papers (17 papers)

Download All Papers
Order results
Result details
Show export options expand_more Show export options expand_less
Select all
Export citation of selected articles as:

Research

Jump to: Review

21 pages, 1057 KiB  
Article
A Scalable and Trust-Value-Based Consensus Algorithm for Internet of Vehicles
by Zhiqiang Du, Jiaheng Zhang, Yanfang Fu, Muhong Huang, Liangxin Liu and Yunliang Li
Appl. Sci. 2023, 13(19), 10663; https://doi.org/10.3390/app131910663 - 25 Sep 2023
Cited by 2 | Viewed by 1007
Abstract
As blockchain technology plays an increasingly important role in the Internet of Vehicles, how to further enhance the data consensus between the areas of the Internet of Vehicles has become a key issue in blockchain design. The traditional blockchain-based vehicle networking consensus mechanism [...] Read more.
As blockchain technology plays an increasingly important role in the Internet of Vehicles, how to further enhance the data consensus between the areas of the Internet of Vehicles has become a key issue in blockchain design. The traditional blockchain-based vehicle networking consensus mechanism adopts the double-layer PBFT architecture, through the grouping of nodes for first intra-group consensus, and then global consensus. To further reduce delay, we propose a CRMWSL-PBFT algorithm (C-PBFT) for vehicle networking. Firstly, in order to ensure the security of RSU nodes in the network of vehicles and reduce the probability of malicious nodes participating in the consensus, we propose to calculate the reputation of RSU nodes based on multi-weighted subjective logic (CRMWSL) model. Secondly, in order to ensure the efficiency of blockchain data consensus, we improve the consensus protocol of traditional double-layer PBFT, change the election method of the committee and the PBFT consensus process, and improve throughput by reducing the number of consensus nodes. For the committee, we combine the credibility value and hash method to ensure the credibility of nodes, but also to ensure a certain degree of election randomness. For the PBFT consensus process, the regional committee consensus is carried out first, and then the regional master node carries out the global consensus. Through experimental comparison, we show that the C-PBFT significantly reduces consensus time, network overhead, and is scalable for Internet of Vehicles. Full article
(This article belongs to the Special Issue Information Security and Privacy)
Show Figures

Figure 1

23 pages, 747 KiB  
Article
A Chunked and Disordered Data Privacy Protection Algorithm: Application to Resource Platform Systems
by Daike Zhang, Junyang Chen, Yihui He, Xiaoqing Lan, Xian Chen, Chunlin Dong and Jun Li
Appl. Sci. 2023, 13(10), 6017; https://doi.org/10.3390/app13106017 - 13 May 2023
Viewed by 1237
Abstract
This paper provides a systematic analysis of existing resource platforms, evaluating their advantages and drawbacks with respect to data privacy protection. To address the privacy and security risks associated with resource platform data, we propose a novel privacy protection algorithm based on chunking [...] Read more.
This paper provides a systematic analysis of existing resource platforms, evaluating their advantages and drawbacks with respect to data privacy protection. To address the privacy and security risks associated with resource platform data, we propose a novel privacy protection algorithm based on chunking disorder. Our algorithm exchanges data within a specific range of chunk size for the position and combines the chunked data with the MD5 value in a differential way, thus ensuring data privacy. To ensure the security of the algorithm, we also discuss the importance of preventing client and server decompilation during its implementation. The findings of our experiments are as follows. Our proposed privacy-preserving algorithm is extremely secure and easy to implement. Our algorithm has a significant avalanche effect, maintaining values of 0.61–0.85, with information entropy being maintained at 4.5–4.9. This indicates that our algorithm is highly efficient without compromising data security. Furthermore, our algorithm has strong encryption and decryption time stability. The key length can be up to 594 bits, rendering it challenging to decrypt. Compared with the traditional DES algorithm, our algorithm has better security under the same conditions and approaches the levels of security offered by the AES and RC4 algorithms. Full article
(This article belongs to the Special Issue Information Security and Privacy)
Show Figures

Figure 1

17 pages, 3690 KiB  
Article
Evaluating a Proposed E-Government Stage Model in Terms of Personal Data Protection
by Hemin Muhammad and Martin Hromada
Appl. Sci. 2023, 13(6), 3913; https://doi.org/10.3390/app13063913 - 19 Mar 2023
Cited by 1 | Viewed by 2197
Abstract
In today’s era, the e-government plays a significant role in providing better services to citizens. As a result, citizens are crucial in ensuring the success of the e-government and are involved in the government’s policies. Hence, the protection of personal information must be [...] Read more.
In today’s era, the e-government plays a significant role in providing better services to citizens. As a result, citizens are crucial in ensuring the success of the e-government and are involved in the government’s policies. Hence, the protection of personal information must be taken into consideration when designing any e-government model. Previous studies have shown that privacy and security are the main challenges in implementing an e-government in developing countries. This study aims to evaluate an e-government stage model that is proposed based on protecting personal information in developing countries. The methodology of this study uses SOAR (Strengths, Opportunities, Aspirations, and Results) analysis to evaluate the stages and combines it with the Analytic Hierarchy Process (AHP) to determine the feasibility of the model. The results of the study show that the model is acceptable and suitable for adoption. Therefore, the model is a viable option for implementing an e-government in developing countries. Full article
(This article belongs to the Special Issue Information Security and Privacy)
Show Figures

Figure 1

15 pages, 1024 KiB  
Article
Data Exfiltration through Electromagnetic Covert Channel of Wired Industrial Control Systems
by Shakthi Sachintha, Nhien-An Le-Khac, Mark Scanlon and Asanka P. Sayakkara
Appl. Sci. 2023, 13(5), 2928; https://doi.org/10.3390/app13052928 - 24 Feb 2023
Cited by 2 | Viewed by 1913
Abstract
Industrial control systems (ICS) often contain sensitive information related to the corresponding equipment being controlled and their configurations. Protecting such information is important to both the manufacturers and users of such ICSs. This work demonstrates an attack vector on industrial control systems where [...] Read more.
Industrial control systems (ICS) often contain sensitive information related to the corresponding equipment being controlled and their configurations. Protecting such information is important to both the manufacturers and users of such ICSs. This work demonstrates an attack vector on industrial control systems where information can be exfiltrated through a electromagnetic (EM) radiation covert channel from the wired Ethernet connections commonly used by these devices. The attack leverages compromised firmware for the controller—capable of encoding sensitive/critical information into the wired network as packet transmission patterns. The EM radiation from the wired network’s communication is captured without direct physical interaction using a portable software-defined radio, and subsequently demodulated on the attacker’s computer. This covert channel facilitates the exfiltration of data from a distance of up to two metres with a data rate of 10 bps without any significant data loss. The nature of this covert channel demonstrates that having strong firewalls and network security. Full article
(This article belongs to the Special Issue Information Security and Privacy)
Show Figures

Figure 1

16 pages, 2355 KiB  
Article
GA-StackingMD: Android Malware Detection Method Based on Genetic Algorithm Optimized Stacking
by Nannan Xie, Zhaowei Qin and Xiaoqiang Di
Appl. Sci. 2023, 13(4), 2629; https://doi.org/10.3390/app13042629 - 17 Feb 2023
Cited by 10 | Viewed by 2147
Abstract
With the rapid development of network and mobile communication, intelligent terminals such as smartphones and tablet computers have changed people’s daily life and work. However, malware such as viruses, Trojans, and extortion applications have introduced threats to personal privacy and social security. Malware [...] Read more.
With the rapid development of network and mobile communication, intelligent terminals such as smartphones and tablet computers have changed people’s daily life and work. However, malware such as viruses, Trojans, and extortion applications have introduced threats to personal privacy and social security. Malware of the Android operating system has a great variety and updates rapidly. Android malware detection is faced with the problems of high feature dimension and unsatisfied detection accuracy of single classification algorithms. In this work, an Android malware detection framework GA-StackingMD is presented, which employs Stacking to compose five different base classifiers, and Genetic Algorithm is applied to optimize the hyperparameters of the framework. Experiments show that Stacking could effectively improve malware detection accuracy compared with single classifiers. The presented GA-StackingMD achieves 98.43% and 98.66% accuracies on CIC-AndMal2017 and CICMalDroid2020 data sets, which shows the effectiveness and feasibility of the proposed method. Full article
(This article belongs to the Special Issue Information Security and Privacy)
Show Figures

Figure 1

20 pages, 2051 KiB  
Article
Relationship between Cyber Security and Civil Protection in the Greek Reality
by Stavros Kalogiannidis, Maria Paschalidou, Dimitrios Kalfas and Fotios Chatzitheodoridis
Appl. Sci. 2023, 13(4), 2607; https://doi.org/10.3390/app13042607 - 17 Feb 2023
Cited by 3 | Viewed by 2176
Abstract
The links between cybersecurity and civil protection in the last decades became strong due to the rapid increase in the use of Informatics Technologies (IT) worldwide and the need to increase citizens’ protection from various disasters and uncertainties. The objective of the present [...] Read more.
The links between cybersecurity and civil protection in the last decades became strong due to the rapid increase in the use of Informatics Technologies (IT) worldwide and the need to increase citizens’ protection from various disasters and uncertainties. The objective of the present study is to explore the role of cyber security in enhancing civil protection in Greek reality. Methodologically, the study has been based on a survey with a sample of 345 executives of IT companies in Greece by using a structured questionnaire. The basic results of the research study showed that cyber security technologies positively affect civil protection, cybercrime reduction practices have a positive influence on civil protection, and there is a significant relationship between the government’s role in cyber security and civil protection. Cybersecurity also may have a significant influence on the principles of emergency operations: prevention, mitigation, preparation, response, or emergency evacuation and recovery. The main conclusion from the study is that it is very important for public and private agencies in Greece, as well as in the rest of Europe, to embrace new emerging cybersecurity technologies to help enhance cyber security and civil protection. Potential vulnerabilities in cybersecurity pose substantial risks to the effectiveness and efficiency of such critical infrastructure and directly impact the functioning of states, economies, and societies. Full article
(This article belongs to the Special Issue Information Security and Privacy)
Show Figures

Figure 1

13 pages, 2329 KiB  
Article
MCGAN: Modified Conditional Generative Adversarial Network (MCGAN) for Class Imbalance Problems in Network Intrusion Detection System
by Kunda Suresh Babu and Yamarthi Narasimha Rao
Appl. Sci. 2023, 13(4), 2576; https://doi.org/10.3390/app13042576 - 16 Feb 2023
Cited by 7 | Viewed by 1460
Abstract
With developing technologies, network security is critical, predominantly active, and distributed ad hoc in networks. An intrusion detection system (IDS) plays a vital role in cyber security in detecting malicious activities in network traffic. However, class imbalance has triggered a challenging issue where [...] Read more.
With developing technologies, network security is critical, predominantly active, and distributed ad hoc in networks. An intrusion detection system (IDS) plays a vital role in cyber security in detecting malicious activities in network traffic. However, class imbalance has triggered a challenging issue where many instances of some classes are more than others. Therefore, traditional classifiers suffer in classifying malicious activities and result in low robustness to unidentified glitches. This paper introduces a novel technique based on a modified conditional generative adversarial network (MCGAN) to address the class imbalance problem. The proposed MCGAN handles the class imbalance issue by generating oversamples to balance the minority and majority classes. Then, the Bi-LSTM technique is incorporated to classify the multi-class intrusion efficiently. This formulated model is experimented on using the NSL-KDD+ dataset with the aid of accuracy, precision, recall, FPR, and F-score to validate the efficacy of the proposed system. The simulation results of the proposed method are associated with other existing models. It achieved an accuracy of 95.16%, precision of 94.21%, FPR of 2.1%, and F1-score of 96.7% for the NSL-KDD+ dataset with 20 selected features. Full article
(This article belongs to the Special Issue Information Security and Privacy)
Show Figures

Figure 1

13 pages, 4850 KiB  
Article
MRCIF: A Memory-Reverse-Based Code Injection Forensics Algorithm
by Heyu Zhang, Binglong Li, Wanpeng Li, Lin Zhu, Chaowen Chang and Shilong Yu
Appl. Sci. 2023, 13(4), 2478; https://doi.org/10.3390/app13042478 - 14 Feb 2023
Viewed by 1197
Abstract
The new DLL injection method and its variants can prevent the injected process from calling the common system API to load the injected DLL module so that the malicious module is invisible to the LDR linked list of the process. Traditional injection detection [...] Read more.
The new DLL injection method and its variants can prevent the injected process from calling the common system API to load the injected DLL module so that the malicious module is invisible to the LDR linked list of the process. Traditional injection detection methods have low accuracy in forensic detection of new injection attacks. To solve this problem, this paper proposes a code injection covert memory page detection and forensic detection forensic algorithm based on a memory structure reverse analysis named MRCIF. First, the physical memory pages containing DLL features from the memory image are located, and a sub-algorithm is designed for mapping physical memory space and virtual memory space, thus realizing the reverse reconstruction of the physical page subset corresponding to the DLL code module. Then, in the virtual memory space, the LDR linked list structure of the process is reversely reconstructed, and a reverse reconstruction algorithm of the DLL virtual page subset is developed to reconstruct its virtual space. Finally, a DLL injection covert page detection sub-algorithm is designed based on the physical memory page subset and virtual space page subset. The experimental results indicate that MRCIF achieves an accuracy of 88.89%, which is much higher than that of the traditional DLL module injection detection method, and only MRCIF can accurately detect the Virtual Address Descriptor (VAD) remapping attack. Full article
(This article belongs to the Special Issue Information Security and Privacy)
Show Figures

Figure 1

18 pages, 4175 KiB  
Article
Metaheuristics with Deep Learning Model for Cybersecurity and Android Malware Detection and Classification
by Ashwag Albakri, Fatimah Alhayan, Nazik Alturki, Saahirabanu Ahamed and Shermin Shamsudheen
Appl. Sci. 2023, 13(4), 2172; https://doi.org/10.3390/app13042172 - 08 Feb 2023
Cited by 10 | Viewed by 2643
Abstract
Since the development of information systems during the last decade, cybersecurity has become a critical concern for many groups, organizations, and institutions. Malware applications are among the commonly used tools and tactics for perpetrating a cyberattack on Android devices, and it is becoming [...] Read more.
Since the development of information systems during the last decade, cybersecurity has become a critical concern for many groups, organizations, and institutions. Malware applications are among the commonly used tools and tactics for perpetrating a cyberattack on Android devices, and it is becoming a challenging task to develop novel ways of identifying them. There are various malware detection models available to strengthen the Android operating system against such attacks. These malware detectors categorize the target applications based on the patterns that exist in the features present in the Android applications. As the analytics data continue to grow, they negatively affect the Android defense mechanisms. Since large numbers of unwanted features create a performance bottleneck for the detection mechanism, feature selection techniques are found to be beneficial. This work presents a Rock Hyrax Swarm Optimization with deep learning-based Android malware detection (RHSODL-AMD) model. The technique presented includes finding the Application Programming Interfaces (API) calls and the most significant permissions, which results in effective discrimination between the good ware and malware applications. Therefore, an RHSO based feature subset selection (RHSO-FS) technique is derived to improve the classification results. In addition, the Adamax optimizer with attention recurrent autoencoder (ARAE) model is employed for Android malware detection. The experimental validation of the RHSODL-AMD technique on the Andro-AutoPsy dataset exhibits its promising performance, with a maximum accuracy of 99.05%. Full article
(This article belongs to the Special Issue Information Security and Privacy)
Show Figures

Figure 1

15 pages, 1384 KiB  
Article
A Real-Time Hybrid Approach to Combat In-Browser Cryptojacking Malware
by Muhammad Haris Khan Abbasi, Subhan Ullah, Tahir Ahmad and Attaullah Buriro
Appl. Sci. 2023, 13(4), 2039; https://doi.org/10.3390/app13042039 - 04 Feb 2023
Cited by 3 | Viewed by 1619
Abstract
Cryptojacking is a type of computer piracy in which a hacker uses a victim’s computer resources, without their knowledge or consent, to mine for cryptocurrency. This is made possible by new memory-based cryptomining techniques and the growth of new web technologies such as [...] Read more.
Cryptojacking is a type of computer piracy in which a hacker uses a victim’s computer resources, without their knowledge or consent, to mine for cryptocurrency. This is made possible by new memory-based cryptomining techniques and the growth of new web technologies such as WebAssembly, allowing mining to occur within a browser. Most of the research in the field of cryptojacking has focused on detection methods rather than prevention methods. Some of the detection methods proposed in the literature include using static and dynamic features of in-browser cryptojacking malware, along with machine learning algorithms such as Support Vector Machine (SVM), Random Forest (RF), and others. However, these methods can be effective in detecting known cryptojacking malware, but they may not be able to detect new or unknown variants. The existing prevention methods are shown to be effective only against web-assembly (WASM)-based cryptojacking malware and cannot handle mining service-providing scripts that use non-WASM modules. This paper proposes a novel hybrid approach for detecting and preventing web-based cryptojacking. The proposed approach performs the real-time detection and prevention of in-browser cryptojacking malware, using the blacklisting technique and statistical code analysis to identify unique features of non-WASM cryptojacking malware. The experimental results show positive performances in the ease of use and efficiency, with the detection accuracy improved from 97% to 99.6%. Moreover, the time required to prevent already known malware in real time can be decreased by 99.8%. Full article
(This article belongs to the Special Issue Information Security and Privacy)
Show Figures

Figure 1

22 pages, 2261 KiB  
Article
A Customer-Centric View of E-Commerce Security and Privacy
by Saqib Saeed
Appl. Sci. 2023, 13(2), 1020; https://doi.org/10.3390/app13021020 - 11 Jan 2023
Cited by 11 | Viewed by 8386
Abstract
Business organizations have huge potential to increase their customer base by offering e-commerce services, especially in the post-pandemic era. Ensuring secure e-commerce applications plays an important role in increasing customer base. To develop appropriate policies and secure technological infrastructures, business organizations first need [...] Read more.
Business organizations have huge potential to increase their customer base by offering e-commerce services, especially in the post-pandemic era. Ensuring secure e-commerce applications plays an important role in increasing customer base. To develop appropriate policies and secure technological infrastructures, business organizations first need to establish an understanding of the reservations of their customers toward e-commerce, as well as their perception of security and privacy of e-commerce applications. In this paper, we present the results of an empirical study of e-commerce customers conducted in Pakistan to gain an insight into their mindset on using e-commerce applications. An online questionnaire was set up to collect data, which were analyzed using the partial least squares method with SmartPLS software. The empirical findings highlight that customers’ concerns about credit card usage, concerns over information security, motivational factors for shopping offered by business organizations, customer trustworthiness, and user’s feelings about the reputation of e-commerce impact their perception of security of online data and trust in an e-commerce application. The results of this study can help organizations in Pakistan to develop policies and improve technological infrastructures by adopting emerging technologies and digital forensics. Full article
(This article belongs to the Special Issue Information Security and Privacy)
Show Figures

Figure 1

26 pages, 2929 KiB  
Article
Role-Based Access Control Model for Inter-System Cross-Domain in Multi-Domain Environment
by Yunliang Li, Zhiqiang Du, Yanfang Fu and Liangxin Liu
Appl. Sci. 2022, 12(24), 13036; https://doi.org/10.3390/app122413036 - 19 Dec 2022
Cited by 1 | Viewed by 1325
Abstract
Information service platforms or management information systems of various institutions or sectors of enterprises are gradually interconnected to form a multi-domain environment. A multi-domain environment is convenient for managers to supervise and manage systems, and for users to access data across domains and [...] Read more.
Information service platforms or management information systems of various institutions or sectors of enterprises are gradually interconnected to form a multi-domain environment. A multi-domain environment is convenient for managers to supervise and manage systems, and for users to access data across domains and systems. However, given the complex multi-domain environment and many users, the traditional or enhanced role-based access control (RBAC) model still faces some challenges. It is necessary to address issues such as role naming conflicts, platform–domain management conflicts, inter-domain management conflicts, and cross-domain sharing difficulties. For the above problems, a role-based access control model for inter-system cross-domain in multi-domain environment (RBAC-IC) is proposed. This paper formally defines the model, divides roles into abstract roles and specific roles, and designs the operating process of the access control model. The model has four characteristics: support role name repetition, platform–domain isolation management, inter-domain isolation management, and fine-grained cross-domain sharing. By establishing security violation formulas for security analysis, it is finally shown that RBAC-IC can operate safely. Full article
(This article belongs to the Special Issue Information Security and Privacy)
Show Figures

Figure 1

20 pages, 3806 KiB  
Article
Understanding the Influence of AST-JS for Improving Malicious Webpage Detection
by Muhammad Fakhrur Rozi, Seiichi Ozawa, Tao Ban, Sangwook Kim, Takeshi Takahashi and Daisuke Inoue
Appl. Sci. 2022, 12(24), 12916; https://doi.org/10.3390/app122412916 - 15 Dec 2022
Cited by 3 | Viewed by 1529
Abstract
JavaScript-based attacks injected into a webpage to perpetrate malicious activities are still the main problem in web security. Recent works have leveraged advances in artificial intelligence by considering many feature representations to improve the performance of malicious webpage detection. However, they did not [...] Read more.
JavaScript-based attacks injected into a webpage to perpetrate malicious activities are still the main problem in web security. Recent works have leveraged advances in artificial intelligence by considering many feature representations to improve the performance of malicious webpage detection. However, they did not focus on extracting the intention of JavaScript content, which is crucial for detecting the maliciousness of a webpage. In this study, we introduce an additional feature extraction process that can capture the intention of the JavaScript content of the webpage. In particular, we developed a framework for obtaining a JavaScript representation based on the abstract syntax tree for JavaScript (AST-JS), which enriches the webpage features for a better detection model. Moreover, we investigated the influence of our proposed feature on improving the model’s performance by using the Shapley additive explanation method to define the significance of each feature category compared to our proposed feature. The evaluation shows that adding the AST-JS feature can improve the performance for detecting malicious webpage compared to previous work. We also found that AST significantly influences performance, especially for webpages with JavaScript content. Full article
(This article belongs to the Special Issue Information Security and Privacy)
Show Figures

Figure 1

18 pages, 2388 KiB  
Article
Synthetic Generation of Realistic Signal Strength Data to Enable 5G Rogue Base Station Investigation in Vehicular Platooning
by Mohammad Saedi, Adrian Moore and Philip Perry
Appl. Sci. 2022, 12(24), 12516; https://doi.org/10.3390/app122412516 - 07 Dec 2022
Cited by 1 | Viewed by 1510
Abstract
Rogue Base Stations (RBS), also known as 5G Subscription Concealed Identifier (SUCI) catchers, were initially developed to maliciously intercept subscribers’ identities. Since then, further advances have been made, not only in RBSs, but also in communication network security. The identification and prevention of [...] Read more.
Rogue Base Stations (RBS), also known as 5G Subscription Concealed Identifier (SUCI) catchers, were initially developed to maliciously intercept subscribers’ identities. Since then, further advances have been made, not only in RBSs, but also in communication network security. The identification and prevention of RBSs in Fifth Generation (5G) networks are among the main security challenges for users and network infrastructure. The security architecture group in 3GPP clarified that the radio configuration information received from user equipment could contain fingerprints of the RBS. This information is periodically included in the measurement report generated by the user equipment to report location information and Received Signal Strength (RSS) measurements for the strongest base stations. The motivation in this work, then is to generate 5G measurement reports to provide a large and realistic dataset of radio information and RSS measurements for an autonomous vehicle driving along various sections of a road. These simulated measurement reports can then be used to develop and test new methods for identifying an RBS and taking mitigating actions. The proposed approach can generate 20 min of synthetic drive test data in 15 s, which is 80 times faster than real time. Full article
(This article belongs to the Special Issue Information Security and Privacy)
Show Figures

Figure 1

Review

Jump to: Research

32 pages, 2494 KiB  
Review
Exploring the Frontiers of Cybersecurity Behavior: A Systematic Review of Studies and Theories
by Afrah Almansoori, Mostafa Al-Emran and Khaled Shaalan
Appl. Sci. 2023, 13(9), 5700; https://doi.org/10.3390/app13095700 - 05 May 2023
Cited by 4 | Viewed by 5135
Abstract
Cybersecurity procedures and policies are prevalent countermeasures for protecting organizations from cybercrimes and security incidents. Without considering human behaviors, implementing these countermeasures will remain useless. Cybersecurity behavior has gained much attention in recent years. However, a systematic review that provides extensive insights into [...] Read more.
Cybersecurity procedures and policies are prevalent countermeasures for protecting organizations from cybercrimes and security incidents. Without considering human behaviors, implementing these countermeasures will remain useless. Cybersecurity behavior has gained much attention in recent years. However, a systematic review that provides extensive insights into cybersecurity behavior through different technologies and services and covers various directions in large-scale research remains lacking. Therefore, this study retrieved and analyzed 2210 articles published on cybersecurity behavior. The retrieved articles were then thoroughly examined to meet the inclusion and exclusion criteria, in which 39 studies published between 2012 and 2021 were ultimately picked for further in-depth analysis. The main findings showed that the protection motivation theory (PMT) dominated the list of theories and models examining cybersecurity behavior. Cybersecurity behavior and intention behavior counted for the highest purpose for most studies, with fewer studies focusing on cybersecurity awareness and compliance behavior. Most examined studies were conducted in individualistic contexts with limited exposure to collectivistic societies. A total of 56% of the analyzed studies focused on the organizational level, indicating that the individual level is still in its infancy stage. To address the research gaps in cybersecurity behavior at the individual level, this review proposes a number of research agendas that can be considered in future research. This review is believed to improve our understanding by revealing the full potential of cybersecurity behavior and opening the door for further research opportunities. Full article
(This article belongs to the Special Issue Information Security and Privacy)
Show Figures

Figure 1

32 pages, 730 KiB  
Review
Classification and Analysis of Malicious Code Detection Techniques Based on the APT Attack
by Kyungroul Lee, Jaehyuk Lee and Kangbin Yim
Appl. Sci. 2023, 13(5), 2894; https://doi.org/10.3390/app13052894 - 23 Feb 2023
Cited by 4 | Viewed by 3685
Abstract
According to the Fire-eye’s M-Trends Annual Threat Report 2022, there are many advanced persistent threat (APT) attacks that are currently in use, and such continuous and specialized APT attacks cause serious damages attacks. As APT attacks continue to be active, there is a [...] Read more.
According to the Fire-eye’s M-Trends Annual Threat Report 2022, there are many advanced persistent threat (APT) attacks that are currently in use, and such continuous and specialized APT attacks cause serious damages attacks. As APT attacks continue to be active, there is a need for countermeasures to detect new and existing malicious codes. An APT attack is a type of intelligent attack that analyzes the target and exploits its vulnerabilities. It attempts to achieve a specific purpose, and is persistent in continuously attacking and threatening the system. With this background, this paper analyzes attack scenarios based on attack cases by malicious code, and surveys and analyzes attack techniques used in attack cases. Based on the results of the analysis, we classify and analyze malicious code detection techniques into security management systems, pattern-based detection, heuristic-based detection, reputation-based detection, behavior-based detection, virtualization-based detection, anomaly detection, data analysis-based detection (big data-based, machine learning-based), and others. This paper is expected to serve as a useful reference for detecting and preventing malicious codes. Specifically, this article is a surveyed review article. Full article
(This article belongs to the Special Issue Information Security and Privacy)
Show Figures

Figure 1

27 pages, 2011 KiB  
Review
A Study of Network Intrusion Detection Systems Using Artificial Intelligence/Machine Learning
by Patrick Vanin, Thomas Newe, Lubna Luxmi Dhirani, Eoin O’Connell, Donna O’Shea, Brian Lee and Muzaffar Rao
Appl. Sci. 2022, 12(22), 11752; https://doi.org/10.3390/app122211752 - 18 Nov 2022
Cited by 22 | Viewed by 9588
Abstract
The rapid growth of the Internet and communications has resulted in a huge increase in transmitted data. These data are coveted by attackers and they continuously create novel attacks to steal or corrupt these data. The growth of these attacks is an issue [...] Read more.
The rapid growth of the Internet and communications has resulted in a huge increase in transmitted data. These data are coveted by attackers and they continuously create novel attacks to steal or corrupt these data. The growth of these attacks is an issue for the security of our systems and represents one of the biggest challenges for intrusion detection. An intrusion detection system (IDS) is a tool that helps to detect intrusions by inspecting the network traffic. Although many researchers have studied and created new IDS solutions, IDS still needs improving in order to have good detection accuracy while reducing false alarm rates. In addition, many IDS struggle to detect zero-day attacks. Recently, machine learning algorithms have become popular with researchers to detect network intrusion in an efficient manner and with high accuracy. This paper presents the concept of IDS and provides a taxonomy of machine learning methods. The main metrics used to assess an IDS are presented and a review of recent IDS using machine learning is provided where the strengths and weaknesses of each solution is outlined. Then, details of the different datasets used in the studies are provided and the accuracy of the results from the reviewed work is discussed. Finally, observations, research challenges and future trends are discussed. Full article
(This article belongs to the Special Issue Information Security and Privacy)
Show Figures

Figure 1

Show export options expand_more Show export options expand_less
Select all
Export citation of selected articles as:
 
Displaying articles 1-17
Back to TopTop