Search for Articles:
Title / Keyword
Author / Affiliation / Email
Journal
Article Type
 
 
Advanced Search
 
Section
Special Issue
Volume
Issue
Number
Page
 
4.7
2.8
Journals
Computers
Special Issues
Using New Technologies on Cyber Security Solutions
share announcement

Using New Technologies on Cyber Security Solutions

A special issue of Computers (ISSN 2073-431X). This special issue belongs to the section "ICT Infrastructures for Cybersecurity".

Deadline for manuscript submissions: closed (20 August 2023) | Viewed by 21146

Special Issue Editors

Dr. Ömer Aslan

E-Mail Website
Guest Editor
Department of Software Engineering, Bandırma Onyedi Eylül University, Bandırma 10200, Balıkesir, Turkey
Interests: cyber security; machine learning; cloud computing; blockchain, metaverse
Prof. Dr. Refik Samet

E-Mail Website
Guest Editor
Department of Computer Engineering, Ankara University, Gölbaşı 06830, Ankara, Turkey
Interests: computer networks; computer vision; image/video processing; mobile operating systems; fault-tolerance

Special Issue Information

Dear Colleagues,

In this Special Issue of Computers, original research articles as well as reviews are welcome. The main topic of research is cyber security. Any technologies and methods that can be used in cyber security fields are acceptable. Example research areas may include (but are not limited to) the following.

  • Using blockchain technologies on cyber security solutions
  • Using machine learning techniques on cyber security solutions
  • Deep learning on cyber security solutions
  • Active learning on cyber security solutions
  • Reinforcement learning on cyber security solutions
  • IoT and cloud security
  • Security and privacy issues in metaverse
  • Network security
  • Malware analysis
  • Vulnerability assessment
  • Using cryptography in security
  • Secure smart contracts
  • Cyber attacks on blockchain technology
  • Cyber crimes on social media

Recently, most of the daily life activities moved into the digital world. The COVID-19 pandemic accelerated this process. Due to high usage of digital world transactions, cybercriminals speed up committing more crimes in the digital World rather than real life. These days, it is easier to get benefits from online transactions because many people can be easily manipulated by cyber attackers. According to the recent scientific reports, in 2025 the cybercrimes will cost about $10 trillion to the world economy and cybercrime will be one of the most profitable sectors worldwide. It can be clearly understood that the number of cyber-related crimes are increasing in high volumes, and there is no feasible technique or method which can effectively stop the attackers. When cyber defenders find new solutions to the known attacks, cybercriminals find new attacks which have not been seen before. In other words, most of the time, the cybercriminals are one step ahead. To effectively find software vulnerabilities, prevent or decrease the cyber attacks, the new solutions needed in this regard. Using new technologies such as blockchain, smart contracts, virtualization, machine learning, deep learning, active learning, or reinforcement learning can be one of the best promising solutions in the cyber security area. Thus, in this Special Issue we expect original research articles as well as review papers that may apply various new technologies and methods in the cyber security field. We expect This Special Issue will present new ideas on cyber security, expand scholars domain knowledge and provide possible efficient solutions against the cybercriminals.

Dr. Ömer Aslan
Prof. Dr. Refik Samet
Guest Editors

Manuscript Submission Information

Manuscripts should be submitted online at www.mdpi.com by registering and logging in to this website. Once you are registered, click here to go to the submission form. Manuscripts can be submitted until the deadline. All submissions that pass pre-check are peer-reviewed. Accepted papers will be published continuously in the journal (as soon as accepted) and will be listed together on the special issue website. Research articles, review articles as well as short communications are invited. For planned papers, a title and short abstract (about 100 words) can be sent to the Editorial Office for announcement on this website.

Submitted manuscripts should not have been published previously, nor be under consideration for publication elsewhere (except conference proceedings papers). All manuscripts are thoroughly refereed through a single-blind peer-review process. A guide for authors and other relevant information for submission of manuscripts is available on the Instructions for Authors page. Computers is an international peer-reviewed open access monthly journal published by MDPI.

Please visit the Instructions for Authors page before submitting a manuscript. The Article Processing Charge (APC) for publication in this open access journal is 1800 CHF (Swiss Francs). Submitted papers should be well formatted and use good English. Authors may use MDPI's English editing service prior to publication or during author revisions.

Keywords

  • cyber security
  • information security
  • metaverse security
  • IoT security
  • cloud security
  • blockchain security
  • learning on cybersecurity
  • smart contracts security

Published Papers (10 papers)

Download All Papers
Order results
Result details
Show export options expand_more Show export options expand_less
Select all
Export citation of selected articles as:

Research

17 pages, 703 KiB  
Article
Enhancing Web Application Security through Automated Penetration Testing with Multiple Vulnerability Scanners
by Khaled Abdulghaffar, Nebrase Elmrabit and Mehdi Yousefi
Computers 2023, 12(11), 235; https://doi.org/10.3390/computers12110235 - 15 Nov 2023
Cited by 1 | Viewed by 3012
Abstract
Penetration testers have increasingly adopted multiple penetration testing scanners to ensure the robustness of web applications. However, a notable limitation of many scanning techniques is their susceptibility to producing false positives. This paper presents a novel framework designed to automate the operation of [...] Read more.
Penetration testers have increasingly adopted multiple penetration testing scanners to ensure the robustness of web applications. However, a notable limitation of many scanning techniques is their susceptibility to producing false positives. This paper presents a novel framework designed to automate the operation of multiple Web Application Vulnerability Scanners (WAVS) within a single platform. The framework generates a combined vulnerabilities report using two algorithms: an automation algorithm and a novel combination algorithm that produces comprehensive lists of detected vulnerabilities. The framework leverages the capabilities of two web vulnerability scanners, Arachni and OWASP ZAP. The study begins with an extensive review of the existing scientific literature, focusing on open-source WAVS and exploring the OWASP 2021 guidelines. Following this, the framework development phase addresses the challenge of varying results obtained from different WAVS. This framework’s core objective is to combine the results of multiple WAVS into a consolidated vulnerability report, ultimately improving detection rates and overall security. The study demonstrates that the combined outcomes produced by the proposed framework exhibit greater accuracy compared to individual scanning results obtained from Arachni and OWASP ZAP. In summary, the study reveals that the Union List outperforms individual scanners, particularly regarding recall and F-measure. Consequently, adopting multiple vulnerability scanners is recommended as an effective strategy to bolster vulnerability detection in web applications. Full article
(This article belongs to the Special Issue Using New Technologies on Cyber Security Solutions)
Show Figures

Figure 1

20 pages, 2140 KiB  
Article
An Information Security Engineering Framework for Modeling Packet Filtering Firewall Using Neutrosophic Petri Nets
by Jamal Khudair Madhloom, Zainab Hammoodi Noori, Sif K. Ebis, Oday A. Hassen and Saad M. Darwish
Computers 2023, 12(10), 202; https://doi.org/10.3390/computers12100202 - 08 Oct 2023
Cited by 1 | Viewed by 2017
Abstract
Due to the Internet’s explosive growth, network security is now a major concern; as a result, tracking network traffic is essential for a variety of uses, including improving system efficiency, fixing bugs in the network, and keeping sensitive data secure. Firewalls are a [...] Read more.
Due to the Internet’s explosive growth, network security is now a major concern; as a result, tracking network traffic is essential for a variety of uses, including improving system efficiency, fixing bugs in the network, and keeping sensitive data secure. Firewalls are a crucial component of enterprise-wide security architectures because they protect individual networks from intrusion. The efficiency of a firewall can be negatively impacted by issues with its design, configuration, monitoring, and administration. Recent firewall security methods do not have the rigor to manage the vagueness that comes with filtering packets from the exterior. Knowledge representation and reasoning are two areas where fuzzy Petri nets (FPNs) receive extensive usage as a modeling tool. Despite their widespread success, FPNs’ limitations in the security engineering field stem from the fact that it is difficult to represent different kinds of uncertainty. This article details the construction of a novel packet-filtering firewall model that addresses the limitations of current FPN-based filtering methods. The primary contribution is to employ Simplified Neutrosophic Petri nets (SNPNs) as a tool for modeling discrete event systems in the area of firewall packet filtering that are characterized by imprecise knowledge. Because of SNPNs’ symbolic ability, the packet filtration model can be quickly and easily established, examined, enhanced, and maintained. Based on the idea that the ambiguity of a packet’s movement can be described by if–then fuzzy production rules realized by the truth-membership function, the indeterminacy-membership function, and the falsity-membership functional, we adopt the neutrosophic logic for modelling PN transition objects. In addition, we simulate the dynamic behavior of the tracking system in light of the ambiguity inherent in packet filtering by presenting a two-level filtering method to improve the ranking of the filtering rules list. Results from experiments on a local area network back up the efficacy of the proposed method and illustrate how it can increase the firewall’s susceptibility to threats posed by network traffic. Full article
(This article belongs to the Special Issue Using New Technologies on Cyber Security Solutions)
Show Figures

Figure 1

20 pages, 1170 KiB  
Article
MalFe—Malware Feature Engineering Generation Platform
by Avinash Singh, Richard Adeyemi Ikuesan and Hein Venter
Computers 2023, 12(10), 201; https://doi.org/10.3390/computers12100201 - 08 Oct 2023
Cited by 1 | Viewed by 1229
Abstract
The growing sophistication of malware has resulted in diverse challenges, especially among security researchers who are expected to develop mechanisms to thwart these malicious attacks. While security researchers have turned to machine learning to combat this surge in malware attacks and enhance detection [...] Read more.
The growing sophistication of malware has resulted in diverse challenges, especially among security researchers who are expected to develop mechanisms to thwart these malicious attacks. While security researchers have turned to machine learning to combat this surge in malware attacks and enhance detection and prevention methods, they often encounter limitations when it comes to sourcing malware binaries. This limitation places the burden on malware researchers to create context-specific datasets and detection mechanisms, a time-consuming and intricate process that involves a series of experiments. The lack of accessible analysis reports and a centralized platform for sharing and verifying findings has resulted in many research outputs that can neither be replicated nor validated. To address this critical gap, a malware analysis data curation platform was developed. This platform offers malware researchers a highly customizable feature generation process drawing from analysis data reports, particularly those generated in sandbox-based environments such as Cuckoo Sandbox. To evaluate the effectiveness of the platform, a replication of existing studies was conducted in the form of case studies. These studies revealed that the developed platform offers an effective approach that can aid malware detection research. Moreover, a real-world scenario involving over 3000 ransomware and benign samples for ransomware detection based on PE entropy was explored. This yielded an impressive accuracy score of 98.8% and an AUC of 0.97 when employing the decision tree algorithm, with a low latency of 1.51 ms. These results emphasize the necessity of the proposed platform while demonstrating its capacity to construct a comprehensive detection mechanism. By fostering community-driven interactive databanks, this platform enables the creation of datasets as well as the sharing of reports, both of which can substantially reduce experimentation time and enhance research repeatability. Full article
(This article belongs to the Special Issue Using New Technologies on Cyber Security Solutions)
Show Figures

Figure 1

14 pages, 748 KiB  
Article
Enhancing Counterfeit Detection with Multi-Features on Secure 2D Grayscale Codes
by Bimo Sunarfri Hantono, Syukron Abu Ishaq Alfarozi, Azkario Rizky Pratama, Ahmad Ataka Awwalur Rizqi, I Wayan Mustika, Mardhani Riasetiawan and Anna Maria Sri Asih
Computers 2023, 12(9), 183; https://doi.org/10.3390/computers12090183 - 14 Sep 2023
Cited by 1 | Viewed by 1201
Abstract
Counterfeit products have become a pervasive problem in the global marketplace, necessitating effective strategies to protect both consumers and brands. This study examines the role of cybersecurity in addressing counterfeiting issues, specifically focusing on a multi-level grayscale watermark-based authentication system. The system comprises [...] Read more.
Counterfeit products have become a pervasive problem in the global marketplace, necessitating effective strategies to protect both consumers and brands. This study examines the role of cybersecurity in addressing counterfeiting issues, specifically focusing on a multi-level grayscale watermark-based authentication system. The system comprises a generator responsible for creating a secure 2D code, and an authenticator designed to extract watermark information and verify product authenticity. To authenticate the secure 2D code, we propose various features, including the analysis of the spatial domain, frequency domain, and grayscale watermark distribution. Furthermore, we emphasize the importance of selecting appropriate interpolation methods to enhance counterfeit detection. Our proposed approach demonstrates remarkable performance, achieving precision, recall, and specificities surpassing 84.8%, 83.33%, and 84.5%, respectively, across different datasets. Full article
(This article belongs to the Special Issue Using New Technologies on Cyber Security Solutions)
Show Figures

Figure 1

19 pages, 3766 KiB  
Article
Enhancing Data Security: A Cutting-Edge Approach Utilizing Protein Chains in Cryptography and Steganography
by Noura A. Mawla and Hussein K. Khafaji
Computers 2023, 12(8), 166; https://doi.org/10.3390/computers12080166 - 19 Aug 2023
Cited by 1 | Viewed by 1616
Abstract
Nowadays, with the increase in cyber-attacks, hacking, and data theft, maintaining data security and confidentiality is of paramount importance. Several techniques are used in cryptography and steganography to ensure their safety during the transfer of information between the two parties without interference from [...] Read more.
Nowadays, with the increase in cyber-attacks, hacking, and data theft, maintaining data security and confidentiality is of paramount importance. Several techniques are used in cryptography and steganography to ensure their safety during the transfer of information between the two parties without interference from an unauthorized third party. This paper proposes a modern approach to cryptography and steganography based on exploiting a new environment: bases and protein chains used to encrypt and hide sensitive data. The protein bases are used to form a cipher key whose length is twice the length of the data to be encrypted. During the encryption process, the plain data and the cipher key are represented in several forms, including hexadecimal and binary representation, and several arithmetic operations are performed on them, in addition to the use of logic gates in the encryption process to increase encrypted data randomness. As for the protein chains, they are used as a cover to hide the encrypted data. The process of hiding inside the protein bases will be performed in a sophisticated manner that is undetectable by statistical analysis methods, where each byte will be fragmented into three groups of bits in a special order, and each group will be included in one specific protein base that will be allocated to this group only, depending on the classifications of bits that have been previously stored in special databases. Each byte of the encrypted data will be hidden in three protein bases, and these protein bases will be distributed randomly over the protein chain, depending on an equation designed for this purpose. The advantages of these proposed algorithms are that they are fast in encrypting and hiding data, scalable, i.e., insensitive to the size of plain data, and lossless algorithms. The experiments showed that the proposed cryptography algorithm outperforms the most recent algorithms in terms of entropy and correlation values that reach −0.6778 and 7.99941, and the proposed steganography algorithm has the highest payload of 2.666 among five well-known hiding algorithms that used DNA sequences as the cover of the data. Full article
(This article belongs to the Special Issue Using New Technologies on Cyber Security Solutions)
Show Figures

Figure 1

14 pages, 499 KiB  
Article
Genetic Approach to Improve Cryptographic Properties of Balanced Boolean Functions Using Bent Functions
by Erol Özçekiç, Selçuk Kavut and Hakan Kutucu
Computers 2023, 12(8), 159; https://doi.org/10.3390/computers12080159 - 09 Aug 2023
Viewed by 869
Abstract
Recently, balanced Boolean functions with an even number n of variables achieving very good autocorrelation properties have been obtained for 12n26. These functions attain the maximum absolute value in the autocorrelation spectra (without considering the zero point) less [...] Read more.
Recently, balanced Boolean functions with an even number n of variables achieving very good autocorrelation properties have been obtained for 12n26. These functions attain the maximum absolute value in the autocorrelation spectra (without considering the zero point) less than 2n2 and are found by using a heuristic search algorithm that is based on the design method of an infinite class of such functions for a higher number of variables. Here, we consider balanced Boolean functions that are closest to the bent functions in terms of the Hamming distance and perform a genetic algorithm efficiently aiming to optimize their cryptographic properties, which provides better absolute indicator values for all of those values of n for the first time. We also observe that among our results, the functions for 16n26 have nonlinearity greater than 2n12n2. In the process, our search strategy produces balanced Boolean functions with the best-known nonlinearity for 8n16. Full article
(This article belongs to the Special Issue Using New Technologies on Cyber Security Solutions)
Show Figures

Figure 1

16 pages, 1407 KiB  
Article
Joining Federated Learning to Blockchain for Digital Forensics in IoT
by Wejdan Almutairi and Tarek Moulahi
Computers 2023, 12(8), 157; https://doi.org/10.3390/computers12080157 - 03 Aug 2023
Cited by 1 | Viewed by 1549
Abstract
In present times, the Internet of Things (IoT) is becoming the new era in technology by including smart devices in every aspect of our lives. Smart devices in IoT environments are increasing and storing large amounts of sensitive data, which attracts a lot [...] Read more.
In present times, the Internet of Things (IoT) is becoming the new era in technology by including smart devices in every aspect of our lives. Smart devices in IoT environments are increasing and storing large amounts of sensitive data, which attracts a lot of cybersecurity threats. With these attacks, digital forensics is needed to conduct investigations to identify when and where the attacks happened and acquire information to identify the persons responsible for the attacks. However, digital forensics in an IoT environment is a challenging area of research due to the multiple locations that contain data, traceability of the collected evidence, ensuring integrity, difficulty accessing data from multiple sources, and transparency in the process of collecting evidence. For this reason, we proposed combining two promising technologies to provide a sufficient solution. We used federated learning to train models locally based on data stored on the IoT devices using a dataset designed to represent attacks on the IoT environment. Afterward, we performed aggregation via blockchain by collecting the parameters from the IoT gateway to make the blockchain lightweight. The results of our framework are promising in terms of consumed gas in the blockchain and an accuracy of over 98% using MLP in the federated learning phase. Full article
(This article belongs to the Special Issue Using New Technologies on Cyber Security Solutions)
Show Figures

Figure 1

14 pages, 1686 KiB  
Article
Is the Privacy Paradox a Domain-Specific Phenomenon
by Ron S. Hirschprung
Computers 2023, 12(8), 156; https://doi.org/10.3390/computers12080156 - 02 Aug 2023
Viewed by 1684
Abstract
The digital era introduces significant challenges for privacy protection, which grow constantly as technology advances. Privacy is a personal trait, and individuals may desire a different level of privacy, which is known as their “privacy concern”. To achieve privacy, the individual has to [...] Read more.
The digital era introduces significant challenges for privacy protection, which grow constantly as technology advances. Privacy is a personal trait, and individuals may desire a different level of privacy, which is known as their “privacy concern”. To achieve privacy, the individual has to act in the digital world, taking steps that define their “privacy behavior”. It has been found that there is a gap between people’s privacy concern and their privacy behavior, a phenomenon that is called the “privacy paradox”. In this research, we investigated if the privacy paradox is domain-specific; in other words, does it vary for an individual when that person moves between different domains, for example, when using e-Health services vs. online social networks? A unique metric was developed to estimate the paradox in a way that enables comparisons, and an empirical study in which (n=437) validated participants acted in eight domains. It was found that the domain does indeed affect the magnitude of the privacy paradox. This finding has a profound significance both for understanding the privacy paradox phenomenon and for the process of developing effective means to protect privacy. Full article
(This article belongs to the Special Issue Using New Technologies on Cyber Security Solutions)
Show Figures

Figure 1

30 pages, 667 KiB  
Article
Unbalanced Web Phishing Classification through Deep Reinforcement Learning
by Antonio Maci, Alessandro Santorsola, Antonio Coscia and Andrea Iannacone
Computers 2023, 12(6), 118; https://doi.org/10.3390/computers12060118 - 09 Jun 2023
Cited by 3 | Viewed by 2049
Abstract
Web phishing is a form of cybercrime aimed at tricking people into visiting malicious URLs to exfiltrate sensitive data. Since the structure of a malicious URL evolves over time, phishing detection mechanisms that can adapt to such variations are paramount. Furthermore, web phishing [...] Read more.
Web phishing is a form of cybercrime aimed at tricking people into visiting malicious URLs to exfiltrate sensitive data. Since the structure of a malicious URL evolves over time, phishing detection mechanisms that can adapt to such variations are paramount. Furthermore, web phishing detection is an unbalanced classification task, as legitimate URLs outnumber malicious ones in real-life cases. Deep learning (DL) has emerged as a promising technique to minimize concept drift to enhance web phishing detection. Deep reinforcement learning (DRL) combines DL with reinforcement learning (RL); that is, a sequential decision-making paradigm in which the problem to be addressed is expressed as a Markov decision process (MDP). Recent studies have proposed an ad hoc MDP formulation to tackle unbalanced classification tasks called the imbalanced classification Markov decision process (ICMDP). In this paper, we exploit the ICMDP to present a double deep Q-Network (DDQN)-based classifier to address the unbalanced web phishing classification problem. The proposed algorithm is evaluated on a Mendeley web phishing dataset, from which three different data imbalance scenarios are generated. Despite a significant training time, it results in better geometric mean, index of balanced accuracy, F1 score, and area under the ROC curve than other DL-based classifiers combined with data-level sampling techniques in all test cases. Full article
(This article belongs to the Special Issue Using New Technologies on Cyber Security Solutions)
Show Figures

Figure 1

18 pages, 934 KiB  
Article
Strengthening the Security of Smart Contracts through the Power of Artificial Intelligence
by Moez Krichen
Computers 2023, 12(5), 107; https://doi.org/10.3390/computers12050107 - 18 May 2023
Cited by 10 | Viewed by 4615
Abstract
Smart contracts (SCs) are digital agreements that execute themselves and are stored on a blockchain. Despite the fact that they offer numerous advantages, such as automation and transparency, they are susceptible to a variety of assaults due to their complexity and lack of [...] Read more.
Smart contracts (SCs) are digital agreements that execute themselves and are stored on a blockchain. Despite the fact that they offer numerous advantages, such as automation and transparency, they are susceptible to a variety of assaults due to their complexity and lack of standardization. In this paper, we investigate the use of artificial intelligence (AI) to improve SC security. We provide an overview of Smart Contracts (SCs) and blockchain technology, as well as a discussion of possible SC-based attacks. Then, we introduce various AI categories and their applications in cybersecurity, followed by a thorough analysis of how AI can be used to enhance SC security. We also highlight the open questions and future directions of research in this field. Our research demonstrates that AI can provide an effective defense against assaults on SCs and contribute to their security and dependability. This article lays the groundwork for future research in the field of AI for SC security. Full article
(This article belongs to the Special Issue Using New Technologies on Cyber Security Solutions)
Show Figures

Figure 1

Show export options expand_more Show export options expand_less
Select all
Export citation of selected articles as:
 
Displaying articles 1-10
Back to TopTop