Search for Articles:
Title / Keyword
Author / Affiliation / Email
Journal
Article Type
 
 
Advanced Search
 
Section
Special Issue
Volume
Issue
Number
Page
 
4.7
2.9
Journals
Electronics
Special Issues
Network and Mobile Systems Security, Privacy and Forensics
share announcement

Network and Mobile Systems Security, Privacy and Forensics

A special issue of Electronics (ISSN 2079-9292). This special issue belongs to the section "Computer Science & Engineering".

Deadline for manuscript submissions: 30 September 2024 | Viewed by 10996

Special Issue Editors

Dr. Umit Karabiyik

E-Mail Website
Guest Editor
Department of Computer and Information Technology, Purdue University, West Lafayette, IN 47907, USA
Interests: digital forensics; artificial intelligence
Special Issues, Collections and Topics in MDPI journals
Prof. Dr. Mamoun Alazab

grade E-Mail Website
Guest Editor
NT Academic Centre for Cyber Security and Innovation (ACCI), Charles Darwin University, Darwin 0812, Australia
Interests: cybersecurity; cybercrime; trust and privacy; intrusion detection; machine learning; big data analytics; IoT; CPS; cloud computing
Special Issues, Collections and Topics in MDPI journals
Dr. Abdelkader Ouda

E-Mail Website
Guest Editor
Department of Electrical and Computer Engineering, Western University, London, ON, Canada
Interests: information security; cryptography; networks security; big data security and privacy

Special Issue Information

Dear Colleagues,

As technology permeates more and more aspects of our lives, worries about the security and privacy of devices and the sensitive data they handle are growing as a result of the possibility of both targeted attacks and data misuse. The number and variety of cyber threats directed toward emerging technologies have increased in tandem with their spectrum. Despite the efforts made in recent years to patch numerous vulnerabilities and access points that attackers use, there are still more avenues for compromise. Therefore, it is important to keep sensitive data safe; many new hardware, software, and information security trends can be used to do this. For instance, the development of AI applications in the field of network and mobile technology security has expanded the capabilities of network security professionals and law enforcement agencies, and has opened doors to a multitude of open research areas pertaining to the software and hardware security of mobile systems, network and mobile system vulnerabilities, and user and data privacy.

The data these technologies handle have grown to include anything from public to top-secret, and even exculpatory to inculpatory data. Businesses, corporations, institutions, and the general public all generate and interact with multiple categories of data, which require various levels of protection. With the introduction and ubiquitous use of smart devices such as smartphones, the need for continued and sustained research into the privacy and security of these devices and associated technologies is at an all-time high. There is a need for novel methodologies, tools, techniques, algorithms, and models for extracting and analyzing data from these smart devices, paying particular attention to any privacy-preserving requirements.

This Special Issue aims to advance the state of the art by bringing together original contributions and cutting-edge approaches, including both theoretical and applied research, in the broad area of network and mobile security and privacy. Potential topics to further these efforts include, but are not limited to:

  • Data privacy
  • Digital forensics
  • Integrity of mobile systems
  • Integrity of networks
  • IoT forensics
  • Network forensics
  • Network intelligence
  • Network security
  • Machine learning (and AI) for digital forensics
  • Mobile forensics
  • Mobile data intelligence
  • User privacy
  • Security and privacy of mobile systems
  • Security and privacy of cyber-physical systems
  • Security for critical infrastructure networks
  • Security and privacy of ubiquitous systems

Dr. Umit Karabiyik
Dr. Mamoun Alazab
Dr. Abdelkader Ouda
Guest Editors

Manuscript Submission Information

Manuscripts should be submitted online at www.mdpi.com by registering and logging in to this website. Once you are registered, click here to go to the submission form. Manuscripts can be submitted until the deadline. All submissions that pass pre-check are peer-reviewed. Accepted papers will be published continuously in the journal (as soon as accepted) and will be listed together on the special issue website. Research articles, review articles as well as short communications are invited. For planned papers, a title and short abstract (about 100 words) can be sent to the Editorial Office for announcement on this website.

Submitted manuscripts should not have been published previously, nor be under consideration for publication elsewhere (except conference proceedings papers). All manuscripts are thoroughly refereed through a single-blind peer-review process. A guide for authors and other relevant information for submission of manuscripts is available on the Instructions for Authors page. Electronics is an international peer-reviewed open access semimonthly journal published by MDPI.

Please visit the Instructions for Authors page before submitting a manuscript. The Article Processing Charge (APC) for publication in this open access journal is 2400 CHF (Swiss Francs). Submitted papers should be well formatted and use good English. Authors may use MDPI's English editing service prior to publication or during author revisions.

Keywords

  • data intelligence
  • digital forensics
  • mobile security
  • network forensics
  • network security
  • privacy protection
  • ubiquitous systems’ security

Published Papers (6 papers)

Download All Papers
Order results
Result details
Show export options expand_more Show export options expand_less
Select all
Export citation of selected articles as:

Research

17 pages, 1868 KiB  
Article
Using Ensemble Learning for Anomaly Detection in Cyber–Physical Systems
by Nicholas Jeffrey, Qing Tan and José R. Villar
Electronics 2024, 13(7), 1391; https://doi.org/10.3390/electronics13071391 - 07 Apr 2024
Viewed by 491
Abstract
The swift embrace of Industry 4.0 paradigms has led to the growing convergence of Information Technology (IT) networks and Operational Technology (OT) networks. Traditionally isolated on air-gapped and fully trusted networks, OT networks are now becoming more interconnected with IT networks due to [...] Read more.
The swift embrace of Industry 4.0 paradigms has led to the growing convergence of Information Technology (IT) networks and Operational Technology (OT) networks. Traditionally isolated on air-gapped and fully trusted networks, OT networks are now becoming more interconnected with IT networks due to the advancement and applications of IoT. This expanded attack surface has led to vulnerabilities in Cyber–Physical Systems (CPSs), resulting in increasingly frequent compromises with substantial economic and life safety repercussions. The existing methods for the anomaly detection of security threats typically use simple threshold-based strategies or apply Machine Learning (ML) algorithms to historical data for the prediction of future anomalies. However, due to the high levels of heterogeneity across different CPS environments, minimizing the opportunities for transfer learning, and the scarcity of real-world data for training, the existing ML-based anomaly detection techniques suffer from a poor predictive performance. This paper introduces a hybrid anomaly detection approach designed to identify threats to CPSs by combining the signature-based anomaly detection typically utilized in IT networks, the threshold-based anomaly detection typically utilized in OT networks, and behavioural-based anomaly detection using Ensemble Learning (EL), which leverages the strengths of multiple ML algorithms against the same dataset to increase the accuracy. Multiple public research datasets were used to validate the proposed approach, with the hybrid methodology employing a divide-and-conquer strategy to offload the detection of certain cyber threats to computationally inexpensive signature-based and threshold-based methods using domain knowledge to minimize the size of the behavioural-based data needed for ML model training, thus achieving a higher accuracy over a reduced timeframe. The experimental results showed accuracy improvements of 4–7% over those of the conventional ML classifiers in performing anomaly detection across multiple datasets, which is particularly important to the operators of CPS environments due to the high financial and life safety costs associated with interruptions to system availability. Full article
(This article belongs to the Special Issue Network and Mobile Systems Security, Privacy and Forensics)
Show Figures

Figure 1

17 pages, 4812 KiB  
Article
A Multilayered Preprocessing Approach for Recognition and Classification of Malicious Social Network Messages
by Aušra Čepulionytė, Jevgenijus Toldinas and Borisas Lozinskis
Electronics 2023, 12(18), 3785; https://doi.org/10.3390/electronics12183785 - 07 Sep 2023
Cited by 1 | Viewed by 826
Abstract
The primary methods of communication in the modern world are social networks, which are rife with harmful messages that can injure both psychologically and financially. Most websites do not offer services that automatically delete or send malicious communications back to the sender for [...] Read more.
The primary methods of communication in the modern world are social networks, which are rife with harmful messages that can injure both psychologically and financially. Most websites do not offer services that automatically delete or send malicious communications back to the sender for correction, or notify the sender of inaccuracies in the content of the messages. The deployment of such systems could make use of techniques for identifying and categorizing harmful messages. This paper suggests a novel multilayered preprocessing approach for the recognition and classification of malicious social network messages to limit negative impact, resulting in fewer toxic messages, scams, and aggressive comments in social media messages and commenting areas. As a result, less technical knowledge would be required to investigate the effects of harmful messages. The dataset was created using the regional Lithuanian language with four classes: aggressive, insulting, toxic, and malicious. Three machine learning algorithms were examined, five use cases of a multilayered preprocessing approach were suggested, and experiments were conducted to identify and classify harmful messages in the Lithuanian language. Full article
(This article belongs to the Special Issue Network and Mobile Systems Security, Privacy and Forensics)
Show Figures

Figure 1

22 pages, 12565 KiB  
Article
Digital Forensics for E-IoT Devices in Smart Cities
by Minju Kim and Taeshik Shon
Electronics 2023, 12(15), 3233; https://doi.org/10.3390/electronics12153233 - 26 Jul 2023
Cited by 4 | Viewed by 1486
Abstract
With the global expansion of urban infrastructure and development of 5G communication technology, advanced information and communications technology has been applied to power systems and the use of smart grids has increased. Smart grid systems collect energy data using Internet-of-Things (IoT) devices, such [...] Read more.
With the global expansion of urban infrastructure and development of 5G communication technology, advanced information and communications technology has been applied to power systems and the use of smart grids has increased. Smart grid systems collect energy data using Internet-of-Things (IoT) devices, such as data concentrator units (DCUs) and smart meters, to effectively manage energy. Services and functions for energy management are being incorporated into home IoT devices. In this paper, the IoT for energy management in smart cities and smart homes is referred to as the E-IoT. Systems that use the E-IoT can efficiently manage data, but they present many potential security threats, because the E-IoT devices in such homes and enterprises are networked for energy management. Therefore, in this study, to identify vulnerabilities in the E-IoT device systems, digital forensics is applied to the E-IoT device systems. E-IoT devices supplied to Korean power systems were used to build a digital forensic test bed similar to actual E-IoT environments. For digital forensics application, E-IoT data acquisition and analysis methodology was proposed. The proposed methodology consisted of three methods—network packet data analysis, hardware interface analysis, and mobile device paired with E-IoT—which were applied to a DCU, smart meter, smart plug, smart heat controller, smart microwave, and smart monitoring system. On analyzing the user and system data acquired, artifacts such as the device name and energy consumption were derived. User accounts and passwords and energy-usage logs were obtained, indicating the possibility of leakage of personal information and the vulnerabilities of E-IoT devices. Full article
(This article belongs to the Special Issue Network and Mobile Systems Security, Privacy and Forensics)
Show Figures

Figure 1

14 pages, 1879 KiB  
Article
Web Site Fingerprint Attack Generation Technology Combined with Genetic Algorithm
by Hanfeng Bai, Junkai Yi and Ruidong Chen
Electronics 2023, 12(6), 1449; https://doi.org/10.3390/electronics12061449 - 19 Mar 2023
Viewed by 1242
Abstract
An anonymous network can be used to protect privacy and conceal the identities of both communication parties. A website fingerprinting attack identifies the target website for the data access by matching the pattern of the monitored data traffic, rendering the anonymous network ineffective. [...] Read more.
An anonymous network can be used to protect privacy and conceal the identities of both communication parties. A website fingerprinting attack identifies the target website for the data access by matching the pattern of the monitored data traffic, rendering the anonymous network ineffective. To defend against fingerprint attacks on anonymous networks, we propose a novel adversarial sample generation method based on genetic algorithms. We can generate effective adversarial samples with minimal cost by constructing an appropriate fitness function to select samples, allowing us to defend against several mainstream attack methods. The technique reduces the accuracy of a cutting-edge attack hardened with adversarial training from 90% to 20–30%. It also outperforms other defense methods of the same type in terms of information leakage rate. Full article
(This article belongs to the Special Issue Network and Mobile Systems Security, Privacy and Forensics)
Show Figures

Graphical abstract

16 pages, 1383 KiB  
Article
Torrent Poisoning Protection with a Reverse Proxy Server
by António Godinho, José Rosado, Filipe Sá, Filipe Caldeira and Filipe Cardoso
Electronics 2023, 12(1), 165; https://doi.org/10.3390/electronics12010165 - 30 Dec 2022
Cited by 1 | Viewed by 4657
Abstract
A Distributed Denial-of-Service attack uses multiple sources operating in concert to attack a network or site. A typical DDoS flood attack on a website targets a web server with multiple valid requests, exhausting the server’s resources. The participants in this attack are usually [...] Read more.
A Distributed Denial-of-Service attack uses multiple sources operating in concert to attack a network or site. A typical DDoS flood attack on a website targets a web server with multiple valid requests, exhausting the server’s resources. The participants in this attack are usually compromised/infected computers controlled by the attackers. There are several variations of this kind of attack, and torrent index poisoning is one. A Distributed Denial-of-Service (DDoS) attack using torrent poisoning, more specifically using index poisoning, is one of the most effective and disruptive types of attacks. These web flooding attacks originate from BitTorrent-based file-sharing communities, where the participants using the BitTorrent applications cannot detect their involvement. The antivirus and other tools cannot detect the altered torrent file, making the BitTorrent client target the webserver. The use of reverse proxy servers can block this type of request from reaching the web server, preventing the severity and impact on the service of the DDoS. In this paper, we analyze a torrent index poisoning DDoS to a higher education institution, the impact on the network systems and servers, and the mitigation measures implemented. Full article
(This article belongs to the Special Issue Network and Mobile Systems Security, Privacy and Forensics)
Show Figures

Figure 1

21 pages, 1010 KiB  
Article
Smart Chatbot for User Authentication
by Peter Voege, Iman I. M. Abu Sulayman and Abdelkader Ouda
Electronics 2022, 11(23), 4016; https://doi.org/10.3390/electronics11234016 - 03 Dec 2022
Cited by 3 | Viewed by 1356
Abstract
Despite being the most widely used authentication mechanism, password-based authentication is not very secure, being easily guessed or brute-forced. To address this, many systems which especially value security adopt Multi-Factor Authentication (MFA), in which multiple different authentication mechanisms are used concurrently. JitHDA (Just-in-time [...] Read more.
Despite being the most widely used authentication mechanism, password-based authentication is not very secure, being easily guessed or brute-forced. To address this, many systems which especially value security adopt Multi-Factor Authentication (MFA), in which multiple different authentication mechanisms are used concurrently. JitHDA (Just-in-time human dynamics based authentication engine) is a new authentication mechanism which can add another option to MFA capabilities. JitHDA observes human behaviour and human dynamics to gather up to date information on the user from which authentication questions can be dynamically generated. This paper proposes a system that implements JitHDA, which we call Autonomous Inquiry-based Authentication Chatbot (AIAC). AIAC uses anomalous events gathered from a user’s recent activity to create personalized questions for the user to answer, and is designed to improve its own capabilities over time using neural networks trained on data gathered during authentication sessions. Due to using the user’s recent activity, they will be easy for the authentic user to answer and hard for a fraudulent user to guess, and as the user’s recent history updates between authentication sessions new questions will be dynamically generated to replace old ones. We intend to show in this paper that AIAC is a viable implementation of JitHDA. Full article
(This article belongs to the Special Issue Network and Mobile Systems Security, Privacy and Forensics)
Show Figures

Figure 1

Show export options expand_more Show export options expand_less
Select all
Export citation of selected articles as:
 
Displaying articles 1-6
Back to TopTop