Symmetry in Artificial Intelligence and Mathematical Modeling for Cybersecurity

A special issue of Symmetry (ISSN 2073-8994). This special issue belongs to the section "Computer".

Deadline for manuscript submissions: closed (10 April 2023) | Viewed by 30125

Special Issue Editor

Department of Complex Information Security of Computer Systems, University of Control Systems and Radioelectronics, Lenin Ave, 40, Tomskaya Oblast, 634050 Tomsk, Russia
Interests: theory and practice of complex information security systems; information security, mathematical modeling of difficult systems; algorithms of processing of big data
Special Issues, Collections and Topics in MDPI journals

Special Issue Information

Dear Colleagues,

The rapid digitalization of the economy has led to the digital transformation of all industries. With the development of technology, new complex objects have appeared—cyber-physical systems, digital economy, and digital production systems. Keeping such a modern system in a secure state means its invariance under any kind of outer or inner transformations. It has become evident that modern cyber-physical systems follow the laws of nature originate in symmetries: fractal features, identity of operational chains, system resilience and cybersecurity, homeostatic control, symmetric network structures, and symmetric algorithms.

Ensuring information security of the whole digital infrastructure requires the use of an interdisciplinary approach that involves various mathematical models and methods – statistics, the theory of fractals and wavelets, number-theoretic and cryptography methods, and graph theory. The application of various mathematical apparatus will provide accurate and efficient modeling of complex and interconnected processes implemented by modern systems, describe the mutual influence of their components on each other, and enable us to design predictive models that describe the development of such systems depending on external and internal conditions.

It is also necessary to apply artificial intelligence techniques that have proven themselves in solving the issues of pattern recognition, prediction, and optimization, which are an integral part of information security.

Please note that all submitted papers must be within the general scope of the Symmetry journal.

The topics of research areas covered for this Special Issue are as follows:

  • Artificial intelligence for anomaly detection;
  • Cyber-resilience evaluation;
  • Vulnerabilities and malware detection;
  • Threat modeling;
  • Security incidents detection and investigation;
  • Decision-making under destructive information impact;
  • Big data analytics in cybersecurity;
  • Feature selection algorithms;
  • Post-quantum cryptography;
  • Blockchain;
  • Symmetric key cryptography;
  • Social network security;
  • Fuzzy classification techniques;
  • Information forensics;
  • Data Mining for security applications;
  • Security of smart manufacturing and cyber-physical production systems.

All papers submitted to the Special Issue will be thoroughly reviewed by at least two independent experts. We hope that this Special Issue will encourage change and the development of useful new tools and applications in different fields, and that it will enrich the scientific community for the researchers in the concerned fields.

Prof. Dr. Alexander Shelupanov
Guest Editor

Manuscript Submission Information

Manuscripts should be submitted online at www.mdpi.com by registering and logging in to this website. Once you are registered, click here to go to the submission form. Manuscripts can be submitted until the deadline. All submissions that pass pre-check are peer-reviewed. Accepted papers will be published continuously in the journal (as soon as accepted) and will be listed together on the special issue website. Research articles, review articles as well as short communications are invited. For planned papers, a title and short abstract (about 100 words) can be sent to the Editorial Office for announcement on this website.

Submitted manuscripts should not have been published previously, nor be under consideration for publication elsewhere (except conference proceedings papers). All manuscripts are thoroughly refereed through a single-blind peer-review process. A guide for authors and other relevant information for submission of manuscripts is available on the Instructions for Authors page. Symmetry is an international peer-reviewed open access monthly journal published by MDPI.

Please visit the Instructions for Authors page before submitting a manuscript. The Article Processing Charge (APC) for publication in this open access journal is 2400 CHF (Swiss Francs). Submitted papers should be well formatted and use good English. Authors may use MDPI's English editing service prior to publication or during author revisions.

Published Papers (8 papers)

Order results
Result details
Select all
Export citation of selected articles as:

Research

17 pages, 3360 KiB  
Article
A Novel Color Visual Cryptography Approach Based on Harris Hawks Optimization Algorithm
by Dyala Ibrahim, Rami Sihwail, Khairul Akram Zainol Arrifin, Ala Abuthawabeh and Manar Mizher
Symmetry 2023, 15(7), 1305; https://doi.org/10.3390/sym15071305 - 24 Jun 2023
Cited by 2 | Viewed by 1104
Abstract
Hundreds of millions of people worldwide use computing devices and services, including smartphones, laptops, and messaging apps. Visual cryptography (VC) is one of the most secure encryption methods for image encryption in many applications, such as voting security, online transaction security, and privacy [...] Read more.
Hundreds of millions of people worldwide use computing devices and services, including smartphones, laptops, and messaging apps. Visual cryptography (VC) is one of the most secure encryption methods for image encryption in many applications, such as voting security, online transaction security, and privacy protection. An essential step in VC is encrypting secret images into multiple digital shares to hide them with the intention of successfully reverting them to their original form. Hence, a single share cannot reveal information about the secret image. Issues including pixel enlargement, high processing costs, and low decryption quality influence the current state of VC. We address these issues by introducing a novel technique based on (2, 2) secret sharing and the algorithm of Harris hawks optimization (HHO) for color photos. For the encryption process, the appropriate color levels are determined using the HHO algorithm. Consequently, images are decrypted with improved quality and a small impact on the overall processing complexity. The suggested scheme is also non-expandable due to the equal size of the initial secret image and the shared images. This results in lower memory requirements and improved image quality. The approach is applied to a set of well-known benchmark images. Moreover, a set of standard metrics is used to assess the robustness of the proposed scheme, including its capability in defending against cryptanalytic attacks, a correlation, a histogram, and the quality of encryption. According to the findings, the proposed solution provides better reconstructed image quality, time-efficient encryption, and nearly optimal statistical properties compared to previous approaches. Full article
Show Figures

Figure 1

24 pages, 3102 KiB  
Article
Artificial Intelligence-Based Malware Detection, Analysis, and Mitigation
by Amir Djenna, Ahmed Bouridane, Saddaf Rubab and Ibrahim Moussa Marou
Symmetry 2023, 15(3), 677; https://doi.org/10.3390/sym15030677 - 08 Mar 2023
Cited by 8 | Viewed by 12050
Abstract
Malware, a lethal weapon of cyber attackers, is becoming increasingly sophisticated, with rapid deployment and self-propagation. In addition, modern malware is one of the most devastating forms of cybercrime, as it can avoid detection, make digital forensics investigation in near real-time impossible, and [...] Read more.
Malware, a lethal weapon of cyber attackers, is becoming increasingly sophisticated, with rapid deployment and self-propagation. In addition, modern malware is one of the most devastating forms of cybercrime, as it can avoid detection, make digital forensics investigation in near real-time impossible, and the impact of advanced evasion strategies can be severe and far-reaching. This makes it necessary to detect it in a timely and autonomous manner for effective analysis. This work proposes a new systematic approach to identifying modern malware using dynamic deep learning-based methods combined with heuristic approaches to classify and detect five modern malware families: adware, Radware, rootkit, SMS malware, and ransomware. Our symmetry investigation in artificial intelligence and cybersecurity analytics will enhance malware detection, analysis, and mitigation abilities to provide resilient cyber systems against cyber threats. We validated our approach using a dataset that specifically contains recent malicious software to demonstrate that the model achieves its goals and responds to real-world requirements in terms of effectiveness and efficiency. The experimental results indicate that the combination of behavior-based deep learning and heuristic-based approaches for malware detection and classification outperforms the use of static deep learning methods. Full article
Show Figures

Figure 1

15 pages, 1263 KiB  
Article
Model of Threats to the Integrity and Availability of Information Processed in Cyberspace
by Nikolay Sergeevich Egoshin, Anton Aleksandrovich Konev and Aleksandr Aleksandrovich Shelupanov
Symmetry 2023, 15(2), 431; https://doi.org/10.3390/sym15020431 - 06 Feb 2023
Cited by 1 | Viewed by 1084
Abstract
Depending on their motivation, offenders have different goals, and disclosure of information is not always such a goal. It often happens that the purpose of the offender is to disrupt the normal operation of the system. This can be achieved both by acting [...] Read more.
Depending on their motivation, offenders have different goals, and disclosure of information is not always such a goal. It often happens that the purpose of the offender is to disrupt the normal operation of the system. This can be achieved both by acting directly on the information and by acting on the elements of the system. Actions of this kind lead to a violation of integrity and availability, but not confidentiality. It follows that the process of forming a threat model for the integrity and availability of information differs from a similar process for confidentiality threats. The purpose of this study is to develop an information integrity threat model that focuses on threats disrupting the normal operation of the system. The research methodology is based on the methods of system analysis, graph theory, discrete mathematics, and automata theory. As a result of the research, we proposed a model of threats to the integrity and availability of information. The proposed threat model differs from analogues by a high level of abstraction without reference to the subject area and identification of threats to the availability of information as a subset of threats to the integrity of the information transmission channel. Full article
Show Figures

Figure 1

21 pages, 29407 KiB  
Article
Cognitive Model for Assessing the Security of Information Systems for Various Purposes
by Vladimir V. Baranov and Alexander A. Shelupanov
Symmetry 2022, 14(12), 2631; https://doi.org/10.3390/sym14122631 - 12 Dec 2022
Viewed by 1205
Abstract
This article substantiates the relevance of the development of a cognitive model for assessing the security of information systems for various purposes, designed to support decision-making by officials of information security management bodies. The article analyzes scientific papers and research in this area, [...] Read more.
This article substantiates the relevance of the development of a cognitive model for assessing the security of information systems for various purposes, designed to support decision-making by officials of information security management bodies. The article analyzes scientific papers and research in this area, formulates the requirements for the functional capabilities of the model, and investigates and identifies the most appropriate modeling tools, based on the symmetry property that develops from integrated ontological and neuro-Bayesian models; typical clusters of information systems; tactics and techniques for the implementation of information security threats through the vulnerabilities of objects at various levels of the International Organization of Standardization/Open Systems Interconnection model (the ISO/OSI model); protective influences; and attacking influences. This approach allowed us to identify such objects of influence and their current vulnerabilities and scenarios for the implementation of information security threats; to calculate the joint probability distribution of information security events of various origins; and to simulate the process of operational management of information security. Full article
Show Figures

Figure 1

22 pages, 1000 KiB  
Article
DualAC2NN: Revisiting and Alleviating Alert Fatigue from the Detection Perspective
by Gang Yang, Chaojing Tang and Xingtong Liu
Symmetry 2022, 14(10), 2138; https://doi.org/10.3390/sym14102138 - 13 Oct 2022
Cited by 2 | Viewed by 1372
Abstract
The exponential expansion of Internet interconnectivity has led to a dramatic increase in cyber-attack alerts, which contain a considerable proportion of false positives. The overwhelming number of false positives cause tremendous resource consumption and delay responses to the really severe incidents, namely, alert [...] Read more.
The exponential expansion of Internet interconnectivity has led to a dramatic increase in cyber-attack alerts, which contain a considerable proportion of false positives. The overwhelming number of false positives cause tremendous resource consumption and delay responses to the really severe incidents, namely, alert fatigue. To cope with the challenge from alert fatigue, we focus on enhancing the capability of detectors to reduce the generation of false alerts from the detection perspective. The core idea of our work is to train a machine-learning-based detector to grasp the empirical intelligence of security analysts to estimate the feasibility of an incoming HTTP request to cause substantial threats, and integrate the estimation into the detection stage to reduce false alarms. To this end, we innovatively introduce the concept of attack feasibility to characterize the composition rationality of an inbound HTTP request as a feasible attack under static scrutinization. First, we adopt a fast request-reorganization algorithm to transform an HTTP request into the form of interface:payload pair for further alignment of structural components which can reveal the processing logic of the target program. Then, we build a dual-channel attention-based circulant convolution neural network (DualAC2NN) to integrate the attack feasibility estimation into the alert decision, by comprehensively considering the interface sensitivity, payload maliciousness, and their bipartite compatibility. Experiments on a real-world dataset show that the proposed method significantly reduces invalid alerts by around 86.37% and over 61.64% compared to a rule-based commercial WAF and several state-of-the-art methods, along with retaining a detection rate at 97.89% and a lower time overhead, which indicates that our approach can effectively mitigate alert fatigue from the detection perspective. Full article
Show Figures

Figure 1

15 pages, 880 KiB  
Article
Web User Trust Evaluation: A Novel Approach Using Fuzzy Petri Net and Behavior Analysis
by Zenan Wu, Liqin Tian, Yi Zhang and Zhigang Wang
Symmetry 2021, 13(8), 1487; https://doi.org/10.3390/sym13081487 - 13 Aug 2021
Cited by 1 | Viewed by 1541
Abstract
With the development of society and information technology, people’s dependence on the Internet has gradually increased, including online shopping, downloading files, reading books, and online banking. However, how to ensure the safety and legitimacy of these network user behaviors has become the focus [...] Read more.
With the development of society and information technology, people’s dependence on the Internet has gradually increased, including online shopping, downloading files, reading books, and online banking. However, how to ensure the safety and legitimacy of these network user behaviors has become the focus of attention. As we all know, cybersecurity and system resilience originate from symmetry. Due to the diversity and unpredictability of cyber-attacks, absolute cybersecurity is difficult to achieve; system resilience indicates that protecting system security should shift from resisting attacks to ensuring system continuity. The trust evaluation of network users is a research hotspot in improving network system security. Aiming at the defects of incomplete evaluation processes and inaccurate evaluation results in current online user behavior trust evaluation methods, this paper combines the basic principles of online user trust evaluation and proposes a trust evaluation model that combines fuzzy Petri nets with user behavior analysis. First, for “unfamiliar” users, we used fuzzy Petri nets to calculate the user’s recommended trust value as the system’s indirect trust value; next, we used the user’s behavior record as evidence to conduct direct trust evaluation on the user to obtain the system’s direct trust in the user’s value; finally, the two calculation results were combined to obtain the user’s comprehensive trust value. In terms of experimental verification, the experimental data came from a self-developed e-book management system. Through theoretical analysis and simulation results, it was shown that the model met the optimization conditions of subjective and objective relative balance, the evaluation process was more complete, and the trust evaluation values of network users could be obtained more accurately. This evaluation method provides solid theory and research ideas for user credibility judgment of key network basic application platforms such as online shopping malls, online transactions, and online banking. Full article
Show Figures

Figure 1

16 pages, 1532 KiB  
Article
Effectiveness of Focal Loss for Minority Classification in Network Intrusion Detection Systems
by Mulyanto Mulyanto, Muhamad Faisal, Setya Widyawan Prakosa and Jenq-Shiou Leu
Symmetry 2021, 13(1), 4; https://doi.org/10.3390/sym13010004 - 22 Dec 2020
Cited by 66 | Viewed by 5197
Abstract
As the rapid development of information and communication technology systems offers limitless access to data, the risk of malicious violations increases. A network intrusion detection system (NIDS) is used to prevent violations, and several algorithms, such as shallow machine learning and deep neural [...] Read more.
As the rapid development of information and communication technology systems offers limitless access to data, the risk of malicious violations increases. A network intrusion detection system (NIDS) is used to prevent violations, and several algorithms, such as shallow machine learning and deep neural network (DNN), have previously been explored. However, intrusion detection with imbalanced data has usually been neglected. In this paper, a cost-sensitive neural network based on focal loss, called the focal loss network intrusion detection system (FL-NIDS), is proposed to overcome the imbalanced data problem. FL-NIDS was applied using DNN and convolutional neural network (CNN) to evaluate three benchmark intrusion detection datasets that suffer from imbalanced distributions: NSL-KDD, UNSW-NB15, and Bot-IoT. The results showed that the proposed algorithm using FL-NIDS in DNN and CNN architecture increased the detection of intrusions in imbalanced datasets compared to vanilla DNN and CNN in both binary and multiclass classifications. Full article
Show Figures

Figure 1

17 pages, 939 KiB  
Article
Source Code Authorship Identification Using Deep Neural Networks
by Anna Kurtukova, Aleksandr Romanov and Alexander Shelupanov
Symmetry 2020, 12(12), 2044; https://doi.org/10.3390/sym12122044 - 10 Dec 2020
Cited by 15 | Viewed by 3914
Abstract
Many open-source projects are developed by the community and have a common basis. The more source code is open, the more the project is open to contributors. The possibility of accidental or deliberate use of someone else’s source code as a closed functionality [...] Read more.
Many open-source projects are developed by the community and have a common basis. The more source code is open, the more the project is open to contributors. The possibility of accidental or deliberate use of someone else’s source code as a closed functionality in another project (even a commercial) is not excluded. This situation could create copyright disputes. Adding a plagiarism check to the project lifecycle during software engineering solves this problem. However, not all code samples for comparing can be found in the public domain. In this case, the methods of identifying the source code author can be useful. Therefore, identifying the source code author is an important problem in software engineering, and it is also a research area in symmetry. This article discusses the problem of identifying the source code author and modern methods of solving this problem. Based on the experience of researchers in the field of natural language processing (NLP), the authors propose their technique based on a hybrid neural network and demonstrate its results both for simple cases of determining the authorship of the code and for those complicated by obfuscation and using of coding standards. The results show that the author’s technique successfully solves the essential problems of analogs and can be effective even in cases where there are no obvious signs indicating authorship. The average accuracy obtained for all programming languages was 95% in the simple case and exceeded 80% in the complicated ones. Full article
Show Figures

Figure 1

Back to TopTop