Search Results (3,584)

The rapid expansion of the Internet of Things (IoT) has uncovered a significant asymmetry in cybersecurity, where low-power edge devices must face sophisticated threats from adversaries backed by ample resources. In our study, we employ a symmetry-based approach to rebalance these uneven scenarios. We propose a Hybrid Neural Network Intrusion Detection System (Hybrid NNIDS) that uses LightGBM to filter anomalies at the traffic level and MobileNetV2 for further detection at the packet level, creating a viable compromise between detection accuracy and computational cost. Additionally, the proposed Hybrid NNIDS model, on the ACI-IoT-2023 dataset, outperformed other intrusion detection models with an accuracy of 94%, an F1-score of 91%, and a precision rate of 93% in attack detection. The results indicate the developed asymmetry algorithm can greatly reduce processing overhead while still being able to be implemented in IoT environments. The focus of future work will be on the real-world deployment of these security infrastructures in the IoT and their adaptation to newer types of attack vectors that may be developed by malware. Full article

The future Internet of Things (IoT) will consist of energy harvesting devices and Unmanned Aerial Vehicles (UAVs) to support applications in remote areas. However, as UAVs communicate with IoT devices using broadcast channels, information leakage emerges as a critical security threat. This paper considers the problem of maximizing the minimum secrecy rate in an energy harvesting IoT network supported by two UAVs, where one acts as a server to collect data from devices, and the other is an eavesdropper to intercept data transmission. It presents a novel Mixed-Integer Nonlinear Program (MINLP), which we then linearize into a Mixed-Integer Linear Program (MILP) problem. It also proposes a heuristic solution called Fly Nearest Location (FNL). Both solutions determine (i) the UAV server’s flight routing, flight time, and computation time, as well as (ii) the energy usage and operation mode of IoT devices. Our results show that FNL achieves on average 78.15% of MILP’s performance. Full article

Magnetotelluric (MT) forward modeling is a key technique in magnetotelluric sounding, and deep learning has been widely applied to MT forward modeling. In three-dimensional (3-D) problems, although existing methods can predict forward modeling results with high accuracy, they often use multiple networks to simulate multiple forward modeling parameters, resulting in low efficiency. We apply multi-task learning (MTL) to 3-D MT forward modeling to achieve simultaneous inference of apparent resistivity and impedance phase, effectively improving overall efficiency. Furthermore, through comparative analysis of feature map differences in various decoder layers of the network, we identify the optimal branching point for multi-task learning decoders. This enhances the feature extraction capabilities of the network and improves the prediction accuracy of forward modeling parameters. Additionally, we introduce an uncertainty-based loss function to dynamically balance the learning weights between tasks, addressing the shortcomings of traditional loss functions. Experiments demonstrate that compared with single-task networks and existing multi-task networks, the proposed network (MT-FeatureNet) achieves the best results in terms of Structural Similarity Index Measure (SSIM), Mean Relative Error (MRE), and Mean Absolute Error (MAE). The proposed multi-task learning model not only improves the efficiency and accuracy of 3-D MT forward modeling but also provides a novel approach to the design of multi-task learning network structures. Full article

The rapid proliferation of ransomware variants necessitates more effective detection mechanisms, as traditional signature-based methods are increasingly inadequate. These conventional methods rely on manual feature extraction and matching, which are time-consuming and limited to known threats. This study addresses the escalating challenge of ransomware threats in cybersecurity by proposing a novel deep learning model, LSTM-EDadver, which leverages Generative Adversarial Networks (GANs) and Carlini and Wagner (CW) attacks to enhance malware detection capabilities. LSTM-EDadver innovatively generates adversarial examples (AEs) using sequential features derived from ransomware behaviors, thus training deep learning models to improve their robustness and accuracy. The methodology combines Cuckoo sandbox analysis with conceptual lattice ontology to capture a wide range of ransomware families and their variants. This approach not only addresses the shortcomings of existing models but also simulates real-world adversarial conditions during the validation phase by subjecting the models to CW attacks. The experimental results demonstrate that LSTM-EDadver achieves a classification accuracy of 96.59%. This performance was achieved using a dataset of 1328 ransomware samples (across 32 ransomware families) and 519 normal instances, outperforming traditional RNN, LSTM, and GCU models, which recorded accuracies of 90.01%, 93.95%, and 94.53%, respectively. The proposed model also shows significant improvements in F1-score, ranging from 2.49% to 6.64% compared to existing models without adversarial training. This advancement underscores the effectiveness of integrating GAN-generated attack command sequences into model training. Full article

Smart grid reliability and efficiency are critical for uninterrupted service, especially amidst growing demand and network complexity. Wide-Area Measurement Systems (WAMS) are valuable tools for mitigating faults and reducing fault-clearing time while simultaneously prioritizing cybersecurity. This review looks at smart grid WAMS implementation and its potential for cyber-physical power system (CPPS) development and compares it to traditional Supervisory Control and Data Acquisition (SCADA) infrastructure. While traditionally used in smart grids, SCADA has become insufficient in handling modern grid dynamics. WAMS differ through utilizing phasor measurement units (PMUs) to provide real-time monitoring and enhance situational awareness. This review explores PMU deployment models and their integration into existing grid infrastructure for CPPS and smart grid development. The review discusses PMU configurations that enable precise measurements across the grid for quicker, more accurate decisions. This study highlights models of PMU and WAMS deployment for conventional grids to convert them into smart grids in terms of the Smart Grid Architecture Model (SGAM). Examples from developing nations illustrate cybersecurity benefits in cyber-physical frameworks and improvements in grid stability and efficiency. Further incorporating machine learning, multi-level optimization, and predictive analytics can enhance WAMS capabilities by enabling advanced fault prediction, automated response, and multilayer cybersecurity. Full article

In the current operational landscape, organizations face a growing and diverse array of cybersecurity challenges, necessitating the development and implementation of innovative and effective security solutions. This paper presents a novel methodology for dynamic risk assessment and mitigation suggestions aimed at assessing and reducing cyber risks. The proposed approach gathers information from publicly available cybersecurity-related open sources and integrates it with environment-specific data to generate a comprehensive understanding of potential risks. It creates multiple distinct risk scenarios based on the identification of vulnerabilities, network topology, and the attacker’s perspective. The methodology employs Bayesian networks to proactively and dynamically estimate the probability of threats and Fuzzy Cognitive Maps to dynamically update vulnerability severity values for each risk scenario. These elements are combined with impact estimations to provide dynamic risk assessments. Furthermore, the methodology offers mitigation suggestions for each identified vulnerability across all risk scenarios, enabling organizations to effectively address the assessed cybersecurity risks. To validate the effectiveness of the proposed methodology, a case study is presented, demonstrating its practical application and efficacy. Full article

Cybersecurity challenges are increasing in the rail industry because of constant technological evolution that includes the Internet of Things, blockchains, automation, and artificial intelligence. Consequently, many railroads and supply chain stakeholders have implemented strategies and practices to address these challenges. However, the pace of cybersecurity implementation in the railroad industry is slow even as cyberthreats escalate. This study uniquely integrates bibliometric analysis with a systematic literature review to provide a holistic view of cybersecurity trends in rail freight. The study analyzes 70 articles focusing on cybersecurity practices in the rail freight industry, structured around four research questions relating to: (1) challenges, (2) measures, (3) emerging trends, and (4) innovations. Key findings are that implementing cybersecurity practices in the rail freight industry comes with numerous challenges and risks. The study concludes that new threats will constantly emerge with technological advancements. Therefore, there is a need for continuous human training, collaboration, and coordination with stakeholders. This study also highlights research gaps and recommends how stakeholders can most appropriately execute cybersecurity strategies and best coordinate them with the various technological functions in the rail freight industry. Full article

Insider threats pose a significant challenge to organizational cybersecurity, often leading to catastrophic financial and reputational damages. Traditional tools such as firewalls and antivirus systems lack the sophistication needed to detect and mitigate these threats in real time. This paper introduces a machine learning-based system that integrates real-time anomaly detection with dynamic user profiling, enabling the classification of employees into categories of low, medium, and high risk. The system was validated using a synthetic dataset, achieving exceptional accuracy across machine learning models, with XGBoost emerging as the most effective. Full article

Recently, the IT industry has become larger, and cloud service has rapidly increased; thus cybersecurity to protect sensitive data from attacks has become an important factor. However, cloud services have become larger, making the surface area larger, and a complex cyber environment leads to difficulty managing and defending. With the rise of artificial intelligence, applying artificial intelligence to a cyber environment to automatically detect and respond to cyberattacks has begun to get attention. In order to apply artificial intelligence in cyber environments, a simulation framework that is easily applicable and can represent real situations well is needed. In this study, we introduce the framework Cyber Environment (CYE) that provides useful components that abstract complex and large cloud environments. Additionally, we use CYE to reproduce real-world situations into the scenario and apply reinforcement learning for training automated intelligence defense agents. Full article

Large language models’ domain-specific capabilities can be enhanced through specialized datasets, yet constructing comprehensive cybersecurity datasets remains challenging due to the field’s multidisciplinary nature. We present PenQA, a novel instructional dataset for penetration testing that integrates theoretical and practical knowledge. Leveraging authoritative sources like MITRE ATT&CK™ and Metasploit, we employ online large language models to generate approximately 50,000 question–answer pairs.We demonstrate PenQA’s efficacy by fine-tuning language models with fewer than 10 billion parameters. Evaluation metrics, including the BLEU, ROUGE, and BERTScore, show significant improvements in the models’ penetration testing capabilities. PenQA is designed to be compatible with various model architectures and updatable as new techniques emerge. This work has implications for automated penetration testing tools, cybersecurity education, and decision support systems. The PenQA dataset is available in our GitHub repository. Full article

The increasing adoption of smart home devices has raised significant concerns regarding privacy, security, and vulnerability to cyber threats. This study addresses these challenges by presenting a federated learning framework enhanced with blockchain technology to detect intrusions in smart home environments. The proposed approach combines knowledge distillation and transfer learning to support heterogeneous IoT devices with varying computational capacities, ensuring efficient local training without compromising privacy. Blockchain technology is integrated to provide decentralized, tamper-resistant access control through Role-Based Access Control (RBAC), allowing only authenticated devices to participate in the federated learning process. This combination ensures data confidentiality, system integrity, and trust among devices. This framework’s performance was evaluated using the N-BaIoT dataset, showcasing its ability to detect anomalies caused by botnets such as Mirai and BASHLITE across diverse IoT devices. Results demonstrate significant improvements in intrusion detection accuracy, particularly for resource-constrained devices, while maintaining privacy and adaptability in dynamic smart home environments. These findings highlight the potential of this blockchain-enhanced federated learning system to offer a scalable, robust, and privacy-preserving solution for securing smart homes against evolving threats. Full article

The Advanced Message Queuing Protocol (AMQP) is a widely used communication standard in IoT systems due to its robust and reliable message delivery capabilities. However, its increasing adoption has made it a target for various cyber threats, including Distributed Denial of Service (DDoS), Man-in-the-Middle (MitM), and brute force attacks. This study presents a comprehensive analysis of AMQP-specific vulnerabilities and introduces a statistical model for the detection and classification of malicious activities in IoT networks. Leveraging a custom-designed IoT testbed, realistic attack scenarios were simulated, and a dataset encompassing normal, malicious, and mixed traffic was generated. Unique attack signatures were identified and validated through repeated experiments, forming the foundation of a signature-based detection mechanism tailored for AMQP networks. The proposed model demonstrated high accuracy in detecting and classifying attack-specific traffic while maintaining a low false positive rate for benign traffic. Notable results include effective detection of RST packets in DDoS scenarios, precise classification of MitM attack patterns, and identification of brute force attempts on AMQP systems. This research highlights the efficacy of signature-based approaches in enhancing IoT security and offers a benchmark for future machine learning-driven detection systems. By addressing AMQP-specific challenges, the study contributes to the development of resilient and secure IoT ecosystems. Full article

This study focuses on Digital Twin-integrated smart energy systems, which serve as an example of Next-Generation Critical Infrastructures (CI). The resilience of these systems is influenced by a variety of internal features and external interactions, all of which are subject to change following cyber-physical disturbances. This necessitates real-time resilience monitoring for CI during crises; however, a significant gap remains in resilience monitoring. To address this gap, this study leverages the role of Internet of Things (IoT) in monitoring complex systems to enhance resilience through critical indicators relevant to cyber-physical safety and security. The study empirically implements Resilience-Key Performance Indicators (R-KPIs) from the domain, including Functionality Loss, Minimum Performance, and Recovery Time Duration. The main goal is to examine real-time IoT-based resilience monitoring in a real-life context. A cyber-physical system equipped with IoT-driven Digital Twins, data-driven microservices, and a False Data Injection Attack (FDIA) scenario is simulated to assess the real-time resilience of this smart system. The results demonstrate that real-time resilience monitoring provides actionable insights into resilience performance based on the selected R-KPIs. These findings contribute to a systematic and reusable model for enhancing the resilience of IoT-enabled CI, advancing efforts to ensure service continuity and secure essential services for society. Full article

The escalating prevalence of cyber threats across industries underscores the urgent need for robust analytical frameworks to understand their clustering, prevalence, and distribution. This study addresses the challenge of quantifying and analyzing relationships between 95 distinct cyberattack types and 29 industry sectors, leveraging a dataset of 9261 entries filtered from over 1 million news articles. Existing approaches often fail to capture nuanced patterns across such complex datasets, justifying the need for innovative methodologies. We present a rigorous mathematical framework integrating chi-square tests, Bayesian inference, Gaussian Mixture Models (GMMs), and Spectral Clustering. This framework identifies key patterns, such as 1150 Zero-Day Exploits clustered in the IT and Telecommunications sector, 732 Advanced Persistent Threats (APTs) in Government and Public Administration, and Malware with a posterior probability of 0.287 dominating the Healthcare sector. Temporal analyses reveal periodic spikes, such as in Zero-Day Exploits, and a persistent presence of Social Engineering Attacks, with 1397 occurrences across industries. These findings are quantified using significance scores (mean: 3.25 ± 0.7) and posterior probabilities, providing evidence for industry-specific vulnerabilities. This research offers actionable insights for policymakers, cybersecurity professionals, and organizational decision makers by equipping them with a data-driven understanding of sector-specific risks. The mathematical formulations are replicable and scalable, enabling organizations to allocate resources effectively and develop proactive defenses against emerging threats. By bridging mathematical theory to real-world cybersecurity challenges, this study delivers impactful contributions toward safeguarding critical infrastructure and digital assets. Full article

This study investigates the relationship between cyber risks and dividend policy, as well as how boards, as a governance mechanism, affect the dividend policy under cyber risk. This study collected firm-level financing, corporate governance, and control variables from the Bloomberg database during the period 2013–2022. This paper measures of cyber risk through publicly available corporate disclosures on Form 10-K. The findings confirmed that cyber risks significantly impact dividend policy by posing challenges to corporate technical communication and financial transparency. Effective boards play a critical role in guiding companies toward governance strategies that enhance dividend policy and improve cybersecurity. This study involves policy and practical implications, where research findings suggest the need to strengthen regulatory frameworks that encourage the adoption of strong governance practices and advanced cybersecurity practices within companies. On the practical level, companies should adopt a proactive approach to managing cyber risks by enhancing investments in this area and developing flexible dividend policies. Full article