Search Results (4,716)

The rapid expansion of the Internet of Things (IoT) has uncovered a significant asymmetry in cybersecurity, where low-power edge devices must face sophisticated threats from adversaries backed by ample resources. In our study, we employ a symmetry-based approach to rebalance these uneven scenarios. We propose a Hybrid Neural Network Intrusion Detection System (Hybrid NNIDS) that uses LightGBM to filter anomalies at the traffic level and MobileNetV2 for further detection at the packet level, creating a viable compromise between detection accuracy and computational cost. Additionally, the proposed Hybrid NNIDS model, on the ACI-IoT-2023 dataset, outperformed other intrusion detection models with an accuracy of 94%, an F1-score of 91%, and a precision rate of 93% in attack detection. The results indicate the developed asymmetry algorithm can greatly reduce processing overhead while still being able to be implemented in IoT environments. The focus of future work will be on the real-world deployment of these security infrastructures in the IoT and their adaptation to newer types of attack vectors that may be developed by malware. Full article

The Internet of Things (IoT) is developing quickly, which has led to the development of new opportunities in many different fields. As the number of IoT devices continues to expand, particularly in transportation and healthcare, the need for efficient and secure operations has become critical. In the next few years, IoT connections will continue to expand across different fields. In contrast, a number of problems require further attention to be addressed to provide safe and effective operations, such as security, interoperability, and standards. This research investigates the efficacy of integrating explainable artificial intelligence (XAI) techniques and causal inference methods to enhance network anomaly detection. This study proposes a robust TOCA-IoT framework that utilizes the linear non-Gaussian acyclic model (LiNGAM) to find causal relationships in network traffic data, thereby improving the accuracy and interpretability of anomaly detection. A refined threshold optimization strategy is employed to address the challenge of selecting optimal thresholds for anomaly classification. The performance of the TOCA-IoT model is evaluated on an IoT benchmark dataset known as CICIoT2023. The results highlight the potential of combining causal discovery with XAI for building more robust and transparent anomaly detection systems. The results showed that the TOCA-IoT framework achieved the highest accuracy of 100% and an F-score of 100% in classifying the IoT attacks. Full article

Owing to limited resources, implementing conventional security components in wireless sensor networks (WSNs) rather than wireless networks is difficult. Because most sensor nodes are typically powered by batteries, the battery power should be sufficiently long to prevent the shortening of the network lifetime. Therefore, many studies have focused on detecting and avoiding energy drainage attacks in WSNs. However, a survey paper has yet to be published for energy drain attacks in WSNs since 2019. Therefore, we present a novel comprehensive survey paper for energy drainage attacks in WSNs. First, we address an overview of WSNs and their security issues. Next, we explain the methodology for this study and explain the existing approaches for energy drainage attacks in layered architectures. Based on the results of this analysis, open issues and further research directions are presented. Full article

In the current operational landscape, organizations face a growing and diverse array of cybersecurity challenges, necessitating the development and implementation of innovative and effective security solutions. This paper presents a novel methodology for dynamic risk assessment and mitigation suggestions aimed at assessing and reducing cyber risks. The proposed approach gathers information from publicly available cybersecurity-related open sources and integrates it with environment-specific data to generate a comprehensive understanding of potential risks. It creates multiple distinct risk scenarios based on the identification of vulnerabilities, network topology, and the attacker’s perspective. The methodology employs Bayesian networks to proactively and dynamically estimate the probability of threats and Fuzzy Cognitive Maps to dynamically update vulnerability severity values for each risk scenario. These elements are combined with impact estimations to provide dynamic risk assessments. Furthermore, the methodology offers mitigation suggestions for each identified vulnerability across all risk scenarios, enabling organizations to effectively address the assessed cybersecurity risks. To validate the effectiveness of the proposed methodology, a case study is presented, demonstrating its practical application and efficacy. Full article

With the continuous development of UAV technology, the application of UAV swarm has gradually become the focus of research all over the world. Although UAV swarm provides some advantages in terms of autonomous collaboration, the traditional UAV management technology suffers from security challenges, including the risk of single points of failure due to centralized control, which makes UAV swarm susceptible to hacker attacks. Due to some advantages of blockchain, such as decentralization, tamper-proof characteristics, and traceability, it is applied to the drone swarm to solve some security challenges brought about by centralized management. However, blockchain cannot achieve secure access control on the data it stores, which may leak some crucial data. Therefore, a secure and efficient access-control model based on blockchain and ciphertext-policy attribute-based encryption (CP-ABE) is proposed, and a secure data-access scheme is designed under this model, which can not only prevent the leakage of critical data but also realize lightweight access control. Moreover, to improve the decryption efficiency of the data user, an outsourcing-based data decryption scheme is also studied, in which the complex calculations are completed by the data user agency. The experiments show that when the number of attributes is 60, the computation cost of the proposed scheme is 0.404 s, which is much lower than the existing research, and is more suitable for the UAV swarm with limited computing power. Moreover, the communication cost of the proposed scheme is reduced by about 30% compared with the existing scheme under the same conditions. The security analysis also shows that the proposed scheme is secure and reliable, and can resist a variety of attacks such as collusion attacks, man-in-the-middle attacks, and forgery attacks. Full article

This paper presents an integrated chaos-based algorithm for image encryption that combines the chaotic Hénon map and chaotic logistic map (CLM) to enhance the security of digital image communication. The proposed method leverages chaos theory to generate cryptographic keys, utilizing a 1D key from the logistic map generator and a 2D key from the chaotic Hénon map generator. These chaotic maps produce highly unpredictable and complex keys essential for robust encryption. Extensive experiments demonstrate the algorithm’s resilience against various attacks, including chosen-plaintext, noise, clipping, occlusion, and known-plaintext attacks. Performance evaluation in terms of encryption time, throughput, and image quality metrics validates the effectiveness of the proposed integrated approach. The results indicate that the chaotic Hénon–logistic map integration provides a powerful and secure method for safeguarding digital images during transmission and storage with a key space that reaches up to $2^{200}$. Moreover, the algorithm has potential applications in secure image sharing, cloud storage, and digital forensics, inspiring new possibilities. Full article

The advancement of Internet of Things (IoT), robots, drones, and vehicles signifies ongoing progress, accompanied by increasing complexities and challenges in forensic investigations. Globally, investigators encounter obstacles when extracting evidence from these vast landscapes, which include diverse devices, networks, and cloud environments. Of particular concern is the process of evidence collection, especially regarding fingerprints and facial recognition within the realm of vehicle forensics. Moreover, ensuring the integrity of forensic evidence is a critical issue, as it is vulnerable to attacks targeting data centres and server farms. Mitigating these challenges, along with addressing evidence mobility, presents additional complexities. This paper introduces a groundbreaking infrastructure known as SpiderNet, which is based on cloud computing principles. We will illustrate how this architecture facilitates the identification of devices, secures the integrity of evidence both at its source and during transit, and enables investigations into individuals involved in criminal activities. Through case studies, we will demonstrate the potential of SpiderNet to assist law enforcement agencies in addressing crimes perpetrated within IoT environments. Full article

This study presents a novel encryption method for RGB (Red–Green–Blue) color images that combines scrambling techniques with the logistic map equation. In this method, image scrambling serves as a reversible transformation, rendering the image unintelligible to unauthorized users and thus enhancing security against potential attacks. The proposed encryption scheme, called Bit-Plane Representation of Quantum Images (BRQI), utilizes quantum operations in conjunction with a one-dimensional chaotic system to increase encryption efficiency. The encryption algorithm operates in two phases: first, the quantum image undergoes scrambling through bit-plane manipulation, and second, the scrambled image is mixed with a key image generated using the logistic map. To assess the performance of the algorithm, simulations and analyses were conducted, evaluating parameters such as entropy (a measure of disorder) and correlation coefficients to confirm the effectiveness and robustness of this algorithm in safeguarding and encoding color images. The results show that the proposed quantum color image encryption algorithm surpasses classical methods in terms of security, robustness, and computational complexity. Full article

Smart power grids (SGs) enhance efficiency, reliability, and sustainability by integrating distributed energy resources (DERs) such as solar panels and wind turbines. A key challenge in SGs is managing home battery charging during periods of insufficient renewable energy generation to ensure fairness, efficiency, and customer satisfaction. This paper introduces a secure reinforcement learning (RL)-based framework for optimizing battery charging coordination while addressing privacy concerns and false data injection (FDI) attacks. Privacy is preserved through Federated Learning (FL), enabling collaborative model training without sharing sensitive State of Charge (SoC) data that could reveal personal routines. To combat FDI attacks, Deep Learning (DL)-based detectors are deployed to identify malicious SoC data manipulation. To improve FL efficiency, the Change and Transmit (CAT) technique reduces communication overhead by transmitting only model parameters that experience enough change comparing to the last round. Extensive experiments validate the framework’s efficacy. The RL-based charging coordinator ensures fairness by maintaining SoC levels within thresholds and reduces overall power utilization through optimal grid power allocation. The CAT-FL approach achieves up to 93.5% communication overhead reduction, while DL-based detectors maintain high accuracy, with supervised models reaching 99.84% and anomaly detection models achieving 92.1%. Moreover, the RL agent trained via FL demonstrates strong generalization, achieving high cumulative rewards and equitable power allocation when applied to new data owners which did not participate in FL training. This framework provides a scalable, privacy-preserving, and efficient solution for energy management in SGs, offering high accuracy against FDI attacks and paving the way for the future of smart grid deployments. Full article

Internet of Medical Things (IoMT) technology has emerged from the introduction of the Internet of Things in the healthcare sector. However, the resource-constrained characteristics and heterogeneity of IoMT networks make these networks susceptible to various types of threats. Thus, it is necessary to develop novel security solutions (e.g., efficient and accurate Anomaly-based Intrusion Detection Systems), considering the inherent limitations of IoMT networks, before these networks reach their full potential in the market. In this paper, we propose an AIDS specifically designed for resource-constrained devices within IoMT networks. The proposed lightweight AIDS leverages novelty detection and outlier detection algorithms instead of conventional classification algorithms to achieve (a) enhanced detection performance against both known and unknown attack patterns and (b) minimal computational costs. Full article

This review explores the current state of public key cryptography based on idempotent semirings, with an emphasis on tropical semirings. It examines key hard problems, such as the tropical discrete logarithm problem, semidirect tropical product problem, the factorization of tropical polynomials, and the matrix power function, that underpin the security of these protocols. Given the significant number of compromised protocols based on tropical semirings, most of which are variations of the Stickel protocol, we present three algorithms and classify schemes of this type. The analysis is further illustrated with a figure that maps the relationships between tropical Stickel’s-like protocols and the attacks targeting them. Additionally, the review provides an in-depth exploration of the vulnerabilities that have led to many tropical semiring-based cryptosystems being compromised. To address these challenges, the review highlights promising alternative approaches, including non-tropical idempotent platforms and non-idempotent options, such as supertropical semirings, which offer potential solutions to overcome known limitations. Furthermore, a discussion on the interplay between tropical cryptography and post-quantum cryptography is presented, raising the following question: what is the future of tropical cryptography? Full article

The Advanced Message Queuing Protocol (AMQP) is a widely used communication standard in IoT systems due to its robust and reliable message delivery capabilities. However, its increasing adoption has made it a target for various cyber threats, including Distributed Denial of Service (DDoS), Man-in-the-Middle (MitM), and brute force attacks. This study presents a comprehensive analysis of AMQP-specific vulnerabilities and introduces a statistical model for the detection and classification of malicious activities in IoT networks. Leveraging a custom-designed IoT testbed, realistic attack scenarios were simulated, and a dataset encompassing normal, malicious, and mixed traffic was generated. Unique attack signatures were identified and validated through repeated experiments, forming the foundation of a signature-based detection mechanism tailored for AMQP networks. The proposed model demonstrated high accuracy in detecting and classifying attack-specific traffic while maintaining a low false positive rate for benign traffic. Notable results include effective detection of RST packets in DDoS scenarios, precise classification of MitM attack patterns, and identification of brute force attempts on AMQP systems. This research highlights the efficacy of signature-based approaches in enhancing IoT security and offers a benchmark for future machine learning-driven detection systems. By addressing AMQP-specific challenges, the study contributes to the development of resilient and secure IoT ecosystems. Full article

This study focuses on Digital Twin-integrated smart energy systems, which serve as an example of Next-Generation Critical Infrastructures (CI). The resilience of these systems is influenced by a variety of internal features and external interactions, all of which are subject to change following cyber-physical disturbances. This necessitates real-time resilience monitoring for CI during crises; however, a significant gap remains in resilience monitoring. To address this gap, this study leverages the role of Internet of Things (IoT) in monitoring complex systems to enhance resilience through critical indicators relevant to cyber-physical safety and security. The study empirically implements Resilience-Key Performance Indicators (R-KPIs) from the domain, including Functionality Loss, Minimum Performance, and Recovery Time Duration. The main goal is to examine real-time IoT-based resilience monitoring in a real-life context. A cyber-physical system equipped with IoT-driven Digital Twins, data-driven microservices, and a False Data Injection Attack (FDIA) scenario is simulated to assess the real-time resilience of this smart system. The results demonstrate that real-time resilience monitoring provides actionable insights into resilience performance based on the selected R-KPIs. These findings contribute to a systematic and reusable model for enhancing the resilience of IoT-enabled CI, advancing efforts to ensure service continuity and secure essential services for society. Full article

With the continuous development of information technology, network security risks are also rising, and the ability to quickly perceive network threats has become an important prerequisite and an important means to cope with network risks. Currently, there are various types of network attacks and complex attacking techniques, and the large differences between them have led to the difficulty of collecting and recognizing the common characteristics of network attacks. Considering the regular temporal fluctuations in network attacks, a method for network security situational awareness, based on an enhanced Particle Swarm Optimization Bidirectional Long Short-Term Memory (BiLSTM) network model, is proposed. By gathering and organizing critical information within the network, an encapsulated Wrapper feature selection algorithm is utilized for the extraction of element features. The refined Particle Swarm Optimization algorithm is applied to optimize the parameters of the BiLSTM network, enabling a rapid convergence and enhancing the training efficiency, thus effectively identifying the categories of network attacks. The experimental results show that the MAPE for the proposed model has been diminished to 0.36%, while the sMAPE is 2.654%. Additionally, the fitting coefficient attains a value of 0.92. This indicates a high level of recognition and precision exhibited by the proposed model in detecting network security risk behaviors. Furthermore, in contrast to the traditional CNN neural network, the proposed model is more compact, which significantly reduces the computational overhead and allows for efficient network security situational awareness. Full article

With more China railway business information systems migrating to the China Railway Cloud Center (CRCC), the attack surface is expanding and there are increasing security threats for the CRCC to deal with. Cyber Mimic Defense (CMD) technology, as an active defense strategy, can counter these threats by constructing a Dynamic Heterogeneous Redundancy (DHR) architecture. However, there are at least two challenges posed to the DHR deployment, namely, the limited number of available schedulable heterogeneous resources and memorization-based attacks. This paper aims to address these two challenges to improve the CRCC-DHR reliability and then facilitate the DHR deployment. By reliability, we mean that the CRCC-DHR with the limited number of available heterogeneous resources can effectively resist memorization-based attacks. We first propose three metrics for assessing the reliability of the CRCC-DHR architecture. Then, we propose an incomplete-information-based game model to capture the relationships between attackers and defenders. Finally, based on the proposed metrics and the captured relationship, we propose a redundant-heterogeneous-resources scheduling algorithm, called the Entropy Weight Scheduling Algorithm (REWS). We evaluate the capability of REWS with the three existing algorithms through simulations. The results show that REWS can achieve a better reliability than the other algorithms. In addition, REWS demonstrates a lower time complexity compared with the existing algorithms. Full article