A survey on security attacks and defense techniques for connected and autonomous vehicles
Autonomous Vehicle has been transforming intelligent transportation systems. As telecommunication technology improves, autonomous vehicles are getting connected to each other and to infrastructures, forming Connected and Autonomous ...
Discovering features for detecting malicious websites: An empirical study
Website features and characteristics have shown the ability to detect various web threats – phishing, drive-by downloads, and command and control (C2). Prior research has thoroughly explored the practice of choosing features ahead of ...
Machine learning based deep job exploration and secure transactions in virtual private cloud systems
- S. Rajasoundaran,
- A.V. Prabu,
- Sidheswar Routray,
- S.V.N. Santhosh Kumar,
- Prince Priya Malla,
- Suman Maloji,
- Amrit Mukherjee,
- Uttam Ghosh
Virtual Private Cloud (VPC) is an emerging cloud environment used to provide more secure data communication. VPC provides authentic communication channel for secure communication between the cloud participants. The cloud jobs and the ...
A principlist framework for cybersecurity ethics
The ethical issues raised by cybersecurity practices and technologies are of critical importance. However, there is disagreement about what is the best ethical framework for understanding those issues. In this paper we seek to address ...
Quantitative Security Risk Modeling and Analysis with RisQFLan
Domain-specific quantitative modeling and analysis approaches are fundamental in scenarios in which qualitative approaches are inappropriate or unfeasible. In this paper, we present a tool-supported approach to quantitative graph-based ...
A Differentially private hybrid decomposition algorithm based on quad-tree
Nowadays, spatial data provides users with more convenient services because of its wide application scenarios and rich content. At the same time, the collection and release of spatial data also bring risks of privacy disclosure. In ...
A review of amplification-based distributed denial of service attacks and their mitigation
The rise of Distributed Denial of Service (DDoS) attacks have been steady in terms of the frequency and the impact of the attack. Traditionally, the attackers required control of a huge amount of resources to launch an attack. This has ...
Avaddon ransomware: An in-depth analysis and decryption of infected systems
Malware is an emerging and popular threat flourishing in the underground economy. The commoditization of Malware-as-a-Service (MaaS) allows criminals to obtain financial benefits at a low risk and with little technical background. One ...
Digestive neural networks: A novel defense strategy against inference attacks in federated learning
Federated Learning (FL) is an efficient and secure machine learning technique designed for decentralized computing systems such as fog and edge computing. Its learning process employs frequent communications as the participating local ...
An enhanced handover authentication solution for 6LoWPAN networks
The rapidly increasing scale of the Internet Protocol version 6 (IPv6) over Low Power Wireless Personal Area Networks (6LoWPAN) and the limitation of communication range emphasized the importance of handovers. The Proxy Mobile IPv6 (...
Android malware detection via an app similarity graph
Due to the ever-increasing number of Android applications and constant advances in software development techniques, there is a need for scalable and flexible malware detectors that can efficiently address big data challenges. Motivated ...
DIGFuPAS: Deceive IDS with GAN and function-preserving on adversarial samples in SDN-enabled networks
Showing a great potential in various domains, machine learning techniques are more and more used in the task of malicious network traffic detection to significantly enhance the ability of intrusion detection system (IDS). When ...
Malware detection on windows audit logs using LSTMs
Malware is a constant threat and is continuously evolving. Security systems try to keep up with the constant change. One challenge that arises is the large amount of logs generated on an operating system and the need to clarify which ...
Developing a cyber security culture: Current practices and future needs
- A systematic review of the last ten years of research on security culture.
- Top ...
While the creation of a strong security culture has been researched and discussed for decades, it continues to elude many businesses. Part of the challenge faced is distilling pertinent, recent academic findings and research into ...
TZMon: Improving mobile game security with ARM trustzone
As the game industry is moving from PC to smartphone platforms, security problems related to mobile games are becoming critical. Considering the characteristics of mobile games such as having short life-cycles and high communication ...
Semi-supervised recommendation attack detection based on Co-Forest
- A feature extraction method based on window dividing and rating behavior statistical methods is proposed to extract a series of features for training the ...
In recommendation attack, malicious users attempt to bias the recommendation results by injecting fake profiles into the rating database. To detect such attack, three types of methods, i.e., unsupervised, supervised and semi-supervised,...
The good, the bad and the missing: A Narrative review of cyber-security implications for australian small businesses
Small businesses (0–19 employees) are becoming attractive targets for cyber-criminals, but struggle to implement cyber-security measures that large businesses routinely deploy. There is an urgent need for effective and suitable cyber-...
Integration of federated machine learning and blockchain for the provision of secure big data analytics for Internet of Things
- Devrim Unal,
- Mohammad Hammoudeh,
- Muhammad Asif Khan,
- Abdelrahman Abuarqoub,
- Gregory Epiphaniou,
- Ridha Hamila
Big data enables the optimization of complex supply chains through Machine Learning (ML)-based data analytics. However, data analytics comes with challenges such as the loss of control and privacy leading to increased risk of data ...
Security analysis of SDN controller-based DHCP services and attack mitigation with DHCPguard
Software defined networking (SDN) presents opportunities for improving network management, mainly thanks to the centralized controller separated from forwarding devices. On the other hand, security in SDN is a complicated issue: SDN ...
Exploring stewardship: A precursor to voluntary security behaviors
The security of organizations’ information resources is often threatened by employee non-compliance to security policy or negligence. Though technical and procedural controls for curtailing security violations and motivating secure ...
Riemannian manifold on stream data: Fourier transform and entropy-based DDoS attacks detection method
- DDoS attack detection.
- Network Traffic Data.
The means to achieve DDoS (distributed denial of service) attacks are becoming increasingly automated and diverse. A problem that automated attack tools cannot address, at least for now, is the inevitable repetitive or periodic nature ...
Vulnerabilities in Android webview objects: Still not the end!
WebView objects allow Android apps to render web content in the app context. More specifically, in Android hybrid apps (i.e., those having both Android code and web code) the web content can interact with the underlying Android ...
Impact of comprehensive information security awareness and cognitive characteristics on security incident management – an empirical study
Organizations deploy a team of dedicated security professionals and spend significant resources safeguarding their digital assets. Despite best efforts, security incidents are on the rise and remain a key challenge. The literature has ...
Information security management in ICT and non-ICT sector companies: A preventive innovation perspective
Despite the growing dependence of companies on information technology and the increasingly negative impact of security incidents worldwide, there is little research on the management of information security at the company level. This ...
Rationality constraints in cyber defense: Incident handling, attribution and cyber threat intelligence
In this paper I develop a model for the application of rationality constraints in cyber incident handling, attribution and threat intelligence. The basic idea of this paper is that handling, analysis and attribution involves ‘epistemic ...
A novel framework for image-based malware detection with a deep neural network
The rapid growth in the number of malware and its variants has seriously affected the security of the Internet. In recent years, deep learning combined with visualization technology has been proven to have good results in malware ...
Facing airborne attacks on ADS-B data with autoencoders
The automatic dependent surveillance-broadcast (ADS-B) represents a major change in flight tracking and it is one of the key components in building the next generation of air transportation systems. However, several concerns have been ...
The Agile Incident Response for Industrial Control Systems (AIR4ICS) framework
Cyber incident response within Industrial Control Systems (ICS) is characterised by high levels of uncertainty and unpredictability and requires a multi-disciplined team that encompasses personnel business operations, Operational ...
A framework for ID fraud prevention policies in E-tailing sector
Identity fraud could lead to loss of revenue, causes operational problems to e-tailers and damages the firm's reputation. Most research in this domain focuses on the security technologies or system users’ security compliance related ...