AUTHOR TITLE JOURNAL LANGUANGE DOCTYPE KEYWORDS ABSTRACT

AFFILIATION EMAIL DOI PUBYEAR PUBVOL PUBISSUE FPAGE LPAGE

ARTNUMBER PAGENUM
Ebad, Shouki; Darem, Abdulbasit Exploring Android Obfuscators and
Deobfuscators: An Empirical Investigation Electronics EN Review software
obfuscation; tools; malware detection; Android; drawbacks Researchers have
proposed different obfuscation transformations supported by numerous smartphone
protection tools (obfuscators and deobfuscators). However, there is a need for a
comprehensive study to empirically characterize these tools that belong to
different categories of transformations. We propose a property-based framework to
systematically classify twenty cutting-edge tools according to their features,
analysis type, programming language support, licensing, applied obfuscation
transformations, and general technical drawbacks. Our analysis predominantly
reveals that very few tools work at the dynamic level, and most tools (which are
static-based) work for Java or Java-based ecosystems (e.g., Android). The findings
also show that the widespread adoption of renaming transformations is followed by
formatting and code injection. In addition, this paper pinpoints the technical
shortcomings of each tool; some of these drawbacks are common in static-based
analyzers (e.g., resource consumption), and other drawbacks have negative effects
on the experiment conducted by students (e.g., a third-party library involved).
According to these critical limitations, we provide some timely recommendations for
further research. This study can assist not only Android developers and researchers
to improve the overall health of their apps but also the managers of computer
science and cybersecurity academic programs to embed suitable obfuscation tools in
their curricula. Department of Computer Science, Faculty of Science, Northern
Border University, Arar 91431, Saudi Arabia shouki.abbad@nbu.edu.sa;
basit.darem@nbu.edu.sa 10.3390/electronics13122272 2024 13 12 - -
2272 -
Dini, Pierpaolo; Diana, Lorenzo; Elhanashi, Abdussalam; Saponara, Sergio
Overview of AI-Models and Tools in Embedded IIoT Applications Electronics
EN Review artificial intelligence; machine learning; deep learning;
computer vision; industrial internet of things; embedded systems; embedded devices;
SW/HW tools for AI; embedded ML; TinyML; embedded low-powerThe integration of
Artificial Intelligence (AI) models in Industrial Internet of Things (IIoT) systems
has emerged as a pivotal area of research, offering unprecedented opportunities for
optimizing industrial processes and enhancing operational efficiency. This article
presents a comprehensive review of state-of-the-art AI models applied in IIoT
contexts, with a focus on their utilization for fault prediction, process
optimization, predictive maintenance, product quality control, cybersecurity, and
machine control. Additionally, we examine the software and hardware tools available
for integrating AI models into embedded platforms, encompassing solutions such as
Vitis AI v3.5, TensorFlow Lite Micro v2.14, STM32Cube.AI v9.0, and others, along
with their supported high-level frameworks and hardware devices. By delving into
both AI model applications and the tools facilitating their deployment on low-power
devices, this review provides a holistic understanding of AI-enabled IIoT systems
and their practical implications in industrial settings. Department of
Information Engineering, University of Pisa, Via G. Caruso 16, 56100 Pisa, Italy
pierpaolo.dini@ing.unipi.it; ldiana.res@libero.it;
abdussalam.elhanashi@ing.unipi.it; sergio.saponara@unipi.it
10.3390/electronics13122322 2024 13 12 - - 2322 -
Aloraini, Fatimah; Javed, Amir; Rana, Omer Adversarial Attacks on Intrusion
Detection Systems in In-Vehicle Networks of Connected and Autonomous Vehicles
Sensors EN Article adversarial machine learning; connected and
autonomous vehicle; controller area network; in-vehicle network; cybersecurity
Rapid advancements in connected and autonomous vehicles (CAVs) are fueled by
breakthroughs in machine learning, yet they encounter significant risks from
adversarial attacks. This study explores the vulnerabilities of machine learning-
based intrusion detection systems (IDSs) within in-vehicle networks (IVNs) to
adversarial attacks, shifting focus from the common research on manipulating CAV
perception models. Considering the relatively simple nature of IVN data, we assess
the susceptibility of IVN-based IDSs to manipulation—a crucial examination, as
adversarial attacks typically exploit complexity. We propose an adversarial attack
method using a substitute IDS trained with data from the onboard diagnostic port.
In conducting these attacks under black-box conditions while adhering to realistic
IVN traffic constraints, our method seeks to deceive the IDS into misclassifying
both normal-to-malicious and malicious-to-normal cases. Evaluations on two IDS
models—a baseline IDS and a state-of-the-art model, MTH-IDS—demonstrated
substantial vulnerability, decreasing the F1 scores from 95% to 38% and from 97% to
79%, respectively. Notably, inducing false alarms proved particularly effective as
an adversarial strategy, undermining user trust in the defense mechanism. Despite
the simplicity of IVN-based IDSs, our findings reveal critical vulnerabilities that
could threaten vehicle safety and necessitate careful consideration in the
development of IVN-based IDSs and in formulating responses to the IDSs’ alarms.
School of Computer Science and Informatics, Cardiff University, Cardiff CF10
3AT, UK alorainif@cardiff.ac.uk; javeda7@cardiff.ac.uk; ranaof@cardiff.ac.uk
10.3390/s24123848 2024 24 12 - - 3848 -
Hosseinzadeh, Salaheddin; Voutos, Dionysios; Barrie, Darren; Owoh, Nsikak; Ashawa,
Moses; Shahrabi, Alireza Design and Development Considerations of a Cyber
Physical Testbed for Operational Technology Research and Education Sensors
EN Article cyber-physical systems; industrial control systems;
critical infrastructures; testbed; cybersecurity education; IT/OT convergence;
single-board-computer (SBC) Cyber-physical systems (CPS) are vital in automating
complex tasks across various sectors, yet they face significant vulnerabilities due
to the rising threats of cybersecurity attacks. The recent surge in cyber-attacks
on critical infrastructure (CI) and industrial control systems (ICSs), with a 150%
increase in 2022 affecting over 150 industrial operations, underscores the urgent
need for advanced cybersecurity strategies and education. To meet this requirement,
we develop a specialised cyber-physical testbed (CPT) tailored for transportation
CI, featuring a simplified yet effective automated level-crossing system. This
hybrid CPT serves as a cost-effective, high-fidelity, and safe platform to
facilitate cybersecurity education and research. High-fidelity networking and low-
cost development are achieved by emulating the essential ICS components using
single-board computers (SBC) and open-source solutions. The physical implementation
of an automated level-crossing visualised the tangible consequences on real-world
systems while emphasising their potential impact. The meticulous selection of
sensors enhances the CPT, allowing for the demonstration of analogue transduction
attacks on this physical implementation. Incorporating wireless access points into
the CPT facilitates multi-user engagement and an infrared remote control
streamlines the reinitialization effort and time after an attack. The SBCs
overwhelm as traffic surges to 12 Mbps, demonstrating the consequences of denial-
of-service attacks. Overall, the design offers a cost-effective, open-source, and
modular solution that is simple to maintain, provides ample challenges for users,
and supports future expansion. Cyber Security and Networks, School of
Computing, Engineering and Built Environment (SCEBE), Glasgow Caledonian
University, Glasgow G4 0BA, UK salaheddin.hosseinzadeh@gcu.ac.uk;
dvouto200@caledonian.ac.uk; dbarri300@caledonian.ac.uk; nsikak.owoh@gcu.ac.uk;
moses.ashawa@gcu.ac.uk; a.shahrabi@gcu.ac.uk 10.3390/s24123923 2024 24 12
- - 3923 -
Katrakazas, Panagiotis; Papastergiou, Spyros A Stakeholder Needs Analysis in
Cybersecurity: A Systemic Approach to Enhancing Digital Infrastructure Resilience
Businesses EN Article stakeholder needs; artificial intelligence;
cybersecurity; systemic approach; digital infrastructures The escalating
complexity and sophistication of cyber threats necessitate advanced solutions that
not only counteract these threats but also proactively adapt to the evolving needs
of diverse stakeholders involved in digital infrastructures, such as telecom
operators, cloud service providers, and end-users in sectors like healthcare and
finance. This research addresses a crucial gap by focusing on a systemic, AI-
powered approach to stakeholder needs analysis in cybersecurity. By aligning
closely with stakeholder requirements, the proposed framework aims to offer
dynamic, responsive cybersecurity solutions that enhance the resilience of digital
infrastructures against evolving cyber threats. This research systematically maps
the landscape of stakeholder needs in cybersecurity across different sectors
through qualitative methods like interviews and focus groups, supplemented by data
from the CyberSecDome project’s pilot cases and open calls. Requirements for an AI-
driven framework are then formulated based on these data to identify patterns and
predict stakeholder needs. The analysis reveals critical challenges faced by
stakeholders, including limited threat intelligence sharing, insufficient
automation in incident response, and regulatory hurdles related to data protection
laws and evolving cybersecurity legislation. There is a strong interest in
leveraging AI for enhanced intrusion detection, real-time threat intelligence
sharing, and privacy-preserving information exchange. Maggioli S.p.A. Greek Branch,
15124 Athens, Greece panagiotis.katrakazas@maggioli.gr;
spyros.papastergiou@maggioli.gr 10.3390/businesses4020015 2024 4 2
- - 15 -
Alazab, Moutaz; Alazab, Ammar Advances in Cybersecurity and Reliability Information
EN Editorial n/a In recent years, the significant increase in
financial and data losses impacting individuals and businesses has highlighted the
pressing need to tackle cybersecurity challenges in today’s digital environment
[...] Department of Intelligent Systems, Faculty of Artificial Intelligence, Al-
Balqa Applied University, Al-Salt 19385, Jordan m.alazab@bau.edu.jo;
ammar.alazab@torrens.edu.au 10.3390/info15060361 2024 15 6 - -
361 -
Baldini, Gianmarco Mitigation of Adversarial Attacks in 5G Networks with a
Robust Intrusion Detection System Based on Extremely Randomized Trees and Infinite
Feature Selection Electronics EN Article machine learning; 5G; intrusion
detection system; cybersecurity Intrusion Detection Systems (IDSs) are an
important tool to mitigate cybersecurity threats in the ICT infrastructures.
Preferable properties of the IDSs are the optimization of the attack detection
accuracy and the minimization of the computing resources and time. A signification
portion of IDSs presented in the research literature is based on Machine Learning
(ML) and Deep Learning (DL) elements, but they may be prone to adversarial attacks,
which may undermine the overall performance of the IDS algorithm. This paper
proposes a novel IDS focused on the detection of cybersecurity attacks in 5G
networks, which addresses in a simple but effective way two specific adversarial
attacks: (1) tampering of the labeled set used to train the ML algorithm, (2)
modification of the features in the training data set. The approach is based on the
combination of two algorithms, which have been introduced recently in the research
literature. The first algorithm is the Extremely Randomized Tree (ERT) algorithm,
which enhances the capability of Decision Tree (DT) and Random Forest (RF)
algorithms to perform classification in data sets, which are unbalanced and of
large size as IDS data sets usually are (legitimate traffic messages are more
numerous than attack related messages). The second algorithm is the recently
introduced Infinite Feature Selection algorithm, which is used to optimize the
choice of the hyper-parameter defined in the approach and improve the overall
computing efficiency. The result of the application of the proposed approach on a
recently published 5G IDS data set proves its robustness against adversarial
attacks with different degrees of severity calculated as the percentage of the
tampered data set samples. Joint Research Centre, European Commission, 21027
Ispra, Italy gianmarco.baldini@ec.europa.eu 10.3390/electronics13122405
2024 13 12 - - 2405 -
Elfaki, Abdelrahman; Messoudi, Wassim; Bushnag, Anas; Abuzneid, Shakour; Alhmiedat,
Tareq Constraint Optimization Model for Dynamic Parking Space Allocation
Sensors EN Article parking management system; dynamic parking
space allocation; constraint optimization model Managing car parking systems is a
complex process because multiple constraints must be considered; these include
organizational and operational constraints. In this paper, a constraint
optimization model for dynamic parking space allocation is introduced. An ad hoc
algorithm is proposed, presented, and explained to achieve the goal of our proposed
model. This paper makes research contributions by providing an intelligent
prioritization mechanism, considering user schedule shifts and parking constraints,
and assigning suitable parking slots based on a dynamic distribution. The proposed
model is implemented to demonstrate the applicability of our approach. A benchmark
is constructed based on well-defined metrics to validate our proposed model and the
results achieved. Faculty of Computers & Information Technology, University of
Tabuk, Tabuk 47512, Saudi Arabia a.elfaki@ut.edu.sa; w.messoudi@ut.edu.sa;
abushnag@ut.edu.sa; sabuzneid@rwu.edu; t.alhmiedat@ut.edu.sa 10.3390/s24123988
2024 24 12 - - 3988 -
Byun, Hyeonsu; Kim, Jueun; Jeong, Yunseok; Seok, Byoungjin; Gong, Seonghyeon; Lee,
Changhoon A Security Analysis of Cryptocurrency Wallets against Password Brute-
Force Attacks Electronics EN Article cryptocurrency; cryptocurrency
wallet; crypto wallet; Sparrow; Etherwall; Bither; security analysis; brute-force;
password Currently, the monetary value of cryptocurrencies is extremely high,
leading to frequent theft attempts. Cyberattacks targeting cryptocurrency wallets
and the scale of these attacks are also increasing annually. However, many studies
focus on large-scale exchanges, leading to a lack of research on cryptocurrency
wallet security. Nevertheless, the threat to individual wallets is real and can
lead to severe consequences for individuals. In this paper, we analyze the security
of the open-source cryptocurrency wallets Sparrow, Etherwall, and Bither against
brute-force attacks, a fundamental threat in password-based systems. As
cryptocurrency wallets use passwords to manage users’ private keys, we analyzed the
private key management mechanism and implemented a password verification oracle. We
used this oracle for brute-force attacks. We identified the private key management
mechanism by conducting a code-level investigation and evaluated the three wallets’
security through practical experimentation. The experiment results revealed that
the wallets’ security, which depends on passwords, could be diminished due to the
password input space and the configuration of password length settings. We propose
a general methodology for analyzing the security of desktop cryptocurrency wallets
against brute-force attacks and provide practical guidelines for designing secure
wallets. By using the analysis methods suggested in this paper, one can evaluate
the security of wallets. Department of Computer Science and Engineering, Seoul
National University of Science and Technology, Seoul 01811, Republic of Korea
bhsu828@seoultech.ac.kr; jueunk0104@gmail.com; tjr6613@seoultech.ac.kr;
bjseok@korea.ac.kr; sgong3@iit.edu; chlee@seoultech.ac.kr
10.3390/electronics13132433 2024 13 13 - - 2433 -
Lanka, Phani; Gupta, Khushi; Varol, Cihan Intelligent Threat Detection—AI-Driven
Analysis of Honeypot Data to Counter Cyber Threats Electronics EN Article
honeypots; computer security; cyberattack; data security; machine learning
Security adversaries are rampant on the Internet, constantly seeking
vulnerabilities to exploit. The sheer proliferation of these sophisticated threats
necessitates innovative and swift defensive measures to protect the vulnerable
infrastructure. Tools such as honeypots effectively determine adversary behavior
and safeguard critical organizational systems. However, it takes a significant
amount of time to analyze these attacks on the honeypots, and by the time
actionable intelligence is gathered from the attacker’s tactics, techniques, and
procedures (TTPs), it is often too late to prevent potential damage to the
organization’s critical systems. This paper contributes to the advancement of
cybersecurity practices by presenting a cutting-edge methodology, capitalizing on
the synergy between artificial intelligence and threat analysis to combat evolving
cyber threats. The current research articulates a novel strategy, outlining a
method to analyze large volumes of attacker data from honeypots utilizing large
language models (LLMs) to assimilate TTPs and apply this knowledge to identify
real-time anomalies in regular user activity. The effectiveness of this model is
tested in real-world scenarios, demonstrating a notable reduction in response time
for detecting malicious activities in critical infrastructure. Moreover, we delve
into the proposed framework’s practical implementation considerations and
scalability, underscoring its adaptability in diverse organizational contexts.
 Department of Computer Science, Sam Houston State University, Huntsville, TX
77340, USA pklanka@shsu.edu; kxg095@shsu.edu; cxv007@shsu.edu
10.3390/electronics13132465 2024 13 13 - - 2465 -
Shi, Tongxin; McCann, Roy; Huang, Ying; Wang, Wei; Kong, Jun Malware Detection
for Internet of Things Using One-Class Classification Sensors EN Article
malware detection; anomaly detection; autoencoder; one-class classification
The increasing usage of interconnected devices within the Internet of Things
(IoT) and Industrial IoT (IIoT) has significantly enhanced efficiency and utility
in both personal and industrial settings but also heightened cybersecurity
vulnerabilities, particularly through IoT malware. This paper explores the use of
one-class classification, a method of unsupervised learning, which is especially
suitable for unlabeled data, dynamic environments, and malware detection, which is
a form of anomaly detection. We introduce the TF-IDF method for transforming
nominal features into numerical formats that avoid information loss and manage
dimensionality effectively, which is crucial for enhancing pattern recognition when
combined with n-grams. Furthermore, we compare the performance of multi-class vs.
one-class classification models, including Isolation Forest and deep autoencoder,
that are trained with both benign and malicious NetFlow samples vs. trained
exclusively on benign NetFlow samples. We achieve 100% recall with precision rates
above 80% and 90% across various test datasets using one-class classification.
These models show the adaptability of unsupervised learning, especially one-class
classification, to the evolving malware threats in the IoT domain, offering
insights into enhancing IoT security frameworks and suggesting directions for
future research in this critical area. Department of Computer Science, North
Dakota State University, Fargo, ND 58102, USA tongxin.shi@ndsu.edu;
rmccann@uark.edu; ying.huang@ndsu.edu; wei.wang.7@ndsu.edu; jun.kong@ndsu.edu
10.3390/s24134122 2024 24 13 - - 4122 -
Ullah, Farhan; Turab, Ali; Ullah, Shamsher; Cacciagrano, Diletta; Zhao, Yue
Enhanced Network Intrusion Detection System for Internet of Things Security
Using Multimodal Big Data Representation with Transfer Learning and Game Theory
Sensors EN Article intrusion detection system; big data; transfer
learning; game theory; network traffic; cybersecurity Internet of Things (IoT)
applications and resources are highly vulnerable to flood attacks, including
Distributed Denial of Service (DDoS) attacks. These attacks overwhelm the targeted
device with numerous network packets, making its resources inaccessible to
authorized users. Such attacks may comprise attack references, attack types, sub-
categories, host information, malicious scripts, etc. These details assist security
professionals in identifying weaknesses, tailoring defense measures, and responding
rapidly to possible threats, thereby improving the overall security posture of IoT
devices. Developing an intelligent Intrusion Detection System (IDS) is highly
complex due to its numerous network features. This study presents an improved IDS
for IoT security that employs multimodal big data representation and transfer
learning. First, the Packet Capture (PCAP) files are crawled to retrieve the
necessary attacks and bytes. Second, Spark-based big data optimization algorithms
handle huge volumes of data. Second, a transfer learning approach such as word2vec
retrieves semantically-based observed features. Third, an algorithm is developed to
convert network bytes into images, and texture features are extracted by
configuring an attention-based Residual Network (ResNet). Finally, the trained text
and texture features are combined and used as multimodal features to classify
various attacks. The proposed method is thoroughly evaluated on three widely used
IoT-based datasets: CIC-IoT 2022, CIC-IoT 2023, and Edge-IIoT. The proposed method
achieves excellent classification performance, with an accuracy of 98.2%. In
addition, we present a game theory-based process to validate the proposed approach
formally. School of Software, Northwestern Polytechnical University, Xian 710072,
China farhankhan.cs@yahoo.com; aliturab@nwpu.edu.cn; shamsher@szu.edu.cn;
diletta.cacciagrano@unicam.it; yuezhao@kean.edu 10.3390/s24134152 2024 24 13
- - 4152 -
Kováč, Peter; Jackuliak, Peter; Bražinová, Alexandra; Varga, Ivan; Aláč, Michal;
Smatana, Martin; Lovich, Dušan; Thurzo, Andrej Artificial Intelligence-Driven
Facial Image Analysis for the Early Detection of Rare Diseases: Legal, Ethical,
Forensic, and Cybersecurity Considerations AI EN Review artificial
intelligence; cybersecurity; forensics; big data; genetic diseases; genetic
privacy; early diagnosis; ethical considerations; facial recognition;
interdisciplinary; digital resilience This narrative review explores the
potential, complexities, and consequences of using artificial intelligence (AI) to
screen large government-held facial image databases for the early detection of rare
genetic diseases. Government-held facial image databases, combined with the power
of artificial intelligence, offer the potential to revolutionize the early
diagnosis of rare genetic diseases. AI-powered phenotyping, as exemplified by the
Face2Gene app, enables highly accurate genetic assessments from simple photographs.
This and similar breakthrough technologies raise significant privacy and ethical
concerns about potential government overreach augmented with the power of AI. This
paper explores the concept, methods, and legal complexities of AI-based phenotyping
within the EU. It highlights the transformative potential of such tools for public
health while emphasizing the critical need to balance innovation with the
protection of individual privacy and ethical boundaries. This comprehensive
overview underscores the urgent need to develop robust safeguards around individual
rights while responsibly utilizing AI’s potential for improved healthcare outcomes,
including within a forensic context. Furthermore, the intersection of AI and
sensitive genetic data necessitates proactive cybersecurity measures. Current and
future developments must focus on securing AI models against attacks, ensuring data
integrity, and safeguarding the privacy of individuals within this technological
landscape. Institute of Forensic Medicine, Faculty of Medicine, Comenius
University in Bratislava, Sasinkova 4, 81108 Bratislava, Slovakia
kovac5@uniba.sk; peter.jackuliak@fmed.uniba.sk;
alexandra.brazinova@fmed.uniba.sk; ivan.varga@fmed.uniba.sk; michal.alac@truni.sk;
mar.smatana@gmail.com; dusan.lovich@paneurouni.com; thurzo3@uniba.sk
10.3390/ai5030049 2024 5 3 - - 49 -
Ahmad, Usman; Han, Mu; Mahmood, Shahid Enhancing Security in Connected and
Autonomous Vehicles: A Pairing Approach and Machine Learning Integration
Applied Sciences EN Article connected and autonomous vehicles (CAVs);
cybersecurity; machine learning; support vector machine (SVM); TinyML;
authentication; intelligent transportation systems (ITS) The automotive sector
faces escalating security risks due to advances in wireless communication
technology. Expanding on our previous research using a sensor pairing technique and
machine learning models to evaluate IoT sensor data reliability, this study
broadens its scope to address security concerns in Connected and Autonomous
Vehicles (CAVs). The objectives of this research include identifying and mitigating
specific security vulnerabilities related to CAVs, thereby establishing a
comprehensive understanding of the risks these vehicles face. Additionally, our
study introduces two innovative pairing approaches. The first approach focuses on
pairing Electronic Control Units (ECUs) within individual vehicles, while the
second extends to pairing entire vehicles, termed as vehicle pairing. Rigorous
preprocessing of the dataset was carried out to ensure its readiness for subsequent
model training. Leveraging Support Vector Machine (SVM) and TinyML methods for data
validation and attack detection, we have been able to achieve an impressive
accuracy rate of 97.2%. The proposed security approach notably contributes to the
security of CAVs against potential cyber threats. The experimental setup
demonstrates the practical application and effectiveness of TinyML in embedded
systems within CAVs. Importantly, our proposed solution ensures that these security
enhancements do not impose additional memory or network loads on the ECUs. This is
accomplished by delegating the intensive cross-validation to the central module or
Roadside Units (RSUs). This novel approach not only contributes to mitigating
various security loopholes, but paves the way for scalable, efficient solutions for
resource-constrained automotive systems. School of Computer Science and
Communication Engineering, Jiangsu University, Zhenjiang 212013, China
usman715@gmail.com; hanmu@ujs.edu.cn; mahmood@fev.com 10.3390/app14135648
2024 14 13 - - 5648 -
Stamatopoulos, Dionysios; Katsantonis, Menelaos; Fouliras, Panagiotis; Mavridis,
Ioannis Exploring the Architectural Composition of Cyber Ranges: A Systematic
Review Future Internet EN Systematic Review cyber ranges; systematic
review; cyber–physical systems; information technology networking systems In
light of the ever-increasing complexity of cyber–physical systems (CPSs) and
information technology networking systems (ITNs), cyber ranges (CRs) have emerged
as a promising solution by providing theoretical and practical cybersecurity
knowledge for participants’ skill improvement toward a safe work environment. This
research adds to the extant respective literature, exploring the architectural
composition of CRs. It aims to improve the understanding of their design and how
they are deployed, expanding skill levels in constructing better CRs. Our research
follows the PRISMA methodology guidelines for transparency, which includes a search
flow of articles based on specific criteria and quality valuation of selected
articles. To extract valuable research datasets, we identify keyword co-occurrences
that selected articles are concentrated on. In the context of literature evidence,
we identify key attributes and trends, providing details of CRs concerning their
architectural composition and underlying infrastructure, along with today’s
challenges and future research directions. A total of 102 research articles’
qualitative analyses reveal a lack of adequate architecture examination when CR
elements and services interoperate with other CR elements and services
participating, leading to gaps that increase the administration burden. We posit
that the results of this study can be leveraged as a baseline for future
enhancements toward the development of CRs. Department of Applied Informatics,
University of Macedonia, 546 36 Thessaloniki, Greece diostam@uom.edu.gr;
mkatsantonis@uom.edu.gr; pfoul@uom.edu.gr; mavridis@uom.edu.gr 10.3390/fi16070231
2024 16 7 - - 231 -
Shatnawi, Mo’ath; Bani Younes, Maram An Enhanced Model for Detecting and
Classifying Emergency Vehicles Using a Generative Adversarial Network (GAN)
Vehicles EN Article autonomous vehicle; machine learning; emergency
vehicle; GANs; CNN; object detection The rise in autonomous vehicles further
impacts road networks and driving conditions over the road networks. Cameras and
sensors allow these vehicles to gather the characteristics of their surrounding
traffic. One crucial factor in this environment is the appearance of emergency
vehicles, which require special rules and priorities. Machine learning and deep
learning techniques are used to develop intelligent models for detecting emergency
vehicles from images. Vehicles use this model to analyze regularly captured road
environment photos, requiring swift actions for safety on road networks. In this
work, we mainly developed a Generative Adversarial Network (GAN) model that
generates new emergency vehicles. This is to introduce a comprehensive expanded
dataset that assists emergency vehicles detection and classification processes.
Then, using Convolutional Neural Networks (CNNs), we constructed a vehicle
detection model demonstrating satisfactory performance in identifying emergency
vehicles. The detection model yielded an accuracy of 90.9% using the newly
generated dataset. To ensure the reliability of the dataset, we employed 10-fold
cross-validation, achieving accuracy exceeding 87%. Our work highlights the
significance of accurate datasets in developing intelligent models for emergency
vehicle detection. Finally, we validated the accuracy of our model using an
external dataset. We compared our proposed model’s performance against four other
online models, all evaluated using the same external dataset. Our proposed model
achieved an accuracy of 85% on the external dataset. Software Engineering,
Philadelphia University, Amman 19392, Jordan msshatnawi5@gmail.com;
mbani047@uottawa.ca 10.3390/vehicles6030053 2024 6 3 - - 53
-
Uzun, Illia; Lobachev, Mykhaylo; Kharchenko, Vyacheslav; Schöler, Thorsten;
Lobachev, Ivan Candlestick Pattern Recognition in Cryptocurrency Price Time-
Series Data Using Rule-Based Data Analysis Methods Computation EN Article
cryptocurrencies; candlesticks; recognition; time series; rule-based method;
data analysis In the rapidly evolving domain of cryptocurrency trading,
accurate market data analysis is crucial for informed decision making. Candlestick
patterns, a cornerstone of technical analysis, serve as visual representations of
market sentiment and potential price movements. However, the sheer volume and
complexity of cryptocurrency price time-series data presents a significant
challenge to traders and analysts alike. This paper introduces an innovative rule-
based methodology for recognizing candlestick patterns in cryptocurrency markets
using Python. By focusing on Ethereum, Bitcoin, and Litecoin, this study
demonstrates the effectiveness of the proposed methodology in identifying key
candlestick patterns associated with significant market movements. The structured
approach simplifies the recognition process while enhancing the precision and
reliability of market analysis. Through rigorous testing, this study shows that the
automated recognition of these patterns provides actionable insights for traders.
This paper concludes with a discussion on the implications, limitations, and
potential future research directions that contribute to the field of computational
finance by offering a novel tool for automated analysis in the highly volatile
cryptocurrency market. Institute of Artificial Intelligence and Robotics, Odesa
National Polytechnic University, 1, Shevchenko Av., 65044 Odesa, Ukraine
uzun.i.s@op.edu.ua; lobachev@op.edu.ua; v.kharchenko@csn.khai.edu;
thorsten.schoeler@hs-augsburg.de; lobachev@ieee.org 10.3390/computation12070132
2024 12 7 - - 132 -
Das, Popy; Asif, Md.; Jahan, Sohely; Ahmed, Kawsar; Bui, Francis; Khondoker,
Rahamatullah STRIDE-Based Cybersecurity Threat Modeling, Risk Assessment and
Treatment of an In-Vehicle Infotainment System Vehicles EN Article
cybersecurity; infotainment; threat modeling; risk assessment; threat
mitigation In modern automobiles, the infotainment system is crucial for enhancing
driver and passenger capabilities, offering advanced features such as music,
navigation, communication, and entertainment. Leveraging Wi-Fi, cellular networks,
NFC, and Bluetooth, the system ensures continuous internet connectivity, providing
seamless access to information. However, the increasing complexity of IT
connectivity in vehicles raises significant cybersecurity concerns, including
potential data breaches and exposure of sensitive information. To enhance security
in infotainment systems, this study applied component-level threat modeling to a
proposed infotainment system using the Microsoft STRIDE model. This approach
illustrates potential component-level security issues impacting privacy and
security concerns. The study also assessed these impacts using SAHARA and DREAD
risk assessment methodologies. The threat modeling process identified 34 potential
security threats, each accompanied by detailed information. Moreover, a comparative
analysis is performed to compute risk values for prioritizing treatment, followed
by recommending mitigation strategies for each identified threat. These identified
threats and associated risks require careful consideration to prevent potential
cyberattacks before deploying the infotainment system in automotive vehicles.
Department of Computer Science and Engineering, University of Barishal,
Barishal 8254, Bangladesh pdas17.cse@bu.ac.bd; mraasif@bu.ac.bd;
sojahan@bu.ac.bd; k.ahmed.bd@ieee.org; francis.bui@usask.ca;
rahamatullah.khondoker@mnd.thm.de 10.3390/vehicles6030054 2024 6 3 -
- 54 -
Tang, Yifan; Moreira, Geisianny; Vanegas, Diana; Datta, Shoumen; McLamore, Eric
Batch-to-Batch Variation in Laser-Inscribed Graphene (LIG) Electrodes for
Electrochemical Sensing Micromachines EN Article laser-inscribed
graphene; LIG; sensor; batch; variation; scalability; manufacturing Laser-
inscribed graphene (LIG) is an emerging material for micro-electronic applications
and is being used to develop supercapacitors, soft actuators, triboelectric
generators, and sensors. The fabrication technique is simple, yet the batch-to-
batch variation of LIG quality is not well documented in the literature. In this
study, we conduct experiments to characterize batch-to-batch variation in the
manufacturing of LIG electrodes for applications in electrochemical sensing.
Numerous batches of 36 LIG electrodes were synthesized using a CO2 laser system on
polyimide film. The LIG material was characterized using goniometry,
stereomicroscopy, open circuit potentiometry, and cyclic voltammetry.
Hydrophobicity and electrochemical screening (cyclic voltammetry) indicate that LIG
electrode batch-to-batch variation is less than 5% when using a commercial
reference and counter electrode. Metallization of LIG led to a significant increase
in peak current and specific capacitance (area between anodic/cathodic curve).
However, batch-to-batch variation increased to approximately 30%. Two different
platinum electrodeposition techniques were studied, including galvanostatic and
frequency-modulated electrodeposition. The study shows that formation of metallized
LIG electrodes with high specific capacitance and peak current may come at the
expense of high batch variability. This design tradeoff has not been discussed in
the literature and is an important consideration if scaling sensor designs for mass
use is desired. This study provides important insight into the variation of LIG
material properties for scalable development of LIG sensors. Additional studies are
needed to understand the underlying mechanism(s) of this variability so that
strategies to improve the repeatability may be developed for improving quality
control. The dataset from this study is available via an open access repository.
Department of Plant and Environmental Sciences, Clemson University, Clemson,
SC 29631, USA ytang95@jh.edu; gamm.bio@gmail.com; dvanega@clemson.edu;
shoumen@mit.edu; emclamo@clemson.edu 10.3390/mi15070874 2024 15 7
- - 874 -
Musthafa, Muhammad; Huda, Samsul; Kodera, Yuta; Ali, Md.; Araki, Shunsuke; Mwaura,
Jedidah; Nogami, Yasuyuki Optimizing IoT Intrusion Detection Using Balanced
Class Distribution, Feature Selection, and Ensemble Machine Learning Techniques
Sensors EN Article intrusion detection system; feature selection;
class balancing; ensemble technique; stacked long short-term memory Internet of
Things (IoT) devices are leading to advancements in innovation, efficiency, and
sustainability across various industries. However, as the number of connected IoT
devices increases, the risk of intrusion becomes a major concern in IoT security.
To prevent intrusions, it is crucial to implement intrusion detection systems
(IDSs) that can detect and prevent such attacks. IDSs are a critical component of
cybersecurity infrastructure. They are designed to detect and respond to malicious
activities within a network or system. Traditional IDS methods rely on predefined
signatures or rules to identify known threats, but these techniques may struggle to
detect novel or sophisticated attacks. The implementation of IDSs with machine
learning (ML) and deep learning (DL) techniques has been proposed to improve IDSs’
ability to detect attacks. This will enhance overall cybersecurity posture and
resilience. However, ML and DL techniques face several issues that may impact the
models’ performance and effectiveness, such as overfitting and the effects of
unimportant features on finding meaningful patterns. To ensure better performance
and reliability of machine learning models in IDSs when dealing with new and unseen
threats, the models need to be optimized. This can be done by addressing
overfitting and implementing feature selection. In this paper, we propose a scheme
to optimize IoT intrusion detection by using class balancing and feature selection
for preprocessing. We evaluated the experiment on the UNSW-NB15 dataset and the
NSL-KD dataset by implementing two different ensemble models: one using a support
vector machine (SVM) with bagging and another using long short-term memory (LSTM)
with stacking. The results of the performance and the confusion matrix show that
the LSTM stacking with analysis of variance (ANOVA) feature selection model is a
superior model for classifying network attacks. It has remarkable accuracies of
96.92% and 99.77% and overfitting values of 0.33% and 0.04% on the two datasets,
respectively. The model’s ROC is also shaped with a sharp bend, with AUC values of
0.9665 and 0.9971 for the UNSW-NB15 dataset and the NSL-KD dataset, respectively.
Graduate School of Environmental, Life, Natural Science and Technology,
Okayama University, Okayama 700-8530, Japan bisrimusthafa@s.okayama-u.ac.jp;
shuda@okayama-u.ac.jp; yuta_kodera@okayama-u.ac.jp; arshad@hstu.ac.bd;
araki@csn.kyutech.ac.jp; mwaura.mweru-jedidah901@mail.kyutech.jp;
yasuyuki.nogami@okayama-u.ac.jp 10.3390/s24134293 2024 24 13 - -
4293 -
Hantom, Wafa; Rahman, Atta Arabic Spam Tweets Classification: A Comprehensive
Machine Learning Approach AI EN Article Arabic natural language
processing; deep learning; cybersecurity; random forest; tweet spam detection; LSTM
 Nowadays, one of the most common problems faced by Twitter (also known as X)
users, including individuals as well as organizations, is dealing with spam tweets.
The problem continues to proliferate due to the increasing popularity and number of
users of social media platforms. Due to this overwhelming interest, spammers can
post texts, images, and videos containing suspicious links that can be used to
spread viruses, rumors, negative marketing, and sarcasm, and potentially hack the
user’s information. Spam detection is among the hottest research areas in natural
language processing (NLP) and cybersecurity. Several studies have been conducted in
this regard, but they mainly focus on the English language. However, Arabic tweet
spam detection still has a long way to go, especially emphasizing the diverse
dialects other than modern standard Arabic (MSA), since, in the tweets, the
standard dialect is seldom used. The situation demands an automated, robust, and
efficient Arabic spam tweet detection approach. To address the issue, in this
research, various machine learning and deep learning models have been investigated
to detect spam tweets in Arabic, including Random Forest (RF), Support Vector
Machine (SVM), Naive Bayes (NB) and Long-Short Term Memory (LSTM). In this regard,
we have focused on the words as well as the meaning of the tweet text. Upon several
experiments, the proposed models have produced promising results in contrast to the
previous approaches for the same and diverse datasets. The results showed that the
RF classifier achieved 96.78% and the LSTM classifier achieved 94.56%, followed by
the SVM classifier that achieved 82% accuracy. Further, in terms of F1-score, there
is an improvement of 21.38%, 19.16% and 5.2% using RF, LSTM and SVM classifiers
compared to the schemes with same dataset. Department of Computer Science
(CS), College of Computer Science and Information Technology (CCSIT), Imam
Abdulrahman Bin Faisal University (IAU), P.O. Box 1982, Dammam 31441, Saudi Arabia
2220500182@iau.edu.sa; aaurrahman@iau.edu.sa 10.3390/ai5030052 2024 5
3 - - 52 -
Wallis, Tania; Dorey, Paul Collaboration Practices for the Cybersecurity of
Supply Chains to Critical Infrastructure Applied Sciences EN Article
cybersecurity; resilience; supply chain management; operational technology;
cyber-physical systems; critical infrastructure; information sharing; systems
engineering This work describes the collaboration practices of a community of
interest in the UK that brings together cybersecurity professionals with a shared
interest in improving supply chain cybersecurity for Operational Technology (OT)
environments. This research emphasizes the need for collective responsibility
between organizations and provides a set of principles for adopting a code of
practice and partnership approach to supply chain cybersecurity. This work has
enabled cybersecurity experience from several critical infrastructure sectors,
including energy, rail, aviation, water, health, and food, to analyze the uptake
and practical use of existing supply chain guidance, identifying gaps and
challenges. The community has examined touch points with the supply chain and
identified improvements related to the communication of cybersecurity requirements,
technical and commercial engagement between customers and suppliers, and in the
tailoring of implementations towards operational technology contexts. Communicating
the context of securing cyber-physical systems is an essential perspective for this
community. This work exemplifies a partnership framework and is translating
experiences into useful guidance, particularly for OT systems, to improve
cybersecurity levels across multiple contributors to critical infrastructure
systems. School of Computing Science, University of Glasgow, Glasgow G12 8RZ, UK
tania.wallis@glasgow.ac.uk; paul.dorey@rhul.ac.uk 10.3390/app14135805
2024 14 13 - - 5805 -
Lindström, John; Kyösti, Petter; Psarommatis, Foivos; Andersson, Karl; Starck
Enman, Kristiina Extending Product Lifecycles—An Initial Model with New and
Emerging Existential Design Aspects Required for Long and Extendable Lifecycles
Applied Sciences EN Article circular; design aspect;
digital/connected product; existential; parallel technical lifecycles; product;
product lifecycle; sustainability This paper introduces an evaluated initial
model for how product lifecycles can be extended considering new and emerging
existential design aspects concerning both general as well as digital/connected
products. The initial model, which is cyclic, includes reverse logistics of
components and raw materials, as well as information on how to manage data at the
end of lifecycles. The aim is to improve long-term sustainability with a high
degree of circularity while also achieving increased profitability and
competitiveness. Further, we highlighted that product providers must start to
evaluate and prepare for how to improve product durability, manage long and
extendable lifespans, and achieve circularity with reverse logistics to close the
loops. Additionally, updatability and upgradability are also required to stay
current with time and create value while being cybersecure. Otherwise, customers’
expectations, various legal and regulatory aspects, as well as other existential
design aspects can halt or even terminate a product’s lifecycle. Dielcon AB,
Tryvägen 7, 954 41 Södra Sunderbyn, Sweden john.lindstrom@dielcon.se;
petter.kyosti@ri.se; foivosp@ifi.uio.no; karl.andersson@ltu.se;
kristiina.starck.enman@ri.se 10.3390/app14135812 2024 14 13 - -
5812 -
Benetis, Dovydas; Vitkus, Donatas; Janulevičius, Justinas; Čenys, Antanas; Goranin,
Nikolaj Automated Conversion of CVE Records into an Expert System, Dedicated to
Information Security Risk Analysis, Knowledge-Base Rules Electronics EN
Article information security; risk analysis; expert systems; knowledge
base; automation; CVE data Expert systems (ESs) can be seen as a perspective
method for risk analysis process automation, especially in the case of small- and
medium-sized enterprises that lack internal security resources. Expert system
practical applicability is limited by the fact that the creation of an expert
system knowledge base requires a lot of manual work. External knowledge sources,
such as attack trees, web pages, and ontologies, are already proven to be valuable
sources for the automated creation of knowledge base rules, thus leading to more
effective creation of specialized expert systems. This research proposes a new
method of automated conversion of CVE data from the National Vulnerability Database
(version CVSS 2) into the knowledge base of an expert system and flags CVE records
that have higher risk due to already existing exploit tools. This manuscript also
contains a description of the method for implementing software and a practical
evaluation of conversion results. The uniqueness of the proposed method is
incorporation of the records included in the Cybersecurity and Infrastructure
Security Agency (CISA) Known Exploited Vulnerabilities Catalog. Faculty of
Fundamental Sciences, Department of Information Systems, Vilnius Gediminas
Technical University, Sauletekio al. 11, LT-10223 Vilnius, Lithuania
dovydas.benetis@stud.vilniustech.lt; d.vitkus@vilniustech.lt;
justinas.janulevicius@vilniustech.lt; antanas.cenys@vilniustech.lt;
nikolaj.goranin@vilniustech.lt 10.3390/electronics13132642 2024 13 13
- - 2642 -
Neto, Euclides; Dadkhah, Sajjad; Sadeghi, Somayeh; Molyneaux, Heather Mitigating
Adversarial Attacks against IoT Profiling Electronics EN Article internet of
things (IoT); security; IoT profiling; deep learning (DL); adversarial attacks;
data poisoning; label flipping Internet of Things (IoT) applications have been
helping society in several ways. However, challenges still must be faced to enable
efficient and secure IoT operations. In this context, IoT profiling refers to the
service of identifying and classifying IoT devices’ behavior based on different
features using different approaches (e.g., Deep Learning). Data poisoning and
adversarial attacks are challenging to detect and mitigate and can degrade the
performance of a trained model. Thereupon, the main goal of this research is to
propose the Overlapping Label Recovery (OLR) framework to mitigate the effects of
label-flipping attacks in Deep-Learning-based IoT profiling. OLR uses Random
Forests (RF) as underlying cleaners to recover labels. After that, the dataset is
re-evaluated and new labels are produced to minimize the impact of label flipping.
OLR can be configured using different hyperparameters and we investigate how
different values can improve the recovery procedure. The results obtained by
evaluating Deep Learning (DL) models using a poisoned version of the CIC IoT
Dataset 2022 demonstrate that training overlap needs to be controlled to maintain
good performance and that the proposed strategy improves the overall profiling
performance in all cases investigated. Canadian Institute for Cybersecurity
(CIC), University of New Brunswick (UNB), Fredericton, NB E3B 9W4, Canada
e.neto@unb.ca; sdadkhah@unb.ca; s.sadeghi@unb.ca; heather.molyneaux@nrc-
cnrc.gc.ca 10.3390/electronics13132646 2024 13 13 - - 2646 -
Durlik, Irmina; Miller, Tymoteusz; Kostecka, Ewelina; Zwierzewicz, Zenon;
Łobodzińska, Adrianna Cybersecurity in Autonomous Vehicles—Are We Ready for the
Challenge? Electronics EN Review autonomous vehicles (AVs); cybersecurity;
intrusion detection systems (IDSs); sensor manipulation; blockchain technology
The rapid development and deployment of autonomous vehicles (AVs) present
unprecedented opportunities and challenges in the transportation sector. While AVs
promise enhanced safety, efficiency, and convenience, they also introduce
significant cybersecurity vulnerabilities due to their reliance on advanced
electronics, connectivity, and artificial intelligence (AI). This review examines
the current state of cybersecurity in autonomous vehicles, identifying major
threats such as remote hacking, sensor manipulation, data breaches, and denial of
service (DoS) attacks. It also explores existing countermeasures including
intrusion detection systems (IDSs), encryption, over-the-air (OTA) updates, and
authentication protocols. Despite these efforts, numerous challenges remain,
including the complexity of AV systems, lack of standardization, latency issues,
and resource constraints. This review concludes by highlighting future directions
in cybersecurity research and development, emphasizing the potential of AI and
machine learning, blockchain technology, industry collaboration, and legislative
measures to enhance the security of autonomous vehicles. Faculty of Navigation,
Maritime University of Szczecin, Waly Chrobrego 1-2, 70-500 Szczecin, Poland
i.durlik@pm.szczecin.pl; tymoteusz.miller@usz.edu.pl;
e.kostecka@pm.szczecin.pl; z.zwierzewicz@pm.szczecin.pl; 231994@stud.usz.edu.pl
10.3390/electronics13132654 2024 13 13 - - 2654 -
Ghilom, Milkias; Latifi, Shahram The Role of Machine Learning in Advanced
Biometric Systems Electronics EN Article bias; deepfake; deep learning;
generative adversarial networks; model inversion; privacy Today, the significance
of biometrics is more pronounced than ever in accurately allowing access to
valuable resources, from personal devices to highly sensitive buildings, as well as
classified information. Researchers are pushing forward toward devising robust
biometric systems with higher accuracy, fewer false positives and false negatives,
and better performance. On the other hand, machine learning (ML) has been shown to
play a key role in improving such systems. By constantly learning and adapting to
users’ changing biometric patterns, ML algorithms can improve accuracy and
performance over time. The integration of ML algorithms with biometrics, however,
introduces vulnerabilities in such systems. This article investigates the new
issues of concern that come about because of the adoption of ML methods in
biometric systems. Specifically, techniques to breach biometric systems, namely,
data poisoning, model inversion, bias injection, and deepfakes, are discussed.
Here, the methodology consisted of conducting a detailed review of the literature
in which ML techniques have been adopted in biometrics. In this study, we included
all works that have successfully applied ML and reported favorable results after
this adoption. These articles not only reported improved numerical results but also
provided sound technical justification for this improvement. There were many
isolated, unsupported, and unjustified works about the major advantages of ML
techniques in improving security, which were excluded from this review. Though
briefly mentioned, we did not touch upon encryption/decryption aspects, and,
accordingly, cybersecurity was excluded from this study. At the end,
recommendations are made to build stronger and more secure systems that benefit
from ML adoption while closing the door to adversarial attacks. Department of
Electrical & Computer Engineering, University of Nevada, Las Vegas, NV 89154,
USA ghilom@unlv.nevada.edu; shahram.latifi@unlv.edu 10.3390/electronics13132667
2024 13 13 - - 2667 -
Saini, Rachit; Islam, Riadul Reconfigurable CAN Intrusion Detection and Response
System Electronics EN Article controller area network (CAN); bus-off
attack; CAN attack detection; CAN attack response The controller area network
(CAN) remains the de facto standard for intra-vehicular communication. CAN enables
reliable communication between various microcontrollers and vehicle devices without
a central computer, which is essential for sustainable transportation systems.
However, it poses some serious security threats due to the nature of communication.
According to caranddriver.com, there were at least 150 automotive cybersecurity
incidents in 2019, a 94% year-over-year increase since 2016, according to a report
from Upstream Security. To safeguard vehicles from such attacks, securing CAN
communication, which is the most relied-on in-vehicle network (IVN), should be
configured with modifications. In this paper, we developed a configurable CAN
communication protocol to secure CAN with a hardware prototype for rapidly
prototyping attacks, intrusion detection systems, and response systems. We used a
field programmable gate array (FPGA) to prototype CAN to improve reconfigurability.
This project focuses on attack detection and response in the case of bus-off
attacks. This paper introduces two main modules: the multiple generic errors module
with the introduction of the error state machine (MGEESM) module and the bus-off
attack detection (BOAD) module for a frame size of 111 bits (BOAD111), based on the
CAN protocol presenting the introduction of form error, CRC error, and bit error.
Our results show that, in the scenario with the transmit error counter (TEC) value
127 for switching between the error-passive state and bus-off state, the detection
times for form error, CRC error, and bit error introduced in the MGEESM module are
3.610 ms, 3.550 ms, and 3.280 ms, respectively, with the introduction of error in
consecutive frames. The detection time for BOAD111 module in the same scenario is
3.247 ms. Department of Computer Science and Electrical Engineering, University
of Maryland, Baltimore County, MD 21250, USA r98@umbc.edu; riaduli@umbc.edu
10.3390/electronics13132672 2024 13 13 - - 2672 -
Arshad, Junaid; Talha, Muhammad; Saleem, Bilal; Shah, Zoha; Zaman, Huzaifa;
Muhammad, Zia A Survey of Bug Bounty Programs in Strengthening Cybersecurity
and Privacy in the Blockchain Industry Blockchains EN Article bug bounty
programs; blockchain; cybersecurity; privacy; network security; software
vulnerabilities; ethical hacking; zero-day vulnerabilities; exploits;
crowdsourcing; cyber threats; vulnerability discovery; security vulnerabilities
The increasing reliance on computer networks and blockchain technology has
led to a growing concern for cybersecurity and privacy. The emergence of zero-day
vulnerabilities and unexpected exploits has highlighted the need for innovative
solutions to combat these threats. Bug bounty programs have gained popularity as a
cost-effective way to crowdsource the task of identifying vulnerabilities,
providing a secure and efficient means of enhancing cybersecurity. This paper
provides a comprehensive survey of various free and paid bug bounty programs in the
computer networks and blockchain industry, evaluating their effectiveness, impact,
and credibility. The study explores the structure, incentives, and nature of
vulnerabilities uncovered by these programs, as well as their unique value
proposition. A comparative analysis is conducted to identify advantages and
disadvantages, highlighting the strengths and weaknesses of each program. The paper
also examines the role of ethical hackers in bug bounty programs and their
contributions to strengthening cybersecurity and privacy. Finally, the study
concludes with recommendations for addressing the challenges faced by bug bounty
programs and suggests potential future directions to enhance their impact on
computer networks and blockchain security. Department of Cyber Security, Air
University, Islamabad 44000, Pakistan 231274@students.au.edu.pk;
231350@students.au.edu.pk; 211096@students.au.edu.pk; 221498@students.au.edu.pk;
211124@students.au.edu.pk; zia.muhammad@ndsu.edu 10.3390/blockchains2030010
2024 2 3 - - 10 -
Amirkhanova, Dana; Iavich, Maksim; Mamyrbayev, Orken Lattice-Based Post-Quantum
Public Key Encryption Scheme Using ElGamal’s Principles Cryptography EN
Article SIS; post quantum; CVP; SVP; DLP; PKE; lattice Modern
technologies like quantum and cloud computing have reshaped computing, offering
immense power and scalability. While beneficial, they also challenge the security
of traditional cryptographic systems. Quantum computing threatens RSA and ECC with
algorithms like Shor’s algorithm, which can accelerate computations exponentially.
This risks exposing these systems to attacks, necessitating quantum-resistant
cryptography. Cloud computing poses data security concerns, requiring robust
cryptographic mechanisms and access controls. Lattice-based cryptography,
leveraging problems like the Short Integer Solution (SIS), emerges as a solution.
This paper presents a novel quantum-resistant public key encryption scheme based on
ElGamal and SIS, ensuring security against quantum and classical threats in modern
cryptographic environments. Department of Cybersecurity, Information Processing
and Storage, Satbayev University, Almaty 050013, Kazakhstan
amirkhanovadana2@gmail.com; miavich@cu.edu.ge; morkenj@mail.ru
10.3390/cryptography8030031 2024 8 3 - - 31 -
Morales-Sáenz, Francisco; Medina-Quintero, José; Reyna-Castillo, Miguel Beyond
Data Protection: Exploring the Convergence between Cybersecurity and Sustainable
Development in Business Sustainability EN Review cybersecurity;
sustainable development; digital security; sustainability challenges; data
protection; systematic review The increase in the use of information technology
(IT) poses a challenge derived from the risks and threats of computer security in
all areas of society. In this sense, cybersecurity emerges as an important pillar
of support for protecting infrastructures essential for countries’ sustainable
economic and social development. This paper explores the possible links between
cybersecurity and sustainable development within the high-impact scientific
literature. The study uses a systematic literature review methodology based on the
Preferred Reporting Items for Systematic Reviews and Meta-Analyses (PRISMA)
protocol, ensuring a rigorous and structured approach to selecting and analyzing
relevant literature. The scientific database Web of Science is used to ensure the
integrity and quality of the data collected, following criteria widely validated in
this type of methodology. The study reveals a significant interrelationship between
cybersecurity and sustainable development in the business sphere. It highlights
cybersecurity’s contribution to economic sustainability by protecting critical
infrastructure and minimizing financial risks. Concerning environmental
sustainability, cybersecurity facilitates the implementation of cleaner and more
efficient technology. Social sustainability ensures personal data protection and
fosters a culture of responsibility and trust within organizations. School of
Business and Administration Victoria, Autonomous University of Tamaulipas,
Boulevard Adolfo López Mateos SN, Centro Universitario, Ciudad Victoria 87149,
Mexico fmsaenz@uat.edu.mx; jmedinaq@uat.edu.mx; mreyna@docentes.uat.edu.mx
10.3390/su16145884 2024 16 14 - - 5884 -
Adel, Amr; Jan, Tony Watch the Skies: A Study on Drone Attack Vectors, Forensic
Approaches, and Persisting Security Challenges Future Internet EN Review
unmanned aerial vehicles (UAVs); drone cybersecurity; threat models; drone
forensics; security challenges; forensic methodologies In the rapidly evolving
landscape of drone technology, securing unmanned aerial vehicles (UAVs) presents
critical challenges and demands unique solutions. This paper offers a thorough
examination of the security requirements, threat models, and solutions pertinent to
UAVs, emphasizing the importance of cybersecurity and drone forensics. This
research addresses the unique requirements of UAV security, outlines various threat
models, and explores diverse solutions to ensure data integrity. Drone forensics, a
field dedicated to the investigation of security incidents involving UAVs, has been
extensively examined and demonstrates its relevance in identifying attack origins
or establishing accident causes. This paper further surveys artifacts, tools, and
benchmark datasets that are critical in the domain of drone forensics, providing a
comprehensive view of current capabilities. Acknowledging the ongoing challenges in
UAV security, particularly given the pace of technological advancement and complex
operational environments, this study underscores the need for increased
collaboration, updated security protocols, and comprehensive regulatory frameworks.
Ultimately, this research contributes to a deeper understanding of UAV
cybersecurity and aids in fostering future research into the secure and reliable
operation of drones. Centre for Artificial Intelligence Research and
Optimization (AIRO), Torrens University Australia, Ultimo, NSW 2007, Australia
amr.adel@torrens.edu.au; tony.jan@torrens.edu.au 10.3390/fi16070250
 2024 16 7 - - 250 -
Bace, Brianna; Dubois, Elisabeth; Tatar, Unal Resilience against Catastrophic
Cyber Incidents: A Multistakeholder Analysis of Cyber Insurance Electronics EN
Article catastrophic cyber risk; cyber insurance; cyber resilience;
economic resilience; regulation; content analysis; federal backstop Catastrophic
cyber incidents—events of low probability but high impact, with the potential to
incur billions of dollars in damages—are prompting insurers to elevate premiums,
create higher barriers for potential buyers, and tighten policies with exclusions.
While these responses of the insurance industry are important to prevent its
insolvency during catastrophic incidents due to excessive claims, they lead to a
notable gap in market protection. Using a content analysis of multistakeholder
comments submitted in response to a Treasury Department Request for Information
(RFI), this study seeks to define what constitutes a catastrophic cyber event,
identify mitigation strategies, evaluate the current capacity of the cyber
insurance sector to handle such incidents, and investigate the potential roles and
support mechanisms that the government can provide to enhance the insurance
sector’s capacity to manage these extreme risks. This paper is one of the
pioneering studies using data and a multistakeholder perspective to provide
essential guidance for policymakers, regulators, the insurance industry, and the
cybersecurity sector in formulating robust policies and strategies to address
catastrophic cyber risks, ultimately enhancing national economic and technological
resilience. College of Emergency Preparedness, Homeland Security and Cybersecurity,
University at Albany, State University of New York, Albany, NY 12203, USA
bbace@albany.edu; evdubois@albany.edu; utatar@albany.edu
10.3390/electronics13142768 2024 13 14 - - 2768 -
Charkhabi, Sadaf; Samimi, Peyman; Bagui, Sikha; Mink, Dustin; Bagui, Subhash Node
Classification of Network Threats Leveraging Graph-Based Characterizations Using
Memgraph Computers EN Article graph machine learning; graph neural
networks; graph database; Memgraph; node classification; MITRE ATT&CK framework;
network threats; PageRank; Katz centrality; betweenness centrality This
research leverages Memgraph, an open-source graph database, to analyze graph-based
network data and apply Graph Neural Networks (GNNs) for a detailed classification
of cyberattack tactics categorized by the MITRE ATT&CK framework. As part of graph
characterization, the page rank, degree centrality, betweenness centrality, and
Katz centrality are presented. Node classification is utilized to categorize
network entities based on their role in the traffic. Graph-theoretic features such
as in-degree, out-degree, PageRank, and Katz centrality were used in node
classification to ensure that the model captures the structure of the graph. The
study utilizes the UWF-ZeekDataFall22 dataset, a newly created dataset which
consists of labeled network logs from the University of West Florida’s Cyber Range.
The uniqueness of this study is that it uses the power of combining graph-based
characterization or analysis with machine learning to enhance the understanding and
visualization of cyber threats, thereby improving the network security measures.
Department of Computer Science, University of West Florida, Pensacola, FL
32514, USA sadaf.charkhabi@gmail.com; pe.samimi@gmail.com; bagui@uwf.edu;
dmink@uwf.edu; sbagui@uwf.edu 10.3390/computers13070171 2024 13 7 -
- 171 -
Kaliyaperumal, Prabu; Periyasamy, Sudhakar; Thirumalaisamy, Manikandan; Balusamy,
Balamurugan; Benedetto, Francesco A Novel Hybrid Unsupervised Learning Approach
for Enhanced Cybersecurity in the IoT Future Internet EN Article
autoencoder; DBSCAN; support vector machine; unsupervised learning; cloud
security The proliferation of IoT services has spurred a surge in network
attacks, heightening cybersecurity concerns. Essential to network defense,
intrusion detection and prevention systems (IDPSs) identify malicious activities,
including denial of service (DoS), distributed denial of service (DDoS), botnet,
brute force, infiltration, and Heartbleed. This study focuses on leveraging
unsupervised learning for training detection models to counter these threats
effectively. The proposed method utilizes basic autoencoders (bAEs) for
dimensionality reduction and encompasses a three-stage detection model: one-class
support vector machine (OCSVM) and deep autoencoder (dAE) attack detection,
complemented by density-based spatial clustering of applications with noise
(DBSCAN) for attack clustering. Accurately delineated clusters aid in mapping
attack tactics. The MITRE ATT&CK framework establishes a “Cyber Threat Repository”,
cataloging attacks and tactics, enabling immediate response based on priority.
Leveraging preprocessed and unlabeled normal network traffic data, this approach
enables the identification of novel attacks while mitigating the impact of
imbalanced training data on model performance. The autoencoder method utilizes
reconstruction error, OCSVM employs a kernel function to establish a hyperplane for
anomaly detection, while DBSCAN employs a density-based approach to identify
clusters, manage noise, accommodate diverse shapes, automatically determining
cluster count, ensuring scalability, and minimizing false positives and false
negatives. Evaluated on standard datasets such as CIC-IDS2017 and CSECIC-IDS2018,
the proposed model outperforms existing state of art methods. Our approach achieves
accuracies exceeding 98% for the two datasets, thus confirming its efficacy and
effectiveness for application in efficient intrusion detection systems. School
of Computer Science and Engineering, Galgotias University, Dankaur 203201, India
k.prabu@galgotiasuniversity.edu.in; p.sudhakar@galgotiasuniversity.edu.in;
tmcse1404@gmail.com; kadavulai@gmail.com; francesco.benedetto@uniroma3.it
10.3390/fi16070253 2024 16 7 - - 253 -
Mohamed Mohideen, Mohamed; Nadeem, Muhammad; Hardy, James; Ali, Haider; Tariq,
Umair; Sabrina, Fariza; Waqar, Muhammad; Ahmed, Salman Behind the Code:
Identifying Zero-Day Exploits in WordPress Future Internet EN Article
zero-day vulnerabilities; cross-site scripting; WordPress plugins; DAST;
keylogger; NIST; CVE; OWASP The rising awareness of cybersecurity among
governments and the public underscores the importance of effectively managing
security incidents, especially zero-day attacks that exploit previously unknown
software vulnerabilities. These zero-day attacks are particularly challenging
because they exploit flaws that neither the public nor developers are aware of. In
our study, we focused on dynamic application security testing (DAST) to investigate
cross-site scripting (XSS) attacks. We closely examined 23 popular WordPress
plugins, especially those requiring user or admin interactions, as these are
frequent targets for XSS attacks. Our testing uncovered previously unknown zero-day
vulnerabilities in three of these plugins. Through controlled environment testing,
we accurately identified and thoroughly analyzed these XSS vulnerabilities,
revealing their mechanisms, potential impacts, and the conditions under which they
could be exploited. One of the most concerning findings was the potential for
admin-side attacks, which could lead to multi-site insider threats. Specifically,
we found vulnerabilities that allow for the insertion of malicious scripts,
creating backdoors that unauthorized users can exploit. We demonstrated the
severity of these vulnerabilities by employing a keylogger-based attack vector
capable of silently capturing and extracting user data from the compromised
plugins. Additionally, we tested a zero-click download strategy, allowing malware
to be delivered without any user interaction, further highlighting the risks posed
by these vulnerabilities. The National Institute of Standards and Technology (NIST)
recognized these vulnerabilities and assigned them CVE numbers: CVE-2023-5119 for
the Forminator plugin, CVE-2023-5228 for user registration and contact form issues,
and CVE-2023-5955 for another critical plugin flaw. Our study emphasizes the
critical importance of proactive security measures, such as rigorous input
validation, regular security testing, and timely updates, to mitigate the risks
posed by zero-day vulnerabilities. It also highlights the need for developers and
administrators to stay vigilant and adopt strong security practices to defend
against evolving threats. School of Computing, University of Derby, Derby DE22
3AW, UK m.mohamedmohideen1@unimail.derby.ac.uk; s.nadeem3@uos.ac.uk;
j.hardy@derby.ac.uk; h.ali@derby.ac.uk; u.tariq@cqu.edu.au; f.sabrina@cqu.edu.au;
m.waqar@uos.ac.uk; s.ahmed@uos.ac.uk 10.3390/fi16070256 2024 16 7
- - 256 -
Manowska, Anna; Boros, Martin; Hassan, Muhammad; Bluszcz, Anna; Tobór-Osadnik,
Katarzyna A Modern Approach to Securing Critical Infrastructure in Energy
Transmission Networks: Integration of Cryptographic Mechanisms and Biometric Data
Electronics EN Article energy security; critical infrastructure;
energy transmission networks; cryptographic mechanisms; biometric data;
cybersecurity; IT system management Energy security is a crucial issue for
political, environmental, and economic reasons. This article presents a modern
approach to securing critical infrastructure in energy transmission networks, which
are managed by advanced IT systems. This paper focuses on the integration of
cryptographic mechanisms with biometric data, providing an additional layer of
protection against cyber threats. The discussed solutions enable the protection of
management systems in energy transmission networks, enhancing their resilience to
cyberattacks. The use of the command-line interface (CLI) in combination with
biometrics allows for precise execution of security tasks such as network
monitoring, firewall management, and automation of security tasks. This makes these
systems more reliable and secure, which is essential for the stability of energy
systems. Department of Automatics and Industrial Informatics, Silesian
University of Technology, 44-100 Gliwice, Poland anna.manowska@polsl.pl;
martin.boros@uniza.sk; muhammad.waqar.hassan@polsl.pl; anna.bluszcz@polsl.pl;
katarzyna.tobor-osadnik@polsl.pl 10.3390/electronics13142849 2024 13 14
- - 2849 -
Kasse, Mamadou; Charrier, Rodolphe; Berred, Alexandre; Bertelle, Cyrille;
Delpierre, Christophe An Approach for Anomaly Detection in Network Communications
Using k-Path Analysis Journal of Cybersecurity and Privacy EN Article
cybersecurity; cyberattacks; Markovian model; generalized maximum likelihood
ratio; computer networks; network traffic In this paper, we present an innovative
approach inspired by the Path-scan model to detect paths with k adjacent edges (k-
path) exhibiting unusual behavior (synonymous with anomaly) within network
communications. This work is motivated by the challenge of identifying malicious
activities carried out in vulnerable k-path in a small to medium-sized computer
network. Each observed edge (time series of the number of events or the number of
packets exchanged between two computers in the network) is modeled using the three-
state observed Markov model, as opposed to the Path-scan model which uses a two-
state model (active state and inactive state), to establish baselines of behavior
in order to detect anomalies. This model captures the typical behavior of network
communications, as well as patterns of suspicious activity, such as those
associated with brute force attacks. We take a perspective by analyzing each
vulnerable k-path, enabling the accurate detection of anomalies on the k-path.
Using this approach, our method aims to enhance the detection of suspicious
activities in computer networks, thus providing a more robust and accurate solution
to ensure the security of computer systems. Laboratoire d’Informatique, du
Traitement de l’Information et des Systèmes, UFR Sciences and Technology,
University of Le Havre, 25 rue Philippe Lebon, 76058 Le Havre Cedex, France
mamadou.kasse@etu.univ-lehavre.fr; rodolphe.charrier@univ-lehavre.fr;
alexandre.berred@univ-lehavre.fr; cyrille.bertelle@univ-lehavre.fr;
christophe.delpierre@riskntic.com 10.3390/jcp4030022 2024 4 3 -
- 22 -
Pugnetti, Carlo; Björck, Albena; Schönauer, Reto; Casián, Carlos Towards Diagnosing
and Mitigating Behavioral Cyber Risks Risks EN Article risk;
cybersecurity; cyber risk; risk behavior; risk communication; risk mitigation
A company’s cyber defenses are based on a secure infrastructure and risk-
aware behavior by employees. With rising cyber threats and normative training
efforts showing limited impact, raising cyber risk awareness is emerging as a
challenging effort. The review of the extant literature on awareness diagnosis
shows interdisciplinary but mainly theoretical approaches to understanding
attitudes and influencing risk behavior. We propose and test a novel methodology to
combine and operationalize two tools, deep metaphor interviews and the IDEA risk
communication model, to apply them for the first time in the context of behavioral
cyber vulnerabilities. The results show a link between diagnosed attitudes and
effective risk behavior in a real-life organizational setting, indicating the
potential for an expanded diagnostic effort. We propose to develop a broader
diagnostic and intervention set to improve cyber awareness and a toolkit to support
the business practice of cyber risk management. Institute of Financial Services Zug
IFZ, Lucerne School of Business, Suurstoffi 1, 63434 Rotkreuz, Switzerland
carlo.pugnetti@hslu.ch; albena.bjoerck@zhaw.ch; reto.schoenauer@mobi.ch;
carlos.casian@kessler.ch 10.3390/risks12070116 2024 12 7 - -
116 -
El-Hajj, Mohammed; Gebremariam, Teklit Enhancing Resilience in Digital Twins:
ASCON-Based Security Solutions for Industry 4.0 Network EN Article
Digital Twins; DT; lightweight; ASCON; IIoT; ESP32 Persistent security
challenges in Industry 4.0 due to the limited resources of IoT devices necessitate
innovative solutions. Addressing this, this study introduces the ASCON algorithm
for lightweight authenticated encryption with associated data, enhancing
confidentiality, integrity, and authenticity within IoT limitations. By integrating
Digital Twins, the framework emphasizes the need for robust security in Industry
4.0, with ASCON ensuring secure data transmission and bolstering system resilience
against cyber threats. Practical validation using the MQTT protocol confirms
ASCON’s efficacy over AES-GCM, highlighting its potential for enhanced security in
Industry 4.0. Future research should focus on optimizing ASCON for microprocessors
and developing secure remote access tailored to resource-constrained devices,
ensuring adaptability in the digital era. Department of Semantics, Cybersecurity
& Services, University of Twente, 7500 AE Enschede, The Netherlands
m.elhajj@utwente.nl; t.h.gebremariam@gmail.com 10.3390/network4030013 2024
4 3 - - 13 -
Gupta, Brij; Gaurav, Akshat; Attar, Razaz; Arya, Varsha; Alhomoud, Ahmed; Chui,
Kwok Sustainable IoT Security in Entrepreneurship: Leveraging Univariate Feature
Selection and Deep CNN Model for Innovation and Knowledge Sustainability EN
Article IoT security; botnet detection; deep learning; feature selection;
entrepreneurship Due to the rapid increase in Internet of Things (IoT) devices in
entrepreneurial environments, innovative cybersecurity advancements are needed to
defend against escalating cyber threats. The present paper proposes an approach
involving univariate feature selection leading to Sustainable IoT security. This
method aims at increasing the efficiency and accuracy of the deep Convolutional
Neural Network (CNN) model concerning botnet attack detection and mitigation. The
approach to obtaining Sustainable IoT Security goes beyond the focus on technical
aspects by proving that increased cybersecurity in IoT environments also fosters
entrepreneurship in terms of stimulation, knowledge increase, and innovation. This
approach is a major step towards providing entrepreneurs with the necessary tools
to protect them in this digital era, which will enable and support the defense
against cyber threats. A secure, innovative, and knowledgeable entrepreneurial
environment is the result of Sustainable IoT security. Department of Computer
Science and Information Engineering, Asia University, Taichung 413, Taiwan
bbgupta@asia.edu.tw; akshat.gaurav@ronininstitute.org; raattar@pnu.edu.sa;
varshaarya2108@gmail.com; aalhomoud@nbu.edu.sa; jktchui@hkmu.edu.hk
10.3390/su16146219 2024 16 14 - - 6219 -
Almari, Raghad; Almosallam, Abdullah; Almousa, Saleh; Alahmadi, Saad Protecting
Instant Messaging Notifications against Physical Attacks: A Novel Instant Messaging
Notification Protocol Based on Signal Protocol Applied Sciences EN Article
cryptographic key management; cybersecurity; network protocol; offline
attacks; key management; network secure instant messaging Over the years, there
has been a significant surge in the popularity of instant messaging applications
(IMAs). However, the message notification functionality in IMAs exhibits certain
limitations. Some IMAs fail to alert users about new messages after their phone
restarts unless they unlock the phone. This is a consequence of end-to-end
encryption (E2EE) and the app not knowing the message is in the queue until the app
decrypts it. This approach using E2EE is used to prevent offline attacks, as the
key is unavailable to decrypt the notification messages. In this paper, we
introduce a novel design and implementation of a message notification protocol for
IMAs based on the Signal protocol. The proposed protocol aims to securely display
notifications on a locked device and ensures that cryptographic keys are stored in
a location that is isolated from the user’s device to prevent offline attacks. This
approach enhances the security of private key storage, safeguarding private keys
against various external threats. The innovative design strengthens the off-site
key management system, rendering it resilient against offline attacks and
mitigating the risk of key compromise. Additionally, the proposed protocol is
highly efficient, requiring no specialized hardware for implementation. It offers
confidentiality of cryptographic keys and protection against offline attacks,
further enhancing the overall security of the system. We evaluate the protocol’s
effectiveness by analyzing multiple independent implementations that pass a suite
of formal tests via ProVerif. Computer Science Department, King Saud University,
Riyadh 11451, Saudi Arabia raghadrmarri@gmail.com; a.a.almosallam@gmail.com;
s.almousa@coeia.edu.sa; salahmadi@ksu.edu.sa 10.3390/app14146348 2024 14
14 - - 6348 -
Amarnath, Amarnath; Al Bataineh, Ali; Hansen, Jeremy Transfer-Learning Approach
for Enhanced Brain Tumor Classification in MRI Imaging BioMedInformatics EN
Article brain tumor classification; intracranial neoplasm; MRI analysis;
pre-trained models; transfer learning; ResNet50; Xception; EfficientNetV2-S;
ResNet152V2; VGG16 Background: Intracranial neoplasm, often referred to as a
brain tumor, is an abnormal growth or mass of tissues in the brain. The complexity
of the brain and the associated diagnostic delays cause significant stress for
patients. This study aims to enhance the efficiency of MRI analysis for brain
tumors using deep transfer learning. Methods: We developed and evaluated the
performance of five pre-trained deep learning models—ResNet50, Xception,
EfficientNetV2-S, ResNet152V2, and VGG16—using a publicly available MRI scan
dataset to classify images as glioma, meningioma, pituitary, or no tumor. Various
classification metrics were used for evaluation. Results: Our findings indicate
that these models can improve the accuracy of MRI analysis for brain tumor
classification, with the Xception model achieving the highest performance with a
test F1 score of 0.9817, followed by EfficientNetV2-S with a test F1 score of
0.9629. Conclusions: Implementing pre-trained deep learning models can enhance MRI
accuracy for detecting brain tumors. Leahy School of Cybersecurity and
Advanced Computing, Norwich University, Northfield, VT 05663, USA
ash_amar@outlook.com; aalbatai@norwich.edu; jhansen3@norwich.edu
10.3390/biomedinformatics4030095 2024 4 3 - - 95 -
Orazbayev, Batyr; Boranbayeva, Narkez; Makhatova, Valentina; Rzayeva, Leila;
Ospanov, Yerbol; Kurmashev, Ildar; Kurmangaziyeva, Lyailya Development and
Synthesis of Linguistic Models for Catalytic Cracking Unit in a Fuzzy Environment
Processes EN Article catalytic cracking process; linguistic model;
fuzzy logic; computer modeling; optimization This research develops a method for
synthesizing linguistic models of fuzzy systems with fuzzy input and output
parameters that are described by linguistic variables. Based on the proposed
method, linguistic models of the Title 1000 catalytic cracking unit for heavy
residues at the Shymkent oil refinery are developed, describing the dependence of
the volume and quality of gasoline on the input and operating parameters of the
facility, which are fuzzy. It is substantiated that the use of a fuzzy approach,
which allows the use of the experience, knowledge, and intuition (intelligence) of
the decision maker and subject matter experts, is the most suitable effective
method for synthesizing models of complex, fuzzily described objects and processes
for comparison with other methods. The main idea of the proposed work is to solve
the problems of shortage and fuzziness of initial information when developing
models and optimizing the operating modes of a catalytic cracking unit through the
use of knowledge, experience, and intuition of experts in this field. To solve the
problems of the shortage of initial quantitative information and the fuzziness of
available information when developing mathematical models, it is proposed to
systematically use statistical methods, expert assessment methods, and a heuristic
method based on fuzzy logic. The scientific novelty of the research lies in the
development of a method for synthesizing linguistic models in a fuzzy environment
and an algorithm for its implementation, which makes it possible to describe the
dependence of the fuzzy values of the object’s output parameters on its fuzzy input
and operating parameters. The proposed approach allows the formalization and
synthesis of models of fuzzily described objects when other methods of model
development are not applicable or do not give the expected results. The results of
the work were simulated in the MATLAB Fuzzy Logic Toolbox. Faculty of Information
Technologies, L. N. Gumilyov Eurasian National University, Astana 010000,
Kazakhstan batyr_o@mail.ru; ades_98@mail.ru; mahve@mail.ru;
l.rzayeva@astanait.edu.kz; 78oea@mail.ru; kig_ildar@mail.ru; kurmangazieval@mail.ru
10.3390/pr12081543 2024 12 8 - - 1543 -
Martín Toral, Imanol; Calvo, Isidro; Villar, Eneko; Gil-García, Jose; Barambones,
Oscar Introducing Security Mechanisms in OpenFog-Compliant Smart Buildings
Electronics EN Article smart buildings; cybersecurity; OpenFog
(IEEE1934); artificial intelligence of things (AIoT) Designing smart building IoT
applications is a complex task. It requires efficiently integrating a broad number
of heterogeneous, low-resource devices that adopt lightweight strategies. IoT
frameworks, especially if they are standard-based, may help designers to scaffold
the applications. OpenFog, established as IEEE 1934 standard, promotes the use of
free open source (FOS) technologies and has been identified for use in smart
buildings. However, smart building systems may present vulnerabilities, which can
put their integrity at risk. Adopting state-of-the-art security mechanisms in this
domain is critical but not trivial. It complicates the design and operation of the
applications, increasing the cost of the deployed systems. In addition,
difficulties may arise in finding qualified cybersecurity personnel. OpenFog
identifies the security requirements of the applications, although it does not
describe clearly how to implement them. This article presents a scalable
architecture, based on the OpenFog reference architecture, to provide security by
design in buildings of different sizes. It adopts FOS technologies over low-cost
IoT devices. Moreover, it presents guidelines to help developers create secure
applications, even if they are not security experts. It also proposes a selection
of technologies in different layers to achieve the security dimensions defined in
the X.805 ITU-T recommendation. A proof-of-concept Indoor Environment Quality (IEQ)
system, based on low-cost smart nodes, was deployed in the Faculty of Engineering
of Vitoria-Gasteiz to illustrate the implementation of the presented approach. The
operation of the IEQ system was analyzed using software tools frequently used to
find vulnerabilities in IoT applications. The use of state-of-the-art security
mechanisms such as encryption, certificates, protocol selection and network
partitioning/configuration in the OpenFog-based architecture improves smart
building security. Department of Systems Engineering and Automatic Control,
Faculty of Engineering of Vitoria-Gasteiz, University of the Basque Country
(UPV/EHU), 01006 Vitoria-Gasteiz, Spain imanol.martint@ehu.eus;
isidro.calvo@ehu.eus; eneko.villar@cta.aero; jm.gil-garcia@ehu.eus;
oscar.barambones@ehu.eus 10.3390/electronics13152900 2024 13 15 -
- 2900 -
Coscia, Antonio; Iannacone, Andrea; Maci, Antonio; Stamerra, Alessandro
SINNER: A Reward-Sensitive Algorithm for Imbalanced Malware Classification
Using Neural Networks with Experience Replay Information EN Article
application programming interface; class skew; deep learning; deep
reinforcement learning; experience replay; imbalanced data; malware analysis;
neural networks Reports produced by popular malware analysis services showed a
disparity in samples available for different malware families. The unequal
distribution between such classes can be attributed to several factors, such as
technological advances and the application domain that seeks to infect a computer
virus. Recent studies have demonstrated the effectiveness of deep learning (DL)
algorithms when learning multi-class classification tasks using imbalanced
datasets. This can be achieved by updating the learning function such that correct
and incorrect predictions performed on the minority class are more rewarded or
penalized, respectively. This procedure can be logically implemented by leveraging
the deep reinforcement learning (DRL) paradigm through a proper formulation of the
Markov decision process (MDP). This paper proposes SINNER, i.e., a DRL-based multi-
class classifier that approaches the data imbalance problem at the algorithmic
level by exploiting a redesigned reward function, which modifies the traditional
MDP model used to learn this task. Based on the experimental results, the proposed
formula appears to be successful. In addition, SINNER has been compared to several
DL-based models that can handle class skew without relying on data-level
techniques. Using three out of four datasets sourced from the existing literature,
the proposed model achieved state-of-the-art classification performance.
Cybersecurity Lab, BV TECH S.p.A., 20123 Milan, Italy
antonio.coscia@bvtech.com; andrea.iannacone@bvtech.com;
antonio.maci@bvtech.com; alessandro.stamerra@bvtech.com 10.3390/info15080425
2024 15 8 - - 425 -
Batay, Sagidolla; Baidullayeva, Aigerim; Sarsenov, Erkhan; Zhao, Yong; Zhou,
Tongming; Ng, Eddie; Kadylulu, Taldaubek Integrated Aerodynamic Shape and Aero-
Structural Optimization: Applications from Ahmed Body to NACA 0012 Airfoil and Wind
Turbine Blades Fluids EN Article DAFoam; multi-disciplinary design
optimization; aero-structural design optimization; OpenMDAO; Ahmed body During
this research, aerodynamic shape optimization is conducted on the Ahmed body with
the drag coefficient as the objective function and the ramp shape as the design
variable, while aero-structural optimization is conducted on NACA 0012 to reduce
the drag coefficient for the aerodynamic performance with the shape as the design
variable while reducing structural mass with the thickness of the panels as the
design variables. This is accomplished through a gradient-based optimization
process and coupled finite element and computational fluid dynamics (CFD) solvers
under fluid–structure interaction (FSI). In this study, DAFoam (Discrete Adjoint
with OpenFOAM for High-fidelity Multidisciplinary Design Optimization) and TACS
(Toolkit for the Analysis of Composite Structures) are integrated to optimize the
aero-structural design of an airfoil concurrently under the FSI condition, with
TACS and DAFoam as coupled structural and CFD solvers integrated with a gradient-
based adjoint optimization solver. One-way coupling between the fluid and
structural solvers for the aero-structural interaction is adopted by using Mphys, a
package that standardizes high-fidelity multiphysics problems in OpenMDAO. At the
end of the paper, we compare and discuss our findings in the context of existing
research, specifically highlighting previous results on the aerodynamic and aero-
structural optimization of wind turbine blades. Department of Mechanical &
Aerospace Engineering, School of Engineering and Digital Sciences, Nazarbayev
University, Astana 010000, Kazakhstan shaheidula.batai@nu.edu.kz;
abaidullayeva@nu.edu.kz; erkhan.sarsenov@nu.edu.kz; yong.zhao@nu.edu.kz;
tongming.zhou@uwa.edu.au; mykng@ntu.edu.sg; taldaobekashimhan@gmail.com
10.3390/fluids9080170 2024 9 8 - - 170 -
Alqura’n, Rabee; AlJamal, Mahmoud; AL-Aiash, Issa; Alsarhan, Ayoub; Khassawneh,
Bashar; Aljaidi, Mohammad; Alanazi, Rakan Advancing XSS Detection in IoT over 5G: A
Cutting-Edge Artificial Neural Network Approach IoT EN Article Internet of
Things (IoT); 5G networks; XSS attacks; Artificial Neural Networks (ANNs);
cybersecurity The rapid expansion of the Internet of Things (IoT) and the
advancement of 5G technology require strong cybersecurity measures within IoT
frameworks. Traditional security methods are insufficient due to the wide variety
and large number of IoT devices and their limited computational capabilities. With
5G enabling faster data transmission, security risks have increased, making
effective protective measures essential. Cross-Site Scripting (XSS) attacks present
a significant threat to IoT security. In response, we have developed a new approach
using Artificial Neural Networks (ANNs) to identify and prevent XSS breaches in IoT
systems over 5G networks. We significantly improved our model’s predictive
performance by using filter and wrapper feature selection methods. We validated our
approach using two datasets, NF-ToN-IoT-v2 and Edge-IIoTset, ensuring its strength
and adaptability across different IoT environments. For the NF-ToN-IoT-v2 dataset
with filter feature selection, our Bilayered Neural Network (2 × 10) achieved the
highest accuracy of 99.84%. For the Edge-IIoTset dataset with filtered feature
selection, the Trilayered Neural Network (3 × 10) achieved the best accuracy of
99.79%. We used ANOVA tests to address the sensitivity of neural network
performance to initial conditions, confirming statistically significant
improvements in detection accuracy. The ANOVA results validated the enhancements
across different feature selection methods, demonstrating the consistency and
reliability of our approach. Our method demonstrates outstanding accuracy and
robustness, highlighting its potential as a reliable solution for enhancing IoT
security in the era of 5G networks. Department of Information Technology, Faculty
of Prince Al-Hussien bin Abdullah, Hashemite University, Zarqa 13133, Jordan
alquran.rabee@gmail.com; mahmood.yj.98@gmail.com; issaalayyash76@gmail.com;
ayoubm@hu.edu.jo; b.khassawneh@aau.edu.jo; mjaidi@zu.edu.jo;
rakan.nalenezi@nbu.edu.sa 10.3390/iot5030022 2024 5 3 - -
22 -
Basheer, Nihala; Islam, Shareeful; Alwaheidi, Mohammed; Papastergiou, Spyridon
Adoption of Deep-Learning Models for Managing Threat in API Calls with
Transparency Obligation Practice for Overall Resilience Sensors EN
Article deep learning; SHAP; transparency obligation; API security;
threat management; control; vulnerability System-to-system communication via
Application Programming Interfaces (APIs) plays a pivotal role in the seamless
interaction among software applications and systems for efficient and automated
service delivery. APIs facilitate the exchange of data and functionalities across
diverse platforms, enhancing operational efficiency and user experience. However,
this also introduces potential vulnerabilities that attackers can exploit to
compromise system security, highlighting the importance of identifying and
mitigating associated security risks. By examining the weaknesses inherent in these
APIs using security open-intelligence catalogues like CWE and CAPEC and
implementing controls from NIST SP 800-53, organizations can significantly enhance
their security posture, safeguarding their data and systems against potential
threats. However, this task is challenging due to evolving threats and
vulnerabilities. Additionally, it is challenging to analyse threats given the large
volume of traffic generated from API calls. This work contributes to tackling this
challenge and makes a novel contribution to managing threats within system-to-
system communication through API calls. It introduces an integrated architecture
that combines deep-learning models, i.e., ANN and MLP, for effective threat
detection from large API call datasets. The identified threats are analysed to
determine suitable mitigations for improving overall resilience. Furthermore, this
work introduces transparency obligation practices for the entire AI life cycle,
from dataset preprocessing to model performance evaluation, including data and
methodological transparency and SHapley Additive exPlanations (SHAP) analysis, so
that AI models are understandable by all user groups. The proposed methodology was
validated through an experiment using the Windows PE Malware API dataset, achieving
an average detection accuracy of 88%. The outcomes from the experiments are
summarized to provide a list of key features, such as FindResourceExA and NtClose,
which are linked with potential weaknesses and related threats, in order to
identify accurate control actions to manage the threats. School of Computing and
Information Science, Anglia Ruskin University, Cambridge CB1 1PT, UK
nihala.basheer@aru.ac.uk; shareeful.islam@aru.ac.uk; mohammed@securology.net;
spyros.papastergiou@maggioli.gr 10.3390/s24154859 2024 24 15 - -
4859 -
Szmurlo, Hannah; Akhtar, Zahid Digital Sentinels and Antagonists: The Dual
Nature of Chatbots in Cybersecurity Information EN Review chatbots;
artificial intelligence; machine learning; deep learning; large language models;
cybersecurity Advancements in artificial intelligence, machine learning, and
natural language processing have culminated in sophisticated technologies such as
transformer models, generative AI models, and chatbots. Chatbots are sophisticated
software applications created to simulate conversation with human users. Chatbots
have surged in popularity owing to their versatility and user-friendly nature,
which have made them indispensable across a wide range of tasks. This article
explores the dual nature of chatbots in the realm of cybersecurity and highlights
their roles as both defensive tools and offensive tools. On the one hand, chatbots
enhance organizational cyber defenses by providing real-time threat responses and
fortifying existing security measures. On the other hand, adversaries exploit
chatbots to perform advanced cyberattacks, since chatbots have lowered the
technical barrier to generate phishing, malware, and other cyberthreats. Despite
the implementation of censorship systems, malicious actors find ways to bypass
these safeguards. Thus, this paper first provides an overview of the historical
development of chatbots and large language models (LLMs), including their
functionality, applications, and societal effects. Next, we explore the dualistic
applications of chatbots in cybersecurity by surveying the most representative
works on both attacks involving chatbots and chatbots’ defensive uses. We also
present experimental analyses to illustrate and evaluate different offensive
applications of chatbots. Finally, open issues and challenges regarding the duality
of chatbots are highlighted and potential future research directions are discussed
to promote responsible usage and enhance both offensive and defensive cybersecurity
strategies. Department of Network and Computer Security, State University of New
York (SUNY) Polytechnic Institute, Utica, NY 13502, USA szmurlh@sunypoly.edu;
akhtarz@sunypoly.edu 10.3390/info15080443 2024 15 8 - - 443
-