Nature-inspired swarm optimization paradigms for securing semantic web frameworks against DDoS attacks: a computational approach

The natural or man-made disaster demands an efficient communication and coordination among first responders to save life and other community resources. Normally, the traditional communication infrastructures such as landline or cellular networks are damaged and don’t provide adequate communication services to first responders for exchanging emergency related information. Wireless ad hoc networks such as mobile ad hoc networks, wireless sensor networks and wireless mesh networks are the promising alternatives in such type of situations. The security requirements for emergency response communications include privacy, data integrity, authentication, key management, access control and availability. Various ad hoc communication frameworks have been proposed for emergency response situations. The majority of the proposed frameworks don’t provide adequate security services for reliable and secure information exchange. This paper presents a survey of the proposed emergency response communication frameworks and the potential security services required by them to provide reliable and secure information exchange during emergency situations.

In this paper, we present development of a customised smart-card based system to transfer information securely from central server to identified client sites with information tamper protection. One of the primary aims of our system for secure information exchange is to make client reliably robust and inexpensive. We describe key-based generic but customisable encryption system that also incorporates tamper-proofing feature enhancing reliability. In the proposed process, both server and client can check if information has been tampered with and under such circumstances smart card is rendered useless. One area of application of such a system is pre-payment card based metering utilities as used in gas/water/electricity supply. These applications desire high reliability tamper proofing at low cost. To reduce installation cost, such meters need to be inexpensive and reusable. Smart card is used for reliable information exchange to/from client(meter) to server(company). Smart card can transfer information about consumption as well as time-varying tariff rates.

Industrial automation and control systems have gained increasing attention in the literature recently. Their integration with various systems has triggered considerable developments in critical infrastructure systems. With different network structures, these systems need to communicate with each other, work in an integrated manner, be controlled, and intervene effectively when necessary. Supervision Control and Data Acquisition (SCADA) systems are mostly utilized to achieve these aims. SCADA systems, which control and monitor the connected systems, have been the target of cyber attackers. These systems are subject to cyberattacks due to the openness to external networks, remote controllability, and SCADA-architecture-specific cyber vulnerabilities. Protecting SCADA systems on critical infrastructure systems against cyberattacks is an important issue that concerns governments in many aspects such as economics, politics, transport, communication, health, security, and reliability. In this study, we physically demonstrated a scaled-down version of a real water plant via a Testbed environment created including a SCADA system. In order to disrupt the functioning of the SCADA system in this environment, five attack scenarios were designed by performing various DDoS attacks, i.e., TCP, UDP, SYN, spoofing IP, and ICMP Flooding. Additionally, we evaluated a scenario with the baseline behavior of the SCADA system that contains no attack. During the implementation of the scenarios, the SCADA system network was monitored, and network data flow was collected and recorded. CNN models, LSTM models, hybrid deep learning models that amalgamate CNN and LSTM, and traditional machine learning models were applied to the obtained data. The test results of various DDoS attacks demonstrated that the hybrid model and the decision tree model are the most suitable for such environments, reaching the highest test accuracy of 95% and 99%, respectively. Moreover, we tested the hybrid model on a dataset that is used commonly in the literature which resulted in 98% accuracy. Thus, it is suggested that the security of the SCADA system can be effectively improved, and we demonstrated that the proposed models have a potential to work in harmony on real field systems.

The article focuses on addressing the issue of data protection in the context of dynamic network topology and limited resources. In modern systems of autonomous unmanned platforms, the key task is to ensure reliable, secure, and energy-efficient information exchange between agents in conditions of constant changes in the swarm structure. The approaches proposed in the article include the use of lightweight cryptographic algorithms SIMON and SPECK, which provide minimal data transmission delays, low power consumption, and high resistance to attacks at the interception and modification level. The Q-learning algorithm, which allows agents to quickly adapt to changes in network topology, is discussed. Simulations conducted using the NS-3 platform demonstrated the advantage of intelligent approaches based on self-learning and cooperative decision-making methods in ensuring high system performance with minimal energy consumption and rapid adaptation to environmental changes. Security assessments confirmed the system's resilience to routing and data interception attacks, making these methods promising for further use in autonomous unmanned platforms

Internet of Things-enabled smart grid (SG) technology provides ample advantages to traditional power grids. In an SG system, the smart meter (SM) is the critical component that collects the power usage information related to users and delivers the accumulated vital information to the central service provider (CSP) via the Internet. The information is exposed to numerous pernicious security threats. Consequently, it is crucial to preserve the integrity of the communication between SMs and CSP for the smooth running of the SG system. Authentication protocol effectively enables SM and CSP to communicate securely by establishing a secure channel. Therefore, this paper presents an anonymous and reliable authentication protocol for SG (ARAP-SG) to enable secure and reliable information exchange between SM and CSP. The proposed ARAP-SG uses the hash function, elliptic curve cryptography, and symmetric encryption to complete the authentication phase. Consequently, ARAP-SG guarantees reliable information exchange during the authentication phase while conserving the anonymity of both SP and SM. Additionally, ARAP-SG authorizes CSP and SM to construct a session key (SK) after accomplishing the authentication phase for undecipherable information exchange in the future. We utilize the random oracle model to corroborate the security of the constructed SK in ARAP-SG. Moreover, by effectuating informal security analysis, it is manifested that ARAP-SG is proficient in thwarting covert security attacks. Furthermore, Scyther-based analysis is conducted to manifest that ARAP-SG is secure. Finally, through a comparative analysis with relevant authentication protocols, it is explained and shown that ARAP-SG entails 25.5-56.76% and 7.69-49.47% low computational and communication overheads, respectively, with improved security properties.

The global internet of vehicles market is growing rapidly, it is estimated to increase significantly its value by the next few years. Vehicular Ad hoc Networks (VANETs) has a central role in the development of Intelligent Transportation System, since vehicles can communicate with each other. This paper proposes a model integrating both 5G and Blockchain for vehicular ad-hoc network management. This choice is motivated by the need of guaranteeing secure and reliable information exchange between vehicles. 5G provides low latency communication improving both V2V (Vehicle to Vehicle) and V2I (Vehicle to Infrastructure) connections increasing considerably their trustworthiness. On the other side, BlockChain offers a distributed ledger, enhancing security and data reliability. These technologies together with VANETs mechanism can provide multiple new opportunities and uses, such as automating braking system. In this work, not only we provide a complete overview of these technologies, but also we suggest a new research topic, based on the integration of such technologies with VANETs environment, to obtain a very robust network, and hence a safer traffic management.

A seamless communication capability is important in military operations. Likewise, enhanced security, increased capacity, and robust communication mechanisms are vital for humanitarian and disaster-response operations. Often, a system of wide-band satellites is employed for real-time exchange of information and over-the-horizon control, but the communications are prone to denial of service (DoS) attacks, and delayed redeployment. Hence, a swarm of drones could be deployed in mission-critical operations in times of urgency for a secured and robust distributed-intercommunication which is essential for survivability and successful completion of missions. In this paper, a distributed-agent-based framework for secure and reliable information exchange between drones in a constellation is proposed. The framework comprises a mechanism for path planning simulation and estimation, a flexible network architecture for improved client-server(C/S) and peer-to-peer (P2P) connectivity, as well as agents for identity authentications and secure communications. The framework has been simulated and verified with results showing promise.

Critical infrastructure objects — infrastructure objects, systems, their parts and their totality, which are important for the economy, national security and defense, the malfunctioning of which can harm vital national interests. Classification of objects as critical infrastructure is carried out in accordance with the procedure established by the Cabinet of Ministers of Ukraine. The assignment of banks, other entities operating in the financial services markets, state regulation and supervision of the activities of which is carried out by the National Bank of Ukraine, payment organizations, participants of payment systems, operators of payment infrastructure services is carried out in accordance with the procedure established by the National Bank of Ukraine. Classification of objects to critical infrastructure, which carry out activities on the service markets, state regulation and supervision of the activities of which are carried out by state bodies, is carried out in accordance with the procedure established by such state bodies. Given the importance of cyber security in today's world, critical infrastructure objects are becoming a special target for cyber criminals and cyber threats. These facilities include energy systems, transportation, communication networks, medical facilities and other important sectors that ensure the necessary functioning of society. This article aims to analyze and review modern approaches used to ensure cyber security at critical infrastructure facilities. Research and implementation of the latest strategies and approaches in this area can help increase the level of protection of important systems, as well as detect and respond to new cyber threats, maintaining the reliability and functioning of society as a whole. The main aspects that should be considered when developing innovative approaches to protecting critical infrastructure objects from cyber threats: predictive threat analysis: Understanding potential cyber threats and their impact on critical infrastructure facilities. Detection of new attack vectors and vulnerabilities; development and implementation of the latest technologies: Use of artificial intelligence, machine learning, blockchain and other innovative technologies in the field of cyber defense to prevent attacks and detect security breaches; creation of integrated protection strategies, development of flexible and comprehensive cyber protection strategies that take into account the specifics of each sector of critical infrastructure objects and its needs; introduction of international standards and regulations, cooperation at the international level to establish a unified system of cyber protection standards and rules for critical infrastructure facilities. Cyber defense is constantly evolving, given the constant growth in the number and complexity of cyber threats. To increase the security of critical infrastructure facilities, it is important to consider a number of modern technological trends in cyber protection, namely: artificial intelligence and machine learning; blockchain and cryptography; Internet of Things (IoT) and protection of embedded systems; threat analytics and attack detection; automated means of protection; protection at the level of data processing. The study and implementation of these technological trends in the critical infrastructure sector allows to respond to the complexity of modern cyber threats and provides an increase in the security of systems in real time.

The article examines the problem of cyber security on the Internet; the main principles of improving the global culture of safe network interaction are clarified. Issues related to ensuring personal information security while using Internet systems are considered. Cyber security is an important issue in today’s world, and its protection requires an appropriate level of attention. The importance of knowledge about technologies and methods of protection against cyber threats for everyone who uses computer systems and the Internet is noted. The relevance of studying cyber security by students is considered. Because cyber threats can pose a serious threat to the security and privacy of personal information, it is important that students have knowledge of the basic technologies and techniques to protect themselves against cyber threats. Also, many students study digital technology and computer science, which makes knowledge about cyber security even more important. While students may study various aspects of cyber security as part of their degree program, it is important for them to develop general understanding of how to protect themselves and their computer systems from cyber threats. The article describes how the study of social engineering will help students understand the tactics, techniques, and approaches used by attackers to obtain sensitive information. It is important that they understand the ways in which cyber security systems can be attacked and the methods that can be used to prevent such attacks. Web 3.0, technology is considered in detail as a new generation of the Internet, which involves a more decentralized and intelligent network, with more structured data and the ability for automated processing. The main components of Web 3.0 are described: blockchain, semantic web, artificial intelligence and decentralization. The importance of protecting personal information and security against misuse of information in the latest Internet ecosystems is indicated. With the development of Web 3.0, there are more and more questions about privacy and security on the Internet. The article examines the importance of developing effective protection methods and regulating the use of these technologies to ensure a safe and reliable Internet for users. Web 3.0 technology has great potential for the development of the Internet ecosystem, and will become the basis for new innovations and opportunities in various fields. However, it is necessary to ensure the protection of personal information and security against abuse in order to ensure the positive impact of these technologies on society.

In the digital age, e-commerce platforms are critical components of the global economy, facilitating seamless transactions and interactions between businesses and consumers. The digital infrastructure of these institutions is frequently attacked, either to hack or disrupt online services, leading to significant financial losses and damage to reputation. The most famous of these attacks are DDoS attacks, which lead to an increase in the volume of traffic to the platform's website beyond the capacity of the servers, thus causing the platform to respond slowly and crash and customers to be unable to access it. The increase in these attacks causes significant material damage to institutions, whether in the loss of revenues or the cost of responding to attacks. This work presents a robust DDoS attacks early detection model that can be adopted on e-commerce platforms using a lightweight one-dimension Convolutional neural network. The proposed model leverages the efficiency of deep learning with the lightweight architecture to analyze network traffic in real time, identifying patterns indicative of an impending DDoS attack. The balance between high detection accuracy with computational efficiency makes it suitable for real-time implementation in diverse e-commerce environments. DNN is trained on a comprehensive dataset of network traffic, encompassing both normal and attack scenarios, to ensure it can distinguish between legitimate traffic spikes and malicious activity. DDoS Evaluation Dataset CIC-DDoS2019 and CICIDS2017 are used in the experimental and accuracy achieved 0.98 and 0.99 in these two datasets respectively.

IntroductionDrug utilization is currently assessed through traditional data sources such as big electronic medical records (EMRs) databases, surveys, and medication sales. Social media and internet data have been reported to provide more accessible and more timely access to medications' utilization.ObjectiveThis review aims at providing evidence comparing web data on drug utilization to other sources before the COVID-19 pandemic.MethodsWe searched Medline, EMBASE, Web of Science, and Scopus until November 25th, 2019, using a predefined search strategy. Two independent reviewers conducted screening and data extraction.ResultsOf 6,563 (64%) deduplicated publications retrieved, 14 (0.2%) were included. All studies showed positive associations between drug utilization information from web and comparison data using very different methods. A total of nine (64%) studies found positive linear correlations in drug utilization between web and comparison data. Five studies reported association using other methods: One study reported similar drug popularity rankings using both data sources. Two studies developed prediction models for future drug consumption, including both web and comparison data, and two studies conducted ecological analyses but did not quantitatively compare data sources. According to the STROBE, RECORD, and RECORD-PE checklists, overall reporting quality was mediocre. Many items were left blank as they were out of scope for the type of study investigated.ConclusionOur results demonstrate the potential of web data for assessing drug utilization, although the field is still in a nascent period of investigation. Ultimately, social media and internet search data could be used to get a quick preliminary quantification of drug use in real time. Additional studies on the topic should use more standardized methodologies on different sets of drugs in order to confirm these findings. In addition, currently available checklists for study quality of reporting would need to be adapted to these new sources of scientific information.

The past few years have witnessed significant increase in DDoS attacks on Internet, prompting network security as a great concern. With the attacks getting more sophisticated, automatically reasoning the attack scenarios in real time and cat- egorizing those scenarios become a critical challenge. However,the overwhelming flow of events generated by Intrusion Detection System (IDS) sensors make it hard for se- curity administrators to uncover hidden attack plans. This paper presents a semantic vector space model to extract and categorize attack scenarios based on First-order Log- ics (FOL) and linguistics. The modified Case Grammar is introduced to formalize the heterogeneous IDS alerts into uniform structured alert streams. The attack resolution is then used to generate attack semantic network. Afterwards, mutual information is used to determine the alert semantic context range. Based on the attack ontology and alert contexts, attack scenarios are extracted and the alerts are represented as attack semantic space vectors. Finally text categorization technique are used to categorize the intrusion stages. The preliminary results show our model has better performance than the traditional alert correlations.

MANETs are considered as suitable for commercial applications such as law enforcement, conference meeting, and sharing information in a student classroom and critical services such as military operations, disaster relief, and rescue operations. Meanwhile, in military operation especially in the battlefield in freely medium which naturally needs high mobility and flexibility. Thus, applying MANETs make these networks vulnerable to various types of attacks such aspacket eavesdropping, data disseminating, message replay, message modification, and especially privacy issue. In this paper, we propose a secure communication and information exchange in MANET with considering secure adhoc routing and secure information exchange. Regarding privacy issue or anonymity, we use a reliable asymmetric encryption which protecting user privacy by utilizing insensitive user attributes as user identity, CP-ABE (Ciphertext-Policy Attribute-Based Encryption) cryptographic scheme. We also design protocols to implement the proposed scheme for various battlefied scenarios in real evironment using embedded devices. Our experimental results showed that the additional of HMAC (Keyed-Hash Message Authentication Code) and AES (Advanced Encryption standard) schemes using processor 1.2GHz only take processing time about 4.452 ms, we can confirm that our approach by using CP-ABE with added HMAC and AES schemes make low overhead.

In this paper, we proposed a semantic integration framework of heterogeneous data based on domain ontology construction. The mechanism of domain ontology construction and mapping for heterogeneous data are studied, the purposes of which are to enhance the capability of dynamic adaptability and optimization of domain ontology construction, to resolve the problems of data heterogeneity in the processing of semantic information integration, and to promote the flexibility of the semantic integration process. Next, as to the semantic query, the theory and methods of specification or dynamic expansion of semantic query based on social annotation and ontology, and the duplicate removal and aggregating optimization of semantic query results are explored, the purpose of which is to realize the usability of semantic integration system and the credibility of the query results. Finally, an experimental prototype system of semantic integration of oil and gas exploration data based on domain ontology construction is constructed, the purpose of which is to verify the feasibility and correctness of the proposed theories and methods.KeywordsSemantic integrationOntology constructionDomain ontology

Information search and its retrieval methods are the main concern of semantics of web. Web semantics improvesthe information retrieval methods. Various semantics search implementation framework have been seen in the past few years. In semantic search we have to investigate number of pilot projects that focus in on methodologies. Research on semantic search system is continue to find the framework on which semantic framework is formalized. Web services and semantics are used to create the web of distributed machine forproper understanding of data. This paper presents a review on web semantics and search. It described two semantic search systems implementation, based on search query, augment traditional search with relevant data are hated from source. This paper covers the searching and semantic issue ofweb technologyto outline the semantics of the of the search terms for predicting better results.