Cybersecurity Approach Research Articles

Mitigation of Cyber Security Risk Threats During the Covid-19 Pandemic

Cyber security mitigation is becoming an increasingly urgent aspect in today's digital era, in response to the threat of theft and disruption to information systems, software and hardware. The Covid-19 pandemic has exacerbated this situation by increasing the chances of success of cyberattacks, as the number and scope of such attacks increases. The impact of increasing levels of cyberattacks is the wider disruption to various sectors. This study aims to investigate cybersecurity issues that arose during the Covid-19 pandemic. Researchers analyzed the current conditions as well as cybercrime acts and various types of cyberattacks carried out during this period. In addition, this research also proposes a practical approach to mitigating the risk of cyber attacks that can be implemented by organizations. It is important for organizations to strengthen the protection of their data and critical assets by implementing a comprehensive cybersecurity approach. The results of this study present various techniques for detecting and avoiding cybercrime threats, even after the pandemic is over. By implementing this approach, damage caused by cyber attacks can be minimized, maintaining the integrity of an organization's data and systems. For future research, it is necessary to carry out further development in the field of cyber security by integrating the latest technologies such as artificial intelligence, blockchain, Internet of Things, and other technologies. In this way, efforts to mitigate cyber attacks can continue to be improved, maintaining the integrity and security of information systems in this ever-growing digital era. This research makes an important contribution to understanding and addressing cyber security issues during the pandemic and provides a foundation for further development in the future.

Critical infrastructure defense: perspectives from the EU and USA cyber experts

Purpose. To examine the components of cyber autonomy according to the insights of seasoned professionals from the European Union (EU) and the United States of America (USA). The value of each element will be calculated by obtaining data from structured in-depth interviews. Methodology. Through an investigation of different aspects of the research, we used the Delphi technique and research interviews include the option of the Interviewee Transcript Review (ITR). The Delphi method is processed in several rounds, usually three, with two rounds being considered as a minimum and in that respect the Delphi method helps our study explore, predict and identify the nature and fundamental elements of Cyber Autonomy. Findings. The study findings demonstrate that elements such as “Policies”, “Reputation management”, and “Infrastructure and Architecture” hold substantial importance within Cyber Autonomy. These elements are considered critical for future perspectives. The research highlights the role of Cyber Autonomy in streamlining cybersecurity approaches, mitigating the impact of cyber-attacks, and safeguarding possible reputation damage. The study also highlights the importance of well-defined implementation methods and the organizational structure in successfully deploying Cyber Autonomy. Originality. The research demonstrates the interdisciplinary nature of cybersecurity and applies a comprehensive approach covering information security, information security policy, technical and economic aspects, noting the important role of governance in the company share value recovery process. Cyber Autonomy could offer a concept of defense reputation that helps to identify potential cyber threats that are further intensified in connection with the development of various platforms for remote control of artificial intelligence, distance learning, and opportunities for autonomous operation of enterprise systems, the influence of multinational companies on financial markets, and automated decision-making systems. Practical value. Experts’ insights are analyzed that can help to provide practical solutions for the Cyber Autonomy and risk management methods for implementing cyber resilience strategy for critical infrastructure. The research provides adjustments to existing cybersecurity frameworks and directives which consider new cyber elements of information security realities. The current study can be used as a guide to confidence-building measures for possible reputation and financial loss, reinforces protection actions against disinformation or negative cyber impact.

Machine Learning and Deep Learning Approaches for Cyber Security

Cyber security mainly prevents the hardware, software, and data present in the system that has an active internet connection from external attacks. Organizations mainly deploy cyber security for their databases and systems to prevent it from unauthorized access. This survey paper describes a Cyber security hiring and retention challenges are bigger than ever this year. View the State of Cyber security 2022 infographic to see the cyber workforce challenges and opportunities faced by enterprises around the world--and to see how your organization compares. The objective of this research work is to present the evaluation of some of the widely used machine learning techniques used to detect some of the most threatening cyber threats to the cyberspace. Three primary machine learning techniques are mainly investigated, including deep belief network, decision tree and support vector machine. We have presented a brief exploration to gauge the performance of these machine learning techniques in the spam detection, intrusion detection and malware detection starting from IP traffic classification, filtering malicious traffic for intrusion detection based on frequently used and benchmark datasets. Various attacks have been classified using the ML algorithms and finally the performance of each algorithm have been assessed. The complexity of ML/DM algorithms is addressed, discussion of challenges for using ML/DM for cyber security is presented, and some recommendations on when to use a given method are provided.

Cybersecurity Risk Assessments within Critical Infrastructure Social Networks

Cybersecurity social networking is a new scientific and engineering discipline that was interdisciplinary in its early days, but is now transdisciplinary. The issues of reviewing and analyzing of principal tasks related to information collection, monitoring of social networks, assessment methods, and preventing and combating cybersecurity threats are, therefore, essential and pending. There is a need to design certain methods, models, and program complexes aimed at estimating risks related to the cyberspace of social networks and the support of their activities. This study considers a risk to be the combination of consequences of a given event (or incident) with a probable occurrence (likelihood of occurrence) involved, while risk assessment is a general issue of identification, estimation, and evaluation of risk. The findings of the study made it possible to elucidate that the technique of cognitive modeling for risk assessment is part of a comprehensive cybersecurity approach included in the requirements of basic IT standards, including IT security risk management. The study presents a comprehensive approach in the field of cybersecurity in social networks that allows for consideration of all the elements that constitute cybersecurity as a complex, interconnected system. The ultimate goal of this approach to cybersecurity is the organization of an uninterrupted scheme of protection against any impacts related to physical, hardware, software, network, and human objects or resources of the critical infrastructure of social networks, as well as the integration of various levels and means of protection.

Machine Learning and Deep Learning Approaches for Cybersecurity: A Review

Machine Learning and Deep Learning Approaches for Cybersecurity: A Review

SOFT COMPUTING IN PREVENTING RANSOMWARE RELYING ON LARGER-SCALE DATA AND ANALYSIS

Ransomware attacks continue to pose a significant threat to organizations and individuals worldwide. The attackers’ ability to constantly evolve and adapt their tactics challenges traditional cybersecurity approaches to keep pace. Ransomware attacks targeting the healthcare industry accounted for 45% of all reported cyberattacks. The nature and scale of attacks and the increasing healthcare technology adoption will continue to pose ransomware attack risks. However, by collecting and analyzing large volumes of data and applying soft computing techniques, cybersecurity experts can improve their ability to detect and prevent ransomware attacks. As a result, soft computing offers options for detecting and preventing malware attacks. Using methods from the field of soft computing, such as fuzzy logic, neural networks, and genetic algorithms, makes it possible to conduct a thorough analysis of large data sets. These can yield insightful information that can help recognize and react to ransomware attacks. These techniques can also help to decrypt files that have been encrypted using ransomware.

A new cyber-security approach for load frequency control of hybrid interconnected renewable power systems

Countries worldwide are embracing the trend toward smart grids, depending on advanced technology and communication networks. However, the smart grid is more vulnerable to cyberattacks than its traditional counterpart, especially the false data injection attack (FDIA), which aims to add false data into the transmitted signals to cause undesirable behavior. This article proposes a new scheme to detect and estimate the FDIA on load frequency control (LFC) of modern interconnected power systems considering renewable energy sources (RESs) and high voltage direct current (HVDC) link. The proposed scheme is based on the Kalman filter (KF) and artificial neural networks (ANNs). The KF is used to detect the FDIA in the transmitted system signals and indicates the possibility of an attack in each transmitted signal, where the role of ANNs is to estimate the transmitted signal before attacking. Hence, based on KF and ANNs, the proposed scheme can ensure the detection of false data and remove the attack simultaneously. The proposed cyber-security scheme is considered a thorough solution that can effectively reduce the impact of the FDIA on any of the four transmitted signals within the two-area interconnected power system, all while simulating the virtual inertia control strategy. The simulation results of the studied low-inertia interconnected power system are carried out using MATLAB/Simulink® software. The simulation results successfully demonstrate the proposed scheme's efficacy, accuracy, and acceptability to detect and eliminate the FDIA on the LFC of low-inertia interconnected power grids.

Enhanced Ensemble-Based Distributed Denial-of-Service (DDoS) Attack Detection with Novel Feature Selection: A Robust Cybersecurity Approach

One of the major threats to computer networks and systems is distributed denial-of-service (DDoS) attacks. These attacks include saturating the targeted system with a large volume of traffic coming from several sources, which causes a service interruption. Detecting these attacks in real-time has become a critical task in cybersecurity. The existing method of DDoS attack detection suffers from the problem of high false positive rates. Additionally, the classifiers used in the existing methods may not be able to capture the complex patterns of the DDoS attack traffic, leading to low accuracy. In this research, I propose an enhanced approach for detecting DDoS attacks using an ensemble-based random forest classifier with a novel feature selection technique. The ability of the ensemble-based Random Forest Classifier to aggregate many decision trees to increase classification accuracy makes it a better option for DDoS attack detection than a single machine learning-based classifier. By lowering the variance and bias of the classifier, ensemble-based approaches are known to reduce overfitting and increase the robustness of the model. To choose the most useful characteristics for DDoS attack detection, the feature selection strategy uses a novel combination of correlation analysis, mutual information, and principal component analysis techniques. A part of the CIC-DDoS2019 dataset is used for the evaluation of the proposed method and to compare it to other modern approaches. The experimental results reveal that when integrated with additional evaluation metrics, the proposed approach outperforms existing techniques in various aspects, including accuracy, recall, precision, F1-score, false positive rate, and more. The proposed approach obtained almost 100% accuracy, 0% false positive rate, and 100% true positive rate.

Cyberpsychology Based insider Threat Prediction Model Approach for Cybersecurity

Cyberpsychology Based insider Threat Prediction Model Approach for Cybersecurity

Compete to Learn: Toward Cybersecurity as a Sport

To support the workforce gap of skilled cybersecurity professionals, gamified pedagogical approaches for teaching cybersecurity have exponentially grown over the last two decades. During this same period, e-sports developed into a multi-billion dollar industry and became a staple on college campuses. In this work, we explore the opportunity to integrate e-sports and gamified cybersecurity approaches into the inaugural US Cyber Games Team. During this tenure, we learned many lessons about recruiting, assessing, and training cybersecurity teams. We share our approach, materials, and lessons learned to serve as a model for fielding amateur cybersecurity teams for future competition.

DDoS attacks and machine‐learning‐based detection methods: A survey and taxonomy

AbstractDistributed denial of service (DDoS) attacks represent a significant cybersecurity challenge, posing a critical risk to computer networks. Developing an effective defense mechanism against these attacks is crucial but challenging, given their diverse attack types, network and computing platform heterogeneity, and complex communication protocols. Moreover, the emergence of innovative DDoS attack methods presents a formidable threat to existing countermeasures. Various machine learning techniques have shown promise in detecting DDoS attacks with low false‐positive rates and high detection rates. This survey paper offers a comprehensive taxonomy of machine learning‐based methods for detecting DDoS attacks, reviewing supervised, unsupervised, hybrid approaches, and analyzing the related challenges. Further, we explore relevant datasets, highlighting their strengths and limitations, and propose future research directions to address the current gaps in this domain. This paper aims to provide a profound understanding of DDoS attack detection mechanisms, aiding researchers, and practitioners in developing effective cybersecurity approaches against such attacks. This research is essential because DDoS attacks are diverse and pose a formidable threat to computer networks, and various machine learning techniques have shown promise in detecting them. Its implications include providing insights that can inform the development of robust defense mechanisms against DDoS attacks.

Cybersecurity in a Large-Scale Research Facility—One Institution’s Approach

A cybersecurity approach for a large-scale user facility is presented—utilizing the National High Magnetic Field Laboratory (NHMFL) at Florida State University (FSU) as an example. The NHMFL provides access to the highest magnetic fields for scientific research teams from a range of disciplines. The unique challenges of cybersecurity at a widely accessible user facility are showcased, and relevant cybersecurity frameworks for the complex needs of a user facility with industrial-style equipment and hazards are discussed, along with the approach for risk identification and management, which determine cybersecurity requirements and priorities. Essential differences between information technology and research technology are identified, along with unique requirements and constraints. The need to plan for the introduction of new technology and manage legacy technologies with long usage lifecycles is identified in the context of implementing cybersecurity controls rooted in pragmatic decisions to avoid hindering research activities while enabling secure practices, which includes FAIR (findable, accessible, interoperable, and reusable) and open data management principles. The NHMFL’s approach to FAIR data management is presented. Critical success factors include obtaining resources to implement and maintain necessary security protocols, interdisciplinary and diverse skill sets, phased implementation, and shared allocation of NHMFL and FSU responsibilities.

Assessment of existing cyber-attack detection models for web-based systems

In the current technological environment, different entities engage in intricate cyber security approaches in order to counter damages and disruptions in web-based systems. The design of the security protocols relies on the guarantee that attacks are prevented in the web-based systems. Prevention and detection using techniques such as access control tools, encryption and firewalls present limitations in the full protection of web-based systems. Furthermore, despite the sophistication of current systems, there are still shortfalls in high false positive and false negative threat detection rates, which is attributed to poor adaptation by systems and networks to the changing threats and behavior of cyber-criminals. In this perspective, this survey paper discusses the existing cyber-attack detection models, and recommends the cyber-attack detection models and techniques that are appropriate for web-based systems. It is evident that deep learning techniques offer better performance and robustness compared to traditional machine learning techniques and other non-artificial intelligence-based techniques. Deep learning techniques learn and extract features automatically without human intervention and can also handle big and multidimensional data more conventionally than the other techniques.

Applying Reinforcement Learning for Enhanced Cybersecurity against Adversarial Simulation

Cybersecurity is a growing concern in today's interconnected world. Traditional cybersecurity approaches, such as signature-based detection and rule-based firewalls, are often limited in their ability to effectively respond to evolving and sophisticated cyber threats. Reinforcement learning (RL) has shown great potential in solving complex decision-making problems in various domains, including cybersecurity. However, there are significant challenges to overcome, such as the lack of sufficient training data and the difficulty of modeling complex and dynamic attack scenarios hindering researchers' ability to address real-world challenges and advance the state of the art in RL cyber applications. In this work, we applied a deep RL (DRL) framework in adversarial cyber-attack simulation to enhance cybersecurity. Our framework uses an agent-based model to continuously learn from and adapt to the dynamic and uncertain environment of network security. The agent decides on the optimal attack actions to take based on the state of the network and the rewards it receives for its decisions. Our experiments on synthetic network security show that the DRL approach outperforms existing methods in terms of learning optimal attack actions. Our framework represents a promising step towards the development of more effective and dynamic cybersecurity solutions.

A novel deep policy gradient action quantization for trusted collaborative computation in intelligent vehicle networks

The openness of the intelligent vehicle network makes it easy for selfish or untrustworthy vehicles to maliciously occupy limited resources in the mobile edge network or spread malicious information. However, most of the existing trust models rely on evaluating vehicles or data at the application level. For selfish or forgery attacks in intelligent vehicle networks, we propose a trusted deep reinforcement learning (DRL) cybersecurity approach for computation offloading to evaluate the safety and reliability performance in IoT edge networks, including our intelligent system model and a Deep Policy Gradient Action Quantization (DPGAQ) scheme. By introducing a reputation record table and designing a highly decisive communication trusted computing mode, we can accurately predict the untrusted selfish attack of vehicle in the task offloading of the Internet of things. Furthermore, in the multi-vehicle scenario, because the trusted offloading decision is a mixed integer programming problem, which leads to the dimension explosion of channel state and space, we propose a joint action-value quantization with attention mechanism to approximate the continuous actions values to a limited number of discrete values. Because it is not only inefficient but also unnecessary to generate high-dimensional decision actions in each time frame, we prune the infeasible action decisions by order preserving pruning to reduce the computational complexity of training and achieve efficient training on the premise of ensuring accuracy. To verify the feasibility and effectiveness of our proposed algorithm, millions of channels of edge vehicle networks are used as the input data. The simulation results show that compared with the benchmark trust model, DPGAQ achieves more than 72% reputation level, and improves 11%, 10% and 11% respectively in precision, recall and F-score.

(Re-)Configuring Federal Cybersecurity Regulation: From Critical Infrastructures to the Whole-of-the-Nation

Cyberattacks are one of the greatest threats to the United States’ national security. Facing an increase in cyberattacks, the current patchwork of federal cybersecurity regulations does not maximize the country’s ex ante defense that should protect the entire nation. This Article examines federal agencies’ involvement in promulgating cybersecurity regulations and Executive Branch cybersecurity actions, identifying three shortcomings in the current framework: (1) the nation lacks a general cybersecurity agency with regulatory and enforcement authority, (2) cybersecurity programs often rely on business participation and leadership without incorporating non-profit organizations and individuals, and (3) cybersecurity approaches often overemphasize the importance of attributing attacks to the corresponding culprits. To rectify these weaknesses and maximize cyber defense, this Article argues that Congress shouldexpand the Cybersecurity and Infrastructure Security Agency’s rulemaking and enforcement authority to monitor and mitigate cyber threats across varying sectors, including government, businesses, insurers, non-profit organizations, and individuals.

TrustBlkSys: A Trusted and Blockchained Cybersecure System for IIoT

Industrial Internet of Things (IIoT) has emerged as a new paradigm in the era of smart systems where interactions and transmission of messages among various entities in an industrial ecosystem are done autonomously. This includes manufacturing of products, shipment process, storage of records, and counting the data, to name a few. However, the involvement of multiple cyber threats that accompany the smart devices may lead the organizations on a heavy risk of profits. Even though the number of cybersecurity approaches have been proposed to ensure a secure and efficient communication mechanism in IIoT systems, the identification of cybersecurity issues in IIoT applications while exchanging the data is still at its early stage. The aim of this article is to propose an efficient cybersecurity communication mechanism using the trust evaluation system of each device to make a correct decision during communication. In addition, the evaluated trust of each device is further analyzed and monitored through a blockchain-based mechanism. The proposed approach is validated against an existing scheme in terms of various security metrics, such as sensitivity of devices while communicating, convergence time of transmitting information and percentage, and probability of malicious devices in terms of data delivery rate, false authentication, and trust value computation.

How Urgent is Mobile Authentication in Special Need/Education? A Review Systematic of Cyber Security and Psychological Approach

The use of mobile apps due to the Covid-19 pandemic for the distance learning process, learning media, entertainment, and payment instruments creates an awareness of how urgently cyber security is needed in special education. Students, teachers, parents, and therapists, in special education who has interests and have the responsibility data, must be kept confidential or protected as the authenticity of their work, as well as the diversity of levels of disability, trying to study in a systematic review through scientific journal searches related to contemporary mobile authentication methods, authenticity. The review was conducted through several scientific search engines and mobile apps. The results show that authentication is a challenging study for mobile app (computing) developers but it is not easy to facilitate the unique, diverse needs of disability, and the privacy of personal data is still not following cyber security standards while the need for mobile apps in the health and education sectors is growing rapidly.

Automated Android Malware Detection Using Optimal Ensemble Learning Approach for Cybersecurity

Automated Android Malware Detection Using Optimal Ensemble Learning Approach for Cybersecurity

Online Content Regulation in the BRICS Countries: A Cybersecurity Approach to Responsible Social Media Platforms

Online Content Regulation in the BRICS Countries: A Cybersecurity Approach to Responsible Social Media Platforms