Cybersecurity Research Articles

An approach for real-time implementation of cyber security in power system network

Abstract In this era of Web World-3, usage of the Internet of Things (IoT) in power system networks has attained scalable altitude. By using this technology, data can be transferred and monitored from the far end. Further, the suggested corrective actions are also executed. However, recently, many cyber-attacks have been observed on the power system in which activities such as injection of false data, unwanted switching operations, formation of sub-system layers, and false indication of failure of cyber-physical components (CpC) are experienced. In the worst case, it leads to invite cascade tripping of the power system. Utmost care is taken for the selection of CpC for the power system. However, it is observed that the cyber attackers mostly take entry into the network using the CpC of the power system. Cyber attackers perform false switching operations and false data injection. This article suggests a cyber security concept to minimize the false switching operations and false data injection in the power system network. A hardware model is prepared and the working scheme is implemented using IoT technology. The hardware result suggests that the un-authentic attempt/cyber-attack has been identified and the alarm is generated. It also does not permit the un-authentic person to access the real-time data. A wide range of applicability of the suggested scheme has been verified by hardware results. In addition to this, the power factor correction algorithm also works satisfactorily in the hardware along with the cyber security constraints. In order to prove wide range of applicability of the suggested scheme, additional features such as controlling of multiple switching devices and interlock between CB and earthing switch has been successfully implemented in developed hardware.

A feminist cybersecurity: addressing the crisis of cyber(in)security

Abstract This article draws on feminist security studies (FSS) to construct a more inclusive cybersecurity. We ask: What can a gendered lens do for cybersecurity? Methodologically, this exploratory piece brings FSS insights to bear on studies in cybersecurity (both traditional and critical) to better conceptualize the risks and benefits embedded in the cybersphere, as well as the role of gender in cyberspace. We propose incorporating a gendered lens (an intersectional approach) to shed light on violence and insecurity online. Without recognizing gendering in the cyber realm, including how gender intersects with other systems of oppression, cybersecurity scholars and policy-makers cannot fully understand what we term the crisis of cyber(in)security. Additionally, we challenge simplistic solutions that rely solely on human rights protections in cyberspace. Such approaches often reinforce existing gender and power hierarchies through protectionist discourse. Our FSS-based understanding of cybersecurity has important policy implications. It calls for increased access and diverse participation in cybersecurity policy-making and diplomacy, and promotes a more thoughtful approach to human rights protection to address a broader range of cyber-based insecurities and forms of violence.

What we mean

In the twenty-first century, cyberspace and the ‘real world’ have become inseparable. The stability and security of cyberspace therefore affect, in increasingly profound ways, the economies, international reputations, national security, military capabilities and global influence of states. In their short history, operations in cyberspace have already been used extensively by states and their non-state supporters for many purposes. They are an inevitable aspect of contemporary international affairs while carrying significant risk. In this Adelphi book, Marcus Willett, a former deputy head of GCHQ, argues that there is no coherent or widely shared understanding of what cyber operations really are, how they are used and what they can do; or of their implications for strategic affairs and international law; or what their ‘responsible’ use really entails. The myths and misunderstandings that abound tend to dull the conceptual clarity needed by strategic policymakers and overseers, and they complicate the essential task in a liberal democracy of maintaining public consent for, and legitimisation of, the development and use of such capabilities. The book sheds light on these issues, exposing myths and clarifying misunderstandings.

The future

In the twenty-first century, cyberspace and the ‘real world’ have become inseparable. The stability and security of cyberspace therefore affect, in increasingly profound ways, the economies, international reputations, national security, military capabilities and global influence of states. In their short history, operations in cyberspace have already been used extensively by states and their non-state supporters for many purposes. They are an inevitable aspect of contemporary international affairs while carrying significant risk. In this Adelphi book, Marcus Willett, a former deputy head of GCHQ, argues that there is no coherent or widely shared understanding of what cyber operations really are, how they are used and what they can do; or of their implications for strategic affairs and international law; or what their ‘responsible’ use really entails. The myths and misunderstandings that abound tend to dull the conceptual clarity needed by strategic policymakers and overseers, and they complicate the essential task in a liberal democracy of maintaining public consent for, and legitimisation of, the development and use of such capabilities. The book sheds light on these issues, exposing myths and clarifying misunderstandings.

The strategic utility of cyber operations

In the twenty-first century, cyberspace and the ‘real world’ have become inseparable. The stability and security of cyberspace therefore affect, in increasingly profound ways, the economies, international reputations, national security, military capabilities and global influence of states. In their short history, operations in cyberspace have already been used extensively by states and their non-state supporters for many purposes. They are an inevitable aspect of contemporary international affairs while carrying significant risk. In this Adelphi book, Marcus Willett, a former deputy head of GCHQ, argues that there is no coherent or widely shared understanding of what cyber operations really are, how they are used and what they can do; or of their implications for strategic affairs and international law; or what their ‘responsible’ use really entails. The myths and misunderstandings that abound tend to dull the conceptual clarity needed by strategic policymakers and overseers, and they complicate the essential task in a liberal democracy of maintaining public consent for, and legitimisation of, the development and use of such capabilities. The book sheds light on these issues, exposing myths and clarifying misunderstandings.

The cyber dimension of the Russia–Ukraine war

In the twenty-first century, cyberspace and the ‘real world’ have become inseparable. The stability and security of cyberspace therefore affect, in increasingly profound ways, the economies, international reputations, national security, military capabilities and global influence of states. In their short history, operations in cyberspace have already been used extensively by states and their non-state supporters for many purposes. They are an inevitable aspect of contemporary international affairs while carrying significant risk. In this Adelphi book, Marcus Willett, a former deputy head of GCHQ, argues that there is no coherent or widely shared understanding of what cyber operations really are, how they are used and what they can do; or of their implications for strategic affairs and international law; or what their ‘responsible’ use really entails. The myths and misunderstandings that abound tend to dull the conceptual clarity needed by strategic policymakers and overseers, and they complicate the essential task in a liberal democracy of maintaining public consent for, and legitimisation of, the development and use of such capabilities. The book sheds light on these issues, exposing myths and clarifying misunderstandings.

Responsible cyber power

In the twenty-first century, cyberspace and the ‘real world’ have become inseparable. The stability and security of cyberspace therefore affect, in increasingly profound ways, the economies, international reputations, national security, military capabilities and global influence of states. In their short history, operations in cyberspace have already been used extensively by states and their non-state supporters for many purposes. They are an inevitable aspect of contemporary international affairs while carrying significant risk. In this Adelphi book, Marcus Willett, a former deputy head of GCHQ, argues that there is no coherent or widely shared understanding of what cyber operations really are, how they are used and what they can do; or of their implications for strategic affairs and international law; or what their ‘responsible’ use really entails. The myths and misunderstandings that abound tend to dull the conceptual clarity needed by strategic policymakers and overseers, and they complicate the essential task in a liberal democracy of maintaining public consent for, and legitimisation of, the development and use of such capabilities. The book sheds light on these issues, exposing myths and clarifying misunderstandings.

A short history of cyber operations

In the twenty-first century, cyberspace and the ‘real world’ have become inseparable. The stability and security of cyberspace therefore affect, in increasingly profound ways, the economies, international reputations, national security, military capabilities and global influence of states. In their short history, operations in cyberspace have already been used extensively by states and their non-state supporters for many purposes. They are an inevitable aspect of contemporary international affairs while carrying significant risk. In this Adelphi book, Marcus Willett, a former deputy head of GCHQ, argues that there is no coherent or widely shared understanding of what cyber operations really are, how they are used and what they can do; or of their implications for strategic affairs and international law; or what their ‘responsible’ use really entails. The myths and misunderstandings that abound tend to dull the conceptual clarity needed by strategic policymakers and overseers, and they complicate the essential task in a liberal democracy of maintaining public consent for, and legitimisation of, the development and use of such capabilities. The book sheds light on these issues, exposing myths and clarifying misunderstandings.

Strategic risks

In the twenty-first century, cyberspace and the ‘real world’ have become inseparable. The stability and security of cyberspace therefore affect, in increasingly profound ways, the economies, international reputations, national security, military capabilities and global influence of states. In their short history, operations in cyberspace have already been used extensively by states and their non-state supporters for many purposes. They are an inevitable aspect of contemporary international affairs while carrying significant risk. In this Adelphi book, Marcus Willett, a former deputy head of GCHQ, argues that there is no coherent or widely shared understanding of what cyber operations really are, how they are used and what they can do; or of their implications for strategic affairs and international law; or what their ‘responsible’ use really entails. The myths and misunderstandings that abound tend to dull the conceptual clarity needed by strategic policymakers and overseers, and they complicate the essential task in a liberal democracy of maintaining public consent for, and legitimisation of, the development and use of such capabilities. The book sheds light on these issues, exposing myths and clarifying misunderstandings.

Maintaining balance

In the twenty-first century, cyberspace and the ‘real world’ have become inseparable. The stability and security of cyberspace therefore affect, in increasingly profound ways, the economies, international reputations, national security, military capabilities and global influence of states. In their short history, operations in cyberspace have already been used extensively by states and their non-state supporters for many purposes. They are an inevitable aspect of contemporary international affairs while carrying significant risk. In this Adelphi book, Marcus Willett, a former deputy head of GCHQ, argues that there is no coherent or widely shared understanding of what cyber operations really are, how they are used and what they can do; or of their implications for strategic affairs and international law; or what their ‘responsible’ use really entails. The myths and misunderstandings that abound tend to dull the conceptual clarity needed by strategic policymakers and overseers, and they complicate the essential task in a liberal democracy of maintaining public consent for, and legitimisation of, the development and use of such capabilities. The book sheds light on these issues, exposing myths and clarifying misunderstandings.

The UK model

In the twenty-first century, cyberspace and the ‘real world’ have become inseparable. The stability and security of cyberspace therefore affect, in increasingly profound ways, the economies, international reputations, national security, military capabilities and global influence of states. In their short history, operations in cyberspace have already been used extensively by states and their non-state supporters for many purposes. They are an inevitable aspect of contemporary international affairs while carrying significant risk. In this Adelphi book, Marcus Willett, a former deputy head of GCHQ, argues that there is no coherent or widely shared understanding of what cyber operations really are, how they are used and what they can do; or of their implications for strategic affairs and international law; or what their ‘responsible’ use really entails. The myths and misunderstandings that abound tend to dull the conceptual clarity needed by strategic policymakers and overseers, and they complicate the essential task in a liberal democracy of maintaining public consent for, and legitimisation of, the development and use of such capabilities. The book sheds light on these issues, exposing myths and clarifying misunderstandings.

Attacking the issue

In the twenty-first century, cyberspace and the ‘real world’ have become inseparable. The stability and security of cyberspace therefore affect, in increasingly profound ways, the economies, international reputations, national security, military capabilities and global influence of states. In their short history, operations in cyberspace have already been used extensively by states and their non-state supporters for many purposes. They are an inevitable aspect of contemporary international affairs while carrying significant risk. In this Adelphi book, Marcus Willett, a former deputy head of GCHQ, argues that there is no coherent or widely shared understanding of what cyber operations really are, how they are used and what they can do; or of their implications for strategic affairs and international law; or what their ‘responsible’ use really entails. The myths and misunderstandings that abound tend to dull the conceptual clarity needed by strategic policymakers and overseers, and they complicate the essential task in a liberal democracy of maintaining public consent for, and legitimisation of, the development and use of such capabilities. The book sheds light on these issues, exposing myths and clarifying misunderstandings.

Navigating cyber threats: Exploring digital marketing and cyber security adoption among SME entrepreneurs

Navigating cyber threats: Exploring digital marketing and cyber security adoption among SME entrepreneurs

Autonomous Vehicle Data Protection : A Review of Security Threats, Challenges and Protective Mechanism

The swift advancement of autonomous vehicle (AV) technology has presented notable obstacles with data security and privacy. This analysis examines major security threats that jeopardize user privacy and vehicle control, including data breaches, virus penetration, cyber attacks, illegal access, V2V and V2I system hacking, GPS spoofing, and data leaks. It also looks at the challenges developers have when putting strong security measures in place, considering how complicated AV infrastructures may be and how cloud, IoT, and AI are integrated. The paper outlines a number of defence tactics, such as blockchain technology, machine learning for anomaly detection, encryption, and secure communication protocols. In order to improve AV cyber security, it ends with suggestions for further study in fields like edge computing and quantum-resistant cryptography.

Adopting Government Cyber Security Initiatives - A study of SMEs in Saudi Arabia

The study, which targeted SMEs, aims to determine the risks to cybersecurity in these institutions and implement countermeasures to reduce these risks, such as regulatory, material and technical measures. The study relied on the method of applied research, through a comprehensive questionnaire consisting of several departments targeting more than 60 institutions. For the purpose of data analysis, we used the Information Security Governance (ISG) assessment tool to measure the extent of conformity of implementation and actual documentation the requirements of the standard specification for SMEs in Saudi Arabia. The study reached several results, the most important of which is that cybersecurity in SMEs is exposed to many risks and threats, and that there is a weakness in legislation and laws that protect cybersecurity and the lack of written policies of most institutions participating in the questionnaire confirms the extent of this weakness. We have seen that the role of the national cybersecurity authority in the Kingdom of Saudi Arabia is good but needs to make more practical efforts to enhance cybersecurity inside and outside institutions. At the end of the study, we presented a framework that contains the most prominent international standards for building safe cyber institutions, which include standards for risk management, risk reduction and response, work environment security, access control, communication security, physical security, external relations, and employee awareness training.

Uncovering Multi-step Attacks with Threat Knowledge Graph Reasoning

The rapid advancement of information technologies has significantly intensified the focus on cyberspace security across various sectors. In this evolving landscape, attackers deploy many of techniques- including exploits, weakness identification, and complex multi-step attacks- to gain unauthorized access to systems. Conversely, defenders harness insights from a variety of sources to pinpoint potential threats. Prominent public cybersecurity databases such as the Adversarial Tactics, Techniques, and Common Knowledge (ATT&CK), Common Attack Pattern Enumeration and Classification (CAPEC), Common Vulnerabilities and Exposures (CVE), Common Weakness Enumeration (CWE), and Common Platform Enumeration (CPE) provide extensive data on security entities and their interrelations, playing a pivotal role in enriching the understanding of cybersecurity challenges and assisting in comprehensive defensive analyses. However, the semantic cross-analysis of these databases, crucial for identifying obscure threat patterns, remains underexploited. In this study, we amalgamate data from these disparate sources into a cohesive threat knowledge graph and introduce a novel knowledge representation learning approach, A4CKGE (ATT&CK-CAPEC-CWE-CVE-CPE Knowledge Graph Embedding). This method utilizes advanced structural and textual analytics to predict interactions among security entities such as products, vulnerabilities, weaknesses, and multi-step attack sequences, employing complex attack templates generated through a Large Language Model (LLM). Our extensive experiments demonstrate that this approach significantly outperforms existing state-of-the-art methods in effectively predicting these relationships. The findings validate the efficacy of our threat knowledge graph in unveiling hidden connections, thereby highlighting its potential to strengthen cybersecurity defenses substantially.

Improving Data Security in Cloud Computing through the Implementation of a Hybrid Encryption Algorithm

As cloud computing continues to gain popularity, the security of sensitive data stored in the cloud remains a paramount concern for organizations and individuals alike. Traditional encryption methods, while effective, often struggle to balance security, efficiency, and usability. This paper presents a hybrid encryption algorithm that combines the strengths of symmetric and asymmetric encryption to enhance data security in cloud computing environments. The proposed hybrid approach leverages symmetric encryption for fast and efficient data encryption, while asymmetric encryption is utilized for secure key exchange. By implementing this dual-layer encryption strategy, we can significantly improve data confidentiality and integrity during transmission and storage. Additionally, the algorithm incorporates robust key management practices, ensuring that encryption keys are safeguarded against unauthorized access. Through a series of performance evaluations and security assessments, we demonstrate that our hybrid encryption algorithm not only provides superior security but also maintains acceptable levels of performance, making it suitable for real-time applications. The results indicate that this approach effectively mitigates risks associated with data breaches and unauthorized access, positioning it as a viable solution for enhancing data security in cloud computing. This research contributes to the ongoing discourse on cloud security, offering a practical framework for organizations to protect their sensitive information in increasingly complex digital landscapes.

Unlocking Complexity: D-Wave\'s Role in Quantum Computing Breakthroughs

In this new era of Quantum Computing, a transformative paradigm is emerging for the enhancement of Cyber Security using the special-purpose systems like D-Wave's quantum annealers which helps the encryption system become more resilient. As quantum computing evolves, it provides new paradigms for breaking the traditional encryption methods, as the recent breakthroughs is accomplished by researchers from Shanghai University that uses D-Wave's quantum annealing capabilities in providing the researchers to successfully demonstrated the potential to compromise widely used encryption systems, including RSA and AES. The usage of quantum annealing (QA) that makes the D-Wave’s a specialized quantum system which enables an efficient computation in tackling cryptographic problems, demonstrates the implications for the data security and privacy by applying the quantum-classical hybrid architectures. This research aims to get attention on the urgent need for developing a new security measures in response to the vulnerabilities exposed by the quantum advancements which emphasizes the crucial role of D-Wave's in unlocking the complexities of quantum computing and its implications for the future of cybersecurity.

Wazuh SIEM for Cyber Security and Threat Mitigation in Apparel Industries

Security of IT infrastructure is critical in the modern digital environment, particularly for industries that manufacture clothing. The application of the Wazuh Security Information and Event Management (SIEM) system to improve security monitoring and compliance for an IT system in the apparel industry is the main topic of this study. To improve the apparel industry cyber threat monitoring system in real-time monitoring, detecting the threat vectors that support the centralized management system, to meet these objectives of the company, an SIEM security management system has been installed and configured with the components of Wazuh manager, indexer, Wazuh agent, and Wazuh dashboard as well. An Oracle virtual lab environment was created to install and configure the Wazuh system a robust Linux operating system was installed at the server level and Windows 10 was installed on the client end to the authenticity failure of the security system. To implement the Wazuh system, the project management guideline was followed which ensured the planning and implementation of the project, testing phases, and along with review and maintenance. Wazuh security management system successfully identified the authentical failure reports and vulnerabilities and generated automated reports from the system that showed the result of 1 critical, 19 high, and 5 medium levels of vulnerabilities shown in Figure 6, and the necessary patch recommended to solve the critical issues. On the other hand, the system also generated security events as well as integrity monitoring system reports. The deployment of the Wazuh security management system ensured the robust cost-effective security management system with high quality for detecting cyber threats which supports the regulatory and compliance requirements and is a viable tool for the apparel industry to protect the stakeholders’ interest.

SolarWinds Attack: Stages, Implications, and Mitigation Strategies in the Cyber Age

SolarWinds is a software company based in the United States that provides IT monitoring and management tools. Founded in 1999, SolarWinds offers a variety of products that help organizations manage networks, systems, IT infrastructure, applications and cloud-based services. SolarWinds products are used for performance monitoring, log management, IT security, and data analysis. The company became widely known after a major cybersecurity incident came to light in late 2020, in which their network management software, Orion, was used as a vector for attacks by a state-backed hacking group. These attacks affected many organizations, including government agencies and private companies, and led to an increased focus on software supply chain security. This paper has reviewed stages, Implications, and mitigation strategies of SolarWinds.