Cybersecurity Research Articles

Research Paper on Cyber Security

Cybersecurity is like our computers and phones' superhero. They help keep our computers and phone safe from sneaky bad guys on the internet. It’s all about using genius locks and tricks to keep our digital stuff virus free, hacker proof and away from funny online stunts. Like we cheque if the doors are locked and who leaving keys under the doormat at home, cybersecurity is our online detectives to keep an eye on websites to see they are safe, and be a bit more careful when clicking on links in emails from strangers. Having a shield for your digital world, to enjoy the internet without worries. Our online superhero is cybersecurity, the cybersecurity that allows us to surf the web, play games, and chat with friends securely. KeyWords:Malware,PenetrationTesting,Web AppTesting,Ddos Attacks,Ransomware Attacks,Phishing Attacks.

A review of time-series analysis for cyber security analytics: from intrusion detection to attack prediction

Understanding the current threat landscape as well as timely detection of imminent attacks are primary objectives of cyber security. Through time-series modeling of security data, such as event logs, alerts, or incidents, analysts take a step towards these goals. On the one hand, extrapolating time-series to predict future occurrences of attacks and vulnerabilities is able to support decision-making and preparation against threats. On the other hand, detection of model deviations as anomalies can point to suspicious outliers and thereby disclose cyber attacks. However, since the set of available techniques for time-series analysis is just as diverse as the research domains in the area of cyber security analytics, it can be difficult for analysts to understand which approaches fit the properties of security data at hand. This paper therefore conducts a broad literature review in research domains that leverage time-series analysis for cyber security analytics, with focus on available techniques, data sets, and challenges imposed by applications or feature properties. The results of our study indicate that relevant approaches range from detective systems ingesting short-term and low-level events to models that produce long-term forecasts of high-level attack cases.

Impact of AI on cybersecurity and security compliance

Artificial Intelligence (AI) is transforming the field of cybersecurity and reshaping security compliance practices. As cyber threats become increasingly complex, AI offers powerful tools for identifying, mitigating, and preventing attacks in real-time. AI-driven systems excel at processing vast amounts of data, detecting anomalies, and identifying patterns that traditional security systems might miss. Machine learning and deep learning algorithms enhance the ability to predict potential threats, reducing response time and improving the accuracy of threat detection. These capabilities make AI a valuable asset in addressing sophisticated threats such as zero-day vulnerabilities, advanced persistent threats (APTs), and ransomware attacks. In the realm of security compliance, AI plays a pivotal role by automating routine tasks such as monitoring, auditing, and reporting. This reduces the burden on organizations to manually enforce regulatory standards, leading to more efficient compliance with frameworks like GDPR, HIPAA, and PCI-DSS. AI can continuously assess systems to ensure that they meet compliance requirements, enhancing the ability to detect and respond to violations. Furthermore, AI contributes to governance by helping organizations develop robust security policies, track compliance metrics, and streamline incident response. However, the integration of AI in cybersecurity also presents challenges, including adversarial AI, data privacy concerns, and transparency in AI decision-making processes. Additionally, AI-driven attacks are an emerging threat that necessitates further research and regulation. Despite these challenges, the future of AI in cybersecurity and compliance looks promising, with advancements in predictive analytics, quantum computing, and autonomous security systems poised to further revolutionize the field. As AI technologies evolve, they will continue to play a critical role in fortifying cybersecurity defenses and ensuring regulatory compliance across industries.

Understanding Penetration Testing for Evaluating Vulnerabilities and Enhancing Cyber Security

In response to the increasing incidence of cyber-attacks, organizations are prioritizing security testing for their software applications and products. Among the most effective methods for identifying vulnerabilities is penetration testing, which involves simulated attacks on systems to uncover weaknesses that could be exploited by malicious actors. This method not only aids in identifying and remediating security flaws but also evaluates a system's ability to withstand unexpected threats. This paper provides an in-depth exploration of penetration testing, detailing its stages, methodologies, and the role of web application firewalls. A penetration test systematically assesses the security of IT infrastructures by exploiting vulnerabilities in systems, applications, and user behaviours. The findings from these tests are essential for IT management, guiding strategic decisions and prioritizing remediation efforts. Ultimately, the primary aim of penetration testing is to evaluate the risk of a system breach and its potential impact on organizational resources and operations.

Cyber threats in the age of artificial intelligence: Exploiting advanced technologies and strengthening cybersecurity

The rapid advancement in artificial intelligence (AI) technologies has led to the emergence of new and complex cyber threats. These threats rely on AI capabilities to target digital systems and infrastructures with greater precision and efficiency, making them more difficult to detect and counter. AI is being used to develop automated cyber-attacks, such as malware that can adapt and learn from its digital environment. Conversely, AI is also employed to enhance cyber security by enabling early threat detection, analyzing suspicious behaviors, and providing rapid responses to hacking incidents. Based on the above, the research idea we intend to present at this article on how to achieve a balance between leveraging AI technologies to protect digital systems and the growing risks associated with using these technologies to develop more sophisticated cyber-attacks. Research Methodologies: The study requires employing both the descriptive-analytical and inferential methodologies.

The Combination of Cyber Security, Excessive Programming, and Available Technology to Create an Effective Weapon

This research presents a model for designing a military terrestrial drone from available technology by using Raspberry Pi, the proposed model should fulfill the general requirements by providing a secure remote connection, a camera control application with a reliable targeting system, and motion control. We suggested SSH connection with cyber-attack simulation by Ettercap and sslstrip tool to test its reliability, and mark vulnerabilities if exist, as for the camera application and targeting system, python was our main language to write it and we used the SSD object detection method of machine learning for the camera to be able to identify and track objects it sees, python libraries like Tkinter along with PIL library was used to create the application GUI interface and its functions along with OpenCV to provide algorithms for video stream processing and displaying, we used OpenCV also for object detection algorithms writing, and socket was used to create a client-server connection on raspberry pi and windows controlling machine to transfer the targeting control signal, as for the controlling of motion functions its done through SSH PutTTY app and the python curses library. The research’s goal is to prove a theory regarding the military technology in the Middle East of mostly using available and civilian-accessed technology provided in stores to manufacture weapons that could show great performance on the battlefield, we improvised this principle in drone manufacture due to its significant role in modern days war.

Cyberverse: A Game-Based Learning Application for Cyber Security

Abstract: Games are becoming more frequent in educational settings, and various technologies have been established to meet the needs of designing an education as a game. Aside from education, game-based learning is rising in popularity in various areas, including professional development and networking sites. By incorporating gaming components into the training process, educational platforms that use games will increase student engagement, motivation, and productivity. One of the most defining characteristics of game-based learning environments is their ability to produce innovative and engaging learning experiences (Gee, J. P. 2020; Hamari, J., et al 2021). Games-based learning integrates instruction with authentic gaming experiences. Scientific and popular interest in severe goal games has increased tremendously (Huang, W. H.-Y. et al. 2021; Kapp, K. M. 2020; Zhang, Y. et al. 2023). Cybersecurity refers to the practice of protecting systems, networks, and programs from digital attacks, damage, or unauthorized access. With the increasing reliance on technology and the internet, the significance of cybersecurity has grown tremendously. It encompasses various measures, including: Threat Prevention, Incident Response, Data Protection, Awareness and Training and Compliance (Kshetri, N. 2021; Stallings, W., et al 2022; Kaspersky, E. 2020). Cyber security occupies a major part of society today. Cyber security educational games are a popular form of hands-on exercises that use gamification to train information security skills and enhance cyber security awareness. The objectives of the game application are to (1) create awareness of the necessity of the importance and function of cyber security such as password security, phishing awareness, identity theft, encryption, and network security among others. (2) to distinguish between the various topics of cyber security while playing the game application (3) to determine the evaluation tool to use in the assessment of the cognitive abilities of gamers. A quantitative research design was used to determine the process of the application while the Agile model is commonly used in game development due to its iterative and flexible nature. Technical Aspect which is the ISO 25010 and Game Aspect Method was used for the Evaluation with 60 respondents. The study can identify the genders of the respondents as male and female. The mechanics of the game can make the gamers use and test their knowledge about cyber security. Evaluation results of gamer respondents show the average mean of both males and females are interpreted as "Strongly Agree". This means that they strongly agree that cognitive abilities are used when playing the application. Meanwhile, evaluation results of technical respondents' average mean for both males and females are interpreted as also "Strongly Agree". This means that they strongly agree on all the technical aspects of the application. Overall, evaluation results of all respondents whether gamer or technical are interpreted as "Strongly Agree".

Architecting Resilience : A Framework for Secure and Compliant Healthcare IT Infrastructures

Healthcare information technology (IT) systems face unique challenges in maintaining data security and regulatory compliance while supporting critical patient care functions. This article provides a comprehensive analysis of the complex interplay between data protection measures and compliance requirements in the healthcare sector. We examine key components of data security, including encryption, data integrity measures, and secure transfer protocols, with a specific focus on their application to sensitive patient information. The impact of regulations such as HIPAA on system design and maintenance is explored, offering insights into the alignment of IT practices with evolving standards. Through a review of current literature and industry best practices, we present strategies for risk management, employee training, and the implementation of technical controls that address both security and compliance needs. Emerging trends, including cloud computing, the Internet of Medical Things (IoMT), and artificial intelligence in healthcare security, are discussed to provide a forward-looking perspective. This article contributes to the ongoing dialogue on balancing innovation with security in healthcare IT, offering practical recommendations for healthcare organizations to enhance their data protection measures while ensuring regulatory compliance.

Enhancing Cyber Security in Autonomous Vehicles: A Hybrid XG Boost-Deep Learning Approach for Intrusion Detection in the CAN Bus

Enhancing Cyber Security in Autonomous Vehicles: A Hybrid XG Boost-Deep Learning Approach for Intrusion Detection in the CAN Bus

Users' Awareness of Cyber Security Practices for Preventing Data Attacks in Public Organisations

This study assessed users' awareness of cyber security practices for preventing data attacks. The study employed a descriptive research design and quantitative research approach. A random sampling technique was used to select a sample of 65 respondents. Data were collected through structured questionnaires. Descriptive statistics such as mean and standard deviation were used to analyse data. The validity and reliability of data collection tools were ensured. Findings revealed that the user's awareness of cyber security practices on prevention of data attacks was high in the selected case for study, which remains anonymous. The study recommends that due to the rapid changing of technology, the organisation should prevent risks from various sources, including internet-borne attacks, such as spyware or malware, user-generated weaknesses, such as easily guessed passwords or misplaced information, inherent system or software flaws and vulnerabilities and subvert system or software features.

Implementation of a novel secured authentication protocol for cyber security applications

Robust verification protocols are crucial for maintaining the security and reliability of sensitive information due to the increasing complexity of cyber-attacks. This paper introduces a novel 5G Secure Handover Protocol aimed at addressing security and effectiveness issues encountered in existing systems. The proposed protocol is robust against various attacks, including de-synchronization, replay, man-in-the-middle (MITM), denial of services (DoS), and jamming, ensures perfect forward key secrecy, safeguarding communication confidentiality. The proposed protocol utilizes a combination of spiking neural network and fuzzy logic (SNN-FL) techniques that must choose the goal cell as carefully as possible before initiating the transfer process. By combining fuzzy logic and spiking neural networks to reduce handover latency and thwart several types of cyberattacks, the proposed 5G Secure Handover Protocol improves security. Extensive simulations show its efficacy and emphasize its potential for safe communication in large-scale cybersecurity applications. The paper presents a novel secure authentication protocol that significantly reduces handover delays and improves efficiency. Simulations show its resilience against common security threats, protecting sensitive information and maintaining secure communication channels. The protocol, with low communication expenses, complex spatial, and latency for changeover verification, is ideal for large-scale cybersecurity applications, contributing to the development of secure digital authentication mechanisms.

Modeling Cybersecurity Risk: The Integration of Decision Theory and Pivot Pairwise Relative Criteria Importance Assessment with Scale for Cybersecurity Threat Evaluation

This paper presents a comprehensive model for cyber security risk assessment using the PIPRECIA-S method within decision theory, which enables organizations to systematically identify, assess and prioritize key cyber threats. The study focuses on the evaluation of malware, ransomware, phishing and DDoS attacks, using criteria such as severity of impact, financial losses, ease of detection and prevention, impact on reputation and system recovery. This approach facilitates decision making, as it enables the flexible adaptation of the risk assessment to the specific needs of an organization. The PIPRECIA-S model has proven to be useful for identifying the most critical threats, with a special emphasis on ransomware and DDoS attacks, which represent the most significant risks to businesses. This model provides a framework for making informed and strategic decisions to reduce risk and strengthen cyber security, which are critical in a digital environment where threats become more and more sophisticated.

Consensus-Based Power System State Estimation Algorithm Under Collaborative Attack

Due to its vulnerability to a variety of cyber attacks, research on cyber security for power systems has become especially crucial. In order to maintain the safe and stable operation of power systems, it is worthwhile to gain insight into the complex characteristics and behaviors of cyber attacks from the attacker’s perspective. The consensus-based distributed state estimation problem is investigated for power systems subject to collaborative attacks. In order to describe such attack behaviors, the denial of service (DoS) attack model for hybrid remote terminal unit (RTU) and phasor measurement unit (PMU) measurements, and the false data injection (FDI) attack model for neighboring estimation information, are constructed. By integrating these two types of attack models, a different consensus-based distributed estimator is designed to accurately estimate the state of the power system under collaborative attacks. Then, through Lyapunov stability analysis theory, a sufficient condition is provided to ensure that the proposed distributed estimator is stable, and a suitable consensus gain matrix is devised. Finally, to confirm the viability and efficacy of the suggested algorithm, a simulation experiment on an IEEE benchmark 14-bus power system is carried out.

To Study on Cyber Crime Burgeoning in India and Crucial Actions Need for Every Cybercrime Victim

India is facing a great deal of challenges due to the rapid digitalization and broad adoption of technology in many different areas. One such concern is cybercrime. In this paper explores the nature, scope, and impact of cybercrime in the Indian context. The rising ubiquity of internet usage has rendered people, companies, and governmental organizations more susceptible to a range of cyber threats, such as identity theft, financial fraud, data breaches, and cyber harassment. Despite developments in cyber security protection, the lack of awareness and poor regulatory frameworks has aggravated the situation. To address these issues, the Indian government has put in place a number of efforts, including the National Cyber Security Policy and the Information Technology Act, 2000. But enforcement is still patchy, and a lot of crimes go unreported or ignored. The problem has been made worse by insufficient regulatory frameworks and a lack of knowledge, even in spite of advances in cyber security measures. But enforcement is still patchy, and a lot of crimes go unreported or ignored. This research paper emphasizes India's cybercrime victims have several legal options, the need for a multimodal strategy that includes improved cyber security infrastructure, better legislative frameworks and greater public awareness in order to tackle cybercrime. In light of the transnational character of cyber threats, it also highlights the significance of international cooperation. In the end, a thorough plan is necessary to protect India's digital environment and guarantee the security and safety of its people in a world that is becoming more interconnected by the day

Machine Learning in Computer Security is Difficult to Fix

Machine Learning in Computer Security is Difficult to Fix

Pitfalls in Machine Learning for Computer Security

With the growing processing power of computing systems and the increasing availability of massive datasets, machine learning algorithms have led to major breakthroughs in many different areas. This development has influenced computer security, spawning a series of work on learning-based security systems, such as for malware detection, vulnerability discovery, and binary code analysis. Despite great potential, machine learning in security is prone to subtle pitfalls that undermine its performance and render learning-based systems potentially unsuitable for security tasks and practical deployment. In this paper, we look at this problem with critical eyes. First, we identify common pitfalls in the design, implementation, and evaluation of learning-based security systems. We conduct a study of 30 papers from top-tier security conferences within the past 10 years, confirming that these pitfalls are widespread in the current security literature. In an empirical analysis, we further demonstrate how individual pitfalls can lead to unrealistic performance and interpretations, obstructing the understanding of the security problem at hand. As a remedy, we propose actionable recommendations to support researchers in avoiding or mitigating the pitfalls where possible. Furthermore, we identify open problems when applying machine learning in security and provide directions for further research.

Current Trends in ICT Security: A Comprehensive Overview of Machine Learning and Soft Computing Applications

In an era marked by pervasive digitization, information and communication technology (ICT) security stands as a cornerstone of our digital infrastructure. The rapid evolution of cyber threats necessitates equally agile defence mechanisms. This research paper provides a comprehensive overview of the contemporary landscape of ICT security with a specific focus on the emergent trends in machine learning (ML) and soft computing (SC) applications. The paper commences by outlining the escalating challenges posed by cyber adversaries, underlining the inadequacy of traditional security paradigms in contending with the intricacies of modern-day attacks. This backdrop emphasizes the need for innovative, adaptable, and intelligent approaches to bolster ICT security.

Modernisasi Alat Utama Sistem Senjata TNI dalam Mendukung Tugas TNI AL

This study analyzes the modernization of TNI AL weaponry systems to support maritime defense tasks in Indonesian jurisdictional waters. Using the Analytic Network Process (ANP) method, the research identifies the challenges and obstacles faced, as well as determining modernization priorities. The ANP results show that modernizing the Indonesian Navy Warship (KRI) is the top priority, followed by the development of Fast Missile Boats (KCR), the modernization of the Maritime Air Defense System, and the procurement of new submarines. Additionally, the Indonesian Navy faces both conventional military threats, such as naval attacks from other countries, and asymmetric threats, including piracy and maritime terrorism. To address these threats, the Indonesian Navy needs to develop advanced technologies, including cyber security and monitoring technologies to prevent illegal activities at sea. The study also finds that modernization efforts face various obstacles, requiring the improvement of maintenance facilities and intensive training. The use of ANP and NVivo helps formulate an effective modernization strategy to enhance operational readiness and the maritime defense capabilities of the Indonesian Navy.

An Investigation into the Utilisation of CNN with LSTM for Video Deepfake Detection

Video deepfake detection has emerged as a critical field within the broader domain of digital technologies driven by the rapid proliferation of AI-generated media and the increasing threat of its misuse for deception and misinformation. The integration of Convolutional Neural Network (CNN) with Long Short-Term Memory (LSTM) has proven to be a promising approach for improving video deepfake detection, achieving near-perfect accuracy. CNNs enable the effective extraction of spatial features from video frames, such as facial textures and lighting, while LSTM analyses temporal patterns, detecting inconsistencies over time. This hybrid model enhances the ability to detect deepfakes by combining spatial and temporal analysis. However, the existing research lacks systematic evaluations that comprehensively assess their effectiveness and optimal configurations. Therefore, this paper provides a comprehensive review of video deepfake detection techniques utilising hybrid CNN-LSTM models. It systematically investigates state-of-the-art techniques, highlighting common feature extraction approaches and widely used datasets for training and testing. This paper also evaluates model performance across different datasets, identifies key factors influencing detection accuracy, and explores how CNN-LSTM models can be optimised. It also compares CNN-LSTM models with non-LSTM approaches, addresses implementation challenges, and proposes solutions for them. Lastly, open issues and future research directions of video deepfake detection using CNN-LSTM will be discussed. This paper provides valuable insights for researchers and cyber security professionals by reviewing CNN-LSTM models for video deepfake detection contributing to the advancement of robust and effective deepfake detection systems.

Building cybersecurity resilience: integrating defense and recovery investment strategies in an expected resilience framework

PurposeTo remain competitive in an unpredictable environment where the complexity and frequency of cybercrime are rapidly increasing, a cyber resiliency strategy is vital for business continuity. However, one of the barriers to improving cyber resilience is that security defense and accident recovery do not combine efficaciously, as embodied by emphasizing cyber security defense strategies, leaving firms ill-prepared to respond to attacks. The present study thus develops an expected resilience framework to assess cyber resilience, analyze cyber security defense and recovery investment strategies and balance security investment allocation strategies.Design/methodology/approachBased on the expected utility theory, this paper presents an expected resilience framework, including an expected investment resilience model and an expected profit resilience model that directly addresses the optimal joint investment decisions between defense and recovery. The effects of linear and nonlinear recovery functions, risk interdependence and cyber insurance on defense and recovery investment are also analyzed.FindingsAccording to the findings, increasing the defense investment coefficient reduces defense and recovery investment while increasing the expected resilience. The nonlinear recovery function requires a smaller defense investment and overall security investment than the linear one, reflecting the former’s advantages in lowering cybersecurity costs. Moreover, risk interdependence has positive externalities for boosting defense and recovery investment, meaning that the expected profit resilience model can reduce free-riding behavior in security investments. Insurance creates moral hazard for firms by lowering defensive investment, yet after purchasing insurance, expanded coverage and cost-effectiveness incentivize firms to increase defense and recovery spending, respectively.Originality/valueThe paper is innovative in its methodology as it offers an expected cyber resilience framework for integrating defense and recovery investment and their effects on security investment allocation, which is crucial for building cybersecurity resilience but receives little attention in cybersecurity economics. It also provides theoretical advances for cyber resilience assessment and optimum investment allocation in other fields, such as cyber-physical systems, power and water infrastructure – moving from a resilience triangle metric to an expected utility theory-based method.