Internet Research Articles

The Role of Zero Trust Architecture in Modern Cybersecurity: Integration with IAM and Emerging Technologies

As cyber threats continue to evolve, organizations are increasingly adopting advanced security frameworks such as Zero Trust Architecture (ZTA) to protect their digital assets. ZTA operates under the principle of "never trust, always verify," acknowledging that both internal and external networks may be compromised. Integrated with Identity and Access Management (IAM), ZTA offers a dynamic security model, requiring continuous authentication and authorization for every access request. This integration ensures that sensitive resources are protected by enforcing multifactor authentication, behavioral analysis, and micro-segmentation, which collectively reduce the risk of attacks. A critical aspect of ZTA is its focus on continuous authentication and the principle of least privilege. Unlike traditional IAM systems, which grant static access, ZTA dynamically adjusts access based on real-time conditions, such as user behavior, location, and the sensitivity of data. This reduces the attack surface and minimizes lateral movement within the network. Additionally, ZTA promotes network segmentation, using IAM frameworks to enforce strict access control for each network segment. This limits the potential damage if an attacker compromises one segment. Studies have shown that ZTA is highly effective in mitigating insider threats, reducing the attack surface, and enhancing the resilience of infrastructure. While challenges remain in terms of scalability and integration complexity, the security benefits are undeniable. The increasing use of AI, machine learning, and quantum computing is expected to further strengthen ZTA's security capabilities. As organizations face more sophisticated cyber threats, ZTA is likely to become a standard in cybersecurity strategies, providing a robust, adaptable solution to protect valuable digital assets.

Discovery of non-retinoid compounds that suppress the pathogenic effects of misfolded rhodopsin in a mouse model of retinitis pigmentosa.

Pathogenic mutations that cause rhodopsin misfolding lead to a spectrum of currently untreatable blinding diseases collectively termed retinitis pigmentosa. Small molecules to correct rhodopsin misfolding are therefore urgently needed. In this study, we utilized virtual screening to search for drug-like molecules that bind to the orthosteric site of rod opsin and improve its folding and trafficking. We identified and validated the biological effects of 2 non-retinoid compounds with favorable pharmacological properties that cross the blood-retina barrier. These compounds reversibly bind to unliganded rod opsin, each with a Kd comparable to 9-cis-retinal and improve opsin stability. By improving the internal protein structure network (PSN), these rod opsin ligands also enhanced the plasma membrane expression of total 36 of 123 tested clinical RP variants, including the most prevalent P23H variant. Importantly, these compounds protected retinas against light-induced degeneration in mice vulnerable to bright light injury and prolonged survival of photoreceptors in a retinitis pigmentosa mouse model for rod opsin misfolding.

Unleashing R&D networks for ambidexterity: The interplay between internal and external networking capabilities

Unleashing R&D networks for ambidexterity: The interplay between internal and external networking capabilities

FEATURES OF INTERNET ADVERTISING OF HOTEL BUSINESS ENTERPRISES IN THE UKRAINIAN INTERNET SEGMENT

The article analyzes the use of the main types of Internet advertising by hotel business enterprises. The peculiarities of the use by hotel business entities in the Ukrainian Internet segment of such types of Internet advertising as search optimization of the hotel website, «Google My Business» service, contextual advertising, partnership with online reservation services, advertising in social networks are given. Basic requirements for the website of the hotel enterprise are generalized. Such indicators of ease of use of the site as easy availability of basic information, cross-browser compatibility, download speed and others are described. Recommendations for the modern design style of the hotel website are given. The expediency of multilingual hotel website is substantiated. The main components of the information content of the website of the hotel enterprise are described - the conditions of booking and accommodation, the appearance of the rooms, information about the location of the hotel, etc. The main requirements for the hotel website were analyzed. On the basis of statistical data of thematic search queries in Ukrainian and foreign languages, the relevance of attracting thematic traffic to the hotel website in both Ukrainian and foreign languages has been proven, and recommendations for the implementation of such attraction have been given. Such means of obtaining foreign language traffic by the site as creating foreign language mirrors of the hotel site and including foreign language key phrases in the metatags and pages of the site are described, which allows to increase the visibility of the site in search engines by expanding its semantic core and increasing positions in thematic search results. The peculiarities of the use of the contextual advertising to attract potential hotel customers were studied and its advantages and disadvantages were described. The specifics of contextual advertising in the Ukrainian Internet segment are determined, in particular, the need for separate adjustment of this type of advertising in the google.com and google.com.ua push systems. Advertising formats and specifics of advertising of the hotel enterprises in social networks are described. The specifics of the using the «Google My Business» service for advertising hotel enterprises are analyzed in detail. Recommendations are given for registering a hotel business enterprise in this service and administering of the created account is made. Reasoned Recommendations regarding the content and completeness of the information in the hotel card in the «Google My Business» service, and the correspondence of this information to the content of the hotel website are justified.

A novel approach for detecting malicious hosts based on RE-GCN in intranet

Internal network attacks pose a serious security threat to enterprises and organizations, potentially leading to critical information leaks and network system damage. Hosts, as the core data and service bearers, are often primary targets of cyber attacks. Therefore, accurately identifying hosts with malicious behavior in the network is crucial. However, detecting malicious hosts on this intranet presents several challenges. Firstly, the network state is unstructured data that dynamically changes in real-time. Secondly, the large amount of normal traffic in the network drowns out the traces generated by malicious behaviors, leading to the problem of category imbalance. Lastly, the traditional graph neural network model has limitations in processing edge information and is unable to directly learn the information in netflow. To overcome these challenges, this paper proposes a malicious host detection system. The system extracts the Host Communication Graph by time slicing and uses a random undersampling method to balance samples. For malicious host detection, this paper proposes the Relational-Edge Graph Convolutional Network (RE-GCN) model, which can directly aggregate and learn features on edges and use them to accurately classify nodes, compared to other GNN models. Comparative experiments were conducted on various netflow datasets, demonstrating the effectiveness of our approach. Our approach outperformed other common GNN models in detecting malicious hosts.

Integrating Wi-Fi, Li-Fi, and BPL Technologies for a Secure Indoor Communication System.

In today's digital age, there is an increasing demand for integrated wireless and wired technologies; however, there is a difficulty in achieving secure and reliable communications within buildings and facilities. This paper presents a proposal for maintaining the infrastructure while expanding it to implement communication technologies with high transmission and reception speeds and high levels of data confidentiality to enhance the operational efficiency of organizations. Three main technologies have emerged as promising solutions for this purpose: Wi-Fi, Li-Fi, and BPL. Despite the advantages that each technology offers, some drawbacks appear in these technologies that affect data transmission. Wi-Fi, Li-Fi, and BPL can be combined to achieve maximum security and reduce noise and interference via the ESP8266 module. This combination could be an important step toward achieving an integrated and secure indoor communication system. The paper provides a comprehensive overview of the three techniques and how they are applied in practice. In addition, OSE, ABPF, and ASBF filters are used to detect and eliminate interference and attack secure internal networks.

Intrafirm collaboration network dynamics, external cooperation network embeddedness, and firm knowledge search

ABSTRACT In the context of open innovation, firms urgently expand knowledge search and acquisition externally, forming complex interactions between internal networks and their knowledge exploration behaviours. However, prior research has overlooked network dynamics and treated internal networks as static. Drawing upon social network theory and the knowledge-based view, our study constructs a theoretical model that links intrafirm collaboration network dynamics with knowledge search within firms. We also investigated external contextual mechanisms such as the relationship strength, relationship breadth, and network centrality of corporate external networks. These moderate the relationship between intrafirm collaboration network dynamics and firms’ knowledge search. We empirically test the hypotheses using data from listed firms in the Chinese computer, communication, and electronic equipment manufacturing industry (C39) between 2014 and 2021. The results indicate that the intrafirm collaboration network dynamic has an inverted U-shaped effect on firms’ knowledge search breadth and depth. Relationship strength and network centrality weaken these effects.

Application of Large Language Models for Assessing Parameters and Possible Scenarios of Cyberattacks on Information and Communication Systems

This paper explores the use of large language models (LLMs) to evaluate parameters and identify potential hostile penetration scenarios in corporate networks, considering logical and probabilistic relationships between network nodes. The developed methodology is based on analyzing the network structure, which includes components such as the Firewall, Mail Server, Web Server, administrator and client workstations, application server, and database server. The probabilities of transitions between these nodes during adversarial attacks are determined using a swarm of virtual experts and two sets of prompts aimed at different LLMs. Among the results obtained through the swarm approach are average transition probabilities, which enable modeling the most likely attack paths from both external and internal network origins. Based on logical-probabilistic analysis, penetration scenarios are ranked according to probabilities, execution time, and resource minimization required by attackers. The proposed methodology facilitates rapid response to threats and ensures an adequate level of cybersecurity by focusing on the most probable and dangerous attack scenarios.

Zero Trust Security Model for Enterprise Networks

Zero Trust (ZT) is security model and follow the concept of ânever trust, always verifyâ. ZT require to strict identity verification for devise and clients trying to access recourses on private networks regardless of whether they are sitting within or outside the networks. As opposed to perimeter-based architecture, which makes the assumption that all internal network parties are trusted and all external network parties are untrusted. In enterprise network the internal network parties is automatically seen as trusted entities granting them access to network resources. The insider threat actor has been successful in exploiting their access. So that, enterprise networks become more exposed to inside and outside threads. As a result, we need to add the zero-trust principle to the enterprise network to protect it from the inside. In this paper, the ZT model, is assumed inside the militarized zone. There may be a threat to the sensitive data. Any internal company network users cannot manipulation on his computer without permission from the administrator this is done by the group policies that have been implemented in ZT. This model has been shown to be quite effective in protecting the sensitive data against unauthorized access and also the manipulation by the insider user. Following that, an attack originating from inside of the network was launched against the enterprise and zero trust network. In the enterprise network, the network was effectively attacked, and the attack’s validity was also increased to fully penetrate the enterprise. The attack did not succeed in the zero-trust network because the attacker cannot pass the User Account Control (UAC) to gain the NT authority.

A Petri Net and LSTM Hybrid Approach for Intrusion Detection Systems in Enterprise Networks.

Intrusion Detection Systems (IDSs) are a crucial component of modern corporate firewalls. The ability of IDS to identify malicious traffic is a powerful tool to prevent potential attacks and keep a corporate network secure. In this context, Machine Learning (ML)-based methods have proven to be very effective for attack identification. However, traditional approaches are not always applicable in a real-time environment as they do not integrate concrete traffic management after a malicious packet pattern has been identified. In this paper, a novel combined approach to both identify and discard potential malicious traffic in a real-time fashion is proposed. In detail, a Long Short-Term Memory (LSTM) supervised artificial neural network model is provided in which consecutive packet groups are considered as they flow through the corporate network. Moreover, the whole IDS architecture is modeled by a Petri Net (PN) that either blocks or allows packet flow throughout the network based on the LSTM model output. The novel hybrid approach combining LSTM with Petri Nets achieves a 99.71% detection accuracy-a notable improvement over traditional LSTM-only methods, which averaged around 97%. The LSTM-Petri Net approach is an innovative solution combining machine learning with formal network modeling for enhanced threat detection, offering improved accuracy and real-time adaptability to meet the rapid security needs of virtual environments and CPS. Moreover, the approach emphasizes the innovative role of the Intrusion Detection System (IDS) and Intrusion Prevention System (IPS) as a form of "virtual sensing technology" applied to advanced network security. An extensive case study with promising results is provided by training the model with the popular IDS 2018 dataset.

Flexible Sensors with Enhanced Sensitivity and Broadened Detection Range Through Conformal Printing and Space-Confined Design.

Enhancing the sensitivity and extending the linear sensing range of flexible pressure sensors are crucial for their development and incorporation in wearable electronics. Conventional sensors face a trade-off between sensitivity and linear sensing range, which is often limited by the monotonicity of materials and structural design. To address this challenge, a new piezoresistive flexible sensor is developed in this work, drawing inspiration from the intricate microstructure and pressure-sensing capabilities of human skin. This advanced sensor is constructed with a dual-layer resistive sensing design, which includes an external conductive layer comprising of MXene/Ag composite and an internal carbon nanomaterial conductive network. The design incorporated bionic micro-spines and multilayer porous microstructures with microcapsules to optimize the overall performance. This scalable and economical approach yielded a sensor that surpassed human tactile resolution, and the sensor can adeptly monitor comprehensive human motions and respiratory rhythms and recognize spoken language. In addition, it exhibited reliable photothermal sterilization performance, making it suitable for long-term health diagnostics and treatment. The proposed sensor demonstrated immense potential for applications in physical health monitoring, motion detection, electronic skin, and human-computer interactions.

Detect Insider Threat with Associated Session Graph

Insider threats pose significant risks to organizational security, often leading to severe data breaches and operational disruptions. While foundational, traditional detection methods suffer from limitations such as labor-intensive rule creation, lack of scalability, and vulnerability to evasion by sophisticated attackers. Recent advancements in graph-based approaches have shown promise by leveraging behavior analysis for threat detection. However, existing methods frequently oversimplify session behaviors and fail to extract fine-grained features, which are critical for identifying subtle malicious activities. In this paper, we propose a novel approach that integrates session graphs to capture multi-level fine-grained behavioral features. First, seven heuristic rules are defined to transform user activities across different hosts and sessions into an associated session graph while extracting features at both the activity and session levels. Furthermore, to highlight critical nodes in the associated session graph, we introduce a graph node elimination technique to normalize the graph. Finally, a graph convolutional network is employed to extract features from the normalized graph and generate behavior detection results. Extensive experiments on the CERT insider threat dataset demonstrate the superiority of our approach, achieving an accuracy of 99% and an F1-score of 99%, significantly outperforming state-of-the-art models. The ASG method also reduces false positive rates and enhances the detection of subtle malicious behaviors, addressing key limitations of existing graph-based methods. These findings highlight the potential of ASG for real-world applications such as enterprise network monitoring and anomaly detection, and suggest avenues for future research into adaptive learning mechanisms and real-time detection capabilities.

Within‐Firm and Cross‐Firm Interconnection Strategies in Asymmetric Networks

ABSTRACTThis paper develops a unified framework for analyzing various interconnection regimes in two dimensions: compatibility between networks managed by the same firm (within‐firm interconnection) and compatibility between networks of different firms (cross‐firm interconnection). Our study examines a duopoly market in which a dominant firm operates two networks and a competitor offers a standalone network. We find that the strength of economies of scale is critical in determining firm choices of interconnection regimes. The welfare implications of interconnection regimes are also investigated. In particular, policy interventions aimed at promoting cross‐firm interconnection may result in socially undesirable outcomes.

MPLS vs. IPsec VPN: Choosing the Right Network Architecture for Enterprise WAN

The rapid expansion of the global business has increased the demand for secure, resilient and optimized WANs. Enterprises had traditionally used Wide Area Network (WAN) technologies like Multi-Protocol Label Switching (MPLS) or Internet Protocol Security (IPsec) VPNs to link geographically separated data centers. Each of these technologies provides their own benefits, based on an organization’s requirement and a combination of performance, price and security needs. This paper will dive deep to provide a comparative analysis between MPLS and IPsec VPNs technologies and the enterprise WAN scenarios in which these VPNs could be deployed. The paper describes internet circuits, their drawbacks, the benefit of MPLS circuits, and how IPsec VPN can protect public internet circuits. Last but not least, the paper aims to provide network administrators with the necessary tools to choose an appropriate circuit for their organization by providing network architecture scenarios in which MPLS or IPsec VPN over internet circuits is the best choice. Keywords— Internet Circuits, MPLS, IPSec VPN, Tunnel, Budget, Reliability, Security.

Enterprise Network Design and Deployment Practice based on eNSP

In recent years, with the frequent occurrence of network security incidents, the importance of enterprise network security has become increasingly prominent. The design of enterprise networks should not only meet the requirements of efficient communication, but also prioritize security to ensure the stable operation of the network. This article constructs a large-scale corporate park network, including the DMZ area and connected to the backbone network through dedicated lines. At the same time, with offices, it is necessary to achieve interconnectivity between the two networks. Based on dynamic routing protocol, IPSecVPN, VRRP and other technologies, combined with Huawei network equipment, the company has built a secure and efficient enterprise network architecture. The design content covers wireless network coverage, IPv6 support, traffic optimization, and redundant path selection to ensure stable communication between the company's campus network, offices, and the Internet, ultimately achieving a balance between security, flexibility, and reliability.

Research on the positioning and enhancement path of marine cities in China’s internal circulation network

IntroductionChina’s marine cities have reached a critical juncture after 40 years of rapid development. In this new stage, where internal circulation is the main focus, there is a need to enhance the internal circulation capabilities of these cities and unleash their full economic potential. This paper aims to explore the positioning and improvement path of marine cities in China's internal circulation network, and fully unleash the development potential of marine cities.MethodsBased on data from 284 prefecture-level cities in China, this paper constructs the social network of China's urban internal circulation with the help of the modified gravity model, and explores the conditional configuration of the improvement of the status of marine cities in internal circulation network by using the fuzzy-set qualitative comparative analysis (fsQCA) method.Results and discussion(1) The development level of marine cities' internal circulation can be categorized into three tiers, led by Shanghai. The development gap between the 14 marine cities has gradually widened over recent years. (2) Chinese marine cities can be divided into three groups in the topological structure of China's urban internal circulation network: core, periphery, and edge, with Shanghai being the core "bridge" in the network. The traditional advantages of some northern economically strong cities in the construction of the internal circulation network have gradually been lost, and many marine cities have seen their leadership and control over the internal circulation network significantly weakened. (3) No single factor is a necessary condition for achieving a high-level status of marine cities in the internal circulation network. (4) The four conditional variables of demand side, supply side, industrial linkage and inter-regional integration have two sufficient condition configurations to enhance the status of marine cities in internal circulation network. Among them, the "industry-regional integration"-dominated configuration with the core of unblocking the bottlenecks of the internal circulation is the main path.

Laminin expression profiles of osteogenic-and chondrogenic-induced dECM sheets

Decellularized extracellular matrix sheets (dECMSs) produced by stem cells have attracted attention because they preserve the natural biological activity of the ECM to direct lineage-specific differentiation with less immunogenicity. As a core ECM protein, laminin modulates cellular phenotype and differentiation. Nevertheless, no studies thus far have explored the distribution and abundance of laminins in diverse dECMSs. Herein, we first compared the differential expression of laminins among dECMSs in osteogenic-induced medium (OI-dECMS), chondrogenic-induced medium (CI-dECMS), and standard medium (dECMS), employing a defined mass spectrometry (MS)-based proteomic analysis. In vitro, dECMSs were verified to be successfully decellularized. Cluster analysis identified a marked fluctuation in the expression of 7 laminins and 17 laminin-associated proteins in OI-dECMS vs dECMS and CI-dECMS vs dECMS. Two significantly changed pathways were selected from the KEGG pathway enrichment analysis: the FAK/ERK pathway and the PI3K/AKT pathway.Moreover, Alkaline Phosphatase (ALP) activity, Alcian blue staining, and RT-qPCR results for recellularization showed that CI-dECMS promotes chondrogenesis while OI-dECMS inhibits osteogenesis compared with dECMS. In vivo experiments were conducted to implant dECMSs in a rat osteochondral defect, demonstrating that dECMS and CI-dECMS promoted bone and cartilage repair. Furthermore, the inhibitory analysis was performed to verify the function of specific laminin isoforms modulating osteogenesis and chondrogenesis, which might be related to FAK/ERK and PI3K/AKT pathways. In summary, this study constructed dECMS, OI-dECMS, and CI-dECMS and uncovered the internal comprehensive molecular regulatory network centralized by laminins, thus proposing a biomimetic substitute for bone and cartilage regeneration.

The Impact of E-Marketing on Customer Satisfaction: The Moderating Role of Service Quality in Jordanian Commercial Banks

Banking work in this era is distinguished by relying on information and communication technology to develop systems and means of providing banking services and raising the efficiency and performance of banking services in line with the rapid progress in the banking industry. This study examines the impact of electronic marketing on customer satisfaction with the moderating role of service quality in Jordanian commercial banks. The study’s goals and questions were met using a descriptive and analytical technique. With the aid of a suitable data and information collection tool, the descriptive technique was employed based on the study of the research topic. The study population consisted of all administrative workers in the Jordanian commercial banks. The statistical package for the social sciences program was used to examine the data after obtaining it using the questionnaire (SPSS). The study found a statistically significant effect at the level (α ≤ 0.05) of e-marketing on customer satisfaction in Jordanian commercial banks, with the moderating role of service quality. The study also recommends expanding investments in the technical field. Banks seeking to provide electronic banking services must realise the importance and necessity of huge investments in information systems, the adoption of modern technology in communications, the development of internal and external networks, and the need for protection and security.

Breaking the Silence: A Preliminary Study on the Experiences of Chinese Men as Victims of Intimate Partner Violence and Masculinity.

Understanding the experiences of intimate partner violence (IPV) is a critical first step in developing effective responses. However, the majority of research has focused on male perpetration against women, with male victimization being relatively marginalized. This study aims to explore the experiences of men with IPV in the context of Chinese society, where adherence to masculinity and the societal pursuit of face and harmony contribute to tolerance of IPV and hinder the understanding of male victim experiences. This study analyzes the IPV experiences shared by 57 men on public internet forums and invited 11 of them to participate in semi-structured interviews through private messages. Finally, thematic analysis was employed to qualitatively analyze the collected textual data. This study revealed seven key themes in the narratives of men. This study has significant implications for future research on IPV in China, as well as for policy formulation and service provision.

Consulting the Experts: Quality and Regulatory Resources for the Stroke Program Leader

Stroke program leaders are experts in clinical care and the administrative aspects of caring for patients with stroke. However, consultation with experts inside and outside of the organization may strengthen the program. Quality improvement (QI) and regulatory readiness are two common areas where expertise may be helpful. Internal expertise may come from hospital or system quality experts as well as regulatory specialists. Other service line and informational technology experts within the organization may be helpful to address concerns. Externally, stroke leaders may consult with experts associated with national organizations like the American Heart Association/Stroke Association (AHA/ASA) and the Institute of Healthcare Improvement (IHI). Regional stroke networks and Quality Improvement Collaboratives (QICs) are also external resources for QI and regulatory readiness. Finally, multiple external databases offer programs an opportunity to benchmark for QI purposes. This summary offers a roadmap for stroke leaders to use their internal and external network for program improvement.