Security Framework Research Articles

Securing fog computing in healthcare with a zero-trust approach and blockchain

As healthcare systems increasingly adopt fog computing to improve responsiveness and real-time data processing at the edge, significant security challenges emerge due to the decentralized architecture. The traditional perimeter-based security models are inadequate for addressing the dynamic and distributed nature of fog networks, leaving them vulnerable to unauthorized access, data tampering, and latency issues. Therefore, this paper proposes a novel security framework that integrates blockchain (BC) and software-defined network (SDN) technologies, underpinned by zero-trust (ZT) principles, to address these challenges in latency-sensitive healthcare environments. The proposed framework enhances security by combining BC’s immutable transaction logs for data integrity and traceability with SDN’s dynamic network reconfiguration for real-time access control and anomaly detection. The integration of BC and SDN supports continuous authentication and monitoring using cryptographic protocols (SHA-256A and RSA-2048) to secure data transmission. Additionally, tasks are dynamically allocated to fog nodes based on a multi-metric scheduling mechanism that considers fog node capacity, proximity, and compliance with predefined security protocols. The framework was evaluated using iFogSim, simulating a healthcare environment with 50 IoT devices, 10 fog nodes, and varying workloads (100–1000 tasks/min). The key evaluation performance metrics include intrusion detection rate (IDR), data integrity (DI), task completion rate (TCR), average task response time (ART), and average block time. The implementation results demonstrate satisfactory improvements compared to existing models: a 40% increase in IDR, a 30% enhancement in DI, a 15.29% rise in TCR, and a 39.66% reduction in ART. Moreover, the baseline IDR (85%) and DI (70%) were drawn from ZT-1, while TCR (85%) and ART (300 ms) were measured using ZT-2 as benchmarks. These findings illustrate the feasibility of integrating BC, SDN, and ZT principles to mitigate threats such as unauthorized access, data tampering, and delays in latency-sensitive tasks.

Information Security of Management System Using ISO 27001: 2013 in the Industrial Revolution 4.0

The design of the Information Security Management System that is made includes all existing processes in a company. Organizations such as universities or institutions need to have a clear security management system. One of the standards that can be used to analyze the level of information security within an organization is ISO 27001:2013. This standard is continuously being developed for the purpose of completing the requirements in terms of implementation of a security system. This study aims to find out how ISO 27001 works and its benefits for an organization. The study employed a literature review methodology. Sources included books, academic papers, internet resources, and personal experiences related to the topic. This study is also expected to be able to help provide a reference for companies to determine the most appropriate security system for the company. In conclusion, the integration of ISO 27001 into an organization's security management system is crucial in today's complex digital landscape. Embracing ISO 27001 not only enhances the overall security framework within an organization but also instills trust among stakeholders and customers in the organization's dedication to data protection.

Sailfish-cat algorithm-enhanced generative adversarial network for attack detection in internet of things-Fog network authentication

The internet of things (IoT) has emerged as a prominent and influential concept within the realm of computing. Various attack detection methods are devised for detecting attacks in IoT-Fog environment. Despite all these efforts, attack detection still remained as a challenging task due to factors such as low latency, resource constraints of IoT devices, scalability issues, and distribution complexities. All these challenges are addressed in this paper by designing an efficient attack detection technique named as sailfish- cat optimization-based generative adversarial network (SaCO-based GAN) tailored for the IoT-Fog framework. This proposed approach introduces the SaCO-based GAN for IoT-Fog attack detection utilizing deep learning and feature-based classification, validated through experiments showing superior performance metrics. Notably, the SaCO optimization technique is utilized to train the GAN. Experimental results demonstrate the efficacy of the SaCO-based GAN with a maximum recall of 92.15%, a maximum precision of 91.21%, and a maximum F-Measure of 92.16%, outperforming existing techniques in IoT-Fog attack detection. The paper recommends enhancing scalability, implementing real-time detection strategies, rigorously testing robustness against diverse attack scenarios, and integrating with existing IoT security frameworks for practical deployment.

Real-time IoT security framework for detecting a person with a weapon using Raspberry Pi, Google Vertex AI, and AWS

Real-time IoT security framework for detecting a person with a weapon using Raspberry Pi, Google Vertex AI, and AWS

SIMRA: An interactive web-based tool for single integrated microbial risk assessment and management within the national water security framework (NWSF)

SIMRA: An interactive web-based tool for single integrated microbial risk assessment and management within the national water security framework (NWSF)

Enhanced Security Taxonomy for Fog-Enabled VANETs: A Comprehensive Survey on Attacks, Challenges, Applications and Architectures

Vehicular Ad Hoc Networks (VANETs) are integral to Intelligent Transportation Systems (ITS), enabling real-time communication between vehicles and infrastructure to enhance traffic flow, road safety, and passenger experience. However, the open and dynamic nature of VANETs presents significant privacy and security challenges, including data eavesdropping, message manipulation, and unauthorized access. This study addresses these concerns by leveraging advancements in Fog Computing (FC), which offers lowlatency, distributed data processing near-end devices to enhance the resilience and security of VANET communications. The paper comprehensively analyzes the security frameworks for fog-enabled VANETs, introducing a novel taxonomy that classifies threats, attack vectors, and mitigation strategies across various applications and architectures. Additionally, this study outlines methods for secure data sharing, real-time authentication, and threat mitigation while evaluating emerging security frameworks. By highlighting the advantages of FC—such as localized data privacy management, mobility support, and real-time decision-making—this survey establishes a foundation for future research and innovation in developing secure, scalable, and robust VANET systems. The findings offer practical implications for designing next-generation ITS with enhanced security and operational efficiency.

Decentralized Framework for Securing Smart Grids Using Blockchain and Machine Learning

Abstract: The transition to smart grids has revolutionized energy distribution, enabling more efficient and flexible power management through advanced communication and control systems. However, this interconnected structure makes smart grids vulnerable to cyberattacks, such as False Data Injection Attacks (FDIA), Distributed Denial of Service (DDoS) attacks, and data manipulation. These threats undermine the stability and reliability of the grid, and existing centralized security frameworks are often ill-equipped to address them due to their susceptibility to single points of failure and limited scalability. To overcome these challenges, this paper introduces a decentralized security framework that combines blockchain technology with machine learning (ML). The framework leverages blockchain to provide a transparent, immutable, and decentralized ledger, employing consensus mechanisms like Practical Byzantine Fault Tolerance (PBFT) or Proof of Authority (PoA) to ensure secure data validation. Alongside this, ML models, including Long Short-Term Memory (LSTM) networks and Convolutional Neural Networks (CNN), are used to detect anomalies in time-series data, such as FDIA, with high precision. Smart contracts embedded in the blockchain enable automated, real-time responses to threats, such as isolating compromised nodes or rerouting energy flows to maintain grid stability. Through simulations replicating real-world cyberattacks, the proposed framework demonstrated over 95% detection accuracy, a 30% reduction in response times, and enhanced computational efficiency with lower energy consumption. These results affirm the effectiveness of the framework as a scalable and resilient solution for modern smart grid security.

Workflow optimization for mobile computing

Mobile workflow optimization has emerged as a critical factor in modern business operations, transforming how organizations manage and execute their processes across distributed environments. This comprehensive article explores the fundamental components, implementation strategies, and future directions of mobile workflow optimization. The article examines cloud integration, artificial intelligence implementation, security frameworks, and technical considerations that drive successful mobile workflow deployments. Through detailed analysis of real-world implementations, the research demonstrates how organizations improve operational efficiency, user satisfaction, and resource utilization while maintaining robust security measures. The investigation encompasses development methodologies, monitoring strategies, and emerging technologies reshaping the mobile workflow landscape, providing insights into best practices and future considerations for organizations pursuing the mobile-first operational strategy.

Cyber-resilient supply chains: A framework for national security

This study examines the critical need for cyber-resilient supply chains in ensuring national security and operational efficiency. It examines the vulnerabilities posed by cyber threats and highlights the role of emerging technologies such as artificial intelligence, blockchain, and advanced analytics in enhancing supply chain resilience. Using the research onion framework, the study adopts a quantitative approach, analyzing quantitative data from reputable statistical sources. The findings emphasize the significance of integrating advanced technologies to mitigate risks, enhance transparency, and secure supply chain operations. The study concludes that proactive adoption of these technologies is vital for countering cyber threats and maintaining the seamless flow of goods and services in an increasingly digital world. The recommendations focus on encouraging technological innovation and collaboration to strengthen cyber resilience in supply chains.

Mitigating DDoS Attacks in Virtual Machine Migration: An In-Depth Security Framework Utilizing Deep Learning and Advanced Encryption Techniques

Safeguarding virtual machines (VMs) during migration is essential to avert Service Level Agreement (SLA) violations. This research article presents a robust security framework that utilizes deep learning and advanced encryption methods to reduce the impact of Distributed Denial of Service (DDoS) attacks during virtual machine migration. The study introduces an Improved Sparrow Search Algorithm-based Deep Neural Network (ISSA-DNN) for the classification of DDoS attacks and utilizes Advanced Encryption Standard-Elliptic Curve Cryptography (AES-ECC) to safeguard virtual machine images. The primary objective is to mitigate the risks associated with VM migration by identifying DDoS attacks and safeguarding VMs using advanced cryptographic techniques. The research employs the Canadian Institute for Cybersecurity Distributed Denial of Service (CICDDoS) dataset, implementing preprocessing procedures like duplication elimination, feature selection via Random Forest, and normalization to improve the precision of the DNN classifier. The ISSA-DNN approach enhances hyperparameter optimization by inverse mutation-based sparrow search, yielding a precise attack classification model. Furthermore, the research incorporates AES-ECC for encrypting VM images, amalgamating AES's computational efficiency with ECCs improved security. In contrast to conventional methods, this hybrid encryption approach enhances throughput and decreases encryption and decryption durations, rendering it appropriate for high-throughput and real-time applications. Experimental findings indicate that the proposed ISSA-DNN attains a classification accuracy of 98.79%, surpassing current state-of-the-art techniques. The AES-ECC encryption technique markedly enhances performance metrics, safeguarding the security of virtual machines during migration. This proactive security policy safeguards sensitive data and guarantees adherence to regulatory standards. In conclusion, the established framework offers a comprehensive solution for mitigating DDoS attacks and safeguarding VM migration via advanced deep learning and encryption methodologies. Integrating ISSA-DNN for attack classification and AES-ECC for encryption offers a robust strategy for improving cybersecurity in cloud environments.

Botnets and Critical Infrastructure Security: A Survey

Botnets have emerged as a significant threat to the security and resilience of critical infrastructure systems. These decentralized networks of compromised devices enable malicious actors to execute sophisticated cyberattacks, such as Distributed Denial of Service (DDoS) attacks, data exfiltration, and ransomware deployment, which can disrupt essential services and compromise national security. This paper examines the evolving landscape of botnet threats to critical infrastructure, highlighting the vulnerabilities inherent in increasingly interconnected systems, including industrial control systems (ICS), smart grids, and healthcare networks. It explores how advancements in artificial intelligence (AI), machine learning (ML), and the Internet of Things (IoT) have expanded the attack surface for botnets while also offering potential mitigation strategies. Furthermore, the paper reviews contemporary defense mechanisms, including anomaly detection, threat intelligence sharing, and network segmentation, and assesses their efficacy in safeguarding critical infrastructure. By identifying gaps in existing security frameworks and proposing a multi-layered, proactive defense approach, this study aims to enhance the resilience of critical infrastructure against botnet-driven threats. The findings underscore the urgent need for collaboration between policymakers, industry stakeholders, and cybersecurity experts to develop robust and adaptive solutions in the face of this escalating cyber threat.

Serverless computing and advanced security framework integration: From implementation to future trends

The integration of serverless computing and Function-as-a-Service (FaaS) with advanced security frameworks represents a transformative shift in cloud-native application development. This comprehensive analysis explores the evolution of serverless architectures, examining their impact on real-time data processing, API development, microservices implementation, and machine learning applications. The article investigates the synergy between serverless computing and cybersecurity measures, particularly focusing on Zero-Trust Architecture implementation across healthcare, retail, and supply chain sectors. Furthermore, it evaluates the future trajectory of serverless computing, analyzing its convergence with edge computing, AI-driven automation, and blockchain technologies, while addressing the challenges and opportunities in maintaining security and compliance in distributed cloud environments.

Real Time Anomaly Detection and Intrusion Detection for Safeguarding Intra-Vehicle Communication Powered by AI

This study addresses cyber-attacks in Electric Vehicles (EVs) and proposes an intelligent, secure framework to protect both in-vehicle and vehicle-to-vehicle communication systems. The proposed model uses an improved support vector machine (SVM) for anomaly and intrusion detection based on the Controller Area Network (CAN) protocol a critical component in vehicle communication. To further enhance detection speed and accuracy a new optimization algorithm the Social Spider Optimization (SSO) is introduced for reinforcing the offline training process. Simulation results on real-world datasets demonstrate the model's high performance, reliability and ability to defend against denial-of-service (DoS) attacks in EVs.

From Vulnerability to Defense: The Role of Large Language Models in Enhancing Cybersecurity

The escalating complexity of cyber threats, coupled with the rapid evolution of digital landscapes, poses significant challenges to traditional cybersecurity mechanisms. This review explores the transformative role of LLMs in addressing critical challenges in cybersecurity. With the rapid evolution of digital landscapes and the increasing sophistication of cyber threats, traditional security mechanisms often fall short in detecting, mitigating, and responding to complex risks. LLMs, such as GPT, BERT, and PaLM, demonstrate unparalleled capabilities in natural language processing, enabling them to parse vast datasets, identify vulnerabilities, and automate threat detection. Their applications extend to phishing detection, malware analysis, drafting security policies, and even incident response. By leveraging advanced features like context awareness and real-time adaptability, LLMs enhance organizational resilience against cyberattacks while also facilitating more informed decision-making. However, deploying LLMs in cybersecurity is not without challenges, including issues of interpretability, scalability, ethical concerns, and susceptibility to adversarial attacks. This review critically examines the foundational elements, real-world applications, and limitations of LLMs in cybersecurity while also highlighting key advancements in their integration into security frameworks. Through detailed analysis and case studies, this paper identifies emerging trends and proposes future research directions, such as improving robustness, addressing privacy concerns, and automating incident management. The study concludes by emphasizing the potential of LLMs to redefine cybersecurity, driving innovation and enhancing digital security ecosystems.

The Impact of FinTech on Traditional Banking: A Comparative Study of Adoption in Tier 1 and Tier 2 Cities

The rapid evolution of FinTech has fundamentally changed the financial services landscape, which is a significant challenge to traditional banking systems. This study explores the comparative adoption of FinTech platforms, such as UPI, digital wallets, and digital lending, versus traditional banking services in Tier 1 cities (e.g., Mumbai, Delhi) and Tier 2 cities (e.g., Lucknow, Coimbatore) in India. The research investigates consumer preferences, usage patterns, and factors driving the growth of FinTech in these unique geographic segments. Using the mixed-methods approach, it combines quantitative survey data (200 respondents) with qualitative insights gathered from industry experts. Primary data were collected through the source of consumers and banking professionals; secondary data will be supported through RBI, NPCI, and FinTech industry reports. Findings indicate that higher FinTech adoption is observed in Tier 1 cities, because of the well-developed digital infrastructure, literacy rates, and urban convenience. Conversely, Tier 2 cities show promising growth, driven by government initiatives like Digital India and increasing smartphone penetration, but face challenges like digital literacy gaps and trust issues. The study identifies the competitive forces on traditional banks, especially concerning retaining customers used to the fast and convenient ways of FinTech. It also stresses the role of FinTech in making financial services accessible to semi-urban areas to bridge the access gap for these underprivileged communities. The research concludes with actionable recommendations for banks and policymakers to adapt to the digital revolution, emphasizing collaboration between FinTech and traditional banks, improved security frameworks, and enhanced consumer education. Keywords: FinTech, Traditional Banking, UPI, Digital Payments, Tier 1 Cities, Tier 2 Cities, Financial Inclusion, Consumer Behaviour

Retraction Note: Internet of things and distributed security framework for 5G networks

Retraction Note: Internet of things and distributed security framework for 5G networks

A Container Security Survey: Exploits, Attacks, and Defenses

Containerization significantly boosts cloud computing efficiency by reducing resource consumption, enhancing scalability, and simplifying orchestration. Yet, these same features introduce notable security vulnerabilities due to the shared Linux kernel and reduced isolation compared to traditional virtual machines (VMs). This architecture, while resource-efficient, increases susceptibility to software vulnerabilities, exposing containers to potential breaches; a single kernel vulnerability could compromise all containers on the same host. Existing academic research on container security is often theoretical and lacks empirical data on the nature of attacks, exploits, and vulnerabilities. Studies that do look at vulnerabilities often focus on specific types. This lack of detailed data and breadth hampers the development of effective mitigation strategies and restricts insights into the inherent weaknesses of containers. To address these gaps, our study introduces a novel taxonomy integrating academic knowledge with industry insights and real-world vulnerabilities, creating a comprehensive and actionable framework for container security. We analyzed over 200 container-related vulnerabilities, categorizing them into 47 exploit types across 11 distinct attack vectors. This taxonomy not only advances theoretical understanding but also facilitates the identification of vulnerabilities and the implementation of effective mitigation strategies in containerized environments. Our approach enhances the resilience of these environments by mapping vulnerabilities to their corresponding exploits and mitigation strategies, especially in complex, multi-tenant cloud settings. By providing actionable insights, our taxonomy helps practitioners enhance container security. Our findings have identified critical areas for further investigation, thereby laying a comprehensive foundation for future research and improving container security in cloud environments.

Advanced Data Classification Framework for Enhancing Cyber Security in Autonomous Vehicles

Autonomous vehicles (AVs) have revolutionized the automotive industry by leveraging data to perceive and interact with their environment effectively. Data safety is essential for supporting AV decision-making and ensuring reliability in complex environments. AVs continuously collect data from multiple sources like LiDAR, RADAR, cameras, and ultrasonic sensors to monitor road conditions, traffic signals, and pedestrian movements. An effective data classification framework is crucial for managing vast amounts of information and securing AV systems against cyber threats. This paper proposes a comprehensive framework for AV data classification, categorizing data by sensitivity, usage, and source. By integrating a review of the literature, real-world cases, and practical insights, this study introduces a novel data classification model and explores sensitivity criteria. The findings aim to assist industry stakeholders in creating secure, efficient, and sustainable AV ecosystems.

The Intersection of IoT, Marketing, and Cybersecurity: Advantages and Threats for Business Strategy

This paper examines how IoT, marketing, and cybersecurity affect current corporate strategy, including its benefits and drawbacks. The research examines how data-driven insights from IoT improve marketing tactics and the cybersecurity risks of linked devices. The research synthesizes secondary data to explore the dynamic interaction between IoT, marketing, and cybersecurity. The key results show that IoT helps organizations create targeted marketing campaigns using real-time data, but it also increases the attack surface, posing cybersecurity threats. Many IoT devices lack security and data privacy, which threatens corporate operations. The report also stresses integrating strong security measures into design, using adaptive security frameworks, and collaborating between marketing and IT departments. Policy implications include enterprises implementing more apparent cybersecurity principles and educating employees, while legislators should regulate data privacy, secure gadget manufacture, and cross-sector cooperation. This report emphasizes balancing innovation and security to maximize IoT-driven marketing tactics while minimizing cybersecurity concerns.

UNIFIED PAYMENT INTERFACE: REVOLUTIONIZING MODERN PAYMENT SYSTEMS

This paper examines the Unified Payment Interface (UPI), a cutting-edge payment system introduced in India by the National Payments Corporation of India. UPI is a mobile-centric, real-time interbank payment platform designed to transform and democratize digital payments in the country. The study delves into the evolution of India's payment systems and provides a comprehensive analysis of UPI's technology, focusing on its architecture and security framework through empirical and theoretical literature. UPI stands out as a major advancement compared to existing payment systems, offering benefits such as reduced costs, user-friendly interfaces, faster settlement times, and robust security measures. With its modular API-based architecture, UPI fosters the creation of innovative solutions for both consumers and businesses. Although still in its early stages, the development of merchant-focused UPI solutions holds the potential to significantly enhance user adoption. By integrating a broader section of the population into the digital economy, UPI could play a pivotal role in advancing financial inclusion in India. KEYWORDS: Mobile payments, Real Time Payments, Unified Payment Interface, Digital payments