Hacker Attacks Research Articles

Unintended Consequences of Data Sharing Under the Meaningful Use Program.

Interoperability has been designed to improve the quality and efficiency of health care. It allows the Centers for Medicare and Medicaid Services to collect data on quality measures as a part of the Meaningful Use program. Covered providers who fail to provide data have lower rates of reimbursement. Unintended consequences also arise at each step of the data collection process: (1) providers are not reimbursed for the extra time required to generate data; (2) patients do not have control over when and how their data are provided to or used by the government; and (3) large datasets increase the chances of an accidental data breach or intentional hacker attack. After detailing the issues, we describe several solutions, including an appropriate data use review board, which is designed to oversee certain aspects of the process and ensure accountability and transparency.

Cyber Hacking Breaches Detection Using Machine Learning

Cyber hacking breach prediction is one of the emerging technologies and detecting and predicting breaches through computer algorithms has become a very challenging task To make malware detection more effective, scalable and more efficient than traditional system calls human involvement Machine learning to be used for breach detection and prediction The main goal is a series of cyber hacking attacks each of which will harm the person’s information and financial reputation. Government and non-profit organizations’ data, such as user and company information,, can be compromised, posing a risk to their finances and reputation if they collect information from websites and social networks it can trigger a cyber attack. Organizations such as the healthcare sector are capable of holding sensitive information that must be handled discreetly and securely. Data breaches can lead to identity theft, fraud, and other losses. The findings show that 70% of breaches affect a wide range of organisations, including healthcare providers. The investigation indicates a possible data breach. Due to the heavy usage of computer programs and security on the host and network, there is a risk of data breach. Machine learning can be used to detect these attacks. Research uses machine learning models to protect against web security flaws. The data set is available from the Privacy Rights Clearing House. Teaching employees how to use modern security measures can reduce data breaches. This can help to understand attack detection and data security. Machine learning models such as Random Forest, Decision Tree, k-means and Multi- layer Perceptron are used to predict data violations

An optimized model for network intrusion detection in the network operating system environment

With the heavy reliance on computers and information technology to send and receive data across networks of various types, there has been concern about securing that data from intrusions and cyber-attacks. The expansion of network usage has led to an increase in hacker attacks, which has led to prioritizing cybersecurity precautions in detecting potential threats. Intrusion detection techniques are a critical security measure to protect networks in both personal and corporate environments that are managed by network operating systems. For this, the paper relies on designing a network intrusion detection model. Since deep neural networks (DNNs) are classic deep learning models known for their strong classification performance, making them popular in intrusion detection along with other machine learning algorithms, they have been chosen to improve intrusion classification models based on datasets for intrusion detection systems. The basic structure of this proposal is to adopt one of the optimization algorithms in extracting features from the dataset to obtain more accurate results in the classification and intrusion detection stage. The developed Corona Virus algorithm is adopted to improve the system performance by identifying optimal features. This algorithm, which consists of several stages, optimally selects individuals based on features from the NSL-KDD dataset used for intrusion detection. The resulting optimization solution acts as a network structure for the intrusion classification model based on machine learning and deep learning algorithms. The test results showed exceptional performance on the NSL-KDD dataset, where the proposed Convolution Neural Network CNN model achieved 99.3% accuracy for multi-class classification, while the Decision Tree (DT) achieved 88.64% accuracy for anomaly detection in bi-class classification.

Decentralized CP-ABE Scheme for Enhanced University Data Security Using Blockchain

In studying ample data security in universities, it is essential to protect the privacy and integrity of data. Current schemes utilize blockchain technology for data sharing, where cloud servers are responsible for storing ciphertext and performing partial encryption and decryption calculations. Data encryption technology can effectively prevent hacker attacks and ensure the integrity of data transmission. However, cloud servers that are only partially trusted may tamper with the ciphertext or return incorrect results. To solve these problems, this paper improves the privacy of access policy, attribute revocation and data authenticity of traditional CP-ABE algorithm. A protection scheme for ample public data security in universities is proposed, and a decentralized network structure based on multiple nodes is designed to improve the efficiency of data queries. The simulation results show that the scheme performs well in the scenario where the number of system attributes is moderate and the complexity of the access policy is not high.

Being phished and reporting phishing emails: emotional and knowledge antecedents and training gaps

ABSTRACT Research on phishing, a prevalent cybercrime, has not addressed which dispositional and knowledge antecedents are related to reporting suspicious emails to their organizations and has provided limited attention to emotions as a predictor of being phished. Our prospective design involved two phases where employees and students at a university (N = 538) first completed a survey and then, after 1 month, were sent three phishing emails spaced weeks apart without their knowledge. Trained members were more likely to have knowledge about safe URLs and this accurate knowledge was associated with a lower rate of being phished and a higher rate of reporting phishing emails. Untrained members had a higher rate of clicking on links and a lower rate of reporting suspicious emails than recently trained members, though training efficacy dissipates over time. Members with high generalized anxiety were more likely to click on links and less likely to report phishing emails, suggesting a gap in training curriculum. High avoidant cognitive styles were less likely to report phishing emails, and these styles are more prevalent among those with high anxiety. Policies and training curriculum need to address anxiety to create a stronger defense against phishing and hacking attacks.

A Survey on Penetration Path Planning in Automated Penetration Testing

Penetration Testing (PT) is an effective proactive security technique that simulates hacker attacks to identify vulnerabilities in networks or systems. However, traditional PT relies on specialized experience and costs extraordinary time and effort. With the advancement of artificial intelligence technologies, automated PT has emerged as a promising solution, attracting attention from researchers increasingly. In automated PT, penetration path planning is a core task that involves selecting the optimal attack paths to maximize the overall efficiency and success rate of the testing process. Recent years have seen significant progress in the field of penetration path planning, with diverse methods being proposed. This survey aims to comprehensively examine and summarize the research findings in this domain. Our work first outlines the background and challenges of penetration path planning and establishes the framework for research methods. It then provides a detailed analysis of existing studies from three key aspects: penetration path planning models, penetration path planning methods, and simulation environments. Finally, this survey offers insights into the future development trends of penetration path planning in PT. This paper aims to provide comprehensive references for academia and industry, promoting further research and application of automated PT path planning methods.

A preliminary discussion on data privacy and data security issues

With the expeditious evolution of technologies such as the internet, big data, cloud computing, and artificial intelligence, data has ascended to the status of an invaluable and indispensable resource within the intricate tapestry of modern society. Yet, the labyrinthine ethical quandaries that intertwine with the processes of data collection, storage, processing, and application have progressively surfaced, capturing the rapt attention of academia, industry, and government as they grapple with this nascent challenge. However, with the extensive application of data technology, issues of data ethics have become increasingly prominent, posing unprecedented challenges to personal privacy, data security, social equity, and justice. This article aims to delve deeply into the connotation and extension of data privacy and data security, as well as its significant role in current society. By examining relevant research findings at this stage, analyzing the major challenges faced by data ethics and exploring corresponding strategies, this paper delves into the multifaceted challenges faced by data privacy and data security, highlights the inadvertent data collection by smart devices, the potential for re-identification of blurred and anonymized information through big data analysis, as well as the ongoing threats posed by hacker attacks, internal vulnerabilities, and the complexity of data circulation.

Light-injection attack against practical continuous-variable measurement-device-independent quantum key distribution systems

Continuous-variable measurement-device-independent quantum key distribution (CV-MDI QKD) can defend all detection-side attacks effectively. Therefore, the source side is the final battlefield for performing quantum hacking attacks. This paper investigates the practical security of a CV-MDI QKD system under a light-injection attack. Here, we first describe two different light-injection attacks, i.e., the induced-photorefractive attack and the strong-power injection attack. Then, we consider three attack cases where Eve only attacks one of the parties or both parties of the CV-MDI QKD system. Based on the analysis of the parameter estimation, we find that the legitimate communication parties will overestimate the secret key rate of the system under the effect of a light-injection attack. This opens a security loophole for Eve to successfully obtain secret key information in a practical CV-MDI QKD system. In particular, compared to the laser-damage attack, the above attacks use a lower power of injected light and have a more serious effect on the security of the system. To eliminate the above effects, we can enhance the practical security of the system by doping the lithium niobate material with various impurities or by using protective devices, such as optical isolators, circulators, optical power limiters, and narrow-band filters. Apart from these, we can also use an intensity monitor or a photodetector to detect the light-injection attack.

Research on Personal Information Security and Privacy Issues in the Network Environment

In today s digital age, we face the grave challenges of personal information security. Frequent hacker attacks, data breaches, social engineering, and illegal information trading pose serious threats to user privacy. By comprehensively applying encryption technology, access control, data desensitization, combined with improved laws and regulations and enhanced user security awareness, these challenges can be effectively addressed, which means, personal privacy can be protected, and a secure and trustworthy network environment can be built.

Design of a cybersecurity defense system based on big data and artificial intelligence

With the development of big data and artificial intelligence technologies, hacker attack techniques and capabilities have continuously improved, and the methods of network attacks have diversified. Without cybersecurity, there is no national security. Therefore, cybersecurity has become a focal point of attention. To comprehensively enhance the network security defense capabilities of computer operating systems, aligning with the rapid development trends of big data and artificial intelligence technologies, this study focuses on constructing an efficient, stable, and practical cybersecurity defense system. This system deeply integrates advanced technologies of big data analysis and artificial intelligence, thoroughly analyzing the current status of network information security in computer operating systems and closely aligning with the practical needs of design and production. The aim is to provide highly valuable reference solutions for the field of cybersecurity defense.

A survey of large language models for cyber threat detection

With the increasing complexity of cyber threats and the expanding scope of cyberspace, there exist progressively more challenges in cyber threat detection. It is proven that most previous threat detection models may become inadequate due to the escalation of hacker attacks. However, recent research has shown that some of these problems can be effectively addressed by Large Language Models (LLMs) directly or indirectly. Nowadays, a growing number of security researchers are adopting LLMs for analyzing various cyber threats. According to the investigation, we found that while there are numerous emerging reviews on the utilization of LLMs in some fields of cyber security, there is currently a lack of a comprehensive review on the application of LLMs in the threat detection stage. Through retrieving and collating existing works in recent years, we examined various threat detection and monitoring tasks for which LLMs may be well-suited, including cyber threat intelligence, phishing email detection, threat prediction, logs analysis, and so on. Additionally, the review explored the specific stages of different detection tasks in which LLMs are involved, evaluating the points at which LLMs are optimized. For instance, LLMs have been found to enhance the interpretability of log analysis in real-time anomaly event discovery. Additionally, we discussed some tasks where LLMs may not be suitable and explored future directions and challenges in this field. By providing a detailed status update and comprehensive insights, this review aims to assist security researchers in leveraging LLMs to enhance existing detection frameworks or develop domain-specific LLMs.

Analysis of problems and countermeasures in computer network engineering security

This paper analyzes the existing security issues in computer network engineering and proposes a series of countermeasures. To address the problems of hacker attacks and information leakage, it is recommended to strengthen network monitoring and the application of encryption technology. For the issues of malware and virus dissemination, it is advised to regularly update antivirus software and enhance employee security awareness training. Regarding network data leakage and privacy breaches, the use of secure transmission protocols and multi-factor authentication technology is advocated. For network security management and maintenance issues, establishing a sound security management system and emergency response plans is recommended to ensure the stable operation of network systems. Through the implementation of the above measures, the security level of computer network engineering can be effectively improved, ensuring the normal operation of network systems and the security of information.

Digital Forensics for Analyzing Cyber Threats in the XR Technology Ecosystem within Digital Twins

Recently, advancements in digital twin and extended reality (XR) technologies, along with industrial control systems (ICSs), have driven the transition to Industry 5.0. Digital twins mimic and simulate real-world systems and play a crucial role in various industries. XR provides innovative user experiences through virtual reality (VR), augmented reality (AR), and mixed reality (MR). By integrating digital twin simulations into XR devices, these technologies are utilized in various industrial fields. However, the prevalence of XR devices has increased the exposure to cybersecurity threats in ICS and digital twin environments. Because XR devices are connected to networks, the control and production data they process are at risk of being exposed to cyberattackers. Attackers can infiltrate XR devices through malicious code or hacking attacks to take control of the ICS or digital twin or paralyze the system. Therefore, this study emphasizes the cybersecurity threats in the ecosystem of XR devices used in ICSs and conducts research based on digital forensics. It identifies potentially sensitive data and artifacts in XR devices and proposes secure and reliable security response measures in the Industry 5.0 environment.

Construction of a network intrusion detection system based on a convolutional neural network and a bidirectional gated recurrent unit with attention mechanism

The object of this study is the process of recognizing intrusions in computer networks. Network intrusion detection systems (NIDS) have become an important area of research as they are used to protect computer systems from hacker attacks. Deep learning is becoming increasingly popular for detecting and classifying malicious network traffic, including for building NIDS. In this paper, we propose a network intrusion detection model CNN-BiGRU-Attention based on a time-based approach to deep learning using the attention mechanism. The main goal of the study is to build an effective combined deep learning model that can detect various network cyber threats. A 1D convolutional neural network is implemented to extract high-level representations of intrusion information features. A bidirectional gated recurrent unit (BiGRU) with an attention mechanism for traffic data classification has been designed. The attention mechanism plays a key role in the constructed model as it allows the system to focus only on important aspects of network traffic and allows the model to adapt to new types of threats. The results of the study show that using a combination of CNN and BiGRU with the attention mechanism speeds up and improves the process of classifying network attacks. On the NSL-KDD and UNSW-NB15 training datasets, the model shows an accuracy of 99.81 % and 97.80 %. On the NSL-KDD and UNSW-NB15 test datasets, the model demonstrates 82.16 % and 97.72 % accuracy. The proposed NIDS model will be considered for implementation in a real-time corporate network security system. In general, the results of the study provide a new perspective on improving the performance of NIDS and are quite relevant in terms of using attention mechanisms to classify network traffic

Effective Application of Computer Network Security Technology in E-commerce Operation and Maintenance

As an important part of the modern economy, the security of e-commerce operation and maintenance directly affects the business continuity of enterprises and the trust of users. This paper explores the application of computer network security technology in operation and maintenance, analyzes existing technologies and actual cases, evaluates its effects, and looks forward to future development trends. The paper shows that the use of advanced network security technology can significantly improve the security and reliability of e-commerce systems.IntroductionIt has developed rapidly around the world and has become an important way for people to shop and for enterprises to operate e-commerce. However, the booming development of e-commerce also inevitably brings serious security threats, including data leakage, hacker attacks, and malware. In order to ensure the normal operation of e-commerce systems and the security of user data, the application of computer network security technology is extremely important. This paper aims to systematically explore the actual application effects of these technologies in e-commerce and provide reference for future research and practice.

Effective Application of Computer Network Security Technology in E-commerce Operation and Maintenance

As an important part of the modern economy, the security of e-commerce operation and maintenance directly affects the business continuity of enterprises and the trust of users. This paper explores the application of computer network security technology in operation and maintenance, analyzes existing technologies and actual cases, evaluates its effects, and looks forward to future development trends. The paper shows that the use of advanced network security technology can significantly improve the security and reliability of e-commerce systems.IntroductionIt has developed rapidly around the world and has become an important way for people to shop and for enterprises to operate e-commerce. However, the booming development of e-commerce also inevitably brings serious security threats, including data leakage, hacker attacks, and malware. In order to ensure the normal operation of e-commerce systems and the security of user data, the application of computer network security technology is extremely important. This paper aims to systematically explore the actual application effects of these technologies in e-commerce and provide reference for future research and practice.

Monitoring dan Pencegahan Serangan Judi Online (Slot Gacor) pada Website

A website is a complex tool for presenting information. The security of a website is very important to support the reputation of the website. The rise of online gambling has now penetrated the website, the most dangerous is when the website has been infiltrated with an online gambling page. The purpose of the research is to prevent and monitor the website against online gambling hacker attacks. This research uses a descriptive method approach, namely by monitoring and observing the website, we try to provide an in-depth explanation of monitoring and preventing online gambling attacks (Slot Gacor) by utilizing Cloudflare services. Cloudflare is implemented as a security system on the website. In this research, the website that became a case study was the bpti.uhamka.ac.id website with the research location in the UHAMKA data center room. Data collection techniques and data analysis are carried out by direct observation through the cloudflare website. The data analyzed in the form of graphs and money url paths have been blocked. Research results Within 8 days there were 126 url paths that could be blocked by cloudflare and all of them contained online gambling with most of them being gacor slots. Cloudflare has successfully blocked hackers by filtering path URLs from the originating website.

Simulation of network forensics model based on wireless sensor networks and inference technology

The purpose of network forensics is forensic analysis of traces after hacker attacks, obtaining electronic evidence of Cyber Crime, and accusing hackers by electronic evidence. Both foreign and domestic, the research of network forensics is in the beginning stage, and the technology of network forensics is developed in this background. An analysis system of fuzzy decision tree based network forensics, network forensics personnel to assist in the network environment of computer crime forensics analysis. The experimental results of this method are given and compared with the existing methods of the analysis results. The experimental results show that this system can classify most kinds of events (the average correct classification rate. 91.16 %), can provide comprehensible information for network forensics personnel, to assist forensic personnel for rapid and efficient analysis of the evidence.

НОВАЯ УГРОЗА ВЕКА: КИБЕРПРЕСТУПЛЕНИЕ ИЛИ «ХАКЕРСКИЕ ИГРЫ»

This article discusses the new challenges of digital reality – cybercrime. A new definition of this term was given. The importance of classification of cybercrime types is indicated. The characteristic qualities and causes of the growth of crime in the digital space are analyzed. The statistics of damage caused by hacker attacks are investigated. Effective methods and approaches implemented by the state to solve this problem are given.

Cybersecurity of Internet of Things in the health sector: Understanding the applicable legal framework

Although the digitalisation of healthcare is an ongoing process that dates back to more than two decades ago, it has gained more momentum with the COVID-19 pandemic. Recent developments in this sector include the adoption of wearable devices based on Internet of Things technology. The possibility of connecting devices that can work outside the physical boundaries of a hospital and follow patients at home, i.e. during their day-to-day life, has several obvious advantages. However, the digitalisation of the health sector through increased adoption of connected devices does not exclude vulnerabilities, particularly risks concerning the protection of patients’ data and the security of networks and information systems. Connected devices can gather, process, and store personal patient health data. Failure to safeguard the integrity and security of these data may affect the patients’ identity and finances and put their lives at risk. The presence of an IoT device in a healthcare setting may affect and reduce the level of network security of the overall system as it may provide an access point for an unlawful hacking attack. Although IoT technologies in the health sector are becoming increasingly pervasive, the European legal framework applicable to them is not clearly defined. This is extremely relevant in the case of cybersecurity, where the legal point of reference is the General Data Protection Regulation, addressing the measures and requirements applicable in case of data breaches, and the Medical Device Regulation, providing provisions focused on the security of data relevant to IoT defined as medical devices. The most recent interventions that address health data processing and cybersecurity are the proposed Cyber Resilience Act and the Health Data Space Regulation. The two acts provide measures and requirements applicable to IoT from two perspectives. Yet, they add complexities and some inconsistencies that may hamper the effectiveness of the overall cybersecurity framework.