Unauthorized Access Research Articles

Privacy - Preserving Technique in cybersecurity: Balancing Data Protection and User Rights

Increasing technological complexity of cyber threats creates a major challenge between securing data privacy and maintaining potent cybersecurity practices. The paper examines privacy-protecting security methods in cybersecurity by detailing organizational approaches to defend private information throughout the cyber threat detection and mitigation process. Organizations need to establish the appropriate levels of data security because implementations that limit privacy too much threaten their security capabilities but weak protection measures create vulnerabilities to data breaches. The research implements Cybersecurity: Suspicious Web Threat Interactions data to examine actual cyber threats which comprise phishing attacks and malware and unauthorized access attempts. The effectiveness of data protection approaches including encryption and differential privacy together with homomorphic encryption and federated learning and anonymization solutions gets tested for their ability to secure confidential information throughout cybersecurity operations. The research investigates threat detection accuracy together with computational efficiency and GDPR and CCPA compliance effects when using these techniques. Results demonstrate that security frameworks gain significant improvements from privacy-preserving systems because these systems decrease breach threats and meet all regulatory compliance requirements. The main limiting factors for these privacy-preserving methods consist of excessive computational requirements as well as adversarial threat vectors and the detection versus protection trade-offs that need improvement. This paper presents strategic guidance about privacy-aware cybersecurity models which optimize security capabilities together with data protected information. This research investigates cybersecurity and privacy-preserving methods to assist the development of ethical systems meeting regulatory standards which protect users from advancing cyber threats through privacy-protected mechanisms.

Hybrid AI- and Blockchain-Powered Secure Internet Hospital Communication and Anomaly Detection in Smart Cities

Internet of Things (IoT) devices have revolutionized real-time monitoring and distant patient care in smart cities’ healthcare systems. However, this advancement has come with several issues, such as data security, scalability, operational efficiency, and fault tolerance. Previous approaches are not well suited to the real-time processing of IoT data in healthcare, given the low latency, high throughput, and effective anomaly detection needed for such a task. Given these challenges, this paper proposes a hybrid Artificial Intelligence (AI)- and blockchain-based IoT governance framework for Internet hospitals using Proof-of-Authority (PoA) in smart cities. It encompasses application of the enhanced RSA for secure data transmission, real-time anomaly detection through the Isolation Forest algorithm, and a private blockchain architecture designed for high scalability. It effectively detects tampering and replay attacks to minimize illegitimate and unauthorized access or manipulation of patients’ data. The proposed framework achieves relatively significant improvements over a state-of-the-art baseline model. It has cut the transaction response time by 50%, doubled the Throughput Per Second (TPS), and attained a 100% detection performance in anomalies. Comparative analysis reveals its linear scalability with increasing workload, ensuring consistent performance under varying transaction volumes. This study’s findings highlight the proposed framework’s potential to mitigate key issues in IoT-enabled Internet hospitals in smart cities.

Using Existing CCTV Network for Crowd Management, Crime Prevention, And Work Monitoring Using AIML

Abstract The fusion of Artificial Intelligence (AI) and Machine Learning (ML) with the existing Indian Railways CCTV network provides revolutionary potential to improve safety, security, and operational efficiency. This research showcases the creation of an AI-based railway surveillance system that is meant to solve issues related to controlling congested stations, deterring crimes, and ensuring efficient workforce monitoring. Through the use of sophisticated video analytics, deep learning algorithms, and computer vision technology, the system facilitates real-time anomaly detection, prevention of unauthorized access, and predictive analytics to optimize crowd management. In addition, AI-powered facial recognition and behavioral analysis models optimize crime prevention by detecting suspicious behavior and known criminals. Modules for work monitoring guarantee compliance with safety procedures among staff and streamline station operations. The research also examines the technological and ethical aspects of having such a system, for instance, high-resolution cameras, edge computing, data privacy, and regulatory issues. The outcome identifies that AI-powered surveillance has the potential to significantly improve passenger safety, utilization of resources, and efficiency in operations, making Indian Railways ready to embrace a safer, brighter future Key Words: Artificial Intelligence, Machine Learning, Railway Surveillance, Video Analytics, Crime Prevention, Operational Efficiency.

Advance Network Intrusion Detection System Using Deep Learning Techniques

Abstract :With the rapid increase in cyber threats, traditional intrusion detection systems (IDS) struggle to keep up with sophisticated attacks. This project aims to develop an Advanced Network Intrusion Detection System (NIDS) using Deep Learning techniques to detect and classify network intrusions effectively. The system processes real-time network traffic and classifies it as normal or malicious using deep learning models such as ML models. The dataset is preprocessed using feature engineering techniques like One-Hot Encoding and Min-Max Scaling to improve accuracy. The trained model is deployed in a Flask-based web application that continuously monitors network activity and alerts administrators about potential threats. Unlike traditional signature-based IDS, this system can detect zero-day attacks by learning patterns from previous intrusions. By comparing multiple deep learning architectures, we aim to achieve high accuracy, precision, and recall in intrusion detection. The proposed system enhances network security and helps organizations prevent unauthorized access and data breaches effectively. Keywords: Advance Network Intrusion Detection System (NIDS),One-Hot Coding ,Min-Max Scaling ,Flask Based Web Application

Wireless Network Penetration Testing

Abstract: Wireless networks are a fundamental part of modern communication, offering convenience and flexibility. However, they also present unique security challenges due to their broadcast nature and vulnerability to unauthorized access. This project focuses on the process of wireless network penetration testing — a method used to evaluate the security posture of Wi-Fi networks through ethical hacking techniques. The objective of this project is to identify potential vulnerabilities in wireless networks and demonstrate how attackers might exploit these flaws. Techniques such as passive scanning, packet sniffing, deauthentication attacks, handshake capturing, and password cracking are employed using tools like Wireshark, Aircrack-ng, and Kali Linux. The project also explores advanced threats including rogue access points and Evil Twin attacks.

Hierarchical Multiparty Digital Signature for Distributed Systems: Application in Intelligent Vehicle Surveillance

The rapid expansion of distributed systems such as the Internet of Things (IoT) has increased the need for robust authentication and data integrity mechanisms to ensure public security in dynamic environments. This article presents a hierarchical multiparty digital signature (HMPS) technique designed to address the unique challenges of resource-constrained and decentralized systems. By integrating a modified ElGamal-based individual signature with linear encryption and hierarchical aggregation, HMPS delivers enhanced security through collaborative and layered signing processes. A key application is demonstrated in intelligent vehicle surveillance, where the scheme ensures the authenticity and integrity of commands and data in multi-level communication scenarios. Comprehensive security analysis confirms resistance to forgery, single points of failure, and unauthorized access. HMPS exhibits superior computational efficiency, scalability, and energy efficiency, as evidenced by comparative performance evaluations with state-of-the-art techniques. These results highlight HMPS as a highly effective solution for secure, real-time IoT applications, providing a pathway to more resilient and trustworthy distributed systems.

Multi-Layer Security Architecture for Cloud-Connected Autonomous Systems

This article presents a comprehensive framework for implementing multi-layer security in cloud-connected autonomous systems, focusing on the critical aspects of data protection and system integrity. The article examines various security components including telemetry data management, endpoint security architecture, Electronic Control Unit (ECU) protection, data protection strategies, and network security infrastructure. Through analysis of multiple autonomous vehicle deployments and real-world implementations, the article demonstrates the effectiveness of integrated security approaches incorporating encryption, authentication, and real-time monitoring mechanisms. The article highlights the importance of comprehensive security measures in maintaining operational safety and preventing unauthorized access while ensuring optimal system performance in autonomous vehicle networks.

Machine Learning-Based Cybersecurity in Advanced Autonomous and Connected Vehicles

Abstract—The rapid growth of Advanced Autonomous and Connected Vehicles (AACVs) has been revolutionizing transport while building significant cybersecurity risks. AACVs relies on Electronic Control Units (ECUs), networked sensors, vehicle-to-everything (V2X) networks, and cloud facilities, which makes them vulnerable to replay attacks, GPS spoofing, Man-in-the-Middle (MITM) attacks, malware injection, and denial-of-service (DoS) attacks. Smart key systems have been compromised using software-defined radio (SDR) tools such as HackRF One to offer unauthorized access through RF signal replay. Similarly, laser interference with LiDAR and camera sensors has shown the capability to disrupt autonomous navigation. To address such threats, machine learning (ML)-based techniques are employed for anomaly detection, predictive threat analysis, and intrusion prevention. The proposed framework uses decision trees, ensemble models, and generative adversarial networks (GANs) in combination to detect cyberattacks in real time. Federated learning is utilized to preserve data privacy through facilitating joint model training on various vehicles without sharing sensitive raw data with central servers.An intelligent multi-stage intrusion detection system (IDS) is utilized, combining rule-based filtering and ML classifiers for low-latency, high-accuracy threat detection. Experimental evidence indicates that the use of ML for anomaly detection reduces the impacts of replay attacks, network intrusion, and spoofing of sensors. Other safeguards like secure diagnostic protocols, biometric authentication, and encryption are incorporated to deter zero-day attacks in AACVs.

Impact of cybersecurity breaches on social media: A case study on undergraduate students

This study examines the impact of cybersecurity breaches on undergraduate students’ use of social media, with a specific focus on their awareness levels, experiences with cyber threats, and adoption of protective behaviors. Conducted as a case study at The Assam Royal Global University, India, the research utilizes a quantitative survey method involving 300 undergraduate participants across various disciplines. The findings reveal that while 72% of students claim awareness of online threats such as phishing, malware, and identity theft, only 25% have received any form of formal cybersecurity training. Notably, 38% of respondents reported having experienced at least one form of cyber-attack, with phishing being the most prevalent (50%), followed by unauthorized account access (20%) and malware infections (15%). The study further uncovers significant consequences of these breaches, including loss of privacy (44%), academic disruptions such as missed deadlines or lost assignments (26%), and heightened levels of anxiety and stress (65%) among affected students. Although some protective practices like adjusting privacy settings (70%) and using strong passwords (60%) are moderately adopted, more critical measures such as two-factor authentication (used by only 45%) and password managers (10%) remain underutilized. Furthermore, approximately 32% of students reported relying solely on basic password protection, leaving them highly vulnerable to attacks. The results underscore a critical gap between students’ nominal awareness and practical cybersecurity preparedness. The study concludes that cybersecurity in higher education must be addressed not just as a technical issue, but as a matter of academic continuity and student mental health. It recommends that institutions integrate structured cybersecurity education, enforce policy-driven protective measures, and promote simulation-based awareness programs to build a more resilient student community in the digital age.

Unveiling the Covert Vulnerabilities in Multi-Factor Authentication Protocols: A Systematic Review and Security Analysis

Nowadays, cyberattacks are growing at an alarming rate, causing widespread havoc to the digital community. In particular, authentication attacks have become a dominant attack vector, allowing intruders to impersonate legitimate users and maliciously access resources. Traditional single-factor authentication (SFA) protocols, which rely on a single authentication factor are often insufficient to address the growing sophistication of modern cyberattacks. To address the shortcomings in SFA, multi-factor authentication (MFA) protocols have been widely adopted in recent years, raising the security bar against impostors and restricting unauthorized accesses. MFA enhances security by incorporating multiple authentication factors, such as knowledge-based (e.g., passwords), possession-based (e.g., tokens), and inherent-based factors (e.g., biometrics), among others. However, while MFA is generally considered more secure than SFA, it is not foolproof. Because, critical vulnerabilities may still arise due to design or implementation flaws in MFA protocols. These vulnerabilities are often overlooked by designers or users and remain undetected until exploited by attackers, potentially resulting in catastrophic consequences. Unfortunately, existing works failed to adequately analyze and identify most of such critical security flaws in MFA protocols. In this work, we systematically analyze the intricate design and construction of MFA protocols to uncover potential design-level security flaws. To this end, we first define eight security evaluation criteria that are essential to critically evaluate design-level security flaws of MFA protocols. These criteria are primarily derived from existing and newly introduced MFA security requirements. We then review a range of MFA protocols across various domains. Using our established evaluation criteria, we perform a systematic security analysis and evaluation of these protocols, particularly focusing on their design and construction. Ultimately, we uncover several security flaws in most of the MFA protocols evaluated. Due to space limitation, we select ten of those protocols for deeper security analysis and provide a detailed discussion of the respective flaws identified. Additionally, we devised relevant mitigation strategies for each of the flaws identified. We believe that our findings provide valuable insights to cybersecurity researchers and practitioners to help them addressing a wide range of security flaws in MFA protocols.

BioStamp :-An IoT-Enabled Automated Physical Stamping System

ABSTRACT Traditional stamping systems require manual intervention, leading to inefficiencies, security concerns, and data loss. This paper presents an IoT-enabled Automated Physical Stamping System that integrates fingerprint authentication with a smart stamping mechanism. The system uses IoT sensors for automated activation and MERN stack for real-time data storage and monitoring. Upon fingerprint verification, the stamp extends automatically, and the timestamp and location are stored on a secure web platform. This system enhances security, automation, and traceability in document verification processes. Authentication and verification play a crucial role in various industries, including government offices, banking, and corporate environments. Traditional physical stamping systems often suffer from inefficiencies such as unauthorized usage, human errors, and lack of real-time tracking. This paper presents an IoT-powered automated physical stamping system that integrates biometric authentication with a smart stamping mechanism, ensuring a secure and automated verification process. The proposed system uses a fingerprint sensor for user authentication, an ESP32 microcontroller for processing, a servo motor for stamp deployment, and a GPS module for real-time location tracking. Once a user applies their fingerprint, the system verifies the identity and triggers the stamp to extend automatically. Simultaneously, the system logs the timestamp and location of each stamping event on a MERN (MongoDB, Express.js, React.js, Node.js) stack-based web platform, enabling secure data storage and monitoring. Performance evaluation shows that the system achieves 99.5% accuracy in fingerprint recognition and operates with a latency of under 2 seconds, making it a fast and secure alternative to conventional stamping methods. Additionally, encryption techniques are implemented to prevent tampering and unauthorized access to stored data. The results indicate that this IoT-integrated stamping system improves security, efficiency, and traceability compared to traditional stamping methods. Future enhancements may include AI- powered fraud detection, blockchain-based data storage, and mobile app integration to further improve accessibility and reliability. Keywords: IoT (Internet of Things), MERN Stack (MongoDB, Express.js, React, Node.js), Document Authentication, Cloud-Based Data Management , Real-Time Monitoring.

Analysis of information transmission coding algorithm in railway communication system security scheme

The rapid advancement of railway communication systems necessitates robust security mechanisms to ensure reliable and secure data transmission. It explores the design and analysis of an information transmission coding algorithm (ITCA) tailored for railway communication system security schemes. Specifically, it focuses on three key areas: error correction coding, encryption mechanisms, and authentication protocols. The proposed scheme integrates the techniques in a layered manner, ensuring robust protection against security threats such as data interception, tampering, and unauthorized access, while also optimizing performance for real-time railway communication requirements. Hamming code is used to detect and correct errors, ensuring that the received data is as accurate as the original message. For encryption, the Hybrid RSA-Blowfish (HRB) algorithm is utilized. It combines the strength of RSA for key exchange and Blowfish for fast, secure data encryption, providing robust protection against unauthorized access during transmission. Password-based authentication is implemented to verify and ensure message integrity and non-repudiation. The methodology demonstrates its effectiveness through simulation, showing a significant reduction in error rates, enhanced security with minimal computational overhead, and improved overall system performance. Key performance metrics, such as throughput (50 Mbps), latency (7 ms), and data integrity (96.3%), were improved demonstrating that the proposed approach balances security and efficiency in the Python platform. The methodology demonstrates its effectiveness through simulation and evaluation, showcasing a secure and reliable approach to safeguarding railway communication systems.

Integration of SDN and Block Chain Technology Using Weighted Product Model

The integration of Software-Defined Networking (SDN) and block chain technology represents a groundbreaking approach in addressing contemporary challenges in network management and security. The dynamic and centralized control offered by SDN, combined with the decentralized and secure nature of block chain, provides a robust framework for enhancing network performance and security.SDN simplifies network management by decoupling the control plane from the data plane, allowing for more flexible and efficient network configuration. However, this centralization can become a single point of failure and a target for cyber-attacks. Block chain technology mitigates these vulnerabilities by providing a decentralized ledger that enhances security and transparency. By recording network events on a block chain, the integrity and authenticity of network transactions are ensured, reducing the risk of malicious activities. The integration of Software-Defined Networking (SDN) and block chain technology is a significant advancement in the field of network management and security, offering innovative solutions to contemporary challenges. By leveraging the dynamic control capabilities of SDN and the decentralized, secure nature of block chain, this research contributes to the development of more resilient, efficient, and secure network infrastructures. One of the critical areas of impact is enhanced network security. Traditional networks are vulnerable to various cyber threats, and the centralized nature of SDN can become a target for attacks. Block chain technology mitigates these risks by providing a decentralized ledger system that ensures the integrity and authenticity of network transactions. This integration can prevent unauthorized access and reduce the risk of data tampering, thereby creating a more secure network environment. Alternative taken as SDN with Ethereal Block chain. SDN with Hyper ledger Fabric. SDN with Corda Block chain. SDN with Cord Block chain. SDN with Multichip Block chain. Evaluation Preference taken as Security Enhancement (SE) Network Performance (NP) Implementation Cost (IC) Operational Complexity (OC) The results indicate that SDN with Quorum Block chain D Attained the top position, while SDN with Ethereal Block chain A had The lowest position achieved. The dataset's significance regarding Integration of SDN and Block chain Technology, according to the wpm Method, Company D achieves the highest ranking.

Cryptography And Network Security

Abstract -Cryptography and network security are foundational domains in the field of information technology and cybersecurity. As digital communication continues to expand, protecting data from unauthorized access, tampering, and interception is paramount. This paper presents a detailed review of the core principles, algorithms, protocols, emerging technologies, and challenges in cryptography and network security. We explore classical and modern cryptographic techniques, the structure and defense mechanisms of network security, current advancements such as quantum cryptography and blockchain integration, and propose future research directions.

Large Language Model-Powered Protected Interface Evasion: Automated Discovery of Broken Access Control Vulnerabilities in Internet of Things Devices

Broken access control vulnerabilities pose significant security risks to the protected web interfaces of IoT devices, enabling adversaries to gain unauthorized access to sensitive configurations and even use them as stepping stones for attacking the intranet. Despite its ranking as the first in the latest OWASP Top 10, there remains a lack of effective methodologies to detect these vulnerabilities systematically. We present ACBreaker, a novel methodology powered by a large language model (LLM), to effectively identify broken access control vulnerabilities in the protected web interfaces of IoT devices. Our methodology consists of three stages. The initial stage transforms firmware code that exceeds the LLM context window into semantically intact code snippets. The second stage involves using an LLM to extract device-specific information from firmware code. The final stage integrates this information into the mutation-based fuzzer to improve fuzzing effectiveness and employ differential analysis to identify vulnerabilities. We evaluated ACBreaker across 11 IoT devices, analyzing 1,274,646 lines of code and discovering 39 previously unknown vulnerabilities. We further analyzed these vulnerabilities, categorizing them into three types that contribute to protected interface evasion, and provided mitigation suggestions. These vulnerabilities were responsibly disclosed to vendors, with CVE IDs assigned to those in six IoT devices.

Secure File Storage System Using Cloud

Cloud computing basically comes to focus on IT, a way to increase capacity or add potentiality on the fly without investing in new infrastructure, training new personnel, or licensing new software. It encompasses any subscription-based or pay-per-use service that, in real time over the Internet, extends its existing capabilities. It is often provided "as a service" over the Internet, typically in the form of infrastructure as a service (IaaS), platform as a service (PaaS), or software as a service (SaaS). Microsoft Azure and Google App Engine are the examples of platform as a service. The fast growth in field of "cloud computing" also increases rigorous security concerns. In today’s world most of the communication is done using electronic media. Data Security is widely used to ensure security in communication, data storage and transmission. We have Advanced Encryption Standard (AES) which is accepted as a symmetric cryptography standard for transferring block of data securely. The available AES algorithm is used for text data and it is also suitable for image encryption and decryption to protect the confidential image data from an unauthorized access. This project proposes a method in which the image data is an input to AES Encryption to obtain the encrypted image, and the encrypted image is the input to AES Decryption to get the original image.

Revolutionizing Voting: Blockchain for Secure and Transparent Elections

Abstract—This study examines a blockchain-based election sys- tem and presents both theoretical and experimental evidence. It emphasizes the ability of blockchain technology to ensure secure, transparent, and tamper-evident elections with voter anonymity protection. Through decentralized ledger technology, the system minimizes the risk of fraud, unauthorized access, and data manipulation, enhancing electoral process trust. The initiative was a success in producing an operational prototype where blockchain has been integrated into current voting processes to make them more accessible and more reliable. Ease of admin panel, voter authentication and enrollment, live vote analysis, are a few of the system features. Support elements include a PRN-based login feature for users, add/remove facility for candidates, voting time period management and a comprehensive FAQ page to promote security and usage. The system also offers an "Add PRN" option for smooth voter verification and authentication to ensure only authentic users get a voice. All these options combined improve the integrity, efficiency, and usability of blockchain voting. Index Terms—Blockchain, voting system, voter authentication, decentralized ledger, election security, PRN-based login, real-time vote analysis, fraud prevention, transparency, tamper-evident elections.

A normative case for criminalising unauthorised access to deceased persons’ medical records

ABSTRACT This paper addresses the absence of specific criminal law rules under English law regarding unauthorised access to deceased persons’ medical records, despite growing evidence of substantial psychological and emotional harm to surviving relatives and public concerns over breaches of trust. By engaging with normative theories of criminalisation the paper critically evaluates whether this type of conduct warrants criminalisation, and ultimately argues that the creation of a dedicated criminal offence prohibiting unauthorised access to medical information of deceased individuals would be prima facie normatively justifiable and consistent with existing criminal law principles and offences.

Blockchain-Enhanced Cloud Security: A Scalable Framework with Privacy and Transparency

Cloud computing that is used for data management has proliferated and changed data management, but brings with it serious security challenges such as data breach, unauthorized access, and insider threat. The distributed and dynamic nature of modern cloud environment makes it difficult for centralized cloud security frameworks to address the issue, requiring innovations. Yet, blockchain technology, in its decentralized, immutable, and cryptographically secure ledger applies to fortify the cloud security. Intending to tackle the security problem of chain leveraging, this research advances a hybrid blockchain cloud security framework by proposing smart contracts for automated access control, ZKPs for privacy preserving authentication, and XAI for explanation of the adversarial attack detection. It provides data integrity, puts the access management, and in real time anomaly detection while scalability. Adaptive smart contract policies, ZKP based identity verification and XAI driven insights to foster trust among the stakeholders are the key innovations. Experimental analysis validates that a 20–25% reduction in incident of unauthorized access and a 30% increase in threat detection accuracy are realized, through various attack surfaces, by this new cloud security system in comparison to the traditional cloud security systems. Finally, this work gains significance in advancing secure cloud adoption, which will contribute to global level of cybersecurity resilience and promote the standards for data protection.

SERDUX-MARCIM: Maritime Cyberattack simulation using Dynamic Modeling, Compartmental Models in Epidemiology and Agent-based Modeling

Cybersecurity protects computer data, programs, systems, and networks from unauthorized access, attacks, or theft. By studying cyberattacks, cybersecurity professionals gain insights into attackers’ tactics, techniques, and methods, which are crucial for developing effective defense strategies and preventing future attacks. This paper introduces SERDUX-MARCIM, a model for simulation, modeling, and analyzing cyberattacks’ propagation in maritime infrastructure, considering network-specific characteristics and target and attacker capabilities. This proposal is supported by a simulation environment in Matlab and Netlogo, considering some of the most accepted cyber risk assessment methodologies and compartmental models in epidemiology. Considering the complexities of the maritime sector. SERDUX-MARCIM is also validated through extensive experimentation in different attack scenarios that represent real-world cyber campaigns in the maritime sector, showing the effectiveness of our proposal.