Search for Articles:
Title / Keyword
Author / Affiliation / Email
Journal
Article Type
 
 
Advanced Search
 
Section
Special Issue
Volume
Issue
Number
Page
 
5.3
2.6
Journals
Electronics
Special Issues
Network Security and Cryptography Applications
share announcement

Network Security and Cryptography Applications

A special issue of Electronics (ISSN 2079-9292). This special issue belongs to the section "Networks".

Deadline for manuscript submissions: 15 July 2025 | Viewed by 10435

Special Issue Editors

Prof. Dr. Li Pan

E-Mail Website
Guest Editor
School of Electronic Information and Electrical Engineering, Shanghai Jiao Tong University, Shanghai 200240, China
Interests: network cyberspace security; big data; network communications
Prof. Dr. Ning Liu

E-Mail Website
Guest Editor
School of Computer Science and Engineering, Sun Yat-Sen University, Guangzhou 510006, China
Interests: network cyberspace security; mobile data analysis; multimodal learning
Dr. Conghui Zheng

E-Mail Website
Guest Editor
School of Electronic Information and Electrical Engineering, Shanghai Jiao Tong University, Shanghai 200240, China
Interests: network cyberspace security; artificial intelligence; social network

Special Issue Information

Dear Colleagues,

The explosive growth in computer systems and their interconnections via networks has increased the dependence of both organizations and individuals on the information stored and communicated using these systems. The proliferation of digital data and the advent of the Internet of Things (IoT) have significantly increased the demand for protecting data and resources from disclosure to guarantee the authenticity of data and messages, and to protect systems from network-based attacks. Data science, as a highly interdisciplinary field, is playing an increasingly critical and central role in the development of cyberspace and various applications, such as Beyond 5G and Meta Universe. Data science in cyberspace and cryptography applications is an integral part of competitive intelligence, a newly emerging field that encompasses a number of activities, such as data mining and data analysis.

The rise of data science and its application in cyberspace have paved the way for significant advancements in the network security field. This Special Issue aims to bring together researchers from academia and industry and present the latest research results in this area. We encourage prospective authors to submit related distinguished research papers on the subject of both theoretical approaches and practical case reviews.

Topics of interest include, but are not limited to, the following:

  • Content-based network security;
  • Industrial internet of things;
  • AI-generated content security;
  • Data security;
  • Cryptography and its applications;
  • Artificial intelligence security
  • Blockchain-based data sharing across domains;
  • Trusted data exchange;
  • Cyberspace security;
  • Knowledge representation and discovery;
  • Intelligent systems;
  • Data security and privacy;
  • Deep learning algorithms and applications;
  • Network attack and defense;
  • Situation awareness;
  • Machine learning

Prof. Dr. Li Pan
Prof. Dr. Ning Liu
Dr. Conghui Zheng
Guest Editors

Manuscript Submission Information

Manuscripts should be submitted online at www.mdpi.com by registering and logging in to this website. Once you are registered, click here to go to the submission form. Manuscripts can be submitted until the deadline. All submissions that pass pre-check are peer-reviewed. Accepted papers will be published continuously in the journal (as soon as accepted) and will be listed together on the special issue website. Research articles, review articles as well as short communications are invited. For planned papers, a title and short abstract (about 100 words) can be sent to the Editorial Office for announcement on this website.

Submitted manuscripts should not have been published previously, nor be under consideration for publication elsewhere (except conference proceedings papers). All manuscripts are thoroughly refereed through a single-blind peer-review process. A guide for authors and other relevant information for submission of manuscripts is available on the Instructions for Authors page. Electronics is an international peer-reviewed open access semimonthly journal published by MDPI.

Please visit the Instructions for Authors page before submitting a manuscript. The Article Processing Charge (APC) for publication in this open access journal is 2400 CHF (Swiss Francs). Submitted papers should be well formatted and use good English. Authors may use MDPI's English editing service prior to publication or during author revisions.

Keywords

  • network security
  • data science
  • artificial intelligence
  • cyberspace

Benefits of Publishing in a Special Issue

  • Ease of navigation: Grouping papers by topic helps scholars navigate broad scope journals more efficiently.
  • Greater discoverability: Special Issues support the reach and impact of scientific research. Articles in Special Issues are more discoverable and cited more frequently.
  • Expansion of research network: Special Issues facilitate connections among authors, fostering scientific collaborations.
  • External promotion: Articles in Special Issues are often promoted through the journal's social media, increasing their visibility.
  • e-Book format: Special Issues with more than 10 articles can be published as dedicated e-books, ensuring wide and rapid dissemination.

Further information on MDPI's Special Issue polices can be found here.

Published Papers (10 papers)

Download All Papers
Order results
Result details
Show export options expand_more Show export options expand_less
Select all
Export citation of selected articles as:

Research

20 pages, 596 KiB  
Article
Enhancing Hospital Data Security: A Blockchain-Based Protocol for Secure Information Sharing and Recovery
by Jihyeon Ryu and Taeseok Kim
Electronics 2025, 14(3), 580; https://doi.org/10.3390/electronics14030580 - 1 Feb 2025
Viewed by 259
Abstract
Hospitals that store sensitive patient medical records have recently faced issues such as the inability to recover medical data and breaches of patient privacy due to hacker attacks. These attacks on medical data often involve ransomware, which obfuscates the entire hospital’s data, making [...] Read more.
Hospitals that store sensitive patient medical records have recently faced issues such as the inability to recover medical data and breaches of patient privacy due to hacker attacks. These attacks on medical data often involve ransomware, which obfuscates the entire hospital’s data, making them inaccessible, and can also occur when hospitals share patient information during transfers of care. In this study, we propose a new authentication protocol to prevent and address such issues within hospital systems. The proposed protocol encrypts medical records on a private blockchain, allowing them to be securely shared among institutions, hospitals, and insurance companies, ensuring data recovery even if a ransomware attack paralyzes the server. Additionally, the protocol facilitates the systematic sharing of patient medical records between hospitals or between hospitals and insurance companies by distributing session keys. In this study, we demonstrate that the proposed protocol provides 11 security properties, including forward and backward secrecy, user untraceability, and resistance to replay attacks. We also evaluate the communication and computational costs, proving that the protocol is feasible for practical use. Full article
(This article belongs to the Special Issue Network Security and Cryptography Applications)
Show Figures

Figure 1

22 pages, 583 KiB  
Article
A Network Attack Surface Evaluation Method Based on Optimal Attack Strategy
by Peng Xie, Lin Zhang, Zhichao Lian and Jianxin Yang
Electronics 2025, 14(2), 274; https://doi.org/10.3390/electronics14020274 - 11 Jan 2025
Viewed by 434
Abstract
In the era of the rapid development of information technology, it is particularly important to ensure the security of information systems. The network attack surface, as an important index for measuring information system security, has become the focus of practitioners. At present, the [...] Read more.
In the era of the rapid development of information technology, it is particularly important to ensure the security of information systems. The network attack surface, as an important index for measuring information system security, has become the focus of practitioners. At present, the accuracy and practicability of network attack surface evaluations are insufficient. In order to solve this problem, this paper proposes a network attack surface evaluation method based on an optimal attack strategy. This method first identifies the main attack targets of network resources and then uses advanced optimization techniques to determine the best attack strategy. Finally, the network resources closely related to system network security are selected, and the network attack surface is calculated according to the filtering results. A series of simulation experiments show that the method proposed in this paper is more closely related to penetration testing results, more sensitive to changes in network attack surfaces, and more consistent with the real situation compared to other methods. The results demonstrate the method’s balance of practicality and effectiveness. Full article
(This article belongs to the Special Issue Network Security and Cryptography Applications)
Show Figures

Figure 1

19 pages, 892 KiB  
Article
Addressing Class Imbalance in Intrusion Detection: A Comprehensive Evaluation of Machine Learning Approaches
by Vaishnavi Shanmugam, Roozbeh Razavi-Far and Ehsan Hallaji
Electronics 2025, 14(1), 69; https://doi.org/10.3390/electronics14010069 - 27 Dec 2024
Viewed by 570
Abstract
The ever-growing number of cyber attacks in today’s digitally interconnected world requires highly efficient intrusion detection systems (IDSs), which accurately identify both frequent and rare network intrusions. One of the most important challenges in IDSs is the class imbalance problem of network traffic [...] Read more.
The ever-growing number of cyber attacks in today’s digitally interconnected world requires highly efficient intrusion detection systems (IDSs), which accurately identify both frequent and rare network intrusions. One of the most important challenges in IDSs is the class imbalance problem of network traffic flow data, where benign traffic flow significantly outweighs attack instances. This directly affects the ability of machine learning models to identify minority class threats. This paper is intended to evaluate various machine learning algorithms under different levels of class imbalances, using resampling as a strategy for this problem. The paper will provide an experimental comparison by combining various algorithms for classification and class imbalance learning, assessing the performance through the F1-score and geometric mean (G-mean). The work will contribute to creating robust and adaptive IDS through the judicious integration of resampling with machine learning models, thus helping the domain of cybersecurity to become resilient. Full article
(This article belongs to the Special Issue Network Security and Cryptography Applications)
Show Figures

Figure 1

14 pages, 283 KiB  
Article
BSP: Branch Splitting for Unsolvable Path Hybrid Fuzzing
by Cheng Qian, Ling Pang, Xiaohui Kuang, Jiuren Qin, Yujie Zang, Qichao Zhao and Jiapeng Zhang
Electronics 2024, 13(24), 4935; https://doi.org/10.3390/electronics13244935 - 13 Dec 2024
Viewed by 590
Abstract
Hybrid fuzzing leverages the result of the concolic executor for a direct exploration of fuzzing, which has been proven to improve coverage during tests significantly.However, some constraints, such as those related to environments or depending on the host’s status, cannot be solved. Despite [...] Read more.
Hybrid fuzzing leverages the result of the concolic executor for a direct exploration of fuzzing, which has been proven to improve coverage during tests significantly.However, some constraints, such as those related to environments or depending on the host’s status, cannot be solved. Despite many performance optimizations on hybrid fuzzing, we observe that repeatedly constraint solving on unsolvable branches causes significant computational redundancies. This paper focuses on eliminating the unsolvable branches in concolic execution. We propose Branch Splitting for Unsolvable Path Hybrid Fuzzing (BSP), which splits unsolvable branches to achieve higher fuzzing coverage. BSP modifies the target program during concolic execution so that the fuzzer can easily cover initially unsolvable branches. Specifically, it changes the condition of unsolvable branches to constant True (or False), which generates multiple variants of the original program. Then, the fuzzer tests these variants instead. This allows BSP to explore more branches with high performance. The experimental results on real-world programs demonstrate that BSP can explore 46.68% more branches than QSYM. Full article
(This article belongs to the Special Issue Network Security and Cryptography Applications)
Show Figures

Figure 1

13 pages, 285 KiB  
Article
Slicing Through the Noise: Efficient Crash Deduplication via Trace Reconstruction and Fuzzy Hashing
by Ling Pang, Cheng Qian, Xiaohui Kuang, Jiuren Qin, Yujie Zang and Jiapeng Zhang
Electronics 2024, 13(23), 4817; https://doi.org/10.3390/electronics13234817 - 6 Dec 2024
Viewed by 652
Abstract
In contemporary software security testing, fuzzing is a pervasive methodology employed to identify vulnerabilities. However, one of the most significant challenges is the vast number of crash reports, many of which are repetitive, resulting in an increased analysis burden for security researchers. To [...] Read more.
In contemporary software security testing, fuzzing is a pervasive methodology employed to identify vulnerabilities. However, one of the most significant challenges is the vast number of crash reports, many of which are repetitive, resulting in an increased analysis burden for security researchers. To address this issue, we propose a novel method for reducing crash redundancy and grouping similar crashes based on their execution traces. By leveraging the Intel Processor Trace (PT), we can reconstruct the instruction flow of the last executed function in each crash and extract its relevant instruction slice through data dependency backward slicing. The registers are abstracted, and the immediate values are generalized to normalize the instruction sequence. Subsequently, fuzzy hashing is applied to the generalized instruction sequences, and a similarity-based greedy strategy is employed for grouping. The method effectively reduces the workload by clustering crashes with similar root causes, leaving analysts with only representative samples to investigate. Furthermore, compared with conventional stack hashing techniques, our methodology demonstrates an average improvement in accuracy of 15.38% across four programs, with a total of 281 crashes. Full article
(This article belongs to the Special Issue Network Security and Cryptography Applications)
Show Figures

Figure 1

20 pages, 2890 KiB  
Article
Unsupervised Security Threats Identification for Heterogeneous Events
by Young In Jang, Seungoh Choi, Byung-Gil Min and Young-June Choi
Electronics 2024, 13(20), 4061; https://doi.org/10.3390/electronics13204061 - 15 Oct 2024
Viewed by 716
Abstract
As cyberattacks targeting industrial control systems continue to evolve, the development of sophisticated technologies to detect these security threats becomes increasingly essential. In addition, it is necessary to update adversarial information constantly. However, this process is complicated by the deployment of heterogeneous equipment, [...] Read more.
As cyberattacks targeting industrial control systems continue to evolve, the development of sophisticated technologies to detect these security threats becomes increasingly essential. In addition, it is necessary to update adversarial information constantly. However, this process is complicated by the deployment of heterogeneous equipment, which increases the number of indicators and characteristics that must be analyzed by security administrators. Furthermore, security operation centers often struggle to respond promptly to adversaries because of the high number of false alerts caused by unreliable system labels. These challenges make it difficult to construct reliable detection systems. To address these issues, we propose a robust unsupervised threat-identification method. Our approach involves applying a preprocessing technique tailored to the various data types pertinent to alerts, followed by classifying unlabeled alerts using an autoencoder (AE) model. Despite the presence of numerous false positives, we verified that the proposed model could effectively distinguish between different attack types and identify their relationships with only one round of training in homogeneous and heterogeneous environments within industrial control systems. Moreover, our model can filter and display data classified as actual attacks and generate relational tables. Full article
(This article belongs to the Special Issue Network Security and Cryptography Applications)
Show Figures

Figure 1

15 pages, 9858 KiB  
Article
Clop Ransomware in Action: A Comprehensive Analysis of Its Multi-Stage Tactics
by Yongjoon Lee, Jaeil Lee, Dojin Ryu, Hansol Park and Dongkyoo Shin
Electronics 2024, 13(18), 3689; https://doi.org/10.3390/electronics13183689 - 17 Sep 2024
Viewed by 2222
Abstract
Recently, Clop ransomware attacks targeting non-IT fields such as distribution, logistics, and manufacturing have been rapidly increasing. These advanced attacks are particularly concentrated on Active Directory (AD) servers, causing significant operational and financial disruption to the affected organizations. In this study, the multi-step [...] Read more.
Recently, Clop ransomware attacks targeting non-IT fields such as distribution, logistics, and manufacturing have been rapidly increasing. These advanced attacks are particularly concentrated on Active Directory (AD) servers, causing significant operational and financial disruption to the affected organizations. In this study, the multi-step behavior of Clop ransomware was deeply investigated to decipher the sequential techniques and strategies of attackers. One of the key insights uncovered is the vulnerability in AD administrator accounts, which are often used as a primary point of exploitation. This study aims to provide a comprehensive analysis that enables organizations to develop a deeper understanding of the multifaceted threats posed by Clop ransomware and to build more strategic and robust defenses against them. Full article
(This article belongs to the Special Issue Network Security and Cryptography Applications)
Show Figures

Figure 1

21 pages, 3115 KiB  
Article
Phishing Webpage Detection via Multi-Modal Integration of HTML DOM Graphs and URL Features Based on Graph Convolutional and Transformer Networks
by Jun-Ho Yoon, Seok-Jun Buu and Hae-Jung Kim
Electronics 2024, 13(16), 3344; https://doi.org/10.3390/electronics13163344 - 22 Aug 2024
Viewed by 1746
Abstract
Detecting phishing webpages is a critical task in the field of cybersecurity, with significant implications for online safety and data protection. Traditional methods have primarily relied on analyzing URL features, which can be limited in capturing the full context of phishing attacks. In [...] Read more.
Detecting phishing webpages is a critical task in the field of cybersecurity, with significant implications for online safety and data protection. Traditional methods have primarily relied on analyzing URL features, which can be limited in capturing the full context of phishing attacks. In this study, we propose an innovative approach that integrates HTML DOM graph modeling with URL feature analysis using advanced deep learning techniques. The proposed method leverages Graph Convolutional Networks (GCNs) to model the structure of HTML DOM graphs, combined with Convolutional Neural Networks (CNNs) and Transformer Networks to capture the character and word sequence features of URLs, respectively. These multi-modal features are then integrated using a Transformer network, which is adept at selectively capturing the interdependencies and complementary relationships between different feature sets. We evaluated our approach on a real-world dataset comprising URL and HTML DOM graph data collected from 2012 to 2024. This dataset includes over 80 million nodes and edges, providing a robust foundation for testing. Our method demonstrated a significant improvement in performance, achieving a 7.03 percentage point increase in classification accuracy compared to state-of-the-art techniques. Additionally, we conducted ablation tests to further validate the effectiveness of individual features in our model. The results validate the efficacy of integrating HTML DOM structure and URL features using deep learning. Our framework significantly enhances phishing detection capabilities, providing a more accurate and comprehensive solution to identifying malicious webpages. Full article
(This article belongs to the Special Issue Network Security and Cryptography Applications)
Show Figures

Figure 1

20 pages, 2156 KiB  
Article
Improving Attack Graph Visual Syntax Configurations
by Askhat Sherzhanov, Hany F. Atlam, Muhammad Ajmal Azad and Harjinder Singh Lallie
Electronics 2024, 13(15), 3052; https://doi.org/10.3390/electronics13153052 - 1 Aug 2024
Viewed by 1026
Abstract
As technology advances and cyber threats become increasingly sophisticated, the task of recognising and understanding malicious activities becomes more complex. This persistent issue is widely acknowledged and extensively documented within the cybersecurity community. Attack modelling techniques (AMTs), such as attack graphs, have emerged [...] Read more.
As technology advances and cyber threats become increasingly sophisticated, the task of recognising and understanding malicious activities becomes more complex. This persistent issue is widely acknowledged and extensively documented within the cybersecurity community. Attack modelling techniques (AMTs), such as attack graphs, have emerged as valuable tools in aiding cyberattack perception. These visualisation tools offer crucial insights into the complex relationships between various components within a system or network, shedding light on potential attack paths and vulnerabilities. This paper proposes an attack graph visual syntax method to improve cyberattack perception among experts and non-experts. The proposed approach was developed to streamline complexity and enhance clarity, thus augmenting the interpretability for users by enhancing visual structural components, such as hue, chromaticity, and line parameters. The proposed attack graph (pag) was empirically evaluated against the adapted attack graph (aag) presented in the literature. The empirical evaluation (n = 83) was conducted through a 3 × 2 × 2 factorial design and two-way analysis of variance (ANOVA) with repeated measures. The participants were classified according to their respective background cohorts into expert and non-expert (expert n = 37, non-expert n = 46) and then grouped into two groups: proposed attack graph (pag) and adapted attack graph (aag) (pag n = 41, aag n = 42). The empirical results demonstrated that while the proposed attack graph (pag) implemented various visual modifications such as brighter hues, denser line structures, and varied shapes, these enhancements did not significantly improve the perception of cyberattacks among individuals who lack expertise in the field, including corporate executives. Moreover, the use of variables such as colour, tone, and line width/density/structure did not help objects in the graph be distinguished more effectively. This paper provides significant insights into the impact of visual enhancements on cyberattack perception, highlighting that visual enhancements alone may not be sufficient to improve cyberattack perception for individuals lacking expertise in the field. Full article
(This article belongs to the Special Issue Network Security and Cryptography Applications)
Show Figures

Figure 1

18 pages, 865 KiB  
Article
Clustering Network Traffic Using Semi-Supervised Learning
by Antonina Krajewska and Ewa Niewiadomska-Szynkiewicz
Electronics 2024, 13(14), 2769; https://doi.org/10.3390/electronics13142769 - 14 Jul 2024
Viewed by 913
Abstract
Clustering algorithms play a crucial role in early warning cybersecurity systems. They allow for the detection of new attack patterns and anomalies and enhance system performance. This paper discusses the problem of clustering data collected by a distributed system of network honeypots. In [...] Read more.
Clustering algorithms play a crucial role in early warning cybersecurity systems. They allow for the detection of new attack patterns and anomalies and enhance system performance. This paper discusses the problem of clustering data collected by a distributed system of network honeypots. In the proposed approach, when a network flow matches an attack signature, an appropriate label is assigned to it. This enables the use of semi-supervised learning algorithms and improves the quality of clustering results. The article compares the results of learning algorithms conducted with and without partial supervision, particularly non-negative matrix factorization and semi-supervised non-negative matrix factorization. Our results confirm the positive impact of labeling a portion of flows on the quality of clustering. Full article
(This article belongs to the Special Issue Network Security and Cryptography Applications)
Show Figures

Figure 1

Show export options expand_more Show export options expand_less
Select all
Export citation of selected articles as:
 
Displaying articles 1-10
Back to TopTop