Emerging Applications of Information Security Technology in Digital Environment

A special issue of Electronics (ISSN 2079-9292). This special issue belongs to the section "Computer Science & Engineering".

Deadline for manuscript submissions: closed (31 May 2022) | Viewed by 75237

Special Issue Editors


E-Mail
Guest Editor
Department of Electrical, Computer, and Software Engineering Faculty of Engineering, University of Auckland, Auckland, New Zealand
Interests: deep learning; speech and speaker recognition; autism screening; software testing
Special Issues, Collections and Topics in MDPI journals

E-Mail Website
Guest Editor
UNE Business School, Faculty of Science, Agriculture, Business and Law, University of New England, Armidale, NSW, Australia
Interests: information systems; adoption management; accounting and corporate governance adoption; artificial intelligence; innovation; business intelligence; business analytics; e-services

E-Mail Website
Guest Editor
Department of Computer Science, College of Computer and Information Security, Prince Sultan University, Salahuddin, Riyadh 12435, Saudi Arabia
Interests: green cloud computing; ARM32 single board computers; hadoop mapreduce; power consumption; performance evaluation

E-Mail Website
Guest Editor
Department of Computer Science, University of British Columbia, Vancouver, BC V6T 1Z4, Canada
Interests: advanced adaptivity and personalization; collaborative recommendation and personalized web based learning systems
Special Issues, Collections and Topics in MDPI journals

E-Mail Website
Guest Editor
Department of Computer Science,Lakehead University, Thunder Bay, ON P7B 5E1, Canada
Interests: sensor networks; rfid; Algorithm Design; IoT; D2D communication

Special Issue Information

Dear Colleagues, 

Recent advancements in digital technologies that are the substantial infrastructure of every business are also considered a cause of concern for many business owners and decision-makers. These massive shifts in technology and its applications that are aligned with tremendous impacts on the quality of our lives are not free from information security and cyber threats issues. Since systems are getting excessively dependent on complex digital technologies, protecting the systems from cyber-attacks and fraud is playing an integral role to make the most out of recent changes in the digital environment. Improvement in information security systems can be an achievable objective in case of applying emerging technologies in user-behavior analytics, deep learning, cloud, hardware authentication, and data loss prevention.

Deployment of data-driven tools that are based on user-behavior analytics can mitigate the risk of penetration to systems to a great extent. Appropriate implementation of user-behavior analytics is considered an effective approach to indicate any attack to systems while analyzing a user's present behavior and comparing it to find any nonconformity in behavior. Also, deep learning, which is originally based on artificial intelligence and machine learning, has been proven to be used efficiently for information security purposes. Improvements in DL and its applications not only help to realize users’ malicious behavior by imitating and learning users’ way of thinking but also enable enterprises to look at every micro or macro entity and detect any type of anomaly. Another technology that is worthwhile to concentrate on in order to minimize the risk of cyber-attacks is the implementation of secure cloud services for enterprises that have intentions to accelerate their digital transformation by relying on the cloud. In addition, ideal improvement expectations in information security, hardware authentication, tokenism, and encryption technologies are noted as the most immediate applications. A combination of simple-but-powerful features and designing different security mechanisms to log in can be fruitful to verify users’ identity and prevent the likelihood of monetizing data in case of a successful breach.

Aforementioned emerging technologies and applications in information security are our main focus in this Special Issue. Topics include but are not limited to the following:

  • AI-Based Software Engineering
  • Anonymity and Privacy
  • Authentication and Access Control
  • Behavioral Information Security and Information Assurance
  • Behavioral, Cognitive and Motivational Aspects of Human and Technology Interaction
  • Cloud Applications
  • Cloud Architecture/Modeling, Services
  • Cloud Security
  • Cryptographic Protection
  • Data Mining/Web Mining
  • Digital Forensics
  • E-Services
  • Human Factors in Security
  • Human-Computer Interaction
  • Intelligent Systems
  • Machine Learning Methods 
  • Multimedia Security
  • Natural Language Processing
  • Network and Mobile Security
  • Neural Networks
  • Privacy, Security and Trust Management
  • Security Management and Policies
  • Social Computing and Social Intelligence
  • Vision and Speech Perception

Dr. Hamed Taherdoost
Dr. Seyed Reza Shahamiri
Dr. Kamaljeet Sandhu
Dr. Basit Qureshi
Dr. Hazra Imran
Dr. Salimur Choudhury
Guest Editors

Manuscript Submission Information

Manuscripts should be submitted online at www.mdpi.com by registering and logging in to this website. Once you are registered, click here to go to the submission form. Manuscripts can be submitted until the deadline. All submissions that pass pre-check are peer-reviewed. Accepted papers will be published continuously in the journal (as soon as accepted) and will be listed together on the special issue website. Research articles, review articles as well as short communications are invited. For planned papers, a title and short abstract (about 100 words) can be sent to the Editorial Office for announcement on this website.

Submitted manuscripts should not have been published previously, nor be under consideration for publication elsewhere (except conference proceedings papers). All manuscripts are thoroughly refereed through a single-blind peer-review process. A guide for authors and other relevant information for submission of manuscripts is available on the Instructions for Authors page. Electronics is an international peer-reviewed open access semimonthly journal published by MDPI.

Please visit the Instructions for Authors page before submitting a manuscript. The Article Processing Charge (APC) for publication in this open access journal is 2400 CHF (Swiss Francs). Submitted papers should be well formatted and use good English. Authors may use MDPI's English editing service prior to publication or during author revisions.

Keywords

  • AI-Based Software Engineering
  • Anonymity and Privacy
  • Authentication and Access Control
  • Behavioral Information Security and Information Assurance
  • Behavioral, Cognitive and Motivational Aspects of Human and Technology Interaction
  • Cloud Applications
  • Cloud Architecture/Modeling, Services
  • Cloud Security
  • Cryptographic Protection
  • Data Mining/Web Mining
  • Digital Forensics
  • E-Services
  • Human Factors in Security
  • Human-Computer Interaction
  • Intelligent Systems
  • Machine Learning Methods
  • Multimedia Security
  • Natural Language Processing
  • Network and Mobile Security
  • Neural Networks
  • Privacy, Security and Trust Management
  • Security Management and Policies
  • Social Computing and Social Intelligence
  • Vision and Speech Perception

Benefits of Publishing in a Special Issue

  • Ease of navigation: Grouping papers by topic helps scholars navigate broad scope journals more efficiently.
  • Greater discoverability: Special Issues support the reach and impact of scientific research. Articles in Special Issues are more discoverable and cited more frequently.
  • Expansion of research network: Special Issues facilitate connections among authors, fostering scientific collaborations.
  • External promotion: Articles in Special Issues are often promoted through the journal's social media, increasing their visibility.
  • e-Book format: Special Issues with more than 10 articles can be published as dedicated e-books, ensuring wide and rapid dissemination.

Further information on MDPI's Special Issue polices can be found here.

Published Papers (9 papers)

Order results
Result details
Select all
Export citation of selected articles as:

Research

Jump to: Review, Other

17 pages, 3311 KiB  
Article
Secure Token–Key Implications in an Enterprise Multi-Tenancy Environment Using BGV–EHC Hybrid Homomorphic Encryption
by Pooja Dhiman, Santosh Kumar Henge, Rajakumar Ramalingam, Ankur Dumka, Rajesh Singh, Anita Gehlot, Mamoon Rashid, Sultan S. Alshamrani, Ahmed Saeed AlGhamdi and Abdullah Alshehri
Electronics 2022, 11(13), 1942; https://doi.org/10.3390/electronics11131942 - 21 Jun 2022
Cited by 8 | Viewed by 2166
Abstract
Authentication, authorization, and data access control are playing major roles in data security and privacy. The proposed model integrated the multi-factor authentication–authorization process with dependable and non-dependable factors and parameters based on providing security for tenants through a hybrid approach of fully homomorphic [...] Read more.
Authentication, authorization, and data access control are playing major roles in data security and privacy. The proposed model integrated the multi-factor authentication–authorization process with dependable and non-dependable factors and parameters based on providing security for tenants through a hybrid approach of fully homomorphic encryption methodology: the enhanced homomorphic cryptosystem (EHC) and the Brakersky–Gentry–Vaikuntanathan (BGV) scheme. This research was composed of four major elements: the fully homomorphic encryption blended schemes, EHC and BGV; secure token and key implications based on dependable and don-dependable factors; an algorithm for generating the tokens and the suitable keys, depending on the user’s role; and the execution of experimental test cases by using the EHC algorithm for key and token generation, based on dependable and non-dependable parameters and time periods. The proposed approach was tested with 152 end-users by integrating six multi-tenants, five head tenants, and two enterprise levels; and achieved a 92 percent success rate. The research integrated 32-bit plain text in the proposed hybrid approach by taking into consideration the encryption time, decryption time, and key generation time of data transmission via cloud servers. The proposed blended model was efficient in preventing data from ciphertext attacks and achieved a high success rate for transmitting data between the multi-tenants, based on the user-role-user type of enterprise cloud servers. Full article
Show Figures

Figure 1

21 pages, 1930 KiB  
Article
A Shared Cyber Threat Intelligence Solution for SMEs
by Max van Haastrecht, Guy Golpur, Gilad Tzismadia, Rolan Kab, Cristian Priboi, Dumitru David, Adrian Răcătăian, Louis Baumgartner, Samuel Fricker, Jose Francisco Ruiz, Esteban Armas, Matthieu Brinkhuis and Marco Spruit
Electronics 2021, 10(23), 2913; https://doi.org/10.3390/electronics10232913 - 24 Nov 2021
Cited by 13 | Viewed by 6721 | Correction
Abstract
Small- and medium-sized enterprises (SMEs) frequently experience cyberattacks, but often do not have the means to counter these attacks. Therefore, cybersecurity researchers and practitioners need to aid SMEs in their defence against cyber threats. Research has shown that SMEs require solutions that are [...] Read more.
Small- and medium-sized enterprises (SMEs) frequently experience cyberattacks, but often do not have the means to counter these attacks. Therefore, cybersecurity researchers and practitioners need to aid SMEs in their defence against cyber threats. Research has shown that SMEs require solutions that are automated and adapted to their context. In recent years, we have seen a surge in initiatives to share cyber threat intelligence (CTI) to improve collective cybersecurity resilience. Shared CTI has the potential to answer the SME call for automated and adaptable solutions. Sadly, as we demonstrate in this paper, current shared intelligence approaches scarcely address SME needs. We must investigate how shared CTI can be used to improve SME cybersecurity resilience. In this paper, we tackle this challenge using a systematic review to discover current state-of-the-art approaches to using shared CTI. We find that threat intelligence sharing platforms such as MISP have the potential to address SME needs, provided that the shared intelligence is turned into actionable insights. Based on this observation, we developed a prototype application that processes MISP data automatically, prioritises cybersecurity threats for SMEs, and provides SMEs with actionable recommendations tailored to their context. Subsequent evaluations in operational environments will help to improve our application, such that SMEs are enabled to thwart cyberattacks in future. Full article
Show Figures

Figure 1

43 pages, 7682 KiB  
Article
A Robust Framework for MADS Based on DL Techniques on the IoT
by Hussah Talal and Rachid Zagrouba
Electronics 2021, 10(21), 2723; https://doi.org/10.3390/electronics10212723 - 8 Nov 2021
Cited by 1 | Viewed by 2521
Abstract
Day after day, new types of malware are appearing, renewing, and continuously developing, which makes it difficult to identify and stop them. Some attackers exploit artificial intelligence (AI) to create renewable malware with different signatures that are difficult to detect. Therefore, the performance [...] Read more.
Day after day, new types of malware are appearing, renewing, and continuously developing, which makes it difficult to identify and stop them. Some attackers exploit artificial intelligence (AI) to create renewable malware with different signatures that are difficult to detect. Therefore, the performance of the traditional malware detection systems (MDS) and protection mechanisms were weakened so the malware can easily penetrate them. This poses a great risk to security in the internet of things (IoT) environment, which is interconnected and has big and continuous data. Penetrating any of the things in the IoT environment leads to a penetration of the entire IoT network and control different devices on it. Also, the penetration of the IoT environment leads to a violation of users’ privacy, and this may result in many risks, such as obtaining and stealing the user’s credit card information or theft of identity. Therefore, it is necessary to propose a robust framework for a MDS based on DL that has a high ability to detect renewable malware and propose malware Anomaly detection systems (MADS) work as a human mind to solve the problem of security in IoT environments. RoMADS model achieves high results: 99.038% for Accuracy, 99.997% for Detection rate. The experiment results overcome eighteen models of the previous research works related to this field, which proved the effectiveness of RoMADS framework for detecting malware in IoT. Full article
Show Figures

Figure 1

37 pages, 1442 KiB  
Article
MADS Based on DL Techniques on the Internet of Things (IoT): Survey
by Hussah Talal and Rachid Zagrouba
Electronics 2021, 10(21), 2598; https://doi.org/10.3390/electronics10212598 - 24 Oct 2021
Cited by 4 | Viewed by 3268
Abstract
Technologically speaking, humanity lives in an age of evolution, prosperity, and great development, as a new generation of the Internet has emerged; it is the Internet of Things (IoT) which controls all aspects of lives, from the different devices of the home to [...] Read more.
Technologically speaking, humanity lives in an age of evolution, prosperity, and great development, as a new generation of the Internet has emerged; it is the Internet of Things (IoT) which controls all aspects of lives, from the different devices of the home to the large industries. Despite the tremendous benefits offered by IoT, still there are some challenges regarding privacy and information security. The traditional techniques used in Malware Anomaly Detection Systems (MADS) could not give us as robust protection as we need in IoT environments. Therefore, it needed to be replaced with Deep Learning (DL) techniques to improve the MADS and provide the intelligence solutions to protect against malware, attacks, and intrusions, in order to preserve the privacy of users and increase their confidence in and dependence on IoT systems. This research presents a comprehensive study on security solutions in IoT applications, Intrusion Detection Systems (IDS), Malware Detection Systems (MDS), and the role of artificial intelligent (AI) in improving security in IoT. Full article
Show Figures

Figure 1

18 pages, 664 KiB  
Article
Securing Remote Access to Information Systems of Critical Infrastructure Using Two-Factor Authentication
by Rasa Bruzgiene and Konstantinas Jurgilas
Electronics 2021, 10(15), 1819; https://doi.org/10.3390/electronics10151819 - 29 Jul 2021
Cited by 10 | Viewed by 4576
Abstract
Information systems of critical infrastructure provide services on which the core functions of a state and its economy depend as well as welfare of society. Such systems are becoming an increasingly common target for crimes and attacks in cyberspace, as their vulnerabilities can [...] Read more.
Information systems of critical infrastructure provide services on which the core functions of a state and its economy depend as well as welfare of society. Such systems are becoming an increasingly common target for crimes and attacks in cyberspace, as their vulnerabilities can be exploited for malicious activities seeking financial or political gain. One of the main reasons that threatens the security of these systems is the weak control of remote access, otherwise defined as management of a system’s user identity. Management of user identity depends on user authentication, authorization and the assignment of certain rights in the digital space. This paper provides the proposed two-factor (2FA) digital authentication method for remote access to an information system of a critical infrastructure. Results of testing the method’s usability and resilience to cyber threats have shown that the system, in which the method was implemented, is protected from dangerous HTTP requests and publicly available system’s endpoints are protected from threatening inputs that could cause malicious activities on the critical infrastructure. Additionally, the implementation of the authentication API application ensures the rapidity of the method for less than 500 ms for 100 users working in parallel with the system at the same time. Full article
Show Figures

Figure 1

14 pages, 1659 KiB  
Article
Empirical Modeling of Customer Satisfaction for E-Services in Cross-Border E-Commerce
by Hamed Taherdoost and Mitra Madanchian
Electronics 2021, 10(13), 1547; https://doi.org/10.3390/electronics10131547 - 25 Jun 2021
Cited by 26 | Viewed by 8924
Abstract
This paper presents an empirical analysis of significant features of the e-service satisfaction model (ESM) as an important element of a sharing economy. Customer satisfaction is regarded as one determining factor in the success of businesses. Therefore, customer satisfaction is considered one of [...] Read more.
This paper presents an empirical analysis of significant features of the e-service satisfaction model (ESM) as an important element of a sharing economy. Customer satisfaction is regarded as one determining factor in the success of businesses. Therefore, customer satisfaction is considered one of the most critical features that determine the success of activities conducted by online businesses for cross-border e-commerce. Therefore, companies essentially need to measure the interaction and satisfaction level of their customers to improve the performance of their business. In this study, we employed content validity, exploratory factor analysis, constructive testing, and cluster discrimination to examine the survey instrument and test the e-service satisfaction model (ESM) in the context of e-commerce. To ensure the validation of measurement models and the proposed instruments, structural equation modeling was applied through SPSS AMOS software. According to the results of our study, the presented survey instrument is a strong and reliable tool to create customer interaction in cross-border e-commerce by identifying the various key factors affecting customer satisfaction. Full article
Show Figures

Figure 1

Review

Jump to: Research, Other

20 pages, 1022 KiB  
Review
Understanding Cybersecurity Frameworks and Information Security Standards—A Review and Comprehensive Overview
by Hamed Taherdoost
Electronics 2022, 11(14), 2181; https://doi.org/10.3390/electronics11142181 - 12 Jul 2022
Cited by 44 | Viewed by 27121
Abstract
Businesses are reliant on data to survive in the competitive market, and data is constantly in danger of loss or theft. Loss of valuable data leads to negative consequences for both individuals and organizations. Cybersecurity is the process of protecting sensitive data from [...] Read more.
Businesses are reliant on data to survive in the competitive market, and data is constantly in danger of loss or theft. Loss of valuable data leads to negative consequences for both individuals and organizations. Cybersecurity is the process of protecting sensitive data from damage or theft. To successfully achieve the objectives of implementing cybersecurity at different levels, a range of procedures and standards should be followed. Cybersecurity standards determine the requirements that an organization should follow to achieve cybersecurity objectives and facilitate against cybercrimes. Cybersecurity standards demonstrate whether an information system can meet security requirements through a range of best practices and procedures. A range of standards has been established by various organizations to be employed in information systems of different sizes and types. However, it is challenging for businesses to adopt the standard that is the most appropriate based on their cybersecurity demands. Reviewing the experiences of other businesses in the industry helps organizations to adopt the most relevant cybersecurity standards and frameworks. This study presents a narrative review of the most frequently used cybersecurity standards and frameworks based on existing papers in the cybersecurity field and applications of these cybersecurity standards and frameworks in various fields to help organizations select the cybersecurity standard or framework that best fits their cybersecurity requirements. Full article
Show Figures

Figure 1

23 pages, 903 KiB  
Review
A Review on Risk Management in Information Systems: Risk Policy, Control and Fraud Detection
by Hamed Taherdoost
Electronics 2021, 10(24), 3065; https://doi.org/10.3390/electronics10243065 - 9 Dec 2021
Cited by 25 | Viewed by 9840
Abstract
Businesses are bombarded with great deals of risks, vulnerabilities, and unforeseen business interruptions in their lifetime, which negatively affect their productivity and sustainability within the market. Such risks require a risk management system to identify risks and risk factors and propose approaches to [...] Read more.
Businesses are bombarded with great deals of risks, vulnerabilities, and unforeseen business interruptions in their lifetime, which negatively affect their productivity and sustainability within the market. Such risks require a risk management system to identify risks and risk factors and propose approaches to eliminate or reduce them. Risk management involves highly structured practices that should be implemented within an organization, including organizational planning documents. Continuity planning and fraud detection policy development are among the many critically important practices conducted through risk management that aim to mitigate risk factors, their vulnerability, and their impact. Information systems play a pivotal role in any organization by providing many benefits, such as reducing human errors and associated risks owing to the employment of sophisticated algorithms. Both the development and establishment of an information system within an organization contributes to mitigating business-related risks and also creates new types of risks associated with its establishment. Businesses must prepare for, react to, and recover from unprecedented threats that might emerge in the years or decades that follow. This paper provides a comprehensive narrative review of risk management in information systems coupled with its application in fraud detection and continuity planning. Full article
Show Figures

Graphical abstract

Other

Jump to: Research, Review

26 pages, 8668 KiB  
Concept Paper
Change Detection in Remote Sensing Image Data Comparing Algebraic and Machine Learning Methods
by Anjali Goswami, Deepak Sharma, Harani Mathuku, Syam Machinathu Parambil Gangadharan, Chandra Shekhar Yadav, Saroj Kumar Sahu, Manoj Kumar Pradhan, Jagendra Singh and Hazra Imran
Electronics 2022, 11(3), 431; https://doi.org/10.3390/electronics11030431 - 30 Jan 2022
Cited by 68 | Viewed by 7739
Abstract
Remote sensing technology has penetrated all the natural resource segments as it provides precise information in an image mode. Remote sensing satellites are currently the fastest-growing source of geographic area information. With the continuous change in the earth’s surface and the wide application [...] Read more.
Remote sensing technology has penetrated all the natural resource segments as it provides precise information in an image mode. Remote sensing satellites are currently the fastest-growing source of geographic area information. With the continuous change in the earth’s surface and the wide application of remote sensing, change detection is very useful for monitoring environmental and human needs. So, it is necessary to develop automatic change detection techniques to improve the quality and reduce the time required by manual image analysis. This work focuses on the improvement of the classification accuracy of the machine learning techniques by reviewing the training samples and comparing the post-classification comparison with the image differencing in the algebraic technique. Landsat data are medium spatial resolution data; that is why pixel-wise computation has been applied. Two change detection techniques have been studied by applying a decision tree algorithm using a separability matrix and image differencing. The first change detection, e.g., the separability matrix, is a post-classification comparison in which individual images are classified by a decision tree algorithm. The second change detection is, e.g., the image differencing change detection technique in which changed and unchanged pixels are determined by applying the corner method to calculate the threshold on the changing image. The performance of the machine learning algorithm has been validated by 10-fold cross-validation. The experimental results show that the change detection using the post-classification method produced better results when compared to the image differencing of the algebraic change detection technique. Full article
Show Figures

Figure 1

Back to TopTop