Search for Articles:
Title / Keyword
Author / Affiliation / Email
Journal
Article Type
 
 
Advanced Search
 
Section
Special Issue
Volume
Issue
Number
Page
 
5.3
2.6
Journals
Electronics
Special Issues
New Challenges in Cyber Security
share announcement

New Challenges in Cyber Security

A special issue of Electronics (ISSN 2079-9292). This special issue belongs to the section "Computer Science & Engineering".

Deadline for manuscript submissions: closed (15 October 2024) | Viewed by 10321

Special Issue Editors

Dr. Zhipeng Cai

E-Mail Website
Guest Editor
Department of Computer Science, Georgia State University, Atlanta, GA 30303, USA
Interests: cyber security; big data and privacy
Special Issues, Collections and Topics in MDPI journals
Dr. Sai Akshita Maradapu Vera Venkata

E-Mail Website
Guest Editor
Department of Computer and Information Sciences, Towson University, Towson, MD 21252, USA
Interests: cyber security; social network; digital twins and privacy
Dr. Zuobin Xiong

E-Mail Website
Guest Editor
Department of Computer Science at the University of Nevada, Las Vegas, NV 89154, USA
Interests: private machine learning; privacy inference attacks
Dr. Tuo Shi

E-Mail Website
Guest Editor
Department of Computer Science, City University of Hong Kong, Kowloon 999077, Hong Kong
Interests: wireless network and edge computing

Special Issue Information

Dear Colleagues,

In recent years, advances in the field of networking, communication and computation have led people to adopt distributed methods/resources for performing large-scale data processing, redefine the computing paradigm, and also focus on cyber security. The essential design objective of the current data processing framework is to build a unified, integrated, and holistic computing system that can efficiently and effectively organize and utilize diverse computing resources, ranging from computing powers in cloud centers to a sea of spare mobile end resources. The emergence of such an integrated system brings forward a unique network, where computing can be performed anytime, and anywhere and be initialized by anyone. For example, residents may request deep learning models for local business services, where the model could be jointly trained by mobile phones and laptops owned by local citizens, embedded computing units in public facilities and smart vehicles, as well as by edge and cloud servers by collecting training datasets.

However, this trend of adopting such novel computing paradigms and frameworks also brings unprecedented challenges in cyber security. Malicious individuals can conduct seamless and combinatorial attacks on heterogeneous devices deployed in extensively wide ranges. Potentially vulnerable devices include central servers, edge nodes, mobile devices and small Internet-of-Things gadgets. These devices have varied levels of robustness, availability, accessibility, and controllability; therefore, the current unified design for each device is impractical. Moreover, corresponding data and information for processing are also distributed and stored on multiple devices and device owners, which further aggravates cyber security issues, making it an integrated, sophisticated and long-lasting task. Generally, the protection of cyber security remains unsettled, despite the remarkable benefits brought by the generalized computing framework.

Therefore, this Special Issue solicits all categories of original studies and novel solutions which are required for handling novel challenges in cyber security in the upcoming unified computing paradigm, including novel theories, frameworks, techniques, and applications.

The topics of interest include, but are not limited to:

  • New fundamental architectures and frameworks for cyber security;
  • Novel theories and techniques on vulnerability detection;
  • Novel theories and techniques on encryption and decryption;
  • Novel theories and techniques on authentication and access control;
  • Secure data collection and aggregation mechanisms in distributed systems;
  • Novel techniques for secure communication;
  • Novel techniques and analysis for data privacy;
  • Novel secure and efficient edge computing techniques;
  • Secure and efficient data processing mechanisms in cloud–edge–terminal systems;
  • Secure and in-network data processing mechanisms in the hybrid Internet of Things;
  • Novel frameworks and techniques on federated learning;
  • Novel deep learning models for cyber security;
  • Novel demos, applications, and systems for cyber security.

Dr. Zhipeng Cai
Dr. Sai Akshita Maradapu Vera Venkata
Dr. Zuobin Xiong
Dr. Tuo Shi
Guest Editors

Manuscript Submission Information

Manuscripts should be submitted online at www.mdpi.com by registering and logging in to this website. Once you are registered, click here to go to the submission form. Manuscripts can be submitted until the deadline. All submissions that pass pre-check are peer-reviewed. Accepted papers will be published continuously in the journal (as soon as accepted) and will be listed together on the special issue website. Research articles, review articles as well as short communications are invited. For planned papers, a title and short abstract (about 100 words) can be sent to the Editorial Office for announcement on this website.

Submitted manuscripts should not have been published previously, nor be under consideration for publication elsewhere (except conference proceedings papers). All manuscripts are thoroughly refereed through a single-blind peer-review process. A guide for authors and other relevant information for submission of manuscripts is available on the Instructions for Authors page. Electronics is an international peer-reviewed open access semimonthly journal published by MDPI.

Please visit the Instructions for Authors page before submitting a manuscript. The Article Processing Charge (APC) for publication in this open access journal is 2400 CHF (Swiss Francs). Submitted papers should be well formatted and use good English. Authors may use MDPI's English editing service prior to publication or during author revisions.

Keywords

  • cyber security
  • security and privacy
  • distributed data processing
  • internet of things
  • edge computing

Benefits of Publishing in a Special Issue

  • Ease of navigation: Grouping papers by topic helps scholars navigate broad scope journals more efficiently.
  • Greater discoverability: Special Issues support the reach and impact of scientific research. Articles in Special Issues are more discoverable and cited more frequently.
  • Expansion of research network: Special Issues facilitate connections among authors, fostering scientific collaborations.
  • External promotion: Articles in Special Issues are often promoted through the journal's social media, increasing their visibility.
  • e-Book format: Special Issues with more than 10 articles can be published as dedicated e-books, ensuring wide and rapid dissemination.

Further information on MDPI's Special Issue polices can be found here.

Published Papers (7 papers)

Download All Papers
Order results
Result details
Show export options expand_more Show export options expand_less
Select all
Export citation of selected articles as:

Research

18 pages, 688 KiB  
Article
A Unified Model for Chinese Cyber Threat Intelligence Flat Entity and Nested Entity Recognition
by Jiayi Yu, Yuliang Lu, Yongheng Zhang, Yi Xie, Mingjie Cheng and Guozheng Yang
Electronics 2024, 13(21), 4329; https://doi.org/10.3390/electronics13214329 - 4 Nov 2024
Viewed by 1025
Abstract
In recent years, as cybersecurity threats have become increasingly severe and cyberattacks have occurred frequently, higher requirements have been put forward for cybersecurity protection. Therefore, the Named Entity Recognition (NER) technique, which is the cornerstone of Cyber Threat Intelligence (CTI) analysis, is particularly [...] Read more.
In recent years, as cybersecurity threats have become increasingly severe and cyberattacks have occurred frequently, higher requirements have been put forward for cybersecurity protection. Therefore, the Named Entity Recognition (NER) technique, which is the cornerstone of Cyber Threat Intelligence (CTI) analysis, is particularly important. However, most existing NER studies are limited to recognizing single-layer flat entities, ignoring the possible nested entities in CTI. On the other hand, most of the existing studies focus on English CTIs, and the existing models performed poorly in a limited number of Chinese CTI studies. Given the above challenges, we propose in this paper a novel unified model, RBTG, which aims to identify flat and nested entities in Chinese CTI effectively. To overcome the difficult boundary recognition problem and the direction-dependent and distance-dependent properties in Chinese CTI NER, we use Global Pointer as the decoder and TENER as the encoder layer, respectively. Specifically, the Global Pointer layer solves the problem of the insensitivity of general NER methods to entity boundaries by utilizing the relative position information and the multiplicative attention mechanism. The TENER layer adapts to the Chinese CTI NER task by introducing an attention mechanism with direction awareness and distance awareness. Meanwhile, to cope with the complex feature capture of hierarchical structure and dependencies among Chinese CTI nested entities, the TENER layer solves the problem by following the structure of multiple self-attention layers and feed-forward network layers superimposed on each other in the Transformer. In addition, to fill the gap in the Chinese CTI nested entity dataset, we further apply the Large Language Modeling (LLM) technique and domain knowledge to construct a high-quality Chinese CTI nested entity dataset, CDTinee, which consists of six entity types selected from STIX, including nearly 4000 entity types extracted from more than 3000 threatening sentences. In the experimental session, we conduct extensive experiments on multiple datasets, and the results show that the proposed model RBTG outperforms the baseline model in both flat NER and nested NER. Full article
(This article belongs to the Special Issue New Challenges in Cyber Security)
Show Figures

Figure 1

14 pages, 441 KiB  
Article
Modeling Cybersecurity Risk: The Integration of Decision Theory and Pivot Pairwise Relative Criteria Importance Assessment with Scale for Cybersecurity Threat Evaluation
by Aleksandar Šijan, Dejan Viduka, Luka Ilić, Bratislav Predić and Darjan Karabašević
Electronics 2024, 13(21), 4209; https://doi.org/10.3390/electronics13214209 - 27 Oct 2024
Cited by 1 | Viewed by 2530
Abstract
This paper presents a comprehensive model for cyber security risk assessment using the PIPRECIA-S method within decision theory, which enables organizations to systematically identify, assess and prioritize key cyber threats. The study focuses on the evaluation of malware, ransomware, phishing and DDoS attacks, [...] Read more.
This paper presents a comprehensive model for cyber security risk assessment using the PIPRECIA-S method within decision theory, which enables organizations to systematically identify, assess and prioritize key cyber threats. The study focuses on the evaluation of malware, ransomware, phishing and DDoS attacks, using criteria such as severity of impact, financial losses, ease of detection and prevention, impact on reputation and system recovery. This approach facilitates decision making, as it enables the flexible adaptation of the risk assessment to the specific needs of an organization. The PIPRECIA-S model has proven to be useful for identifying the most critical threats, with a special emphasis on ransomware and DDoS attacks, which represent the most significant risks to businesses. This model provides a framework for making informed and strategic decisions to reduce risk and strengthen cyber security, which are critical in a digital environment where threats become more and more sophisticated. Full article
(This article belongs to the Special Issue New Challenges in Cyber Security)
Show Figures

Figure 1

20 pages, 6650 KiB  
Article
Bit Sufi-Dance: Covert Data Exfiltration from Air-Gapped Networks via Electricity Meter
by Yongyu Liang, Hong Shan, Zetao Liu and Chengxi Xu
Electronics 2024, 13(21), 4198; https://doi.org/10.3390/electronics13214198 - 25 Oct 2024
Viewed by 864
Abstract
To protect important data and files, people often use air gap isolation, also known as air gap separation, to block external threats. However, internal networks may still introduce pollution due to supply chain contamination, human error, or social engineering. Although internal devices cannot [...] Read more.
To protect important data and files, people often use air gap isolation, also known as air gap separation, to block external threats. However, internal networks may still introduce pollution due to supply chain contamination, human error, or social engineering. Although internal devices cannot directly communicate with the outside world. This paper proposes a new technology called Bit Sufi-Dance that utilizes electricity meters and optical devices to detect exfiltrated data. Most electricity meters have power indicator mechanical turntables or LED lights which can be indirectly controlled by the device’s power consumption oscillation. This allows for information encoding and the extraction of data from the air-gapped computer. It is important to note that this exfiltration channel does not require any hardware or firmware modifications and cannot be detected by existing Data Leakage Prevention (DLP) systems. The article discusses its design and implementation issues while evaluating it using different types of electricity meters. Our experiment demonstrates that data can be exfiltrated from the air-gap isolated computer through an electricity meter at a bit rate of 101 b/h. Finally, we assess this security threat and discuss defense mechanisms and preventive measures. Full article
(This article belongs to the Special Issue New Challenges in Cyber Security)
Show Figures

Figure 1

14 pages, 359 KiB  
Article
Truncated Differential-Neural Key Recovery Attacks on Round-Reduced HIGHT
by Byoungjin Seok
Electronics 2024, 13(20), 4053; https://doi.org/10.3390/electronics13204053 - 15 Oct 2024
Viewed by 969
Abstract
Recently, differential-neural cryptanalysis, which integrates deep learning with differential cryptanalysis, has emerged as a powerful and practical cryptanalysis method. It has been particularly applied to lightweight block ciphers, which are characterized by simple structures and operations, and relatively small block and key sizes. [...] Read more.
Recently, differential-neural cryptanalysis, which integrates deep learning with differential cryptanalysis, has emerged as a powerful and practical cryptanalysis method. It has been particularly applied to lightweight block ciphers, which are characterized by simple structures and operations, and relatively small block and key sizes. In resource-constrained environments, such as Internet of Things (IoT), it is essential to verify the resistance of existing lightweight block ciphers against differential-neural cryptanalysis to ensure security. In differential-neural cryptanalysis, a deep learning model, known as a neural distinguisher, is trained to differentiate a target cipher from others, facilitating key recovery through statistical analysis. For successful differential-neural cryptanalysis, it is crucial to develop a highly accurate neural distinguisher and to optimize the key recovery attack algorithm. In this paper, we introduce a novel neural distinguisher and key recovery attack against the 15-round reduced HIGHT cipher. Our proposed neural distinguisher is capable of distinguishing HIGHT ciphertext by analyzing only a portion of the ciphertext, which we refer to as a truncated neural distinguisher. Notably, our experiments demonstrate that the truncated neural distinguisher achieves performance comparable to existing distinguishers trained on entire ciphertext blocks, while enabling a more efficient key recovery attack through a divide-and-conquer strategy. Furthermore, we observe a significant improvement in key recovery efficiency compared to traditional cryptanalysis methods. Full article
(This article belongs to the Special Issue New Challenges in Cyber Security)
Show Figures

Figure 1

27 pages, 11331 KiB  
Article
Study on Prediction and Response Model for Threat Diffusion Based on Multi-Step Reachability Matrix
by Jina Lee, Subong Jung, Daehoon Cheagal, Jisoo Jang and Dongkyoo Shin
Electronics 2024, 13(19), 3921; https://doi.org/10.3390/electronics13193921 - 3 Oct 2024
Viewed by 981
Abstract
As the importance of defending against cyber attacks has increased, various studies have been conducted to analyze and utilize the reachability between hosts. Although this approach effectively explains asset-based threat responses by security personnel, it is limited as a means of strategic judgment [...] Read more.
As the importance of defending against cyber attacks has increased, various studies have been conducted to analyze and utilize the reachability between hosts. Although this approach effectively explains asset-based threat responses by security personnel, it is limited as a means of strategic judgment by top decision makers considering the tasks of an organization in a large-scale network environment. The purpose of this study is to develop a method for simplifying the characteristics of the attack paths of a large number of hosts by projecting them to a higher-level organization and aiding in visualizing the impacts of threats. To achieve this, a methodology is presented that supports both strategic judgment by top decision makers, considering the tasks of lower-level organizational units, and asset-based responses. This is accomplished by analyzing asset-based impacts through the generation of a Multi-Step Reachability Matrix (MRM2) and the multi-threat synthesis of low-level threat diffusion paths at the asset level, while gradually abstracting the transition information of the corresponding threats to the higher-level organization. In this paper, the diffusion process is modeled through the connectivity between hosts, and it is expected that this approach will contribute to the development of a decision support model that meets the needs of both upper- and lower-level decision makers. This is achieved by reflecting a variety of factors that influence attack and defense. These factors include the importance of the organization’s mission or business to each asset, the criticality of the system function to which the asset belongs, the dependencies between assets, and the unique characteristics of the asset, including vulnerabilities, exploitation conditions, cyber resilience, and lifecycle costs. Full article
(This article belongs to the Special Issue New Challenges in Cyber Security)
Show Figures

Figure 1

17 pages, 5351 KiB  
Article
HydraulicBridge: Covert Signaling Channel between Air-Gapped Systems Using Hydraulic-Pressure Fluctuations
by Yongyu Liang, Hong Shan, Jun Zhao, Canju Lu and Guozheng Yang
Electronics 2024, 13(15), 3010; https://doi.org/10.3390/electronics13153010 - 30 Jul 2024
Viewed by 1170
Abstract
To protect critical computing systems from network attacks, modern enterprises typically employ physical isolation measures to disconnect them from open networks such as the Internet. However, attackers can still infiltrate these closed networks through internal employees or supply chain vulnerabilities. This presents the [...] Read more.
To protect critical computing systems from network attacks, modern enterprises typically employ physical isolation measures to disconnect them from open networks such as the Internet. However, attackers can still infiltrate these closed networks through internal employees or supply chain vulnerabilities. This presents the primary challenge that attackers face: how to effectively manage and manipulate infected devices that are isolated from the external network. In this paper, we propose a new covert communication technology called HydraulicBridge, which demonstrates how air gap networks can communicate through covert water pressure-fluctuation channels. Specifically, we demonstrate how water pressure from water pipes can be used to communicate with infected hosts within an air gap network. Additionally, we provide experimental results demonstrating the feasibility of covert channels and test the communication speed in the experimental environment. Finally, we offer a forensic analysis and propose various methods for detecting and blocking this channel. We believe that this study provides a comprehensive introduction to previously unseen attack vectors that security experts should be aware of. Full article
(This article belongs to the Special Issue New Challenges in Cyber Security)
Show Figures

Figure 1

24 pages, 466 KiB  
Article
A Comprehensive Survey on Enabling Techniques in Secure and Resilient Smart Grids
by Xueyi Wang, Shancang Li and Md Arafatur Rahman
Electronics 2024, 13(11), 2177; https://doi.org/10.3390/electronics13112177 - 3 Jun 2024
Cited by 2 | Viewed by 1696
Abstract
Smart grids are a cornerstone of the transition to a decentralised, low-carbon energy system, which offer significant benefits, including increased reliability, improved energy efficiency, and seamless integration of renewable energy sources. However, ensuring the security and resilience of smart grids is paramount. Cyber [...] Read more.
Smart grids are a cornerstone of the transition to a decentralised, low-carbon energy system, which offer significant benefits, including increased reliability, improved energy efficiency, and seamless integration of renewable energy sources. However, ensuring the security and resilience of smart grids is paramount. Cyber attacks, physical disruptions, and other unforeseen threats pose a significant risk to the stability and functionality of the grid. This paper identifies the research gaps and technical hurdles that hinder the development of a robust and secure smart grid infrastructure. This paper addresses the critical gaps in smart grid security research, outlining the technical challenges and promising avenues for exploration by both the industry and academia. A novel framework designed to enhance the reliability and security of smart grids was proposed against cyber attacks, considering the interconnectedness of the physical and cyber components. The paper further explores future research trends and identifies the key open issues in the ongoing effort to strengthen the security and resilience of smart grids. Full article
(This article belongs to the Special Issue New Challenges in Cyber Security)
Show Figures

Figure 1

Show export options expand_more Show export options expand_less
Select all
Export citation of selected articles as:
 
Displaying articles 1-7
Back to TopTop