applsci-logo

Journal Browser

Journal Browser

Advanced Technologies in Data and Information Security II

A special issue of Applied Sciences (ISSN 2076-3417). This special issue belongs to the section "Computing and Artificial Intelligence".

Deadline for manuscript submissions: closed (20 February 2023) | Viewed by 59188

Special Issue Editors


E-Mail Website
Guest Editor
Institute for Language and Speech Processing, Athena Research Centre, 67100 Xanthi, Greece
Interests: privacy-enhancing technologies (PETs); information security; distributed ledger technologies (DLTs); biomedical informatics; federated learning; transfer learning
Special Issues, Collections and Topics in MDPI journals

E-Mail Website
Guest Editor
Department of Computer Science, School of Sciences, International Hellenic University, Ag. Loukas Campus, 65404 Kavala, Greece
Interests: cybersecurity; IoT security; cyber threat intelligence; authentication systems; e-government services; electronic payment systems; mobile systems security; security awareness
Special Issues, Collections and Topics in MDPI journals

E-Mail Website
Guest Editor
Department of Physics, Faculty of Sciences, International Hellenic University, Ag. Loukas Campus, 65404 Kavala, Greece
Interests: model-agnostic meta-learning; multi-task learning; real-time analytics; scalable and compassable privacy-preserving data mining; automated assessment and response systems; AI anomaly detection; AI malware analysis; AI IDS-IPS; AI forensics; AI in blockchain
Special Issues, Collections and Topics in MDPI journals

Special Issue Information

Dear Colleagues,

The protection of personal data and privacy is a timeless challenge which has intensified in the modern era. The digitisation that has been achieved in recent decades has radically changed the way we live, communicate and work, revealing various security and privacy issues. Specifically, the explosion of new technologies and the continuous developments of technologies, such as IoT and AI, have led to the increased value of data, while it has raised demand and introduced new ways to obtain it. Techniques such as data analysis and processing provide a set of powerful tools that can be used by both governments and businesses for specific purposes. However, as with any valuable resource, as in the case of data, the phenomena of abuse, unfair practices and even criminal acts are not absent. In particular, in recent years, there have been more and more cases of sophisticated cyberattacks, data theft and leaks or even data trade, which violate the rights of individuals, but also harm competition and seriously damage the reputation of businesses.

In this Special Issue, we seek research and case studies that demonstrate the application of advanced technologies in data and information security to support applied scientific research, in any area of science and technology. Example topics include (but are not limited to) the following:

  1. Self-sovereign Identities
  2. Privacy-Preserving Solutions
  3. Blockchain-Based Security and Privacy
  4. Data Loss Prevention
  5. Deep Learning Forensics/Malware Analysis/Anomaly Detection
  6. AI-driven Security Systems
  7. Context-Aware Behavioural Analytics
  8. Security and Data Breach Detection
  9. Cyber-physical Systems Security
  10. Secure and Privacy-Preserving Health Solutions
  11. Active Defence Measures
  12. Social Networks Information Leaks
  13. Edge and Fog Computing Security
  14. Anonymization and Pseudonymization Solutions
  15. Zero-Trust Network Access Technology
  16. Dynamic Risk Management
  17. Cyber Threat Intelligence
  18. Situational Awareness

Dr. George Drosatos
Prof. Dr. Konstantinos Rantos
Dr. Konstantinos Demertzis
Guest Editors

Manuscript Submission Information

Manuscripts should be submitted online at www.mdpi.com by registering and logging in to this website. Once you are registered, click here to go to the submission form. Manuscripts can be submitted until the deadline. All submissions that pass pre-check are peer-reviewed. Accepted papers will be published continuously in the journal (as soon as accepted) and will be listed together on the special issue website. Research articles, review articles as well as short communications are invited. For planned papers, a title and short abstract (about 100 words) can be sent to the Editorial Office for announcement on this website.

Submitted manuscripts should not have been published previously, nor be under consideration for publication elsewhere (except conference proceedings papers). All manuscripts are thoroughly refereed through a single-blind peer-review process. A guide for authors and other relevant information for submission of manuscripts is available on the Instructions for Authors page. Applied Sciences is an international peer-reviewed open access semimonthly journal published by MDPI.

Please visit the Instructions for Authors page before submitting a manuscript. The Article Processing Charge (APC) for publication in this open access journal is 2400 CHF (Swiss Francs). Submitted papers should be well formatted and use good English. Authors may use MDPI's English editing service prior to publication or during author revisions.

Keywords

  • data protection
  • information security
  • cybersecurity
  • cyber threats
  • privacy
  • forensics
  • cryptography
  • blockchain
  • AI- and ML-driven security

Related Special Issue

Published Papers (22 papers)

Order results
Result details
Select all
Export citation of selected articles as:

Research

Jump to: Review, Other

19 pages, 2323 KiB  
Article
LHDNN: Maintaining High Precision and Low Latency Inference of Deep Neural Networks on Encrypted Data
by Jiaming Qian, Ping Zhang, Haoyong Zhu, Muhua Liu, Jiechang Wang and Xuerui Ma
Appl. Sci. 2023, 13(8), 4815; https://doi.org/10.3390/app13084815 - 11 Apr 2023
Cited by 3 | Viewed by 2049
Abstract
The advancement of deep neural networks (DNNs) has prompted many cloud service providers to offer deep learning as a service (DLaaS) to users across various application domains. However, in current DLaaS prediction systems, users’ data are at risk of leakage. Homomorphic encryption allows [...] Read more.
The advancement of deep neural networks (DNNs) has prompted many cloud service providers to offer deep learning as a service (DLaaS) to users across various application domains. However, in current DLaaS prediction systems, users’ data are at risk of leakage. Homomorphic encryption allows operations to be performed on ciphertext without decryption, which can be applied to DLaaS to ensure users’ data privacy. However, mainstream homomorphic encryption schemes only support homomorphic addition and multiplication, and do not support the ReLU activation function commonly used in the activation layers of DNNs. Previous work used approximate polynomials to replace the ReLU activation function, but the DNNs they implemented either had low inference accuracy or high inference latency. In order to achieve low inference latency of DNNs on encrypted data while ensuring inference accuracy, we propose a low-degree Hermite deep neural network framework (called LHDNN), which uses a set of low-degree trainable Hermite polynomials (called LotHps) as activation layers of DNNs. Additionally, LHDNN integrates a novel weight initialization and regularization module into the LotHps activation layer, which makes the training process of DNNs more stable and gives a stronger generalization ability. Additionally, to further improve the model accuracy, we propose a variable-weighted difference training (VDT) strategy that uses ReLU-based models to guide the training of LotHps-based models. Extensive experiments on multiple benchmark datasets validate the superiority of LHDNN in terms of inference speed and accuracy on encrypted data. Full article
(This article belongs to the Special Issue Advanced Technologies in Data and Information Security II)
Show Figures

Figure 1

20 pages, 2734 KiB  
Article
SSKM_DP: Differential Privacy Data Publishing Method via SFLA-Kohonen Network
by Zhiguang Chu, Jingsha He, Juxia Li, Qingyang Wang, Xing Zhang and Nafei Zhu
Appl. Sci. 2023, 13(6), 3823; https://doi.org/10.3390/app13063823 - 16 Mar 2023
Cited by 1 | Viewed by 1020
Abstract
Data publishing techniques have led to breakthroughs in several areas. These tools provide a promising direction. However, when they are applied to private or sensitive data such as patient medical records, the published data may divulge critical patient information. In order to address [...] Read more.
Data publishing techniques have led to breakthroughs in several areas. These tools provide a promising direction. However, when they are applied to private or sensitive data such as patient medical records, the published data may divulge critical patient information. In order to address this issue, we propose a differential private data publishing method (SSKM_DP) based on the SFLA-Kohonen network, which perturbs sensitive attributes based on the maximum information coefficient to achieve a trade-off between security and usability. Additionally, we introduced a single-population frog jump algorithm (SFLA) to optimize the network. Extensive experiments on benchmark datasets have demonstrated that SSKM_DP outperforms state-of-the-art methods for differentially private data publishing techniques significantly. Full article
(This article belongs to the Special Issue Advanced Technologies in Data and Information Security II)
Show Figures

Figure 1

20 pages, 9247 KiB  
Article
Multi-Resolution Analysis with Visualization to Determine Network Attack Patterns
by Dong Hyun Jeong, Bong-Keun Jeong and Soo-Yeon Ji
Appl. Sci. 2023, 13(6), 3792; https://doi.org/10.3390/app13063792 - 16 Mar 2023
Cited by 3 | Viewed by 1644
Abstract
Analyzing network traffic activities is imperative in network security to detect attack patterns. Due to the complex nature of network traffic event activities caused by continuously changing computing environments and software applications, identifying the patterns is one of the challenging research topics. This [...] Read more.
Analyzing network traffic activities is imperative in network security to detect attack patterns. Due to the complex nature of network traffic event activities caused by continuously changing computing environments and software applications, identifying the patterns is one of the challenging research topics. This study focuses on analyzing the effectiveness of integrating Multi-Resolution Analysis (MRA) and visualization in identifying the attack patterns of network traffic activities. In detail, a Discrete Wavelet Transform (DWT) is utilized to extract features from network traffic data and investigate their capability of identifying attacks. For extracting features, various sliding windows and step sizes are tested. Then, visualizations are generated to help users conduct interactive visual analyses to identify abnormal network traffic events. To determine optimal solutions for generating visualizations, an extensive evaluation with multiple intrusion detection datasets has been performed. In addition, classification analysis with three different classification algorithms is managed to understand the effectiveness of using the MRA with visualization. From the study, we generated multiple visualizations associated with various window and step sizes to emphasize the effectiveness of the proposed approach in differentiating normal and attack events by forming distinctive clusters. We also found that utilizing MRA with visualization advances network intrusion detection by generating clearly separated visual clusters. Full article
(This article belongs to the Special Issue Advanced Technologies in Data and Information Security II)
Show Figures

Figure 1

14 pages, 604 KiB  
Article
Improved Low-Depth SHA3 Quantum Circuit for Fault-Tolerant Quantum Computers
by Gyeongju Song, Kyungbae Jang and Hwajeong Seo
Appl. Sci. 2023, 13(6), 3558; https://doi.org/10.3390/app13063558 - 10 Mar 2023
Cited by 5 | Viewed by 1384
Abstract
To build a secure cryptography system in the post-quantum era, one must find the minimum security parameters against quantum attacks by estimating the quantum resources of a fault-tolerant quantum computer. In a fault-tolerant quantum computer, errors must reach an acceptable level for practical [...] Read more.
To build a secure cryptography system in the post-quantum era, one must find the minimum security parameters against quantum attacks by estimating the quantum resources of a fault-tolerant quantum computer. In a fault-tolerant quantum computer, errors must reach an acceptable level for practical uses according to error detection and error correction processes. However, these processes utilize additional quantum resources. As the depth of the quantum circuit increases, the computation time per qubit increases together with the processing errors. Therefore, in terms of errors in quantum circuits, it is a fundamental requirement to reduce the depth by trading off the number of qubits. This paper proposes novel low-depth SHA3 quantum circuit implementations for fault-tolerant quantum computers to reduce errors. The proposed SHA3 quantum circuit was implemented with the aim of optimizing the quantum circuit depth through a trade-off between the number of qubits, the quantum gate, and the quantum depth in each function. Compared to other state-of-art techniques, the proposed method achieved T-depth and full-depth reductions of 30.3% and 80.05%, respectively. We believe that this work will contribute to the establishment of minimum security parameters for SHA3 in the quantum era. Full article
(This article belongs to the Special Issue Advanced Technologies in Data and Information Security II)
Show Figures

Figure 1

11 pages, 522 KiB  
Article
AWEncoder: Adversarial Watermarking Pre-Trained Encoders in Contrastive Learning
by Tianxing Zhang, Hanzhou Wu, Xiaofeng Lu, Gengle Han and Guangling Sun
Appl. Sci. 2023, 13(6), 3531; https://doi.org/10.3390/app13063531 - 9 Mar 2023
Cited by 1 | Viewed by 1479
Abstract
As a self-supervised learning paradigm, contrastive learning has been widely used to pre-train a powerful encoder as an effective feature extractor for various downstream tasks. This process requires numerous unlabeled training data and computational resources, which makes the pre-trained encoder become the valuable [...] Read more.
As a self-supervised learning paradigm, contrastive learning has been widely used to pre-train a powerful encoder as an effective feature extractor for various downstream tasks. This process requires numerous unlabeled training data and computational resources, which makes the pre-trained encoder become the valuable intellectual property of the owner. However, the lack of a priori knowledge of downstream tasks makes it non-trivial to protect the intellectual property of the pre-trained encoder by applying conventional watermarking methods. To deal with this problem, in this paper, we introduce AWEncoder, an adversarial method for watermarking the pre-trained encoder in contrastive learning. First, as an adversarial perturbation, the watermark is generated by enforcing the training samples to be marked to deviate respective location and surround a randomly selected key image in the embedding space. Then, the watermark is embedded into the pre-trained encoder by further optimizing a joint loss function. As a result, the watermarked encoder not only performs very well for downstream tasks, but also enables us to verify its ownership by analyzing the discrepancy of output provided using the encoder as the backbone under both white-box and black-box conditions. Extensive experiments demonstrate that the proposed work enjoys quite good effectiveness and robustness on different contrastive learning algorithms and downstream tasks, which has verified the superiority and applicability of the proposed work. Full article
(This article belongs to the Special Issue Advanced Technologies in Data and Information Security II)
Show Figures

Figure 1

14 pages, 692 KiB  
Article
MalwD&C: A Quick and Accurate Machine Learning-Based Approach for Malware Detection and Categorization
by Attaullah Buriro, Abdul Baseer Buriro, Tahir Ahmad, Saifullah Buriro and Subhan Ullah
Appl. Sci. 2023, 13(4), 2508; https://doi.org/10.3390/app13042508 - 15 Feb 2023
Cited by 6 | Viewed by 1832
Abstract
Malware, short for malicious software, is any software program designed to cause harm to a computer or computer network. Malware can take many forms, such as viruses, worms, Trojan horses, and ransomware. Because malware can cause significant damage to a computer or network, [...] Read more.
Malware, short for malicious software, is any software program designed to cause harm to a computer or computer network. Malware can take many forms, such as viruses, worms, Trojan horses, and ransomware. Because malware can cause significant damage to a computer or network, it is important to avoid its installation to prevent any potential harm. This paper proposes a machine learning-based malware detection method called MalwD&C to allow the secure installation of Programmable Executable (PE) files. The proposed method uses machine learning classifiers to analyze the PE files and classify them as benign or malware. The proposed MalwD&C scheme was evaluated on a publicly available dataset by applying several machine learning classifiers in two settings: two-class classification (malware detection) and multi-class classification (malware categorization). The results showed that the Random Forest (RF) classifier outperformed all other chosen classifiers, achieving as high as 99.56% and 97.69% accuracies in the two-class and multi-class settings, respectively. We believe that MalwD&C will be widely accepted in academia and industry due to its speed in decision making and higher accuracy. Full article
(This article belongs to the Special Issue Advanced Technologies in Data and Information Security II)
Show Figures

Figure 1

20 pages, 21722 KiB  
Article
Study on Cyber Common Operational Picture Framework for Cyber Situational Awareness
by Kookjin Kim, Jaepil Youn, Sukjoon Yoon, Jiwon Kang, Kyungshin Kim and Dongkyoo Shin
Appl. Sci. 2023, 13(4), 2331; https://doi.org/10.3390/app13042331 - 11 Feb 2023
Cited by 3 | Viewed by 2976
Abstract
The remarkable development of the Internet has made our lives very convenient, such as through the ability to instantaneously transmit individual pictures. As a result, cyber-attacks are also being developed and increasing, and the computer/mobile devices we use can become infected with viruses [...] Read more.
The remarkable development of the Internet has made our lives very convenient, such as through the ability to instantaneously transmit individual pictures. As a result, cyber-attacks are also being developed and increasing, and the computer/mobile devices we use can become infected with viruses in an instant. Rapid cyber situational awareness is essential to prepare for such cyber-attacks. Accelerating cyber situational awareness requires Cyber Common Operational Pictures, which integrate and contextualize numerous data streams and data points. Therefore, we propose a Cyber Common Operational Pictures framework and criteria for rapid cyber situation awareness. First, the system reaction speed based on the user’s request and the standard for easily recognizing the object shown on the screen are presented. Second, standards and frameworks for five types of visualization screens that can directly recognize and respond to cyber-attacks are presented. Third, we show how a system was constructed based on the proposed framework, as well as the results of an experiment on the response time of each visualization screen. As a result of the experiment, the response speed of the 5 visualization screens was about 0.11 s on average for inquiry (simple) and 1.07 s on average for inquiry (complex). This is consistent with the typical response times of the studies investigated in this paper. If CyCOP is developed in compliance with the framework items (UI, object symbol, object size, response speed) presented in this paper, rapid situational awareness is possible. This research can be used in cyber-attack and defense training in the military field. In the private sector, it can be used in cyber and network control. Full article
(This article belongs to the Special Issue Advanced Technologies in Data and Information Security II)
Show Figures

Figure 1

22 pages, 5009 KiB  
Article
AI-Assisted Security Alert Data Analysis with Imbalanced Learning Methods
by Samuel Ndichu, Tao Ban, Takeshi Takahashi and Daisuke Inoue
Appl. Sci. 2023, 13(3), 1977; https://doi.org/10.3390/app13031977 - 3 Feb 2023
Cited by 6 | Viewed by 2413
Abstract
Intrusion analysis is essential for cybersecurity, but oftentimes, the overwhelming number of false alerts issued by security appliances can prove to be a considerable hurdle. Machine learning algorithms can automate a task known as security alert data analysis to facilitate faster alert triage [...] Read more.
Intrusion analysis is essential for cybersecurity, but oftentimes, the overwhelming number of false alerts issued by security appliances can prove to be a considerable hurdle. Machine learning algorithms can automate a task known as security alert data analysis to facilitate faster alert triage and incident response. This paper presents a bidirectional approach to address severe class imbalance in security alert data analysis. The proposed method utilizes an ensemble of three oversampling techniques to generate an augmented set of high-quality synthetic positive samples and employs a data subsampling algorithm to identify and remove noisy negative samples. Experimental results using an enterprise and a benchmark dataset confirm that this approach yields significantly improved recall and false positive rates compared with conventional oversampling techniques, suggesting its potential for more effective and efficient AI-assisted security operations. Full article
(This article belongs to the Special Issue Advanced Technologies in Data and Information Security II)
Show Figures

Figure 1

15 pages, 4259 KiB  
Article
A Novel Multi-Factor Authentication Algorithm Based on Image Recognition and User Established Relations
by Diego Carrillo-Torres, Jesús Arturo Pérez-Díaz, Jose Antonio Cantoral-Ceballos and Cesar Vargas-Rosales
Appl. Sci. 2023, 13(3), 1374; https://doi.org/10.3390/app13031374 - 20 Jan 2023
Cited by 10 | Viewed by 3358
Abstract
Conventional authentication methods, like simple text-based passwords, have shown vulnerabilities to different types of security attacks. Indeed, 61% of all breaches involve credentials, whether stolen via social engineering or hacked using brute force. Therefore, a robust user authentication mechanism is crucial to have [...] Read more.
Conventional authentication methods, like simple text-based passwords, have shown vulnerabilities to different types of security attacks. Indeed, 61% of all breaches involve credentials, whether stolen via social engineering or hacked using brute force. Therefore, a robust user authentication mechanism is crucial to have secure systems. Combining textual passwords with graphical passwords in a multi-factor approach can be an effective strategy. Advanced authentication systems, such as biometrics, are secure, but require additional infrastructure for efficient implementation. This paper proposes a Multi-Factor Authentication (MFA) based on a non-biometric mechanism that does not require additional hardware. The novelty of the proposed mechanism lies in a two-factor authentication algorithm which requires a user to identify specific images out of a set of randomly selected images, then the user is required to establish a self-pre-configured relation between two given images to complete authentication. A functional prototype of the proposed system was developed and deployed. The proposed system was tested by users of different backgrounds achieving 100% accuracy in identifying and authenticating users, if authentication elements and credentials were not forgotten. It was also found to be accepted by the users as being easy to use and preferable over common MFA mechanisms. Full article
(This article belongs to the Special Issue Advanced Technologies in Data and Information Security II)
Show Figures

Figure 1

17 pages, 1875 KiB  
Article
Applying BERT for Early-Stage Recognition of Persistence in Chat-Based Social Engineering Attacks
by Nikolaos Tsinganos, Panagiotis Fouliras and Ioannis Mavridis
Appl. Sci. 2022, 12(23), 12353; https://doi.org/10.3390/app122312353 - 2 Dec 2022
Cited by 5 | Viewed by 1646
Abstract
Chat-based social engineering (CSE) attacks are attracting increasing attention in the Small-Medium Enterprise (SME) environment, given the ease and potential impact of such an attack. During a CSE attack, malicious users will repeatedly use linguistic tricks to eventually deceive their victims. Thus, to [...] Read more.
Chat-based social engineering (CSE) attacks are attracting increasing attention in the Small-Medium Enterprise (SME) environment, given the ease and potential impact of such an attack. During a CSE attack, malicious users will repeatedly use linguistic tricks to eventually deceive their victims. Thus, to protect SME users, it would be beneficial to have a cyber-defense mechanism able to detect persistent interlocutors who repeatedly bring up critical topics that could lead to sensitive data exposure. We build a natural language processing model, called CSE-PersistenceBERT, for paraphrase detection to recognize persistency as a social engineering attacker’s behavior during a chat-based dialogue. The CSE-PersistenceBERT model consists of a pre-trained BERT model fine-tuned using our handcrafted CSE-Persistence corpus; a corpus appropriately annotated for the specific downstream task of paraphrase recognition. The model identifies the linguistic relationship between the sentences uttered during the dialogue and exposes the malicious intent of the attacker. The results are satisfactory and prove the efficiency of CSE-PersistenceBERT as a recognition mechanism of a social engineer’s persistent behavior during a CSE attack. Full article
(This article belongs to the Special Issue Advanced Technologies in Data and Information Security II)
Show Figures

Figure 1

18 pages, 3080 KiB  
Article
Generalized Replay Spoofing Countermeasure Based on Combining Local Subclassification Models
by Sarah Mohammed Altuwayjiri, Ouiem Bchir and Mohamed Maher Ben Ismail
Appl. Sci. 2022, 12(22), 11742; https://doi.org/10.3390/app122211742 - 18 Nov 2022
Viewed by 1205
Abstract
Automatic speaker verification (ASV) systems play a prominent role in the security field due to the usability of voice biometrics compared to alternative biometric authentication modalities. Nevertheless, ASV systems are susceptible to malicious voice spoofing attacks. In response to such threats, countermeasures have [...] Read more.
Automatic speaker verification (ASV) systems play a prominent role in the security field due to the usability of voice biometrics compared to alternative biometric authentication modalities. Nevertheless, ASV systems are susceptible to malicious voice spoofing attacks. In response to such threats, countermeasures have been devised to prevent breaches and ensure the safety of user data by categorizing utterances as either genuine or spoofed. In this paper, we propose a new voice spoofing countermeasure that seeks to improve the generalization of supervised learning models. This is accomplished by alleviating the problem of intraclass variance. Specifically, the proposed approach addresses the generalization challenge by splitting the classification problem into a set of local subproblems in order to lessen the supervised learning task. The system outperformed existing state-of-the-art approaches with an EER of 0.097% on the ASVspoof challenge corpora related to replaying spoofing attacks. Full article
(This article belongs to the Special Issue Advanced Technologies in Data and Information Security II)
Show Figures

Figure 1

13 pages, 598 KiB  
Article
DeepDetection: Privacy-Enhanced Deep Voice Detection and User Authentication for Preventing Voice Phishing
by Yeajun Kang, Wonwoong Kim, Sejin Lim, Hyunji Kim and Hwajeong Seo
Appl. Sci. 2022, 12(21), 11109; https://doi.org/10.3390/app122111109 - 2 Nov 2022
Cited by 5 | Viewed by 2580
Abstract
The deep voice detection technology currently being researched causes personal information leakage because the input voice data are stored in the detection server. To overcome this problem, in this paper, we propose a novel system (i.e., DeepDetection) that can detect deep voices and [...] Read more.
The deep voice detection technology currently being researched causes personal information leakage because the input voice data are stored in the detection server. To overcome this problem, in this paper, we propose a novel system (i.e., DeepDetection) that can detect deep voices and authenticate users without exposing voice data to the server. Voice phishing prevention is achieved in two-way approaches by performing primary verification through deep voice detection and secondary verification of whether the sender is the correct sender through user authentication. Since voice preprocessing is performed on the user local device, voice data are not stored on the detection server. Thus, we can overcome the security vulnerabilities of the existing detection research. We used ASVspoof 2019 and achieved an F1-score of 100% in deep voice detection and an F1 score of 99.05% in user authentication. Additionally, the average EER for user authentication achieved was 0.15. Therefore, this work can be effectively used to prevent deep voice-based phishing. Full article
(This article belongs to the Special Issue Advanced Technologies in Data and Information Security II)
Show Figures

Figure 1

13 pages, 1017 KiB  
Article
A Parallel Quantum Circuit Implementations of LSH Hash Function for Use with Grover’s Algorithm
by Gyeongju Song, Kyungbae Jang, Hyunji Kim and Hwajeong Seo
Appl. Sci. 2022, 12(21), 10891; https://doi.org/10.3390/app122110891 - 27 Oct 2022
Cited by 3 | Viewed by 1358
Abstract
Grover’s search algorithm accelerates the key search on the symmetric key cipher and the pre-image attack on the hash function. To conduct Grover’s search algorithm, the target cipher algorithm should be efficiently implemented in a quantum circuit. Currently, small quantum computers are difficult [...] Read more.
Grover’s search algorithm accelerates the key search on the symmetric key cipher and the pre-image attack on the hash function. To conduct Grover’s search algorithm, the target cipher algorithm should be efficiently implemented in a quantum circuit. Currently, small quantum computers are difficult to operate with large quantum circuits due to limited performance. Therefore, if a large quantum computer that can operate Grover’s algorithm appears, it is expected that a cipher attack will be possible. In this paper, we propose a parallel structure quantum circuit for the Korean hash function standard (i.e., LSH). The proposed quantum circuit designed a parallel operation structure for the message expansion (i.e., MsgExp) function and the mix function, which are the internal structures of the LSH hash function. This approach shows an efficient result for quantum circuit implementation in terms of quantum resources by reducing the depth of the quantum circuit by about 96% through the trade-off of appropriate quantum resources compared to previous work. This result can be a reference for the implementation of a parallel quantum circuit in the future and is expected to advance the attack timing of the search algorithm for Grover’s LSH hash function. Full article
(This article belongs to the Special Issue Advanced Technologies in Data and Information Security II)
Show Figures

Figure 1

21 pages, 495 KiB  
Article
Improving Deep Learning-Based Recommendation Attack Detection Using Harris Hawks Optimization
by Quanqiang Zhou, Cheng Huang and Liangliang Duan
Appl. Sci. 2022, 12(19), 10135; https://doi.org/10.3390/app121910135 - 9 Oct 2022
Cited by 1 | Viewed by 1282
Abstract
Recommendation attack attempts to bias the recommendation results of collaborative recommender systems by injecting malicious ratings into the rating database. A lot of methods have been proposed for detecting such attacks. Among these works, the deep learning-based detection methods get rid of the [...] Read more.
Recommendation attack attempts to bias the recommendation results of collaborative recommender systems by injecting malicious ratings into the rating database. A lot of methods have been proposed for detecting such attacks. Among these works, the deep learning-based detection methods get rid of the dependence on hand-designed features of recommendation attack besides having excellent detection performance. However, most of them optimize the key hyperparameters by manual analysis which relies too much on domain experts and their experience. To address this issue, in this paper we propose an approach based on the Harris Hawks Optimization (HHO) algorithm to improve the deep learning-based detection methods. Being different from the original detection methods which optimize the key hyperparameters manually, the improved deep learning-based detection methods can optimize the key hyperparameters automatically. We first convert the key hyperparameters of discrete type to continuous type according to the uniform distribution theory to expand the application scope of HHO algorithm. Then, we use the detection stability as an early stop condition to reduce the optimization iterations to improve the HHO algorithm. After that, we use the improved HHO algorithm to automatically optimize the key hyperparameters for the deep learning-based detection methods. Finally, we use the optimized key hyperparameters to train the deep learning-based detection methods to generate classifiers for detecting the recommendation attack. The experiments conducted on two benchmark datasets illustrate that the improved deep learning-based detection methods have effective performance. Full article
(This article belongs to the Special Issue Advanced Technologies in Data and Information Security II)
Show Figures

Figure 1

28 pages, 2705 KiB  
Article
Investigating Wearable Fitness Applications: Data Privacy and Digital Forensics Analysis on Android
by Shinelle Hutchinson, Mohammad Meraj Mirza, Nicholas West, Umit Karabiyik, Marcus K. Rogers, Tathagata Mukherjee, Sudhir Aggarwal, Haeyong Chung and Carrie Pettus-Davis
Appl. Sci. 2022, 12(19), 9747; https://doi.org/10.3390/app12199747 - 28 Sep 2022
Cited by 8 | Viewed by 4874
Abstract
Wearable devices are becoming more and more prevalent in our daily lives as people become more curious about how well they are doing in monitoring, improving, or maintaining their health and fitness. Fitness trackers and smartwatches have become almost ubiquitous, so these devices [...] Read more.
Wearable devices are becoming more and more prevalent in our daily lives as people become more curious about how well they are doing in monitoring, improving, or maintaining their health and fitness. Fitness trackers and smartwatches have become almost ubiquitous, so these devices have begun to play a critical role in forensic investigations. In this paper, the authors conducted a forensic analysis of the controlling applications for three popular fitness bands and smartwatches (i.e., Amazon Halo, Garmin Connect, and Mobvoi) on an Android smartphone device to (1) provide forensic investigators with a road-map of forensically relevant data that are stored within these applications and (2) highlight any privacy concerns that the stored data within these applications may present to the applications’ users. Our findings indicate that the three fitness applications store a wealth of user data. In particular, the Amazon Halo app stores daily, weekly, and monthly activity-related data for at least the last 13 days. The user’s Tone Analysis results were also recovered. The Garmin Connect application also records detailed user activity information, as it was possible to recover the last 15 days worth of user activity data. The Garmin Connect user’s general location was also determined via the application’s weather notification feature. Lastly, the Mobvoi application records all data points from the time the device is first used until the last time the device is used. These data points may include heart rates taken every 5 min and step counts. Our findings highlight the possibility of collecting personally identifiable information about users of these devices and apps, including their profile information, habits, location, and state of mind. These findings would be pertinent to forensic investigators in the event that these or similar applications are part of an investigation. Full article
(This article belongs to the Special Issue Advanced Technologies in Data and Information Security II)
Show Figures

Figure 1

19 pages, 995 KiB  
Article
The Role of Privacy Fatigue in Privacy Paradox: A PSM and Heterogeneity Analysis
by Xinluan Tian, Lina Chen and Xiaojuan Zhang
Appl. Sci. 2022, 12(19), 9702; https://doi.org/10.3390/app12199702 - 27 Sep 2022
Cited by 6 | Viewed by 2243
Abstract
Powerful rising trends of mobile media platforms have also resulted in the escalation of users’ privacy concerns. However, there is a paradox between users’ attitudes towards privacy and their actual privacy disclosure behaviors. This study attempts to explain the phenomenon of privacy paradox [...] Read more.
Powerful rising trends of mobile media platforms have also resulted in the escalation of users’ privacy concerns. However, there is a paradox between users’ attitudes towards privacy and their actual privacy disclosure behaviors. This study attempts to explain the phenomenon of privacy paradox in the mobile social media context from the privacy fatigue perspective. Based on the Elaboration Likelihood Model (ELM) and employing the method of Propensity Score Matching (PSM), this paper confirmed that privacy fatigue could directly explain the privacy paradox. Among the findings, cynicism turned the relationship between privacy concern and privacy protection behaviors from positive influence to negative influence, while emotional exhaustion would weaken the positive influence relationship between privacy concern and the intention to undertake privacy protection behaviors. In addition, the study also revealed the heterogeneous effects of individual characteristics and usage characteristics variables on how the privacy fatigue influences privacy paradox. Full article
(This article belongs to the Special Issue Advanced Technologies in Data and Information Security II)
Show Figures

Figure 1

15 pages, 5739 KiB  
Article
Investigating Proactive Digital Forensics Leveraging Adversary Emulation
by Valentine Machaka and Titus Balan
Appl. Sci. 2022, 12(18), 9077; https://doi.org/10.3390/app12189077 - 9 Sep 2022
Cited by 1 | Viewed by 2679
Abstract
Traditional digital forensics techniques are becoming obsolete due to rapid technological change. Proactive digital forensic investigations (PDFI) solve the challenges of cloud computing forensics such as evidence identification, collection, preservation, and timelining from heterogeneous cumulative data. Cumulative data heterogeneity poses significant challenges to [...] Read more.
Traditional digital forensics techniques are becoming obsolete due to rapid technological change. Proactive digital forensic investigations (PDFI) solve the challenges of cloud computing forensics such as evidence identification, collection, preservation, and timelining from heterogeneous cumulative data. Cumulative data heterogeneity poses significant challenges to the sound collection of electronically stored information (ESI) or digital evidence across cloud endpoints and/or networked systems. In addition, the distribution of networked systems and/or cloud environments makes it impossible for forensics investigators to be present at several premises to perform the investigation. Hence, it is important to have PDFI in place to ensure continuous operation in the event of a cyberattack, because it does not require the presence of an investigator at the target location. In this study, researchers put the idea of proactive digital forensics to the test and concluded that it is an indispensable tool for networked systems and cloud computing environments in response to modern-day digital forensics challenges. This research was based on an experimental computer science and engineering approach using a virtualised environment simulating an information communication infrastructure. To generate evidence (digital artefacts), and validate the proof-of-concept, adversary emulation was used by adapting the MITRE ATT&CK framework. Research results have shown that PDFI improves digital forensics activities in terms of speed and accuracy, thereby providing credible and timely comprehensive digital evidence. Enhanced Incident detection capabilities enable an analyst to focus much more on forensic investigation functions and thus perform their tasks effectively. However, the legality of live and/or remote forensics is still of great concern in several jurisdictions, thereby affecting the credibility of digital artefacts obtained in this manner. Nevertheless, where possible, the law component should also be kept up to date with modern-day technologies to solve any inconveniences caused by the ever-growing technology demands. Full article
(This article belongs to the Special Issue Advanced Technologies in Data and Information Security II)
Show Figures

Figure 1

30 pages, 911 KiB  
Article
Revisiting the Detection of Lateral Movement through Sysmon
by Christos Smiliotopoulos, Konstantia Barmpatsalou  and Georgios Kambourakis
Appl. Sci. 2022, 12(15), 7746; https://doi.org/10.3390/app12157746 - 1 Aug 2022
Cited by 8 | Viewed by 4016
Abstract
This work attempts to answer in a clear way the following key questions regarding the optimal initialization of the Sysmon tool for the identification of Lateral Movement in the MS Windows ecosystem. First, from an expert’s standpoint and with reference to the relevant [...] Read more.
This work attempts to answer in a clear way the following key questions regarding the optimal initialization of the Sysmon tool for the identification of Lateral Movement in the MS Windows ecosystem. First, from an expert’s standpoint and with reference to the relevant literature, what are the criteria for determining the possibly optimal initialization features of the Sysmon event monitoring tool, which are also applicable as custom rules within the config.xml configuration file? Second, based on the identified features, how can a functional configuration file, able to identify as many LM variants as possible, be generated? To answer these questions, we relied on the MITRE ATT and CK knowledge base of adversary tactics and techniques and focused on the execution of the nine commonest LM methods. The conducted experiments, performed on a properly configured testbed, suggested a great number of interrelated networking features that were implemented as custom rules in the Sysmon’s config.xml file. Moreover, by capitalizing on the rich corpus of the 870K Sysmon logs collected, we created and evaluated, in terms of TP and FP rates, an extensible Python .evtx file analyzer, dubbed PeX, which can be used towards automatizing the parsing and scrutiny of such voluminous files. Both the .evtx logs dataset and the developed PeX tool are provided publicly for further propelling future research in this interesting and rapidly evolving field. Full article
(This article belongs to the Special Issue Advanced Technologies in Data and Information Security II)
Show Figures

Figure 1

29 pages, 1724 KiB  
Article
Forensic Investigation of Remnant Data on USB Storage Devices Sold in New Zealand
by Zawar Shah, Arkar Kyaw, Hong Phat Truong, Imdad Ullah and Andrew Levula
Appl. Sci. 2022, 12(12), 5928; https://doi.org/10.3390/app12125928 - 10 Jun 2022
Cited by 1 | Viewed by 3365
Abstract
The digital forensic tools used by law enforcement agencies for forensic investigations are mostly proprietary and commercially expensive; although open-source tools are used, the investigations conducted with such tools are not verified by reputable organisations, and hence, users are reluctant to practice such [...] Read more.
The digital forensic tools used by law enforcement agencies for forensic investigations are mostly proprietary and commercially expensive; although open-source tools are used, the investigations conducted with such tools are not verified by reputable organisations, and hence, users are reluctant to practice such tools. To address this issue, we experimentally evaluate three open-source forensic tools based on various requirements recommended by the National Institute of Standards and Technology (NIST) framework for forensic investigation. The experimental setup consists of a forensic workstation, write-blocker, and purchased USB hard drives investigated via digital forensic imaging tools, i.e., DC3DD, DCFLDD, and Guymager. We create various test cases, which distribute USB hard drives in different groups and investigate the functional and optional requirements of NIST along with recovering and analysing remnant data. We evaluate these forensic tools by analysing the log information, following, anonymously (to ensure that data were not disclosed or misused during or after the investigations) collecting, examining, and classifying the remnant data restored from the USB hard drives. We observe that the percentage of hardware resources usage and the processing time of each tool are remarkably different, e.g., Guymager was the fastest tool and met all the functional requirements in each test case, but it utilised more CPU and memory resources than DC3DD, DCFLDD. We note that 88.23% of the USB hard drives contained sensitive personal or business information (e.g., personal photos, bank transactions, and contracts). Subsequently, the remnant data analysis shows that consumers in New Zealand are unaware of personal data security and the associated vulnerabilities of data leakages. Full article
(This article belongs to the Special Issue Advanced Technologies in Data and Information Security II)
Show Figures

Figure 1

Review

Jump to: Research, Other

32 pages, 1442 KiB  
Review
Distributed Denial of Service Attacks against Cloud Computing Environment: Survey, Issues, Challenges and Coherent Taxonomy
by Ziyad R. Alashhab, Mohammed Anbar, Manmeet Mahinderjit Singh, Iznan H. Hasbullah, Prateek Jain and Taief Alaa Al-Amiedy
Appl. Sci. 2022, 12(23), 12441; https://doi.org/10.3390/app122312441 - 5 Dec 2022
Cited by 12 | Viewed by 3462
Abstract
Cloud computing (CC) plays a significant role in revolutionizing the information and communication technology (ICT) industry, allowing flexible delivery of new services and computing resources at a fraction of the costs for end-users than traditional computing. Unfortunately, many potential cyber threats impact CC-deployed [...] Read more.
Cloud computing (CC) plays a significant role in revolutionizing the information and communication technology (ICT) industry, allowing flexible delivery of new services and computing resources at a fraction of the costs for end-users than traditional computing. Unfortunately, many potential cyber threats impact CC-deployed services due to the exploitation of CC’s characteristics, such as resource sharing, elasticity, and multi-tenancy. This survey provides a comprehensive discussion on security issues and challenges facing CC for cloud service providers and their users. Furthermore, this survey proposes a new taxonomy for classifying CC attacks, distributed denial of service (DDoS) attacks, and DDoS attack detection approaches on CC. It also provides a qualitative comparison with the existing surveys. Finally, this survey aims to serve as a guide and reference for other researchers working on new DDoS attack detection approaches within the CC environment. Full article
(This article belongs to the Special Issue Advanced Technologies in Data and Information Security II)
Show Figures

Figure 1

37 pages, 2119 KiB  
Review
Blockchain Applications in Agriculture: A Scoping Review
by Andreas Sendros, George Drosatos, Pavlos S. Efraimidis and Nestor C. Tsirliganis
Appl. Sci. 2022, 12(16), 8061; https://doi.org/10.3390/app12168061 - 11 Aug 2022
Cited by 16 | Viewed by 6166
Abstract
Blockchain is a distributed, immutable ledger technology initially developed to secure cryptocurrency transactions. Following its revolutionary use in cryptocurrencies, blockchain solutions are now being proposed to address various problems in different domains, and it is currently one of the most “disruptive” technologies. This [...] Read more.
Blockchain is a distributed, immutable ledger technology initially developed to secure cryptocurrency transactions. Following its revolutionary use in cryptocurrencies, blockchain solutions are now being proposed to address various problems in different domains, and it is currently one of the most “disruptive” technologies. This paper presents a scoping review of the scientific literature for exploring the current research area of blockchain applications in the agricultural sector. The aim is to identify the service areas of agriculture where blockchain is used, the blockchain technology used, the data stored in it, its combination with external databases, the reason it is used, and the variety of agricultural products, as well as the level of maturity of the respective approaches. The study follows the PRISMA-ScR methodology. The purpose of conducting these scoping reviews is to identify the evidence in this field and clarify the key concepts. The literature search was conducted in April 2021 using Scopus and Google Scholar, and a systematic selection process identified 104 research articles for detailed study. Our findings show that in the field, although still in the early stages, with the majority of the studies in the design phase, several experiments have been conducted, so a significant percentage of the work is in the implementation or piloting phase. Finally, our research shows that the use of blockchain in this domain mainly concerns the integrity of agricultural production records, the monitoring of production steps, and the monitoring of products. However, other varied and remarkable blockchain applications include incentive mechanisms, a circular economy, data privacy, product certification, and reputation systems. This study is the first scoping review in this area, following a formal systematic literature review methodology and answering research questions that have not yet been addressed. Full article
(This article belongs to the Special Issue Advanced Technologies in Data and Information Security II)
Show Figures

Figure 1

Other

Jump to: Research, Review

18 pages, 2285 KiB  
Perspective
Mathematical Approaches Transform Cybersecurity from Protoscience to Science
by Ivan Trenchev, Willian Dimitrov, Georgi Dimitrov, Tanya Ostrovska and Miglena Trencheva
Appl. Sci. 2023, 13(11), 6508; https://doi.org/10.3390/app13116508 - 26 May 2023
Viewed by 2473
Abstract
The area of cybersecurity problems has reached the stage of becoming a science. This raises questions about the connection between the mathematical theories used in cybersecurity research and their relation to the methodology for experiments and conceptual models synthesized from the academic community. [...] Read more.
The area of cybersecurity problems has reached the stage of becoming a science. This raises questions about the connection between the mathematical theories used in cybersecurity research and their relation to the methodology for experiments and conceptual models synthesized from the academic community. This research proposes an analytical review of the mathematical ideas used in applied cyber-security and theoretical explorations. This meta viewpoint is dedicated to standard mathematical theories applied in cybersecurity issues. The ground of the work is methodological problems relating to the validation of experiments and models with mathematical ideas in the cybersecurity exploration of digital space. This research emphasizes the application of game theory, catastrophe theory, queuing systems, and Markov chains. The methods are shown without claiming to be exhaustive. The goal is to review the currently established implementation of mathematical approaches to cybersecurity. A spectrum of possibilities for applying mathematical apparatus in future research for cybersecurity is given. After a review of the literature for each presented mathematical approach, we expose a list of problematic areas in which this has already been implemented. Full article
(This article belongs to the Special Issue Advanced Technologies in Data and Information Security II)
Show Figures

Figure 1

Back to TopTop