Special Issue "Cybersecurity and Data Science"

A special issue of Electronics (ISSN 2079-9292). This special issue belongs to the section "Computer Science & Engineering".

Deadline for manuscript submissions: 31 May 2022.

Special Issue Editor

Prof. Dr. Krzysztof Szczypiorski
E-Mail Website
Guest Editor
Institute of Telecommunications, Warsaw University of Technology, 00-665 Warszawa, Poland
Interests: cybersecurity; digital forensics; steganography; anomaly detection

Special Issue Information

This Special Issue is devoted to promoting the latest research in cybersecurity and data science. Digital transformation turns data into the new oil. The increasing availability of big data, structured and unstructured datasets, raises new challenges in cybersecurity, efficient data processing and knowledge extraction. The field of cybersecurity and data science fuels the data-driven economy. Innovations in this field require strong foundations in mathematics, statistics, machine learning and information security. 

The unprecedented increase in the availability of data in many fields of science and technology (e.g., genomic data, data from industrial environments, sensory data of smart cities, and social network data) ask for new methods and solutions for data processing, information extraction and decision support. This stimulates the development of new methods of data analysis, including those adapted to the analysis of new data structures and the growing volume of data.

Prof. Dr. Krzysztof Szczypiorski
Guest Editor

Manuscript Submission Information

Manuscripts should be submitted online at www.mdpi.com by registering and logging in to this website. Once you are registered, click here to go to the submission form. Manuscripts can be submitted until the deadline. All papers will be peer-reviewed. Accepted papers will be published continuously in the journal (as soon as accepted) and will be listed together on the special issue website. Research articles, review articles as well as short communications are invited. For planned papers, a title and short abstract (about 100 words) can be sent to the Editorial Office for announcement on this website.

Submitted manuscripts should not have been published previously, nor be under consideration for publication elsewhere (except conference proceedings papers). All manuscripts are thoroughly refereed through a single-blind peer-review process. A guide for authors and other relevant information for submission of manuscripts is available on the Instructions for Authors page. Electronics is an international peer-reviewed open access semimonthly journal published by MDPI.

Please visit the Instructions for Authors page before submitting a manuscript. The Article Processing Charge (APC) for publication in this open access journal is 2000 CHF (Swiss Francs). Submitted papers should be well formatted and use good English. Authors may use MDPI's English editing service prior to publication or during author revisions.

Keywords

  • Cybersecurity:
    • automated safety management systems
    • non-repudiation systems, including blockchain-based
    • data protection using machine learning
    • detection of unknown attacks on ICT systems using big data and fast data algorithms
    • post-quantum cryptography
  • BioMed Data Science:
    • bioinformatics
    • biostatistics
    • computational medicine
  • Big and Stream Data Science:
    • big data
    • distributed storage
    • batch and stream analytics (smart city, genomics)
  • Advanced Machine Learning:
    • statistical learning methods
    • interpretable and explainable predictive models
    • clustering
    • classification and data fusion
  • Mathematical Foundations for Data Science:
    • mathematical foundations of data modeling and analysis
    • statistics and probability
    • graphs and networks
    • soft computing

Published Papers (10 papers)

Order results
Result details
Select all
Export citation of selected articles as:

Research

Jump to: Other

Article
BrainShield: A Hybrid Machine Learning-Based Malware Detection Model for Android Devices
Electronics 2021, 10(23), 2948; https://doi.org/10.3390/electronics10232948 - 26 Nov 2021
Viewed by 306
Abstract
Android has become the leading operating system for mobile devices, and the most targeted one by malware. Therefore, many analysis methods have been proposed for detecting Android malware. However, few of them use proper datasets for evaluation. In this paper, we propose BrainShield, [...] Read more.
Android has become the leading operating system for mobile devices, and the most targeted one by malware. Therefore, many analysis methods have been proposed for detecting Android malware. However, few of them use proper datasets for evaluation. In this paper, we propose BrainShield, a hybrid malware detection model trained on the Omnidroid dataset to reduce attacks on Android devices. The latter is the most diversified dataset in terms of the number of different features, and contains the largest number of samples, 22,000 samples, for model evaluation in the Android malware detection field. BrainShield’s implementation is based on a client/server architecture and consists of three fully connected neural networks: (1) the first is used for static analysis and reaches an accuracy of 92.9% trained on 840 static features; (2) the second is a dynamic neural network that reaches an accuracy of 81.1% trained on 3722 dynamic features; and (3) the third neural network proposed is hybrid, reaching an accuracy of 91.1% trained on 7081 static and dynamic features. Simulation results show that BrainShield is able to improve the accuracy and the precision of well-known malware detection methods. Full article
(This article belongs to the Special Issue Cybersecurity and Data Science)
Show Figures

Figure 1

Article
A New Approach to the Development of Additive Fibonacci Generators Based on Prime Numbers
Electronics 2021, 10(23), 2912; https://doi.org/10.3390/electronics10232912 - 24 Nov 2021
Viewed by 379
Abstract
Pseudorandom number and bit sequence generators are widely used in cybersecurity, measurement, and other technology fields. A special place among such generators is occupied by additive Fibonacci generators (AFG). By itself, such a generator is not cryptographically strong. Nevertheless, when used as a [...] Read more.
Pseudorandom number and bit sequence generators are widely used in cybersecurity, measurement, and other technology fields. A special place among such generators is occupied by additive Fibonacci generators (AFG). By itself, such a generator is not cryptographically strong. Nevertheless, when used as a primary it can be quite resistant to cryptanalysis generators. This paper proposes a modification to AGF, the essence of which is to use prime numbers as modules of recurrent equations describing the operation of generators. This modification made it possible to ensure the constancy of the repetition period of the output pseudorandom pulse sequence in the entire range of possible values of the initial settings–keys (seed) at specific values of the module. In addition, it has proposed a new generator scheme, which consists of two generators: the first of which is based on a modified AFG and the second is based on a linear feedback shift register (LFSR). The output pulses of both generators are combined through a logic element XOR. The results of the experiment show that the specific values of modules provide a constant repetition period of the output pseudorandom pulse sequence in a whole range of possible values of the initial settings–keys (seed) and provide all the requirements of the NIST test to statistical characteristics of the sequence. Modified AFGs are designed primarily for hardware implementation, which allows them to provide high performance. Full article
(This article belongs to the Special Issue Cybersecurity and Data Science)
Show Figures

Figure 1

Article
Dataset Generation for Development of Multi-Node Cyber Threat Detection Systems
Electronics 2021, 10(21), 2711; https://doi.org/10.3390/electronics10212711 - 07 Nov 2021
Viewed by 633
Abstract
This paper presents a new approach to generate datasets for cyber threat research in a multi-node system. For this purpose, the proof-of-concept of such a system is implemented. The system will be used to collect unique datasets with examples of information hiding techniques. [...] Read more.
This paper presents a new approach to generate datasets for cyber threat research in a multi-node system. For this purpose, the proof-of-concept of such a system is implemented. The system will be used to collect unique datasets with examples of information hiding techniques. These techniques are not present in publicly available cyber threat detection datasets, while the cyber threats that use them represent an emerging cyber defense challenge worldwide. The network data were collected thanks to the development of a dedicated application that automatically generates random network configurations and runs scenarios of information hiding techniques. The generated datasets were used in the data-driven research workflow for cyber threat detection, including the generation of data representations (network flows), feature selection based on correlations, data augmentation of training datasets, and preparation of machine learning classifiers based on Random Forest and Multilayer Perceptron architectures. The presented results show the usefulness and correctness of the design process to detect information hiding techniques. The challenges and research directions to detect cyber deception methods are discussed in general in the paper. Full article
(This article belongs to the Special Issue Cybersecurity and Data Science)
Show Figures

Graphical abstract

Article
A Method for Fast Selection of Machine-Learning Classifiers for Spam Filtering
Electronics 2021, 10(17), 2083; https://doi.org/10.3390/electronics10172083 - 27 Aug 2021
Viewed by 500
Abstract
The paper elaborates on how text analysis influences classification—a key part of the spam-filtering process. The authors propose a multistage meta-algorithm for checking classifier performance. As a result, the algorithm allows for the fast selection of the best-performing classifiers as well as for [...] Read more.
The paper elaborates on how text analysis influences classification—a key part of the spam-filtering process. The authors propose a multistage meta-algorithm for checking classifier performance. As a result, the algorithm allows for the fast selection of the best-performing classifiers as well as for the analysis of higher-dimensionality data. The last aspect is especially important when analyzing large datasets. The approach of cross-validation between different datasets for supervised learning is applied in the meta-algorithm. Three machine-learning methods allowing a user to classify e-mails as desirable (ham) or potentially harmful (spam) messages were compared in the paper to illustrate the operation of the meta-algorithm. The used methods are simple, but as the results showed, they are powerful enough. We use the following classifiers: k-nearest neighbours (k-NNs), support vector machines (SVM), and the naïve Bayes classifier (NB). The conducted research gave us the conclusion that multinomial naïve Bayes classifier can be an excellent weapon in the fight against the constantly increasing amount of spam messages. It was also confirmed that the proposed solution gives very accurate results. Full article
(This article belongs to the Special Issue Cybersecurity and Data Science)
Show Figures

Figure 1

Article
Analysis and Implementation of Threat Agents Profiles in Semi-Automated Manner for a Network Traffic in Real-Time Information Environment
Electronics 2021, 10(15), 1849; https://doi.org/10.3390/electronics10151849 - 31 Jul 2021
Cited by 2 | Viewed by 810
Abstract
Threat assessment is the continuous process of monitoring the threats identified in the network of the real-time informational environment of an organisation and the business of the companies. The sagacity and security assurance for the system of an organisation and company’s business seem [...] Read more.
Threat assessment is the continuous process of monitoring the threats identified in the network of the real-time informational environment of an organisation and the business of the companies. The sagacity and security assurance for the system of an organisation and company’s business seem to need that information security exercise to unambiguously and effectively handle the threat agent’s attacks. How is this unambiguous and effective way in the present-day state of information security practice working? Given the prevalence of threats in the modern information environment, it is essential to guarantee the security of national information infrastructure. However, the existing models and methodology are not addressing the attributes of threats like motivation, opportunity, and capability (C, M, O), and the critical threat intelligence (CTI) feed to the threat agents during the penetration process is ineffective, due to which security assurance arises for an organisation and the business of companies. This paper proposes a semi-automatic information security model, which can deal with situational awareness data, strategies prevailing information security activities, and protocols monitoring specific types of the network next to the real-time information environment. This paper looks over analyses and implements the threat assessment of network traffic in one particular real-time informational environment. To achieve this, we determined various unique attributes of threat agents from the Packet Capture Application Programming Interface (PCAP files/DataStream) collected from the network between the years 2012 and 2019. We used hypothetical and real-world examples of a threat agent to evaluate the three different factors of threat agents, i.e., Motivation, Opportunity, and Capability (M, O, C). Based on this, we also designed and determined the threat profiles, critical threat intelligence (CTI), and complexity of threat agents that are not addressed or covered in the existing threat agent taxonomies models and methodologies. Full article
(This article belongs to the Special Issue Cybersecurity and Data Science)
Show Figures

Figure 1

Article
Discussion on IoT Security Recommendations against the State-of-the-Art Solutions
Electronics 2021, 10(15), 1814; https://doi.org/10.3390/electronics10151814 - 28 Jul 2021
Cited by 1 | Viewed by 617
Abstract
The Internet of Things (IoT) is an emerging concept comprising a wide ecosystem of interconnected devices and services. These technologies collect, exchange and process data in order to dynamically adapt to a specific context. IoT is tightly bound to cyber-physical systems and, in [...] Read more.
The Internet of Things (IoT) is an emerging concept comprising a wide ecosystem of interconnected devices and services. These technologies collect, exchange and process data in order to dynamically adapt to a specific context. IoT is tightly bound to cyber-physical systems and, in this respect, has relevant security implications. A need for IoT security guidelines was identified by the industry in the early 2010s. While numerous institutions across the globe have proposed recommendations with a goal to help developers, distributors and users to ensure a secure IoT infrastructure, a strict set of regulations for IoT security is yet to be established. In this paper, we aim to provide an overview of security guidelines for IoT proposed by various organizations, and evaluate some of the existing technologies applied to ensure IoT security against these guidelines. We gathered recommendations proposed by selected government organizations, international associations and advisory groups, and compiled them into a set of the most common and important considerations, divided into eight categories. Then we chose a number of representative examples from IoT security technologies and evaluated them against these criteria. While none of the examined solutions fulfill all recommendations on their own, the existing technologies introduced by those solutions could be combined to create a design framework which satisfies all the requirements of a secure IoT device. Further research on this matter could be beneficial. To the best of our knowledge, this is the first comprehensive survey to evaluate different security technologies for IoT device security against the compilation of criteria based on existing guidelines. Full article
(This article belongs to the Special Issue Cybersecurity and Data Science)
Show Figures

Figure 1

Article
Multi-Language Spam/Phishing Classification by Email Body Text: Toward Automated Security Incident Investigation
Electronics 2021, 10(6), 668; https://doi.org/10.3390/electronics10060668 - 12 Mar 2021
Cited by 5 | Viewed by 974
Abstract
Spamming and phishing are two types of emailing that are annoying and unwanted, differing by the potential threat and impact to the user. Automated classification of these categories can increase the users’ awareness as well as to be used for incident investigation prioritization [...] Read more.
Spamming and phishing are two types of emailing that are annoying and unwanted, differing by the potential threat and impact to the user. Automated classification of these categories can increase the users’ awareness as well as to be used for incident investigation prioritization or automated fact gathering. However, currently there are no scientific papers focusing on email classification concerning these two categories of spam and phishing emails. Therefore this paper presents a solution, based on email message body text automated classification into spam and phishing emails. We apply the proposed solution for email classification, written in three languages: English, Russian, and Lithuanian. As most public email datasets almost exclusively collect English emails, we investigate the suitability of automated dataset translation to adapt it to email classification, written in other languages. Experiments on public dataset usage limitations for a specific organization are executed in this paper to evaluate the need of dataset updates for more accurate classification results. Full article
(This article belongs to the Special Issue Cybersecurity and Data Science)
Show Figures

Figure 1

Article
A Wireless Covert Channel Based on Dirty Constellation with Phase Drift
Electronics 2021, 10(6), 647; https://doi.org/10.3390/electronics10060647 - 11 Mar 2021
Cited by 2 | Viewed by 748
Abstract
Modern telecommunications systems require the use of various transmission techniques, which are either open or hidden. The open transmission system uses various security techniques against its unauthorized reception, and cryptographic solutions ensure the highest security. In the case of hidden transmissions, steganographic techniques [...] Read more.
Modern telecommunications systems require the use of various transmission techniques, which are either open or hidden. The open transmission system uses various security techniques against its unauthorized reception, and cryptographic solutions ensure the highest security. In the case of hidden transmissions, steganographic techniques are used, which are based on the so-called covert channels. In this case, the transparency and stealth of the transmission ensure its security against being picked up by an unauthorized user. These covert channels can be implemented in multimedia content, network protocols, or physical layer transmissions. This paper focuses on wireless covert channels. We present a novel method of steganographic transmission which is based on phase drift in phase-shift keying or quadrature amplitude modulation (QAM) and is included in the so-called dirty constellation techniques. The proposed approach is based on the drift correction modulation method, which was previously used in the watermarking of audio-signals. The developed solution is characterized by a variable bit rate, which can be adapted to the used modulation type and transmission conditions occurring in radio channels. In the paper, we present the method of generating and receiving hidden information, simulation research, and practical implementation of the proposed solution using the software-defined radio platform for selected QAM. Full article
(This article belongs to the Special Issue Cybersecurity and Data Science)
Show Figures

Figure 1

Article
Multilayer Detection of Network Steganography
Electronics 2020, 9(12), 2128; https://doi.org/10.3390/electronics9122128 - 12 Dec 2020
Cited by 3 | Viewed by 784
Abstract
This paper presents a new method for steganography detection in network protocols. The method is based on a multilayer approach for the selective analysis of derived and aggregated metrics utilizing machine learning algorithms. The main objective is to provide steganalysis capability for networks [...] Read more.
This paper presents a new method for steganography detection in network protocols. The method is based on a multilayer approach for the selective analysis of derived and aggregated metrics utilizing machine learning algorithms. The main objective is to provide steganalysis capability for networks with large numbers of devices and connections. We discuss considerations for performance analysis and present results. We also describe a means of applying our method for multilayer detection of a popular RSTEG (Retransmission Steganography) technique. Full article
(This article belongs to the Special Issue Cybersecurity and Data Science)
Show Figures

Figure 1

Other

Jump to: Research

Systematic Review
Data Transformation Schemes for CNN-Based Network Traffic Analysis: A Survey
Electronics 2021, 10(16), 2042; https://doi.org/10.3390/electronics10162042 - 23 Aug 2021
Viewed by 626
Abstract
The enormous growth of services and data transmitted over the internet, the bloodstream of modern civilization, has caused a remarkable increase in cyber attack threats. This fact has forced the development of methods of preventing attacks. Among them, an important and constantly growing [...] Read more.
The enormous growth of services and data transmitted over the internet, the bloodstream of modern civilization, has caused a remarkable increase in cyber attack threats. This fact has forced the development of methods of preventing attacks. Among them, an important and constantly growing role is that of machine learning (ML) approaches. Convolutional neural networks (CNN) belong to the hottest ML techniques that have gained popularity, thanks to the rapid growth of computing power available. Thus, it is no wonder that these techniques have started to also be applied in the network traffic classification domain. This has resulted in a constant increase in the number of scientific papers describing various approaches to CNN-based traffic analysis. This paper is a survey of them, prepared with particular emphasis on a crucial but often disregarded aspect of this topic—the data transformation schemes. Their importance is a consequence of the fact that network traffic data and machine learning data have totally different structures. The former is a time series of values—consecutive bytes of the datastream. The latter, in turn, are one-, two- or even three-dimensional data samples of fixed lengths/sizes. In this paper, we introduce a taxonomy of data transformation schemes. Next, we use this categorization to describe various CNN-based analytical approaches found in the literature. Full article
(This article belongs to the Special Issue Cybersecurity and Data Science)
Show Figures

Figure 1

Back to TopTop