Search for Articles:
Title / Keyword
Author / Affiliation / Email
Journal
Article Type
 
 
Advanced Search
 
Section
Special Issue
Volume
Issue
Number
Page
 
5.3
2.6
Journals
Electronics
Special Issues
New Challenges in Information Security and Privacy and Cyber Resilience
share announcement

New Challenges in Information Security and Privacy and Cyber Resilience

A special issue of Electronics (ISSN 2079-9292). This special issue belongs to the section "Networks".

Deadline for manuscript submissions: closed (15 September 2024) | Viewed by 29504

Special Issue Editors

Dr. George Hatzivasilis

E-Mail
Guest Editor
Institute of Computer Science, Foundation for Research and Technology–Hellas (FORTH), Vassilika Vouton, 70013 Heraklion, Greece
Interests: information systems security and privacy; risk assessment; digital forensics and cyber threat intelligence; security training and cyber-ranges; and disaster mitigation planning in critical infrastructures
Special Issues, Collections and Topics in MDPI journals
Dr. Sotiris Ioannidis

E-Mail Website
Guest Editor
School of Electrical and Computer Engineering, Technical University of Crete, Akrotiri Campus, 731 00 Chania, Greece
Interests: systems and network security; security policy; privacy; high-speed networks
Special Issues, Collections and Topics in MDPI journals
Dr. Vasileios Mavroeidis

E-Mail Website
Guest Editor
Department of Informatics, University of Oslo, Gaustadalléen 23B, 0373 Oslo, Norway
Interests: cyber (threat) intelligence representation, sharing, and reasoning; information modeling; systems interoperability and standardization; security orchestration and automation; threat management; artificial intelligence
Prof. Dr. Vasilis Katos

E-Mail Website
Guest Editor
Faculty of Science and Technology, Bournemouth University, Bournemouth BH12 5BB, UK
Interests: AI in cybersecurity; cryptography; cyberdefence exercises; information warfare and security
Special Issues, Collections and Topics in MDPI journals

Special Issue Information

Dear Colleagues,

This Special Issue, 'New Challenges in Information Security, Privacy, and Cyber Resilience', will address the evolving landscape of digital threats and the need for innovative strategies to safeguard sensitive information, uphold privacy, and fortify organizational resilience in the face of cyber incidents.

In an era marked by rapid technological advancement, the proliferation of interconnected devices, and the widespread adoption of cloud computing, digital ecosystems have become increasingly vulnerable. This Special Issue delves into emerging threats such as sophisticated cyber-attacks, ransomware, data breaches, supply chain security, and social engineering techniques, providing a platform for experts, researchers, and practitioners to explore novel approaches to data security.

The Special Issue emphasizes the intricate interplay between information security, privacy, and cyber resilience and highlights the pressing need for holistic frameworks that not only fortify digital fortifications, but also uphold the privacy rights of individuals and organizations. We are seeking cutting-edge research on encryption protocols, authentication mechanisms, and access control systems that strike a balance between security and privacy.

This Special Issue will also focus on cyber resilience—the capacity to anticipate, prepare for, respond to, and recover from cyber incidents—covering topics such as incident response planning, threat intelligence sharing, and the role of human factors in bolstering cyber resilience.

The Special Issue seeks to bridge the gap between theoretical advancements and real-world applications, fostering a collaborative environment between academia and industry. It aims to equip cybersecurity professionals with the knowledge and tools necessary to stay ahead of evolving threats, ensuring the continued integrity, confidentiality, and availability of critical information.

The research published in this Special Issue will provide definitive resource for scholars, practitioners, and policymakers working towards a safer and more secure digital future.

Topics of interest include, but are not limited to:

  • Cybersecurity in modern computerized ecosystems (e.g., Internet of Things (IoT), cyber-physical systems (CPS), supply chains, smart cities and intelligent environments, etc.);
  • Privacy preservation and data protection in the digital era;
  • Cyber resilience of critical infrastructures;
  • Artificial intelligence in cyber protection;
  • Cyber threat intelligence and information sharing among collaborating organizations and communities;
  • Incident response planning and playbooks;
  • Secure development lifecycle for software and hardware;
  • Opensource software/hardware guarantees and bill of materials (BOM);
  • Security validation and theoretic aspects of security;
  • Cyber ranges training, raising awareness, and ethical aspects.

Dr. George Hatzivasilis
Prof. Dr. Sotiris Ioannidis
Dr. Vasileios Mavroeidis
Prof. Dr. Vasilis Katos
Guest Editors

Manuscript Submission Information

Manuscripts should be submitted online at www.mdpi.com by registering and logging in to this website. Once you are registered, click here to go to the submission form. Manuscripts can be submitted until the deadline. All submissions that pass pre-check are peer-reviewed. Accepted papers will be published continuously in the journal (as soon as accepted) and will be listed together on the special issue website. Research articles, review articles as well as short communications are invited. For planned papers, a title and short abstract (about 100 words) can be sent to the Editorial Office for announcement on this website.

Submitted manuscripts should not have been published previously, nor be under consideration for publication elsewhere (except conference proceedings papers). All manuscripts are thoroughly refereed through a single-blind peer-review process. A guide for authors and other relevant information for submission of manuscripts is available on the Instructions for Authors page. Electronics is an international peer-reviewed open access semimonthly journal published by MDPI.

Please visit the Instructions for Authors page before submitting a manuscript. The Article Processing Charge (APC) for publication in this open access journal is 2400 CHF (Swiss Francs). Submitted papers should be well formatted and use good English. Authors may use MDPI's English editing service prior to publication or during author revisions.

Keywords

  • cybersecurity in modern computerized ecosystems 
  • privacy preservation and data protection in the digital era
  • cyber resilience of critical infrastructures

Benefits of Publishing in a Special Issue

  • Ease of navigation: Grouping papers by topic helps scholars navigate broad scope journals more efficiently.
  • Greater discoverability: Special Issues support the reach and impact of scientific research. Articles in Special Issues are more discoverable and cited more frequently.
  • Expansion of research network: Special Issues facilitate connections among authors, fostering scientific collaborations.
  • External promotion: Articles in Special Issues are often promoted through the journal's social media, increasing their visibility.
  • e-Book format: Special Issues with more than 10 articles can be published as dedicated e-books, ensuring wide and rapid dissemination.

Further information on MDPI's Special Issue policies can be found here.

Published Papers (6 papers)

Download All Papers
Order results
Result details
Show export options expand_more Show export options expand_less
Select all
Export citation of selected articles as:

Research

Jump to: Review

22 pages, 3152 KiB  
Article
Hybrid Feature Engineering Based on Customer Spending Behavior for Credit Card Anomaly and Fraud Detection
by Maram Alamri and Mourad Ykhlef
Electronics 2024, 13(20), 3978; https://doi.org/10.3390/electronics13203978 - 10 Oct 2024
Viewed by 1780
Abstract
For financial institutions, credit card fraud detection is a critical activity where the accuracy and efficiency of detection models are important. Traditional methods often use standard feature selection techniques that may ignore refined patterns in transaction data. This paper presents a new approach [...] Read more.
For financial institutions, credit card fraud detection is a critical activity where the accuracy and efficiency of detection models are important. Traditional methods often use standard feature selection techniques that may ignore refined patterns in transaction data. This paper presents a new approach that combines feature aggregation with Exhaustive Feature Selection (EFS) to enhance the performance of credit card fraud detection models. Through feature aggregation, higher-order characteristics are created to capture complex relationships within the data, then find the most relevant features by evaluating all possible subsets of features systemically using EFS. Our method was tested using a public credit card fraud dataset, PaySim. Four popular learning classifiers—random forest (RF), decision tree (DT), logistic regression (LR), and deep neural network (DNN)—are used with balanced datasets to evaluate the techniques. The findings show a large improvement in detection accuracy, F1 score, and AUPRC compared to other approaches. Specifically, our method had improved F1 score, precision, and recall measures, which underlines its ability to handle fraudulent transactions’ nuances more effectively as compared to other approaches. This article provides an overall analysis of this method’s impact on model performance, giving some insights for future studies regarding fraud detection and related fields. Full article
(This article belongs to the Special Issue New Challenges in Information Security and Privacy and Cyber Resilience)
Show Figures

Figure 1

31 pages, 1965 KiB  
Article
Holistic Information Security Management and Compliance Framework
by Šarūnas Grigaliūnas, Michael Schmidt, Rasa Brūzgienė, Panayiota Smyrli, Stephanos Andreou and Audrius Lopata
Electronics 2024, 13(19), 3955; https://doi.org/10.3390/electronics13193955 - 7 Oct 2024
Cited by 1 | Viewed by 2433
Abstract
The growing complexity of cybersecurity threats demands a robust framework that integrates various security domains, addressing the issue of disjointed security practices that fail to comply with evolving regulations. This paper introduces a novel information security management and compliance framework that integrates operational, [...] Read more.
The growing complexity of cybersecurity threats demands a robust framework that integrates various security domains, addressing the issue of disjointed security practices that fail to comply with evolving regulations. This paper introduces a novel information security management and compliance framework that integrates operational, technical, human, and physical security domains. The aim of this framework is to enable organizations to identify the requisite information security controls and legislative compliance needs effectively. Unlike traditional approaches, this framework systematically aligns with both current and emerging security legislation, including GDPR, NIS2 Directive, and the Artificial Intelligence Act, offering a unified approach to comprehensive security management. The experimental methodology involves evaluating the framework against five distinct risk scenarios to test its effectiveness and adaptability. Each scenario assesses the framework’s capability to manage and ensure compliance with specific security controls and regulations. The results demonstrate that the proposed framework not only meets compliance requirements across multiple security domains but also provides a scalable solution for adapting to new threats and regulations efficiently. These findings represent a significant step forward in holistic security management, indicating that organizations can enhance their security posture and legislative compliance simultaneously through this integrated framework. Full article
(This article belongs to the Special Issue New Challenges in Information Security and Privacy and Cyber Resilience)
Show Figures

Figure 1

14 pages, 2721 KiB  
Article
Automated Conversion of CVE Records into an Expert System, Dedicated to Information Security Risk Analysis, Knowledge-Base Rules
by Dovydas Benetis, Donatas Vitkus, Justinas Janulevičius, Antanas Čenys and Nikolaj Goranin
Electronics 2024, 13(13), 2642; https://doi.org/10.3390/electronics13132642 - 5 Jul 2024
Cited by 2 | Viewed by 1316
Abstract
Expert systems (ESs) can be seen as a perspective method for risk analysis process automation, especially in the case of small- and medium-sized enterprises that lack internal security resources. Expert system practical applicability is limited by the fact that the creation of an [...] Read more.
Expert systems (ESs) can be seen as a perspective method for risk analysis process automation, especially in the case of small- and medium-sized enterprises that lack internal security resources. Expert system practical applicability is limited by the fact that the creation of an expert system knowledge base requires a lot of manual work. External knowledge sources, such as attack trees, web pages, and ontologies, are already proven to be valuable sources for the automated creation of knowledge base rules, thus leading to more effective creation of specialized expert systems. This research proposes a new method of automated conversion of CVE data from the National Vulnerability Database (version CVSS 2) into the knowledge base of an expert system and flags CVE records that have higher risk due to already existing exploit tools. This manuscript also contains a description of the method for implementing software and a practical evaluation of conversion results. The uniqueness of the proposed method is incorporation of the records included in the Cybersecurity and Infrastructure Security Agency (CISA) Known Exploited Vulnerabilities Catalog. Full article
(This article belongs to the Special Issue New Challenges in Information Security and Privacy and Cyber Resilience)
Show Figures

Figure 1

20 pages, 3321 KiB  
Article
Design and Implementation of a UMLRPAsec-Extension for Robotic Process Automation
by Anastasiya Kurylets and Nikolaj Goranin
Electronics 2024, 13(4), 769; https://doi.org/10.3390/electronics13040769 - 15 Feb 2024
Cited by 2 | Viewed by 1624
Abstract
Ensuring RPA (robotic process automation) security is a critical aspect when developing and operating automated software robots. One of the key steps for developing secure software robots is the design stage: the identification and specification of the requirements for the security of the [...] Read more.
Ensuring RPA (robotic process automation) security is a critical aspect when developing and operating automated software robots. One of the key steps for developing secure software robots is the design stage: the identification and specification of the requirements for the security of the system, the description of system precedents, the interaction between the classes involved in the robot being created, etc. Designs using security-oriented formal modeling languages, such as the UMLsec extension of UML, involve not only a visual representation of diagrams but also the possibility to focus the attention on security issues. However, currently, in the scientific community, there is no possibility of using stereotypes specialized for robots—a mechanism for expanding the unified modeling language that would explicitly reflect a specific problem in the subject area. In this article, we propose that the UMLRPAsec-extension for RPA can be used to model security in the RPA context. Full article
(This article belongs to the Special Issue New Challenges in Information Security and Privacy and Cyber Resilience)
Show Figures

Figure 1

Review

Jump to: Research

20 pages, 2074 KiB  
Review
Blockchain-Based Privacy Preservation for the Internet of Medical Things: A Literature Review
by Afnan Alsadhan, Areej Alhogail and Hessah Alsalamah
Electronics 2024, 13(19), 3832; https://doi.org/10.3390/electronics13193832 - 28 Sep 2024
Cited by 3 | Viewed by 2912
Abstract
The Internet of Medical Things (IoMT) is a rapidly expanding network comprising medical devices, sensors, and software that collect and exchange patient health data. Today, the IoMT has the potential to revolutionize healthcare by offering more personalized care to patients and improving the [...] Read more.
The Internet of Medical Things (IoMT) is a rapidly expanding network comprising medical devices, sensors, and software that collect and exchange patient health data. Today, the IoMT has the potential to revolutionize healthcare by offering more personalized care to patients and improving the efficiency of healthcare delivery. However, the IoMT also introduces significant privacy concerns, particularly regarding data privacy. IoMT devices often collect and store large amounts of data about patients’ health. These data could be used to track patients’ movements, monitor their health habits, and even predict their future health risks. This extensive data collection and surveillance could be a major invasion of patient privacy. Thus, privacy-preserving research in an IoMT context is an important area of research that aims to mitigate these privacy issues. This review paper comprehensively applies the PRISMA methodology to analyze, review, classify, and compare current approaches of preserving patient data privacy within IoMT blockchain-based healthcare environments. Full article
(This article belongs to the Special Issue New Challenges in Information Security and Privacy and Cyber Resilience)
Show Figures

Figure 1

35 pages, 1125 KiB  
Review
Review of Smart-Home Security Using the Internet of Things
by George Vardakis, George Hatzivasilis, Eleftheria Koutsaki and Nikos Papadakis
Electronics 2024, 13(16), 3343; https://doi.org/10.3390/electronics13163343 - 22 Aug 2024
Cited by 6 | Viewed by 19103
Abstract
As the Internet of Things (IoT) continues to revolutionize the way we interact with our living spaces, the concept of smart homes has become increasingly prevalent. However, along with the convenience and connectivity offered by IoT-enabled devices in smart homes comes a range [...] Read more.
As the Internet of Things (IoT) continues to revolutionize the way we interact with our living spaces, the concept of smart homes has become increasingly prevalent. However, along with the convenience and connectivity offered by IoT-enabled devices in smart homes comes a range of security challenges. This paper explores the landscape of smart-home security. In contrast to similar surveys, this study also examines the particularities of popular categories of smart devices, like home assistants, TVs, AR/VR, locks, sensors, etc. It examines various security threats and vulnerabilities inherent in smart-home ecosystems, including unauthorized access, data breaches, and device tampering. Additionally, the paper discusses existing security mechanisms and protocols designed to mitigate these risks, such as encryption, authentication, and intrusion-detection systems. Furthermore, it highlights the importance of user awareness and education in maintaining the security of smart-home environments. Finally, the paper proposes future research directions and recommendations for enhancing smart-home security with IoT, including the development of robust security best practices and standards, improved device authentication methods, and more effective intrusion-detection techniques. By addressing these challenges, the potential of IoT-enabled smart homes to enhance convenience and efficiency while ensuring privacy, security, and cyber-resilience can be realized. Full article
(This article belongs to the Special Issue New Challenges in Information Security and Privacy and Cyber Resilience)
Show Figures

Figure 1

Show export options expand_more Show export options expand_less
Select all
Export citation of selected articles as:
 
Displaying articles 1-6
Back to TopTop