Network and Information Security: Threats, Vulnerabilities, Detection and Management

A special issue of Future Internet (ISSN 1999-5903). This special issue belongs to the section "Cybersecurity".

Deadline for manuscript submissions: closed (31 July 2023) | Viewed by 5861

Special Issue Editor


E-Mail Website
Guest Editor
College of Computer Science and Technology, National Huaqiao University, Xiamen 361021, China
Interests: network and information security; information hiding; artificial intelligence
Special Issues, Collections and Topics in MDPI journals

Special Issue Information

Dear Colleagues,

With the vigorous development of the Internet, information technology has dramatically brought many opportunities and conveniences to people's lives. However, these opportunities have also created serious risks in relation to information security. Therefore, there has been a tremendous increase in research in the area of network and information security.

The importance and impact of network and information security are significantly increasing. Network and information security is an interdisciplinary field that combines a set of areas including computer science, software development, data science, and communication network. As a research topic, network and information security apply scientific methods, processes, algorithms, and systems to extract threats and vulnerabilities from structured and unstructured data to solve various security problems in practical applications.

Network and information security involve government, military, culture, education, finance, scientific research, energy, business, and other fields. Its research contents mainly include access control, authentication, biometrics, cryptography, cyber-physical systems, information hiding, Intrusion detection, malware, quantum cryptography, sensor networks, and usable security.

This Special Issue will discuss this trending topic and present innovative solutions to show the importance of network and information security to researchers, managers, industry, society, and other communities.

Prof. Dr. Hui Tian
Guest Editor

Manuscript Submission Information

Manuscripts should be submitted online at www.mdpi.com by registering and logging in to this website. Once you are registered, click here to go to the submission form. Manuscripts can be submitted until the deadline. All submissions that pass pre-check are peer-reviewed. Accepted papers will be published continuously in the journal (as soon as accepted) and will be listed together on the special issue website. Research articles, review articles as well as short communications are invited. For planned papers, a title and short abstract (about 100 words) can be sent to the Editorial Office for announcement on this website.

Submitted manuscripts should not have been published previously, nor be under consideration for publication elsewhere (except conference proceedings papers). All manuscripts are thoroughly refereed through a single-blind peer-review process. A guide for authors and other relevant information for submission of manuscripts is available on the Instructions for Authors page. Future Internet is an international peer-reviewed open access monthly journal published by MDPI.

Please visit the Instructions for Authors page before submitting a manuscript. The Article Processing Charge (APC) for publication in this open access journal is 1600 CHF (Swiss Francs). Submitted papers should be well formatted and use good English. Authors may use MDPI's English editing service prior to publication or during author revisions.

Keywords

  • access control
  • authentication
  • computer crime
  • computer security
  • computer viruses
  • cryptography
  • cyber security
  • cyber-attacks
  • data security
  • data privacy protection
  • digital watermarking
  • information security
  • information hiding
  • intrusion detection
  • malware
  • mobile security
  • network security
  • privacy computing
  • security policy
  • security requirements
  • security systems
  • steganography
  • steganalyis

Published Papers (2 papers)

Order results
Result details
Select all
Export citation of selected articles as:

Research

27 pages, 312 KiB  
Article
A New Approach to Web Application Security: Utilizing GPT Language Models for Source Code Inspection
by Zoltán Szabó and Vilmos Bilicki
Future Internet 2023, 15(10), 326; https://doi.org/10.3390/fi15100326 - 28 Sep 2023
Cited by 1 | Viewed by 2570
Abstract
Due to the proliferation of large language models (LLMs) and their widespread use in applications such as ChatGPT, there has been a significant increase in interest in AI over the past year. Multiple researchers have raised the question: how will AI be applied [...] Read more.
Due to the proliferation of large language models (LLMs) and their widespread use in applications such as ChatGPT, there has been a significant increase in interest in AI over the past year. Multiple researchers have raised the question: how will AI be applied and in what areas? Programming, including the generation, interpretation, analysis, and documentation of static program code based on promptsis one of the most promising fields. With the GPT API, we have explored a new aspect of this: static analysis of the source code of front-end applications at the endpoints of the data path. Our focus was the detection of the CWE-653 vulnerability—inadequately isolated sensitive code segments that could lead to unauthorized access or data leakage. This type of vulnerability detection consists of the detection of code segments dealing with sensitive data and the categorization of the isolation and protection levels of those segments that were previously not feasible without human intervention. However, we believed that the interpretive capabilities of GPT models could be explored to create a set of prompts to detect these cases on a file-by-file basis for the applications under study, and the efficiency of the method could pave the way for additional analysis tasks that were previously unavailable for automation. In the introduction to our paper, we characterize in detail the problem space of vulnerability and weakness detection, the challenges of the domain, and the advances that have been achieved in similarly complex areas using GPT or other LLMs. Then, we present our methodology, which includes our classification of sensitive data and protection levels. This is followed by the process of preprocessing, analyzing, and evaluating static code. This was achieved through a series of GPT prompts containing parts of static source code, utilizing few-shot examples and chain-of-thought techniques that detected sensitive code segments and mapped the complex code base into manageable JSON structures.Finally, we present our findings and evaluation of the open source project analysis, comparing the results of the GPT-based pipelines with manual evaluations, highlighting that the field yields a high research value. The results show a vulnerability detection rate for this particular type of model of 88.76%, among others. Full article
18 pages, 7166 KiB  
Article
Investigating IPTV Malware in the Wild
by Adam Lockett, Ioannis Chalkias, Cagatay Yucel, Jane Henriksen-Bulmer and Vasilis Katos
Future Internet 2023, 15(10), 325; https://doi.org/10.3390/fi15100325 - 28 Sep 2023
Cited by 1 | Viewed by 1725
Abstract
Technologies providing copyright-infringing IPTV content are commonly used as an illegal alternative to legal IPTV subscriptions and services, as they usually have lower monetary costs and can be more convenient for users who follow content from different sources. These infringing IPTV technologies may [...] Read more.
Technologies providing copyright-infringing IPTV content are commonly used as an illegal alternative to legal IPTV subscriptions and services, as they usually have lower monetary costs and can be more convenient for users who follow content from different sources. These infringing IPTV technologies may include websites, software, software add-ons, and physical set-top boxes. Due to the free or low cost of illegal IPTV technologies, illicit IPTV content providers will often resort to intrusive advertising, scams, and the distribution of malware to increase their revenue. We developed an automated solution for collecting and analysing malware from illegal IPTV technologies and used it to analyse a sample of illicit IPTV websites, application (app) stores, and software. Our results show that our IPTV Technologies Malware Analysis Framework (IITMAF) classified 32 of the 60 sample URLs tested as malicious compared to running the same test using publicly available online antivirus solutions, which only detected 23 of the 60 sample URLs as malicious. Moreover, the IITMAF also detected malicious URLs and files from 31 of the sample’s websites, one of which had reported ransomware behaviour. Full article
Show Figures

Figure 1

Back to TopTop