Special Issue "Cyberspace Security, Privacy & Forensics"

A special issue of Information (ISSN 2078-2489). This special issue belongs to the section "Information Applications".

Deadline for manuscript submissions: closed (15 November 2020) | Viewed by 14068

Special Issue Editor

Dr. Avinash Srinivasan
E-Mail Website
Guest Editor
TDI Technologies Inc., 1150 1st Ave, Suite 382, King of Prussia, PA 19406, USA
Interests: cybersecurity; cyber forensics; information privacy; critical infrastructure security

Special Issue Information

Dear Colleagues,

Our society has witnessed an unparalleled increase in computer power through advances in both hardware and software. With this, the adversary is crafting attacks of unprecedented sophistication, some of which have well demonstrated their capabilities to cripple not just business enterprises but entire nations. To further complicate matters, the continuing adoption of cloud-computing infrastructure by businesses large and small and the proliferation of the Internet of Things (IoT), is leading to the rapid disappearance of traditional boundaries of IT infrastructure.

This Special Issue (SI) aims at bringing together works of critical importance and timeliness in the broad areas of security, forensics, and privacy in computing and communications systems. This SI welcomes manuscripts on all aspects of the modelling, design, implementation, deployment, and management of security, forensics and privacy algorithms, protocols, architectures, and systems. Researchers are encouraged to submit original papers covering novel and scientifically significant works in security, forensics, and privacy.

Some topics of interest include:

  • Anonymous communication
  • Applications of cryptography
  • Artificial intelligence for security and privacy
  • Attack, detection and prevention
  • Authentication protocols and key management
  • Automated security analysis of source code and binaries
  • Autonomous vehicle security
  • Availability and survivability of secure services and systems
  • Biometric security: technologies, risks, vulnerabilities, bio-cryptography
  • Blockchain security and privacy
  • Cloud, data center and distributed systems security
  • Computer and network forensics
  • Digital rights management
  • Embedded systems security
  • Fog computing security and privacy
  • Formal trust models, security modelling, and design of secure protocols
  • Information hiding techniques
  • Internet of Things security and privacy
  • Malware detection and analysis
  • Machine learning for security and privacy
  • Memory forensics
  • Network security – 5G, sensors, MANETs
  • Operating systems and application security
  • Physical security and hardware/software security
  • Privacy-enhancing technologies and anonymity
  • Privacy in communications networks
  • Security in SCADA networks
  • Security and privacy in healthcare systems
  • Security in cyber-physical Systems
  • Security tools for communication and information systems
  • Security –Web, Mobile, Cloud, etc.
  • Vulnerability assessment and exploitation

The above topic list is not meant to be exhaustive; this SI is interested in all aspects of computing and communications systems security, forensics, and privacy. Papers without a clear application to security, forensics or privacy, however, will be considered out of scope and may be rejected without full review. If you are uncertain wheather your research/paper topic aligns with the objectives of this SI, please contact the Guest Editor.

Avinash Srinivasan, Ph.D., CEH, CHFI
Guest Editor

Manuscript Submission Information

Manuscripts should be submitted online at www.mdpi.com by registering and logging in to this website. Once you are registered, click here to go to the submission form. Manuscripts can be submitted until the deadline. All submissions that pass pre-check are peer-reviewed. Accepted papers will be published continuously in the journal (as soon as accepted) and will be listed together on the special issue website. Research articles, review articles as well as short communications are invited. For planned papers, a title and short abstract (about 100 words) can be sent to the Editorial Office for announcement on this website.

Submitted manuscripts should not have been published previously, nor be under consideration for publication elsewhere (except conference proceedings papers). All manuscripts are thoroughly refereed through a single-blind peer-review process. A guide for authors and other relevant information for submission of manuscripts is available on the Instructions for Authors page. Information is an international peer-reviewed open access monthly journal published by MDPI.

Please visit the Instructions for Authors page before submitting a manuscript. The Article Processing Charge (APC) for publication in this open access journal is 1400 CHF (Swiss Francs). Submitted papers should be well formatted and use good English. Authors may use MDPI's English editing service prior to publication or during author revisions.

Keywords

  • forensics
  • security
  • privacy
  • malware
  • intrusion

Published Papers (9 papers)

Order results
Result details
Select all
Export citation of selected articles as:

Research

Article
Malware Detection Based on Code Visualization and Two-Level Classification
Information 2021, 12(3), 118; https://doi.org/10.3390/info12030118 - 11 Mar 2021
Cited by 3 | Viewed by 1052
Abstract
Malware creators generate new malicious software samples by making minor changes in previously generated code, in order to reuse malicious code, as well as to go unnoticed from signature-based antivirus software. As a result, various families of variations of the same initial code [...] Read more.
Malware creators generate new malicious software samples by making minor changes in previously generated code, in order to reuse malicious code, as well as to go unnoticed from signature-based antivirus software. As a result, various families of variations of the same initial code exist today. Visualization of compiled executables for malware analysis has been proposed several years ago. Visualization can greatly assist malware classification and requires neither disassembly nor code execution. Moreover, new variations of known malware families are instantly detected, in contrast to traditional signature-based antivirus software. This paper addresses the problem of identifying variations of existing malware visualized as images. A new malware detection system based on a two-level Artificial Neural Network (ANN) is proposed. The classification is based on file and image features. The proposed system is tested on the ‘Malimg’ dataset consisting of the visual representation of well-known malware families. From this set some important image features are extracted. Based on these features, the ANN is trained. Then, this ANN is used to detect and classify other samples of the dataset. Malware families creating a confusion are classified by a second level of ANNs. The proposed two-level ANN method excels in simplicity, accuracy, and speed; it is easy to implement and fast to run, thus it can be applied to antivirus software, smart firewalls, web applications, etc. Full article
(This article belongs to the Special Issue Cyberspace Security, Privacy & Forensics)
Show Figures

Figure 1

Article
Systematic Literature Review of Security Pattern Research
Information 2021, 12(1), 36; https://doi.org/10.3390/info12010036 - 16 Jan 2021
Cited by 1 | Viewed by 1649
Abstract
Security patterns encompass security-related issues in secure software system development and operations that often appear in certain contexts. Since the late 1990s, about 500 security patterns have been proposed. Although the technical components are well investigated, the direction, overall picture, and barriers to [...] Read more.
Security patterns encompass security-related issues in secure software system development and operations that often appear in certain contexts. Since the late 1990s, about 500 security patterns have been proposed. Although the technical components are well investigated, the direction, overall picture, and barriers to implementation are not. Here, a systematic literature review of 240 papers is used to devise a taxonomy for security pattern research. Our taxonomy and the survey results should improve communications among practitioners and researchers, standardize the terminology, and increase the effectiveness of security patterns. Full article
(This article belongs to the Special Issue Cyberspace Security, Privacy & Forensics)
Show Figures

Figure 1

Article
The Spatial Analysis of the Malicious Uniform Resource Locators (URLs): 2016 Dataset Case Study
Information 2021, 12(1), 2; https://doi.org/10.3390/info12010002 - 22 Dec 2020
Cited by 2 | Viewed by 1141
Abstract
In this study, we aimed to identify spatial clusters of countries with high rates of cyber attacks directed at other countries. The cyber attack dataset was obtained from Canadian Institute for Cybersecurity, with over 110,000 Uniform Resource Locators (URLs), which were classified into [...] Read more.
In this study, we aimed to identify spatial clusters of countries with high rates of cyber attacks directed at other countries. The cyber attack dataset was obtained from Canadian Institute for Cybersecurity, with over 110,000 Uniform Resource Locators (URLs), which were classified into one of 5 categories: benign, phishing, malware, spam, or defacement. The disease surveillance software SaTScanTM was used to perform a spatial analysis of the country of origin for each cyber attack. It allowed the identification of spatial and space-time clusters of locations with unusually high counts or rates of cyber attacks. Number of internet users per country obtained from the 2016 CIA World Factbook was used as the population baseline for computing rates and Poisson analysis in SaTScanTM. The clusters were tested for significance with a Monte Carlo study within SaTScanTM, where any cluster with p < 0.05 was designated as a significant cyber attack cluster. Results using the rate of the different types of malicious URL cyber attacks are presented in this paper. This novel approach of studying cyber attacks from a spatial perspective provides an invaluable relative risk assessment for each type of cyber attack that originated from a particular country. Full article
(This article belongs to the Special Issue Cyberspace Security, Privacy & Forensics)
Show Figures

Figure 1

Article
Hiding the Source Code of Stored Database Programs
Information 2020, 11(12), 576; https://doi.org/10.3390/info11120576 - 09 Dec 2020
Cited by 2 | Viewed by 797
Abstract
The objective of the article is to reveal an approach to hiding the code of stored programs stored in the database. The essence of this approach is the complex use of the method of random permutation of code symbols related to a specific [...] Read more.
The objective of the article is to reveal an approach to hiding the code of stored programs stored in the database. The essence of this approach is the complex use of the method of random permutation of code symbols related to a specific stored program, located in several rows of some attribute of the database system table, as well as the substitution method. Moreover, with the possible substitute of each character obtained after the permutation with another one randomly selected from the Unicode standard, a legitimate user with the appropriate privileges gets access to the source code of the stored program due to the ability to quickly perform the inverse to masking transformation and overwrite the program code into the database. All other users and attackers without knowledge of certain information can only read the codes of stored programs masked with format preserving. The proposed solution is more efficient than the existing methods of hiding the code of stored programs provided by the developers of some modern database management systems (DBMS), since an attacker will need much greater computational and time consumption to disclose the source code of stored programs. Full article
(This article belongs to the Special Issue Cyberspace Security, Privacy & Forensics)
Article
A Method of Ultra-Large-Scale Matrix Inversion Using Block Recursion
Information 2020, 11(11), 523; https://doi.org/10.3390/info11110523 - 10 Nov 2020
Cited by 1 | Viewed by 751
Abstract
Ultra-large-scale matrix inversion has been applied as the fundamental operation of numerous domains, owing to the growth of big data and matrix applications. Using cryptography as an example, the solution of ultra-large-scale linear equations over finite fields is important in many cryptanalysis schemes. [...] Read more.
Ultra-large-scale matrix inversion has been applied as the fundamental operation of numerous domains, owing to the growth of big data and matrix applications. Using cryptography as an example, the solution of ultra-large-scale linear equations over finite fields is important in many cryptanalysis schemes. However, inverting matrices of extremely high order, such as in millions, is challenging; nonetheless, the need has become increasingly urgent. Hence, we propose a parallel distributed block recursive computing method that can process matrices at a significantly increased scale, based on Strassen’s method; furthermore, we describe the related well-designed algorithm herein. Additionally, the experimental results based on comparison show the efficiency and the superiority of our method. Using our method, up to 140,000 dimensions can be processed in a supercomputing center. Full article
(This article belongs to the Special Issue Cyberspace Security, Privacy & Forensics)
Show Figures

Figure 1

Article
A Web-Based Honeypot in IPv6 to Enhance Security
Information 2020, 11(9), 440; https://doi.org/10.3390/info11090440 - 12 Sep 2020
Cited by 1 | Viewed by 1693
Abstract
IPv6 is a next-generation IP protocol that replaces IPv4. It not only expands the number of network address resources but also solves the problem of multiple access devices connected to the Internet. While IPv6 has brought excellent convenience to the public, related security [...] Read more.
IPv6 is a next-generation IP protocol that replaces IPv4. It not only expands the number of network address resources but also solves the problem of multiple access devices connected to the Internet. While IPv6 has brought excellent convenience to the public, related security issues have gradually emerged, and an assessment of the security situation in IPv6 has also become more important. Unlike passive defense, the honeypot is a security device for active defense. The real network application and the fake network application, disguised by the honeypot, are located on a similar subnet, and provide a network application service; but, in both cases, behavior logs from unauthorized users are caught. In this manner, and to protect web-based applications from attacks, this article introduces the design and implementation of a web-based honeypot that includes a weak password module and an SQL inject module, which supports the IPv6 network to capture unauthorized access behavior. We also propose the Security Situation Index (SSI), which can measure the security situation of the network application environment. The value of SSI is established according to the different parameters that are based on honeypots. There is a firewall outside the test system environment, so the obtained data should be used as the real invasion data, and the captured behavior is not a false positive. Threats can be spotted smartly by deploying honeypots; this paper demonstrates that the honeypot is an excellent method of capturing malicious requests and can be measured with the SSI of the whole system. According to the information, the administrator can modify the current security policy, which can improve the security level of a whole IPv6 network system. Full article
(This article belongs to the Special Issue Cyberspace Security, Privacy & Forensics)
Show Figures

Figure 1

Article
MoLaBSS: Server-Specific Add-On Biometric Security Layer Model to Enhance the Usage of Biometrics
Information 2020, 11(6), 308; https://doi.org/10.3390/info11060308 - 08 Jun 2020
Viewed by 1855
Abstract
With high-paced growth in biometrics, and its easy availability to capture various biometric features, it is emerging as one of the most valuable technologies for multifactor authentication to verify a user’s identity, for data security. Organizations encourage their members to use biometrics, but [...] Read more.
With high-paced growth in biometrics, and its easy availability to capture various biometric features, it is emerging as one of the most valuable technologies for multifactor authentication to verify a user’s identity, for data security. Organizations encourage their members to use biometrics, but they are hesitant to use them due to perceived security risks. Because of its low usage rate, many medium and small segment organizations find it unfeasible to deploy robust biometric systems. We propose a server-specific add-on biometric security layer model (MoLaBSS) to enhance confidence in the usage of biometrics. We tested this model via a biometric mobile app, and the survey showed a favorable response of 80%. The innovative mobile app was tested for its usability and got a score of more than 71%. For test tool reliability, we examined the equal error rate (EER) of the app and got a reasonably low score of 6%. The results show good potential of this framework to enhance users’ confidence level in the usage of biometrics. Higher usage rates may make deployment of biometrics more cost-effective for many organizations to decrease their information security risk. Full article
(This article belongs to the Special Issue Cyberspace Security, Privacy & Forensics)
Show Figures

Graphical abstract

Article
Risk Measurement Method for Privilege Escalation Attacks on Android Apps Based on Process Algebra
Information 2020, 11(6), 293; https://doi.org/10.3390/info11060293 - 30 May 2020
Cited by 2 | Viewed by 1325
Abstract
On the Android platform, information leakage can use an application-layer privilege escalation attack composed of multi-app collusion. However, the detection effect of a single app that can construct privilege escalation attacks is not good. Furthermore, the existing software and app measurement methods are [...] Read more.
On the Android platform, information leakage can use an application-layer privilege escalation attack composed of multi-app collusion. However, the detection effect of a single app that can construct privilege escalation attacks is not good. Furthermore, the existing software and app measurement methods are not applicable to the measurement of collusion privilege escalation attacks. We propose a method for measuring the risk of a single app by using process algebra to model and determine the attack behavior, and we construct a measurement function based on sensitive data transitions and the feature set of attack behavior. Through the analysis of the privilege escalation attack model, the feature set of attack behavior is obtained. Then, based on the extracted behavior feature set, process algebra is used to model the dangerous behavior of an app. The dangerous behavior of the app is determined by weak equivalence and non-equivalence, and finally the risk of the app is measured based on the measurement function. Three known applications are used to verify the attack, and the risk measurement values are above 0.98. Based on the classification of applications on the market, we select typical apps in each category to build the test set. Benchmark tests and test set experiments show that the risk measurement results are consistent with the actual detection results, verifying the feasibility and effectiveness of this method. Full article
(This article belongs to the Special Issue Cyberspace Security, Privacy & Forensics)
Show Figures

Figure 1

Article
Security and Privacy of QR Code Applications: A Comprehensive Study, General Guidelines and Solutions
Information 2020, 11(4), 217; https://doi.org/10.3390/info11040217 - 16 Apr 2020
Cited by 10 | Viewed by 3230
Abstract
The widespread use of smartphones is boosting the market take-up of dedicated applications and among them, barcode scanning applications. Several barcodes scanners are available but show security and privacy weaknesses. In this paper, we provide a comprehensive security and privacy analysis of 100 [...] Read more.
The widespread use of smartphones is boosting the market take-up of dedicated applications and among them, barcode scanning applications. Several barcodes scanners are available but show security and privacy weaknesses. In this paper, we provide a comprehensive security and privacy analysis of 100 barcode scanner applications. According to our analysis, there are some apps that provide security services including checking URLs and adopting cryptographic solutions, and other apps that guarantee user privacy by supporting least privilege permission lists. However, there are also apps that deceive the users by providing security and privacy protections that are weaker than what is claimed. We analyzed 100 barcode scanner applications and we categorized them based on the real security features they provide, or on their popularity. From the analysis, we extracted a set of recommendations that developers should follow in order to build usable, secure and privacy-friendly barcode scanning applications. Based on them, we also implemented BarSec Droid, a proof of concept Android application for barcode scanning. We then conducted a user experience test on our app and we compared it with DroidLa, the most popular/secure QR code reader app. The results show that our app has nice features, such as ease of use, provides security trust, is effective and efficient. Full article
(This article belongs to the Special Issue Cyberspace Security, Privacy & Forensics)
Show Figures

Figure 1

Back to TopTop