Data Protection and Privacy

A special issue of Journal of Cybersecurity and Privacy (ISSN 2624-800X). This special issue belongs to the section "Privacy".

Deadline for manuscript submissions: 20 February 2025 | Viewed by 5899

Special Issue Editors


E-Mail Website
Guest Editor
Department of Informatics and Telecommunications, University of Ioannina, 45110 Ioannina, Greece
Interests: security; privacy; VR; AI; data structures; machine learning; industry 4.0
Special Issues, Collections and Topics in MDPI journals

E-Mail Website
Guest Editor
Department of Informatics & Telecommunications, University of Ioannina, 45110 Ioannina, Greece
Interests: system cryptanalysis; system security; trust management; pseudorandom generators; algorithm engineering; number theory; wireless sensor networks
Special Issues, Collections and Topics in MDPI journals

E-Mail Website
Guest Editor
Industrial Systems Institute, 26504 Athena, Greece
Interests: cybersecurity; incident response; data security; intrusion detection and malware analysis social media account
Special Issues, Collections and Topics in MDPI journals

Special Issue Information

Dear Colleagues,

Industry 4.0 includes many technological aspects that have led to an integrated digital manufacturing environment. The thoroughly interconnected ecosystem of Industry 4.0 has to meet many security challenges and threats for each component. Preserving security plays a crucial role in Industry 4.0, and it is vital for its existence; the key issue is how to ensure the confidentiality, integrity, and availability of the information shared among the Industry 4.0 components.

In addition to this, the significant and rapid inclusion of the Internet of Things (IoT) in our daily lives, together with the rapidly increasing number of cyber security incidents, further stress the need to strengthen cyber resilience and preserve users’ privacy when it comes to exposure in the IoT environment. The large attack surface in terms of connected devices and the complex processes involved in the IoT ecosystem can lead to more sophisticated physical attacks on IoT systems.

With such a wide attack surface, these innovative and emerging infrastructures and applications based on IoT can effectively serve their purpose only if privacy and security challenges are addressed.

This Special Issue aims to solicit high-quality research articles addressing key challenges and state-of-the-art solutions for security and privacy issues related to Industry 4.0 technologies and applications.

Prof. Dr. Chrysostomos Stylios
Dr. Vasiliki Liagkou
Dr. Kyriakos Stefanidis
Guest Editors

Manuscript Submission Information

Manuscripts should be submitted online at www.mdpi.com by registering and logging in to this website. Once you are registered, click here to go to the submission form. Manuscripts can be submitted until the deadline. All submissions that pass pre-check are peer-reviewed. Accepted papers will be published continuously in the journal (as soon as accepted) and will be listed together on the special issue website. Research articles, review articles as well as short communications are invited. For planned papers, a title and short abstract (about 100 words) can be sent to the Editorial Office for announcement on this website.

Submitted manuscripts should not have been published previously, nor be under consideration for publication elsewhere (except conference proceedings papers). All manuscripts are thoroughly refereed through a single-blind peer-review process. A guide for authors and other relevant information for submission of manuscripts is available on the Instructions for Authors page. Journal of Cybersecurity and Privacy is an international peer-reviewed open access quarterly journal published by MDPI.

Please visit the Instructions for Authors page before submitting a manuscript. The Article Processing Charge (APC) for publication in this open access journal is 1000 CHF (Swiss Francs). Submitted papers should be well formatted and use good English. Authors may use MDPI's English editing service prior to publication or during author revisions.

Keywords

  • cybersecurity and privacy in industrial environments
  • security in cyber–physical environments
  • cryptography in I4.0
  • security and privacy in industrial control systems
  • IoT security and privacy
  • IoT system and network security
  • privacy protection and privacy-by-design
  • blockchains and smart contracts for IoT
  • trust issues in intelligent IoT devices
  • IoT threat detection and risk management
  • incident response and vulnerability management in IoT infrastructures
  • IoT privacy protection
  • secure data management and trading in industrial environments
  • privacy-enhancing technologies for ΙοΤ devices
  • IoT Identity management
  • artificial intelligence (AI)-based security
  • machine learning and data protection for I4.0
  • standardization activities for I4.0 security
  • quantum and post-quantum I4.0 cryptography
  • IoT side-channel attacks

Benefits of Publishing in a Special Issue

  • Ease of navigation: Grouping papers by topic helps scholars navigate broad scope journals more efficiently.
  • Greater discoverability: Special Issues support the reach and impact of scientific research. Articles in Special Issues are more discoverable and cited more frequently.
  • Expansion of research network: Special Issues facilitate connections among authors, fostering scientific collaborations.
  • External promotion: Articles in Special Issues are often promoted through the journal's social media, increasing their visibility.
  • e-Book format: Special Issues with more than 10 articles can be published as dedicated e-books, ensuring wide and rapid dissemination.

Further information on MDPI's Special Issue polices can be found here.

Published Papers (4 papers)

Order results
Result details
Select all
Export citation of selected articles as:

Research

Jump to: Other

17 pages, 1177 KiB  
Article
Mapping Automated Cyber Attack Intelligence to Context-Based Impact on System-Level Goals
by Pete Burnap, Eirini Anthi, Philipp Reineckea, Lowri Williams, Fengnian Cao, Rakan Aldmoura and Kevin Jones
J. Cybersecur. Priv. 2024, 4(2), 340-356; https://doi.org/10.3390/jcp4020017 - 6 Jun 2024
Viewed by 1117
Abstract
Traditionally, cyber risk assessment considers system-level risk separately from individual component-level risk, i.e., devices, data, people. This separation prevents effective impact assessment where attack intelligence for a specific device can be mapped to its impact on the entire system, leading to cascading failures. [...] Read more.
Traditionally, cyber risk assessment considers system-level risk separately from individual component-level risk, i.e., devices, data, people. This separation prevents effective impact assessment where attack intelligence for a specific device can be mapped to its impact on the entire system, leading to cascading failures. Furthermore, risk assessments typically follow a failure or attack perspective, focusing on potential problems, which means they need to be updated as attacks evolve. This approach does not scale to modern digital ecosystems. In this paper, we present a Data Science approach, which involves using machine learning algorithms and statistical models to analyse and predict the impact of cyber attacks. Specifically, this approach integrates automated attack detection on specific devices with a systems view of risk. By mapping operational goals in a top-down manner, we transform attack intelligence on individual components into system success probabilities. Full article
(This article belongs to the Special Issue Data Protection and Privacy)
Show Figures

Figure 1

21 pages, 1824 KiB  
Article
Incidental Data: A Survey towards Awareness on Privacy-Compromising Data Incidentally Shared on Social Media
by Stefan Kutschera, Wolfgang Slany, Patrick Ratschiller, Sarina Gursch, Patrick Deininger and Håvard Dagenborg
J. Cybersecur. Priv. 2024, 4(1), 105-125; https://doi.org/10.3390/jcp4010006 - 23 Feb 2024
Viewed by 1600
Abstract
Sharing information with the public is becoming easier than ever before through the usage of the numerous social media platforms readily available today. Once posted online and released to the public, information is almost impossible to withdraw or delete. More alarmingly, postings may [...] Read more.
Sharing information with the public is becoming easier than ever before through the usage of the numerous social media platforms readily available today. Once posted online and released to the public, information is almost impossible to withdraw or delete. More alarmingly, postings may carry sensitive information far beyond what was intended to be released, so-called incidental data, which raises various additional security and privacy concerns. To improve our understanding of the awareness of incidental data, we conducted a survey where we asked 192 students for their opinions on publishing selected postings on social media. We found that up to 21.88% of all participants would publish a posting that contained incidental data that two-thirds of them found privacy-compromising. Our results show that continued efforts are needed to increase our awareness of incidental data posted on social media. Full article
(This article belongs to the Special Issue Data Protection and Privacy)
Show Figures

Figure 1

13 pages, 3271 KiB  
Article
Evaluating Cluster-Based Synthetic Data Generation for Blood-Transfusion Analysis
by Shannon K. S. Kroes, Matthijs van Leeuwen, Rolf H. H. Groenwold and Mart P. Janssen
J. Cybersecur. Priv. 2023, 3(4), 882-894; https://doi.org/10.3390/jcp3040040 - 1 Dec 2023
Viewed by 1247
Abstract
Synthetic data generation is becoming an increasingly popular approach to making privacy-sensitive data available for analysis. Recently, cluster-based synthetic data generation (CBSDG) has been proposed, which uses explainable and tractable techniques for privacy preservation. Although the algorithm demonstrated promising performance on simulated data, [...] Read more.
Synthetic data generation is becoming an increasingly popular approach to making privacy-sensitive data available for analysis. Recently, cluster-based synthetic data generation (CBSDG) has been proposed, which uses explainable and tractable techniques for privacy preservation. Although the algorithm demonstrated promising performance on simulated data, CBSDG has not yet been applied to real, personal data. In this work, a published blood-transfusion analysis is replicated with synthetic data to assess whether CBSDG can reproduce more complex and intricate variable relations than previously evaluated. Data from the Dutch national blood bank, consisting of 250,729 donation records, were used to predict donor hemoglobin (Hb) levels by means of support vector machines (SVMs). Precision scores were equal to the original data results for both male (0.997) and female (0.987) donors, recall was 0.007 higher for male and 0.003 lower for female donors (original estimates 0.739 and 0.637, respectively). The impact of the variables on Hb predictions was similar, as quantified and visualized with Shapley additive explanation values. Opportunities for attribute disclosure were decreased for all but two variables; only the binary variables Deferral Status and Sex could still be inferred. Such inference was also possible for donors who were not used as input for the generator and may result from correlations in the data as opposed to overfitting in the synthetic-data-generation process. The high predictive performance obtained with the synthetic data shows potential of CBSDG for practical implementation. Full article
(This article belongs to the Special Issue Data Protection and Privacy)
Show Figures

Figure 1

Other

Jump to: Research

22 pages, 2224 KiB  
Systematic Review
Humans and Automation: Augmenting Security Operation Centers
by Jack Tilbury and Stephen Flowerday
J. Cybersecur. Priv. 2024, 4(3), 388-409; https://doi.org/10.3390/jcp4030020 - 1 Jul 2024
Viewed by 964
Abstract
The continuous integration of automated tools into security operation centers (SOCs) increases the volume of alerts for security analysts. This amplifies the risk of automation bias and complacency to the point that security analysts have reported missing, ignoring, and not acting upon critical [...] Read more.
The continuous integration of automated tools into security operation centers (SOCs) increases the volume of alerts for security analysts. This amplifies the risk of automation bias and complacency to the point that security analysts have reported missing, ignoring, and not acting upon critical alerts. Enhancing the SOC environment has predominantly been researched from a technical standpoint, failing to consider the socio-technical elements adequately. However, our research fills this gap and provides practical insights for optimizing processes in SOCs. The synergy between security analysts and automation can potentially augment threat detection and response capabilities, ensuring a more robust defense if effective human-automation collaboration is established. A scoping review of 599 articles from four databases led to a final selection of 49 articles. Thematic analysis resulted in 609 coding references generated across four main themes: SOC automation challenges, automation application areas, implications on analysts, and human factor sentiment. Our findings emphasize the extent to which automation can be implemented across the incident response lifecycle. The SOC Automation Matrix represents our primary contribution to achieving a mutually beneficial relationship between analyst and machine. This matrix describes the properties of four distinct human-automation combinations. This is of practical value to SOCs striving to optimize their processes, as our matrix mentions socio-technical system characteristics for automated tools. Full article
(This article belongs to the Special Issue Data Protection and Privacy)
Show Figures

Figure 1

Back to TopTop