Special Issue "Analytical Frameworks and Methods for Cybersecurity"

A special issue of Mathematics (ISSN 2227-7390). This special issue belongs to the section "Mathematics and Computer Science".

Deadline for manuscript submissions: 31 December 2022 | Viewed by 3224

Special Issue Editor

Prof. Dr. Todor Tagarev
E-Mail Website
Guest Editor
Institute of Information and Communication Technologies, Bulgarian Academy of Sciences, 1113 Sofia, Bulgaria
Interests: OR; complexity; big data; cybersecurity; cyber defence; crisis management

Special Issue Information

Dear Colleagues,

We are inviting submissions to the Mathematics Special Issue on “Analytical Frameworks and Methods for Cybersecurity”.

Critical infrastructures, the provision of essential services as well as individual and group perceptions are increasingly under sophisticated attack through cyberspace. The application of adequate frameworks and advanced analytical methods can increase the effectiveness of mitigation and protection measures as well as the response to cyberattacks. This Special Issue is dedicated to rigorous analytics including, but not limited to, deep learning over big data to model attacks, providing situational awareness, detecting anomalies, classifying intrusion attempts, coordinating the response, optimising resilience measures, protecting information and communications, and minimising the vulnerabilities of network and information systems and supply chains. 

Prof. Dr. Todor Tagarev
Guest Editor

Manuscript Submission Information

Manuscripts should be submitted online at www.mdpi.com by registering and logging in to this website. Once you are registered, click here to go to the submission form. Manuscripts can be submitted until the deadline. All submissions that pass pre-check are peer-reviewed. Accepted papers will be published continuously in the journal (as soon as accepted) and will be listed together on the special issue website. Research articles, review articles as well as short communications are invited. For planned papers, a title and short abstract (about 100 words) can be sent to the Editorial Office for announcement on this website.

Submitted manuscripts should not have been published previously, nor be under consideration for publication elsewhere (except conference proceedings papers). All manuscripts are thoroughly refereed through a single-blind peer-review process. A guide for authors and other relevant information for submission of manuscripts is available on the Instructions for Authors page. Mathematics is an international peer-reviewed open access semimonthly journal published by MDPI.

Please visit the Instructions for Authors page before submitting a manuscript. The Article Processing Charge (APC) for publication in this open access journal is 1800 CHF (Swiss Francs). Submitted papers should be well formatted and use good English. Authors may use MDPI's English editing service prior to publication or during author revisions.

Keywords

  • Cybersecurity
  • Cyber–physical systems
  • Cyber persona
  • Influence operations
  • Attack modelling
  • Situational awareness
  • Intrusion detection
  • Classification
  • Forensics
  • Risk management
  • Resilience
  • Coding
  • Cryptography
  • Artificial intelligence
  • Deep learning

Published Papers (4 papers)

Order results
Result details
Select all
Export citation of selected articles as:

Research

Article
Tackling Verification and Validation Techniques to Evaluate Cyber Situational Awareness Capabilities
Mathematics 2022, 10(15), 2617; https://doi.org/10.3390/math10152617 - 27 Jul 2022
Viewed by 365
Abstract
Since cyberspace was identified as a domain of operations, defence practitioners started a race with academy, researchers, and industry and military organizations working together towards defining related lines of capability development (e.g., DOTMLPFI) and exploring the needs and opportunities they entail. An essential [...] Read more.
Since cyberspace was identified as a domain of operations, defence practitioners started a race with academy, researchers, and industry and military organizations working together towards defining related lines of capability development (e.g., DOTMLPFI) and exploring the needs and opportunities they entail. An essential cornerstone of adapting to the convergence of the cyber domain with conventional theaters of operation is the need for producing tools for easing to acquire cyber situational awareness (CSA), from which human operators shall be able to perceive, reason and project situations and events observed in cyberspace that may vertically/horizontally propagate from technological to tactical, operational and strategic planes. Benefiting from the higher maturity level of civilian capabilities for cybersecurity, the military sector has embraced the challenge of creating related beyond state-of-the-art CSA enablers that comprise the existing technological background while adopting concepts such as operations, missions or courses of action (CoAs), properly aligning them with military doctrine. Beyond ongoing development efforts, there is a wide methodological gap in the lack of suitable CSA verification and validation (V&V) frameworks, which are expected to analyze if related capabilities meet the requirements to operate in the military context; at the same time supporting the thorough development life-cycle of brand new cyber defence technologies. With the motivation of closing the identified gap, this research introduces a novel V&V framework able to guide the evaluation of CSA-related tools, which makes converge purely military aspects with dual-use state-of-the-art V&V approaches. Three core CSA evaluation concepts are discussed in-depth: software, operational and application tests. They range from the daily application of new capabilities to their ability to enable the acquisition of a joint operational picture understandable by human decision makers. Full article
(This article belongs to the Special Issue Analytical Frameworks and Methods for Cybersecurity)
Show Figures

Figure 1

Article
Towards Trustworthy Safety Assessment by Providing Expert and Tool-Based XMECA Techniques
Mathematics 2022, 10(13), 2297; https://doi.org/10.3390/math10132297 - 30 Jun 2022
Viewed by 393
Abstract
Safety assessment of modern critical instrumentation and control systems is a complicated process considerably dependent on expert techniques, single/multiple faults consideration scope, other assumptions, invoked limitations, and support tools used during the assessment process. Ignoring these assumptions, as well as the significance of [...] Read more.
Safety assessment of modern critical instrumentation and control systems is a complicated process considerably dependent on expert techniques, single/multiple faults consideration scope, other assumptions, invoked limitations, and support tools used during the assessment process. Ignoring these assumptions, as well as the significance of expert and tool influence, could lead to such effects as functional safety underestimation or overestimation in such a manner that functional safety assessment correctness and accuracy are affected. This paper introduces XMECA (x modes, effects, and criticality analysis, where x could be from different known techniques and domains—failures in functional safety, vulnerabilities and intrusions regarding cybersecurity, etc.) as a key technique of safety assessment. To verify the results obtained as XMECA deliverables, expert and uncertainty modes, effects, and criticality analysis (EUMECA) is performed, in particular focusing on decisions and judgments made by experts. Scenarios for processing verbal and quantitative information of XMECA tables from experts are offered. A case study of a possible functional safety assessment approach that considers the above-mentioned techniques and a supporting tool is provided. To assess the trustworthiness of safety analysis and estimation using XMECA, a set of the metrics is suggested. Features of adapting the suggested method for security assessment considering intrusions, vulnerabilities, and effects analysis (IMECA technique) are discussed. Full article
(This article belongs to the Special Issue Analytical Frameworks and Methods for Cybersecurity)
Show Figures

Figure 1

Article
Mapping Tools for Open Source Intelligence with Cyber Kill Chain for Adversarial Aware Security
Mathematics 2022, 10(12), 2054; https://doi.org/10.3390/math10122054 - 14 Jun 2022
Viewed by 458
Abstract
Open-source intelligence (OSINT) tools are used for gathering information using different publicly available sources. With the rapid advancement in information technology and excessive use of social media in our daily lives, more public information sources are available than ever before. The access to [...] Read more.
Open-source intelligence (OSINT) tools are used for gathering information using different publicly available sources. With the rapid advancement in information technology and excessive use of social media in our daily lives, more public information sources are available than ever before. The access to public information from different sources can be used for unlawful purposes. Extracting relevant information from pools of massive public information sources is a large task. Multiple tools and techniques have been developed for this task, which can be used to identify people, aircraft, ships, satellites, and more. In this paper, we identify the tools used for extracting the OSINT information and their effectiveness concerning each other in different test cases. We mapped the identified tools with Cyber Kill Chain and used them in realistic cybersecurity scenarios to check their effusiveness in gathering OSINT. Full article
(This article belongs to the Special Issue Analytical Frameworks and Methods for Cybersecurity)
Show Figures

Figure 1

Article
Ciphertext-Policy Attribute-Based Encryption for Cloud Storage: Toward Data Privacy and Authentication in AI-Enabled IoT System
Mathematics 2022, 10(1), 68; https://doi.org/10.3390/math10010068 - 26 Dec 2021
Cited by 5 | Viewed by 1061
Abstract
People can store their data on servers in cloud computing and allow public users to access data via data centers. One of the most difficult tasks is to provide security for the access policy of data, which is also needed to be stored [...] Read more.
People can store their data on servers in cloud computing and allow public users to access data via data centers. One of the most difficult tasks is to provide security for the access policy of data, which is also needed to be stored at cloud servers. The access structure (policy) itself may reveal partial information about what the ciphertext contains. To provide security for the access policy of data, a number of encryption schemes are available. Among these, CP-ABE (Ciphertext-Policy Attribute-Based Encryption) scheme is very significant because it helps to protect, broadcast, and control the access of information. The access policy that is sent as plaintext in the existing CP-ABE scheme along with a ciphertext may leak user privacy and data privacy. To resolve this problem, we hereby introduce a new technique, which hides the access policy using a hashing algorithm and provides security against insider attack using a signature verification scheme. The proposed system is compared with existing CP-ABE schemes in terms of computation and expressive policies. In addition, we can test the functioning of any access control that could be implemented in the Internet of Things (IoT). Additionally, security against indistinguishable adaptive chosen ciphertext attacks is also analyzed for the proposed work. Full article
(This article belongs to the Special Issue Analytical Frameworks and Methods for Cybersecurity)
Show Figures

Figure 1

Back to TopTop