Search Results (35)

Emotional intelligence (EI) and transformational leadership (TL) have been identified as key factors in team effectiveness (TE); however, the empirical evidence remains fragmented and exhibits substantial conceptual and methodological heterogeneity, particularly in studies that simultaneously integrate these three variables. To address this gap, the present study examined the relationships among TL, EI, and TE by applying the PRISMA 2020 protocol and the PICO-S framework. A total of 728 studies published in Scopus, Web of Science, ScienceDirect, Emerald, ProQuest, and APA PsycNet were identified, of which 22 studies were included in the systematic review and 15 documents in the meta-analysis. The results revealed positive and statistically significant correlations between TL–TE (9 studies, 18 effects, N = 3480; r ≈ 0.45), EI–TE (8 studies, 15 effects, N = 3440; r ≈ 0.41), and EI–TL (4 studies, 6 effects, N = 1955; r ≈ 0.63), with effect sizes and levels of heterogeneity ranging from moderate to high. Additionally, variations in the strength of these relationships were observed according to sample size, year of publication, and methodological quality. In conclusion, EI emerges as a central resource that strengthens TL and, through psychological and relational mechanisms, consistently enhances TE in complex organizational contexts. Full article

The integration of wearable inertial measurement units (IMU) in animal welfare Internet of Things (IoT) systems has become crucial for monitoring animal behaviors and enhancing welfare management. However, the vulnerability of IoT devices to network and hardware attacks poses significant risks, potentially compromising data integrity and misleading caregivers, negatively impacting animal welfare. Additionally, current animal monitoring solutions often rely on intrusive tagging methods, such as Radio Frequency Identification (RFID) or ear tagging, which may cause unnecessary stress and discomfort to animals. In this study, we propose a lightweight integrity and provenance-oriented security stack that complements standard transport security, specifically tailored to IMU-based animal motion IoT systems. Our system utilizes a 1D-convolutional neural network (CNN) model, achieving 88% accuracy for precise motion recognition, alongside a lightweight behavioral fingerprinting CNN model attaining 83% accuracy, serving as an auxiliary consistency signal to support collar–animal association and reduce mis-attribution risks. We introduce a dynamically generated pre-shared key (PSK) mechanism based on SHA-256 hashes derived from motion features and timestamps, further securing communication channels via application-layer Hash-based Message Authentication Code (HMAC) combined with Message Queuing Telemetry Transport (MQTT)/Transport Layer Security (TLS) protocols. In our design, MQTT/TLS provides primary device authentication and channel protection, while behavioral fingerprinting and per-window dynamic–HMAC provide auxiliary provenance cues and tamper-evident integrity at the application layer. Experimental validation is conducted primarily via offline, dataset-driven experiments on a public canine IMU dataset; system-level overhead and sensor-to-edge latency are measured on a Raspberry Pi-based testbed by replaying windows through the MQTT/TLS pipeline. Overall, this work integrates motion recognition, behavioral fingerprinting, and dynamic key management into a cohesive, lightweight telemetry integrity/provenance stack and provides a foundation for future extensions to multi-species adaptive scenarios and federated learning applications. Full article

Big data has significantly transformed data processing and analytics across various domains. However, ensuring security and data confidentiality in distributed platforms such as Hadoop remains a challenging task. Distributed environments face major security issues, particularly in the management and protection of large-scale data. In this article, we focus on the cost of secure information transmission, implementation complexity, and scalability. Furthermore, we address the confidentiality of information stored in Hadoop by analyzing different AES encryption modes and examining their potential to enhance Hadoop security. At the application layer, we operate within our Hadoop environment using an extended, secure, and widely used MQTT protocol for large-scale data communication. This approach is based on implementing MQTT with TLS, and before connecting, we add a hash verification of the data nodes’ identities and send the JWT. This protocol uses TCP at the transport layer for underlying transmission. The advantage of TCP lies in its reliability and small header size, making it particularly suitable for big data environments. This work proposes a triple-layer protection framework. The first layer is the assessment of the performance of existing AES encryption modes (CTR, CBC, and GCM) with different key sizes to optimize data confidentiality and processing efficiency in large-scale Hadoop deployments. Afterwards, we propose evaluating the integrity of DataNodes using a novel verification mechanism that employs SHA-3-256 hashing to authenticate nodes and prevent unauthorized access during cluster initialization. At the third tier, the integrity of data blocks within Hadoop is ensured using SHA-3-256. Through extensive performance testing and security validation, we demonstrate integration. Full article

Migrating to Post-Quantum Cryptography (PQC) is critical for securing resource-constrained Internet of Things (IoT) devices against the “harvest-now, decrypt-later” threat. While ML-KEM (CRYSTALS-Kyber) has been standardized under FIPS 203 for general encryption, these devices often operate on unreliable networks suffering from high latency and packet loss. Our recent systematic review identified a critical gap that existing research overwhelmingly focuses on Transport Layer Security (TLS). This leaves the resilience of lightweight protocols like MQTT and CoAP under challenging network conditions largely unexplored. This paper introduces PQC-IoTNet, a novel Software-in-the-Loop (SITL) framework to address this gap. Our three-tier architecture integrates a Python-based IoT client with kernel-level emulation to test the full protocol stack. Validation results comparing Kyber and ECC demonstrate the framework’s ability to capture critical performance cliffs caused by TCP retransmissions. Notably, the framework revealed that while Kyber maintained an 18% speed advantage over ECC at 5% packet loss, both protocols experienced nonlinear latency spikes. This work provides a reproducible blueprint to identify operational boundaries and select resilient protocols for secure IoT systems. Full article

The Transport Layer Security (TLS) protocol is widely used nowadays to create secure communications over TCP/IP networks. Its purpose is to ensure confidentiality, authentication, and data integrity for messages exchanged between two endpoints. In order to facilitate its integration into widely used applications, the protocol is typically implemented through libraries, such as OpenSSL, BoringSSL, LibreSSL, WolfSSL, NSS, or mbedTLS. These libraries encompass functions that execute the specialized TLS handshake required for channel establishment, as well as the construction and processing of TLS records, and the procedures for closing the secure channel. However, these software libraries may contain vulnerabilities or errors that could potentially jeopardize the security of the TLS channel. To identify flaws or deviations from established standards within the implemented TLS code, a specialized tool known as TLS-Anvil can be utilized. This tool also verifies the compliance of TLS libraries with the specifications outlined in the Request for Comments documents published by the IETF. TLS-Anvil conducts numerous tests with a client/server configuration utilizing a specified TLS library and subsequently generates a report that details the number of successful tests. In this work, we exploit the results obtained from a selected subset of TLS-Anvil tests to generate rules used for anomaly detection in Suricata, a well-known signature-based Intrusion Detection System. During the tests, TLS-Anvil generates .pcap capture files that report all the messages exchanged. Such files can be subsequently analyzed with Wireshark, allowing for a detailed examination of the messages exchanged during the tests and a thorough understanding of their structure on a byte-by-byte basis. Through the analysis of the TLS handshake messages produced during testing, we develop customized Suricata rules aimed at detecting TLS anomalies that result from flawed implementations within the intercepted traffic. Furthermore, we describe the specific test environment established for the purpose of deriving and validating certain Suricata rules intended to identify anomalies in nodes utilizing a version of the OpenSSL library that does not conform to the TLS specification. The rules that delineate TLS deviations or potential attacks may subsequently be integrated into a threat detection platform supporting Suricata. This integration will enhance the capability to identify TLS anomalies arising from code that fails to adhere to the established specifications. Full article

Quantum Key Distribution (QKD) is a process to establish a symmetric key between two parties using the principles of quantum mechanics. Currently, commercial QKD systems are still expensive, they require specific infrastructure, and they are impractical for deployment in portable or resource-constrained devices. In this article, we introduce the Butterfly Protocol (and its extended version) that enables QKD to be offered as a service to non-QKD-capable (portable or IoT) devices. Our key contributions include (1) resilience to the compromise of any single classical link, (2) protection against malicious QKD users, (3) implicit mutual authentication between users without relying on large post-quantum certificates, and (4) the Double Butterfly extension, which secures communication even when the underlying QKD network cannot be fully trusted. We also demonstrate how to integrate the Butterfly Protocol into TLS 1.3 and provide its initial security analysis. We present preliminary performance results and discuss the main bottlenecks in the Butterfly Protocol implementation. We believe that our solution represents a practical step toward integrating QKD into classical networks and extending its use to portable devices. Full article

The rapid advancement of quantum computing poses significant threats to classical cryptographic methods, such as Rivest–Shamir–Adleman (RSA) and Elliptic Curve Cryptography (ECC), which currently secure Internet of Things (IoT) and cloud communications. Post-Quantum Cryptography (PQC), particularly lattice-based schemes, has emerged as a promising alternative. CRYSTALS-Kyber, standardized by the National Institute of Standards and Technology (NIST) as ML-KEM, has shown efficiency and practicality for constrained IoT devices. Most existing research has focused on PQC within the Transport Layer Security (TLS) protocol. Consequently, a critical gap exists in understanding PQC’s performance in lightweight IoT protocols. These are Message Queuing Telemetry Transport (MQTT) and Constrained Application Protocol (CoAP), particularly under adverse network conditions. To address this gap, this paper provides a systematic review of the literature on the network resilience and performance of CRYSTALS-Kyber when integrated into these protocols operating over lossy and high-latency networks. Additional challenges include non-standardized integration, resource limitations, and side-channel vulnerabilities. This review provides a structured synthesis of current knowledge, highlights unresolved trade-offs between security and efficiency, and outlines future research directions, including protocol-level optimization, lightweight signature schemes, and resilience testing of PQC-secured IoT protocols under realistic conditions. Full article

The emergence of quantum computing presents a significant threat to classical cryptographic primitives, particularly those employed in securing internet communications via widely used protocols such as Transport Layer Security (TLS). As conventional key exchange mechanisms will become increasingly vulnerable in the post-quantum era, the integration of post-quantum cryptographic (PQC) algorithms into existing security protocols is of utmost importance. This study investigates the impact of incorporating PQC key encapsulation mechanisms—specifically, the recent standards CRYSTALS-Kyber and HQC, in conjunction with the candidate standard BIKE—into the TLS 1.3 handshake. A comprehensive experimental evaluation was conducted to measure handshake latency under emulated network conditions with varying packet loss probabilities. The findings offer useful insights into the performance trade-offs introduced by PQC integration and further highlight the necessity of a timely transition to post-quantum cryptographic standards. Full article

With the rapid growth of digital interactions, safeguarding user privacy on websites has become a critical concern. This paper introduces a comprehensive framework that integrates both technical and policy-based factors to assess a website’s level of privacy protection. The framework employs a scoring system that evaluates key technical elements, such as HTTP security headers, email authentication protocols (SPF, DKIM, DMARC), SSL/TLS certificate usage, domain reputation, DNSSEC, and cookie practices. In parallel, it examines the clarity and GDPR compliance of privacy policies. The resulting score reflects not only the technical strength of a website’s defenses but also the transparency with which data processing practices are communicated to users. To demonstrate its effectiveness, the framework was applied to two similarly sized private hospitals, generating comparative privacy scores under a unified metric. The results confirm the framework’s value in producing measurable insights that enable cross-organizational privacy benchmarking. By combining policy evaluation with technical analysis, this work addresses a significant gap in existing research and offers a reproducible, extensible methodology for assessing website privacy posture from a visitor’s perspective. Full article

This paper explores the integration of Internet of Things (IoT) devices into modern cybersecurity frameworks, and it is intended to be a binder for the incorporation of these devices into emerging cybersecurity paradigms. Most IoT devices rely on WPA2-personal protocol, a wireless protocol with known security flaws, being effortless to penetrate by using various specific tools. Through this paper, we proposed the use of two Raspberry Pi platforms, with the help of which we created a secure wireless connection by implementing the 802.1X protocol and using digital certificates. Implementing this type of architecture and the devices used, we obtained huge benefits from the point of view of security and energy consumption. We tested multiple authentication methods, including EAP-TLS and EAP-MSCHAPv2, with the Raspberry Pi acting as an authentication server and certificate manager. Performance metrics such as power consumption, latency, and network throughput were analysed, confirming the architecture’s effectiveness and scalability for larger IoT deployments. Full article

Quantum computing challenges the mathematical problems anchoring the security of the classical public key algorithms. For quantum-resistant public key algorithms, the National Institute of Standards and Technology (NIST) has undergone a multi-year standardization process and selected the post-quantum cryptography (PQC) public key digital signatures of Dilithium, Falcon, and SPHINCS⁺. Finding common ground to compare these algorithms can be difficult because of their design differences, including the fundamental math problems (lattice-based vs. hash-based). We use a visualization model to show the key/signature size vs. security trade-offs for all PQC algorithms. Our performance analyses compare the algorithms’ computational loads in the execution time. Building on the individual algorithms’ analyses, we analyze the communication costs and implementation overheads when integrated with Public Key Infrastructure (PKI) and with Transport Layer Security (TLS) and Transmission Control Protocol (TCP)/Internet Protocol (IP). Our results show that the lattice-based algorithms of Dilithium and Falcon induce lower computational overheads than the hash-based algorithms of SPHINCS⁺. In addition, the lattice-based PQC can outperform the classical algorithm with comparable security strength; for example, Dilithium 2 and Falcon 512 outperform RSA 4096 in the TLS handshake time duration. Full article

The emergence of large-scale quantum computing presents an imminent threat to contemporary public-key cryptosystems, with quantum algorithms such as Shor’s algorithm capable of efficiently breaking RSA and elliptic curve cryptography (ECC). This vulnerability has catalyzed accelerated standardization efforts for post-quantum cryptography (PQC) by the U.S. National Institute of Standards and Technology (NIST) and global security stakeholders. While theoretical security analysis of these quantum-resistant algorithms has advanced considerably, comprehensive real-world performance benchmarks spanning diverse computing environments—from high-performance cloud infrastructure to severely resource-constrained IoT devices—remain insufficient for informed deployment planning. This paper presents the most extensive cross-platform empirical evaluation to date of NIST-selected PQC algorithms, including CRYSTALS-Kyber and NTRU for key encapsulation mechanisms (KEMs), alongside BIKE as a code-based alternative, and CRYSTALS-Dilithium and Falcon for digital signatures. Our systematic benchmarking framework measures computational latency, memory utilization, key sizes, and protocol overhead across multiple security levels (NIST Levels 1, 3, and 5) in three distinct hardware environments and various network conditions. Results demonstrate that contemporary server architectures can implement these algorithms with negligible performance impact (<5% additional latency), making immediate adoption feasible for cloud services. In contrast, resource-constrained devices experience more significant overhead, with computational demands varying by up to 12× between algorithms at equivalent security levels, highlighting the importance of algorithm selection for edge deployments. Beyond standalone algorithm performance, we analyze integration challenges within existing security protocols, revealing that naive implementation of PQC in TLS 1.3 can increase handshake size by up to 7× compared to classical approaches. To address this, we propose and evaluate three optimization strategies that reduce bandwidth requirements by 40–60% without compromising security guarantees. Our investigation further encompasses memory-constrained implementation techniques, side-channel resistance measures, and hybrid classical-quantum approaches for transitional deployments. Based on these comprehensive findings, we present a risk-based migration framework and algorithm selection guidelines tailored to specific use cases, including financial transactions, secure firmware updates, vehicle-to-infrastructure communications, and IoT fleet management. This practical roadmap enables organizations to strategically prioritize systems for quantum-resistant upgrades based on data sensitivity, resource constraints, and technical feasibility. Our results conclusively demonstrate that PQC is deployment-ready for most applications, provided that implementations are carefully optimized for the specific performance characteristics and security requirements of target environments. We also identify several remaining research challenges for the community, including further optimization for ultra-constrained devices, standardization of hybrid schemes, and hardware acceleration opportunities. Full article

Encrypted traffic classification is crucial for network security and management, enabling applications like QoS control and malware detection. However, the emergence of new encryption protocols, particularly TLS 1.3, poses challenges for traditional methods. To address this, we propose CLA-BERT, which integrates packet-level and byte-level features. Unlike existing methods, CLA-BERT efficiently fuses these features using a multi-head attention mechanism, enhancing accuracy and robustness. It leverages BERT for packet-level feature extraction, while CNN and BiLSTM capture local and global dependencies in byte-level features. Experimental results show that CLA-BERT is highly robust in small-sample scenarios, achieving F1 scores of 93.51%, 94.79%, 97.10%, 97.78%, and 98.09% under varying data sizes. Moreover, CLA-BERT demonstrates outstanding performance across three encrypted traffic classification tasks, attaining F1 scores of 99.02%, 99.49%, and 97.78% for VPN service classification, VPN application classification, and TLS 1.3 application classification, respectively. Notably, in TLS 1.3 classification, it surpasses state-of-the-art methods with a 0.47% improvement in F1 score. These results confirm CLA-bert’s effectiveness and generalization capability, making it well-suited for encrypted traffic classification. Full article

This study presents a novel approach to enhancing the security and accuracy of photovoltaic (PV) power generation predictions through secure aggregation techniques. The research focuses on key stages of the PV data lifecycle, including data collection, transmission, storage, and analysis. To safeguard against potential attacks and prevent data leakage across these critical processes, Paillier and Brakerski–Gentry–Vaikuntanathan (BGV) homomorphic encryption methods are employed. By integrating the transport layer security (TLS) protocol with edge computing during data transmission, this study not only bolsters data security but also minimizes latency and mitigates threats. Robust strategies for key management, access control, and auditing are implemented to ensure monitored and restricted access, further enhancing system security. In the analysis phase, advanced models such as Long Short-Term Memory (LSTM) networks and Complete Ensemble Empirical Mode Decomposition with Adaptive Noise (CEEMDAN) are utilized for precise time-series predictions of PV power output. The findings demonstrate the effectiveness of these methods in managing large-scale PV datasets while maintaining high prediction accuracy and strong security measures. Full article

The 5th Generation Mobile Communication (5G) plays a significant role in the Fourth Industrial Revolution (4IR), facilitating significant improvements and innovations in various fields. The 3rd Generation Partnership Project (3GPP) is currently standardizing the Authentication and Key Management for Application (AKMA) system for the 5G convergence applications (5G cAPPs). The Transport Layer Security (TLS) is recommended as the application-specific Ua* protocol between User Equipment (UE) and Application Function (AF) to securely transmit the AKMA identifiers of UE as well as guarantee traffic protection. Among TLS protocols, session resumption in TLS 1.2 and the Pre-Shared Key (PSK) modes of TLS 1.3 are particularly desirable for Ua*. Unfortunately, the integration of PSK options of TLS 1.3, namely PSK-only, PSK-(EC)DHE, and 0-RTT (0 Round-Trip Time) modes, with AKMA has not yet been thoroughly investigated; hence, security, performance, compatibility, and effectiveness remain uncertain. In response, this paper explores the integration of the TLS 1.3 PSK options with AKMA and investigates the said metrics by conducting formal security verification and emulating exemplary applications. According to the formal verification and experimental results, the PSK-(EC)DH mode shows a security strength trade-off with efficiency. On the one hand, the 0-RTT mode demonstrates better efficiency but exhibits drawbacks on forward secrecy and replay attacks. The result suggests that 0-RTT mode has to be approved to ensure seamless integration of the TLS 1.3 PSK option with AKMA. In addition, adjustment on the AKMA architecture is also imperative to enhance security level. Full article