A Review of Hybrid Cyber Threats Modelling and Detection Using Artificial Intelligence in IIoT

The Industrial Internet of Things(IIoT)has brought numerous benefits,such as improved efficiency,smart analytics,and increased automation.However,it also exposes connected devices,users,applications,and data generated to cyber security threats that need to be addressed.This work investigates hybrid cyber threats(HCTs),which are now working on an entirely new level with the increasingly adopted IIoT.This work focuses on emerging methods to model,detect,and defend against hybrid cyber attacks using machine learning(ML)techniques.Specifically,a novel ML-based HCT modelling and analysis framework was proposed,in which L1 regularisation and Random Forest were used to cluster features and analyse the importance and impact of each feature in both individual threats and HCTs.A grey relation analysis-based model was employed to construct the correlation between IIoT components and different threats.

Enhancing Cybersecurity Competency in the Kingdom of Saudi Arabia:A Fuzzy Decision-Making Approach

The Kingdom of Saudi Arabia(KSA)has achieved significant milestones in cybersecurity.KSA has maintained solid regulatorymechanisms to prevent,trace,and punish offenders to protect the interests of both individual users and organizations from the online threats of data poaching and pilferage.The widespread usage of Information Technology(IT)and IT Enable Services(ITES)reinforces securitymeasures.The constantly evolving cyber threats are a topic that is generating a lot of discussion.In this league,the present article enlists a broad perspective on how cybercrime is developing in KSA at present and also takes a look at some of the most significant attacks that have taken place in the region.The existing legislative framework and measures in the KSA are geared toward deterring criminal activity online.Different competency models have been devised to address the necessary cybercrime competencies in this context.The research specialists in this domain can benefit more by developing a master competency level for achieving optimum security.To address this research query,the present assessment uses the Fuzzy Decision-Making Trial and Evaluation Laboratory(Fuzzy-DMTAEL),Fuzzy Analytic Hierarchy Process(F.AHP),and Fuzzy TOPSIS methodology to achieve segment-wise competency development in cyber security policy.The similarities and differences between the three methods are also discussed.This cybersecurity analysis determined that the National Cyber Security Centre got the highest priority.The study concludes by perusing the challenges that still need to be examined and resolved in effectuating more credible and efficacious online security mechanisms to offer amoreempowered ITES-driven economy for SaudiArabia.Moreover,cybersecurity specialists and policymakers need to collate their efforts to protect the country’s digital assets in the era of overt and covert cyber warfare.

Classification of Cybersecurity Threats, Vulnerabilities and Countermeasures in Database Systems

Database systems have consistently been prime targets for cyber-attacks and threats due to the critical nature of the data they store.Despite the increasing reliance on database management systems,this field continues to face numerous cyber-attacks.Database management systems serve as the foundation of any information system or application.Any cyber-attack can result in significant damage to the database system and loss of sensitive data.Consequently,cyber risk classifications and assessments play a crucial role in risk management and establish an essential framework for identifying and responding to cyber threats.Risk assessment aids in understanding the impact of cyber threats and developing appropriate security controls to mitigate risks.The primary objective of this study is to conduct a comprehensive analysis of cyber risks in database management systems,including classifying threats,vulnerabilities,impacts,and countermeasures.This classification helps to identify suitable security controls to mitigate cyber risks for each type of threat.Additionally,this research aims to explore technical countermeasures to protect database systems from cyber threats.This study employs the content analysis method to collect,analyze,and classify data in terms of types of threats,vulnerabilities,and countermeasures.The results indicate that SQL injection attacks and Denial of Service(DoS)attacks were the most prevalent technical threats in database systems,each accounting for 9%of incidents.Vulnerable audit trails,intrusion attempts,and ransomware attacks were classified as the second level of technical threats in database systems,comprising 7%and 5%of incidents,respectively.Furthermore,the findings reveal that insider threats were the most common non-technical threats in database systems,accounting for 5%of incidents.Moreover,the results indicate that weak authentication,unpatched databases,weak audit trails,and multiple usage of an account were the most common technical vulnerabilities in database systems,each accounting for 9%of vulnerabilities.Additionally,software bugs,insecure coding practices,weak security controls,insecure networks,password misuse,weak encryption practices,and weak data masking were classified as the second level of security vulnerabilities in database systems,each accounting for 4%of vulnerabilities.The findings from this work can assist organizations in understanding the types of cyber threats and developing robust strategies against cyber-attacks.

Adaptive Network Sustainability and Defense Based on Artificial Bees Colony Optimization Algorithm for Nature Inspired Cyber Security

Cyber Defense is becoming a major issue for every organization to keep business continuity intact.The presented paper explores the effectiveness of a meta-heuristic optimization algorithm-Artificial Bees Colony Algorithm(ABC)as an Nature Inspired Cyber Security mechanism to achieve adaptive defense.It experiments on the Denial-Of-Service attack scenarios which involves limiting the traffic flow for each node.Businesses today have adapted their service distribution models to include the use of the Internet,allowing them to effectively manage and interact with their customer data.This shift has created an increased reliance on online services to store vast amounts of confidential customer data,meaning any disruption or outage of these services could be disastrous for the business,leaving them without the knowledge to serve their customers.Adversaries can exploit such an event to gain unauthorized access to the confidential data of the customers.The proposed algorithm utilizes an Adaptive Defense approach to continuously select nodes that could present characteristics of a probable malicious entity.For any changes in network parameters,the cluster of nodes is selected in the prepared solution set as a probable malicious node and the traffic rate with the ratio of packet delivery is managed with respect to the properties of normal nodes to deliver a disaster recovery plan for potential businesses.

Cybersecurity Risk Management through Behavior-Based Contextual Analysis of Online Logs

This paper studies cyber risk management by integrating contextual log analysis with User and Entity Behavior Analytics (UEBA). Leveraging Python scripting and PostgreSQL database management, the solution enriches log data with contextual and behavioral information from Linux system logs and semantic datasets. By incorporating Common Vulnerability Scoring System (CVSS) metrics and customized risk scoring algorithms, the system calculates Insider Threat scores to identify potential security breaches. The integration of contextual log analysis and UEBA [1] offers a proactive defense against insider threats, reducing false positives and prioritizing high-risk alerts.

Cyber Resilience through Real-Time Threat Analysis in Information Security

This paper examines how cybersecurity is developing and how it relates to more conventional information security. Although information security and cyber security are sometimes used synonymously, this study contends that they are not the same. The concept of cyber security is explored, which goes beyond protecting information resources to include a wider variety of assets, including people [1]. Protecting information assets is the main goal of traditional information security, with consideration to the human element and how people fit into the security process. On the other hand, cyber security adds a new level of complexity, as people might unintentionally contribute to or become targets of cyberattacks. This aspect presents moral questions since it is becoming more widely accepted that society has a duty to protect weaker members of society, including children [1]. The study emphasizes how important cyber security is on a larger scale, with many countries creating plans and laws to counteract cyberattacks. Nevertheless, a lot of these sources frequently neglect to define the differences or the relationship between information security and cyber security [1]. The paper focus on differentiating between cybersecurity and information security on a larger scale. The study also highlights other areas of cybersecurity which includes defending people, social norms, and vital infrastructure from threats that arise from online in addition to information and technology protection. It contends that ethical issues and the human factor are becoming more and more important in protecting assets in the digital age, and that cyber security is a paradigm shift in this regard [1].

The Role of AI in Cyber Security: Safeguarding Digital Identity

This article signals the use of Artificial Intelligence (AI) in information security where its merits, downsides as well as unanticipated negative outcomes are noted. It considers AI based models that can strengthen or undermine infrastructural functions and organize the networks. In addition, the essay delves into AI’s role in Cyber security software development and the need for AI-resilient strategies that could anticipate and thwart AI-created vulnerabilities. The document also touched on the socioeconomic ramifications of the emergence of AI in Cyber security as well. Looking into AI and security literature, the report outlines benefits including made threat detection precision, extended security ops efficiency, and preventive security tasks. At the same time, it emphasizes the positive side of AI, but it also shows potential limitations such as data bias, lack of interpretability, ethical concerns, and security flaws. The work similarly focuses on the characterized of misuse and sophisticated cyberattacks. The research suggests ways to diminish AI-generating maleficence which comprise ethical AI development, robust safety measures and constant audits and updates. With regard to the AI application in Cyber security, there are both pros and cons in terms of socio-economic issues, for example, job displacement, economic growth and the change in the required workforce skills.

A Study on the Challenges of Human-Centric Cyber-Security and the Guarantee of Information Quality

Information security and quality management are often considered two different fields. However, organizations must be mindful of how software security may affect quality control. This paper examines and promotes methods through which secure software development processes can be integrated into the Systems Software Development Life-cycle (SDLC) to improve system quality. Cyber-security and quality assurance are both involved in reducing risk. Software security teams work to reduce security risks, whereas quality assurance teams work to decrease risks to quality. There is a need for clear standards, frameworks, processes, and procedures to be followed by organizations to ensure high-level quality while reducing security risks. This research uses a survey of industry professionals to help identify best practices for developing software with fewer defects from the early stages of the SDLC to improve both the quality and security of software. Results show that there is a need for better security awareness among all members of software development teams.

Cyber Deception Using NLP

Cyber security addresses the protection of information systems in cyberspace. These systems face multiple attacks on a daily basis, with the level of complication getting increasingly challenging. Despite the existence of multiple solutions, attackers are still quite successful at identifying vulnerabilities to exploit. This is why cyber deception is increasingly being used to divert attackers’ attention and, therefore, enhance the security of information systems. To be effective, deception environments need fake data. This is where Natural Language (NLP) Processing comes in. Many cyber security models have used NLP for vulnerability detection in information systems, email classification, fake citation detection, and many others. Although it is used for text generation, existing models seem to be unsuitable for data generation in a deception environment. Our goal is to use text generation in NLP to generate data in the deception context that will be used to build multi-level deception in information systems. Our model consists of three (3) components, including the connection component, the deception component, composed of several states in which an attacker may be, depending on whether he is malicious or not, and the text generation component. The text generation component considers as input the real data of the information system and allows the production of several texts as output, which are usable at different deception levels.

库卡推出KR Cybertech-2全新系列机器人

近日,库卡机器人全新推出KR Cybertech-2系列机器人新品KR 12R1450-2E和KR35R1840-2E。两款新品以其轻量化设计和稳定性能,可为多行业的自动化需求提供更行之有效的解决方案。该新品系列有两个型号可供选择,12kg/1450mm,35kg/1840mm,能极大地满足小六轴机器人主要应用场景。该系列结构紧凑,减少占地空间。

Chinese Cyber Threat Intelligence Named Entity Recognition via RoBERTa-wwm-RDCNN-CRF

In recent years,cyber attacks have been intensifying and causing great harm to individuals,companies,and countries.The mining of cyber threat intelligence(CTI)can facilitate intelligence integration and serve well in combating cyber attacks.Named Entity Recognition(NER),as a crucial component of text mining,can structure complex CTI text and aid cybersecurity professionals in effectively countering threats.However,current CTI NER research has mainly focused on studying English CTI.In the limited studies conducted on Chinese text,existing models have shown poor performance.To fully utilize the power of Chinese pre-trained language models(PLMs)and conquer the problem of lengthy infrequent English words mixing in the Chinese CTIs,we propose a residual dilated convolutional neural network(RDCNN)with a conditional random field(CRF)based on a robustly optimized bidirectional encoder representation from transformers pre-training approach with whole word masking(RoBERTa-wwm),abbreviated as RoBERTa-wwm-RDCNN-CRF.We are the first to experiment on the relevant open source dataset and achieve an F1-score of 82.35%,which exceeds the common baseline model bidirectional encoder representation from transformers(BERT)-bidirectional long short-term memory(BiLSTM)-CRF in this field by about 19.52%and exceeds the current state-of-the-art model,BERT-RDCNN-CRF,by about 3.53%.In addition,we conducted an ablation study on the encoder part of the model to verify the effectiveness of the proposed model and an in-depth investigation of the PLMs and encoder part of the model to verify the effectiveness of the proposed model.The RoBERTa-wwm-RDCNN-CRF model,the shared pre-processing,and augmentation methods can serve the subsequent fundamental tasks such as cybersecurity information extraction and knowledge graph construction,contributing to important applications in downstream tasks such as intrusion detection and advanced persistent threat(APT)attack detection.

Finite-time fault-tolerant control of teleoperating cyber physical system against faults

This paper studies a finite-time adaptive fractionalorder fault-tolerant control(FTC)scheme for the slave position tracking of the teleoperating cyber physical system(TCPS)with external disturbances and actuator faults.Based on the fractional Lyapunov stability theory and the finite-time stability theory,a fractional-order nonsingular fast terminal sliding mode(FONFTSM)control law is proposed to promote the tracking and fault tolerance performance of the considered system.Meanwhile,the adaptive fractional-order update laws are designed to cope with the unknown upper bounds of the unknown actuator faults and external disturbances.Furthermore,the finite-time stability of the closed-loop system is proved.Finally,comparison simulation results are also provided to show the validity and the advantages of the proposed techniques.

Attack Behavior Extraction Based on Heterogeneous Cyberthreat Intelligence and Graph Convolutional Networks

The continuous improvement of the cyber threat intelligence sharing mechanism provides new ideas to deal with Advanced Persistent Threats(APT).Extracting attack behaviors,i.e.,Tactics,Techniques,Procedures(TTP)from Cyber Threat Intelligence(CTI)can facilitate APT actors’profiling for an immediate response.However,it is difficult for traditional manual methods to analyze attack behaviors from cyber threat intelligence due to its heterogeneous nature.Based on the Adversarial Tactics,Techniques and Common Knowledge(ATT&CK)of threat behavior description,this paper proposes a threat behavioral knowledge extraction framework that integrates Heterogeneous Text Network(HTN)and Graph Convolutional Network(GCN)to solve this issue.It leverages the hierarchical correlation relationships of attack techniques and tactics in the ATT&CK to construct a text network of heterogeneous cyber threat intelligence.With the help of the Bidirectional EncoderRepresentation fromTransformers(BERT)pretraining model to analyze the contextual semantics of cyber threat intelligence,the task of threat behavior identification is transformed into a text classification task,which automatically extracts attack behavior in CTI,then identifies the malware and advanced threat actors.The experimental results show that F1 achieve 94.86%and 92.15%for the multi-label classification tasks of tactics and techniques.Extend the experiment to verify the method’s effectiveness in identifying the malware and threat actors in APT attacks.The F1 for malware and advanced threat actors identification task reached 98.45%and 99.48%,which are better than the benchmark model in the experiment and achieve state of the art.The model can effectivelymodel threat intelligence text data and acquire knowledge and experience migration by correlating implied features with a priori knowledge to compensate for insufficient sample data and improve the classification performance and recognition ability of threat behavior in text.

“新型电力系统数字化关键技术综述”专辑评述

数字化是推动新型电力系统发展的重要动力,已成为广受学术界和产业界关注的热点技术。为此,《电力系统自动化》编辑部组织了“新型电力系统数字化关键技术综述”专辑,系统化介绍了新型电力系统数字化基础元件装备、边缘计算技术、通信安全与防护、智能化调度决策等一系列技术成果,代表了本领域最新技术成果和先进经验。文中立足于新型电力系统数字化发展的整体趋势,对专辑论文按研究方向进行了系统性梳理,对其核心成果与观点进行了归纳总结,希望能够完整呈现专辑成果对新型电力系统数字化关键技术体系的支撑作用,为相关技术研究的进一步深化提供参考。

基于Cyber-net与无监督学习的电网调度网络安全态势感知方法

在电网运行过程中,如果调度网络受到攻击,容易出现安全漏洞,导致电网调度安全性降低,为此,提出基于Cyber-net与无监督学习的电网调度网络安全态势感知方法。构建电网调度网络隔离性安全检测模型,引入综合风险指标作为电网的三层评估指标,建立电网调度的可靠性指标计算体系;通过引入期望负荷削减参数,实现电网调度安全性频率特征监测;基于负荷削减平均持续风险指标评估,设置电网调度的安全允许条件;结合风险评估和负荷参数检测,采用Cyber-net构建电网控制模型;采用无监督学习的方法,通过接入和分散式调度,实现电网的安全态势感知。测试表明,该方法进行电网调度网络安全态势感知的准确性较高,能够提高并网控制的安全性。

Deep Learning Based Cyber Event Detection from Open-Source Re-Emerging Social Data

Social media forums have emerged as the most popular form of communication in the modern technology era,allowing people to discuss and express their opinions.This increases the amount of material being shared on social media sites.There is a wealth of information about the threat that may be found in such open data sources.The security of already-deployed software and systems relies heavily on the timely detection of newly-emerging threats to their safety that can be gleaned from such information.Despite the fact that several models for detecting cybersecurity events have been presented,it remains challenging to extract security events from the vast amounts of unstructured text present in public data sources.The majority of the currently available methods concentrate on detecting events that have a high number of dimensions.This is because the unstructured text in open data sources typically contains a large number of dimensions.However,to react to attacks quicker than they can be launched,security analysts and information technology operators need to be aware of critical security events as soon as possible,regardless of how often they are reported.This research provides a unique event detection method that can swiftly identify significant security events from open forums such as Twitter.The proposed work identified new threats and the revival of an attack or related event,independent of the volume of mentions relating to those events on Twitter.In this research work,deep learning has been used to extract predictive features from open-source text.The proposed model is composed of data collection,data transformation,feature extraction using deep learning,Latent Dirichlet Allocation(LDA)based medium-level cyber-event detection and final Google Trends-based high-level cyber-event detection.The proposed technique has been evaluated on numerous datasets.Experiment results show that the proposed method outperforms existing methods in detecting cyber events by giving 95.96% accuracy.

Enhancing Police Officers’ Cybercrime Investigation Skills Using a Checklist Tool

This paper addressed the current state of police officers’ capabilities, skills, and their readiness to deal with the developments of cybercrime. This study discussed definition of cybercrime, cybercrime categories as well as comparison between traditional criminal techniques and cybercrime. As the abilities and skills required for detectives to investigate cybercrime have been discussed. Additionally, literature review and related work, was addressed challenges role of the police in combating cybercrime and facing cybercrime policing. We proposed the main tool in the study which is “Checklist of essential skills for a cybercrime investigator”. Thus, to gain the ability to Identify technical and practical requirements in terms of skills, programs, and equipment to achieve effective and professional results in fight cybercrimes.

Multiclass Classification for Cyber Threats Detection on Twitter

The advances in technology increase the number of internet systems usage.As a result,cybersecurity issues have become more common.Cyber threats are one of the main problems in the area of cybersecurity.However,detecting cybersecurity threats is not a trivial task and thus is the center of focus for many researchers due to its importance.This study aims to analyze Twitter data to detect cyber threats using a multiclass classification approach.The data is passed through different tasks to prepare it for the analysis.Term Frequency and Inverse Document Frequency(TFIDF)features are extracted to vectorize the cleaned data and several machine learning algorithms are used to classify the Twitter posts into multiple classes of cyber threats.The results are evaluated using different metrics including precision,recall,F-score,and accuracy.This work contributes to the cyber security research area.The experiments revealed the promised results of the analysis using the Random Forest(RF)algorithm with(F-score=81%).This result outperformed the existing studies in the field of cyber threat detection and showed the importance of detecting cyber threats in social media posts.There is a need for more investigation in the field of multiclass classification to achieve more accurate results.In the future,this study suggests applying different data representations for the feature extraction other than TF-IDF such as Word2Vec,and adding a new phase for feature selection to select the optimum features subset to achieve higher accuracy of the detection process.

Honeypot Game Theory against DoS Attack in UAV Cyber

A space called Unmanned Aerial Vehicle(UAV)cyber is a new environment where UAV,Ground Control Station(GCS)and business processes are integrated.Denial of service(DoS)attack is a standard network attack method,especially suitable for attacking the UAV cyber.It is a robust security risk for UAV cyber and has recently become an active research area.Game theory is typically used to simulate the existing offensive and defensive mechanisms for DoS attacks in a traditional network.In addition,the honeypot,an effective security vulnerability defense mechanism,has not been widely adopted or modeled for defense against DoS attack UAV cyber.With this motivation,the current research paper presents a honeypot game theorymodel that considersGCS andDoS attacks,which is used to study the interaction between attack and defense to optimize defense strategies.The GCS and honeypot act as defenses against DoS attacks in this model,and both players select their appropriate methods and build their benefit function models.On this basis,a hierarchical honeypot and G2A network delay reward strategy are introduced so that the defender and the attacker can adjust their respective strategies dynamically.Finally,by adjusting the degree of camouflage of the honeypot for UAV network services,the overall revenue of the defender can be effectively improved.The proposed method proves the existence of a mixed strategy Nash equilibrium and compares it with the existing research on no delay rewards and no honeypot defense scheme.In addition,this method realizes that the UAV cyber still guarantees a network delay of about ten milliseconds in the presence of a DoS attack.The results demonstrate that our methodology is superior to that of previous studies.

Investigating How Parental Perceptions of Cybersecurity Influence Children’s Safety in the Cyber World: A Case Study of Saudi Arabia

This paper explores the convergence of Saudi Arabia’s Vision 2030 with the increasing dependence on the Internet for educational purposes. It sheds light on the potential cybersecurity risks and how parental perception impacts children’s willingness to adapt cybersecurity features. By instilling the significance of cybersecurity awareness in early stages, society can provide children with the necessary skills to navigate the digital realm responsibly. As we progress, ongoing research and collaborative endeavors will be pivotal in formulating effective strategies to shield the digital generation from the potential pitfalls of the virtual realm. Regular Internet usage is essential for various purposes such as communication, education, and leisure. The cohorts of Generation Z and Alpha were born during a period of exponential Internet growth, leading them to heavily engage with the Internet. Consequently, they are equally vulnerable to cybersecurity threats just like adults. Addressing potential security risks for today’s youth becomes the responsibility of parents as the primary line of defense. This research focuses on raising awareness about the imperative of ensuring children’s safety in the online sphere, particularly by their parents. The study is conducted within the specific context of Saudi Arabia, aiming to examine how Saudi parents’ perception of cybersecurity influences their children’s cyber safety. The study identifies critical factors, including attitudes towards cybersecurity, awareness of cybersecurity, and prevailing social norms regarding cybersecurity. These factors contribute to the development of parents’ intention to prioritize cybersecurity, which consequently affects their children’s behaviors in the digital realm. Utilizing a quantitative approach based on a questionnaire, the study employs a Structural Equation Modeling (SEM) framework to analyze the collected data. The study’s findings underscore that parents’ intent towards cybersecurity plays a significant role in shaping their children’s behavior concerning cyber safety.