With the increasing penetration rate of electric vehicles(EVs),EV demand response holds great significance for promoting the optimal and secure operation of the power system.This paper proposes an EV response capabili...With the increasing penetration rate of electric vehicles(EVs),EV demand response holds great significance for promoting the optimal and secure operation of the power system.This paper proposes an EV response capability assessment method that considers EV users’travel demands and the reliability of the cyber systems integrated into both the power grid and the transportation network.A novel framework for an integrated cyber-power-transportation system is proposed for the first time,and a reliability model for the cyber system is provided.A method is further proposed to calculate the state of an EV when it is plugged in,considering the reliability of traffic guidance information and the reliability of the release of such information.The degree of relaxation in the EV charging demand is proposed to reflect the user’s travel demand,based on which the EV response capability can be assessed.Extensive test results on a cyber-power-transportation system containing RBTS BUS6 and the Beijing transportation network are conducted to show the efficiency of the proposed method.The impact of cyber reliability on the EV trip and response capability is analyzed.展开更多
This paper studies a finite-time adaptive fractionalorder fault-tolerant control(FTC)scheme for the slave position tracking of the teleoperating cyber physical system(TCPS)with external disturbances and actuator fault...This paper studies a finite-time adaptive fractionalorder fault-tolerant control(FTC)scheme for the slave position tracking of the teleoperating cyber physical system(TCPS)with external disturbances and actuator faults.Based on the fractional Lyapunov stability theory and the finite-time stability theory,a fractional-order nonsingular fast terminal sliding mode(FONFTSM)control law is proposed to promote the tracking and fault tolerance performance of the considered system.Meanwhile,the adaptive fractional-order update laws are designed to cope with the unknown upper bounds of the unknown actuator faults and external disturbances.Furthermore,the finite-time stability of the closed-loop system is proved.Finally,comparison simulation results are also provided to show the validity and the advantages of the proposed techniques.展开更多
As energy-related problems continue to emerge,the need for stable energy supplies and issues regarding both environmental and safety require urgent consideration.Renewable energy is becoming increasingly important,wit...As energy-related problems continue to emerge,the need for stable energy supplies and issues regarding both environmental and safety require urgent consideration.Renewable energy is becoming increasingly important,with solar power accounting for the most significant proportion of renewables.As the scale and importance of solar energy have increased,cyber threats against solar power plants have also increased.So,we need an anomaly detection system that effectively detects cyber threats to solar power plants.However,as mentioned earlier,the existing solar power plant anomaly detection system monitors only operating information such as power generation,making it difficult to detect cyberattacks.To address this issue,in this paper,we propose a network packet-based anomaly detection system for the Programmable Logic Controller(PLC)of the inverter,an essential system of photovoltaic plants,to detect cyber threats.Cyberattacks and vulnerabilities in solar power plants were analyzed to identify cyber threats in solar power plants.The analysis shows that Denial of Service(DoS)and Manin-the-Middle(MitM)attacks are primarily carried out on inverters,aiming to disrupt solar plant operations.To develop an anomaly detection system,we performed preprocessing,such as correlation analysis and normalization for PLC network packets data and trained various machine learning-based classification models on such data.The Random Forest model showed the best performance with an accuracy of 97.36%.The proposed system can detect anomalies based on network packets,identify potential cyber threats that cannot be identified by the anomaly detection system currently in use in solar power plants,and enhance the security of solar plants.展开更多
Recently,with the growth of cyber physical systems(CPS),several applications have begun to deploy in the CPS for connecting the cyber space with the physical scale effectively.Besides,the cloud computing(CC)enabled CP...Recently,with the growth of cyber physical systems(CPS),several applications have begun to deploy in the CPS for connecting the cyber space with the physical scale effectively.Besides,the cloud computing(CC)enabled CPS offers huge processing and storage resources for CPS thatfinds helpful for a range of application areas.At the same time,with the massive development of applica-tions that exist in the CPS environment,the energy utilization of the cloud enabled CPS has gained significant interest.For improving the energy effective-ness of the CC platform,virtualization technologies have been employed for resource management and the applications are executed via virtual machines(VMs).Since effective scheduling of resources acts as an important role in the design of cloud enabled CPS,this paper focuses on the design of chaotic sandpi-per optimization based VM scheduling(CSPO-VMS)technique for energy effi-cient CPS.The CSPO-VMS technique is utilized for searching for the optimum VM migration solution and it helps to choose an effective scheduling strategy.The CSPO algorithm integrates the concepts of traditional SPO algorithm with the chaos theory,which substitutes the main parameter and combines it with the chaos.In order to improve the process of determining the global optimum solutions and convergence rate of the SPO algorithm,the chaotic concept is included in the SPO algorithm.The CSPO-VMS technique also derives afitness function to choose optimal scheduling strategy in the CPS environment.In order to demonstrate the enhanced performance of the CSPO-VMS technique,a wide range of simulations were carried out and the results are examined under varying aspects.The simulation results ensured the improved performance of the CSPO-VMS technique over the recent methods interms of different measures.展开更多
A cyber physical energy system(CPES)involves a combination of pro-cessing,network,and physical processes.The smart grid plays a vital role in the CPES model where information technology(IT)can be related to the physic...A cyber physical energy system(CPES)involves a combination of pro-cessing,network,and physical processes.The smart grid plays a vital role in the CPES model where information technology(IT)can be related to the physical system.At the same time,the machine learning(ML)modelsfind useful for the smart grids integrated into the CPES for effective decision making.Also,the smart grids using ML and deep learning(DL)models are anticipated to lessen the requirement of placing many power plants for electricity utilization.In this aspect,this study designs optimal multi-head attention based bidirectional long short term memory(OMHA-MBLSTM)technique for smart grid stability predic-tion in CPES.The proposed OMHA-MBLSTM technique involves three subpro-cesses such as pre-processing,prediction,and hyperparameter optimization.The OMHA-MBLSTM technique employs min-max normalization as a pre-proces-sing step.Besides,the MBLSTM model is applied for the prediction of stability level of the smart grids in CPES.At the same time,the moth swarm algorithm(MHA)is utilized for optimally modifying the hyperparameters involved in the MBLSTM model.To ensure the enhanced outcomes of the OMHA-MBLSTM technique,a series of simulations were carried out and the results are inspected under several aspects.The experimental results pointed out the better outcomes of the OMHA-MBLSTM technique over the recent models.展开更多
Intrusion Detection System(IDS)is a network security mechanism that analyses all users’and applications’traffic and detectsmalicious activities in real-time.The existing IDSmethods suffer fromlower accuracy and lack...Intrusion Detection System(IDS)is a network security mechanism that analyses all users’and applications’traffic and detectsmalicious activities in real-time.The existing IDSmethods suffer fromlower accuracy and lack the required level of security to prevent sophisticated attacks.This problem can result in the system being vulnerable to attacks,which can lead to the loss of sensitive data and potential system failure.Therefore,this paper proposes an Intrusion Detection System using Logistic Tanh-based Convolutional Neural Network Classification(LTH-CNN).Here,the Correlation Coefficient based Mayfly Optimization(CC-MA)algorithm is used to extract the input characteristics for the IDS from the input data.Then,the optimized features are utilized by the LTH-CNN,which returns the attacked and non-attacked data.After that,the attacked data is stored in the log file and non-attacked data is mapped to the cyber security and data security phases.To prevent the system from cyber-attack,the Source and Destination IP address is converted into a complex binary format named 1’s Complement Reverse Shift Right(CRSR),where,in the data security phase the sensed data is converted into an encrypted format using Senders Public key Exclusive OR Receivers Public Key-Elliptic Curve Cryptography(PXORP-ECC)Algorithm to improve the data security.TheNetwork Security Laboratory-Knowledge Discovery inDatabases(NSLKDD)dataset and real-time sensor are used to train and evaluate the proposed LTH-CNN.The suggested model is evaluated based on accuracy,sensitivity,and specificity,which outperformed the existing IDS methods,according to the results of the experiments.展开更多
The Kingdom of Saudi Arabia(KSA)has achieved significant milestones in cybersecurity.KSA has maintained solid regulatorymechanisms to prevent,trace,and punish offenders to protect the interests of both individual user...The Kingdom of Saudi Arabia(KSA)has achieved significant milestones in cybersecurity.KSA has maintained solid regulatorymechanisms to prevent,trace,and punish offenders to protect the interests of both individual users and organizations from the online threats of data poaching and pilferage.The widespread usage of Information Technology(IT)and IT Enable Services(ITES)reinforces securitymeasures.The constantly evolving cyber threats are a topic that is generating a lot of discussion.In this league,the present article enlists a broad perspective on how cybercrime is developing in KSA at present and also takes a look at some of the most significant attacks that have taken place in the region.The existing legislative framework and measures in the KSA are geared toward deterring criminal activity online.Different competency models have been devised to address the necessary cybercrime competencies in this context.The research specialists in this domain can benefit more by developing a master competency level for achieving optimum security.To address this research query,the present assessment uses the Fuzzy Decision-Making Trial and Evaluation Laboratory(Fuzzy-DMTAEL),Fuzzy Analytic Hierarchy Process(F.AHP),and Fuzzy TOPSIS methodology to achieve segment-wise competency development in cyber security policy.The similarities and differences between the three methods are also discussed.This cybersecurity analysis determined that the National Cyber Security Centre got the highest priority.The study concludes by perusing the challenges that still need to be examined and resolved in effectuating more credible and efficacious online security mechanisms to offer amoreempowered ITES-driven economy for SaudiArabia.Moreover,cybersecurity specialists and policymakers need to collate their efforts to protect the country’s digital assets in the era of overt and covert cyber warfare.展开更多
The Industrial Internet of Things(IIoT)has brought numerous benefits,such as improved efficiency,smart analytics,and increased automation.However,it also exposes connected devices,users,applications,and data generated...The Industrial Internet of Things(IIoT)has brought numerous benefits,such as improved efficiency,smart analytics,and increased automation.However,it also exposes connected devices,users,applications,and data generated to cyber security threats that need to be addressed.This work investigates hybrid cyber threats(HCTs),which are now working on an entirely new level with the increasingly adopted IIoT.This work focuses on emerging methods to model,detect,and defend against hybrid cyber attacks using machine learning(ML)techniques.Specifically,a novel ML-based HCT modelling and analysis framework was proposed,in which L1 regularisation and Random Forest were used to cluster features and analyse the importance and impact of each feature in both individual threats and HCTs.A grey relation analysis-based model was employed to construct the correlation between IIoT components and different threats.展开更多
Cyber Defense is becoming a major issue for every organization to keep business continuity intact.The presented paper explores the effectiveness of a meta-heuristic optimization algorithm-Artificial Bees Colony Algori...Cyber Defense is becoming a major issue for every organization to keep business continuity intact.The presented paper explores the effectiveness of a meta-heuristic optimization algorithm-Artificial Bees Colony Algorithm(ABC)as an Nature Inspired Cyber Security mechanism to achieve adaptive defense.It experiments on the Denial-Of-Service attack scenarios which involves limiting the traffic flow for each node.Businesses today have adapted their service distribution models to include the use of the Internet,allowing them to effectively manage and interact with their customer data.This shift has created an increased reliance on online services to store vast amounts of confidential customer data,meaning any disruption or outage of these services could be disastrous for the business,leaving them without the knowledge to serve their customers.Adversaries can exploit such an event to gain unauthorized access to the confidential data of the customers.The proposed algorithm utilizes an Adaptive Defense approach to continuously select nodes that could present characteristics of a probable malicious entity.For any changes in network parameters,the cluster of nodes is selected in the prepared solution set as a probable malicious node and the traffic rate with the ratio of packet delivery is managed with respect to the properties of normal nodes to deliver a disaster recovery plan for potential businesses.展开更多
Digital assets have boomed over the past few years with the emergence of Non-fungible Tokens(NFTs).To be specific,the total trading volume of digital assets reached an astounding$55.5 billion in 2022.Nevertheless,nume...Digital assets have boomed over the past few years with the emergence of Non-fungible Tokens(NFTs).To be specific,the total trading volume of digital assets reached an astounding$55.5 billion in 2022.Nevertheless,numerous security concerns have been raised by the rapid expansion of the NFT ecosystem.NFT holders are exposed to a plethora of scams and traps,putting their digital assets at risk of being lost.However,academic research on NFT security is scarce,and the security issues have aroused rare attention.In this study,the NFT ecological process is comprehensively explored.This process falls into five different stages encompassing the entire lifecycle of NFTs.Subsequently,the security issues regarding the respective stage are elaborated and analyzed in depth.A matrix model is proposed as a novel contribution to the categorization of NFT security issues.Diverse data are collected from social networks,the Ethereum blockchain,and NFT markets to substantiate our claims regarding the severity of security concerns in the NFT ecosystem.From this comprehensive dataset,nine key NFT security issues are identified from the matrix model and then subjected to qualitative and quantitative analysis.This study aims to shed light on the severity of NFT ecosystem security issues.The findings stress the need for increased attention and proactive measures to safeguard the NFT ecosystem.展开更多
This paper examines how cybersecurity is developing and how it relates to more conventional information security. Although information security and cyber security are sometimes used synonymously, this study contends t...This paper examines how cybersecurity is developing and how it relates to more conventional information security. Although information security and cyber security are sometimes used synonymously, this study contends that they are not the same. The concept of cyber security is explored, which goes beyond protecting information resources to include a wider variety of assets, including people [1]. Protecting information assets is the main goal of traditional information security, with consideration to the human element and how people fit into the security process. On the other hand, cyber security adds a new level of complexity, as people might unintentionally contribute to or become targets of cyberattacks. This aspect presents moral questions since it is becoming more widely accepted that society has a duty to protect weaker members of society, including children [1]. The study emphasizes how important cyber security is on a larger scale, with many countries creating plans and laws to counteract cyberattacks. Nevertheless, a lot of these sources frequently neglect to define the differences or the relationship between information security and cyber security [1]. The paper focus on differentiating between cybersecurity and information security on a larger scale. The study also highlights other areas of cybersecurity which includes defending people, social norms, and vital infrastructure from threats that arise from online in addition to information and technology protection. It contends that ethical issues and the human factor are becoming more and more important in protecting assets in the digital age, and that cyber security is a paradigm shift in this regard [1].展开更多
This paper studies cyber risk management by integrating contextual log analysis with User and Entity Behavior Analytics (UEBA). Leveraging Python scripting and PostgreSQL database management, the solution enriches log...This paper studies cyber risk management by integrating contextual log analysis with User and Entity Behavior Analytics (UEBA). Leveraging Python scripting and PostgreSQL database management, the solution enriches log data with contextual and behavioral information from Linux system logs and semantic datasets. By incorporating Common Vulnerability Scoring System (CVSS) metrics and customized risk scoring algorithms, the system calculates Insider Threat scores to identify potential security breaches. The integration of contextual log analysis and UEBA [1] offers a proactive defense against insider threats, reducing false positives and prioritizing high-risk alerts.展开更多
This article signals the use of Artificial Intelligence (AI) in information security where its merits, downsides as well as unanticipated negative outcomes are noted. It considers AI based models that can strengthen o...This article signals the use of Artificial Intelligence (AI) in information security where its merits, downsides as well as unanticipated negative outcomes are noted. It considers AI based models that can strengthen or undermine infrastructural functions and organize the networks. In addition, the essay delves into AI’s role in Cyber security software development and the need for AI-resilient strategies that could anticipate and thwart AI-created vulnerabilities. The document also touched on the socioeconomic ramifications of the emergence of AI in Cyber security as well. Looking into AI and security literature, the report outlines benefits including made threat detection precision, extended security ops efficiency, and preventive security tasks. At the same time, it emphasizes the positive side of AI, but it also shows potential limitations such as data bias, lack of interpretability, ethical concerns, and security flaws. The work similarly focuses on the characterized of misuse and sophisticated cyberattacks. The research suggests ways to diminish AI-generating maleficence which comprise ethical AI development, robust safety measures and constant audits and updates. With regard to the AI application in Cyber security, there are both pros and cons in terms of socio-economic issues, for example, job displacement, economic growth and the change in the required workforce skills.展开更多
Information security and quality management are often considered two different fields. However, organizations must be mindful of how software security may affect quality control. This paper examines and promotes metho...Information security and quality management are often considered two different fields. However, organizations must be mindful of how software security may affect quality control. This paper examines and promotes methods through which secure software development processes can be integrated into the Systems Software Development Life-cycle (SDLC) to improve system quality. Cyber-security and quality assurance are both involved in reducing risk. Software security teams work to reduce security risks, whereas quality assurance teams work to decrease risks to quality. There is a need for clear standards, frameworks, processes, and procedures to be followed by organizations to ensure high-level quality while reducing security risks. This research uses a survey of industry professionals to help identify best practices for developing software with fewer defects from the early stages of the SDLC to improve both the quality and security of software. Results show that there is a need for better security awareness among all members of software development teams.展开更多
Cyber security addresses the protection of information systems in cyberspace. These systems face multiple attacks on a daily basis, with the level of complication getting increasingly challenging. Despite the existenc...Cyber security addresses the protection of information systems in cyberspace. These systems face multiple attacks on a daily basis, with the level of complication getting increasingly challenging. Despite the existence of multiple solutions, attackers are still quite successful at identifying vulnerabilities to exploit. This is why cyber deception is increasingly being used to divert attackers’ attention and, therefore, enhance the security of information systems. To be effective, deception environments need fake data. This is where Natural Language (NLP) Processing comes in. Many cyber security models have used NLP for vulnerability detection in information systems, email classification, fake citation detection, and many others. Although it is used for text generation, existing models seem to be unsuitable for data generation in a deception environment. Our goal is to use text generation in NLP to generate data in the deception context that will be used to build multi-level deception in information systems. Our model consists of three (3) components, including the connection component, the deception component, composed of several states in which an attacker may be, depending on whether he is malicious or not, and the text generation component. The text generation component considers as input the real data of the information system and allows the production of several texts as output, which are usable at different deception levels.展开更多
State-of-the-art technologies such as the Internet of Things(IoT),cloud computing(CC),big data analytics(BDA),and artificial intelligence(AI)have greatly stimulated the development of smart manufacturing.An important ...State-of-the-art technologies such as the Internet of Things(IoT),cloud computing(CC),big data analytics(BDA),and artificial intelligence(AI)have greatly stimulated the development of smart manufacturing.An important prerequisite for smart manufacturing is cyber-physical integration,which is increasingly being embraced by manufacturers.As the preferred means of such integration,cyber-physical systems(CPS)and digital twins(DTs)have gained extensive attention from researchers and practitioners in industry.With feedback loops in which physical processes affect cyber parts and vice versa,CPS and DTs can endow manufacturing systems with greater efficiency,resilience,and intelligence.CPS and DTs share the same essential concepts of an intensive cyber-physical connection,real-time interaction,organization integration,and in-depth collaboration.However,CPS and DTs are not identical from many perspectives,including their origin,development,engineering practices,cyber-physical mapping,and core elements.In order to highlight the differences and correlation between them,this paper reviews and analyzes CPS and DTs from multiple perspectives.展开更多
A cyber physical system(CPS)is a complex system that integrates sensing,computation,control and networking into physical processes and objects over Internet.It plays a key role in modern industry since it connects phy...A cyber physical system(CPS)is a complex system that integrates sensing,computation,control and networking into physical processes and objects over Internet.It plays a key role in modern industry since it connects physical and cyber worlds.In order to meet ever-changing industrial requirements,its structures and functions are constantly improved.Meanwhile,new security issues have arisen.A ubiquitous problem is the fact that cyber attacks can cause significant damage to industrial systems,and thus has gained increasing attention from researchers and practitioners.This paper presents a survey of state-of-the-art results of cyber attacks on cyber physical systems.First,as typical system models are employed to study these systems,time-driven and event-driven systems are reviewed.Then,recent advances on three types of attacks,i.e.,those on availability,integrity,and confidentiality are discussed.In particular,the detailed studies on availability and integrity attacks are introduced from the perspective of attackers and defenders.Namely,both attack and defense strategies are discussed based on different system models.Some challenges and open issues are indicated to guide future research and inspire the further exploration of this increasingly important area.展开更多
基金supported by the National Key Research and Development Program of China(2017YFB0903000)the Basic Theories and Methods of Analysis and Control of the Cyber Physical System for Power Grid。
文摘With the increasing penetration rate of electric vehicles(EVs),EV demand response holds great significance for promoting the optimal and secure operation of the power system.This paper proposes an EV response capability assessment method that considers EV users’travel demands and the reliability of the cyber systems integrated into both the power grid and the transportation network.A novel framework for an integrated cyber-power-transportation system is proposed for the first time,and a reliability model for the cyber system is provided.A method is further proposed to calculate the state of an EV when it is plugged in,considering the reliability of traffic guidance information and the reliability of the release of such information.The degree of relaxation in the EV charging demand is proposed to reflect the user’s travel demand,based on which the EV response capability can be assessed.Extensive test results on a cyber-power-transportation system containing RBTS BUS6 and the Beijing transportation network are conducted to show the efficiency of the proposed method.The impact of cyber reliability on the EV trip and response capability is analyzed.
基金supported by the National Natural Science Foundation of China(61973331,61973257)the National Key Research and Development Plan Programs of China(2018YFB0106101).
文摘This paper studies a finite-time adaptive fractionalorder fault-tolerant control(FTC)scheme for the slave position tracking of the teleoperating cyber physical system(TCPS)with external disturbances and actuator faults.Based on the fractional Lyapunov stability theory and the finite-time stability theory,a fractional-order nonsingular fast terminal sliding mode(FONFTSM)control law is proposed to promote the tracking and fault tolerance performance of the considered system.Meanwhile,the adaptive fractional-order update laws are designed to cope with the unknown upper bounds of the unknown actuator faults and external disturbances.Furthermore,the finite-time stability of the closed-loop system is proved.Finally,comparison simulation results are also provided to show the validity and the advantages of the proposed techniques.
基金supported by the Korea Institute of Energy Technology Evaluation and Planning(KETEP)grant funded by the Korea government(MOTIE)(20224B10100140,50%)the Nuclear Safety Research Program through the Korea Foundation of Nuclear Safety(KoFONS)using the financial resource granted by the Nuclear Safety and Security Commission(NSSC)of the Republic of Korea(No.2106058,40%)the Gachon University Research Fund of 2023(GCU-202110280001,10%)。
文摘As energy-related problems continue to emerge,the need for stable energy supplies and issues regarding both environmental and safety require urgent consideration.Renewable energy is becoming increasingly important,with solar power accounting for the most significant proportion of renewables.As the scale and importance of solar energy have increased,cyber threats against solar power plants have also increased.So,we need an anomaly detection system that effectively detects cyber threats to solar power plants.However,as mentioned earlier,the existing solar power plant anomaly detection system monitors only operating information such as power generation,making it difficult to detect cyberattacks.To address this issue,in this paper,we propose a network packet-based anomaly detection system for the Programmable Logic Controller(PLC)of the inverter,an essential system of photovoltaic plants,to detect cyber threats.Cyberattacks and vulnerabilities in solar power plants were analyzed to identify cyber threats in solar power plants.The analysis shows that Denial of Service(DoS)and Manin-the-Middle(MitM)attacks are primarily carried out on inverters,aiming to disrupt solar plant operations.To develop an anomaly detection system,we performed preprocessing,such as correlation analysis and normalization for PLC network packets data and trained various machine learning-based classification models on such data.The Random Forest model showed the best performance with an accuracy of 97.36%.The proposed system can detect anomalies based on network packets,identify potential cyber threats that cannot be identified by the anomaly detection system currently in use in solar power plants,and enhance the security of solar plants.
文摘Recently,with the growth of cyber physical systems(CPS),several applications have begun to deploy in the CPS for connecting the cyber space with the physical scale effectively.Besides,the cloud computing(CC)enabled CPS offers huge processing and storage resources for CPS thatfinds helpful for a range of application areas.At the same time,with the massive development of applica-tions that exist in the CPS environment,the energy utilization of the cloud enabled CPS has gained significant interest.For improving the energy effective-ness of the CC platform,virtualization technologies have been employed for resource management and the applications are executed via virtual machines(VMs).Since effective scheduling of resources acts as an important role in the design of cloud enabled CPS,this paper focuses on the design of chaotic sandpi-per optimization based VM scheduling(CSPO-VMS)technique for energy effi-cient CPS.The CSPO-VMS technique is utilized for searching for the optimum VM migration solution and it helps to choose an effective scheduling strategy.The CSPO algorithm integrates the concepts of traditional SPO algorithm with the chaos theory,which substitutes the main parameter and combines it with the chaos.In order to improve the process of determining the global optimum solutions and convergence rate of the SPO algorithm,the chaotic concept is included in the SPO algorithm.The CSPO-VMS technique also derives afitness function to choose optimal scheduling strategy in the CPS environment.In order to demonstrate the enhanced performance of the CSPO-VMS technique,a wide range of simulations were carried out and the results are examined under varying aspects.The simulation results ensured the improved performance of the CSPO-VMS technique over the recent methods interms of different measures.
基金supported by the Researchers Supporting Program(TUMA-Project-2021-27)Almaarefa University,Riyadh,Saudi ArabiaTaif University Researchers Supporting Project number(TURSP-2020/161),Taif University,Taif,Saudi Arabia。
文摘A cyber physical energy system(CPES)involves a combination of pro-cessing,network,and physical processes.The smart grid plays a vital role in the CPES model where information technology(IT)can be related to the physical system.At the same time,the machine learning(ML)modelsfind useful for the smart grids integrated into the CPES for effective decision making.Also,the smart grids using ML and deep learning(DL)models are anticipated to lessen the requirement of placing many power plants for electricity utilization.In this aspect,this study designs optimal multi-head attention based bidirectional long short term memory(OMHA-MBLSTM)technique for smart grid stability predic-tion in CPES.The proposed OMHA-MBLSTM technique involves three subpro-cesses such as pre-processing,prediction,and hyperparameter optimization.The OMHA-MBLSTM technique employs min-max normalization as a pre-proces-sing step.Besides,the MBLSTM model is applied for the prediction of stability level of the smart grids in CPES.At the same time,the moth swarm algorithm(MHA)is utilized for optimally modifying the hyperparameters involved in the MBLSTM model.To ensure the enhanced outcomes of the OMHA-MBLSTM technique,a series of simulations were carried out and the results are inspected under several aspects.The experimental results pointed out the better outcomes of the OMHA-MBLSTM technique over the recent models.
文摘Intrusion Detection System(IDS)is a network security mechanism that analyses all users’and applications’traffic and detectsmalicious activities in real-time.The existing IDSmethods suffer fromlower accuracy and lack the required level of security to prevent sophisticated attacks.This problem can result in the system being vulnerable to attacks,which can lead to the loss of sensitive data and potential system failure.Therefore,this paper proposes an Intrusion Detection System using Logistic Tanh-based Convolutional Neural Network Classification(LTH-CNN).Here,the Correlation Coefficient based Mayfly Optimization(CC-MA)algorithm is used to extract the input characteristics for the IDS from the input data.Then,the optimized features are utilized by the LTH-CNN,which returns the attacked and non-attacked data.After that,the attacked data is stored in the log file and non-attacked data is mapped to the cyber security and data security phases.To prevent the system from cyber-attack,the Source and Destination IP address is converted into a complex binary format named 1’s Complement Reverse Shift Right(CRSR),where,in the data security phase the sensed data is converted into an encrypted format using Senders Public key Exclusive OR Receivers Public Key-Elliptic Curve Cryptography(PXORP-ECC)Algorithm to improve the data security.TheNetwork Security Laboratory-Knowledge Discovery inDatabases(NSLKDD)dataset and real-time sensor are used to train and evaluate the proposed LTH-CNN.The suggested model is evaluated based on accuracy,sensitivity,and specificity,which outperformed the existing IDS methods,according to the results of the experiments.
文摘The Kingdom of Saudi Arabia(KSA)has achieved significant milestones in cybersecurity.KSA has maintained solid regulatorymechanisms to prevent,trace,and punish offenders to protect the interests of both individual users and organizations from the online threats of data poaching and pilferage.The widespread usage of Information Technology(IT)and IT Enable Services(ITES)reinforces securitymeasures.The constantly evolving cyber threats are a topic that is generating a lot of discussion.In this league,the present article enlists a broad perspective on how cybercrime is developing in KSA at present and also takes a look at some of the most significant attacks that have taken place in the region.The existing legislative framework and measures in the KSA are geared toward deterring criminal activity online.Different competency models have been devised to address the necessary cybercrime competencies in this context.The research specialists in this domain can benefit more by developing a master competency level for achieving optimum security.To address this research query,the present assessment uses the Fuzzy Decision-Making Trial and Evaluation Laboratory(Fuzzy-DMTAEL),Fuzzy Analytic Hierarchy Process(F.AHP),and Fuzzy TOPSIS methodology to achieve segment-wise competency development in cyber security policy.The similarities and differences between the three methods are also discussed.This cybersecurity analysis determined that the National Cyber Security Centre got the highest priority.The study concludes by perusing the challenges that still need to be examined and resolved in effectuating more credible and efficacious online security mechanisms to offer amoreempowered ITES-driven economy for SaudiArabia.Moreover,cybersecurity specialists and policymakers need to collate their efforts to protect the country’s digital assets in the era of overt and covert cyber warfare.
文摘The Industrial Internet of Things(IIoT)has brought numerous benefits,such as improved efficiency,smart analytics,and increased automation.However,it also exposes connected devices,users,applications,and data generated to cyber security threats that need to be addressed.This work investigates hybrid cyber threats(HCTs),which are now working on an entirely new level with the increasingly adopted IIoT.This work focuses on emerging methods to model,detect,and defend against hybrid cyber attacks using machine learning(ML)techniques.Specifically,a novel ML-based HCT modelling and analysis framework was proposed,in which L1 regularisation and Random Forest were used to cluster features and analyse the importance and impact of each feature in both individual threats and HCTs.A grey relation analysis-based model was employed to construct the correlation between IIoT components and different threats.
文摘Cyber Defense is becoming a major issue for every organization to keep business continuity intact.The presented paper explores the effectiveness of a meta-heuristic optimization algorithm-Artificial Bees Colony Algorithm(ABC)as an Nature Inspired Cyber Security mechanism to achieve adaptive defense.It experiments on the Denial-Of-Service attack scenarios which involves limiting the traffic flow for each node.Businesses today have adapted their service distribution models to include the use of the Internet,allowing them to effectively manage and interact with their customer data.This shift has created an increased reliance on online services to store vast amounts of confidential customer data,meaning any disruption or outage of these services could be disastrous for the business,leaving them without the knowledge to serve their customers.Adversaries can exploit such an event to gain unauthorized access to the confidential data of the customers.The proposed algorithm utilizes an Adaptive Defense approach to continuously select nodes that could present characteristics of a probable malicious entity.For any changes in network parameters,the cluster of nodes is selected in the prepared solution set as a probable malicious node and the traffic rate with the ratio of packet delivery is managed with respect to the properties of normal nodes to deliver a disaster recovery plan for potential businesses.
文摘Digital assets have boomed over the past few years with the emergence of Non-fungible Tokens(NFTs).To be specific,the total trading volume of digital assets reached an astounding$55.5 billion in 2022.Nevertheless,numerous security concerns have been raised by the rapid expansion of the NFT ecosystem.NFT holders are exposed to a plethora of scams and traps,putting their digital assets at risk of being lost.However,academic research on NFT security is scarce,and the security issues have aroused rare attention.In this study,the NFT ecological process is comprehensively explored.This process falls into five different stages encompassing the entire lifecycle of NFTs.Subsequently,the security issues regarding the respective stage are elaborated and analyzed in depth.A matrix model is proposed as a novel contribution to the categorization of NFT security issues.Diverse data are collected from social networks,the Ethereum blockchain,and NFT markets to substantiate our claims regarding the severity of security concerns in the NFT ecosystem.From this comprehensive dataset,nine key NFT security issues are identified from the matrix model and then subjected to qualitative and quantitative analysis.This study aims to shed light on the severity of NFT ecosystem security issues.The findings stress the need for increased attention and proactive measures to safeguard the NFT ecosystem.
文摘This paper examines how cybersecurity is developing and how it relates to more conventional information security. Although information security and cyber security are sometimes used synonymously, this study contends that they are not the same. The concept of cyber security is explored, which goes beyond protecting information resources to include a wider variety of assets, including people [1]. Protecting information assets is the main goal of traditional information security, with consideration to the human element and how people fit into the security process. On the other hand, cyber security adds a new level of complexity, as people might unintentionally contribute to or become targets of cyberattacks. This aspect presents moral questions since it is becoming more widely accepted that society has a duty to protect weaker members of society, including children [1]. The study emphasizes how important cyber security is on a larger scale, with many countries creating plans and laws to counteract cyberattacks. Nevertheless, a lot of these sources frequently neglect to define the differences or the relationship between information security and cyber security [1]. The paper focus on differentiating between cybersecurity and information security on a larger scale. The study also highlights other areas of cybersecurity which includes defending people, social norms, and vital infrastructure from threats that arise from online in addition to information and technology protection. It contends that ethical issues and the human factor are becoming more and more important in protecting assets in the digital age, and that cyber security is a paradigm shift in this regard [1].
文摘This paper studies cyber risk management by integrating contextual log analysis with User and Entity Behavior Analytics (UEBA). Leveraging Python scripting and PostgreSQL database management, the solution enriches log data with contextual and behavioral information from Linux system logs and semantic datasets. By incorporating Common Vulnerability Scoring System (CVSS) metrics and customized risk scoring algorithms, the system calculates Insider Threat scores to identify potential security breaches. The integration of contextual log analysis and UEBA [1] offers a proactive defense against insider threats, reducing false positives and prioritizing high-risk alerts.
文摘This article signals the use of Artificial Intelligence (AI) in information security where its merits, downsides as well as unanticipated negative outcomes are noted. It considers AI based models that can strengthen or undermine infrastructural functions and organize the networks. In addition, the essay delves into AI’s role in Cyber security software development and the need for AI-resilient strategies that could anticipate and thwart AI-created vulnerabilities. The document also touched on the socioeconomic ramifications of the emergence of AI in Cyber security as well. Looking into AI and security literature, the report outlines benefits including made threat detection precision, extended security ops efficiency, and preventive security tasks. At the same time, it emphasizes the positive side of AI, but it also shows potential limitations such as data bias, lack of interpretability, ethical concerns, and security flaws. The work similarly focuses on the characterized of misuse and sophisticated cyberattacks. The research suggests ways to diminish AI-generating maleficence which comprise ethical AI development, robust safety measures and constant audits and updates. With regard to the AI application in Cyber security, there are both pros and cons in terms of socio-economic issues, for example, job displacement, economic growth and the change in the required workforce skills.
文摘Information security and quality management are often considered two different fields. However, organizations must be mindful of how software security may affect quality control. This paper examines and promotes methods through which secure software development processes can be integrated into the Systems Software Development Life-cycle (SDLC) to improve system quality. Cyber-security and quality assurance are both involved in reducing risk. Software security teams work to reduce security risks, whereas quality assurance teams work to decrease risks to quality. There is a need for clear standards, frameworks, processes, and procedures to be followed by organizations to ensure high-level quality while reducing security risks. This research uses a survey of industry professionals to help identify best practices for developing software with fewer defects from the early stages of the SDLC to improve both the quality and security of software. Results show that there is a need for better security awareness among all members of software development teams.
文摘Cyber security addresses the protection of information systems in cyberspace. These systems face multiple attacks on a daily basis, with the level of complication getting increasingly challenging. Despite the existence of multiple solutions, attackers are still quite successful at identifying vulnerabilities to exploit. This is why cyber deception is increasingly being used to divert attackers’ attention and, therefore, enhance the security of information systems. To be effective, deception environments need fake data. This is where Natural Language (NLP) Processing comes in. Many cyber security models have used NLP for vulnerability detection in information systems, email classification, fake citation detection, and many others. Although it is used for text generation, existing models seem to be unsuitable for data generation in a deception environment. Our goal is to use text generation in NLP to generate data in the deception context that will be used to build multi-level deception in information systems. Our model consists of three (3) components, including the connection component, the deception component, composed of several states in which an attacker may be, depending on whether he is malicious or not, and the text generation component. The text generation component considers as input the real data of the information system and allows the production of several texts as output, which are usable at different deception levels.
基金This work is financially supported by the National Key Research and Development Program of China(2016YFB1101700)the National Natural Science Foundation of China(51875030)the Academic Excellence Foundation of BUAA for PhD Students.
文摘State-of-the-art technologies such as the Internet of Things(IoT),cloud computing(CC),big data analytics(BDA),and artificial intelligence(AI)have greatly stimulated the development of smart manufacturing.An important prerequisite for smart manufacturing is cyber-physical integration,which is increasingly being embraced by manufacturers.As the preferred means of such integration,cyber-physical systems(CPS)and digital twins(DTs)have gained extensive attention from researchers and practitioners in industry.With feedback loops in which physical processes affect cyber parts and vice versa,CPS and DTs can endow manufacturing systems with greater efficiency,resilience,and intelligence.CPS and DTs share the same essential concepts of an intensive cyber-physical connection,real-time interaction,organization integration,and in-depth collaboration.However,CPS and DTs are not identical from many perspectives,including their origin,development,engineering practices,cyber-physical mapping,and core elements.In order to highlight the differences and correlation between them,this paper reviews and analyzes CPS and DTs from multiple perspectives.
基金supported by Institutional Fund Projects(IFPNC-001-135-2020)technical and financial support from the Ministry of Education and King Abdulaziz University,DSR,Jeddah,Saudi Arabia。
文摘A cyber physical system(CPS)is a complex system that integrates sensing,computation,control and networking into physical processes and objects over Internet.It plays a key role in modern industry since it connects physical and cyber worlds.In order to meet ever-changing industrial requirements,its structures and functions are constantly improved.Meanwhile,new security issues have arisen.A ubiquitous problem is the fact that cyber attacks can cause significant damage to industrial systems,and thus has gained increasing attention from researchers and practitioners.This paper presents a survey of state-of-the-art results of cyber attacks on cyber physical systems.First,as typical system models are employed to study these systems,time-driven and event-driven systems are reviewed.Then,recent advances on three types of attacks,i.e.,those on availability,integrity,and confidentiality are discussed.In particular,the detailed studies on availability and integrity attacks are introduced from the perspective of attackers and defenders.Namely,both attack and defense strategies are discussed based on different system models.Some challenges and open issues are indicated to guide future research and inspire the further exploration of this increasingly important area.