Survey on Video Security:Examining Threats,Challenges,and Future Trends

Videos represent the most prevailing form of digital media for communication,information dissemination,and monitoring.However,theirwidespread use has increased the risks of unauthorised access andmanipulation,posing significant challenges.In response,various protection approaches have been developed to secure,authenticate,and ensure the integrity of digital videos.This study provides a comprehensive survey of the challenges associated with maintaining the confidentiality,integrity,and availability of video content,and examining how it can be manipulated.It then investigates current developments in the field of video security by exploring two critical research questions.First,it examine the techniques used by adversaries to compromise video data and evaluate their impact.Understanding these attack methodologies is crucial for developing effective defense mechanisms.Second,it explores the various security approaches that can be employed to protect video data,enhancing its transparency,integrity,and trustworthiness.It compares the effectiveness of these approaches across different use cases,including surveillance,video on demand(VoD),and medical videos related to disease diagnostics.Finally,it identifies potential research opportunities to enhance video data protection in response to the evolving threat landscape.Through this investigation,this study aims to contribute to the ongoing efforts in securing video data,providing insights that are vital for researchers,practitioners,and policymakers dedicated to enhancing the safety and reliability of video content in our digital world.

Cyber Resilience through Real-Time Threat Analysis in Information Security

This paper examines how cybersecurity is developing and how it relates to more conventional information security. Although information security and cyber security are sometimes used synonymously, this study contends that they are not the same. The concept of cyber security is explored, which goes beyond protecting information resources to include a wider variety of assets, including people [1]. Protecting information assets is the main goal of traditional information security, with consideration to the human element and how people fit into the security process. On the other hand, cyber security adds a new level of complexity, as people might unintentionally contribute to or become targets of cyberattacks. This aspect presents moral questions since it is becoming more widely accepted that society has a duty to protect weaker members of society, including children [1]. The study emphasizes how important cyber security is on a larger scale, with many countries creating plans and laws to counteract cyberattacks. Nevertheless, a lot of these sources frequently neglect to define the differences or the relationship between information security and cyber security [1]. The paper focus on differentiating between cybersecurity and information security on a larger scale. The study also highlights other areas of cybersecurity which includes defending people, social norms, and vital infrastructure from threats that arise from online in addition to information and technology protection. It contends that ethical issues and the human factor are becoming more and more important in protecting assets in the digital age, and that cyber security is a paradigm shift in this regard [1].

Systematic Literature Review on Cloud Computing Security: Threats and Mitigation Strategies

Cloud computing plays a significant role in modern information technology, providing organizations with numerous benefits, including flexibility, scalability, and cost-efficiency. However, it has become essential for organizations to ensure the security of their applications, data, and cloud-based networks to use cloud services effectively. This systematic literature review aims to determine the latest information regarding cloud computing security, with a specific emphasis on threats and mitigation strategies. Additionally, it highlights some common threats related to cloud computing security, such as distributed denial-of-service (DDoS) attacks, account hijacking, malware attacks, and data breaches. This research also explores some mitigation strategies, including security awareness training, vulnerability management, security information and event management (SIEM), identity and access management (IAM), and encryption techniques. It discusses emerging trends in cloud security, such as integrating artificial intelligence (AI) and machine learning (ML), serverless computing, and containerization, as well as the effectiveness of the shared responsibility model and its related challenges. The importance of user awareness and the impact of emerging technologies on cloud security have also been discussed in detail to mitigate security risks. A literature review of previous research and scholarly articles has also been conducted to provide insights regarding cloud computing security. It shows the need for continuous research and innovation to address emerging threats and maintain a security-conscious culture in the company.

Security Analysis in Smart Agriculture: Insights from a Cyber-Physical System Application

Smart agriculture modifies traditional farming practices,and offers innovative approaches to boost production and sustainability by leveraging contemporary technologies.In today’s world where technology is everything,these technologies are utilized to streamline regular tasks and procedures in agriculture,one of the largest and most significant industries in every nation.This research paper stands out from existing literature on smart agriculture security by providing a comprehensive analysis and examination of security issues within smart agriculture systems.Divided into three main sections-security analysis,system architecture and design and risk assessment of Cyber-Physical Systems(CPS)applications-the study delves into various elements crucial for smart farming,such as data sources,infrastructure components,communication protocols,and the roles of different stakeholders such as farmers,agricultural scientists and researchers,technology providers,government agencies,consumers and many others.In contrast to earlier research,this work analyzes the resilience of smart agriculture systems using approaches such as threat modeling,penetration testing,and vulnerability assessments.Important discoveries highlight the concerns connected to unsecured communication protocols,possible threats from malevolent actors,and vulnerabilities in IoT devices.Furthermore,the study suggests enhancements for CPS applications,such as strong access controls,intrusion detection systems,and encryption protocols.In addition,risk assessment techniques are applied to prioritize mitigation tactics and detect potential hazards,addressing issues like data breaches,system outages,and automated farming process sabotage.The research sets itself apart even more by presenting a prototype CPS application that makes use of a digital temperature sensor.This application was first created using a Tinkercad simulator and then using actual hardware with Arduino boards.The CPS application’s defenses against potential threats and vulnerabilities are strengthened by this integrated approach,which distinguishes this research for its depth and usefulness in the field of smart agriculture security.

Information Security in the Cloud: Emerging Trends and Challenges

This article explores the evolution of cloud computing, its advantages over traditional on-premises infrastructure, and its impact on information security. The study presents a comprehensive literature review covering various cloud infrastructure offerings and security models. Additionally, it deeply analyzes real-life case studies illustrating successful cloud migrations and highlights common information security threats in current cloud computing. The article concludes by offering recommendations to businesses to protect themselves from cloud data breaches and providing insights into selecting a suitable cloud services provider from an information security perspective.

Blockchain Security Threats and Collaborative Defense:A Literature Review

As a distributed database,the system security of the blockchain is of great significance to prevent tampering,protect privacy,prevent double spending,and improve credibility.Due to the decentralized and trustless nature of blockchain,the security defense of the blockchain system has become one of the most important measures.This paper comprehensively reviews the research progress of blockchain security threats and collaborative defense,and we first introduce the overview,classification,and threat assessment process of blockchain security threats.Then,we investigate the research status of single-node defense technology and multi-node collaborative defense technology and summarize the blockchain security evaluation indicators and evaluation methods.Finally,we discuss the challenges of blockchain security and future research directions,such as parallel detection and federated learning.This paper aims to stimulate further research and discussion on blockchain security,providing more reliable security guarantees for the use and development of blockchain technology to face changing threats and challenges through continuous updating and improvement of defense technologies.

The Role of AI in Cyber Security: Safeguarding Digital Identity

This article signals the use of Artificial Intelligence (AI) in information security where its merits, downsides as well as unanticipated negative outcomes are noted. It considers AI based models that can strengthen or undermine infrastructural functions and organize the networks. In addition, the essay delves into AI’s role in Cyber security software development and the need for AI-resilient strategies that could anticipate and thwart AI-created vulnerabilities. The document also touched on the socioeconomic ramifications of the emergence of AI in Cyber security as well. Looking into AI and security literature, the report outlines benefits including made threat detection precision, extended security ops efficiency, and preventive security tasks. At the same time, it emphasizes the positive side of AI, but it also shows potential limitations such as data bias, lack of interpretability, ethical concerns, and security flaws. The work similarly focuses on the characterized of misuse and sophisticated cyberattacks. The research suggests ways to diminish AI-generating maleficence which comprise ethical AI development, robust safety measures and constant audits and updates. With regard to the AI application in Cyber security, there are both pros and cons in terms of socio-economic issues, for example, job displacement, economic growth and the change in the required workforce skills.

AssessITS: Integrating Procedural Guidelines and Practical Evaluation Metrics for Organizational IT and Cybersecurity Risk Assessment

In today’s digitally driven landscape, robust Information Technology (IT) risk assessment practices are essential for safeguarding systems, digital communication, and data. This paper introduces “AssessITS,” an actionable method designed to provide organizations with comprehensive guidelines for conducting IT and cybersecurity risk assessments. Drawing extensively from NIST 800-30 Rev 1, COBIT 5, and ISO 31000, “AssessITS” bridges the gap between high-level theoretical standards and practical implementation challenges. The paper outlines a step-by-step methodology that organizations can simply adopt to systematically identify, analyze, and mitigate IT risks. By simplifying complex principles into actionable procedures, this framework equips practitioners with the tools needed to perform risk assessments independently, without too much reliance on external vendors. The guidelines are developed to be straightforward, integrating practical evaluation metrics that allow for the precise quantification of asset values, threat levels, vulnerabilities, and impacts on confidentiality, integrity, and availability. This approach ensures that the risk assessment process is not only comprehensive but also accessible, enabling decision-makers to implement effective risk mitigation strategies customized to their unique operational contexts. “AssessITS” aims to enable organizations to enhance their IT security strength through practical, actionable guidance based on internationally recognized standards.

Survey on Deep Learning Approaches for Detection of Email Security Threat

Emailing is among the cheapest and most easily accessible platforms,and covers every idea of the present century like banking,personal login database,academic information,invitation,marketing,advertisement,social engineering,model creation on cyber-based technologies,etc.The uncontrolled development and easy access to the internet are the reasons for the increased insecurity in email communication.Therefore,this review paper aims to investigate deep learning approaches for detecting the threats associated with e-mail security.This study compiles the literature related to the deep learning methodologies,which are applicable for providing safety in the field of cyber security of email in different organizations.Relevant data were extracted from different research depositories.The paper discusses various solutions for handling these threats.Different challenges and issues are also investigated for e-mail security threats including social engineering,malware,spam,and phishing in the existing solutions to identify the core current problem and set the road for future studies.The review analysis showed that communication media is the common platform for attackers to conduct fraudulent activities via spoofed e-mails and fake websites and this research has combined the merit and demerits of the deep learning approaches adaption in email security threat by the usage of models and technologies.The study highlighted the contrasts of deep learning approaches in detecting email security threats.This review study has set criteria to include studies that deal with at least one of the six machine models in cyber security.

Security and Privacy Concerns over IoT Devices Attacks in Smart Cities (2022)

Due to the long-term goal of bringing about significant changes in the quality of services supplied to smart city residents and urban environments and life, the development and deployment of ICT in city infrastructure has spurred interest in smart cities. Applications for smart cities can gather private data in a variety of fields. Different sectors such as healthcare, smart parking, transportation, traffic systems, public safety, smart agriculture, and other sectors can control real-life physical objects and deliver intelligent and smart information to citizens who are the users. However, this smart ICT integration brings about numerous concerns and issues with security and privacy for both smart city citizens and the environments they are built in. The main uses of smart cities are examined in this journal article, along with the security needs for IoT systems supporting them and the identified important privacy and security issues in the smart city application architecture. Following the identification of several security flaws and privacy concerns in the context of smart cities, it then highlights some security and privacy solutions for developing secure smart city systems and presents research opportunities that still need to be considered for performance improvement in the future.

DL-Powered Anomaly Identification System for Enhanced IoT Data Security

In many commercial and public sectors,the Internet of Things(IoT)is deeply embedded.Cyber security threats aimed at compromising the security,reliability,or accessibility of data are a serious concern for the IoT.Due to the collection of data from several IoT devices,the IoT presents unique challenges for detecting anomalous behavior.It is the responsibility of an Intrusion Detection System(IDS)to ensure the security of a network by reporting any suspicious activity.By identifying failed and successful attacks,IDS provides a more comprehensive security capability.A reliable and efficient anomaly detection system is essential for IoT-driven decision-making.Using deep learning-based anomaly detection,this study proposes an IoT anomaly detection system capable of identifying relevant characteristics in a controlled environment.These factors are used by the classifier to improve its ability to identify fraudulent IoT data.For efficient outlier detection,the author proposed a Convolutional Neural Network(CNN)with Long Short Term Memory(LSTM)based Attention Mechanism(ACNN-LSTM).As part of the ACNN-LSTM model,CNN units are deployed with an attention mechanism to avoid memory loss and gradient dispersion.Using the N-BaIoT and IoT-23 datasets,the model is verified.According to the N-BaIoT dataset,the overall accuracy is 99%,and precision,recall,and F1-score are also 0.99.In addition,the IoT-23 dataset shows a commendable accuracy of 99%.In terms of accuracy and recall,it scored 0.99,while the F1-score was 0.98.The LSTM model with attention achieved an accuracy of 95%,while the CNN model achieved an accuracy of 88%.According to the loss graph,attention-based models had lower loss values,indicating that they were more effective at detecting anomalies.In both the N-BaIoT and IoT-23 datasets,the receiver operating characteristic and area under the curve(ROC-AUC)graphs demonstrated exceptional accuracy of 99%to 100%for the Attention-based CNN and LSTM models.This indicates that these models are capable of making precise predictions.

A Review of Hybrid Cyber Threats Modelling and Detection Using Artificial Intelligence in IIoT

The Industrial Internet of Things(IIoT)has brought numerous benefits,such as improved efficiency,smart analytics,and increased automation.However,it also exposes connected devices,users,applications,and data generated to cyber security threats that need to be addressed.This work investigates hybrid cyber threats(HCTs),which are now working on an entirely new level with the increasingly adopted IIoT.This work focuses on emerging methods to model,detect,and defend against hybrid cyber attacks using machine learning(ML)techniques.Specifically,a novel ML-based HCT modelling and analysis framework was proposed,in which L1 regularisation and Random Forest were used to cluster features and analyse the importance and impact of each feature in both individual threats and HCTs.A grey relation analysis-based model was employed to construct the correlation between IIoT components and different threats.

Analyzing Security Threats to Virtual Machines Monitor in Cloud Computing Environment

The data and applications in cloud computing reside in cyberspace, that allowing to users access data through any connection device, when you need to transfer information over the cloud, you will lose control of it. There are multi types of security challenge must be understood and countermeasures. One of the major security challenges is resources of the cloud computing infrastructures are provided as services over the Internet, and entire data in the cloud computing are reside over network resources, that enables the data to be access through VMs. In this work, we describe security techniques for securing a VCCI, VMMs such as Encryption and Key Management (EKM), Access Control Mechanisms (ACMs), Virtual Trusted Platform Module (vTPM), Virtual Firewall (VF), and Trusted Virtual Domains (TVDs). In this paper we focus on security of virtual resources in Virtualized Cloud Computing Infrastructure (VCCI), Virtual Machine Monitor (VMM) by describing types of attacks on VCCI, and vulnerabilities of VMMs and we describe the techniques for securing a VCCI.

The Struggle for Atlantic Maritime Security and Safety:Lessons From Africa’s Maritime Security Governance

The enormous economic potentials of the blue/ocean economy have made the maritime domain increasingly susceptible to transnational organized crime and a theater for great power competition,particularly in the Atlantic maritime domain.The maritime security threats are more prevalent in the Atlantic African maritime domain than in other continents.These threats are becoming increasingly detrimental to the African security,safety,and human security,particularly in the coastal countries of the Atlantic Africa.Despite its increasing susceptibility to maritime security threats including great powers competition and the presence of non-Atlantic great powers more than in other maritime domains in Africa,the coastal countries of the Atlantic Sub-Saharan Africa(SSA)have managed to forge strategic inter-regional maritime security partnership that has relatively improved maritime security and safety in the region.There is a growing interest in forging inter-continental partnership of the coastal Atlantic states to collectively respond and address the shared maritime security threats in the entire Atlantic maritime domain.Yet,the way such a complex multilateral partnership would be structured and operationalized has not been worked out.This article assesses the economic potentials,susceptibility to maritime security threats,and level of response to maritime security threats by the coastal countries of the Atlantic SSA with the aim of identifying some lessons that could be relevant for forging the Atlantic inter-continental maritime security partnership.Some of these lessons include genuine partnership that is based on sovereign equality and inter-dependence,a code of conduct,cooperation,and coordination framework,and shared common value system of democratic governance.

The Overview of Database Security Threats’ Solutions: Traditional and Machine Learning

As an information-rich collective, there are always some people who choose to take risks for some ulterior purpose and others are committed to finding ways to deal with database security threats. The purpose of database security research is to prevent the database from being illegally used or destroyed. This paper introduces the main literature in the field of database security research in recent years. First of all, we classify these papers, the classification criteria are the influencing factors of database security. Compared with the traditional and machine learning (ML) methods, some explanations of concepts are interspersed to make these methods easier to understand. Secondly, we find that the related research has achieved some gratifying results, but there are also some shortcomings, such as weak generalization, deviation from reality. Then, possible future work in this research is proposed. Finally, we summarize the main contribution.

On Development of Platform for Organization Security Threat Analytics and Management (POSTAM) Using Rule-Based Approach

The integration of organisation’s information security policy into threat modeling enhances effectiveness of security strategies for information security management. These security policies are the ones which define the sets of security issues, controls and organisation’s commitment for seamless integration with knowledge based platforms in order to protect critical assets and data. Such platforms are needed to evaluate and share violations which can create security loop-hole. The lack of rules-based approaches for discovering potential threats at organisation’s context, poses a challenge for many organisations in safeguarding their critical assets. To address the challenge, this paper introduces a Platform for Organisation Security Threat Analytic and Management (POSTAM) using rule-based approach. The platform enhances strategies for combating information security threats and thus improves organisations’ commitment in protecting their critical assets. R scripting language for data visualization and java-based scripts were used to develop a prototype to run on web protocol. MySQL database management system was used as back-end for data storage during threat analytic processes.

IWTW:A Framework for IoWT Cyber Threat Analysis

The Internet of Wearable Things(IoWT)or Wearable Internet of Things(WIoT)is a new paradigm that combines IoT and wearable technology.Advances in IoT technology have enabled the miniaturization of sensors embedded in wearable devices and the ability to communicate data and access real-time information over low-power mobile networks.IoWT devices are highly interdependent with mobile devices.However,due to their limited processing power and bandwidth,IoWT devices are vulnerable to cyberattacks due to their low level of security.Threat modeling and frameworks for analyzing cyber threats against existing IoT or low-power protocols have been actively researched.The threat analysis framework used in existing studies was limited to specific protocols and did not target IoWT devices.In addition,In the literature surveyed to date,no cyber threat analysis framework is targeting IoWT.Therefore,the threat model presented in the existing research on cyber threat analysis and modeling for IoWT is specialized for specific devices.In addition,because it does not present standardized attack tactics and techniques,there is a limitation in that it is difficult to identify attacks quickly.In this paper,we propose an Internet of Wearable Things threat analysis frameWork(IWTW)framework that can derive security threats through systematic analysis of IoWT attack cases and possible security threats and perform cyber threat analysis based on them.The methodology for developing the IWTW framework consists of three steps:Analysis,Standardization,and Compilation.IoWT attack cases and potential security threats are analyzed in the analysis stage.In the standardization stage,attack tactics and techniques derived from the analysis of attack cases and potential security threats are standardized,resulting in 3 attack categories,18 attack tactics,and 68 attack techniques.In the compilation stage,standardized security threats are combined to develop the IWTW framework ultimately.We present four case studies targeting MiBand 2,Fitbit Charge HR/Surge,Samsung Gear 3,Xiaomi Amazifit,Honor Band 5,Honor Watch ES,and Senbono CF-58 devices to validate the proposed IWTW framework.We analyzed the attack process through a case study and applied the IWTW framework to derive standardized attack categories,tactics,and techniques effectively.By applying the IWTW framework to cyber threat analysis targeting IoWT,security threats can be standardized,and the attack process can be quickly derived,enabling effective attack analysis on IoWT.

A Comprehensive Survey on Advanced Persistent Threat (APT) Detection Techniques

The increase in number of people using the Internet leads to increased cyberattack opportunities.Advanced Persistent Threats,or APTs,are among the most dangerous targeted cyberattacks.APT attacks utilize various advanced tools and techniques for attacking targets with specific goals.Even countries with advanced technologies,like the US,Russia,the UK,and India,are susceptible to this targeted attack.APT is a sophisticated attack that involves multiple stages and specific strategies.Besides,TTP(Tools,Techniques,and Procedures)involved in the APT attack are commonly new and developed by an attacker to evade the security system.However,APTs are generally implemented in multiple stages.If one of the stages is detected,we may apply a defense mechanism for subsequent stages,leading to the entire APT attack failure.The detection at the early stage of APT and the prediction of the next step in the APT kill chain are ongoing challenges.This survey paper will provide knowledge about APT attacks and their essential steps.This follows the case study of known APT attacks,which will give clear information about the APT attack process—in later sections,highlighting the various detection methods defined by different researchers along with the limitations of the work.Data used in this article comes from the various annual reports published by security experts and blogs and information released by the enterprise networks targeted by the attack.

Security-State Adjustable Gateway with Threat-Based Configuration

This paper proposes a configurable secure gateway architecture which allows the system administrators to dynamically configure the security mechanisms upon deployment or during the run-time. Rather than allowing the system administrators to turn on or off individual security mechanisms, the proposed architecture allows the administrators to configure the gateway based on the security threats to be overcome. The current common architecture leads to tremendous administration overhead and increases the chance of misconfiguration vulnerability. We propose a novel software architecture to aid the product designers to avoid the misconfiguration vulnerability and the end-users to ease the administration overhead. The software architecture makes use of the threats to the gateways and the occurrence relation between the threats to configure the security software components on the gateways. With the software architecture, the end-users can focus on determining the desired security features rather than the software configuration. Moreover, the architecture allows the product designers or security service to incrementally revise the software configuration when new threats appear.

Wireless Application Protocol for Potential Threats to Mobile Agent Network Security

The wireless application protocol （WAP） protocol is now the leading standard for information services on wireless terminals like digital mobile phones. By the use of WAP, wireless devices, like mobile phones, are possibly infected with virus and worms. Though up to now there is no such attack, as the usage of script languages increases, there is a chance of malicious code injection. This paper discusses the threats with current WAP protocol, and how changes in the protocol and the increase in its usage will enable entry of real viruses. Future threat scenarios are presented along with suggestions to avoid these problems.