The world is currently experiencing COVID-19, one of the worst pandemics that have happened in this century, affecting 10.7 million people worldwide. It has caused massive growth in the number of employees working from home. However, employees have minimal cybersecurity resources unlike organizations with security teams protecting them against attacks. Hence, cybersecurity plays an important role as users can be easily targeted by cybercriminals. This paper examines how cyberattacks have increased during this pandemic and shows how greatly they have affected health organizations, individuals and social networking applications. Results of the attacks include data breaches, false announcements and operations being disrupted. Attacks occurring during this pandemic and how they were handled are also critically discussed. The existing contributions do touch on related attacks but do not provide in-depth solutions regarding the issues. Even though there are many works and findings that were done previously, technology is ever evolving. Therefore, we need to be well versed with current and future issues and provide the latest mechanisms to prevent cybersecurity threats from occurring. On our share, we intend to present our findings on the challenges being faced by the population and its increasing threats as well as presenting unique solutions that can help organizations or related persons understand or spread awareness on the importance of cybersecurity. Through the research performed in this paper, it is found that there are many ways these issues can be alleviated. However, the issue is that there is significant lack of action and investment in terms of actual implementation and application of the available solutions.

Privacy and information insurance have consistently been a priority for the European Union lawmaker. This paper presents whether the NIS prevails in its underlying endeavors to remain the congruity among residents and companies. It distinguishes current difficulties that specific business structures may experience while conforming to the Regulation. The exploration traces certain reasons which could impede the opportune reception of the new lawful ideas inside the system of the organizations. The exploration incorporates what is unique about the NIS; how it overlaps with existing frameworks; and how security requirements in the GDPR influence the NIS Directive. This paper furnishes different point of views of experts with the aim of setting up an entire examination

The ignorance of or lack of knowledge about cybersecurity aspects causes a critical problem regarding confidentiality and privacy. This security problem will continue to exist even if the user possesses less expertise in information security. The modern IT technologies are well developed, and almost everyone uses the features of IT technologies and services within the Internet. However, people are being affected due to cybersecurity threats. People can adhere to the recommended cybersecurity guidelines, rules, adopted standards, and cybercrime preventive measures. However, it is not possible to entirely avoid cybercrimes. Cybercrimes often lead to sufficient business losses and spread forbidden themes (hatred, terrorism, child porn, etc.). Therefore, to reduce the risk of cybercrimes, a web-based Blockchain-enabled cybersecurity awareness program (WBCA) process is introduced in this paper. The proposed web-based cybersecurity awareness program trains users to improve their security skills. The proposed program helps with understanding the common behaviors of cybercriminals and improves user knowledge of cybersecurity hygiene, best cybersecurity practices, modern cybersecurity vulnerabilities, and trends. Furthermore, the proposed WBCA uses the Blockchain technology to protect the model from the potential threats. The proposed model is validated and tested using real-world cybersecurity topics with real users and cybersecurity experts. We anticipate that the proposed program can be extended to other domains, such as national or corporate courses, to increase the cybersecurity awareness level of users.

Intelligent Transportation Systems (ITS) are emerging field characterized by complex data model, dynamics and strict time requirements. Ensuring cybersecurity in ITS is a complex task on which the safety and efficiency of transportation depends. The imposition of standards for a comprehensive architecture, as well as specific security standards, is one of the key steps in the evolution of ITS. The article examines the general outlines of the ITS architecture and security issues. The main focus of security approaches is: configuration and initialization of the devices during manufacturing at perception layer; anonymous authentication of nodes in VANET at network layer; defense of fog-based structures at support layer and description and standardization of the complex model of data and metadata and defense of systems, based on AI at application layer. The article oversees some conventional methods as network segmentation and cryptography that should be adapted in order to be applied in ITS cybersecurity. The focus is on innovative approaches that have been trying to find their place in ITS security strategies recently. The list of innovative approaches includes blockchain, bloom filter, fog computing, artificial intelligence, game theory, and ontologies. In conclusion, a correspondence is made between the commented methods, the problems they solve and the architectural layers in which they are applied.

Cybercrimes are becoming a bigger menace to both people and corporations. It poses a serious challenge to the modern digital world. According to a press release from 2019 Cisco and Cybersecurity Ventures, Cisco stopped seven trillion threats in 2018, or 20 billion threats every day, on behalf of its clients. According to Cybersecurity Ventures, the global cost of cybercrime will reach $6 trillion annually by 2021, which is significantly more than the annual damage caused by all natural disasters and more profitable than the global trade in all major illegal narcotics put together. Botnets are the most common and have a significant negative impact on any civilization among malware programmes. As a result, this study will explore various P2P botnet detection algorithms by outlining their essential characteristics, advantages and disadvantages, obstacles, and future research.

Blockchain technology has become one of the most popular technologies for maintaining digital transactions. From the foundation of Bitcoin to the now predominant smart contract, blockchain technology promises to induce a shift in thought about digital transactions in many fields, such as energy, healthcare, Internet of Things, cybersecurity, financial services and the supply chain. Despite blockchain technology offers many cryptography advantages such as immutability, digital signature and hashing; it has suffered from several critical cybersecurity threats and vulnerabilities. In this paper, we build upon the previous studies on vulnerabilities and investigates over 60 real cybersecurity incidents that have been happening on the blockchain networks between 2009 and 2019. We categorise those incidents against the key cybersecurity vulnerabilities in blockchain technologies; and have developed a taxonomy that captures five types of cybersecurity threats and vulnerabilities based on five main players in blockchain. The outcome of this research prompted concerns and research direction in developing countermeasures to alleviate these risks.

Deep learning (DL), which is originated from an artificial neural network (ANN), is one of the major technologies of today's smart cybersecurity systems or policies to function in an intelligent manner. Popular deep learning techniques, such as Multi-layer Perceptron (MLP), Convolutional Neural Network (CNN or ConvNet), Recurrent Neural Network (RNN) or Long Short-Term Memory (LSTM), Self-organizing Map (SOM), Auto-Encoder (AE), Restricted Boltzmann Machine (RBM), Deep Belief Networks (DBN), Generative Adversarial Network (GAN), Deep Transfer Learning (DTL or Deep TL), Deep Reinforcement Learning (DRL or Deep RL), or their ensembles and hybrid approaches can be used to intelligently tackle the diverse cybersecurity issues. In this paper, we aim to present a comprehensive overview from the perspective of these neural networks and deep learning techniques according to today's diverse needs. We also discuss the applicability of these techniques in various cybersecurity tasks such as intrusion detection, identification of malware or botnets, phishing, predicting cyber-attacks, e.g. denial of service (DoS), fraud detection or cyber-anomalies, etc. Finally, we highlight several research issues and future directions within the scope of our study in the field. Overall, the ultimate goal of this paper is to serve as a reference point and guidelines for the academia and professionals in the cyber industries, especially from the deep learning point of view.

Cyber-threat is now a global concern to all internet users, as the rate of crimes has tremendously changed from physical to virtual. Implementing awareness programs at various organization levels is required, Also there is a need to know the methodologies used in measuring cybersecurity awareness program effectiveness. The paper aims to review and explore the previous methodologies applied, target organizations, and application of Machine Learning techniques in the assessment of awareness programs. Systematic literature review techniques were used to conduct the search using pre-defined keywords and published papers from 2006 to 2019, the information was used in providing an answer to the research questions. The finding shows questionnaire was widely used as a method of evaluating cybersecurity awareness and also organizations implement more awareness programs, the gap found is the lack of using ML in assessing the effectiveness of design, and implemented cybersecurity awareness programs

The emergence of blockchain know-how currently presents the opportunity for the health sector to adopt such technologies in electronic health records. Blockchain assists in maintaining and sharing the relevant medical records of the patient with the relevant group of healthcare providers and the hospital. Numerous specific applications include traceability of drug and patient monitoring or Electronic Health Records (EHR). While Blockchain assists in maintaining and sharing the relevant medical records of the patient with the relevant group of healthcare providers and the hospital, it is important to note that the moral consciousness of the healthcare professionals is the main guide of the moral consciousness is ethics. This paper presents an overview of the application of blockchain in the healthcare and medical sector, highlighting the specific challenges and concerns. The study adopted a systematic review of secondary literature in answering the research question.

Smartphones are prone to SMS phishing due to the rapid growth in the availability of smart mobile technologies driven by Internet connections. Also, detecting phishing SMS is a challenging task due to the unstructured nature of SMS text data with non-linear complex correlations. In this concern, considering the recent advancements in the domain of cybersecurity, we have proposed a hybrid deep learning framework that extracts robust features from SMS texts followed by an automatic detection of Phishing SMS. Due to combining the potential capability of individual models into one hybrid framework, it has outperformed various other individual machine learning and deep learning models. The proposed Phishing Detection framework is an effective hybrid combination of pretrained transformer model, MPNet (Masked and Permuted Language Modeling), with supervised ConvNets (CNN) and Bi-directional Gated Recurrent Units (GRU). It is intended to successfully detect unstructured short phishing text messages that contain complex patterns.

Security in IoT systems is extremely important, as an intrusion into an IoT device or network can affect not only our domestic lives, but also industrial assets, with the potential to cause enormous damage. We discuss IoT security issues as defined by the OWASP Foundation, focusing on network related aspects. After a brief description of SDN in general and OpenFlow in particular, we discuss how SDN technologies can greatly help in designing and deploying more secure IoT networks by enhancing the cryptographic capabilities of devices, isolating devices or networks, blocking access to unwanted services, redirecting traffic to deep inspection systems, monitoring packet flows and devices, etc. These capabilities can be implemented using open-source OpenFlow controllers such as Faucet.

Several disruptive attacks against companies in the maritime industry have led experts to consider the increased risk imposed by cyber threats as a major obstacle to undergoing digitization. The industry is heading toward increased automation and connectivity, leading to reduced human involvement in the different navigational functions and increased reliance on sensor data and software for more autonomous modes of operations. To meet the objectives of increased automation under the threat of cyber attacks, the different software modules that are expected to be involved in different navigational functions need to be prepared to detect such attacks utilizing suitable detection techniques. Therefore, we propose a systematic approach for analyzing the navigational NMEA messages carrying the data of the different sensors, their possible anomalies, malicious causes of such anomalies as well as the appropriate detection algorithms. The proposed approach is evaluated through two use cases, traditional Integrated Navigation System (INS) and Autonomous Passenger Ship (APS). The results reflect the utility of specification and frequency-based detection in detecting the identified anomalies with high confidence. Also, the analysis is found to facilitate the communication of threats through indicating the possible impact of the identified anomalies against the navigational operations. Moreover, we have developed a testing environment that facilitates conducting the analysis. The environment includes a developed tool, NMEA−Manipulator that enables the invocation of the identified anomalies through a group of cyber attacks on sensor data. Our work paves the way for future work in the analysis of NMEA anomalies toward the development of an NMEA intrusion detection system.

The Chat Generative Pre-training Transformer (GPT), also known as ChatGPT, is a powerful generative AI model that can simulate human-like dialogues across a variety of domains. However, this popularity has attracted the attention of malicious actors who exploit ChatGPT to launch cyberattacks. This paper examines the tactics that adversaries use to leverage ChatGPT in a variety of cyberattacks. Attackers pose as regular users and manipulate ChatGPT’s vulnerability to malicious interactions, particularly in the context of cyber assault. The paper presents illustrative examples of cyberattacks that are possible with ChatGPT and discusses the realm of ChatGPT-fueled cybersecurity threats. The paper also investigates the extent of user awareness of the relationship between ChatGPT and cyberattacks. A survey of 253 participants was conducted, and their responses were measured on a three-point Likert scale. The results provide a comprehensive understanding of how ChatGPT can be used to improve business processes and identify areas for improvement. Over 80% of the participants agreed that cyber criminals use ChatGPT for malicious purposes. This finding underscores the importance of improving the security of this novel model. Organizations must take steps to protect their computational infrastructure. This analysis also highlights opportunities for streamlining processes, improving service quality, and increasing efficiency. Finally, the paper provides recommendations for using ChatGPT in a secure manner, outlining ways to mitigate potential cyberattacks and strengthen defenses against adversaries.

The potential of digital twin technology is yet to be fully realised due to its diversity and untapped potential. Digital twins enable systems’ analysis, design, optimisation, and evolution to be performed digitally or in conjunction with a cyber-physical approach to improve speed, accuracy, and efficiency over traditional engineering methods. Industry 4.0, factories of the future, and digital twins continue to benefit from the technology and provide enhanced efficiency within existing systems. Due to the lack of information and security standards associated with the transition to cyber digitisation, cybercriminals have been able to take advantage of the situation. Access to a digital twin of a product or service is equivalent to threatening the entire collection. There is a robust interaction between digital twins and artificial intelligence tools, which leads to strong interaction between these technologies, so it can be used to improve the cybersecurity of these digital platforms based on their integration with these technologies. This study aims to investigate the role of artificial intelligence in providing cybersecurity for digital twin versions of various industries, as well as the risks associated with these versions. In addition, this research serves as a road map for researchers and others interested in cybersecurity and digital security.

Cybersecurity plays a relevant role in the new digital age in aerospace industry. Predictive algorithms are necessary to interconnect complex systems within the cyberspace. In this context, where security protocols do not apply, challenges to maintain data privacy and security arise for the organizations. Thus, the need of cybersecurity is required. The four main categories to classify threats are interruption, fabrication, modification and interception. They all share a common thing, soften the three pillars which cybersecurity needs to guarantee. These pillars are confidentiality, availability and integrity of data (CIA). Data injection can contribute to this event by creation of false indicators which can lead to errors creation during the manufacturing engineering process. In this paper, the impact of data injection on existing dataset used on manufacturing process is shown. The design model synchronizes the following mechanisms developed within machine learning techniques which are, the risk matrix indicator to assess the probability of producing an error, the dendrogram to clusters the dataset in groups with similarities, the logistic regression to predict the potential outcomes and the confusion matrix to analyze the performance of the algorithm. The results presented in this study, which was carried out using a real dataset related to the electrical harnesses installed in a C295 military aircraft, estimate that injection of false data indicators increase the probability of errors creation in 24.22 % on the predicted outcomes required for the generation of the manufacturing process. Overall, implementing cybersecurity measures and advanced methodologies to detect and prevent cyberattacks are necessary.

This article delves deeply into digital forensics, covering computer forensics, network 1 forensics, and mobile device forensics. It analyzes the techniques and methodologies used by forensic 2 investigators in various disciplines. It underlines the diffculties investigators encounter and the 3 importance of thorough investigations to combat ever-increasing cyber risks. The paper emphasizes 4 the necessity of leveraging digital forensic tools to improve cybersecurity and provides a thorough 5 list of widely used Python libraries suitable for each investigation strategy, allowing for effective 6 comparison. Furthermore, it emphasizes the availability and suitability of these Python libraries in 7 computer device investigations (PyTSK3, Volatility, Pyregf, and Pyevtx), mobile device investigations 8 (Pytsk3, Volatility, Pyewf, dfVFS, Androguard, and pyMobileDevice), and network forensics (Scapy, 9 Bro/Zeek, Dpkt, pypcap, and NetworkX). The creation of these libraries recognizes the complexities 10 of digital crimes and the importance of applying modern techniques in forensic investigations. 11 Particularly, digital forensics plays an important role for healthcare providers because modern 12 medical devices produce, store, and transmit large amounts of patient and therapy information, 13 which could provide a forensic investigator with a treasure trove of potential digital evidence.

The growth in the Internet of Things (IoT) devices in the healthcare sector enables the new era of the Internet of Medical Things (IoMT). However, IoT devices are susceptible to diverse cybersecurity attacks and threats that lead to negative consequences. Cyberattacks can harm not just the IoMT devices being used but also human life. Currently, several security solutions are proposed to enhance the security of the IoMT, which uses machine learning (ML) and blockchain. ML can be used to develop detection and classification methods to identify cyberattacks targeting IoMT devices in the healthcare sector. In addition, blockchain technology enables a decentralized approach to the healthcare system and eliminates some disadvantages of a centralized system, such as a single point of failure. This paper proposes a resilient security framework integrating a Tri-layered Neural Network (TNN) and blockchain technology in the healthcare domain. The TNN detects anomalies in data measured by medical sensors to find fraudulent data. Therefore, cyberattacks are detected and discarded from the IoMT system before data is processed at the fog layer. In addition, a blockchain network is used in the fog layer to ensure that the data is not altered, boosting the integrity and privacy of the medical data. The experimental results show that the TNN and blockchain models produce the expected result. Furthermore, the accuracy of the TNN model reached 99.99% on the F1-score accuracy metric.

Background: The outbreak of the Covid-19 pandemic has significantly affected the operations of higher education institutions. Due to the limited use of video conferencing and cloud computing in these facilities, distance learning became the only option available to them. Objective: The study focused on identifying the most common types of attacks that can affect e-learning assets. Results: There was a lack of clear cybersecurity policies for educational institutes and universities in 2020, according to a report by Microsoft Security Intelligence. The report showed that the education industry was the most targeted sector for malware attacks in the last 30 days. Conclusion: The recommendations for improving the security of e-learning systems. Some of these include implementing policies that restrict access to the resources and applications, updating security patches, and using cryptographic protocols.

Cyber security has recently received enormous attention in today’s security concerns, due to the popularity of the Internet-of-Things (IoT), the tremendous growth of computer networks, and the huge number of relevant applications. Thus, detecting various cyber-attacks or anomalies in a network and building an effective intrusion detection system that performs an essential role in today’s security is becoming more important. Artificial intelligence, particularly machine learning techniques, can be used for building such a data-driven intelligent intrusion detection system. In order to achieve this goal, in this paper, we present an Intrusion Detection Tree (“IntruDTree”) machine-learning-based security model that first takes into account the ranking of security features according to their importance and then build a tree-based generalized intrusion detection model based on the selected important features. This model is not only effective in terms of prediction accuracy for unseen test cases but also minimizes the computational complexity of the model by reducing the feature dimensions. Finally, the effectiveness of our IntruDTree model was examined by conducting experiments on cybersecurity datasets and computing the precision, recall, fscore, accuracy, and ROC values to evaluate. We also compare the outcome results of IntruDTree model with several traditional popular machine learning methods such as the naive Bayes classifier, logistic regression, support vector machines, and k-nearest neighbor, to analyze the effectiveness of the resulting security model.

The proliferation of ransomware poses a significant threat to global cybersecurity. This study presents a comprehensive review of the methodologies employed in the detection and analysis of ransomware, emphasizing the dichotomy between static and dynamic analysis approaches. It introduces the historical context and the necessity for robust cybersecurity measures, followed by an outline of the methodological framework used to evaluate existing ransomware analysis techniques. The results detail the effectiveness and limitations of various analysis strategies, identifying key features and patterns that aid in the detection and classification of ransomware threats. The study concludes by summarizing the primary achievements, including the identification of gaps in current research and proposing future research directions aimed at enhancing ransomware detection and mitigation strategies. The synthesis provided in this survey offers a consolidated view of the state-of-the-art in ransomware threat analysis and serves as a resource for cybersecurity professionals and researchers.

As Cybercrimes continue to rise, researchers and industry players have continued to work hard to come up with solutions that could reduce and possibly eradicate these criminalities. This research has been able to discover the major factor that usually causes people to fall prey to these cyber criminals. This was why a school of thought came up with the Zero Trust Access model to strengthen the network framework. While previous network assets relied on the "trust but verify" philosophy, this technology's primary tenet is "never trust, always verify," which applies to every user and device connected to the network. This study interrogated the existing network models of the Integrative Trust Model (ITM) and Zero Trust Access (ZTA) in addition to the trust model (TA) to understand their concepts, implementation needs, strengths, and shortcomings. This made it possible for the study to establish the position of the ZTA model in repositioning the network security architectures vis-a-vis protecting the users

significant security threats to Ransomware attacks provide serious security hazards to personal and corporate data and information. The owners of computer-based resources suffer serious verification and privacy violations, monetary losses, and reputational damage due to a successful ransomware assault. As a result, it is reported critically, accurately, and swiftly identifying ransomware. Numerous methods have been proposed for ransomware, each with pros and cons. The main objective of this study is to discuss current trends and potential future debates on automated ransomware detection. The document includes an overview of ransomware, a timeline of assaults, and details on their background. It also provides a comprehensive study of existing methods for identifying, avoiding, minimizing, and recovering from ransomware. An analysis of studies between 2017 and 2022 is another advantage of the study. This provides readers with up-to-date knowledge of the most recent developments in ransomware detection. It also highlights advancements in methods for combating ransomware attacks. In conclusion, this study highlights unanswered concerns and potential research challenges in ransomware detection.

The world is attesting a tremendous change today which is remarkably coined as industry 4.0. Several terminologies have developed as a result of the emergency of industry 4.0, notably is cybersecurity which entails the security of communication and network operations activities either on or offline and the measures taken to achieve such security. The most common form of communication by organizations and Business today is the electronic mails (Email), although email is a valuable tool, it also creates security challenges when not properly managed. There is a growing adoption of email as official form of communication in many organizations with majority of users on mobile android devices due to the popularity of the android operating systems and the proliferation of mobile devices. Banks, health care, educational institutions and many other service providers are communicating to their clients through email where sensitive and confidential information are shared. One major threat to email communication is lack of confidentiality for emails accessed via android mobile devices due to weaknesses of android operating system (OS) platform that presents possibilities to penetrate by hackers and android email client since it accepts a onetime login and password authentication which is only required again if the email account is deleted from the android mobile device. In this study, an algorithm was designed and implemented on an android application that allows an email sender to compose an email and set the time the email will stay in the receiver inbox before it automatically wipes off. Primary data was collected from email users using tightly structured questionnaires and respondents comprised of those with email technical background and those that are typical email users inorder to get their opinion on the lack of confidentiality on the android mobile email client, while secondary data from scholarly journals and articles informed the study design. The designed algorithm was tested and evaluated through expert opinion. The result of the study indicates that the designed algorithm addresses the confidentiality issues and threats on android email clients.

Machine learning has become widely adopted as a strategy for dealing with a variety of cybersecurity issues, ranging from insider threat detection to intrusion and malware detection. However, by their very nature, machine learning systems can introduce vulnerabilities to a security defence whereby a learnt model is unaware of so-called adversarial examples that may intentionally result in mis-classification and therefore bypass a system. Adversarial machine learning has been a research topic for over a decade and is now an accepted but open problem. Much of the early research on adversarial examples has addressed issues related to computer vision, yet as machine learning continues to be adopted in other domains, then likewise it is important to assess the potential vulnerabilities that may occur. A key part of transferring to new domains relates to functionality-preservation, such that any crafted attack can still execute the original intended functionality when inspected by a human and/or a machine. In this literature survey, our main objective is to address the domain of adversarial machine learning attacks and examine the robustness of machine learning models in the cybersecurity and intrusion detection domains. We identify the key trends in current work observed in the literature, and explore how these relate to the research challenges that remain open for future works. Inclusion criteria were: articles related to functionality-preservation in adversarial machine learning for cybersecurity or intrusion detection with insight into robust classification. Generally, we excluded works that are not yet peer-reviewed; however, the authors include some significant papers that make a clear contribution to the domain. There is a risk of subjective bias in the selection of non-peer reviewed articles; however, this is mitigated by co-author review. We selected the following databases with a sizeable computer science element to search and retrieve literature: IEEE Xplore, ACM Digital Library, ScienceDirect, Scopus, SpringerLink,Google Scholar. The literature search was conducted upto January 2022. We have striven to ensure a comprehensive coverage of the domain to the best of our knowledge. We have performed systematic searches of the literature, noting our search terms and results, and following up on all materials that appear relevant and fit within the topic domains of this review. This research was funded by the Partnership PhD scheme at the University of the West of England in collaboration with Techmodal Ltd.

The specific demands inherent to supply chains built upon large IoT systems, make a must the design of a coordinated framework for cyber resilience provisioning intended to guaranteeing trusted supply chains of ICT systems, built upon distributed, dynamic, potentially insecure and heterogeneous ICT infrastructures. As such, the proposed solution is envisioned to deal with the whole supply chain system components, from the IoT ecosystem to the infrastructure connecting them, addressing security and privacy functionalities related to risks and vulnerabilities management, accountability and mitigation strategies as well as security metrics and evidence-based security assurance. In this paper we present FISHY, as a preliminary designed architecture, designed to orchestrate both existing and beyond state-of-the-art security appliances in composed ICT scenarios and also leveraging capabilities of programmable network and IT infrastructure through seamless orchestration and instantiation of novel security services, both in real-time and proactively. The paper also includes a thorough business analysis to go far beyond the technical benefits of a potential FISHY adoption as well as three real-world use cases where to strongly support the envisioned benefits of a FISHY adoption.

This research looks into the evolving dynamics of ransomware, shifting from conventional encryption-based attacks to sophisticated data exfiltration strategies. Employing the Bidirectional Encoder Representations from Transformers (BERT) model, the study analyzes network traffic patterns to detect ransomware activities, offering new insights into their covert operations. The findings emphasize the need for advanced AI tools in cybersecurity, highlighting the significance of adapting and innovating defense strategies to counter the changing landscape of ransomware threats. The study contributes to a deeper understanding of ransomware evolution and underscores the importance of integrating AI in cybersecurity practices.

Nowadays, the Internet of Things (IoT) devices and applications have rapidly expanded worldwide due to their benefits in improving the business environment, industrial environment, and people's daily lives. However, the IoT devices are not immune to malicious network traffic, which causes potential negative consequences and sabotages IoT operating devices. Therefore, developing a method for screening network traffic is necessary to detect and classify malicious activity to mitigate its negative impacts. Therefore, this research proposes a predictive machine learning model to detect and classify network activity in an IoT system. Specifically, our model distinguishes between normal and anomaly network activity. Furthermore, it classifies network traffic into five categories, normal, Mirai attack, denial of service (DoS) attack, Scan attack, and man-in-the-middle (MITM) attack. Five supervised learning models were implemented to characterize their performance in detecting and classifying network activities for IoT systems. This includes models shallow neural networks (SNN), decision trees (DT), bagging trees (BT), support vector machine (SVM), and k-nearest neighbor (kNN). The learning models were evaluated on a new and broad dataset for IoT attacks, the IoTID20 dataset. Besides, a deep feature engineering process was applied to the dataset to improve the accuracy of the learning models. Our experimental evaluation exhibited an accuracy of 100% recorded for the detection using all implemented models and an accuracy of 99.4%-99.9% recorded for the classification process.

Chatbots are increasingly used as tools for disseminating knowledge and information across various sectors of business, without the need for human intervention. With the continuous advancement of technology and the internet, the field of cybersecurity is also expanding, leading to the development of newer and more sophisticated systems to counter emerging threats. However, a fundamental question arises: how can one determine what to look for, where to acquire the necessary knowledge, and how to initiate this process? Recognizing the need for more effective tools in the market to educate individuals about online threats and self-protection, this paper aims to bridge the gap in the existing literature. The Artificial Intelligence-based Cybersecurity Chatbot (AICyberSec) has been developed to provide a versatile cybersecurity knowledge resource. This initiative is in response to the absence of a comprehensive solution in the market that effectively informs individuals about online threats and offers guidance on how to safeguard themselves. Furthermore, this chatbot serves as a valuable application for identifying potential hazards in cyberspace and can also function as an educational tool to facilitate the learning process.

This article discusses the use of game design as a method for interdisciplinary project-based teaching in secondary school education to convey informatics and society topics. There is a lot of knowledge about learning games but little background on project-based teaching using game design as a method. We present the results of an analysis of student-created games and an evaluation of a student-authored database on learning contents found in commercial off-the-shelf games. We further contextualise these findings using a group discussion with teachers. Results underline the effectiveness of project-based teaching to raise awareness for informatics and society topics. We further outline informatics and society topics that are particularly interesting to students, genre preferences and potentially engaging game mechanics stemming from our analyses.

Abstract: Botnets pose a grave cybersecurity threat, enabling widescale malicious activities through networks of compromised devices. Detecting botnets is challenging given their frequent use of evasion techniques like encryption. Traditional signature-based methods fail against modern botnets capable of zero-day attacks. This paper surveys recent advances applying machine learning for botnet detection based on analysis of network traffic payloads, flows, DNS data, and hybrid feature fusion. Core machine learning models include support vector machines, neural networks, random forests, and deep learning architectures, which extract patterns to separate benign and botnet behaviors automatically. Results demonstrate machine learning's capabilities in identifying heterogeneous botnets using artefacts in network streams. However, challenges remain around limited labeled data, real-time streaming, adversarial evasion, and model interpretability. Promising directions involve semi-supervised learning, adversarial training, scalable analytics, and explainable AI to address these gaps. Beyond the technical aspects, responsible development and deployment of botnet detection systems raise ethical considerations around privacy, transparency, and accountability. With diligent cross-disciplinary collaboration, machine learning promises enhanced, generalizable, and trustworthy techniques to combat the serious threat posed by continuously evolving botnets across the digital ecosystem.

The constant increase in volume and wide variety of available Internet of Things (IoT) devices leads to highly diverse software and hardware stacks, which opens new avenues for exploiting previously unknown vulnerabilities. The ensuing risks are amplified by the inherent IoT resource constraints both in terms of performance and energy expenditure. At the same time, IoT devices often times generate or collect sensitive, real-time data used in critical application scenarios (e.g. health monitoring, transportation, smart energy, etc.). All these factors combined make IoT networks a primary target and potential victims for malicious actors. In this paper, we present a brief overview of existing attacks and defense strategies against urban IoT networks. The goal of this work is twofold: First, it presents a summary of some of the common attack vectors and the corresponding solutions available in the research literature. Then, the paper lays out a theoretical plan and a corresponding pipeline of steps (i.e. development and implementation process) for the design and application of the solutions encountered throughout the course of the research efforts. The end goal of following this plan is the deployment of the proposed IoT security measures in a real-world urban IoT infrastructure.

Cyber defense is reactive and slow. On average, the time-to-remedy is hundreds of times larger than the time-to-compromise. In response to the expanding ever-more-complex threat landscape, Digital Twins (DTs) and particularly Human Digital Twins (HDTs) offer the capability of running massive simulations across multiple knowledge domains. Simulated results may offer insights into adversaries' behaviors and tactics, resulting in better proactive cyber-defense strategies. For the first time, this paper solidifies the vision of DTs and HDTs for cybersecurity via the Cybonto conceptual framework proposal. The paper also contributes the Cybonto ontology, formally documenting 108 constructs and thousands of cognitive-related paths based on 20 time-tested psychology theories. Finally, the paper applied 20 network centrality algorithms in analyzing the 108 constructs. The identified top 10 constructs call for extensions of current digital cognitive architectures in preparation for the DT future.

Although traditional automotive development has mainly focused on functional safety, as the number of automotive hacking cases has increased due to the growing Internet connectivity of automotive control systems, security is also becoming more important. Accordingly, various international organizations are preparing cybersecurity regulations or standards to ensure security in automotive development by emphasizing the concept of security-by-design(i.e. security engineering) which emphasizes trustworthiness from the beginning of development. The problem, however, is that no specific methodology has been suggested. In this paper, we propose a specific security-by-design methodology for automotive development based on Secure System Development Life Cycle (secure SDLC) standards and evidence-based standards. Our methodology could be easily used in the actual field as it is more general and detailed than existing secure SDLC standards and research. Also, since it satisfies all requirements of United Nations Economic Commission for Europe (UNECE) regulation, automobile manufacturers could respond to the upcoming cybersecurity regulation with our methodology.

The umbrella concept for the current efforts to digitize construction is known as Construction 4.0. One of its key concepts is cyber-physical systems. The construction industry is not only creating increasingly valuable digital assets (in addition to physical ones) but also the buildings and built infrastructures are increasingly monitored and controlled using digital technology. Both make construction a vulnerable target of cyber-attacks. While the damage to digital assets, such as designs and cost calculations, may result in economic damage, attacks on digitally-controlled physical assets may damage the well-being of occupants and, in worst-case scenarios, even damage (or death) to the users. The problem is amplified by the emerging cyber-physical nature of the systems, where the human checks may be left out. We propose that construction learns from the work done in the context of critical infrastructures (CI). First, a lot of CI is construction-related, and the process of designing and building it must be secured accordingly. Second, while most assets may not be critical in the CI sense, they are critical to the operations of a business and the lives of citizens. In the end, we recommend some steps so that well-established processes of critical infrastructure protection trickle down to make Construction 4.0 and the built environment more cyber-secure. With that in mind, we describe the possible inclusion of Construction 4.0 considerations into existing critical infrastructure protection (CIP) frameworks with minimum frictions. We also propose some suggestions regarding possible future courses of action to improve the increasingly vulnerable cyber-security environment of the built environment across all life cycle phases - design, construction, operation, maintenance, and end of life.

The keyless systems have replaced the old fashion methods of inserting physical keys in the keyhole to, i.e., unlock the door, because they are inconvenient and easy to be exploited by the threat actors. Keyless systems use the technology of radio frequency (RF) as an interface to transmit signals from the key fob to the vehicle. However, Keyless systems are susceptible to being compromised by a thread actor who intercepts the transmitted signal and performs a reply attack. In this paper, we propose a transfer learning-based model to identify the replay attacks launched against remote keyless controlled vehicles. Specifically, the system makes use of a pre-trained ResNet50 deep neural network to predict the wireless remote signals used to lock or unlock doors of a remote-controlled vehicle system remotely. The signals are finally classified into three classes: real signal, fake signal high gain, and fake signal low gain. We have trained our model with 100 epochs (3800 iterations) on a KeFRA 2022 dataset, a modern dataset. The model has recorded a final validation accuracy of 99.71% and a final validation loss of 0.29% at a low inferencing time of 50 ms for the model-based SGD solver. The experimental evaluation revealed the supremacy of the proposed model.

World Health Organization (WHO) has announced the monkeypox (MPX) epidemic a global public health emergency due to its re-emergence, remarkable increase in the number of MPX cases worldwide, and its potential spread. This paper introduces the symptoms, complications, and features of MPX; its transmission, diagnosis and testing, vaccines and treatment; MPX and sexually transmitted diseases, especially the human immunodeficiency virus (HIV); possible natural hosts or reservoirs of the monkeypox virus (MPXV). A useful tool for MPX and surgical safety recommendations are presented. The challenges in fighting the MPX epidemic, One Health strategy, and future research are discussed.

Artificial Intelligence (AI) is one of the key technologies of the Fourth Industrial Revolution (Industry 4.0), which can be used for the protection of Internet-connected systems from cyber-threats, attacks, damage, or unauthorized access. To intelligently solve today's various cybersecurity issues, popular AI techniques involving Machine Learning (ML) and Deep Learning (DL) methods, the concept of Natural Language Processing (NLP), Knowledge Representation and Reasoning (KRR), as well as the concept of knowledge or rule-based Expert Systems (ES) modeling can be used. Based on these AI methods, in this paper, we present a comprehensive view on "AI-driven Cybersecurity" that can play an important role for intelligent cybersecurity services and management. The security intelligence modeling based on such AI methods can make the cybersecurity computing process automated and intelligent than the conventional security systems. We also highlight several research directions within the scope of our study, which can help researchers do future research in the area. Overall, this paper's ultimate objective is to serve as a reference point and guidelines for cybersecurity researchers as well as industry professionals in the area, especially from an AI-based technical point of view.

In a computing context, cybersecurity is undergoing massive shifts in technology and its operations in recent days, and data science is driving the change. Extracting security incident patterns or insights from cybersecurity data and building corresponding data-driven model, is the key to make a security system automated and intelligent. To understand and analyze the actual phenomena with data, various scientific methods, machine learning techniques, processes, and systems are used, which is commonly known as data science. In this paper, we focus and briefly discuss cybersecurity data science, where the data is being gathered from relevant cybersecurity sources, and the analytics complement the latest data-driven patterns for providing more effective security solutions. The concept of cybersecurity data science allows making the computing process more actionable and intelligent as compared to traditional ones in the domain of cybersecurity. We then discuss and summarize a number of associated research issues and future directions. Furthermore, we provide a machine learning-based multi-layered framework for the purpose of cybersecurity modeling. Overall, our goal is not only to discuss cybersecurity data science and relevant methods but also to focus the applicability towards data-driven intelligent decision making for protecting the systems from cyber-attacks.

Due to the digitization and Internet of Things revolutions, the present electronic world has a wealth of cybersecurity data. Efficiently resolving cyber anomalies and attacks is becoming a growing concern in today's cyber security industry all over the world. Traditional security solutions are insufficient to address contemporary security issues due to the rapid proliferation of many sorts of cyber-attacks and threats. Utilizing artificial intelligence knowledge, especially machine learning technology, is essential to providing a dynamically enhanced, automated, and up-to-date security system through analyzing security data. In this paper, we provide an extensive view of machine learning algorithms, emphasizing how they can be employed for intelligent data analysis and automation in cybersecurity through their potential to extract valuable insights from cyber data. We also explore a number of potential real-world use cases where data-driven intelligence, automation, and decision-making enable next-generation cyber protection that is more proactive than traditional approaches. The future prospects of machine learning in cybersecurity are eventually emphasized based on our study, along with relevant research directions. Overall, our goal is to explore not only the current state of machine learning and relevant methodologies but also their applicability for future cybersecurity breakthroughs.

Cities are undergoing huge shifts in technology and operations in recent days, and `data science' is driving the change in the current age of the Fourth Industrial Revolution (Industry 4.0 or 4IR). Extracting insights or actionable knowledge from city data and building a corresponding data-driven model is the key to making a city system automated and intelligent. Data science is typically the study and analysis of actual happenings with historical data using a variety of scientific methodology, machine learning techniques, processes, and systems. In this paper, we concentrate on and explore ``Smart City Data Science", where city data collected from various sources like sensors and Internet-connected devices, is being mined for insights and hidden correlations to enhance decision-making processes and deliver better and more intelligent services to citizens. To achieve this goal, various machine learning analytical modeling can be employed to provide deeper knowledge about city data, which makes the computing process more actionable and intelligent in various real-world services of today's cities. Finally, we identify and highlight ten open research issues for future development and research in the context of data-driven smart cities. Overall, we aim to provide an insight into smart city data science conceptualization on a broad scale, which can be used as a reference guide for the researchers, professionals, as well as policy-makers of a country, particularly, from the technological point of view.

The Industrial Internet of Things (IIoT) paradigm is a key research area derived from the Internet of Things (IoT). The emergence of IIoT has enabled a revolution in manufacturing and production, through the employment of various embedded sensing devices connected with each other by an IoT network, along with a collection of enabling technologies such as artificial intelligence (AI) and edge/fog computing. One of the unrivaled characteristics of IIoT is the inter-connectivity provided to industries; however, this characteristic might open the door for cyber-criminals to launch various attacks. In fact, one of the major challenges hindering the prevalent adoption of the IIoT paradigm is IoT security. Inevitably, an increasing number of research proposals have been introduced over the last decade to overcome these security concerns. To obtain an overview of this research area, conducting a literature survey of the published research is necessary, eliciting the various security requirements and their considerations. This paper provides a literature survey of IIoT security, focused on the period from 2017 to 2023. We identify IIoT security threats and classify them into three categories, based on the IIoT layer they exploit to launch these attacks. Additionally, we characterize the security requirements that these attacks violate. Finally, we highlight how emerging technologies, such as AI and edge/fog computing, can be adopted to address security concerns and enhance IIoT security.

Portable Document Format (PDF) files are one of the most universally used file types. This has fascinated hackers to develop methods to use these normally innocent PDF files to create security threats via infection vectors PDF files. This is usually realized by hiding embedded malicious code in the victims’ PDF documents to infect their machines. This, of course, results in PDF Malware and requires techniques to identify benign files from malicious files. Research studies indicated that machine-learning methods provide efficient detection techniques against such malware. In this paper, we present a new detection system that can analyze PDF documents in order to identify benign PFD files from malware PFD files. The proposed system makes use of the AdaBoost decision tree with optimal hyperparameters, which is trained and evaluated on a modern-inclusive dataset, viz. Evasive-PDFMal2022. The investigational assessment demonstrates a lightweight-accurate PDF detection system, achieving a 98.84% prediction accuracy with a short prediction interval of 2.174 μSec. To this end, the proposed model outperforms other state-of-the-art models in the same study area. Hence, the proposed system can be effectively utilized to uncover PDF malware at high detection performance and low detection overhead.

Fall prediction using machine learning has become one of the most fruitful and socially relevant applications of computer vision in gerontological research. Since its inception in the early 2000s, this subfield has proliferated into a robust body of research underpinned by various machine learning algorithms (including neural networks, support vector machines, and decision trees) as well as statistical modeling approaches (Markov chains, Gaussian mixture models, and hidden Markov models). Furthermore, some advancements have been translated into commercial and clinical practice, with companies in various stages of development capitalizing on the aging population to develop new commercially available products. Yet despite the marvel of modern machine learning-enabled fall prediction, little research has been conducted to shed light on the security and privacy concerns that such systems pose for older adults. The present study employs an interdisciplinary lens in examining privacy issues associated with machine learning fall prediction and exploring the implications of these models in elderly care and the Internet of Medical Things (IoMT). Ultimately, a justice-informed set of best practices rooted in social geroscience is suggested to help fall prediction researchers and companies continue to advance the field while preserving elderly privacy and autonomy.

Due to the rising dependency on digital technology, cybersecurity has emerged as a more prominent field of research and application that typically focuses on securing devices, networks, systems, data and other resources from various cyber-attacks, threats, risks, damages, or unauthorized access. Artificial Intelligence (AI), also referred to as a crucial technology of the current Fourth Industrial Revolution (Industry 4.0 or 4IR), could be the key to intelligently dealing with these cyber issues. Various forms of AI methodologies, such as analytical, functional, interactive, textual as well as visual AI can be employed to get the desired cyber solutions according to their computational capabilities. However, the dynamic nature and complexity of real-world situations and data gathered from various cyber sources make it challenging nowadays to build an effective AI-based security model. Moreover, defending robustly against adversarial attacks is still an open question in the area. In this paper, we provide a comprehensive view on "Cybersecurity Intelligence and Robustness", emphasizing multi-aspects AI-based modeling and adversarial learning that could lead to addressing diverse issues in various cyber applications areas such as detecting malware or intrusions, zero-day attacks, phishing, data breach, cyberbullying and other cybercrimes. Thus the eventual security modeling process could be automated, intelligent, and robust compared to traditional security systems. We also emphasize and draw attention to the future aspects of cybersecurity intelligence and robustness along with the research direction within the context of our study. Overall, our goal is not only to explore AI-based modeling and pertinent methodologies but also to focus on the resulting model's applicability for securing our digital systems and society.

In the face of escalating cybercriminal sophistication, an innovative approach to network anomaly detection has been pursued in this longitudinal study, integrating computational data analytics in a geographic, organizational, and behavioral context. A data-driven scoring mechanism was employed to systematically analyze and correlate source countries of IP addresses and organization-associated Autonomous System (AS) Numbers (ASN) with network anomalies. Significant correlations between certain countries, specific organizations, and high behavior scores were identified through the data analytics. An increase in connection requests was also found to be linked with elevated behavior scores. Validated by cross-validation techniques, these findings emphasize the necessity for continuous model recalibration. The transformative role of integrative data analytics in cybersecurity is underscored, paving the way for the development of more sophisticated, context-aware anomaly detection systems. Specifically, the analysis underscores the need for organizations to adopt a proactive and adaptive approach to cybersecurity that can keep pace with the evolving threat landscape.

This research article investigates the effectiveness of digital forensics analysis (DFA) techniques in identifying patterns and trends in malicious failed login attempts linked to public data breaches or compromised email addresses in Microsoft 365 (M365) environments. Pattern recognition techniques are employed to analyze security logs, revealing insights into negative behavior patterns. The findings contribute to the literature on digital forensics, opposing behavior patterns, and cloud-based cybersecurity. Practical implications include the development of targeted defense strategies and the prioritization of prevalent threats. Future research should expand the scope to other cloud services and platforms, capture evolving trends through more prolonged, more extended analysis periods, and assess the effectiveness of specific mitigation strategies for identified tactics, techniques, and procedures (TTPs).

Artificial Intelligence has transformed the cyber security industry by enabling organizations to systematize and enlarge outdated safety procedures. AI can provide more effective threat detection and response capabilities, enhance vulnerability management, and improve compliance and governance. AI technologies such as machine learning, natural language processing, behavioral analytics, and deep learning can enhance cyber security defenses and protect against a wide range of cyber threats, including malware, phishing attacks, and insider threats.Theoretical underpinnings of AI in cyber security, such as machine learning, natural language processing, behavioral analytics, and deep learning, are discussed. The advantages of using AI in cyber security are discussed including speed and accuracy, continuous learning and adaptation, and efficiency and scalability. It's important to note that AI is not a silver bullet for cyber security and should be used in conjunction with other security measures to provide a comprehensive defense strategy.AI has transformed the way cyber security operates in today's digital age. By analyzing vast amounts of data quickly and accurately it has become a valuable tool for organizations looking to protect their assets from cyber threats.