applsci-logo

Journal Browser

Journal Browser

Progress and Research in Cybersecurity and Data Privacy

A special issue of Applied Sciences (ISSN 2076-3417). This special issue belongs to the section "Computing and Artificial Intelligence".

Deadline for manuscript submissions: closed (20 July 2024) | Viewed by 13697

Special Issue Editors


E-Mail Website
Guest Editor
School of Computer Science and Technology, Harbin Institute of Technology (Shenzhen), Shenzhen 518055, China
Interests: data privacy; cybersecurity; AI security

E-Mail Website
Guest Editor
School of Cyberspace Security , Beijing University of Posts and Telecommunications, Beijing 100876, China
Interests: data privacy; cybersecurity; AI security

E-Mail Website
Guest Editor
School of Computer Science and Technology, Harbin Institute of Technology (Shenzhen), Shenzhen 518055, China
Interests: cybersecurity; AI security
School of Computer Science and Technology, Harbin Institute of Technology (Shenzhen), Shenzhen 518055, China
Interests: data privacy; cybersecurity; AI security

Special Issue Information

Dear Colleagues,

Cybersecurity and data privacy are among the biggest challenges for the trusted and dependable development of a global digital society. This poses new challenges in the advancement of cyber-attacks, cyber defense and data protection. Therefore, this Special Issue is intended for the presentation of new ideas and experimental results in the field of cybersecurity and data privacy from the points of theory, system, service, and method to its practical use.

This Special Issue is seeking conceptual, empirical, or technological papers that will offer new insights into the field. Original research and review articles are welcome.

Potential topics include but are not limited to the following:

  • Data privacy;
  • AI security;
  • Malware analysis;
  • Application security;
  • Infrastructure security;
  • Software security;
  • Cloud security;
  • Network security;
  • Cryptography;
  • Blockchain;
  • Future networks;
  • Big data.

Prof. Dr. Chuanyi Liu
Prof. Dr. Xiaoyong Li
Dr. Chuankai Zhang
Dr. Peiyi Han
Guest Editors

Manuscript Submission Information

Manuscripts should be submitted online at www.mdpi.com by registering and logging in to this website. Once you are registered, click here to go to the submission form. Manuscripts can be submitted until the deadline. All submissions that pass pre-check are peer-reviewed. Accepted papers will be published continuously in the journal (as soon as accepted) and will be listed together on the special issue website. Research articles, review articles as well as short communications are invited. For planned papers, a title and short abstract (about 100 words) can be sent to the Editorial Office for announcement on this website.

Submitted manuscripts should not have been published previously, nor be under consideration for publication elsewhere (except conference proceedings papers). All manuscripts are thoroughly refereed through a single-blind peer-review process. A guide for authors and other relevant information for submission of manuscripts is available on the Instructions for Authors page. Applied Sciences is an international peer-reviewed open access semimonthly journal published by MDPI.

Please visit the Instructions for Authors page before submitting a manuscript. The Article Processing Charge (APC) for publication in this open access journal is 2400 CHF (Swiss Francs). Submitted papers should be well formatted and use good English. Authors may use MDPI's English editing service prior to publication or during author revisions.

Keywords

  • data privacy
  • cybersecurity
  • network security
  • cryptography
  • AI security
  • software security
  • cloud security

Benefits of Publishing in a Special Issue

  • Ease of navigation: Grouping papers by topic helps scholars navigate broad scope journals more efficiently.
  • Greater discoverability: Special Issues support the reach and impact of scientific research. Articles in Special Issues are more discoverable and cited more frequently.
  • Expansion of research network: Special Issues facilitate connections among authors, fostering scientific collaborations.
  • External promotion: Articles in Special Issues are often promoted through the journal's social media, increasing their visibility.
  • e-Book format: Special Issues with more than 10 articles can be published as dedicated e-books, ensuring wide and rapid dissemination.

Further information on MDPI's Special Issue polices can be found here.

Published Papers (7 papers)

Order results
Result details
Select all
Export citation of selected articles as:

Research

Jump to: Review

23 pages, 4001 KiB  
Article
Enhancing Firewall Packet Classification through Artificial Neural Networks and Synthetic Minority Over-Sampling Technique: An Innovative Approach with Evaluative Comparison
by Adem Korkmaz, Selma Bulut, Tarık Talan, Selahattin Kosunalp and Teodor Iliev
Appl. Sci. 2024, 14(16), 7426; https://doi.org/10.3390/app14167426 - 22 Aug 2024
Viewed by 865
Abstract
Firewall packet classification is a critical component of network security, demanding precise and reliable methods to ensure optimal functionality. This study introduces an advanced approach that combines Artificial Neural Networks (ANNs) with various data balancing techniques, including the Synthetic Minority Over-sampling Technique (SMOTE), [...] Read more.
Firewall packet classification is a critical component of network security, demanding precise and reliable methods to ensure optimal functionality. This study introduces an advanced approach that combines Artificial Neural Networks (ANNs) with various data balancing techniques, including the Synthetic Minority Over-sampling Technique (SMOTE), ADASYN, and BorderlineSMOTE, to enhance the classification of firewall packets into four distinct classes: ‘allow’, ‘deny’, ‘drop’, and ‘reset-both’. Initial experiments without data balancing revealed that while the ANN model achieved perfect precision, recall, and F1-Scores for the ‘allow’, ‘deny’, and ‘drop’ classes, it struggled to accurately classify the ‘reset-both’ class. To address this, we applied SMOTE, ADASYN, and BorderlineSMOTE to mitigate class imbalance, which led to significant improvements in overall classification performance. Among the techniques, the ANN combined with BorderlineSMOTE demonstrated superior efficacy, achieving a 97% overall accuracy and consistently high performance across all classes, particularly in the accurate classification of minority classes. In contrast, while SMOTE and ADASYN also improved the model’s performance, the results with BorderlineSMOTE were notably more balanced and reliable. This study provides a comparative analysis with existing machine learning models, highlighting the effectiveness of the proposed approach in firewall packet classification. The synthesized results validate the potential of integrating ANNs with advanced data balancing techniques to enhance the robustness and reliability of network security systems. The findings underscore the importance of addressing class imbalance in machine learning models, particularly in security-critical applications, and offer valuable insights for the design and improvement of future network security infrastructures. Full article
(This article belongs to the Special Issue Progress and Research in Cybersecurity and Data Privacy)
Show Figures

Figure 1

21 pages, 3707 KiB  
Article
Decoding National Innovation Capacities: A Comparative Analysis of Publication Patterns in Cybersecurity, Privacy, and Blockchain
by Emanuela Bran, Răzvan Rughiniș, Dinu Țurcanu and Ana Rodica Stăiculescu
Appl. Sci. 2024, 14(16), 7086; https://doi.org/10.3390/app14167086 - 13 Aug 2024
Cited by 1 | Viewed by 1476
Abstract
This study examines the factors influencing scientific productivity in blockchain, privacy, and cybersecurity research across countries. While previous research has explored the determinants of general scientific output, less is known about the patterns of influence in these technological fields, which have been dominantly [...] Read more.
This study examines the factors influencing scientific productivity in blockchain, privacy, and cybersecurity research across countries. While previous research has explored the determinants of general scientific output, less is known about the patterns of influence in these technological fields, which have been dominantly studied with a bibliometric focus. Using regression models, we analyze the impact of economic, political, educational, and social factors on the publication rates in these domains. Data from international databases on country-level indicators and scientific publications form the basis of our analysis. The results show that Gross National Income per capita is the strongest predictor of research output across all the fields studied. Research spending as a percentage of GDP also demonstrates a consistent positive relationship with publication rates. However, the impact of the factors varies across fields. This research provides insights for policymakers and institutions aiming to enhance research capabilities in these critical areas of technology. Full article
(This article belongs to the Special Issue Progress and Research in Cybersecurity and Data Privacy)
Show Figures

Figure 1

19 pages, 1263 KiB  
Article
Robust Estimation Method against Poisoning Attacks for Key-Value Data with Local Differential Privacy
by Hikaru Horigome, Hiroaki Kikuchi, Masahiro Fujita and Chia-Mu Yu
Appl. Sci. 2024, 14(14), 6368; https://doi.org/10.3390/app14146368 - 22 Jul 2024
Viewed by 673
Abstract
Local differential privacy (LDP) protects user information from potential threats by randomizing data on individual devices before transmission to untrusted collectors. This method enables collectors to derive user statistics by analyzing randomized data, thereby presenting a promising avenue for privacy-preserving data collection. In [...] Read more.
Local differential privacy (LDP) protects user information from potential threats by randomizing data on individual devices before transmission to untrusted collectors. This method enables collectors to derive user statistics by analyzing randomized data, thereby presenting a promising avenue for privacy-preserving data collection. In the context of key–value data, in which discrete and continuous values coexist, PrivKV has been introduced as an LDP protocol to ensure secure collection. However, this framework is susceptible to poisoning attacks. To address this vulnerability, we propose an expectation maximization (EM)-based algorithm combined with a cryptographic protocol to facilitate secure random sampling. Our LDP protocol, known as emPrivKV, exhibits two key advantages: it improves the accuracy of statistical information estimation from randomized data, and enhances resilience against the manipulation of statistics, that is, poisoning attacks. These attacks involve malicious users manipulating the analysis results without detection. This study presents the empirical results of applying the emPrivKV protocol to both synthetic and open datasets, highlighting a notable improvement in the precision of statistical value estimation and robustness against poisoning attacks. As a result, emPrivKV improved the frequency and the mean gains by 17.1% and 25.9%, respectively, compared to PrivKV, with the number of fake users being 0.1 of the genuine users. Our findings contribute to the ongoing discourse on refining LDP protocols for key–value data in scenarios involving privacy-sensitive information. Full article
(This article belongs to the Special Issue Progress and Research in Cybersecurity and Data Privacy)
Show Figures

Figure 1

19 pages, 3691 KiB  
Article
Enhancing Security in Connected and Autonomous Vehicles: A Pairing Approach and Machine Learning Integration
by Usman Ahmad, Mu Han and Shahid Mahmood
Appl. Sci. 2024, 14(13), 5648; https://doi.org/10.3390/app14135648 - 28 Jun 2024
Cited by 2 | Viewed by 1352
Abstract
The automotive sector faces escalating security risks due to advances in wireless communication technology. Expanding on our previous research using a sensor pairing technique and machine learning models to evaluate IoT sensor data reliability, this study broadens its scope to address security concerns [...] Read more.
The automotive sector faces escalating security risks due to advances in wireless communication technology. Expanding on our previous research using a sensor pairing technique and machine learning models to evaluate IoT sensor data reliability, this study broadens its scope to address security concerns in Connected and Autonomous Vehicles (CAVs). The objectives of this research include identifying and mitigating specific security vulnerabilities related to CAVs, thereby establishing a comprehensive understanding of the risks these vehicles face. Additionally, our study introduces two innovative pairing approaches. The first approach focuses on pairing Electronic Control Units (ECUs) within individual vehicles, while the second extends to pairing entire vehicles, termed as vehicle pairing. Rigorous preprocessing of the dataset was carried out to ensure its readiness for subsequent model training. Leveraging Support Vector Machine (SVM) and TinyML methods for data validation and attack detection, we have been able to achieve an impressive accuracy rate of 97.2%. The proposed security approach notably contributes to the security of CAVs against potential cyber threats. The experimental setup demonstrates the practical application and effectiveness of TinyML in embedded systems within CAVs. Importantly, our proposed solution ensures that these security enhancements do not impose additional memory or network loads on the ECUs. This is accomplished by delegating the intensive cross-validation to the central module or Roadside Units (RSUs). This novel approach not only contributes to mitigating various security loopholes, but paves the way for scalable, efficient solutions for resource-constrained automotive systems. Full article
(This article belongs to the Special Issue Progress and Research in Cybersecurity and Data Privacy)
Show Figures

Figure 1

17 pages, 797 KiB  
Article
BDIDA-IoT: A Blockchain-Based Decentralized Identity Architecture Enhances the Efficiency of IoT Data Flow
by Zequan Yang, Yumeng Liu, Xiaopeng Jin, Xiaoling Luo, Yuan Xu, Meng Li, Peng Chen, Bixia Tang and Baohui Lin
Appl. Sci. 2024, 14(5), 1807; https://doi.org/10.3390/app14051807 - 22 Feb 2024
Viewed by 2184
Abstract
With the booming development of the Internet of Things (IoT) industry, millions of data are generated every day. How to use and manage these data safely and efficiently has become a hot issue of concern to people. Due to the accumulation of IoT [...] Read more.
With the booming development of the Internet of Things (IoT) industry, millions of data are generated every day. How to use and manage these data safely and efficiently has become a hot issue of concern to people. Due to the accumulation of IoT data, the isolated data island phenomenon makes it difficult to connect and interact with each data owner, and the security and privacy of IoT data also become a challenge. Blockchain is a decentralized database technology that uses distributed accounting to ensure reliable data transmission and access, along with smart contracts that can be executed automatically to program and manipulate data. At the same time, blockchain techniques have stronger security and privacy, which can better meet the needs of users. In this paper, we analyze the current management mode and challenges of IoT data and propose an IoT data platform based on blockchain. The proposed platform takes into account important factors including IoT data traceability, IoT data trusted transactions, etc. Our IoT data platform achieves the trusted management and transaction of IoT data. We also propose follow-up optimization solutions to expand the application scope of our platform and achieve more efficient management of IoT data. Full article
(This article belongs to the Special Issue Progress and Research in Cybersecurity and Data Privacy)
Show Figures

Figure 1

21 pages, 5560 KiB  
Article
VulPathsFinder: A Static Method for Finding Vulnerable Paths in PHP Applications Based on CPG
by Chunhui Zhao, Tengfei Tu, Cheng Wang and Sujuan Qin
Appl. Sci. 2023, 13(16), 9240; https://doi.org/10.3390/app13169240 - 14 Aug 2023
Cited by 1 | Viewed by 1785
Abstract
Today, as PHP application technology is becoming increasingly mature, the functions of modern multi-layer web applications are becoming more and more complete, and the complexity is also gradually increasing. While providing developers with various business functions and interfaces, multi-tier Web applications also successfully [...] Read more.
Today, as PHP application technology is becoming increasingly mature, the functions of modern multi-layer web applications are becoming more and more complete, and the complexity is also gradually increasing. While providing developers with various business functions and interfaces, multi-tier Web applications also successfully cover the details of application development. This type of web application adopts a unified entrance, many object-oriented codes are used, and features such as encapsulation, inheritance, and polymorphism bring challenges to vulnerability mining from the perspective of static analysis. A large amount of object-oriented code makes it impossible for a simple function name-matching method to build a complete call graph (CG), resulting in the inability to perform a comprehensive interprocedural analysis. At the same time, the encapsulation feature of the class makes the data hidden in the object attribute, and the vulnerability path cannot be obtained through the general data-flow analysis. In response to the above issues, we propose a vulnerability detection method that supports vulnerability detection for multi-layer web applications based on MVC (Model-View-Control) architecture. First, we improve the construction of the call graph and Code Property Graph (CPG). Then, based on the enhanced Code Property Graph, we propose a technique to support vulnerability detection for multi-layer web applications. Based on this approach, we implemented a prototype of VulPathsFinder, a security analysis tool extended from the PHP security analyzer Joern-PHP. Then, we select ten MVC based and ten non-MVC-based applications to form a test dataset and validate the effectiveness of VulPathsFinder based on this dataset. Experimental results show that, compared with currently available tools, VulPathsFinder can handle framework applications more effectively, build a complete code property map, and detect vulnerabilities in framework applications that existing tools cannot detect. Full article
(This article belongs to the Special Issue Progress and Research in Cybersecurity and Data Privacy)
Show Figures

Figure 1

Review

Jump to: Research

16 pages, 1209 KiB  
Review
Resilience in the Context of Cyber Security: A Review of the Fundamental Concepts and Relevance
by Misael Sousa de Araujo, Bruna Aparecida Souza Machado and Francisco Uchoa Passos
Appl. Sci. 2024, 14(5), 2116; https://doi.org/10.3390/app14052116 - 4 Mar 2024
Viewed by 3787
Abstract
Cyber resilience is a topic of extreme relevance to organizations in the most diverse segments of activity, where the concept of resilience presents nuance in its different dimensions, in addition to the need to recognize and distinguish the different stages that characterize the [...] Read more.
Cyber resilience is a topic of extreme relevance to organizations in the most diverse segments of activity, where the concept of resilience presents nuance in its different dimensions, in addition to the need to recognize and distinguish the different stages that characterize the state of cyber resilience. Thus, the aim of this article is to understand the various concepts of cyber resilience in its different contexts and dimensions. To this end, bibliographic research was carried out through the process of indirect documentation in articles, books, and publications on the subject. The main stages of resilience were mapped, and an analysis was produced of how these stages have evolved over the years. Finally, an updated proposal for standing for the stages of cyber resilience was presented, based on the consolidation of proposals from the entire framework studied in this work. This review emphasizes the importance of cyber resilience and understanding the stages that characterize cyber resilience, highlighting the need for its further integration into the organizations in the most diverse segments of activity management. Full article
(This article belongs to the Special Issue Progress and Research in Cybersecurity and Data Privacy)
Show Figures

Figure 1

Back to TopTop