Search for Articles:
Title / Keyword
Author / Affiliation / Email
Journal
Article Type
 
 
Advanced Search
 
Section
Special Issue
Volume
Issue
Number
Page
 
5.3
2.6
Journals
Electronics
Special Issues
Intelligent Solutions for Network and Cyber Security
share announcement

Intelligent Solutions for Network and Cyber Security

A special issue of Electronics (ISSN 2079-9292). This special issue belongs to the section "Networks".

Deadline for manuscript submissions: 15 September 2025 | Viewed by 5844

Special Issue Editors

Prof. Dr. Lixin Wang

E-Mail Website
Guest Editor
TSYS School of Computer Science, Columbus State University, Columbus, GA 31907, USA
Interests: network security; intrusion detection systems; wireless networks; algorithm design and analysis
Special Issues, Collections and Topics in MDPI journals
Prof. Dr. Jianhua Yang

E-Mail Website
Guest Editor
TSYS School of Computer Science, Columbus State University, Columbus, GA 31907, USA
Interests: digital topology; network security; image processing; holes counting-technical report
Special Issues, Collections and Topics in MDPI journals
Prof. Dr. Qiang Ye

E-Mail Website
Guest Editor
Faculty of Computer Science, Dalhousie University, Halifax, NS B3H 4R2, Canada
Interests: wireless networks; mobile computing; internet of things; network security; data analytics
Special Issues, Collections and Topics in MDPI journals

Special Issue Information

Dear Colleagues,

Solutions for network and cyber security have become more and more important as many critical and vital tasks have been depending on the public Internet. There have been many innovative and significant discoveries and advancements in literature in the areas of network and cyber security in recent years. The scope of this Special Issue on Electronics covers the approaches, methodologies, algorithms, theories, applications, and implementations of various solutions in network and cyber security. The latest discoveries, proposals, developments, and advancements in the areas of network and cyber security, as well as the state-of-the-art research in these areas, are expected to be published in this Special Issue.

In this Special Issue of MDPI Electronics, we are looking for original and creative contributions in the field of network and cyber security. Research papers with theoretical, technical, and/or practical approaches as well as review articles are all welcome. Topics of interest include, but are not limited to:

  • Detection and prevention of stepping-stone intrusion.
  • Threat, intrusion, and anomaly detection for the Internet.
  • Infrastructure security.
  • Wireless and mobile security.
  • Intelligent solutions in cryptography.
  • Access control for network security.
  • Anti-virus and anti-hacker techniques for network and cyber security.
  • Artificial intelligence (AI) security.
  • AI and Machine Learning methodologies in network and cyber security.
  • Applications of differential privacy in network and cyber security.
  • Internet Security.
  • Security protocol design.
  • Key distribution and management.

Prof. Dr. Lixin Wang
Prof. Dr. Jianhua Yang
Prof. Dr. Qiang Ye
Guest Editors

Manuscript Submission Information

Manuscripts should be submitted online at www.mdpi.com by registering and logging in to this website. Once you are registered, click here to go to the submission form. Manuscripts can be submitted until the deadline. All submissions that pass pre-check are peer-reviewed. Accepted papers will be published continuously in the journal (as soon as accepted) and will be listed together on the special issue website. Research articles, review articles as well as short communications are invited. For planned papers, a title and short abstract (about 100 words) can be sent to the Editorial Office for announcement on this website.

Submitted manuscripts should not have been published previously, nor be under consideration for publication elsewhere (except conference proceedings papers). All manuscripts are thoroughly refereed through a single-blind peer-review process. A guide for authors and other relevant information for submission of manuscripts is available on the Instructions for Authors page. Electronics is an international peer-reviewed open access semimonthly journal published by MDPI.

Please visit the Instructions for Authors page before submitting a manuscript. The Article Processing Charge (APC) for publication in this open access journal is 2400 CHF (Swiss Francs). Submitted papers should be well formatted and use good English. Authors may use MDPI's English editing service prior to publication or during author revisions.

Keywords

  • network security
  • cyber security
  • intrusion detection
  • intrusion prevention
  • security protocol

Benefits of Publishing in a Special Issue

  • Ease of navigation: Grouping papers by topic helps scholars navigate broad scope journals more efficiently.
  • Greater discoverability: Special Issues support the reach and impact of scientific research. Articles in Special Issues are more discoverable and cited more frequently.
  • Expansion of research network: Special Issues facilitate connections among authors, fostering scientific collaborations.
  • External promotion: Articles in Special Issues are often promoted through the journal's social media, increasing their visibility.
  • e-Book format: Special Issues with more than 10 articles can be published as dedicated e-books, ensuring wide and rapid dissemination.

Further information on MDPI's Special Issue policies can be found here.

Published Papers (4 papers)

Download All Papers
Order results
Result details
Show export options expand_more Show export options expand_less
Select all
Export citation of selected articles as:

Research

13 pages, 1592 KiB  
Article
Matching TCP Packets for Stepping-Stone Intrusion Detection Resistant to Intruders’ Chaff Perturbation
by Lixin Wang, Jianhua Yang, Kondwani Mphande and Yi Zhou
Electronics 2025, 14(6), 1190; https://doi.org/10.3390/electronics14061190 - 18 Mar 2025
Viewed by 96
Abstract
Hackers usually launch cyberattacks through several stepping-stone hosts to reduce the chance of being detected. With stepping-stone intrusion (SSI), the attacker’s identity is hidden behind a long interactive connection chain of stepping stones and thus is very difficult to reveal. Many algorithms for [...] Read more.
Hackers usually launch cyberattacks through several stepping-stone hosts to reduce the chance of being detected. With stepping-stone intrusion (SSI), the attacker’s identity is hidden behind a long interactive connection chain of stepping stones and thus is very difficult to reveal. Many algorithms for detecting SSI have been proposed since 1995. Most of these known detection algorithms for SSI only work for network traffic without intruders’ session manipulation. These known SSID algorithms are either weak to resisting intruders’ chaff-perturbation manipulation or have a very limited capability in resisting attacker’s session manipulation. This paper proposes an innovative SSID algorithm resistant to intruders’ chaff perturbation through matching TCP packets by using the crossover of packets. Our proposed SSID algorithm is verified by well-designed network experiments. Our experimental results show that the proposed SSID algorithm works effectively in detecting network intrusion as well as resisting intruders’ chaff perturbation. Full article
(This article belongs to the Special Issue Intelligent Solutions for Network and Cyber Security)
Show Figures

Figure 1

15 pages, 1777 KiB  
Article
Going beyond API Calls in Dynamic Malware Analysis: A Novel Dataset
by Slaviša Ilić, Milan Gnjatović, Ivan Tot, Boriša Jovanović, Nemanja Maček and Marijana Gavrilović Božović
Electronics 2024, 13(17), 3553; https://doi.org/10.3390/electronics13173553 - 6 Sep 2024
Cited by 2 | Viewed by 1695
Abstract
Automated sandbox-based analysis systems are dominantly focused on sequences of API calls, which are widely acknowledged as discriminative and easily extracted features. In this paper, we argue that an extension of the feature set beyond API calls may improve the malware detection performance. [...] Read more.
Automated sandbox-based analysis systems are dominantly focused on sequences of API calls, which are widely acknowledged as discriminative and easily extracted features. In this paper, we argue that an extension of the feature set beyond API calls may improve the malware detection performance. For this purpose, we apply the Cuckoo open-source sandbox system, carefully configured for the production of a novel dataset for dynamic malware analysis containing 22,200 annotated samples (11,735 benign and 10,465 malware). Each sample represents a full-featured report generated by the Cuckoo sandbox when a corresponding binary file is submitted for analysis. To support our position that the discriminative power of the full-featured sandbox reports is greater than the discriminative power of just API call sequences, we consider samples obtained from binary files whose execution induced API calls. In addition, we derive an additional dataset from samples in the full-featured dataset, whose samples contain only information on API calls. In a three-way factorial design experiment (considering the feature set, the feature representation technique, and the random forest model hyperparameter settings), we trained and tested a set of random forest models in a two-class classification task. The obtained results demonstrate that resorting to full-featured sandbox reports improves malware detection performance. The accuracy of 95.56 percent obtained for API call sequences was increased to 99.74 percent when full-featured sandbox reports were considered. Full article
(This article belongs to the Special Issue Intelligent Solutions for Network and Cyber Security)
Show Figures

Figure 1

20 pages, 8417 KiB  
Article
How to Circumvent and Beat the Ransomware in Android Operating System—A Case Study of Locker.CB!tr
by Kornel Drabent, Robert Janowski and Jordi Mongay Batalla
Electronics 2024, 13(11), 2212; https://doi.org/10.3390/electronics13112212 - 6 Jun 2024
Cited by 2 | Viewed by 1826
Abstract
Ransomware is one of the most extended cyberattacks. It consists of encrypting a user’s files or locking the smartphone in order to blackmail a victim. The attacking software is ordered on the infected device from the attacker’s remote server, known as command and [...] Read more.
Ransomware is one of the most extended cyberattacks. It consists of encrypting a user’s files or locking the smartphone in order to blackmail a victim. The attacking software is ordered on the infected device from the attacker’s remote server, known as command and control. In this work, we propose a method to recover from a Locker.CB!tr ransomware attack after it has infected and hit a smartphone. The novelty of our approach lies on exploiting the communication between the ransomware on the infected device and the attacker’s command and control server as a point to reverse disruptive actions like screen locking or file encryption. For this purpose, we carried out both a dynamic and a static analysis of decompiled Locker.CB!tr ransomware source code to understand its operation principles and exploited communication patterns from the IP layer to the application layer to fully impersonate the command and control server. This way, we gained full control over the Locker.CB!tr ransomware instance. From that moment, we were able to command the Locker.CB!tr ransomware instance on the infected device to unlock the smartphone or decrypt the files. The contributions of this work are a novel method to recover the mobile phone after ransomware attack based on the analysis of the ransomware communication with the C&C server; and a mechanism for impersonating the ransomware C&C server and thus gaining full control over the ransomware instance. Full article
(This article belongs to the Special Issue Intelligent Solutions for Network and Cyber Security)
Show Figures

Figure 1

19 pages, 5670 KiB  
Article
A Study on Countermeasures against Neutralizing Technology: Encoding Algorithm-Based Ransomware Detection Methods Using Machine Learning
by Jaehyuk Lee, Jinseo Yun and Kyungroul Lee
Electronics 2024, 13(6), 1030; https://doi.org/10.3390/electronics13061030 - 9 Mar 2024
Cited by 8 | Viewed by 1434
Abstract
Ransomware, which emerged in 1989, has evolved to the present in numerous variants and new forms. For this reason, serious damage caused by ransomware has occurred not only within our country but around the world, and, according to the analysis of ransomware trends, [...] Read more.
Ransomware, which emerged in 1989, has evolved to the present in numerous variants and new forms. For this reason, serious damage caused by ransomware has occurred not only within our country but around the world, and, according to the analysis of ransomware trends, ransomware poses an ongoing and significant threat, with major damage expected to continue to occur in the future. To address this problem, various approaches to detect ransomware have been explored, with a recent focus on file entropy estimation methods. These methods exploit the characteristic increase in file entropy that is caused by ransomware encryption. In response, a method was developed to neutralize entropy-based ransomware detection technology by manipulating entropy using encoding methods from the attacker’s perspective. Consequently, from the defender’s standpoint, countermeasures are essential to minimize the damage caused by ransomware. Therefore, this article proposes a methodology that utilizes diverse machine learning models such as K-Nearest Neighbors (KNN), logistic regression, decision tree, random forest, gradient boosting, support vector machine (SVM), and multi-layer perception (MLP) to detect files infected with ransomware. The experimental results demonstrate empirically that files infected with ransomware can be detected with approximately 98% accuracy, and the results of this research are expected to provide valuable information for developing countermeasures against various ransomware detection technologies. Full article
(This article belongs to the Special Issue Intelligent Solutions for Network and Cyber Security)
Show Figures

Figure 1

Show export options expand_more Show export options expand_less
Select all
Export citation of selected articles as:
 
Displaying articles 1-4
Back to TopTop