New Insights in Cybersecurity of Information Systems

A special issue of Electronics (ISSN 2079-9292). This special issue belongs to the section "Artificial Intelligence".

Deadline for manuscript submissions: closed (15 May 2024) | Viewed by 3092

Special Issue Editors


E-Mail Website
Guest Editor
Science and Technology on Information Systems Engineering Laboratory, National University of Defense Technology, Changsha 410073, China
Interests: bayesian networks; stochastic neural networks; transfer learning
Special Issues, Collections and Topics in MDPI journals

E-Mail Website
Guest Editor
Science and Technology on Information Systems Engineering Laboratory, National University of Defense Technology, Changsha 410073, China
Interests: cyber security; data mining

E-Mail
Guest Editor
Science and Technology on Information Systems Engineering Laboratory, National University of Defense Technology, Changsha 410073, China
Interests: temporal graph mining; advanced graph data management; dynamic graph query

Special Issue Information

Dear Colleagues,

In recent years, information systems have been widely used in various domains and have indicated excellent performance; however, there are many security vulnerabilities and risks in their real-world usage. On the one hand, from the perspective of intelligence, the degree of intelligence of information systems is rapidly increasing and its application is gradually changing from a functional level to a decision-making level. Therefore, it is necessary to explore the explainability of flows in information systems. On the other hand, from the perspective of security, as the degree of intelligence increases, information systems are facing increased vulnerabilities and risks (such as counterattacks). Therefore, it is necessary to study the cybersecurity of information systems.

This Special Issue will focus on AI and the security of information systems and covers the applications of artificial intelligence, network security, and resilience theory in information systems, which are important for the development of information systems in the future. This Special Issue will connect experts from artificial intelligence, information systems, and network security communities. We will attempt to highlight recent related works from different communities, clarify the progress of the intelligence and safety of information systems, and chart important directions for future work and cross-community collaborations. We look for new contributions, including theoretical issues and applications of the discipline. Topics of interest include all aspects of system architectures, models and algorithms for cybersecurity, and graph data mining, including, but not limited to, the following detailed list:

  • Security for information systems,
  • AI for cybersecurity,
  • Intelligent systems,
  • Human analysis and behavior understanding,
  • Risk assessment,
  • Vulnerability mining,
  • Adversarial learning,
  • Bayesian networks,
  • Graph data and graph neural networks,
  • Efficient model training, inference, and serving.

Dr. Yun Zhou
Dr. Zhaoyun Ding
Dr. Qianzhen Zhang
Guest Editors

Manuscript Submission Information

Manuscripts should be submitted online at www.mdpi.com by registering and logging in to this website. Once you are registered, click here to go to the submission form. Manuscripts can be submitted until the deadline. All submissions that pass pre-check are peer-reviewed. Accepted papers will be published continuously in the journal (as soon as accepted) and will be listed together on the special issue website. Research articles, review articles as well as short communications are invited. For planned papers, a title and short abstract (about 100 words) can be sent to the Editorial Office for announcement on this website.

Submitted manuscripts should not have been published previously, nor be under consideration for publication elsewhere (except conference proceedings papers). All manuscripts are thoroughly refereed through a single-blind peer-review process. A guide for authors and other relevant information for submission of manuscripts is available on the Instructions for Authors page. Electronics is an international peer-reviewed open access semimonthly journal published by MDPI.

Please visit the Instructions for Authors page before submitting a manuscript. The Article Processing Charge (APC) for publication in this open access journal is 2400 CHF (Swiss Francs). Submitted papers should be well formatted and use good English. Authors may use MDPI's English editing service prior to publication or during author revisions.

Keywords

  • cybersecurity
  • intelligent systems
  • data mining
  • vulnerability mining
  • adversarial learning
  • Bayesian networks

Benefits of Publishing in a Special Issue

  • Ease of navigation: Grouping papers by topic helps scholars navigate broad scope journals more efficiently.
  • Greater discoverability: Special Issues support the reach and impact of scientific research. Articles in Special Issues are more discoverable and cited more frequently.
  • Expansion of research network: Special Issues facilitate connections among authors, fostering scientific collaborations.
  • External promotion: Articles in Special Issues are often promoted through the journal's social media, increasing their visibility.
  • e-Book format: Special Issues with more than 10 articles can be published as dedicated e-books, ensuring wide and rapid dissemination.

Further information on MDPI's Special Issue polices can be found here.

Published Papers (2 papers)

Order results
Result details
Select all
Export citation of selected articles as:

Research

25 pages, 1150 KiB  
Article
Multi-Relation Extraction for Cybersecurity Based on Ontology Rule-Enhanced Prompt Learning
by Fei Wang, Zhaoyun Ding, Kai Liu, Lehai Xin, Yu Zhao and Yun Zhou
Electronics 2024, 13(12), 2379; https://doi.org/10.3390/electronics13122379 - 18 Jun 2024
Viewed by 1134
Abstract
In the domain of cybersecurity, available annotated data are often scarce, especially for Chinese cybersecurity datasets, often necessitating the manual construction of datasets. The scarcity of samples is one of the challenges in researching cybersecurity, especially for the “no-relation” class. Since the annotation [...] Read more.
In the domain of cybersecurity, available annotated data are often scarce, especially for Chinese cybersecurity datasets, often necessitating the manual construction of datasets. The scarcity of samples is one of the challenges in researching cybersecurity, especially for the “no-relation” class. Since the annotation process typically focuses only on known relation classes, there are usually no training samples for the “no-relation” class. This poses a zero-shot classification problem, where during the classification process, there is a tendency to classify into a class with a relationship. Zero-shot classification tasks are particularly challenging in this context. Moreover, most relation classification models currently need to traverse all relations to calculate the class with the highest probability. Therefore, the problem of “computational redundancy” is another challenge faced. Thus, how to accurately and efficiently acquire cyberspace knowledge from heterogeneous data sources and address the challenges such as sample scarcity, zero-shot recognition, and computational redundancy is the main focus of this chapter. To address these problems, this chapter designs a multi-relation extraction model based on ontology rule-enhanced prompt learning, which is a parameter-sharing-based multi-task model. By introducing prompt learning, which has shown significant effectiveness in the few-shot domain, this chapter designs prompt templates combining discrete and continuous tokens and uses rule injection in prompt learning to solve the difficulties in zero-shot recognition of “no-relation” and computational redundancy issues, achieving efficient and accurate multi-relation extraction. Specifically, by constructing sub-prompts to achieve an efficient combination of templates, a parameter-sharing structure is used to implement knowledge extraction step by step: The first step constructs entity prompt templates combining discrete and continuous tokens, identifying the classes of two entities based on prompt learning. The second step involves rule injection, identifying whether it belongs to the “no-relation” class based on the combination of sub-prompts; if there is no connection between the classes of two entities, it is classified as “no relation”; if a connection exists, the candidate relation set is filtered out. The third step uses the pre-trained model and vectors from the first step, utilizing prompt learning and rule judgment to determine the relation class from the candidate relation set. Finally, the effectiveness of our model is validated on the general datasets TACRED, ReTACRED, and the cybersecurity dataset constructed in this paper. Full article
(This article belongs to the Special Issue New Insights in Cybersecurity of Information Systems)
Show Figures

Figure 1

15 pages, 782 KiB  
Article
Fine-Grained Modeling of ROP Vulnerability Exploitation Process under Stack Overflow Based on Petri Nets
by Liumei Zhang, Wei Zhang, Yichuan Wang, Bowen Xia and Yu Han
Electronics 2023, 12(23), 4741; https://doi.org/10.3390/electronics12234741 - 22 Nov 2023
Viewed by 1350
Abstract
Software vulnerability discovery is currently a hot topic, and buffer overflow remains a prevalent security vulnerability. One of the key issues in vulnerability discovery and analysis is how to quickly analyze buffer overflow vulnerabilities and select critical exploitation paths. Existing modeling methods for [...] Read more.
Software vulnerability discovery is currently a hot topic, and buffer overflow remains a prevalent security vulnerability. One of the key issues in vulnerability discovery and analysis is how to quickly analyze buffer overflow vulnerabilities and select critical exploitation paths. Existing modeling methods for vulnerability exploitation cannot accurately reflect the fine-grained execution process of stack overflow exploitation paths. This paper, based on the discussion of buffer overflow exploitation techniques, proposes a fine-grained modeling and analysis method based on Petri nets for the selection and execution of exploitation processes, specifically focusing on the return-oriented programming in stack overflow. Through qualitative analysis, we compared the simulated time of the software with the execution time of existing exploitation tools, achieving timeout-based simulation experiments. We validated the model’s effectiveness using symbolic execution and dynamic analysis techniques. The results indicate that this model performs well for vulnerable programs with Position Independent Executable (PIE) protection enabled and has an advantage in selecting exploitation paths, enabling timeout-based simulation. This method provides a reference for rapidly constructing exploitation implementations. Full article
(This article belongs to the Special Issue New Insights in Cybersecurity of Information Systems)
Show Figures

Figure 1

Back to TopTop