Search Results (152)

The Internet of Things (IoT) is widely used across domains such as smart homes, healthcare, and grids. As billions of devices become connected, strong privacy and security measures are essential to protect sensitive information and prevent cyber-attacks. However, IoT devices often have limited computing power and storage, making it difficult to implement robust security and manage large volumes of data. Existing studies have explored integrating blockchain and Deep Neural Networks (DNNs) to address security, storage, and data dissemination in IoT networks, but they often fail to fully leverage the mutual enhancement between them. This paper proposes DeepChainIoT, a blockchain–DNN integrated framework designed to address centralization, latency, throughput, storage, and privacy challenges in generic IoT networks. It integrates smart contracts with a Long Short-Term Memory (LSTM) autoencoder for anomaly detection and secure transaction encoding, along with an optimized Practical Byzantine Fault Tolerance (PBFT) consensus mechanism featuring transaction prioritization and node rating. On a public pump sensor dataset, our LSTM autoencoder achieved 99.6% accuracy, 100% recall, 97.95% precision, and a 98.97% F1-score, demonstrating balanced performance, along with a 23.9× compression ratio. Overall, DeepChainIoT enhances IoT security, reduces latency, improves throughput, and optimizes storage while opening new directions for research in trustworthy computing. Full article

This article develops a method for analysing sensor data to prevent cyberattacks using a modified LSTM network. This method development is based on the fact that in the context of the rapid increase in sensor devices used in critical infrastructure, it is becoming an urgent task to ensure these systems’ security from various types of attacks, such as data forgery, man-in-the-middle attacks, and denial of service. The method is based on predicting normal system behaviour using a modified LSTM network, which allows for effective prediction of sensor data because the F1 score = 0.90, as well as on analysing anomalies detected through residual values, which makes the method highly sensitive to changes in data. The main result is high accuracy of attack detection (precision = 0.92), achieved through a hybrid approach combining prediction with statistical deviation analysis. During the computational experiment, the developed method demonstrated real-time efficiency with minimal computational costs, providing accuracy up to 92% and recall up to 89%, which is confirmed by high AUC = 0.94 values. These results show that the developed method is effectively protecting critical infrastructure facilities with limited computing resources, which is especially important for cyber police. Full article

Despite the focus on improving cybersecurity awareness, the number of cyberattacks has increased significantly, leading to huge financial losses, with their risks spreading throughout the world. This is due to the techniques deployed in cyberattacks that mainly aim at exploiting humans, the weakest link in any defence system. The existing literature on human factors in phishing attacks is limited and does not live up to the witnessed advances in phishing attacks, which have become exponentially more dangerous with the introduction of generative artificial intelligence (GenAI). This paper studies the implications of AI advancement, specifically the exploitation of GenAI and human factors in phishing attacks. We conduct a systematic literature review to study different human factors exploited in phishing attacks, potential solutions and preventive measures, and the complexity introduced by GenAI-driven phishing attacks. This paper aims to address the gap in the research by providing a deeper understanding of the evolving landscape of phishing attacks with the application of GenAI and associated human implications, thereby contributing to the field of knowledge to defend against phishing attacks by creating secure digital interactions. Full article

Autonomous vehicles are expected to reduce traffic accident casualties, as driver distraction accounts for 90% of accidents. These vehicles rely on sensors and controllers to operate independently, requiring robust security mechanisms to prevent malicious takeovers. This research proposes a novel approach to assessing the impact of cyber-attacks on autonomous vehicles and their surroundings, with a strong focus on prioritizing human safety. The system evaluates the severity of incidents caused by attacks, distinguishing between different events—for example, a pedestrian injury is classified as more critical than a collision with an inanimate object. By integrating deep neural network technology with feature engineering, the proposed system provides a comprehensive impact assessment. It is validated using metrics such as MAE, loss function, and Spearman’s correlation through experiments on a dataset of 5410 samples. Beyond enhancing autonomous vehicle security, this research contributes to real-world attack impact assessment, ensuring human safety remains a priority in the evolving autonomous landscape. Full article

This paper addresses the design of nonfragile state estimators for memristor-based fractional-order neural networks that are subject to stochastic cyber-attacks and hybrid time delays. To mitigate the issue of limited bandwidth during signal transmission, quantitative processing is introduced to reduce network burden and prevent signal blocking. In real network environments, the outputs may be compromised by cyber-attacks, which can disrupt data transmission systems. To better reflect the actual conditions of fractional-order neural networks, a Bernoulli variable is utilized to describe the statistical properties. Additionally, novel conditions are presented to ensure the stochastic asymptotic stability of the augmented error system through a new fractional-order free-matrix-based integral inequality. Finally, the effectiveness of the proposed estimation methods is demonstrated through two numerical simulations. Full article

This study investigates the effectiveness of two cybersecurity awareness interventions—phishing simulations and organized online training—in enhancing end-user resilience to phishing attacks in a Croatian university setting. Three controlled phishing simulations and one targeted instructional module were executed across several organizational departments. This study assesses behavioral responses, compromise rates, and statistical associations with demographic variables, including age, department, and educational background. Despite educational instruction yielding a marginally reduced number of compromised users, statistical analysis revealed no meaningful difference between the two methods. The third phishing simulation, executed over a pre-holiday timeframe, demonstrated a significantly elevated compromising rate, underscoring the influence of temporal and organizational context on employee alertness. These findings highlight the shortcomings of standalone awareness assessments and stress the necessity for ongoing, contextualized, and integrated cybersecurity training approaches. The findings offer practical guidance for developing more effective phishing defense strategies within organizational environments. Full article

The rapid expansion of Edge and Industrial Internet of Things (IIoT) systems has intensified the risk and complexity of cyberattacks. Detecting advanced intrusions in these heterogeneous and high-dimensional environments remains challenging. As the IIoT becomes integral to critical infrastructure, ensuring security is crucial to prevent disruptions and data breaches. Traditional IDS approaches often fall short against evolving threats, highlighting the need for intelligent and adaptive solutions. While deep learning (DL) offers strong capabilities for pattern recognition, single-model architectures often lack robustness. Thus, hybrid and optimized DL models are increasingly necessary to improve detection performance and address data imbalance and noise. In this study, we propose an optimized hybrid DL framework that combines a transformer, generative adversarial network (GAN), and autoencoder (AE) components, referred to as Transformer–GAN–AE, for robust intrusion detection in Edge and IIoT environments. To enhance the training and convergence of the GAN component, we integrate an improved chimp optimization algorithm (IChOA) for hyperparameter tuning and feature refinement. The proposed method is evaluated using three recent and comprehensive benchmark datasets, WUSTL-IIoT-2021, EdgeIIoTset, and TON_IoT, widely recognized as standard testbeds for IIoT intrusion detection research. Extensive experiments are conducted to assess the model’s performance compared to several state-of-the-art techniques, including standard GAN, convolutional neural network (CNN), deep belief network (DBN), time-series transformer (TST), bidirectional encoder representations from transformers (BERT), and extreme gradient boosting (XGBoost). Evaluation metrics include accuracy, recall, AUC, and run time. Results demonstrate that the proposed Transformer–GAN–AE framework outperforms all baseline methods, achieving a best accuracy of 98.92%, along with superior recall and AUC values. The integration of IChOA enhances GAN stability and accelerates training by optimizing hyperparameters. Together with the transformer for temporal feature extraction and the AE for denoising, the hybrid architecture effectively addresses complex, imbalanced intrusion data. The proposed optimized Transformer–GAN–AE model demonstrates high accuracy and robustness, offering a scalable solution for real-world Edge and IIoT intrusion detection. Full article

Vehicle-to-everything (V2X) communications enable vehicles to interact with each other and various components of the traffic system, forming the backbone of modern intelligent transportation systems. However, V2X communications are highly susceptible to cyberattacks, posing a threat to both safety and operational efficiency. This paper proposes a real-time anomaly detection framework that integrates the reconstruction capabilities of Variational Autoencoders (VAEs) with the feature extraction power of Convolutional Neural Networks (CNNs). Our model processes streaming data using a sliding window mechanism, ensuring prompt detection of anomalies in the dynamic V2X environment. Extensive experiments demonstrate that our method achieves high performance across diverse anomaly types, with precision, recall, and F1-scores reaching up to 0.91, 0.99, and 0.95, respectively, on challenging anomalies such as constant position offsets. The model consistently outperforms both a traditional autoencoder and a VAE with Long Short-Term Memory (LSTM) layers, particularly on complex anomalies like vehicle speed and position offsets. Additionally, our framework maintains a low inference time of approximately 0.0013 s, making it highly suitable for real-time deployment. Designed to adapt to evolving traffic patterns through periodic retraining, the proposed approach ensures long-term reliability and robustness. By delivering high performance, adaptability, and efficiency, our method provides a reliable way to detect and prevent cyberattacks, thereby making intelligent transportation systems safer and more dependable. Full article

The increasing integration of photovoltaic (PV) systems into smart grids introduces new cybersecurity vulnerabilities, particularly against cyber-physical attacks that can manipulate grid operations and disrupt renewable energy generation. This paper proposes a multi-layered cyber-resilient PV optimization framework, leveraging digital twin-based deception, reinforcement learning-driven cyber defense, and blockchain authentication to enhance grid security and operational efficiency. A deceptive cyber-defense mechanism is developed using digital twin technology to mislead adversaries, dynamically generating synthetic PV operational data to divert attack focus away from real assets. A deep reinforcement learning (DRL)-based defense model optimizes adaptive attack mitigation strategies, ensuring real-time response to evolving cyber threats. Blockchain authentication is incorporated to prevent unauthorized data manipulation and secure system integrity. The proposed framework is modeled as a multi-objective optimization problem, balancing attack diversion efficiency, system resilience, computational overhead, and energy dispatch efficiency. A non-dominated sorting genetic algorithm (NSGA-III) is employed to achieve Pareto-optimal solutions, ensuring high system resilience while minimizing computational burdens. Extensive case studies on a realistic PV-integrated smart grid test system demonstrate that the framework achieves an attack diversion efficiency of up to 94.2%, improves cyberattack detection rates to 98.5%, and maintains an energy dispatch efficiency above 96.2%, even under coordinated cyber threats. Furthermore, computational overhead is analyzed to ensure that security interventions do not impose excessive delays on grid operation. The results validate that digital twin-based deception, reinforcement learning, and blockchain authentication can significantly enhance cyber-resilience in PV-integrated smart grids. This research provides a scalable and adaptive cybersecurity framework that can be applied to future renewable energy systems, ensuring grid security, operational stability, and sustainable energy management under adversarial conditions. Full article

Frequency regulation (FR) constitutes a fundamental aspect of power system stability, particularly in the context of the growing integration of intermittent renewable energy sources (RES) and electric vehicles (EVs). The load frequency control (LFC) mechanism, essential for achieving FR, is increasingly reliant on communication infrastructures that are inherently vulnerable to cyber threats. Cyberattacks targeting these communication links can severely compromise coordination among smart grid components, resulting in erroneous control actions that jeopardize the security and stability of the power system. In light of these concerns, this study proposes a cyber-physical LFC framework incorporating a fuzzy linear active disturbance rejection controller (F-LADRC), wherein the controller parameters are systematically optimized using the quasi-opposition-based reptile search algorithm (QORSA). Furthermore, the proposed approach integrates a comprehensive cyberattack detection and prevention scheme, employing Haar wavelet transforms for anomaly detection and long short-term memory (LSTM) networks for predictive mitigation. The effectiveness of the proposed methodology is validated through simulations conducted on a restructured power system integrating RES and EVs, as well as a modified IEEE 39-bus test system. The simulation outcomes substantiate the capability of the proposed framework to deliver robust and resilient frequency regulation, maintaining system frequency and tie-line power fluctuations within nominal operational thresholds, even under adverse cyberattack scenarios. Full article

The increasing interconnectivity between physical and cyber-systems has led to more vulnerabilities and cyberattacks. Traditional preventive and detective measures are no longer adequate to defend against adversaries. Artificial Intelligence (AI) is used to solve complex problems, including those of cybersecurity. Adversaries also utilise AI for sophisticated and stealth attacks. This study aims to address this problem by exploring the symbiotic relationship of AI and cybersecurity to develop a new, adaptive strategic approach to defend against cyberattacks and improve global security. This paper explores different disciplines to solve security problems in real-world contexts, such as the challenges of scalability and speed in threat detection. It develops an algorithm and a detective predictive model for a Malicious Alert Detection System (MADS) that is an integration of adaptive learning and a neighbourhood-based voting alert detection framework. It evaluates the model’s performance and efficiency among different machines. The paper discusses Machine Learning (ML) and Deep Learning (DL) techniques, their applicability in cybersecurity, and the limitations of using AI. Additionally, it discusses issues, risks, vulnerabilities, and attacks against AI systems. It concludes by providing recommendations on security for AI and AI for security, paving the way for future research on enhancing AI-based systems and mitigating their risks. Full article

As today’s cybersecurity environment is becoming increasingly complex, it is crucial to analyse threats quickly and effectively. A delayed response or lack of foresight can lead to data loss, reputational damage, and operational disruptions. Therefore, developing methods that can rapidly extract valuable threat intelligence is a critical need to strengthen defence strategies and minimise potential damage. This paper presents an innovative approach that integrates knowledge graphs and a fine-tuned BERT-based model to analyse cyber threat intelligence (CTI) data. The proposed system extracts cyber entities such as threat actors, malware, campaigns, and targets from unstructured threat reports and establishes their relationships using an ontology-driven framework. A named entity recognition dataset was created and a BERT-based model was trained. To address the class imbalance, oversampling and a focal loss function were applied, achieving an F1 score of 96%. The extracted entities and relationships were visualised and analysed using knowledge graphs, enabling the advanced threat analysis and prediction of potential attack targets. This approach enhances cyber-attack prediction and prevention through knowledge graphs. Full article

Internet of Things (IoT) devices usually face some difficulty in supporting complex security protocols or intrusion-prevention mechanisms, due to their limited system resources. As a result, IoT devices are fraught with significant security vulnerabilities and are vulnerable to cyberattacks. Correspondingly, the Internet-wide port scan (IWPS) technique has garnered significant attention for its ability to discover and probe Internet-wide connected IoT devices. However, the existing scanners for IWPSs are often not satisfactory in terms of scan efficiency. Improving the scan rate is an important avenue in IWPS research. In this paper, we found, through experimental analysis, that the regional characteristics of scanners greatly affect the scan rate. Based on this, we then proposed an area-aware IWPS approach, to improve scan efficiency. Firstly, we clustered the scanners according to the region, and we built an average delay table for each cluster. The average delay table records the average time delay for scanners in the cluster to detect IP addresses in different regions. Secondly, to avoid wasting resources, we also designed a two-layer balancing mechanism, to ensure the workload balance of the system. Finally, we performed extensive experiments on a real platform to demonstrate the effectiveness of our algorithm. The scan rate of our proposed approach improved compared to that of the most popular open scan tool, Nmap, by 3–4 times, and the detection accuracy increased by 8%. Full article

Organizational security assurance is a complex and multi-dimensional task. One of the biggest threats to an organization is the credulity of phishing attacks for its employees. To prevent attacks, employees must maintain cyber security hygiene and increase their awareness of the cyberattack landscape. In this paper, we investigate how selected Lithuanian education system employees are vulnerable to spear-phishing attacks. In various education organizations, spear-phishing attacks were imitated, and user responses to received emails were monitored and analyzed. Each organization needs a different attention because employee behavior varies. Employees’ reaction time dimension is explored in the research. Based on these results, it appears that the organization has no time for delayed responses. Employees in the education system are highly affected by spear-phishing attacks and need less than one minute to provide attacker-requested data. This illustrates that automated e-mail filtering systems are a key element in the fight against these kinds of attacks. Full article

The tight integration of cyber and physical networks in integrated energy cyber–physical systems (IECPS) improves system awareness and coordinated control but also heightens susceptibility to targeted attacks. A robust IECPS defense system is crucial for increasing the system’s resilience against deliberate attacks. Reducing the associated risks is essential to ensure the safe and stable operation of IECPS. In order to enhance the defense capability of IECPS against deliberate attacks, this paper discusses cyberattacks, physical attacks, and coordinated cyber physical attacks (CCPAs) in detail. The attack principles and attack models of each type of attack are described, and then the intentional attack threats faced by IECPS are analyzed. Based on this, the paper reviews the current research landscape regarding countermeasures against deliberate attacks, categorizing the findings into three key areas: preemptive prevention, process response, and post–event recovery and summarizing. The theoretical foundations, system planning, optimal scheduling, and cyber security technologies required for existing defense research are further elaborated. The unresolved issues within these key technologies are analyzed and summarized, followed by the presentation of the problems and challenges faced in defending against deliberate IECPS attacks. Full article