Data encryption is the process of turning data into encrypted data. It is a crucial technology for securing data while it is being stored or transmitted, especially in cloud environments where data is stored remotely and accessed over the internet. In our study, we compared five well-known algorithms to determine which is the most reliable for data encryption in cloud environments. This research study provides insights into the performance of different data encryption algorithms in the cloud environment and their potential applications in various industries. There are several benefits of using data encryption, including cost efficiency, management control and remote worker protection. Encryption is cheap to implement as many of today s devices and systems come with built-in encryption technology. Encryption can free organizations from government-imposed regulatory fines as some governments have mandated regulations and requirements regarding data protection that require private data to be encrypted and prevent all unauthorized access and all illegal activities. Encryption can help secure and protect remote workers by securing their data and communications. As more and more employees opt for remote working, that is, working from home, the need for data security has become more important.

Encryption technique is widely used to ensure security in communication and wireless networks such as the Internet, Networking zone and Intranet. Every type of data has its own characteristics consequently, to safeguard private picture data from unwanted access, a variety of strategies are employed. In this paper an image encryption technology called Data Encryption Standard (DES) is combined with XOR to create a block cypher transformation algorithm for picture security. The suggested method is based on XOR with DES encryption, which emphasizes larger changes in the RGB combination as well as the histogram. The findings of the suggested method indicate more variety. The security of the system will be increased by increasing the variety.

Nowadays, the increasing number of devices deployed in IoT systems implementation and the requirement of preserving the integrity of data transported over the Internet, demand the use of data encryption schemes. This paper aims to show the performance evaluation of CP-ABE (Ciphertext-Policy Attribute Based Encryption) type of encryption over MQTT (Message Queue Transport Telemetry) that focuses on execution time for an IoT system with Raspberry Pi. For the implementation, two Raspberry Pi 4 Computer Model B are used for both the publisher and the subscriber, and a computer with Ubuntu 20.04 LTS operating system is used for the Broker and the Key Authority. The result of the present work provides relevant information on the execution times required in the CP-ABE encryption scheme to provide data integrity and fine-grained access control policy in an IoT system. The work demonstrates that the CP-ABE encryption scheme is suitable for IoT systems.

This paper present s a new image encryption model with focus on symmetric key schemes. It discus 5 schemes: Random Generation Key (8B); Random Key Generation part A(4B) and part B(4B); Input User Key (4B), Encrypted key and Random Key generation (4B); Random Key Generate (4B) and Input User Encrypted Key (4B); Input User Key (8B). Experimental results are based on image encryption by DES algorithm (5 instances) and by AES algorithm (5 instances). A table with image quality values and a table with complex arithmetic mean error are done.

The foundation of cryptography is number theory, which is crucial to data security. The majority of commonly used encryption techniques use prime integers, making it challenging to identify specific prime values (keys). The suggested approach employs matrices and vectors as keys, making it harder to identify the individual keys and using vectors to represent the data. Now a days, one method for providing data security safeguards is encryption. The right encryption technique protects digital data from unauthorized access, data corruption, e-piracy, e-theft, and other threats. Data security is the main benefit of utilizing this method. Here, we have used the symmetric key encryption procedure to generate keys from two uneven matrices. Seven different keys in matrix format have been chosen to perform encryption and decryption. With the help of an example, the techniques for encryption and decryption have been explained.

Nowadays, in communications, the main criteria to ensure that the information and communication in the network. The normal two users communication exchanges confidential data and files via the network. Secure data communication is the most important and crucial problem by message transmission networks. To resolve this problem, cryptography uses mathematical encryption and decryption data on adaptation by converting a data from key into an unreadable format. Cryptography provides a method for performing the transmission of confidential or secure communication. The proposed Padding Key Encryption (PKE) algorithm is used to encrypt the data; it generates the secret key in an unreadable format. The receiver decrypts the data using the private key in a readable format. In the proposed PKE algorithm, the sender sends data into plain text to cipher-text using a secret key to the authorized person; the unauthorized person cannot access the data through the Internet; only an authorized person can view the data the private key. The proposed simulation results provide high security to communicate the receiver for confidential data or files compared with other previous methods.

This paper presents a novel image encryption method that combines symmetric and asymmetric encryption with a watermark embedding extraction algorithm based on wavelet transform. The algorithm ensures the invisibility and robustness of the watermark, providing the first layer of encryption. The second layer of encryption is implemented by leveraging the efficiency of symmetric encryption and the security of asymmetric encryption. The integrity of the watermarking is evaluated using MEB(\%), PSNR(dB), and SSIM(\%), while the algorithm s efficiency is assessed through the encryption time T(ms). Experimental results show that the watermark achieves a PSNR of 59.671dB and an SSIM of 99.9, confirming its integrity and robustness. Furthermore, the synthetic encryption process takes only 50 seconds, ensuring both security and efficiency without increasing the time complexity. In conclusion, the proposed synthetic encryption algorithm demonstrates excellent performance in terms of efficiency and security.

The power communication network based on 5G network slicing is an important foundation to support smart grid, and the bearing of small granularity power regulation and control class services depends on the slicing soft isolation technology, and the data isolation between each soft isolation channel is crucial. In this paper, we propose a new symmetric cryptographic algorithm based on random coding, and establish a hybrid encryption method based on this symmetric algorithm, combined with SM2 and SM3 algorithms, which is suitable for encrypting the data of power regulation and control services. It is also verified through simulation that the proposed hybrid encryption method has high encryption efficiency while ensuring security.

This paper explores the advantages and limitations of probabilistic and deterministic encryption schemes for securing sensitive data. While probabilistic encryption ensures high security for data encryption, it can pose limitations when filtering and querying data. On the other hand, deterministic encryption method is a more flexible and unchanging encryption scheme that allows for the benefits of filtering data while icing its security. Many platform encryptions use deterministic encryption to allow for filtering of translated data while minimizing exposure of plain values to cipher values. Still, deterministic encryption can still pose certain pitfalls and may reveal information to eavesdroppers. A promising variation of encryption for perfecting security in communication end is ‘Varying encryption’ which is grounded on factors such as distance and country of connection. This acclimatized approach offers increased speed and security and can confuse attackers, making it harder for them to gain access to information being transmitted. Though, careful analysis of the advantages and disadvantages of assigning a specific encryption standard to a given set of conditions is essential to achieve optimal results.

With the increased usage of video communication technologies, the requirement for secure video data transfer has grown more critical than ever. Video encryption methods are critical in preventing unauthorized access to sensitive video data while it is provided across insecure networks. This study compares several video encryption algorithms, including symmetric and asymmetric key-based encryption methods. The goal of this research is to compare the security, computational complexity, and transmission overhead of several video encryption techniques. The research includes an examination of well-known encryption algorithms that include AES (Advanced Encryption Standard), RSA (Rivest-Shamir-Adelman) and DES (Data Encryption Standard), as well as variants on these techniques. Furthermore, this work offers a hybrid video encryption method that combines symmetric and asymmetric key-based encryption approaches to provide good security while being computationally simple. The experimental results reveal that the proposed method is more successful and effective than existing video encryption techniques. The suggested method used to secure video data communication over unsecured networks such as the internet, assuring the video data s secrecy, integrity, and authenticity.

Nowadays, companies, critical infrastructure and governments face cyber attacks every day ranging from simple denial-of-service and password guessing attacks to complex nationstate attack campaigns, so-called advanced persistent threats (APTs). Defenders employ intrusion detection systems (IDSs) among other tools to detect malicious activity and protect network assets. With the evolution of threats, detection techniques have followed with modern systems usually relying on some form of artificial intelligence (AI) or anomaly detection as part of their defense portfolio. While these systems are able to achieve higher accuracy in detecting APT activity, they cannot provide much context about the attack, as the underlying models are often too complex to interpret. This paper presents an approach to explain single predictions (i. e., detected attacks) of any graphbased anomaly detection systems. By systematically modifying the input graph of an anomaly and observing the output, we leverage a variation of permutation importance to identify parts of the graph that are likely responsible for the detected anomaly. Our approach treats the anomaly detection function as a black box and is thus applicable to any whole-graph explanation problems. Our results on two established datasets for APT detection (StreamSpot \& DARPA TC Engagement Three) indicate that our approach can identify nodes that are likely part of the anomaly. We quantify this through our area under baseline (AuB) metric and show how the AuB is higher for anomalous graphs. Further analysis via the Wilcoxon rank-sum test confirms that these results are statistically significant with a p-value of 0.0041\%.

This study explores the pressing need for more effective IT governance and cybersecurity resilience within enterprises by strategically integrating red teaming exercises. Our research approach involved a comprehensive investigation encompassing literature review, surveys, interviews, and robust data analysis. We leveraged established frameworks like ISO 27001:2022, NIST CSF, and COBIT 2019 for model development. The results demonstrate a significant correlation between the frequency of red teaming exercises and higher IT governance maturity, highlighting the positive impact of increased engagement. The study emphasizes the value of incorporating red teaming insights to enhance IT governance maturity and bolster cybersecurity resilience, accounting for organizational size and industry sector variables. It underscores the critical importance of seamlessly integrating red teaming outcomes into governance procedures to fortify cybersecurity defenses and enable organizations to adapt swiftly to evolving threats, thus enhancing their overall security posture. Our model provides a practical roadmap for organizations dedicated to strengthening cybersecurity resilience in today s fast-changing digital landscape.

The ever-evolving and intricate nature of cyber environments, coupled with the escalating risk of cyber-attacks, necessitates robust solutions in the realm of cybersecurity. Knowledge graphs have emerged as a promising avenue for consolidating, representing, managing, and reasoning over cyber threat intelligence. However, applying knowledge graphs to tackle real-world challenges in cyber-attack and defense scenarios remains an area requiring further exploration. This paper aims to address this gap by providing a comprehensive overview of the fundamental concepts, schema design, and construction methodologies for the cybersecurity knowledge graph. To facilitate future research endeavors, we have carefully curated datasets and open-source libraries tailored for knowledge construction and information extraction tasks. Furthermore, we present a detailed comparative review of recent advancements in the application scenarios of cybersecurity knowledge graphs. To provide clarity and organization, we introduce a novel classification framework that categorizes interconnected works into distinct primary categories and subcategories. The paper concludes by outlining potential research directions in the cybersecurity knowledge graph domain, paving the way for further advancements and innovations in the field.

As computing ability continues to rapidly develop, neural networks have found widespread use in various fields. However, in the realm of visible watermarking for image copyright protection, neural networks have made image protection through watermarking less effective. Some research has even shown that watermarks can be removed without damaging to the original image, posing a significant threat to digital copyright protection. In response, the community has introduced adversarial perturbations for watermark protection, but these are sample-specific and time-consuming in real-world scenarios. To address this issue, we propose a new universal adversarial perturbation for watermark removal networks that offers two options. The first option involves adding perturbations to the entire host image, bringing the output of the watermark removal network closer to the original image and providing protection. The second option involves adding perturbations only to the watermark position, reducing the impact of the perturbation on the image and enhancing stealthiness. Our experiments demonstrate that our method effectively resists watermark removal networks and has good generalizability across different images.

As the network security landscape changes with time and market, organizations seek different and innovative approaches to strengthen their security defenses. This paper gives a theoretical explanation, highlighting the combination of honeypots and network monitoring tools as a dynamic strategy for enhancing security within networking environments. By using honeypots along with network monitoring tools, we bring out a multilayered defense strategy aimed at identifying and examining potential attack patterns. Our research dives into the theory of honeypots, their role in diverting malicious attacks, and their relationship with network monitoring tools. This combined framework helps organizations to detect, analyze, and ultimately reduce security threats. Through theoretical inputs and suggestions, this paper presents a framework for organizations seeking to enhance their cybersecurity defenses by exploring the complications of attacks through advanced network monitoring, along with honeypot security mechanisms.

The design and evaluation of cyber-physical systems are complex as it includes mechanical, electrical, and software components leading to a high dimensional space for architectural search and parametric tuning. For each new design, engineers need to define performance objectives, capture data from previous designs, make a model-based design, and then develop and enhance each system in each iteration. To address this problem, we present a combinatorial and parametric design space exploration and optimization technique for automatic design creation. We leverage gradient-free methods to jointly optimize the multiple domains of the cyber-physical systems. Finally, we apply this method in a DARPA design challenge where the goal is to create new designs for unmanned aerial vehicles. We evaluate the new designs on performance benchmarks and demonstrate the effectiveness of gradient-free optimization techniques in automatic design creation.

As cyberattacks are rising, Moving Target Defense (MTD) can be a countermeasure to proactively protect a networked system against cyber-attacks. Despite the fact that MTD systems demonstrate security effectiveness against the reconnaissance of Cyber Kill Chain (CKC), a time-based MTD has a limitation when it comes to protecting a system against the next phases of CKC. In this work, we propose a novel hybrid MTD technique, its implementation and evaluation. Our hybrid MTD system is designed on a real SDN testbed and it uses an intrusion detection system (IDS) to provide an additional MTD triggering condition. This in itself presents an extra layer of system protection. Our hybrid MTD technique can enhance security in the response to multi-phased cyber-attacks. The use of the reactive MTD triggering from intrusion detection alert shows that it is effective to thwart the further phase of detected cyber-attacks. We also investigate the performance degradation due to more frequent MTD triggers.This work contributes to (1) proposing an ML-based rule classification model for predicting identified attacks which helps a decision-making process for security enhancement; (2) developing a hybrid-based MTD integrated with a Network Intrusion Detection System (NIDS) with the consideration of performance and security; and (3) assessment of the performance degradation and security effectiveness against potential real attacks (i.e., scanning, dictionary, and SQL injection attack) in a physical testbed.

Cybercrime continues to pose a significant threat to modern society, requiring a solid emphasis on cyber-attack prevention, detection and response by civilian and military organisations aimed at brand protection. This study applies a novel framework to identify, detect and mitigate phishing attacks, leveraging the power of computer vision technology and artificial intelligence. The primary objective is to automate the classification process, reducing the dwell time between detection and executing courses of action to respond to phishing attacks. When applied to a real-world curated dataset, the proposed classifier achieved relevant results with an F1-Score of 95.76\% and an MCC value of 91.57\%. These metrics highlight the classifier’s effectiveness in identifying phishing domains with minimal false classifications, affirming its suitability for the intended purpose. Future enhancements include considering a fuzzy logic model that accounts for the classification probability in conjunction with the domain creation date and the uniqueness of downloaded resources when accessing the website or domain.

Rising cyber risks have compelled organizations to adopt better cyber-protection measures. This study focused on discovering crucial security metrics and assessing the function of red teaming in enhancing cybersecurity defenses against novel cyber hazards. The PRISMA standard considered nine core research works issued between 2014 and 2023. The inclusion of red teaming best practices can significantly enhance cybersecurity architecture. Accurate simulations of cyber threats during red teaming exercises help identify vulnerabilities, and actively embracing red teaming can amplify an organization s capacity to repel future cyber assaults. Researchers and practitioners can utilize the study s insights to pioneer novel security solutions. Combining red teaming methodologies with relevant metrics is essential for enhancing cybersecurity posture. The study s discoveries grant companies a priceless benefit in navigating the rapidly changing cyber threat environment and reinforcing their cyber protection mechanisms.

Cyber attack scenario reconstruction plays a crucial role in understanding and mitigating security breaches. In this paper, we propose a novel framework that leverages Natural Language Processing (NLP), specifically Named Entity Recognition (NER), and semantic similarity techniques to reconstruct cyber attack scenarios. By analyzing Intrusion Detection alerts, our offline approach identifies relevant entities, detects relationships between them, and measures semantic similarity to uncover hidden patterns and connections. We demonstrate the effectiveness of our framework through experimental evaluations using a public dataset. The results highlight the potential of NLP-based approaches in cyber attack scenario reconstruction.

The Internet of Things (IoT) refers to the growing network of connected physical objects embedded with sensors, software and connectivity. While IoT has potential benefits, it also introduces new cyber security risks. This paper provides an overview of IoT security issues, vulnerabilities, threats, and mitigation strategies. The key vulnerabilities arising from IoT s scale, ubiquity and connectivity include inadequate authentication, lack of encryption, poor software security, and privacy concerns. Common attacks against IoT devices and networks include denial of service, ransom-ware, man-in-the-middle, and spoofing. An analysis of recent literature highlights emerging attack trends like swarm-based DDoS, IoT botnets, and automated large-scale exploits. Recommended techniques to secure IoT include building security into architecture and design, access control, cryptography, regular patching and upgrades, activity monitoring, incident response plans, and end-user education. Future technologies like blockchain, AI-enabled defense, and post-quantum cryptography can help strengthen IoT security. Additional focus areas include shared threat intelligence, security testing, certification programs, international standards and collaboration between industry, government and academia. A robust multilayered defense combining preventive and detective controls is required to combat rising IoT threats. This paper provides a comprehensive overview of the IoT security landscape and identifies areas for continued research and development.

A three-party evolutionary game model is constructed by combining the cyber deception, the defender (intrusion detection system), and the attacker. The attackers choose attack strategies to gain greater benefits. The cyber deception can induce attackers to attack fake vulnerabilities, so as capture and analyze the attackers intentions. The defenders use the captured attacker information to adjust their defense strategies and improve detection of attacks. Using cyber deception to enhance the defender choice of strategy, reduce attacker s profit, enable defender to play their own superior strategy, reduce node resource overhead, and prolong network survival time. Through the capture and feature extraction of attacker s attack information, the attack feature database of intrusion detection system is improved, and the detection probability of the attack by the defender is increased. According to the simulation results, the cyber deception can provide the defender with the attacker s attack information in the process of attack and defense, increase the probability of the defender s successful defense, speed up the convergence speed of the optimal defense strategy, and reduce the convergence speed of the attacker s optimal strategy. It is proved that the cyber deception as a third-party participant can effectively help the defender to protect the security of the network.

Cyber threats have been a major issue in the cyber security domain. Every hacker follows a series of cyber-attack stages known as cyber kill chain stages. Each stage has its norms and limitations to be deployed. For a decade, researchers have focused on detecting these attacks. Merely watcher tools are not optimal solutions anymore. Everything is becoming autonomous in the computer science field. This leads to the idea of an Autonomous Cyber Resilience Defense algorithm design in this work. Resilience has two aspects: Response and Recovery. Response requires some actions to be performed to mitigate attacks. Recovery is patching the flawed code or back door vulnerability. Both aspects were performed by human assistance in the cybersecurity defense field. This work aims to develop an algorithm based on Reinforcement Learning (RL) with a Convoluted Neural Network (CNN), far nearer to the human learning process for malware images. RL learns through a reward mechanism against every performed attack. Every action has some kind of output that can be classified into positive or negative rewards. To enhance its thinking process Markov Decision Process (MDP) will be mitigated with this RL approach. RL impact and induction measures for malware images were measured and performed to get optimal results. Based on the Malimg Image malware, dataset successful automation actions are received. The proposed work has shown 98\% accuracy in the classification, detection, and autonomous resilience actions deployment.

Cybersecurity is an increasingly critical aspect of modern society, with cyber attacks becoming more sophisticated and frequent. Artificial intelligence (AI) and neural network models have emerged as promising tools for improving cyber defense. This paper explores the potential of AI and neural network models in cybersecurity, focusing on their applications in intrusion detection, malware detection, and vulnerability analysis. Intruder detection, or "intrusion detection," is the process of identifying Invasion of Privacy to a computer system. AI-based security systems that can spot intrusions (IDS) use AI-powered packet-level network traffic analysis and intrusion detection patterns to signify an assault. Neural network models can also be used to improve IDS accuracy by modeling the behavior of legitimate users and detecting anomalies. Malware detection involves identifying malicious software on a computer system. AI-based malware machine-learning algorithms are used by detecting systems to assess the behavior of software and recognize patterns that indicate malicious activity. Neural network models can also serve to hone the precision of malware identification by modeling the behavior of known malware and identifying new variants. Vulnerability analysis involves identifying weaknesses in a computer system that could be exploited by attackers. AI-based vulnerability analysis systems use machine learning algorithms to analyze system configurations and identify potential vulnerabilities. Neural network models can also be used to improve the accuracy of vulnerability analysis by modeling the behavior of known vulnerabilities and identifying new ones. Overall, AI and neural network models have significant potential in cybersecurity. By improving intrusion detection, malware detection, and vulnerability analysis, they can help organizations better defend against cyber attacks. However, these technologies also present challenges, including a lack of understanding of the importance of data in machine learning and the potential for attackers to use AI themselves. As such, careful consideration is necessary when implementing AI and neural network models in cybersecurity.

In this research, we evaluate the effectiveness of different MTD techniques on the transformer-based cyber anomaly detection models trained on the KDD Cup’99 Dataset, a publicly available dataset commonly used for evaluating intrusion detection systems. We explore the trade-offs between security and performance when using MTD techniques for cyber anomaly detection and investigate how MTD techniques can be combined with other cybersecurity techniques to improve the overall security of the system. We evaluate their performance using standard metrics such as accuracy and FI score, as well as measures of robustness against adversarial attacks. Our results show that MTD techniques can significantly improve the security of the anomaly detection model, with some techniques being more effective than others depending on the model architecture. We also find that there are trade-offs between security and performance, with some MTD techniques leading to a reduction in model accuracy or an increase in computation time. However, we demonstrate that these tradeoffs can be mitigated by optimizing the MTD parameters for the specific model architecture.