MANET Security - The detection and maintenance of the pathway from the source to the destination or from one node to another node is the major role played by the nodes in the MANET. During their period, nodes arrive or leave the network, and endlessly modify their comparative location. The dynamic nature introduces several security issues. Secure routing protocol is a significant area for attaining better security in the network by keeping the routing protocols against attacks. Thus, this research work focuses on developing a secure routing protocol for MAN ET. Here, a dynamic anomaly detection scheme has proposed to detect against malicious attacks in the network. This scheme has been incorporated with AODV protocol to enhance the performance of AODV in disseminating packets to target node. In this research work Protected AODV (PAODV) is protocol is introduced to identify the false alarm node in the network and route path for reliable communication between the source to destination. Simulation results it shows the detection rate, Packet drop rate and delay is minimized compare to the existing technique.

MANET Security - Recently, the mobile ad hoc network (MANET) has enjoyed a great reputation thanks to its advantages such as: high performance, no expensive infrastructure to install, use of unlicensed frequency spectrum, and fast distribution of information around the transmitter. But the topology of MANETs attracts the attention of several attacks. Although authentication and encryption techniques can provide some protection, especially by minimizing the number of intrusions, such cryptographic techniques do not work effectively in the case of unseen or unknown attacks. In this case, the machine learning approach is successful to detect unfamiliar intrusive behavior. Security methodologies in MANETs mainly focus on eliminating malicious attacks, misbehaving nodes, and providing secure routing.

MANET Security - The current stady is confined in proposing a reputation based approach for detecting malicious activity where past activities of each node is recorded for future reference. It has been regarded that the Mobile ad-hoc network commonly called as (MANET) is stated as the critical wireless network on the mobile devices using self related assets. Security considered as the main challenge in MANET. Many existing work has done on the basis of detecting attacks by using various approaches like Intrusion Detection, Bait detection, Cooperative malicious detection and so on. In this paper some approaches for identifying malicious nodes has been discussed. But this Reputation based approach mainly focuses on sleuthing the critcal nodes on the trusted path than the shortest path. Each node will record the activity of its own like data received from and Transferred to information. As soon as a node update its activity it is verified and a trust factor is assigned. By comparing the assigned trust factor a list of suspicious or malicious node is created..

MANET Security - Remote correspondence innovations are assuming a critical part in the plan and execution of Mobile Ad hoc Network (MANET). The portrayal of MANET, for example, dynamism in geography, restricted transfer speed and power usage expands the unlicensed correspondence advancements and intricacies in existing conventions. This paper analyzes the current and not so distant future Wireless correspondence Technologies in the 2.4 GHz band. Additionally, this paper thinks about the features and limits of those advances lastly closes with the need for the improvement of reasonable brought together convention for existing and future remote advances. It has been considered that the overview and correlation introduced in this paper would help specialists and application engineers in choosing a fitting innovation for MANET administrations.

MANET Security - Mobile ad hoc networks can expand access networks service zones and offer wireless to previously unconnected or spotty areas. Ad hoc networking faces transmission failures limited wireless range, disguised terminal faults and packet losses, mobility-induced route alterations, and battery constraints. A network layer metric shows total network performance. Ad-hoc networking provides access networks, dynamic multi-hop architecture, and peer-to-peer communication. In MANET, each node acts as a router, determining the optimum route by travelling through other nodes. MANET includes dynamic topology, fast deployment, energy-restricted operation, and adjustable capacity and bandwidth. Dynamic MANET increases security vulnerabilities. Researchers have employed intrusion detection, routing, and other techniques to provide security solutions. Current technologies can t safeguard network nodes. In a hostile environment, network performance decreases as nodes increase. This paper presents a reliable and energy-efficient Firefly Energy Optimized Routing (IFEOR)-based routing method to maximise MANET data transmission energy. IFEOR measures MANET firefly light intensity to improve routing stability. The route path s energy consumption determines the firefly s brightness during MANET data packet transfer. Adopting IFEOR enhanced packet delivery rates and routing overheads. End-to-end delay isn t reduced since nodes in a route may be idle before sending a message. Unused nodes use energy.

MANET Security - Many systems have recently begun to examine blockchain qualities in order to create cooperation enforcement methods. This paper provides a complete aod extensive evaluation of work on multi-hop MANETs with blockchain-based trust control between nodes. We contextualize tbe snag of security in MANETs resulting from the lack of trust between the participating nodes. We present tbe blockchain concepts aod discuss tbe limitation of tbe current blockchain in MANETs. We review the promising proposed ideas in the state-of-the-art based on research papers. FinaUy, we discuss aod summarize strategies and chaUenges for further research.

Microelectronics Security - In this paper, we present research on the analysis of the design space for cybersecurity visualizations in VizSec. At the beginning of this research, we analyzed 17 survey papers in the field of cybersecurity visualization. Based on the analysis of the focus areas in each of these survey papers, we identified five key components of visualization design, i.e. Input Data, Security Tasks, Visual Encoding, Interactivity, and Evaluation. To show how research papers align with these components, we analyzed 60 papers published at the IEEE Symposium on Visualization for Cyber Security (VizSec) between 2016 and 2021 in the context of the five identified components. As a result, each research paper was classified into several categories derived from the selected components of the visualization design. Our contributions are: (i) an analysis of the focus areas in survey papers on cybersecurity visualization and (ii) the classification of 60 research papers in the context of the selected components of the visualization design. Finally, we highlighted the main findings of the analysis and drew conclusions.

Microelectronics Security - A mail spoofing attack is a harmful activity that modifies the source of the mail and trick users into believing that the message originated from a trusted sender whereas the actual sender is the attacker. Based on the previous work, this paper analyzes the transmission process of an email. Our work identifies new attacks suitable for bypassing SPF, DMARC, and Mail User Agent’s protection mechanisms. We can forge much more realistic emails to penetrate the famous mail service provider like Tencent by conducting the attack. By completing a large-scale experiment on these well-known mail service providers, we find some of them are affected by the related vulnerabilities. Some of the bypass methods are different from previous work. Our work found that this potential security problem can only be effectively protected when all email service providers have a standard view of security and can configure appropriate security policies for each email delivery node. In addition, we also propose a mitigate method to defend against these attacks. We hope our work can draw the attention of email service providers and users and effectively reduce the potential risk of phishing email attacks on them.

Microelectronics Security - The boundaries between the real world and the virtual world are going to be blurred by Metaverse. It is transforming every aspect of humans to seamlessly transition from one virtual world to another. It is connecting the real world with the digital world by integrating emerging tech like 5G, 3d reconstruction, IoT, Artificial intelligence, digital twin, augmented reality (AR), and virtual reality (VR). Metaverse platforms inherit many security \& privacy issues from underlying technologies, and this might impede their wider adoption. Emerging tech is easy to target for cybercriminals as security posture is in its infancy. This work elaborates on current and potential security, and privacy risks in the metaverse and put forth proposals and recommendations to build a trusted ecosystem in a holistic manner.

Microelectronics Security - The need for safe large data storage services is at an all-time high and confidentiality is a fundamental need of any service. Consideration must also be given to service customer anonymity, one of the most important privacy considerations. As a result, the service should offer realistic and fine-grained [11] encrypted data sharing, which allows a data owner to share a cipher text of data with others under certain situations. In order to accomplish the aforesaid characteristics, our system offers a novel privacy- preserving cipher text multi-sharing technique. In this way, proxy re-encryption and anonymity are combined to allow many receivers to safely and conditionally receive a cipher text while maintaining the confidentiality of the underlying message and the identities of the senders and recipients. In this paper, a logical cloud security scheme is introduced called Modified Data Cipher Policies (MDCP), in which it is a new primitive also protects against known cipher text attacks, as demonstrated by the system.

Microelectronics Security - In recent years, information and communication systems have experienced serious security issues due to the rising popularity of image-sharing platforms and the ubiquity of numerous smart electronic devices. The increased volume of data generated by the medical and clinical communities necessitates the use of such advanced platforms for data exchange. As a result, the implementation of improved procedures and resources in terms of storage and security is essential. This research proposes a novel medical image encryption method based on chaos sequence and the modified Twofish algorithm. A quick and more efficient algorithm than current methods is built using chaos-based image encryption methods. The modified algorithm can be applied for hardware applications.

Microelectronics Security - By analyzing the current research status at home and abroad, researching and analyzing the system requirements, we develops and designs an environmental and security system based on NB-IoT and ZigBee protocols, so that the sensor data collected on the device side can realize realtime data monitoring and home environment safety alarm on the open-source control platform and user terminal. Finally, we test and demonstrate the system and summarize the results and future prospects.

Microelectronics Security - In practice, different styles of side channel attacks can utilize the leakages of a crypto device to recover the used secret key, which can pose a serious threat on the physical security of a crypto device. Among different styles of side channel attacks, template attack can be information theoretically the strongest attack style. However, numerical problems can seriously influence the key-recovery efficiency of template attack in practice, which can make template attack useless in practice. In light of this, the variance analysis based distinguisher is proposed for template attack. Compared with the classical template attack, variance analysis based template attack can reduce the computational complexity of template attack from O(d3) to O(d), where d denotes the number of interesting points. Besides, numerical problems do not exist anymore. Therefore, a large number of interesting points can be chosen to enlarge the leakage exploitation and accordingly optimize the key-recovery efficiency of template attack. The key-recovery efficiency of variance analysis based template attack is evaluated in both simulated and real scenarios, and the evaluation results show that compared with the classical template attack, variance analysis based template attack can maintain a high key-recovery efficiency while significantly decrease the number of traces that should be used in the profiling phase of template attack.

Microelectronics Security - In this paper, we propose a Chaotic Probability Constellation Shaping (CPCS) method in Free-Space Optical (FSO) communication to enhance security and improve the performance of the transmission data. Gather as many points as possible in the middle via chaotic controlling. The influence of turbulence on the signal transmission can be attenuated to the minimum. In the simulation, a ratio of 56Gb/s 16-QAM signal is transmitted 1-km space channel with an attenuation index of 10dB/km. The CPCS technique can improve almost 0.5 dB optical signal noise ratio (OSNR) performance @10-3 BER than that of the related original signal. Simulation results indicate that the proposed method not only enhances the security but also improves the BER performance.

Microelectronics Security - With the increasing improvement of network security technology, network security management is forming a closedloop process of transitioning from post-fire fighting to prechecking, real-time monitoring and protection, and postdisposal reinforcement. This paper introduces a new system based on network asset risk assessment and network asset security protection, which is capable of detecting unrepaired security vulnerabilities in network assets and monitoring users’ assets for compliance, and notifying them if there are problems, and also has SYSLOG asset upload technology for uploading asset changes.

Microelectronics Security - Web application security is the most important area when it comes to developing a web application. Many web applications having vulnerabilities due to poor implementation of security measures. These web applications will be deployed without fixing the vulnerabilities thus becomes vulnerable to many cyber-attacks. Simple attacks like brute-force and NoSQL injection could give unauthorized access to the user accounts. This leads to user privacy issues which could create huge loss to the organizations. These vulnerabilities can be fixed by implementing the necessary security measures while developing the web application. OWASP (Open Web Application Security Project) is a non-profit organization which gives the severity, impact and prevention methods about Top 10 vulnerabilities in web applications. This research deals with the implementation of bestsecurity practices for Node.js web applications in detail. This research paper proposes the security mechanisms for attacks related to front-end, middleware and backend web development using OWASP suggestions. The main focus of this research paper is on prevention of Denial-of-service attack, Brute force attack, NoSQL injection attack and Unrestricted file upload vulnerability.The proposed prevention methods are implemented in a web application to test the defensive mechanisms against the mentionedvulnerabilities.

Malware Analysis - The rapid development of network information technology, individual’s information networks security has become a very critical issue in our daily life. Therefore, it is necessary to study the malware propagation model system. In this paper, the traditional integer order malware propagation model system is extended to the field of fractional-order. Then we analyze the asymptotic stability of the fractional-order malware propagation model system when the equilibrium point is the origin and the time delay is 0. Next, the asymptotic stability and bifurcation analysis of the fractional-order malware propagation model system when the equilibrium point is the origin and the time delay is not 0 are carried out. Moreover, we study the asymptotic stability of the fractional-order malware propagation model system with an interior equilibrium point. In the end, so as to verify our theoretical results, many numerical simulations are provided.

Malware Analysis - Detection of malware and security attacks is a complex process that can vary in its details and analysis activities. As part of the detection process, malware scanners try to categorize a malware once it is detected under one of the known malware categories (e.g. worms, spywares, viruses, etc.). However, many studies and researches indicate problems with scanners categorizing or identifying a particular malware under more than one malware category. This paper, and several others, show that machine learning can be used for malware detection especially with ensemble base prediction methods. In this paper, we evaluated several custom-built ensemble models. We focused on multi-label malware classification as individual or classical classifiers showed low accuracy in such territory.This paper showed that recent machine models such as ensemble and deep learning can be used for malware detection with better performance in comparison with classical models. This is very critical in such a dynamic and yet important detection systems where challenges such as the detection of unknown or zero-day malware will continue to exist and evolve.

Malware Analysis - Android malware is continuously evolving at an alarming rate due to the growing vulnerabilities. This demands more effective malware detection methods. This paper presents DynaMalDroid, a dynamic analysis-based framework to detect malicious applications in the Android platform. The proposed framework contains three modules: dynamic analysis, feature engineering, and detection. We utilized the well-known CICMalDroid2020 dataset, and the system calls of apps are extracted through dynamic analysis. We trained our proposed model to recognize malware by selecting features obtained through the feature engineering module. Further, with these selected features, the detection module applies different Machine Learning classifiers like Random Forest, Decision Tree, Logistic Regression, Support Vector Machine, Naïve-Bayes, K-Nearest Neighbour, and AdaBoost, to recognize whether an application is malicious or not. The experiments have shown that several classifiers have demonstrated excellent performance and have an accuracy of up to 99\%. The models with Support Vector Machine and AdaBoost classifiers have provided better detection accuracy of 99.3\% and 99.5\%, respectively.

Malware Analysis - Malware attacks in the cyber world continue to increase despite the efforts of Malware analysts to combat this problem. Recently, Malware samples have been presented as binary sequences and assembly codes. However, most researchers focus only on the raw Malware sequence in their proposed solutions, ignoring that the assembly codes may contain important details that enable rapid Malware detection. In this work, we leveraged the capabilities of deep autoencoders to investigate the presence of feature disparities in the assembly and raw binary Malware samples. First, we treated the task as outliers to investigate whether the autoencoder would identify and justify features as samples from the same family. Second, we added noise to all samples and used Deep Autoencoder to reconstruct the original samples by denoising. Experiments with the Microsoft Malware dataset showed that the byte samples features differed from the assembly code samples.

Malware Analysis - The rising use of smartphones each year is matched by the development of the smartphone s operating system, Android. Due to the immense popularity of the Android operating system, many unauthorized users (in this case, the attackers) wish to exploit this vulnerability to get sensitive data from every Android user. The flubot malware assault, which happened in 2021 and targeted Android devices practically globally, is one of the attacks on Android smartphones. It was known at the time that the flubot virus stole information, particularly from banking applications installed on the victim s device. To prevent this from happening again, we research the signature and behavior of flubot malware. In this study, a hybrid analysis will be conducted on three samples of flubot malware that are available on the open-source Hatching Triage platform. Using the Android Virtual Device (AVD) as the primary environment for malware installation, the analysis was conducted with the Android Debug Bridge (ADB) and Burpsuite as supporting tools for dynamic analysis. During the static analysis, the Mobile Security Framework (MobSF) and the Bytecode Viewer were used to examine the source code of the three malware samples. Analysis of the flubot virus revealed that it extracts or drops dex files on the victim s device, where the file is the primary malware. The Flubot virus will clone the messaging application or Short Message Service (SMS) on the default device. Additionally, we discovered a form of flubot malware that operates as a Domain Generation Algorithm (DGA) and communicates with its Command and Control (C\&C) server.

Malware Analysis - The effective security system improvement from malware attacks on the Android operating system should be updated and improved. Effective malware detection increases the level of data security and high protection for the users. Malicious software or malware typically finds a means to circumvent the security procedure, even when the user is unaware whether the application can act as malware. The effectiveness of obfuscated android malware detection is evaluated by collecting static analysis data from a data set. The experiment assesses the risk level of which malware dataset using the hash value of the malware and records malware behavior. A set of hash SHA256 malware samples has been obtained from an internet dataset and will be analyzed using static analysis to record malware behavior and evaluate which risk level of the malware. According to the results, most of the algorithms provide the same total score because of the multiple crime inside the malware application.

Malware Analysis - Malwares are designed to cause harm to the machine without the user s knowledge. Malwares belonging to different families infect the system in its own unique way causing damage which could be irreversible and hence there is a need to detect and analyse the malwares. Manual analysis of all types of malwares is not a practical approach due to the huge effort involved and hence Automated Malware Analysis is resorted to so that the burden on humans can be decreased and the process is made robust. A lot of Automated Malware Analysis tools are present right now both offline and online but the problem arises as to which tool to select while analysing a suspicious binary. A comparative analysis of three most widely used automated tools has been done with different malware class samples. These tools are Cuckoo Sandbox, Any. Run and Intezer Analyze. In order to check the efficacy of the tool in both online and offline analysis, Cuckoo Sandbox was configured for offline use, and Any. Run and Intezer Analyze were configured for online analysis. Individual tools analyse each malware sample and after analysis is completed, a comparative chart is prepared to determine which tool is good at finding registry changes, processes created, files created, network connections, etc by the malicious binary. The findings conclude that Intezer Analyze tool recognizes file changes better than others but otherwise Cuckoo Sandbox and Any. Run tools are better in determining other functionalities.

Malware Analysis - The static and dynamic malware analysis are used by industrialists and academics to understand malware capabilities and threat level. The antimalware industries calculate malware threat levels using different techniques which involve human involvement and a large number of resources and analysts. As malware complexity, velocity and volume increase, it becomes impossible to allocate so many resources. Due to this reason, it is projected that the number of malware apps will continue to rise, and that more devices will be targeted in order to commit various sorts of cybercrime. It is therefore necessary to develop techniques that can calculate the damage or threat posed by malware automatically as soon as it is identified. In this way, early warnings about zero-day (unknown) malware can assist in allocating resources for carrying out a close analysis of it as soon as it is identified. In this paper, a fuzzy modelling approach is described for calculating the potential risk of malicious programs through static malware analysis.

Malware Analysis - Any software that runs malicious payloads on victims’ computers is referred to as malware. It is an increasing threat that costs people, businesses, and organizations a lot of money. Attacks on security have developed significantly in recent years. Malware may infiltrate both offline and online media, like: chat, SMS, and spam (email, or social media), because it has a built-in defensive mechanism and may conceal itself from antivirus software or even corrupt it. As a result, there is an urgent need to detect and prevent malware before it damages critical assets around the world. In fact, there are lots of different techniques and tools used to combat versus malware. In this paper, the malware samples were analyzing in the Virtual Box environment using in-depth analysis based on reverse engineering using advanced static malware analysis techniques. The results Obtained from malware analysis which represent a set of valuable information, all anti-malware and anti-virus program companies need for in order to update their products.