This paper examines how cybersecurity is developing and how it relates to more conventional information security. Although information security and cyber security are sometimes used synonymously, this study contends t...This paper examines how cybersecurity is developing and how it relates to more conventional information security. Although information security and cyber security are sometimes used synonymously, this study contends that they are not the same. The concept of cyber security is explored, which goes beyond protecting information resources to include a wider variety of assets, including people [1]. Protecting information assets is the main goal of traditional information security, with consideration to the human element and how people fit into the security process. On the other hand, cyber security adds a new level of complexity, as people might unintentionally contribute to or become targets of cyberattacks. This aspect presents moral questions since it is becoming more widely accepted that society has a duty to protect weaker members of society, including children [1]. The study emphasizes how important cyber security is on a larger scale, with many countries creating plans and laws to counteract cyberattacks. Nevertheless, a lot of these sources frequently neglect to define the differences or the relationship between information security and cyber security [1]. The paper focus on differentiating between cybersecurity and information security on a larger scale. The study also highlights other areas of cybersecurity which includes defending people, social norms, and vital infrastructure from threats that arise from online in addition to information and technology protection. It contends that ethical issues and the human factor are becoming more and more important in protecting assets in the digital age, and that cyber security is a paradigm shift in this regard [1].展开更多
1.Introduction Data inference(DInf)is a data security threat in which critical information is inferred from low-sensitivity data.Once regarded as an advanced professional threat limited to intelligence analysts,DInf h...1.Introduction Data inference(DInf)is a data security threat in which critical information is inferred from low-sensitivity data.Once regarded as an advanced professional threat limited to intelligence analysts,DInf has become a widespread risk in the artificial intelligence(AI)era.展开更多
Throughout the lifespan,an animal can encounter predators frequently,thus the ability to avoid attacks from predators is crucial for its survival.The chances of evading danger can be greatly improved if the animal can...Throughout the lifespan,an animal can encounter predators frequently,thus the ability to avoid attacks from predators is crucial for its survival.The chances of evading danger can be greatly improved if the animal can respond immediately to the threat.Therefore,when an animal detects a threat through its visual system,it must quickly direct its gaze and attention toward the source of danger,assess the threat level,and take appropriate action.展开更多
The fast increase of online communities has brought about an increase in cyber threats inclusive of cyberbullying, hate speech, misinformation, and online harassment, making content moderation a pressing necessity. Tr...The fast increase of online communities has brought about an increase in cyber threats inclusive of cyberbullying, hate speech, misinformation, and online harassment, making content moderation a pressing necessity. Traditional single-modal AI-based detection systems, which analyze both text, photos, or movies in isolation, have established useless at taking pictures multi-modal threats, in which malicious actors spread dangerous content throughout a couple of formats. To cope with these demanding situations, we advise a multi-modal deep mastering framework that integrates Natural Language Processing (NLP), Convolutional Neural Networks (CNNs), and Long Short-Term Memory (LSTM) networks to become aware of and mitigate online threats effectively. Our proposed model combines BERT for text class, ResNet50 for photograph processing, and a hybrid LSTM-3-d CNN community for video content material analysis. We constructed a large-scale dataset comprising 500,000 textual posts, 200,000 offensive images, and 50,000 annotated motion pictures from more than one platform, which includes Twitter, Reddit, YouTube, and online gaming forums. The system became carefully evaluated using trendy gadget mastering metrics which include accuracy, precision, remember, F1-score, and ROC-AUC curves. Experimental outcomes demonstrate that our multi-modal method extensively outperforms single-modal AI classifiers, achieving an accuracy of 92.3%, precision of 91.2%, do not forget of 90.1%, and an AUC rating of 0.95. The findings validate the necessity of integrating multi-modal AI for actual-time, high-accuracy online chance detection and moderation. Future paintings will have consciousness on improving hostile robustness, enhancing scalability for real-world deployment, and addressing ethical worries associated with AI-driven content moderation.展开更多
The current global cybersecurity landscape, characterized by the increasing scale and sophistication of cyberattacks, underscores the importance of integrating Cyber Threat Intelligence (CTI) into Land Administration ...The current global cybersecurity landscape, characterized by the increasing scale and sophistication of cyberattacks, underscores the importance of integrating Cyber Threat Intelligence (CTI) into Land Administration Systems (LAS). LAS services involve requests and responses concerning public and private cadastral data, including credentials of parties, ownership, and spatial parcels. This study explores the integration of CTI in LAS to enhance cyber resilience, focusing on the unique vulnerabilities of LAS, such as sensitive data management and interconnection with other critical systems related to spatial data uses and changes. The approach employs a case study of a typical country-specific LAS to analyse structured vulnerabilities and their attributes to determine the degree of vulnerability of LAS through a quantitative inductive approach. The analysis results indicate significant improvements in identifying and mitigating potential threats through CTI integration, thus enhancing cyber resilience. These findings are crucial for policymakers and practitioners to develop robust cybersecurity strategies for LAS.展开更多
As an emerging environmental contaminant,antibiotic resistance genes(ARGs)in tap water have attracted great attention.Although studies have provided ARG profiles in tap water,research on their abundance levels,composi...As an emerging environmental contaminant,antibiotic resistance genes(ARGs)in tap water have attracted great attention.Although studies have provided ARG profiles in tap water,research on their abundance levels,composition characteristics,and potential threat is still insufficient.Here,9 household tap water samples were collected from the Guangdong-Hong Kong-Macao Greater Bay Area(GBA)in China.Additionally,75 sets of environmental sample data(9 types)were downloaded from the public database.Metagenomics was then performed to explore the differences in the abundance and composition of ARGs.221 ARG subtypes consisting of 17 types were detected in tap water.Although the ARG abundance in tap water was not significantly different from that found in drinking water plants and reservoirs,their composition varied.In tap water samples,the three most abundant classes of resistance genes were multidrug,fosfomycin and MLS(macrolide-lincosamidestreptogramin)ARGs,and their corresponding subtypes ompR,fosX and macB were also the most abundant ARG subtypes.Regarding the potential mobility,vanS had the highest abundance on plasmids and viruses,but the absence of key genes rendered resistance to vancomycin ineffective.Generally,the majority of ARGs present in tap water were those that have not been assessed and are currently not listed as high-threat level ARG families based on the World Health Organization Guideline.Although the current potential threat to human health posed by ARGs in tap water is limited,with persistent transfer and accumulation,especially in pathogens,the potential danger to human health posed by ARGs should not be ignored.展开更多
Given the unique challenges facing the railway industry, cybersecurity is a crucial issue that must be addressed proactively. This paper aims to provide a systematic review of cybersecurity threats that could impact t...Given the unique challenges facing the railway industry, cybersecurity is a crucial issue that must be addressed proactively. This paper aims to provide a systematic review of cybersecurity threats that could impact the safety and operations of rolling stock, the privacy and security of passengers and employees, and the public in general. The systematic literature review revealed that cyber threats to the railway industry can take many forms, including attacks on operational technology systems, data breaches, theft of sensitive information, and disruptions to train services. The consequences of these threats can be severe, leading to operational disruptions, financial losses, and loss of public trust in the railway system. To address these threats, railway organizations must adopt a proactive approach to security and implement robust cybersecurity measures tailored to the industry’s specific needs and challenges. This includes regular testing of systems for vulnerabilities, incident response plans, and employee training to identify and respond to cyber threats. Ensuring the system remains available, reliable, and maintainable is fundamental given the importance of railways as critical infrastructure and the potential harm that can be caused by cyber threats.展开更多
Cyber threat detection is a crucial aspect of contemporary cybersecurity due to the depth and complexity of cyberattacks.It is the identification of malicious activity,unauthorized access,and possible intrusions in ne...Cyber threat detection is a crucial aspect of contemporary cybersecurity due to the depth and complexity of cyberattacks.It is the identification of malicious activity,unauthorized access,and possible intrusions in networks and systems.Modern detection methods employ artificial intelligence and machine learning to study vast amounts of data,learn patterns,and anticipate potential threats.Real-time monitoring and anomaly detection improve the capacity to react to changing threats more rapidly.Cyber threat detection systems aim to reduce false positives and provide complete coverage against the broadest possible attacks.This research advocates for proactive measures and adaptive technologies in defending digital environments.Improvements in detection ability by organizations will assist in safeguarding assets and integrity in operations in this increasingly digital world.This paper draws on the categorization of cyber threat detection methods using hesitant bipolar fuzzy Frank operators.Categorization is a step that is necessary for systematic comparison and assessment of detection methods so that the most suitable method for particular cybersecurity requirements is chosen.Furthermore,this research manages uncertainty and vagueness that exists in decision-making by applying hesitant bipolar fuzzy logic.The importance of the work lies in how it fortifies cybersecurity architectures with a formal method of discovering optimal detection measures and improving responsiveness,resulting in holistic protection against dynamic threats.展开更多
Beyond-visual-range(BVR)air combat threat assessment has attracted wide attention as the support of situation awareness and autonomous decision-making.However,the traditional threat assessment method is flawed in its ...Beyond-visual-range(BVR)air combat threat assessment has attracted wide attention as the support of situation awareness and autonomous decision-making.However,the traditional threat assessment method is flawed in its failure to consider the intention and event of the target,resulting in inaccurate assessment results.In view of this,an integrated threat assessment method is proposed to address the existing problems,such as overly subjective determination of index weight and imbalance of situation.The process and characteristics of BVR air combat are analyzed to establish a threat assessment model in terms of target intention,event,situation,and capability.On this basis,a distributed weight-solving algorithm is proposed to determine index and attribute weight respectively.Then,variable weight and game theory are introduced to effectively deal with the situation imbalance and achieve the combination of subjective and objective.The performance of the model and algorithm is evaluated through multiple simulation experiments.The assessment results demonstrate the accuracy of the proposed method in BVR air combat,indicating its potential practical significance in real air combat scenarios.展开更多
Advanced Persistent Threats(APTs)represent one of the most complex and dangerous categories of cyber-attacks characterised by their stealthy behaviour,long-term persistence,and ability to bypass traditional detection ...Advanced Persistent Threats(APTs)represent one of the most complex and dangerous categories of cyber-attacks characterised by their stealthy behaviour,long-term persistence,and ability to bypass traditional detection systems.The complexity of real-world network data poses significant challenges in detection.Machine learning models have shown promise in detecting APTs;however,their performance often suffers when trained on large datasets with redundant or irrelevant features.This study presents a novel,hybrid feature selection method designed to improve APT detection by reducing dimensionality while preserving the informative characteristics of the data.It combines Mutual Information(MI),Symmetric Uncertainty(SU)and Minimum Redundancy Maximum Relevance(mRMR)to enhance feature selection.MI and SU assess feature relevance,while mRMR maximises relevance and minimises redundancy,ensuring that the most impactful features are prioritised.This method addresses redundancy among selected features,improving the overall efficiency and effectiveness of the detection model.Experiments on a real-world APT datasets were conducted to evaluate the proposed method.Multiple classifiers including,Random Forest,Support Vector Machine(SVM),Gradient Boosting,and Neural Networks were used to assess classification performance.The results demonstrate that the proposed feature selection method significantly enhances detection accuracy compared to baseline models trained on the full feature set.The Random Forest algorithm achieved the highest performance,with near-perfect accuracy,precision,recall,and F1 scores(99.97%).The proposed adaptive thresholding algorithm within the selection method allows each classifier to benefit from a reduced and optimised feature space,resulting in improved training and predictive performance.This research offers a scalable and classifier-agnostic solution for dimensionality reduction in cybersecurity applications.展开更多
The dynamic,heterogeneous nature of Edge computing in the Internet of Things(Edge-IoT)and Industrial IoT(IIoT)networks brings unique and evolving cybersecurity challenges.This study maps cyber threats in Edge-IoT/IIoT...The dynamic,heterogeneous nature of Edge computing in the Internet of Things(Edge-IoT)and Industrial IoT(IIoT)networks brings unique and evolving cybersecurity challenges.This study maps cyber threats in Edge-IoT/IIoT environments to the Adversarial Tactics,Techniques,and Common Knowledge(ATT&CK)framework by MITRE and introduces a lightweight,data-driven scoring model that enables rapid identification and prioritization of attacks.Inspired by the Factor Analysis of Information Risk model,our proposed scoring model integrates four key metrics:Common Vulnerability Scoring System(CVSS)-based severity scoring,Cyber Kill Chain–based difficulty estimation,Deep Neural Networks-driven detection scoring,and frequency analysis based on dataset prevalence.By aggregating these indicators,the model generates comprehensive risk profiles,facilitating actionable prioritization of threats.Robustness and stability of the scoring model are validated through non-parametric correlation analysis using Spearman’s and Kendall’s rank correlation coefficients,demonstrating consistent performance across diverse scenarios.The approach culminates in a prioritized attack ranking that provides actionable guidance for risk mitigation and resource allocation in Edge-IoT/IIoT security operations.By leveraging real-world data to align MITRE ATT&CK techniques with CVSS metrics,the framework offers a standardized and practically applicable solution for consistent threat assessment in operational settings.The proposed lightweight scoring model delivers rapid and reliable results under dynamic cyber conditions,facilitating timely identification of attack scenarios and prioritization of response strategies.Our systematic integration of established taxonomies with data-driven indicators strengthens practical risk management and supports strategic planning in next-generation IoT deployments.Ultimately,this work advances adaptive threat modeling for Edge/IIoT ecosystems and establishes a robust foundation for evidence-based prioritization in emerging cyber-physical infrastructures.展开更多
Social behaviors,including social support and mating,play a critical role in survival and reproduction.Animals must make adaptive social decisions based on internal states and external contexts[1].The sex of a social ...Social behaviors,including social support and mating,play a critical role in survival and reproduction.Animals must make adaptive social decisions based on internal states and external contexts[1].The sex of a social partner is a crucial factor that shapes social decision-making,as oppositesex interactions are vital for fulfilling reproductive needs,whereas same-sex interactions are essential for both collaborative support and competitive behaviors.Under normal circumstances,mice typically exhibit a variety of prosocial behaviors that strengthen social bonds within their groups.展开更多
Inflammatory bowel disease(IBD),encompassing Crohn’s disease and ulcerative colitis,manifests as a chronic,recurrent,and refractory intestinal inflammatory condition significantly impacting patients’quality of life....Inflammatory bowel disease(IBD),encompassing Crohn’s disease and ulcerative colitis,manifests as a chronic,recurrent,and refractory intestinal inflammatory condition significantly impacting patients’quality of life.Despite ongoing research,its etiology and pathogenesis remain incompletely understood.Recent advancements in medical research highlight the critical role of drug combination therapies in managing IBD.This paper employs the strengths,weaknesses,opportunities,and threats framework to evaluate the four strategic elements(strengths,weaknesses,opportunities,and threats)pertaining to combination therapies for IBD.Among the strengths,the paper underscores the efficacy of multi-targeted strategies,the advancement of personalized medicine,and the mitigation of drug resistance.Nonetheless,the analysis identifies significant weaknesses,including the prohibitive cost of treatment,issues with patient compliance,and the necessity for comprehensive long-term safety data.The paper also delineates opportunities to augment therapeutic success through the incorporation of biomarkers,the application of artificial intelligence,and extensive international collaborative efforts.In contrast,the paper does not shy away from addressing the threats,which include the potential for therapeutic resistance and the logistical challenges inherent in global therapy deployment.These initiatives aim to refine future therapeutic practices,fostering safer,more effective,and personalized treatment paradigms for IBD patients.展开更多
Recently,with the normalization of non-face-to-face online environments in response to the COVID-19 pandemic,the possibility of cyberattacks through endpoints has increased.Numerous endpoint devices are managed meticu...Recently,with the normalization of non-face-to-face online environments in response to the COVID-19 pandemic,the possibility of cyberattacks through endpoints has increased.Numerous endpoint devices are managed meticulously to prevent cyberattacks and ensure timely responses to potential security threats.In particular,because telecommuting,telemedicine,and teleeducation are implemented in uncontrolled environments,attackers typically target vulnerable endpoints to acquire administrator rights or steal authentication information,and reports of endpoint attacks have been increasing considerably.Advanced persistent threats(APTs)using various novel variant malicious codes are a form of a sophisticated attack.However,conventional commercial antivirus and anti-malware systems that use signature-based attack detectionmethods cannot satisfactorily respond to such attacks.In this paper,we propose a method that expands the detection coverage inAPT attack environments.In this model,an open-source threat detector and log collector are used synergistically to improve threat detection performance.Extending the scope of attack log collection through interworking between highly accessible open-source tools can efficiently increase the detection coverage of tactics and techniques used to deal with APT attacks,as defined by MITRE Adversarial Tactics,Techniques,and Common Knowledge(ATT&CK).We implemented an attack environment using an APT attack scenario emulator called Carbanak and analyzed the detection coverage of Google Rapid Response(GRR),an open-source threat detection tool,and Graylog,an open-source log collector.The proposed method expanded the detection coverage against MITRE ATT&CK by approximately 11%compared with that conventional methods.展开更多
Cyber Threat Intelligence(CTI)has gained massive attention to collect hidden knowledge for a better understanding of the various cyber-attacks and eventually paving the way for predicting the future of such attacks.Th...Cyber Threat Intelligence(CTI)has gained massive attention to collect hidden knowledge for a better understanding of the various cyber-attacks and eventually paving the way for predicting the future of such attacks.The information exchange and collaborative sharing through different platforms have a significant contribution towards a global solution.While CTI and the information exchange can help a lot in focusing and prioritizing on the use of the large volume of complex information among different organizations,there exists a great challenge ineffective processing of large count of different Indicators of Threat(IoT)which appear regularly,and that can be solved only through a collaborative approach.Collaborative approach and intelligence sharing have become the mandatory element in the entire world of processing the threats.In order to covet the complete needs of having a definite standard of information exchange,various initiatives have been taken in means of threat information sharing platforms like MISP and formats such as SITX.This paper proposes a scoring model to address information decay,which is shared within TISP.The scoring model is implemented,taking the use case of detecting the Threat Indicators in a phishing data network.The proposed method calculates the rate of decay of an attribute through which the early entries are removed.展开更多
The integration of organisation’s information security policy into threat modeling enhances effectiveness of security strategies for information security management. These security policies are the ones which define ...The integration of organisation’s information security policy into threat modeling enhances effectiveness of security strategies for information security management. These security policies are the ones which define the sets of security issues, controls and organisation’s commitment for seamless integration with knowledge based platforms in order to protect critical assets and data. Such platforms are needed to evaluate and share violations which can create security loop-hole. The lack of rules-based approaches for discovering potential threats at organisation’s context, poses a challenge for many organisations in safeguarding their critical assets. To address the challenge, this paper introduces a Platform for Organisation Security Threat Analytic and Management (POSTAM) using rule-based approach. The platform enhances strategies for combating information security threats and thus improves organisations’ commitment in protecting their critical assets. R scripting language for data visualization and java-based scripts were used to develop a prototype to run on web protocol. MySQL database management system was used as back-end for data storage during threat analytic processes.展开更多
As cyber threats keep changing and business environments adapt, a comprehensive approach to disaster recovery involves more than just defensive measures. This research delves deep into the strategies required to respo...As cyber threats keep changing and business environments adapt, a comprehensive approach to disaster recovery involves more than just defensive measures. This research delves deep into the strategies required to respond to threats and anticipate and mitigate them proactively. Beginning with understanding the critical need for a layered defense and the intricacies of the attacker’s journey, the research offers insights into specialized defense techniques, emphasizing the importance of timely and strategic responses during incidents. Risk management is brought to the forefront, underscoring businesses’ need to adopt mature risk assessment practices and understand the potential risk impact areas. Additionally, the value of threat intelligence is explored, shedding light on the importance of active engagement within sharing communities and the vigilant observation of adversary motivations. “Beyond Defense: Proactive Approaches to Disaster Recovery and Threat Intelligence in Modern Enterprises” is a comprehensive guide for organizations aiming to fortify their cybersecurity posture, marrying best practices in proactive and reactive measures in the ever-challenging digital realm.展开更多
Advanced Persistent Threat(APT)is now the most common network assault.However,the existing threat analysis models cannot simultaneously predict the macro-development trend and micro-propagation path of APT attacks.The...Advanced Persistent Threat(APT)is now the most common network assault.However,the existing threat analysis models cannot simultaneously predict the macro-development trend and micro-propagation path of APT attacks.They cannot provide rapid and accurate early warning and decision responses to the present system state because they are inadequate at deducing the risk evolution rules of network threats.To address the above problems,firstly,this paper constructs the multi-source threat element analysis ontology(MTEAO)by integrating multi-source network security knowledge bases.Subsequently,based on MTEAO,we propose a two-layer threat prediction model(TL-TPM)that combines the knowledge graph and the event graph.The macro-layer of TL-TPM is based on the knowledge graph to derive the propagation path of threats among devices and to correlate threat elements for threat warning and decision-making;The micro-layer ingeniously maps the attack graph onto the event graph and derives the evolution path of attack techniques based on the event graph to improve the explainability of the evolution of threat events.The experiment’s results demonstrate that TL-TPM can completely depict the threat development trend,and the early warning results are more precise and scientific,offering knowledge and guidance for active defense.展开更多
In order to evaluate all attack paths in a threat tree,based on threat modeling theory,a weight distribution algorithm of the root node in a threat tree is designed,which computes threat coefficients of leaf nodes in ...In order to evaluate all attack paths in a threat tree,based on threat modeling theory,a weight distribution algorithm of the root node in a threat tree is designed,which computes threat coefficients of leaf nodes in two ways including threat occurring possibility and the degree of damage.Besides,an algorithm of searching attack path was also obtained in accordence with its definition.Finally,an attack path evaluation system was implemented which can output the threat coefficients of the leaf nodes in a target threat tree,the weight distribution information,and the attack paths.An example threat tree is given to verify the effectiveness of the algorithms.展开更多
The Internet of Wearable Things(IoWT)or Wearable Internet of Things(WIoT)is a new paradigm that combines IoT and wearable technology.Advances in IoT technology have enabled the miniaturization of sensors embedded in w...The Internet of Wearable Things(IoWT)or Wearable Internet of Things(WIoT)is a new paradigm that combines IoT and wearable technology.Advances in IoT technology have enabled the miniaturization of sensors embedded in wearable devices and the ability to communicate data and access real-time information over low-power mobile networks.IoWT devices are highly interdependent with mobile devices.However,due to their limited processing power and bandwidth,IoWT devices are vulnerable to cyberattacks due to their low level of security.Threat modeling and frameworks for analyzing cyber threats against existing IoT or low-power protocols have been actively researched.The threat analysis framework used in existing studies was limited to specific protocols and did not target IoWT devices.In addition,In the literature surveyed to date,no cyber threat analysis framework is targeting IoWT.Therefore,the threat model presented in the existing research on cyber threat analysis and modeling for IoWT is specialized for specific devices.In addition,because it does not present standardized attack tactics and techniques,there is a limitation in that it is difficult to identify attacks quickly.In this paper,we propose an Internet of Wearable Things threat analysis frameWork(IWTW)framework that can derive security threats through systematic analysis of IoWT attack cases and possible security threats and perform cyber threat analysis based on them.The methodology for developing the IWTW framework consists of three steps:Analysis,Standardization,and Compilation.IoWT attack cases and potential security threats are analyzed in the analysis stage.In the standardization stage,attack tactics and techniques derived from the analysis of attack cases and potential security threats are standardized,resulting in 3 attack categories,18 attack tactics,and 68 attack techniques.In the compilation stage,standardized security threats are combined to develop the IWTW framework ultimately.We present four case studies targeting MiBand 2,Fitbit Charge HR/Surge,Samsung Gear 3,Xiaomi Amazifit,Honor Band 5,Honor Watch ES,and Senbono CF-58 devices to validate the proposed IWTW framework.We analyzed the attack process through a case study and applied the IWTW framework to derive standardized attack categories,tactics,and techniques effectively.By applying the IWTW framework to cyber threat analysis targeting IoWT,security threats can be standardized,and the attack process can be quickly derived,enabling effective attack analysis on IoWT.展开更多
文摘This paper examines how cybersecurity is developing and how it relates to more conventional information security. Although information security and cyber security are sometimes used synonymously, this study contends that they are not the same. The concept of cyber security is explored, which goes beyond protecting information resources to include a wider variety of assets, including people [1]. Protecting information assets is the main goal of traditional information security, with consideration to the human element and how people fit into the security process. On the other hand, cyber security adds a new level of complexity, as people might unintentionally contribute to or become targets of cyberattacks. This aspect presents moral questions since it is becoming more widely accepted that society has a duty to protect weaker members of society, including children [1]. The study emphasizes how important cyber security is on a larger scale, with many countries creating plans and laws to counteract cyberattacks. Nevertheless, a lot of these sources frequently neglect to define the differences or the relationship between information security and cyber security [1]. The paper focus on differentiating between cybersecurity and information security on a larger scale. The study also highlights other areas of cybersecurity which includes defending people, social norms, and vital infrastructure from threats that arise from online in addition to information and technology protection. It contends that ethical issues and the human factor are becoming more and more important in protecting assets in the digital age, and that cyber security is a paradigm shift in this regard [1].
基金supported by the National Key Research and Development Program of China(2022YFB2703503)the National Natural Science Foundation of China(62293501,62525210,and 62293502)the China Scholarship Council(202306280318).
文摘1.Introduction Data inference(DInf)is a data security threat in which critical information is inferred from low-sensitivity data.Once regarded as an advanced professional threat limited to intelligence analysts,DInf has become a widespread risk in the artificial intelligence(AI)era.
基金supported by the National Natural Science Foundation of China(32471055 and 82171090)Shanghai Municipal Science and Technology Major Project(2018SHZDZX01)ZJLab,Shanghai Center for Brain Science and Brain-Inspired Technology,the Lingang Laboratory(LG-QS-202203-12).
文摘Throughout the lifespan,an animal can encounter predators frequently,thus the ability to avoid attacks from predators is crucial for its survival.The chances of evading danger can be greatly improved if the animal can respond immediately to the threat.Therefore,when an animal detects a threat through its visual system,it must quickly direct its gaze and attention toward the source of danger,assess the threat level,and take appropriate action.
文摘The fast increase of online communities has brought about an increase in cyber threats inclusive of cyberbullying, hate speech, misinformation, and online harassment, making content moderation a pressing necessity. Traditional single-modal AI-based detection systems, which analyze both text, photos, or movies in isolation, have established useless at taking pictures multi-modal threats, in which malicious actors spread dangerous content throughout a couple of formats. To cope with these demanding situations, we advise a multi-modal deep mastering framework that integrates Natural Language Processing (NLP), Convolutional Neural Networks (CNNs), and Long Short-Term Memory (LSTM) networks to become aware of and mitigate online threats effectively. Our proposed model combines BERT for text class, ResNet50 for photograph processing, and a hybrid LSTM-3-d CNN community for video content material analysis. We constructed a large-scale dataset comprising 500,000 textual posts, 200,000 offensive images, and 50,000 annotated motion pictures from more than one platform, which includes Twitter, Reddit, YouTube, and online gaming forums. The system became carefully evaluated using trendy gadget mastering metrics which include accuracy, precision, remember, F1-score, and ROC-AUC curves. Experimental outcomes demonstrate that our multi-modal method extensively outperforms single-modal AI classifiers, achieving an accuracy of 92.3%, precision of 91.2%, do not forget of 90.1%, and an AUC rating of 0.95. The findings validate the necessity of integrating multi-modal AI for actual-time, high-accuracy online chance detection and moderation. Future paintings will have consciousness on improving hostile robustness, enhancing scalability for real-world deployment, and addressing ethical worries associated with AI-driven content moderation.
文摘The current global cybersecurity landscape, characterized by the increasing scale and sophistication of cyberattacks, underscores the importance of integrating Cyber Threat Intelligence (CTI) into Land Administration Systems (LAS). LAS services involve requests and responses concerning public and private cadastral data, including credentials of parties, ownership, and spatial parcels. This study explores the integration of CTI in LAS to enhance cyber resilience, focusing on the unique vulnerabilities of LAS, such as sensitive data management and interconnection with other critical systems related to spatial data uses and changes. The approach employs a case study of a typical country-specific LAS to analyse structured vulnerabilities and their attributes to determine the degree of vulnerability of LAS through a quantitative inductive approach. The analysis results indicate significant improvements in identifying and mitigating potential threats through CTI integration, thus enhancing cyber resilience. These findings are crucial for policymakers and practitioners to develop robust cybersecurity strategies for LAS.
基金supported by the National Key R&D Program of China(No.2022YFE0103200)the Hubei Provincial Natural Science Foundation of China(No.2021CFB016)the National Natural Science Foundation of China(No.52100217).
文摘As an emerging environmental contaminant,antibiotic resistance genes(ARGs)in tap water have attracted great attention.Although studies have provided ARG profiles in tap water,research on their abundance levels,composition characteristics,and potential threat is still insufficient.Here,9 household tap water samples were collected from the Guangdong-Hong Kong-Macao Greater Bay Area(GBA)in China.Additionally,75 sets of environmental sample data(9 types)were downloaded from the public database.Metagenomics was then performed to explore the differences in the abundance and composition of ARGs.221 ARG subtypes consisting of 17 types were detected in tap water.Although the ARG abundance in tap water was not significantly different from that found in drinking water plants and reservoirs,their composition varied.In tap water samples,the three most abundant classes of resistance genes were multidrug,fosfomycin and MLS(macrolide-lincosamidestreptogramin)ARGs,and their corresponding subtypes ompR,fosX and macB were also the most abundant ARG subtypes.Regarding the potential mobility,vanS had the highest abundance on plasmids and viruses,but the absence of key genes rendered resistance to vancomycin ineffective.Generally,the majority of ARGs present in tap water were those that have not been assessed and are currently not listed as high-threat level ARG families based on the World Health Organization Guideline.Although the current potential threat to human health posed by ARGs in tap water is limited,with persistent transfer and accumulation,especially in pathogens,the potential danger to human health posed by ARGs should not be ignored.
文摘Given the unique challenges facing the railway industry, cybersecurity is a crucial issue that must be addressed proactively. This paper aims to provide a systematic review of cybersecurity threats that could impact the safety and operations of rolling stock, the privacy and security of passengers and employees, and the public in general. The systematic literature review revealed that cyber threats to the railway industry can take many forms, including attacks on operational technology systems, data breaches, theft of sensitive information, and disruptions to train services. The consequences of these threats can be severe, leading to operational disruptions, financial losses, and loss of public trust in the railway system. To address these threats, railway organizations must adopt a proactive approach to security and implement robust cybersecurity measures tailored to the industry’s specific needs and challenges. This includes regular testing of systems for vulnerabilities, incident response plans, and employee training to identify and respond to cyber threats. Ensuring the system remains available, reliable, and maintainable is fundamental given the importance of railways as critical infrastructure and the potential harm that can be caused by cyber threats.
基金funded by Ongoing Research Funding program(ORF-2025-749),King Saud University,Riyadh,Saudi Arabia.
文摘Cyber threat detection is a crucial aspect of contemporary cybersecurity due to the depth and complexity of cyberattacks.It is the identification of malicious activity,unauthorized access,and possible intrusions in networks and systems.Modern detection methods employ artificial intelligence and machine learning to study vast amounts of data,learn patterns,and anticipate potential threats.Real-time monitoring and anomaly detection improve the capacity to react to changing threats more rapidly.Cyber threat detection systems aim to reduce false positives and provide complete coverage against the broadest possible attacks.This research advocates for proactive measures and adaptive technologies in defending digital environments.Improvements in detection ability by organizations will assist in safeguarding assets and integrity in operations in this increasingly digital world.This paper draws on the categorization of cyber threat detection methods using hesitant bipolar fuzzy Frank operators.Categorization is a step that is necessary for systematic comparison and assessment of detection methods so that the most suitable method for particular cybersecurity requirements is chosen.Furthermore,this research manages uncertainty and vagueness that exists in decision-making by applying hesitant bipolar fuzzy logic.The importance of the work lies in how it fortifies cybersecurity architectures with a formal method of discovering optimal detection measures and improving responsiveness,resulting in holistic protection against dynamic threats.
基金National Natural Science Foundation of China(62006193,62103338)Aeronautical Science Foundation of China(2022Z023053001)+1 种基金Key Research and Development Program of Shaanxi Province(2024GX-YBXM-115)Fundamental Research Funds for the Central Universities(D5000230150)。
文摘Beyond-visual-range(BVR)air combat threat assessment has attracted wide attention as the support of situation awareness and autonomous decision-making.However,the traditional threat assessment method is flawed in its failure to consider the intention and event of the target,resulting in inaccurate assessment results.In view of this,an integrated threat assessment method is proposed to address the existing problems,such as overly subjective determination of index weight and imbalance of situation.The process and characteristics of BVR air combat are analyzed to establish a threat assessment model in terms of target intention,event,situation,and capability.On this basis,a distributed weight-solving algorithm is proposed to determine index and attribute weight respectively.Then,variable weight and game theory are introduced to effectively deal with the situation imbalance and achieve the combination of subjective and objective.The performance of the model and algorithm is evaluated through multiple simulation experiments.The assessment results demonstrate the accuracy of the proposed method in BVR air combat,indicating its potential practical significance in real air combat scenarios.
基金funded by Universiti Teknologi Malaysia under the UTM RA ICONIC Grant(Q.J130000.4351.09G61).
文摘Advanced Persistent Threats(APTs)represent one of the most complex and dangerous categories of cyber-attacks characterised by their stealthy behaviour,long-term persistence,and ability to bypass traditional detection systems.The complexity of real-world network data poses significant challenges in detection.Machine learning models have shown promise in detecting APTs;however,their performance often suffers when trained on large datasets with redundant or irrelevant features.This study presents a novel,hybrid feature selection method designed to improve APT detection by reducing dimensionality while preserving the informative characteristics of the data.It combines Mutual Information(MI),Symmetric Uncertainty(SU)and Minimum Redundancy Maximum Relevance(mRMR)to enhance feature selection.MI and SU assess feature relevance,while mRMR maximises relevance and minimises redundancy,ensuring that the most impactful features are prioritised.This method addresses redundancy among selected features,improving the overall efficiency and effectiveness of the detection model.Experiments on a real-world APT datasets were conducted to evaluate the proposed method.Multiple classifiers including,Random Forest,Support Vector Machine(SVM),Gradient Boosting,and Neural Networks were used to assess classification performance.The results demonstrate that the proposed feature selection method significantly enhances detection accuracy compared to baseline models trained on the full feature set.The Random Forest algorithm achieved the highest performance,with near-perfect accuracy,precision,recall,and F1 scores(99.97%).The proposed adaptive thresholding algorithm within the selection method allows each classifier to benefit from a reduced and optimised feature space,resulting in improved training and predictive performance.This research offers a scalable and classifier-agnostic solution for dimensionality reduction in cybersecurity applications.
基金supported by the“Regional Innovation System&Education(RISE)”through the Seoul RISE Center,funded by the Ministry of Education(MOE)and the Seoul Metropolitan Government(2025-RISE-01-018-05)supported by Quad Miners Corp。
文摘The dynamic,heterogeneous nature of Edge computing in the Internet of Things(Edge-IoT)and Industrial IoT(IIoT)networks brings unique and evolving cybersecurity challenges.This study maps cyber threats in Edge-IoT/IIoT environments to the Adversarial Tactics,Techniques,and Common Knowledge(ATT&CK)framework by MITRE and introduces a lightweight,data-driven scoring model that enables rapid identification and prioritization of attacks.Inspired by the Factor Analysis of Information Risk model,our proposed scoring model integrates four key metrics:Common Vulnerability Scoring System(CVSS)-based severity scoring,Cyber Kill Chain–based difficulty estimation,Deep Neural Networks-driven detection scoring,and frequency analysis based on dataset prevalence.By aggregating these indicators,the model generates comprehensive risk profiles,facilitating actionable prioritization of threats.Robustness and stability of the scoring model are validated through non-parametric correlation analysis using Spearman’s and Kendall’s rank correlation coefficients,demonstrating consistent performance across diverse scenarios.The approach culminates in a prioritized attack ranking that provides actionable guidance for risk mitigation and resource allocation in Edge-IoT/IIoT security operations.By leveraging real-world data to align MITRE ATT&CK techniques with CVSS metrics,the framework offers a standardized and practically applicable solution for consistent threat assessment in operational settings.The proposed lightweight scoring model delivers rapid and reliable results under dynamic cyber conditions,facilitating timely identification of attack scenarios and prioritization of response strategies.Our systematic integration of established taxonomies with data-driven indicators strengthens practical risk management and supports strategic planning in next-generation IoT deployments.Ultimately,this work advances adaptive threat modeling for Edge/IIoT ecosystems and establishes a robust foundation for evidence-based prioritization in emerging cyber-physical infrastructures.
基金supported by grants from the National Natural Science Foundation of China(32471074 and 32200825)the STI2030-Major Projects(2021ZD0203000 and 2021ZD0203002)+1 种基金the Shandong Provincial Taishan Scholars Project(tsqn202306174)the Shandong Provincial Natural Science Foundation(ZR2022QC173).
文摘Social behaviors,including social support and mating,play a critical role in survival and reproduction.Animals must make adaptive social decisions based on internal states and external contexts[1].The sex of a social partner is a crucial factor that shapes social decision-making,as oppositesex interactions are vital for fulfilling reproductive needs,whereas same-sex interactions are essential for both collaborative support and competitive behaviors.Under normal circumstances,mice typically exhibit a variety of prosocial behaviors that strengthen social bonds within their groups.
文摘Inflammatory bowel disease(IBD),encompassing Crohn’s disease and ulcerative colitis,manifests as a chronic,recurrent,and refractory intestinal inflammatory condition significantly impacting patients’quality of life.Despite ongoing research,its etiology and pathogenesis remain incompletely understood.Recent advancements in medical research highlight the critical role of drug combination therapies in managing IBD.This paper employs the strengths,weaknesses,opportunities,and threats framework to evaluate the four strategic elements(strengths,weaknesses,opportunities,and threats)pertaining to combination therapies for IBD.Among the strengths,the paper underscores the efficacy of multi-targeted strategies,the advancement of personalized medicine,and the mitigation of drug resistance.Nonetheless,the analysis identifies significant weaknesses,including the prohibitive cost of treatment,issues with patient compliance,and the necessity for comprehensive long-term safety data.The paper also delineates opportunities to augment therapeutic success through the incorporation of biomarkers,the application of artificial intelligence,and extensive international collaborative efforts.In contrast,the paper does not shy away from addressing the threats,which include the potential for therapeutic resistance and the logistical challenges inherent in global therapy deployment.These initiatives aim to refine future therapeutic practices,fostering safer,more effective,and personalized treatment paradigms for IBD patients.
基金This study is the result of a commissioned research project supported by the affiliated institute of ETRI(No.2021-026)partially supported by the NationalResearch Foundation of Korea(NRF)grant funded by the Korean government(MSIT)(No.2020R1F1A1061107)+2 种基金the Korea Institute for Advancement of Technology(KIAT)grant funded by the Korean government(MOTIE)(P0008703,The Competency Development Program for Industry Specialist)the MSIT under the ICAN(ICT Challenge and Advanced Network of HRD)program[grant number IITP-2022-RS-2022-00156310]supervised by the Institute of Information&Communication Technology Planning and Evaluation(IITP).
文摘Recently,with the normalization of non-face-to-face online environments in response to the COVID-19 pandemic,the possibility of cyberattacks through endpoints has increased.Numerous endpoint devices are managed meticulously to prevent cyberattacks and ensure timely responses to potential security threats.In particular,because telecommuting,telemedicine,and teleeducation are implemented in uncontrolled environments,attackers typically target vulnerable endpoints to acquire administrator rights or steal authentication information,and reports of endpoint attacks have been increasing considerably.Advanced persistent threats(APTs)using various novel variant malicious codes are a form of a sophisticated attack.However,conventional commercial antivirus and anti-malware systems that use signature-based attack detectionmethods cannot satisfactorily respond to such attacks.In this paper,we propose a method that expands the detection coverage inAPT attack environments.In this model,an open-source threat detector and log collector are used synergistically to improve threat detection performance.Extending the scope of attack log collection through interworking between highly accessible open-source tools can efficiently increase the detection coverage of tactics and techniques used to deal with APT attacks,as defined by MITRE Adversarial Tactics,Techniques,and Common Knowledge(ATT&CK).We implemented an attack environment using an APT attack scenario emulator called Carbanak and analyzed the detection coverage of Google Rapid Response(GRR),an open-source threat detection tool,and Graylog,an open-source log collector.The proposed method expanded the detection coverage against MITRE ATT&CK by approximately 11%compared with that conventional methods.
基金The author extends their appreciation to the Deanship of Scientific research at Majmaah University for the funding this work under Project No.1439-48.
文摘Cyber Threat Intelligence(CTI)has gained massive attention to collect hidden knowledge for a better understanding of the various cyber-attacks and eventually paving the way for predicting the future of such attacks.The information exchange and collaborative sharing through different platforms have a significant contribution towards a global solution.While CTI and the information exchange can help a lot in focusing and prioritizing on the use of the large volume of complex information among different organizations,there exists a great challenge ineffective processing of large count of different Indicators of Threat(IoT)which appear regularly,and that can be solved only through a collaborative approach.Collaborative approach and intelligence sharing have become the mandatory element in the entire world of processing the threats.In order to covet the complete needs of having a definite standard of information exchange,various initiatives have been taken in means of threat information sharing platforms like MISP and formats such as SITX.This paper proposes a scoring model to address information decay,which is shared within TISP.The scoring model is implemented,taking the use case of detecting the Threat Indicators in a phishing data network.The proposed method calculates the rate of decay of an attribute through which the early entries are removed.
文摘The integration of organisation’s information security policy into threat modeling enhances effectiveness of security strategies for information security management. These security policies are the ones which define the sets of security issues, controls and organisation’s commitment for seamless integration with knowledge based platforms in order to protect critical assets and data. Such platforms are needed to evaluate and share violations which can create security loop-hole. The lack of rules-based approaches for discovering potential threats at organisation’s context, poses a challenge for many organisations in safeguarding their critical assets. To address the challenge, this paper introduces a Platform for Organisation Security Threat Analytic and Management (POSTAM) using rule-based approach. The platform enhances strategies for combating information security threats and thus improves organisations’ commitment in protecting their critical assets. R scripting language for data visualization and java-based scripts were used to develop a prototype to run on web protocol. MySQL database management system was used as back-end for data storage during threat analytic processes.
文摘As cyber threats keep changing and business environments adapt, a comprehensive approach to disaster recovery involves more than just defensive measures. This research delves deep into the strategies required to respond to threats and anticipate and mitigate them proactively. Beginning with understanding the critical need for a layered defense and the intricacies of the attacker’s journey, the research offers insights into specialized defense techniques, emphasizing the importance of timely and strategic responses during incidents. Risk management is brought to the forefront, underscoring businesses’ need to adopt mature risk assessment practices and understand the potential risk impact areas. Additionally, the value of threat intelligence is explored, shedding light on the importance of active engagement within sharing communities and the vigilant observation of adversary motivations. “Beyond Defense: Proactive Approaches to Disaster Recovery and Threat Intelligence in Modern Enterprises” is a comprehensive guide for organizations aiming to fortify their cybersecurity posture, marrying best practices in proactive and reactive measures in the ever-challenging digital realm.
文摘Advanced Persistent Threat(APT)is now the most common network assault.However,the existing threat analysis models cannot simultaneously predict the macro-development trend and micro-propagation path of APT attacks.They cannot provide rapid and accurate early warning and decision responses to the present system state because they are inadequate at deducing the risk evolution rules of network threats.To address the above problems,firstly,this paper constructs the multi-source threat element analysis ontology(MTEAO)by integrating multi-source network security knowledge bases.Subsequently,based on MTEAO,we propose a two-layer threat prediction model(TL-TPM)that combines the knowledge graph and the event graph.The macro-layer of TL-TPM is based on the knowledge graph to derive the propagation path of threats among devices and to correlate threat elements for threat warning and decision-making;The micro-layer ingeniously maps the attack graph onto the event graph and derives the evolution path of attack techniques based on the event graph to improve the explainability of the evolution of threat events.The experiment’s results demonstrate that TL-TPM can completely depict the threat development trend,and the early warning results are more precise and scientific,offering knowledge and guidance for active defense.
基金Supported by National Natural Science Foundation of China (No.90718023)National High-Tech Research and Development Program of China (No.2007AA01Z130)
文摘In order to evaluate all attack paths in a threat tree,based on threat modeling theory,a weight distribution algorithm of the root node in a threat tree is designed,which computes threat coefficients of leaf nodes in two ways including threat occurring possibility and the degree of damage.Besides,an algorithm of searching attack path was also obtained in accordence with its definition.Finally,an attack path evaluation system was implemented which can output the threat coefficients of the leaf nodes in a target threat tree,the weight distribution information,and the attack paths.An example threat tree is given to verify the effectiveness of the algorithms.
基金supported by Institute of Information&Communications Technology Planning&Evaluation(IITP)grant funded by the Korea government(MSIT)(No.RS-2021-II210493,5G Massive Next Generation Cyber Attack Deception Technology Development,90%)the Gachon University research fund of 2022(GCU-202300750001,10%).
文摘The Internet of Wearable Things(IoWT)or Wearable Internet of Things(WIoT)is a new paradigm that combines IoT and wearable technology.Advances in IoT technology have enabled the miniaturization of sensors embedded in wearable devices and the ability to communicate data and access real-time information over low-power mobile networks.IoWT devices are highly interdependent with mobile devices.However,due to their limited processing power and bandwidth,IoWT devices are vulnerable to cyberattacks due to their low level of security.Threat modeling and frameworks for analyzing cyber threats against existing IoT or low-power protocols have been actively researched.The threat analysis framework used in existing studies was limited to specific protocols and did not target IoWT devices.In addition,In the literature surveyed to date,no cyber threat analysis framework is targeting IoWT.Therefore,the threat model presented in the existing research on cyber threat analysis and modeling for IoWT is specialized for specific devices.In addition,because it does not present standardized attack tactics and techniques,there is a limitation in that it is difficult to identify attacks quickly.In this paper,we propose an Internet of Wearable Things threat analysis frameWork(IWTW)framework that can derive security threats through systematic analysis of IoWT attack cases and possible security threats and perform cyber threat analysis based on them.The methodology for developing the IWTW framework consists of three steps:Analysis,Standardization,and Compilation.IoWT attack cases and potential security threats are analyzed in the analysis stage.In the standardization stage,attack tactics and techniques derived from the analysis of attack cases and potential security threats are standardized,resulting in 3 attack categories,18 attack tactics,and 68 attack techniques.In the compilation stage,standardized security threats are combined to develop the IWTW framework ultimately.We present four case studies targeting MiBand 2,Fitbit Charge HR/Surge,Samsung Gear 3,Xiaomi Amazifit,Honor Band 5,Honor Watch ES,and Senbono CF-58 devices to validate the proposed IWTW framework.We analyzed the attack process through a case study and applied the IWTW framework to derive standardized attack categories,tactics,and techniques effectively.By applying the IWTW framework to cyber threat analysis targeting IoWT,security threats can be standardized,and the attack process can be quickly derived,enabling effective attack analysis on IoWT.
