The fast increase of online communities has brought about an increase in cyber threats inclusive of cyberbullying, hate speech, misinformation, and online harassment, making content moderation a pressing necessity. Tr...The fast increase of online communities has brought about an increase in cyber threats inclusive of cyberbullying, hate speech, misinformation, and online harassment, making content moderation a pressing necessity. Traditional single-modal AI-based detection systems, which analyze both text, photos, or movies in isolation, have established useless at taking pictures multi-modal threats, in which malicious actors spread dangerous content throughout a couple of formats. To cope with these demanding situations, we advise a multi-modal deep mastering framework that integrates Natural Language Processing (NLP), Convolutional Neural Networks (CNNs), and Long Short-Term Memory (LSTM) networks to become aware of and mitigate online threats effectively. Our proposed model combines BERT for text class, ResNet50 for photograph processing, and a hybrid LSTM-3-d CNN community for video content material analysis. We constructed a large-scale dataset comprising 500,000 textual posts, 200,000 offensive images, and 50,000 annotated motion pictures from more than one platform, which includes Twitter, Reddit, YouTube, and online gaming forums. The system became carefully evaluated using trendy gadget mastering metrics which include accuracy, precision, remember, F1-score, and ROC-AUC curves. Experimental outcomes demonstrate that our multi-modal method extensively outperforms single-modal AI classifiers, achieving an accuracy of 92.3%, precision of 91.2%, do not forget of 90.1%, and an AUC rating of 0.95. The findings validate the necessity of integrating multi-modal AI for actual-time, high-accuracy online chance detection and moderation. Future paintings will have consciousness on improving hostile robustness, enhancing scalability for real-world deployment, and addressing ethical worries associated with AI-driven content moderation.展开更多
Cyber threat detection is a crucial aspect of contemporary cybersecurity due to the depth and complexity of cyberattacks.It is the identification of malicious activity,unauthorized access,and possible intrusions in ne...Cyber threat detection is a crucial aspect of contemporary cybersecurity due to the depth and complexity of cyberattacks.It is the identification of malicious activity,unauthorized access,and possible intrusions in networks and systems.Modern detection methods employ artificial intelligence and machine learning to study vast amounts of data,learn patterns,and anticipate potential threats.Real-time monitoring and anomaly detection improve the capacity to react to changing threats more rapidly.Cyber threat detection systems aim to reduce false positives and provide complete coverage against the broadest possible attacks.This research advocates for proactive measures and adaptive technologies in defending digital environments.Improvements in detection ability by organizations will assist in safeguarding assets and integrity in operations in this increasingly digital world.This paper draws on the categorization of cyber threat detection methods using hesitant bipolar fuzzy Frank operators.Categorization is a step that is necessary for systematic comparison and assessment of detection methods so that the most suitable method for particular cybersecurity requirements is chosen.Furthermore,this research manages uncertainty and vagueness that exists in decision-making by applying hesitant bipolar fuzzy logic.The importance of the work lies in how it fortifies cybersecurity architectures with a formal method of discovering optimal detection measures and improving responsiveness,resulting in holistic protection against dynamic threats.展开更多
To solve the problem of the design of classifier in network threat detection, we conduct a simulation experiment for the parameters’ optimal on least squares support vector machine (LSSVM) using the classic PSO alg...To solve the problem of the design of classifier in network threat detection, we conduct a simulation experiment for the parameters’ optimal on least squares support vector machine (LSSVM) using the classic PSO algorithm, and the experiment shows that uneven distribution of the initial particle swarm exerts a great impact on the results of LSSVM algorithm’s classification. This article proposes an improved PSO-LSSVM algorithm based on Divide-and-Conquer (DCPSO- LSSVM) to split the optimal domain where the parameters of LSSVM are in. It can achieve the purpose of distributing the initial particles uniformly. And using the idea of Divide-and-Conquer, it can split a big problem into multiple sub-problems, thus, completing problems’ modularization Meanwhile, this paper introduces variation factors to make the particles escape from the local optimum. The results of experiment prove that DCPSO-LSSVM has better effect on classification of network threat detection compared with SVM and classic PSOLSSVM.展开更多
Internet of Things(IoT)is one of the hottest research topics in recent years,thanks to its dynamic working mechanism that integrates physical and digital world into a single system.IoT technology,applied in industries...Internet of Things(IoT)is one of the hottest research topics in recent years,thanks to its dynamic working mechanism that integrates physical and digital world into a single system.IoT technology,applied in industries,is termed as Industrial IoT(IIoT).IIoT has been found to be highly susceptible to attacks from adversaries,based on the difficulties observed in IIoT and its increased dependency upon internet and communication network.Intentional or accidental attacks on these approaches result in catastrophic effects like power outage,denial of vital health services,disruption to civil service,etc.,Thus,there is a need exists to develop a vibrant and powerful for identification and mitigation of security vulnerabilities in IIoT.In this view,the current study develops an AI-based Threat Detection and Classification model for IIoT,abbreviated as AITDC-IIoT model.The presented AITDC-IIoT model initially pre-processes the input data to transform it into a compatible format.In addition,WhaleOptimizationAlgorithm based Feature Selection(WOA-FS)is used to elect the subset of features.Moreover,Cockroach Swarm Optimization(CSO)is employed with Random Vector Functional Link network(RVFL)technique for threat classification.Finally,CSO algorithm is applied to appropriately adjust the parameters related to RVFL model.The performance of the proposed AITDC-IIoT model was validated under benchmark datasets.The experimental results established the supremacy of the proposed AITDC-IIoT model over recent approaches.展开更多
As the Internet of Things(IoT)continues to expand,incorporating a vast array of devices into a digital ecosystem also increases the risk of cyber threats,necessitating robust defense mechanisms.This paper presents an ...As the Internet of Things(IoT)continues to expand,incorporating a vast array of devices into a digital ecosystem also increases the risk of cyber threats,necessitating robust defense mechanisms.This paper presents an innovative hybrid deep learning architecture that excels at detecting IoT threats in real-world settings.Our proposed model combines Convolutional Neural Networks(CNN),Bidirectional Long Short-Term Memory(BLSTM),Gated Recurrent Units(GRU),and Attention mechanisms into a cohesive framework.This integrated structure aims to enhance the detection and classification of complex cyber threats while accommodating the operational constraints of diverse IoT systems.We evaluated our model using the RT-IoT2022 dataset,which includes various devices,standard operations,and simulated attacks.Our research’s significance lies in the comprehensive evaluation metrics,including Cohen Kappa and Matthews Correlation Coefficient(MCC),which underscore the model’s reliability and predictive quality.Our model surpassed traditional machine learning algorithms and the state-of-the-art,achieving over 99.6%precision,recall,F1-score,False Positive Rate(FPR),Detection Time,and accuracy,effectively identifying specific threats such as Message Queuing Telemetry Transport(MQTT)Publish,Denial of Service Synchronize network packet crafting tool(DOS SYN Hping),and Network Mapper Operating System Detection(NMAP OS DETECTION).The experimental analysis reveals a significant improvement over existing detection systems,significantly enhancing IoT security paradigms.Through our experimental analysis,we have demonstrated a remarkable enhancement in comparison to existing detection systems,which significantly strength-ens the security standards of IoT.Our model effectively addresses the need for advanced,dependable,and adaptable security solutions,serving as a symbol of the power of deep learning in strengthening IoT ecosystems amidst the constantly evolving cyber threat landscape.This achievement marks a significant stride towards protecting the integrity of IoT infrastructure,ensuring operational resilience,and building privacy in this groundbreaking technology.展开更多
Recent developments in computer networks and Internet of Things(IoT)have enabled easy access to data.But the government and business sectors face several difficulties in resolving cybersecurity network issues,like nov...Recent developments in computer networks and Internet of Things(IoT)have enabled easy access to data.But the government and business sectors face several difficulties in resolving cybersecurity network issues,like novel attacks,hackers,internet criminals,and so on.Presently,malware attacks and software piracy pose serious risks in compromising the security of IoT.They can steal confidential data which results infinancial and reputational losses.The advent of machine learning(ML)and deep learning(DL)models has been employed to accomplish security in the IoT cloud environment.This article pre-sents an Enhanced Artificial Gorilla Troops Optimizer with Deep Learning Enabled Cybersecurity Threat Detection(EAGTODL-CTD)in IoT Cloud Net-works.The presented EAGTODL-CTD model encompasses the identification of the threats in the IoT cloud environment.The proposed EAGTODL-CTD mod-el mainly focuses on the conversion of input binaryfiles to color images,where the malware can be detected using an image classification problem.The EAG-TODL-CTD model pre-processes the input data to transform to a compatible for-mat.For threat detection and classification,cascaded gated recurrent unit(CGRU)model is exploited to determine class labels.Finally,EAGTO approach is employed as a hyperparameter optimizer to tune the CGRU parameters,showing the novelty of our work.The performance evaluation of the EAGTODL-CTD model is assessed on a dataset comprising two class labels namely malignant and benign.The experimental values reported the supremacy of the EAG-TODL-CTD model with increased accuracy of 99.47%.展开更多
To combat increasingly sophisticated cyber attacks,the security community has proposed and deployed a large body of threat detection approaches to discover malicious behaviors on host systems and attack payloads in ne...To combat increasingly sophisticated cyber attacks,the security community has proposed and deployed a large body of threat detection approaches to discover malicious behaviors on host systems and attack payloads in network traffic.Several studies have begun to focus on threat detection methods based on provenance data of host-level event tracing.On the other side,with the significant development of big data and artificial intelligence technologies,large-scale graph computing has been widely used.To this end,kinds of research try to bridge the gap between threat detection based on host log provenance data and graph algorithm,and propose the threat detection algorithm based on system provenance graph.These approaches usually generate the system provenance graph via tagging and tracking of system events,and then leverage the characteristics of the graph to conduct threat detection and attack investigation.For the purpose of deeply understanding the correctness,effectiveness,and efficiency of different graph-based threat detection algorithms,we pay attention to mainstream threat detection methods based on provenance graphs.We select and implement 5 state-of-the-art threat detection approaches among a large number of studies as evaluation objects for further analysis.To this end,we collect about 40GB of host-level raw log data in a real-world IT environment,and simulate 6 types of cyber attack scenarios in an isolated environment for malicious provenance data to build our evaluation datasets.The crosswise comparison and longitudinal assessment interpret in detail these detection approaches can detect which attack scenarios well and why.Our empirical evaluation provides a solid foundation for the improvement direction of the threat detection approach.展开更多
The Internet of Things(IoT)is determine enormous economic openings for industries and allow stimulating innovation which obtain between domains in childcare for eldercare,in health service to energy,and in developed t...The Internet of Things(IoT)is determine enormous economic openings for industries and allow stimulating innovation which obtain between domains in childcare for eldercare,in health service to energy,and in developed to transport.Cybersecurity develops a difficult problem in IoT platform whereas the presence of cyber-attack requires that solved.The progress of automatic devices for cyber-attack classifier and detection employing Artificial Intelligence(AI)andMachine Learning(ML)devices are crucial fact to realize security in IoT platform.It can be required for minimizing the issues of security based on IoT devices efficiently.Thus,this research proposal establishes novel mayfly optimized with Regularized Extreme Learning Machine technique called as MFO-RELM model for Cybersecurity Threat classification and detection fromthe cloud and IoT environments.The proposed MFORELM model provides the effective detection of cybersecurity threat which occur in the cloud and IoT platforms.To accomplish this,the MFO-RELM technique pre-processed the actual cloud and IoT data as to meaningful format.Besides,the proposed models will receive the pre-processing data and carry out the classifier method.For boosting the efficiency of the proposed models,theMFOtechnique was utilized to it.The experiential outcome of the proposed technique was tested utilizing the standard CICIDS 2017 dataset,and the outcomes are examined under distinct aspects.展开更多
In the tobacco industry,insider employee attack is a thorny problem that is difficult to detect.To solve this issue,this paper proposes an insider threat detection method based on heterogeneous graph embedding.First,t...In the tobacco industry,insider employee attack is a thorny problem that is difficult to detect.To solve this issue,this paper proposes an insider threat detection method based on heterogeneous graph embedding.First,the interrelationships between logs are fully considered,and log entries are converted into heterogeneous graphs based on these relationships.Second,the heterogeneous graph embedding is adopted and each log entry is represented as a low-dimensional feature vector.Then,normal logs and malicious logs are classified into different clusters by clustering algorithm to identify malicious logs.Finally,the effectiveness and superiority of the method is verified through experiments on the CERT dataset.The experimental results show that this method has better performance compared to some baseline methods.展开更多
Researchers usually detect insider threats by analyzing user behavior.The time information of user behavior is an important concern in internal threat detection.Existing works on insider threat detection fail to make ...Researchers usually detect insider threats by analyzing user behavior.The time information of user behavior is an important concern in internal threat detection.Existing works on insider threat detection fail to make full use of the time information,which leads to their poor detection performance.In this paper,we propose a novel behavioral feature extraction scheme:we implicitly encode absolute time information in the behavioral feature sequences and use a feature sequence construction method taking covariance into account to make our scheme adaptive to users.We select Stacked Bidirectional LSTM and Feedforward Neural Network to build a deep learning-based insider threat detection model:Behavior Rhythm Insider Threat Detection(BRITD).BRITD is universally applicable to various insider threat scenarios,and it has good insider threat detection performance:it achieves an AUC of 0.9730 and a precision of 0.8072 with the CMU CERT dataset,which exceeds all baselines.展开更多
Advanced Persistent Threats (APTs) achieves internal networks penetration through multiple methods, making it difcult to detect attack clues solely through boundary defense measures. To address this challenge, some re...Advanced Persistent Threats (APTs) achieves internal networks penetration through multiple methods, making it difcult to detect attack clues solely through boundary defense measures. To address this challenge, some research has proposed threat detection methods based on provenance graphs, which leverage entity relationships such as processes, fles, and sockets found in host audit logs. However, these methods are generally inefcient, especially when faced with massive audit logs and the computational resource-intensive nature of graph algorithms. Efec-tivelyand economically extracting APT attack clues from massive system audit logs remains a signifcant challenge. To tackle this problem, this paper introduces the ProcSAGE method, which detects threats based on abnormal behavior patterns, ofering high accuracy, low cost, and independence from expert knowledge. ProcSAGE focuses on processes or threads in host audit logs during the graph construction phase to efectively control the scale of provenance graphs and reduce performance overhead. Additionally, in the feature extraction phase, ProcSAGE considers information about the processes or threads themselves and their neighboring nodes to accurately char-acterizethem and enhance model accuracy. In order to verify the efectiveness of the ProcSAGE method, this study conducted a comprehensive evaluation on the StreamSpot dataset. The experimental results show that the ProcSAGE method can signifcantly reduce the time and memory consumption in the threat detection process while improving the accuracy, and the optimization efect becomes more signifcant as the data size expands.展开更多
Unaided authentication services provide the flexibility to login without being dependent on any additional device.The power of recording attack resilient unaided authentication services(RARUAS)is undeniable as,in some...Unaided authentication services provide the flexibility to login without being dependent on any additional device.The power of recording attack resilient unaided authentication services(RARUAS)is undeniable as,in some aspects,they are even capable of offering better security than the biometric based authentication systems.However,high login complexity of these RARUAS makes them far from usable in practice.The adopted information leakage control strategies have often been identified as the primary cause behind such high login complexities.Though recent proposals have made some significant efforts in designing a usable RARUAS by reducing its login complexity,most of them have failed to achieve the desired usability standard.In this paper,we have introduced a new notion of controlling the information leakage rate.By maintaining a good security standard,the introduced idea helps to reduce the login complexity of our proposed mechanism—named as Textual-Graphical Password-based Mechanism or TGPM,by a significant extent.Along with resisting the recording attack,TGPM also achieves a remarkable property of threat detection.To the best of our knowledge,TGPM is the first RARUAS,which can both prevent and detect the activities of the opportunistic recording attackers who can record the complete login activity of a genuine user for a few login sessions.Our study reveals that TGPM assures much higher session resiliency compared to the existing authentication services,having the same or even higher login complexities.Moreover,TGPM stores the password information in a distributed way and thus restricts the adversaries to learn the complete secret from a single compromised server.A thorough theoretical analysis has been performed to prove the strength of our proposal from both the security and usability perspectives.We have also conducted an experimental study to support the theoretical argument made on the usability standard of TGPM.展开更多
The advances in technology increase the number of internet systems usage.As a result,cybersecurity issues have become more common.Cyber threats are one of the main problems in the area of cybersecurity.However,detecti...The advances in technology increase the number of internet systems usage.As a result,cybersecurity issues have become more common.Cyber threats are one of the main problems in the area of cybersecurity.However,detecting cybersecurity threats is not a trivial task and thus is the center of focus for many researchers due to its importance.This study aims to analyze Twitter data to detect cyber threats using a multiclass classification approach.The data is passed through different tasks to prepare it for the analysis.Term Frequency and Inverse Document Frequency(TFIDF)features are extracted to vectorize the cleaned data and several machine learning algorithms are used to classify the Twitter posts into multiple classes of cyber threats.The results are evaluated using different metrics including precision,recall,F-score,and accuracy.This work contributes to the cyber security research area.The experiments revealed the promised results of the analysis using the Random Forest(RF)algorithm with(F-score=81%).This result outperformed the existing studies in the field of cyber threat detection and showed the importance of detecting cyber threats in social media posts.There is a need for more investigation in the field of multiclass classification to achieve more accurate results.In the future,this study suggests applying different data representations for the feature extraction other than TF-IDF such as Word2Vec,and adding a new phase for feature selection to select the optimum features subset to achieve higher accuracy of the detection process.展开更多
With the escalating complexity of IT networks and the surge in cyber threats,the need for advanced,real-time security solutions has never been more paramount.Machine learning(ML)and deep learning(DL)present promising ...With the escalating complexity of IT networks and the surge in cyber threats,the need for advanced,real-time security solutions has never been more paramount.Machine learning(ML)and deep learning(DL)present promising avenues for enhancing the detection,analysis,and mitigation of threats in these intricate networks.The paper delves into the confluence of ML and DL techniques in the realm of cybersecurity,focusing on their application for real-time threat detection within IT infrastructures.Drawing from recent research and developments,the study underscores the potential of these techniques in outmaneuvering conventional security models,while also shedding light on the inherent challenges and areas for future exploration.展开更多
Ransomware attacks pose a significant threat to critical infrastructures,demanding robust detection mechanisms.This study introduces a hybrid model that combines vision transformer(ViT)and one-dimensional convolutiona...Ransomware attacks pose a significant threat to critical infrastructures,demanding robust detection mechanisms.This study introduces a hybrid model that combines vision transformer(ViT)and one-dimensional convolutional neural network(1DCNN)architectures to enhance ransomware detection capabilities.Addressing common challenges in ransomware detection,particularly dataset class imbalance,the synthetic minority oversampling technique(SMOTE)is employed to generate synthetic samples for minority class,thereby improving detection accuracy.The integration of ViT and 1DCNN through feature fusion enables the model to capture both global contextual and local sequential features,resulting in comprehensive ransomware classification.Tested on the UNSW-NB15 dataset,the proposed ViT-1DCNN model achieved 98%detection accuracy with precision,recall,and F1-score metrics surpassing conventional methods.This approach not only reduces false positives and negatives but also offers scalability and robustness for real-world cybersecurity applications.The results demonstrate the model’s potential as an effective tool for proactive ransomware detection,especially in environments where evolving threats require adaptable and high-accuracy solutions.展开更多
Domain Generation Algorithms(DGAs)continue to pose a significant threat inmodernmalware infrastructures by enabling resilient and evasive communication with Command and Control(C&C)servers.Traditional detection me...Domain Generation Algorithms(DGAs)continue to pose a significant threat inmodernmalware infrastructures by enabling resilient and evasive communication with Command and Control(C&C)servers.Traditional detection methods-rooted in statistical heuristics,feature engineering,and shallow machine learning-struggle to adapt to the increasing sophistication,linguistic mimicry,and adversarial variability of DGA variants.The emergence of Large Language Models(LLMs)marks a transformative shift in this landscape.Leveraging deep contextual understanding,semantic generalization,and few-shot learning capabilities,LLMs such as BERT,GPT,and T5 have shown promising results in detecting both character-based and dictionary-based DGAs,including previously unseen(zeroday)variants.This paper provides a comprehensive and critical review of LLM-driven DGA detection,introducing a structured taxonomy of LLM architectures,evaluating the linguistic and behavioral properties of benchmark datasets,and comparing recent detection frameworks across accuracy,latency,robustness,and multilingual performance.We also highlight key limitations,including challenges in adversarial resilience,model interpretability,deployment scalability,and privacy risks.To address these gaps,we present a forward-looking research roadmap encompassing adversarial training,model compression,cross-lingual benchmarking,and real-time integration with SIEM/SOAR platforms.This survey aims to serve as a foundational resource for advancing the development of scalable,explainable,and operationally viable LLM-based DGA detection systems.展开更多
Due to the growth of smart cities,many real-time systems have been developed to support smart cities using Internet of Things(IoT)and emerging technologies.They are formulated to collect the data for environment monit...Due to the growth of smart cities,many real-time systems have been developed to support smart cities using Internet of Things(IoT)and emerging technologies.They are formulated to collect the data for environment monitoring and automate the communication process.In recent decades,researchers have made many efforts to propose autonomous systems for manipulating network data and providing on-time responses in critical operations.However,the widespread use of IoT devices in resource-constrained applications and mobile sensor networks introduces significant research challenges for cybersecurity.These systems are vulnerable to a variety of cyberattacks,including unauthorized access,denial-of-service attacks,and data leakage,which compromise the network’s security.Additionally,uneven load balancing between mobile IoT devices,which frequently experience link interferences,compromises the trustworthiness of the system.This paper introduces a Multi-Agent secured framework using lightweight edge computing to enhance cybersecurity for sensor networks,aiming to leverage artificial intelligence for adaptive routing and multi-metric trust evaluation to achieve data privacy and mitigate potential threats.Moreover,it enhances the efficiency of distributed sensors for energy consumption through intelligent data analytics techniques,resulting in highly consistent and low-latency network communication.Using simulations,the proposed framework reveals its significant performance compared to state-of-the-art approaches for energy consumption by 43%,latency by 46%,network throughput by 51%,packet loss rate by 40%,and denial of service attacks by 42%.展开更多
This study systematically reviews the Internet of Things(IoT)security research based on literature from prominent international cybersecurity conferences over the past five years,including ACM Conference on Computer a...This study systematically reviews the Internet of Things(IoT)security research based on literature from prominent international cybersecurity conferences over the past five years,including ACM Conference on Computer and Communications Security(ACM CCS),USENIX Security,Network and Distributed System Security Symposium(NDSS),and IEEE Symposiumon Security and Privacy(IEEE S&P),along with other high-impact studies.It organizes and analyzes IoT security advancements through the lenses of threats,detection methods,and defense strategies.The foundational architecture of IoT systems is first outlined,followed by categorizing major threats into eight distinct types and analyzing their root causes and potential impacts.Next,six prominent threat detection techniques and five defense strategies are detailed,highlighting their technical principles,advantages,and limitations.The paper concludes by addressing the key challenges still confronting IoT security and proposing directions for future research to enhance system resilience and protection.展开更多
This paper examines how cybersecurity is developing and how it relates to more conventional information security. Although information security and cyber security are sometimes used synonymously, this study contends t...This paper examines how cybersecurity is developing and how it relates to more conventional information security. Although information security and cyber security are sometimes used synonymously, this study contends that they are not the same. The concept of cyber security is explored, which goes beyond protecting information resources to include a wider variety of assets, including people [1]. Protecting information assets is the main goal of traditional information security, with consideration to the human element and how people fit into the security process. On the other hand, cyber security adds a new level of complexity, as people might unintentionally contribute to or become targets of cyberattacks. This aspect presents moral questions since it is becoming more widely accepted that society has a duty to protect weaker members of society, including children [1]. The study emphasizes how important cyber security is on a larger scale, with many countries creating plans and laws to counteract cyberattacks. Nevertheless, a lot of these sources frequently neglect to define the differences or the relationship between information security and cyber security [1]. The paper focus on differentiating between cybersecurity and information security on a larger scale. The study also highlights other areas of cybersecurity which includes defending people, social norms, and vital infrastructure from threats that arise from online in addition to information and technology protection. It contends that ethical issues and the human factor are becoming more and more important in protecting assets in the digital age, and that cyber security is a paradigm shift in this regard [1].展开更多
The increasing deployment of Internet of Things(IoT)devices has introduced significant security chal-lenges,including identity spoofing,unauthorized access,and data integrity breaches.Traditional security mechanisms r...The increasing deployment of Internet of Things(IoT)devices has introduced significant security chal-lenges,including identity spoofing,unauthorized access,and data integrity breaches.Traditional security mechanisms rely on centralized frameworks that suffer from single points of failure,scalability issues,and inefficiencies in real-time security enforcement.To address these limitations,this study proposes the Blockchain-Enhanced Trust and Access Control for IoT Security(BETAC-IoT)model,which integrates blockchain technology,smart contracts,federated learning,and Merkle tree-based integrity verification to enhance IoT security.The proposed model eliminates reliance on centralized authentication by employing decentralized identity management,ensuring tamper-proof data storage,and automating access control through smart contracts.Experimental evaluation using a synthetic IoT dataset shows that the BETAC-IoT model improves access control enforcement accuracy by 92%,reduces device authentication time by 52%(from 2.5 to 1.2 s),and enhances threat detection efficiency by 7%(from 85%to 92%)using federated learning.Additionally,the hybrid blockchain architecture achieves a 300%increase in transaction throughput when comparing private blockchain performance(1200 TPS)to public chains(300 TPS).Access control enforcement accuracy was quantified through confusion matrix analysis,with high precision and minimal false positives observed across access decision categories.Although the model presents advantages in security and scalability,challenges such as computational overhead,blockchain storage constraints,and interoperability with existing IoT systems remain areas for future research.This study contributes to advancing decentralized security frameworks for IoT,providing a resilient and scalable solution for securing connected environments.展开更多
文摘The fast increase of online communities has brought about an increase in cyber threats inclusive of cyberbullying, hate speech, misinformation, and online harassment, making content moderation a pressing necessity. Traditional single-modal AI-based detection systems, which analyze both text, photos, or movies in isolation, have established useless at taking pictures multi-modal threats, in which malicious actors spread dangerous content throughout a couple of formats. To cope with these demanding situations, we advise a multi-modal deep mastering framework that integrates Natural Language Processing (NLP), Convolutional Neural Networks (CNNs), and Long Short-Term Memory (LSTM) networks to become aware of and mitigate online threats effectively. Our proposed model combines BERT for text class, ResNet50 for photograph processing, and a hybrid LSTM-3-d CNN community for video content material analysis. We constructed a large-scale dataset comprising 500,000 textual posts, 200,000 offensive images, and 50,000 annotated motion pictures from more than one platform, which includes Twitter, Reddit, YouTube, and online gaming forums. The system became carefully evaluated using trendy gadget mastering metrics which include accuracy, precision, remember, F1-score, and ROC-AUC curves. Experimental outcomes demonstrate that our multi-modal method extensively outperforms single-modal AI classifiers, achieving an accuracy of 92.3%, precision of 91.2%, do not forget of 90.1%, and an AUC rating of 0.95. The findings validate the necessity of integrating multi-modal AI for actual-time, high-accuracy online chance detection and moderation. Future paintings will have consciousness on improving hostile robustness, enhancing scalability for real-world deployment, and addressing ethical worries associated with AI-driven content moderation.
基金funded by Ongoing Research Funding program(ORF-2025-749),King Saud University,Riyadh,Saudi Arabia.
文摘Cyber threat detection is a crucial aspect of contemporary cybersecurity due to the depth and complexity of cyberattacks.It is the identification of malicious activity,unauthorized access,and possible intrusions in networks and systems.Modern detection methods employ artificial intelligence and machine learning to study vast amounts of data,learn patterns,and anticipate potential threats.Real-time monitoring and anomaly detection improve the capacity to react to changing threats more rapidly.Cyber threat detection systems aim to reduce false positives and provide complete coverage against the broadest possible attacks.This research advocates for proactive measures and adaptive technologies in defending digital environments.Improvements in detection ability by organizations will assist in safeguarding assets and integrity in operations in this increasingly digital world.This paper draws on the categorization of cyber threat detection methods using hesitant bipolar fuzzy Frank operators.Categorization is a step that is necessary for systematic comparison and assessment of detection methods so that the most suitable method for particular cybersecurity requirements is chosen.Furthermore,this research manages uncertainty and vagueness that exists in decision-making by applying hesitant bipolar fuzzy logic.The importance of the work lies in how it fortifies cybersecurity architectures with a formal method of discovering optimal detection measures and improving responsiveness,resulting in holistic protection against dynamic threats.
基金Supported by the Special Fund of Financial Support for Development of Local Universities in China(2012-140 &2012-118)The Science and Technology Foundation of Guizhou Provincial([2011] 2213)Natural Sciences Research Foundation of Guizhou Normal University for Student(201219)
文摘To solve the problem of the design of classifier in network threat detection, we conduct a simulation experiment for the parameters’ optimal on least squares support vector machine (LSSVM) using the classic PSO algorithm, and the experiment shows that uneven distribution of the initial particle swarm exerts a great impact on the results of LSSVM algorithm’s classification. This article proposes an improved PSO-LSSVM algorithm based on Divide-and-Conquer (DCPSO- LSSVM) to split the optimal domain where the parameters of LSSVM are in. It can achieve the purpose of distributing the initial particles uniformly. And using the idea of Divide-and-Conquer, it can split a big problem into multiple sub-problems, thus, completing problems’ modularization Meanwhile, this paper introduces variation factors to make the particles escape from the local optimum. The results of experiment prove that DCPSO-LSSVM has better effect on classification of network threat detection compared with SVM and classic PSOLSSVM.
文摘Internet of Things(IoT)is one of the hottest research topics in recent years,thanks to its dynamic working mechanism that integrates physical and digital world into a single system.IoT technology,applied in industries,is termed as Industrial IoT(IIoT).IIoT has been found to be highly susceptible to attacks from adversaries,based on the difficulties observed in IIoT and its increased dependency upon internet and communication network.Intentional or accidental attacks on these approaches result in catastrophic effects like power outage,denial of vital health services,disruption to civil service,etc.,Thus,there is a need exists to develop a vibrant and powerful for identification and mitigation of security vulnerabilities in IIoT.In this view,the current study develops an AI-based Threat Detection and Classification model for IIoT,abbreviated as AITDC-IIoT model.The presented AITDC-IIoT model initially pre-processes the input data to transform it into a compatible format.In addition,WhaleOptimizationAlgorithm based Feature Selection(WOA-FS)is used to elect the subset of features.Moreover,Cockroach Swarm Optimization(CSO)is employed with Random Vector Functional Link network(RVFL)technique for threat classification.Finally,CSO algorithm is applied to appropriately adjust the parameters related to RVFL model.The performance of the proposed AITDC-IIoT model was validated under benchmark datasets.The experimental results established the supremacy of the proposed AITDC-IIoT model over recent approaches.
基金funding from Deanship of Scientific Research in King Faisal University with Grant Number KFU241648.
文摘As the Internet of Things(IoT)continues to expand,incorporating a vast array of devices into a digital ecosystem also increases the risk of cyber threats,necessitating robust defense mechanisms.This paper presents an innovative hybrid deep learning architecture that excels at detecting IoT threats in real-world settings.Our proposed model combines Convolutional Neural Networks(CNN),Bidirectional Long Short-Term Memory(BLSTM),Gated Recurrent Units(GRU),and Attention mechanisms into a cohesive framework.This integrated structure aims to enhance the detection and classification of complex cyber threats while accommodating the operational constraints of diverse IoT systems.We evaluated our model using the RT-IoT2022 dataset,which includes various devices,standard operations,and simulated attacks.Our research’s significance lies in the comprehensive evaluation metrics,including Cohen Kappa and Matthews Correlation Coefficient(MCC),which underscore the model’s reliability and predictive quality.Our model surpassed traditional machine learning algorithms and the state-of-the-art,achieving over 99.6%precision,recall,F1-score,False Positive Rate(FPR),Detection Time,and accuracy,effectively identifying specific threats such as Message Queuing Telemetry Transport(MQTT)Publish,Denial of Service Synchronize network packet crafting tool(DOS SYN Hping),and Network Mapper Operating System Detection(NMAP OS DETECTION).The experimental analysis reveals a significant improvement over existing detection systems,significantly enhancing IoT security paradigms.Through our experimental analysis,we have demonstrated a remarkable enhancement in comparison to existing detection systems,which significantly strength-ens the security standards of IoT.Our model effectively addresses the need for advanced,dependable,and adaptable security solutions,serving as a symbol of the power of deep learning in strengthening IoT ecosystems amidst the constantly evolving cyber threat landscape.This achievement marks a significant stride towards protecting the integrity of IoT infrastructure,ensuring operational resilience,and building privacy in this groundbreaking technology.
基金Princess Nourah bint Abdulrahman University Researchers Supporting Project Number(PNURSP2022R319)Princess Nourah bint Abdulrahman University,Riyadh,Saudi Arabiathe Deanship of Scientific Research at Umm Al-Qura University for supporting this work by Grant Code:22UQU4340237DSR41.
文摘Recent developments in computer networks and Internet of Things(IoT)have enabled easy access to data.But the government and business sectors face several difficulties in resolving cybersecurity network issues,like novel attacks,hackers,internet criminals,and so on.Presently,malware attacks and software piracy pose serious risks in compromising the security of IoT.They can steal confidential data which results infinancial and reputational losses.The advent of machine learning(ML)and deep learning(DL)models has been employed to accomplish security in the IoT cloud environment.This article pre-sents an Enhanced Artificial Gorilla Troops Optimizer with Deep Learning Enabled Cybersecurity Threat Detection(EAGTODL-CTD)in IoT Cloud Net-works.The presented EAGTODL-CTD model encompasses the identification of the threats in the IoT cloud environment.The proposed EAGTODL-CTD mod-el mainly focuses on the conversion of input binaryfiles to color images,where the malware can be detected using an image classification problem.The EAG-TODL-CTD model pre-processes the input data to transform to a compatible for-mat.For threat detection and classification,cascaded gated recurrent unit(CGRU)model is exploited to determine class labels.Finally,EAGTO approach is employed as a hyperparameter optimizer to tune the CGRU parameters,showing the novelty of our work.The performance evaluation of the EAGTODL-CTD model is assessed on a dataset comprising two class labels namely malignant and benign.The experimental values reported the supremacy of the EAG-TODL-CTD model with increased accuracy of 99.47%.
基金supported by National Natural Science Foundation of China (No. U1736218)National Key R&D Program of China (No. 2018YFB0804704)partially supported by CNCERT/CC
文摘To combat increasingly sophisticated cyber attacks,the security community has proposed and deployed a large body of threat detection approaches to discover malicious behaviors on host systems and attack payloads in network traffic.Several studies have begun to focus on threat detection methods based on provenance data of host-level event tracing.On the other side,with the significant development of big data and artificial intelligence technologies,large-scale graph computing has been widely used.To this end,kinds of research try to bridge the gap between threat detection based on host log provenance data and graph algorithm,and propose the threat detection algorithm based on system provenance graph.These approaches usually generate the system provenance graph via tagging and tracking of system events,and then leverage the characteristics of the graph to conduct threat detection and attack investigation.For the purpose of deeply understanding the correctness,effectiveness,and efficiency of different graph-based threat detection algorithms,we pay attention to mainstream threat detection methods based on provenance graphs.We select and implement 5 state-of-the-art threat detection approaches among a large number of studies as evaluation objects for further analysis.To this end,we collect about 40GB of host-level raw log data in a real-world IT environment,and simulate 6 types of cyber attack scenarios in an isolated environment for malicious provenance data to build our evaluation datasets.The crosswise comparison and longitudinal assessment interpret in detail these detection approaches can detect which attack scenarios well and why.Our empirical evaluation provides a solid foundation for the improvement direction of the threat detection approach.
基金The authors extend their appreciation to the deanship of scientific research at Shaqra University for funding this research work through the project number(SU-NN-202210).
文摘The Internet of Things(IoT)is determine enormous economic openings for industries and allow stimulating innovation which obtain between domains in childcare for eldercare,in health service to energy,and in developed to transport.Cybersecurity develops a difficult problem in IoT platform whereas the presence of cyber-attack requires that solved.The progress of automatic devices for cyber-attack classifier and detection employing Artificial Intelligence(AI)andMachine Learning(ML)devices are crucial fact to realize security in IoT platform.It can be required for minimizing the issues of security based on IoT devices efficiently.Thus,this research proposal establishes novel mayfly optimized with Regularized Extreme Learning Machine technique called as MFO-RELM model for Cybersecurity Threat classification and detection fromthe cloud and IoT environments.The proposed MFORELM model provides the effective detection of cybersecurity threat which occur in the cloud and IoT platforms.To accomplish this,the MFO-RELM technique pre-processed the actual cloud and IoT data as to meaningful format.Besides,the proposed models will receive the pre-processing data and carry out the classifier method.For boosting the efficiency of the proposed models,theMFOtechnique was utilized to it.The experiential outcome of the proposed technique was tested utilizing the standard CICIDS 2017 dataset,and the outcomes are examined under distinct aspects.
基金Supported by the National Natural Science Foundation of China(No.62203390)the Science and Technology Project of China TobaccoZhejiang Industrial Co.,Ltd(No.ZJZY2022E004)。
文摘In the tobacco industry,insider employee attack is a thorny problem that is difficult to detect.To solve this issue,this paper proposes an insider threat detection method based on heterogeneous graph embedding.First,the interrelationships between logs are fully considered,and log entries are converted into heterogeneous graphs based on these relationships.Second,the heterogeneous graph embedding is adopted and each log entry is represented as a low-dimensional feature vector.Then,normal logs and malicious logs are classified into different clusters by clustering algorithm to identify malicious logs.Finally,the effectiveness and superiority of the method is verified through experiments on the CERT dataset.The experimental results show that this method has better performance compared to some baseline methods.
基金supported by the National Key Research and Development Program of China.
文摘Researchers usually detect insider threats by analyzing user behavior.The time information of user behavior is an important concern in internal threat detection.Existing works on insider threat detection fail to make full use of the time information,which leads to their poor detection performance.In this paper,we propose a novel behavioral feature extraction scheme:we implicitly encode absolute time information in the behavioral feature sequences and use a feature sequence construction method taking covariance into account to make our scheme adaptive to users.We select Stacked Bidirectional LSTM and Feedforward Neural Network to build a deep learning-based insider threat detection model:Behavior Rhythm Insider Threat Detection(BRITD).BRITD is universally applicable to various insider threat scenarios,and it has good insider threat detection performance:it achieves an AUC of 0.9730 and a precision of 0.8072 with the CMU CERT dataset,which exceeds all baselines.
基金supported by National Key Research and Development Pro-gram of China(No.2023YFC2206402)Youth Innovation Promotion Associa-tion CAS(No.2021156)+2 种基金the Strategic Priority Research Program of the Chinese Academy of Sciences(No.XDC02040100)Foundation Strengthening Program Technical Area Fund,021-JCJQ-JJ-0908State Grid Corporation of China Science and Technology Program(Contract No.:SG270000YXJS2311060).
文摘Advanced Persistent Threats (APTs) achieves internal networks penetration through multiple methods, making it difcult to detect attack clues solely through boundary defense measures. To address this challenge, some research has proposed threat detection methods based on provenance graphs, which leverage entity relationships such as processes, fles, and sockets found in host audit logs. However, these methods are generally inefcient, especially when faced with massive audit logs and the computational resource-intensive nature of graph algorithms. Efec-tivelyand economically extracting APT attack clues from massive system audit logs remains a signifcant challenge. To tackle this problem, this paper introduces the ProcSAGE method, which detects threats based on abnormal behavior patterns, ofering high accuracy, low cost, and independence from expert knowledge. ProcSAGE focuses on processes or threads in host audit logs during the graph construction phase to efectively control the scale of provenance graphs and reduce performance overhead. Additionally, in the feature extraction phase, ProcSAGE considers information about the processes or threads themselves and their neighboring nodes to accurately char-acterizethem and enhance model accuracy. In order to verify the efectiveness of the ProcSAGE method, this study conducted a comprehensive evaluation on the StreamSpot dataset. The experimental results show that the ProcSAGE method can signifcantly reduce the time and memory consumption in the threat detection process while improving the accuracy, and the optimization efect becomes more signifcant as the data size expands.
文摘Unaided authentication services provide the flexibility to login without being dependent on any additional device.The power of recording attack resilient unaided authentication services(RARUAS)is undeniable as,in some aspects,they are even capable of offering better security than the biometric based authentication systems.However,high login complexity of these RARUAS makes them far from usable in practice.The adopted information leakage control strategies have often been identified as the primary cause behind such high login complexities.Though recent proposals have made some significant efforts in designing a usable RARUAS by reducing its login complexity,most of them have failed to achieve the desired usability standard.In this paper,we have introduced a new notion of controlling the information leakage rate.By maintaining a good security standard,the introduced idea helps to reduce the login complexity of our proposed mechanism—named as Textual-Graphical Password-based Mechanism or TGPM,by a significant extent.Along with resisting the recording attack,TGPM also achieves a remarkable property of threat detection.To the best of our knowledge,TGPM is the first RARUAS,which can both prevent and detect the activities of the opportunistic recording attackers who can record the complete login activity of a genuine user for a few login sessions.Our study reveals that TGPM assures much higher session resiliency compared to the existing authentication services,having the same or even higher login complexities.Moreover,TGPM stores the password information in a distributed way and thus restricts the adversaries to learn the complete secret from a single compromised server.A thorough theoretical analysis has been performed to prove the strength of our proposal from both the security and usability perspectives.We have also conducted an experimental study to support the theoretical argument made on the usability standard of TGPM.
基金funded by Deputyship for Research&Innovation,Ministry of Education in Saudi Arabia,Project Number MoE-IF-UJ-22-04100409-5.
文摘The advances in technology increase the number of internet systems usage.As a result,cybersecurity issues have become more common.Cyber threats are one of the main problems in the area of cybersecurity.However,detecting cybersecurity threats is not a trivial task and thus is the center of focus for many researchers due to its importance.This study aims to analyze Twitter data to detect cyber threats using a multiclass classification approach.The data is passed through different tasks to prepare it for the analysis.Term Frequency and Inverse Document Frequency(TFIDF)features are extracted to vectorize the cleaned data and several machine learning algorithms are used to classify the Twitter posts into multiple classes of cyber threats.The results are evaluated using different metrics including precision,recall,F-score,and accuracy.This work contributes to the cyber security research area.The experiments revealed the promised results of the analysis using the Random Forest(RF)algorithm with(F-score=81%).This result outperformed the existing studies in the field of cyber threat detection and showed the importance of detecting cyber threats in social media posts.There is a need for more investigation in the field of multiclass classification to achieve more accurate results.In the future,this study suggests applying different data representations for the feature extraction other than TF-IDF such as Word2Vec,and adding a new phase for feature selection to select the optimum features subset to achieve higher accuracy of the detection process.
文摘With the escalating complexity of IT networks and the surge in cyber threats,the need for advanced,real-time security solutions has never been more paramount.Machine learning(ML)and deep learning(DL)present promising avenues for enhancing the detection,analysis,and mitigation of threats in these intricate networks.The paper delves into the confluence of ML and DL techniques in the realm of cybersecurity,focusing on their application for real-time threat detection within IT infrastructures.Drawing from recent research and developments,the study underscores the potential of these techniques in outmaneuvering conventional security models,while also shedding light on the inherent challenges and areas for future exploration.
文摘Ransomware attacks pose a significant threat to critical infrastructures,demanding robust detection mechanisms.This study introduces a hybrid model that combines vision transformer(ViT)and one-dimensional convolutional neural network(1DCNN)architectures to enhance ransomware detection capabilities.Addressing common challenges in ransomware detection,particularly dataset class imbalance,the synthetic minority oversampling technique(SMOTE)is employed to generate synthetic samples for minority class,thereby improving detection accuracy.The integration of ViT and 1DCNN through feature fusion enables the model to capture both global contextual and local sequential features,resulting in comprehensive ransomware classification.Tested on the UNSW-NB15 dataset,the proposed ViT-1DCNN model achieved 98%detection accuracy with precision,recall,and F1-score metrics surpassing conventional methods.This approach not only reduces false positives and negatives but also offers scalability and robustness for real-world cybersecurity applications.The results demonstrate the model’s potential as an effective tool for proactive ransomware detection,especially in environments where evolving threats require adaptable and high-accuracy solutions.
基金the Deanship of Scientific Research at King Khalid University for funding this work through large group under grant number(GRP.2/663/46).
文摘Domain Generation Algorithms(DGAs)continue to pose a significant threat inmodernmalware infrastructures by enabling resilient and evasive communication with Command and Control(C&C)servers.Traditional detection methods-rooted in statistical heuristics,feature engineering,and shallow machine learning-struggle to adapt to the increasing sophistication,linguistic mimicry,and adversarial variability of DGA variants.The emergence of Large Language Models(LLMs)marks a transformative shift in this landscape.Leveraging deep contextual understanding,semantic generalization,and few-shot learning capabilities,LLMs such as BERT,GPT,and T5 have shown promising results in detecting both character-based and dictionary-based DGAs,including previously unseen(zeroday)variants.This paper provides a comprehensive and critical review of LLM-driven DGA detection,introducing a structured taxonomy of LLM architectures,evaluating the linguistic and behavioral properties of benchmark datasets,and comparing recent detection frameworks across accuracy,latency,robustness,and multilingual performance.We also highlight key limitations,including challenges in adversarial resilience,model interpretability,deployment scalability,and privacy risks.To address these gaps,we present a forward-looking research roadmap encompassing adversarial training,model compression,cross-lingual benchmarking,and real-time integration with SIEM/SOAR platforms.This survey aims to serve as a foundational resource for advancing the development of scalable,explainable,and operationally viable LLM-based DGA detection systems.
基金supported by the Deanship of Graduate Studies and Scientific Research at Jouf University.
文摘Due to the growth of smart cities,many real-time systems have been developed to support smart cities using Internet of Things(IoT)and emerging technologies.They are formulated to collect the data for environment monitoring and automate the communication process.In recent decades,researchers have made many efforts to propose autonomous systems for manipulating network data and providing on-time responses in critical operations.However,the widespread use of IoT devices in resource-constrained applications and mobile sensor networks introduces significant research challenges for cybersecurity.These systems are vulnerable to a variety of cyberattacks,including unauthorized access,denial-of-service attacks,and data leakage,which compromise the network’s security.Additionally,uneven load balancing between mobile IoT devices,which frequently experience link interferences,compromises the trustworthiness of the system.This paper introduces a Multi-Agent secured framework using lightweight edge computing to enhance cybersecurity for sensor networks,aiming to leverage artificial intelligence for adaptive routing and multi-metric trust evaluation to achieve data privacy and mitigate potential threats.Moreover,it enhances the efficiency of distributed sensors for energy consumption through intelligent data analytics techniques,resulting in highly consistent and low-latency network communication.Using simulations,the proposed framework reveals its significant performance compared to state-of-the-art approaches for energy consumption by 43%,latency by 46%,network throughput by 51%,packet loss rate by 40%,and denial of service attacks by 42%.
文摘This study systematically reviews the Internet of Things(IoT)security research based on literature from prominent international cybersecurity conferences over the past five years,including ACM Conference on Computer and Communications Security(ACM CCS),USENIX Security,Network and Distributed System Security Symposium(NDSS),and IEEE Symposiumon Security and Privacy(IEEE S&P),along with other high-impact studies.It organizes and analyzes IoT security advancements through the lenses of threats,detection methods,and defense strategies.The foundational architecture of IoT systems is first outlined,followed by categorizing major threats into eight distinct types and analyzing their root causes and potential impacts.Next,six prominent threat detection techniques and five defense strategies are detailed,highlighting their technical principles,advantages,and limitations.The paper concludes by addressing the key challenges still confronting IoT security and proposing directions for future research to enhance system resilience and protection.
文摘This paper examines how cybersecurity is developing and how it relates to more conventional information security. Although information security and cyber security are sometimes used synonymously, this study contends that they are not the same. The concept of cyber security is explored, which goes beyond protecting information resources to include a wider variety of assets, including people [1]. Protecting information assets is the main goal of traditional information security, with consideration to the human element and how people fit into the security process. On the other hand, cyber security adds a new level of complexity, as people might unintentionally contribute to or become targets of cyberattacks. This aspect presents moral questions since it is becoming more widely accepted that society has a duty to protect weaker members of society, including children [1]. The study emphasizes how important cyber security is on a larger scale, with many countries creating plans and laws to counteract cyberattacks. Nevertheless, a lot of these sources frequently neglect to define the differences or the relationship between information security and cyber security [1]. The paper focus on differentiating between cybersecurity and information security on a larger scale. The study also highlights other areas of cybersecurity which includes defending people, social norms, and vital infrastructure from threats that arise from online in addition to information and technology protection. It contends that ethical issues and the human factor are becoming more and more important in protecting assets in the digital age, and that cyber security is a paradigm shift in this regard [1].
文摘The increasing deployment of Internet of Things(IoT)devices has introduced significant security chal-lenges,including identity spoofing,unauthorized access,and data integrity breaches.Traditional security mechanisms rely on centralized frameworks that suffer from single points of failure,scalability issues,and inefficiencies in real-time security enforcement.To address these limitations,this study proposes the Blockchain-Enhanced Trust and Access Control for IoT Security(BETAC-IoT)model,which integrates blockchain technology,smart contracts,federated learning,and Merkle tree-based integrity verification to enhance IoT security.The proposed model eliminates reliance on centralized authentication by employing decentralized identity management,ensuring tamper-proof data storage,and automating access control through smart contracts.Experimental evaluation using a synthetic IoT dataset shows that the BETAC-IoT model improves access control enforcement accuracy by 92%,reduces device authentication time by 52%(from 2.5 to 1.2 s),and enhances threat detection efficiency by 7%(from 85%to 92%)using federated learning.Additionally,the hybrid blockchain architecture achieves a 300%increase in transaction throughput when comparing private blockchain performance(1200 TPS)to public chains(300 TPS).Access control enforcement accuracy was quantified through confusion matrix analysis,with high precision and minimal false positives observed across access decision categories.Although the model presents advantages in security and scalability,challenges such as computational overhead,blockchain storage constraints,and interoperability with existing IoT systems remain areas for future research.This study contributes to advancing decentralized security frameworks for IoT,providing a resilient and scalable solution for securing connected environments.
