ArticlePDF Available

A Review on Cyber Security and the Fifth Generation Cyberattacks

Article

A Review on Cyber Security and the Fifth Generation Cyberattacks

Abstract and Figures

Cyber attacks have become quite common in this internet era. The cybercrimes are getting increased every year and the intensity of damage is also increasing. providing security against cyber-attacks becomes the most significant in this digital world. However, ensuring cyber security is an extremely intricate task as requires domain knowledge about the attacks and capability of analysing the possibility of threats. The main challenge of cybersecurity is the evolving nature of the attacks. This paper presents the significance of cyber security along with the various risks that are in the current digital era. The analysis made for cyber-attacks and their statistics shows the intensity of the attacks. Various cybersecurity threats are presented along with the machine learning algorithms that can be applied to cyber attacks detection. The need for the fifth generation cybersecurity architecture is discussed.
A Review on Cyber Security and the
Fifth Generation Cyberattacks
A. SARAVANAN1 and S.SATHYA BAMA2
1Department of MCA, Sree Saraswathi Thyagaraja College, Pollachi, India.
2483, Lawley Road, Coimbatore, Tamil Nadu, India.
Abstract
Cyberattacks has become quite common in this internet era. The
cybercrimes are getting increased every year and the intensity of damage
is also increasing. providing security against cyber-attacks becomes the
most significant in this digital world. However, ensuring cyber security
is an extremely intricate task as requires domain knowledge about the
attacks and capability of analysing the possibility of threats. The main
challenge of cyber security is the evolving nature of the attacks. This
paper presents the significance of cyber security along with the various
risks that are in the current digital era. The analysis made for cyber-
attacks and their statistics shows the intensity of the attacks. Various
cyber security threats are presented along with the machine learning
algorithms that can be applied on cyberattacks detection. The need for
the fifth generation cybersecurity architecture is discussed.
CONTACT A. Saravanan ssathya21@gmail.com Department of MCA, Sree Saraswathi Thyagaraja College, Pollachi, India.
© 2018 The Author(s). Published by Oriental Scientific Publishing Company
This is an Open Access article licensed under a Creative Commons license: Attribution 4.0 International (CC-BY).
Doi: http://dx.doi.org/10.13005/ojcst12.02.04
Article History
Received: 30 January 2019
Accepted: 24 May 2019
Keywords
Cyberattacks;
Cybersecurity;
Fifth Generation;
Machine Learning Algorithm;
Security Threats.
Oriental Journal of Computer Science and Technology
www.computerscijournal.org
ISSN: 0974-6471, Vol. 12, No. (2) 2019, Pg. 50-56
Introduction
Due to the increasing trust and usage of the
Internet, almost all the industries, government and
even financial institutions has transformed their
transactions to the cyber infrastructure. This makes
the cyber system more vulnerable to cyberattacks.
A cyberattack is a malicious attempt made by an
individual or organization to breach the information
system of another individual or organization.
Most commonly, cyberattacks target the business
organization, military, government, or other financial
institutions such as banking either for hacking
secured information or for a ransom.
The volume and knowledge of the technology in
cyberattack are increasing drastically. This become
the important threats to the cyber world. According
to Trustwave’s 2015 Global Security Report,
approximately, 98% of tested web applications
were found vulnerable to cyber-attack. Based on the
51
SARAVANAN & BAMA, Orient. J. Comp. Sci. & Technol., Vol. 12(2) 50-56 (2019)
Department of Business, Innovation and Skills’ 2015
security survey 90% of the huge organization and 74
% of the small organization agonized from security
breaches.1 Thus the term cyber security has become
the most prominent field under research. Cyber
security ensures preserving confidentiality, integrity
and availability of information in the Cyberspace2.
Though cybersecurity is a single term, to guarantee
the security it involves the coordination of the various
other domains. This relationship between various
domain is depicted in Figure 1.
These domains are simply described below.
Application security implementing various
measures to improve the security of an
application. This is often done by monitoring
the application and finding, fixing and
preventing security vulnerabilities.
Information Security is a set of procedures
or practices to maintain the confidentiality,
integrity and availability of business data and
information in various forms.
Network security is a process designed
to shield the usability and integrity of the
network and its data and provide secured
access towards the network. Network security
always includes both hardware and software
technologies.
Operations security is a process of identifying
and protecting unclassified critical information
which are often attractive for the competitor
or adversary to gain real information.
Internet security involves various security
processes implemented for ensuring the
security of online transactions. It involves
protecting browsers, network, operating
systems, and other applications from attacks
by setting up precise rules and regulations.
ICT security is the ability to protect the
Confidentiality, Integrity and Availability of an
organization's digital information assets.
End-User Knowledge is most significant
since people are the weakest link in the
cybersecurity chain. The lack of user
knowledge about cybersecurity risks is the
reason for 50% of the cyberattack and almost
90% of cyberattacks are caused by human
behaviour.
However, the attacks made by the cyber criminals
are getting smarter and they use new methods and
technology for successful attacks. They often find the
security holes and breaches in the secured system
and steal information or damage the system in less
time.3 In this digital era, since people do all the major
day to day activities online, there is an urgent need
for the improved cyber security with new techniques.
To neutralize the cyberattacks, equal growth in
the cyber security as attacks is required. Though
several new techniques are suggested by various
researchers and many techniques are currently
in use, the effect of an attack is still increasing.4
Cybersecurity has to protect any private, personal
or government data from attacks by focusing on
three main tasks.5
Fig. 1: Cyber Security and various domains
52
SARAVANAN & BAMA, Orient. J. Comp. Sci. & Technol., Vol. 12(2) 50-56 (2019)
1. Taking measures to protect equipment,
software and the information they contain.
2. Guaranteeing the state or quality of being
protected from the several threats; and
3. Implementing and improving these activities.
In recent years, many non-profit organizations and
projects have been carried out with the aim of facing
security threats. The most popular organization is
Open Web Application Security Project (OWASP),
an international non-for-profit charitable organization
that focuses on the application security.6 Every year
they identify and release the series of software
vulnerabilities and describe the ten most important
in their top ten project. In the year of 2018, the
top ten vulnerabilities listed by the OWASP are
injection, broken authentication and session
management, sensitive data exposure, XML
External Entities (XXE), Broken Access control,
Security misconfigurations, Cross Site Scripting
(XSS), Insecure Deserialization, Using Components
with known vulnerabilities, Insufficient logging and
monitoring.7
The cyber-attacks have emerged to fifth generation,
though, 97%. Of organizations are using outdated
security technologies and equipped for second
and third generation attacks.8 The cyber security
generations are elaborated in Figure 2.
Cyber Attack Statistics
The number of unique cyber incidents in the second
quarter of 2018, as defined by Positive Technologies,
was 47 percent higher than the number from just a
year previous. In the third quarter of 2018, Kaspersky
Labs the number of malicious mobile installation
packages was up by nearly a third when compared
to just the previous few months. But there's an easy
way to avoid those attacks, as Norton says that 99.9
percent of those packages come from unofficial "third
party" app stores. The major cyberattacks for the
year 2017 is represented as a timeline.
According to the report given by Atlanta Journal-
Constitution newspaper – www.ajc.com, $ 2.7
million spent by the City of Atlanta to repair damage
from ransomware attack. A report given by 2018 IT
Professionals Security Report Survey says that 76%
of organizations experienced a phishing attack in
the past year and 49% of organizations experienced
a DDoS attack in the past year. The ‘AdultSwine’
malware was installed up to 7 million times across 60
Children’s Games Apps. Over 20% of organizations
are impacted by Cryptojacking Malware every
week and 40% of organizations were impacted by
Cryptominers in 2018. (Check Point Research Blog).
Over 300 apps in the google play store contained
malware and were downloaded by over 106 million
users.9 614 GB of data related to weapons, sensor
and communication systems stolen from US Navy
contractor, allegedly by Chinese government hackers.
Check Point global attack sensors undergone a
survey on the new vulnerabilities introduced in the
past 8 years The values are depicted in Figure 3.10
Cyber Security Threats
The common goal of the cyberattacks is to disable
or to gain access to the target system. The goal can
be achieved by applying various attacks on the target
system. Several cyberattacks exist and even evolve
day by day. Some of the common cyberattacks are
explained below:
Fig. 2: Cyber Attack Generation
53
SARAVANAN & BAMA, Orient. J. Comp. Sci. & Technol., Vol. 12(2) 50-56 (2019)
Malware
Malware is a malicious software that is designed to
cause destruction to a single system or a network.
Basic malevolent software such as worms, viruses,
and trojans and recent malicious software such as
spyware, ransomware belongs to this category. The
malware infects the system or network when a user
clicks a dangerous link, through email attachment
or while installing risky software. The main point to
be noted is that the malware reproduces or spreads
when it interacts with other system or device. Some
of the causes includes blocking access to the
network, installs additional spiteful software, gathers
information.
Phishing
Phishing is the practice of sending fraudulent
communications that appear to come from a
reputable source, usually through email. The goal
is to steal sensitive data like credit card and login
information or to install malware on the victim’s
machine. Phishing is an increasingly common cyber
threat.
Man-in-the-middle Attack
Man-in-the-middle (MitM) attacks occur when
attackers insert themselves into a two-party
transaction. Once the attackers interrupt the traffic,
they can filter and steal data. It is normally known
as eavesdropping attacks. Several variations of the
MITM attack exists that includes password stealing,
credential forwarding etc. Normally on an unsecure
public Wi-Fi, attackers can insert themselves
between a visitor’s device and the network. Without
knowing, the visitor passes all information through
the attacker. In some cases, the attacker installs
some software to gather the information about the
victim through malware.
Cryptojacking
A specialized attack that involves getting someone
else's computer to do the work of generating
cryptocurrency for the target. The attackers will
either install malware on the victim's computer to
perform the necessary calculations, or sometimes
run the code in JavaScript that executes in the
victim's browser.
Denial-of-service Attack
A denial-of-service attack floods systems, servers,
or networks with traffic to exhaust resources and
bandwidth. As a result, the system is unable to
process the legitimate requests. Attackers can
also use multiple compromised devices to launch
this attack. Instead of launching single attacks, the
attacker launches several attacks to the victim. This
is known as a distributed-denial-of-service (DDoS)
attack. 24% of companies have experienced a DDoS
attack in the past year11
SQL Injection
A Structured Query Language (SQL) injection is a
quite common attack that occurs when an attacker
inserts malicious code into a server that uses SQL
and forces the server to reveal information it normally
would not. An attacker could carry out a SQL injection
simply by submitting malicious code into a vulnerable
website search box.
Zero-Day Exploit
A zero-day exploit hits after a network vulnerability
is announced but before a patch or solution is
Fig. 3: Percentage of attacks that leveraged a new vulnerability
54
SARAVANAN & BAMA, Orient. J. Comp. Sci. & Technol., Vol. 12(2) 50-56 (2019)
implemented. Attackers target the disclosed
vulnerability during this window of time. Zero-day
vulnerability threat detection requires constant
awareness.
Spam
It an e-mail message that is unwanted.12 Spam
e-mails can be not only a time-consuming task for
recipients but a source of Java applets that may
execute automatically when the message is read.13
Apart from the above mentioned threats, SANS
Institute identifies the following malicious spyware
actions as the most frequent, malicious activities14:
changing network settings,
disabling antivirus and antispyware tools,
turning off the Microsoft Security Center and/
or automatic updates,
installing rogue certificates,
cascading file droppers,
keystroke logging,
URL monitoring, form scraping and screen
scraping,
turning on the microphone and/or camera,
pretending to be an antispyware or antivirus
tool,
editing search results,
acting as a spam relay,
planting a rootkit or altering the system to
prevent removal,
installing a bot for attacker remote control,
intercepting sensitive documents and
exfiltrating them, or encrypting them for
ransom,
planting a sniffer.
Some of the fifth generation cyber-attacks includes
Andromeda, AdvisorsBot, Cerber, CNRig, Cryptoloot,
Fireball, HiddenMiner, Iotroop, Nivdort, NotPetya,
RubyMiner, Trickbot, WannaCry, WannaMine,
Ransomeware, adultSwine, and cryptocurrency
attacks. These are sophisticated attacks that cause
severe damage.
Machine Learning and Cybersecurity
Numerous methods and procedures have been
developed in the literature for the detection of threats
in the cyberspace. Recently machine learning has
contributed much in the cyber security. In case of
spam detection, basically filters are used to analyse
the content to differentiate whether the message
is spam or not. The machine learning algorithms
such as Bayesian classifier,15 SVM,16 MapReduce,17
Behaviour-based spam detection using neural
networks,18 Text detection method for image spam
filtering19 were suggested.
Statistical analysis based malware detection was
introduced in.20 Marlware detection using machine
learning was suggested.21 Statistical and dynamical
based malware detection was suggested by Shijo
and Salim.22 detecting of internet worm malcodes
using principal component analysis and multiclass
support vector machine was introduced.23 For
detecting phishing email, random forest machine
learning technique was employed.24 Several
supervised learning algorithms were introduced to
detect the phishing sites.25 Thus clustering algorithm
and classification algorithms such as SVM, Random
Forest, Naïve Bayes classifier, neural network, fuzzy
based classifier is commonly used in detecting
the security threats that includes spam detection,
malware detection and phishing detection.
Moving to Fifth Generation Cyber Security
Architecture
The rapid digital transformation of business places
increasing demands on security. Current security
architectures to manage all this are outdated and
are the most common cause for unavailability and
security issues that lead to failure. Thus there is a
need for implementing fifth generation architecture
that includes cloud infrastructure and Internet of
Things, though, businesses can eliminate single
points of failure by providing the necessary strength
and resiliency to maintain operations and security
under any circumstances.
This security architecture must build a consolidated,
unified security architecture that manages and
integrates with mobile, cloud and networks to protect
against and prevent fifth generation cyberattacks.
Integrated threat prevention also needs to work
with a dynamic security policy across all platforms
that expresses business needs, supports cloud
demands with auto scaling and is able to flexibly
integrate with third-party APIs. Furthermore, a
unified and advanced multi-layered threat prevention
environment must include CPU-Level sandbox
prevention, threat extraction, anti-phishing and
55
SARAVANAN & BAMA, Orient. J. Comp. Sci. & Technol., Vol. 12(2) 50-56 (2019)
anti-ransomware solutions to defend against known
and unknown ‘zero-day’ attacks. In this way, having
the right architecture upon which the entire security
infrastructure operates is the only way to ensure a
single, cohesive wall of protection to prevent fifth
generation cyberattacks.26
Conclusion
In the past 20 years, cyberattacks and the
cybersecurity have advanced and evolved rapidly
due to the technological advancement. Though
this is the case, unfortunately, most organizations
have not evolved and are still using second or third
generation cyber security even after the evolution of
the fifth generation of These fifth generation attacks
are named as mega attacks as it large-scale and
fast-moving attacks. These sophisticated attacks
can effortlessly bypass the conventional, static
detection-based security systems that are used by
the most of the today’s organizations. Thus to defend
the latest attacks, organizations should implement
the fifth generation security architecture to protect
their network infrastructure, cloud and mobile
infrastructure. Thus to conclude, the awareness
among the organizations and individuals about the
cyberattacks and their effect along with the security
solutions are to be increased. Everyone should use
the technology only after analysing the pros and cons
and the security breaches and care must be taken
to secure their information. The future work aims at
proposing the fifth generation security framework to
protect the online digital infrastructure that includes
cloud, mobile and network infrastructure.
Acknowledgements
This research has not received any specific grant
from funding agencies in the public, commercial, or
not-for-profit sectors. The authors declare no conflict
of interest.
Reference
1. Trustwave Global Security. Report
retrieved from: https://www2.trustwave.
com/rs/815-RFM693/images/2015_
TrustwaveGlobalSecurityReport.pdf
2. International Organization for Standardization.
ISO/IEC 27032:2012. Information
technology—Security techniques—
Guidelines for cybersecurity. 2012
3. Chowdhury A. Recent cyber security
attacks and their mitigation approaches–An
Overview. In International conference on
applications and techniques in information
security, Springer, Singapore. 2016; pp 54-65.
4. Passeri P. Cyber Attacks Statistics
Paolo Passeri, May 2016. http://www.
hackmageddon.com/category/security/cyber-
attacks-statistics/. Accessed 07 October 2016
5. Fischer EA. Creating a national framework
for cybersecurity: an analysis of issues and
options. Technical report. Congressional
Research Service. 2005.
6. The Open Web Application Security Project
(OWASP). 2018. Available online: https://
www.swasc an.com/owasp/
7. The Open Web Application Security Project
OWASP Top 10—the ten most critical web
application security risks. The OWASP
Foundation. 2018.
8. Check Point Research Survey of IT Security
Professionals, sample size: 443 participants.
2018.
9. Check Point Mobile Threat Research
Publications. 2017. Available Online: https://
research.checkpoint.com/check-point-
mobile-research-team-looks-back-2017/
10. Cyber Attack Trends Analysis Key
Insights to Gear Up for in 2019. Available
Online: http://www.snt.hr/boxcontent/
CheckPointSecurityReport2019_vol01.pdf
11. Check Point C-Level Perspective Survey.
2017. sample size: 59 C-Level Executives.
Available Online: https://www.checkpoint.
com/downloads/product-related/report/2018-
security-report.pdf
12. Drucker H. Wu D. Vapnik VN. Support vector
machines for spam categorization. IEEE
Trans Neural Netw Publ IEEE Neural Netw
Counc 1999; 10(5):1048–54
56
SARAVANAN & BAMA, Orient. J. Comp. Sci. & Technol., Vol. 12(2) 50-56 (2019)
13. Cranor LF. Lamacchia BA. Spam!. Commun
ACM. 1998; 41(8):74–83
14. SANS Institute. Top 15 Malicious Spyware
Actions. 2018. Available Online: https://www.
sans.org/secur ity-resou rces/
15. Wang Z.J., Liu Y., Wang Z.J. E-mail filtration
and classification based on variable weights
of the Bayesian algorithm. Appl Mech Mater.
2014; 513–517:2111–2114.
16. Hsu W.C., Yu T.Y. E-mail spam filtering based
on support vector machines with Taguchi
method for parameter selection. J Converg
Inf Technol 2010. 5(8):78–88.
17. Caruana G., Li M., Qi M. A MapReduce based
parallel SVM for large scale spam filtering. In:
IEEE 2011 eighth international conference
on fuzzy systems and knowledge discovery
(FSKD), 2011; pp 2659–2662.
18. Wu C.H. Behavior-based spam detection using
a hybrid method of rule-based techniques and
neural networks. Expert Syst Appl. 2009:
36(3):4321–4330.
19. Hazza Z.M., Aziz N.A. A new efficient text
detection method for image spam filtering.
Int Rev Comput Softw. 2015; 10(1):1–8.
20. Dhaya R., Poongodi M. Detecting software
vulnerabilities in android using static analysis.
2015; pp 915–918.
21. Markel Z., Bilzor M. Building a machine
learning classifier for malware detection. In:
Second workshop on anti-malware testing
research (WATeR). IEEE. Canterbury. UK.
2015.
22. Shijo P.V., Salim A. Integrated static and
dynamic analysis for malware detection.
Procedia Comput Sci. 2015; 46:804–811.
23. Divya S., Padmavathi G. A novel method for
detection of internet worm malcodes using
principal component analysis and multiclass
support vector machine. Int J Secur Appl.
2014; 8(5):391–402
24. Akinyelu A.A., Adewumi A.O. Classification of
phishing email using random forest machine
learning technique. J Appl Math 2014; pp 1–6.
25. Santhana Lakshmi V., Vijaya M.S. Efficient
prediction of phishing websites using
supervised learning algorithms. Procedia
Eng. 2012; 30:798–805.
26. Check point 2018 security report. 2018.
Available Online: https://www.checkpoint.
com/downloads/product-related/report/2018-
security-report.pdf.
... Many people believe that their websites or applications are protected against these threats; however, a study conducted in 2015 concluded that over 98% of tested web applications were prone to cyberattacks (Department of MCA, 2019). Another study conducted in 2018 stated that there was a 47% increase in cyber attacks in quarter two of 2018 than there were in that same time period in 2017 [14]. Another popular method of attack that has been used in the last decade has been TSP SYN flood attacks. ...
... Checkpoint, the world's largest security solution company, based on the changes in cyber security incidents over the past decade by era, as shown in Figure 1, with the WannaCry attack that occurred in April 2017 as a boundary, is predicted as the process of transitioning from the time period to the fifth-generation security period [27]. The development of next-generation security technology can form the core of next-generation technology development to respond to mega-attacks against vulnerabilities in hyperconnected IT systems in real time. ...
Article
Full-text available
Recently, as core technologies leading the fourth industrial revolution, such as the Internet of Things (IoT), 5G, the cloud, and big data, have promoted smart convergence across national socio-economic infrastructures, cyber systems are expanding and becoming complex, and they are not effective in responding to cyber safety risks and threats using security technology solutions limited to a single system. Therefore, we developed cyber security technology that combines machine learning and AI technology to solve complex problems related to cyber safety. In this regard, this study aims to identify technology development trends to prevent the risks and threats of various cyber systems by monitoring major cyber security convergence fields and technologies through the symmetrical thesis and patent analysis. Because thesis information can explain the superiority of technology and patent information can explain the usefulness of a technology, they can be effectively used for analyzing and predicting technology development trends. Therefore, in this study, latent Dirichlet allocation is applied to extract text-document-based technical topics for the symmetrical thesis and patent information to identify security convergence fields and technologies for cyber safety. In addition, it elucidates cyber security convergence fields and technology trends by applying a dynamic topic model and long short-term memory, which are useful for analyzing technological changes and predicting trends. Based on these results, cyber security administrators, system operators, and developers can effectively identify and respond to trends in related technologies to reduce threats, and companies and experts developing cyber security solutions can present a new security approach.
Chapter
With the advancement of technology, there exists a wide variety of cybersecurity attacks like ID theft, cracking the captcha, data breaches. These attacks are affecting individuals as well as well-established organizations. To handle these attacks, a robust and intelligent system is required. Artificial intelligence (AI) is one of the most emerging areas used in cyber security to protect internet-connected systems from eavesdropping, attacks, unauthorized access, and threats. AI is a technique that enables machines to tackle every situation intelligently. AI has been used almost in every area, from health care to robotics. The concept of AI in cyber-security makes machines more intelligent and actionable compared to traditional approaches. In this article, we focus and deliberate concisely on the use of AI in cyber-security, its application, various challenges, and opportunities. Authors have also highlighted future perspectives of AI in cybersecurity. © 2022, The Author(s), under exclusive license to Springer Nature Switzerland AG.
Article
Full-text available
The Internet technologies transformed many business services into online services. Online trading facilitates as a financial platform form for buying and selling shares, bidding, product sale or purchase using computers. The vital online trading between B2B, B2C and C2C transaction data may be under siege due to spywares, malwares, Hijackers and intruders. Often trading secrets and portfolios are in risk with network attackers who tracks unauthorizedly the personalized data of business clients. The Cyber Security is one domain which significantly supports strategies and algorithms for securing sensitive data in cyber space. In this paper we discussed about Cyber Security issues and implementation over a key business portal deals with market trading. Various strategies to handle security risks highlighted along with an approach to secure online trading transactional data in E-Commerce. The 3-phased Cyber security pipeline approach proposed for high end security maintenance over online trading transactions.
Thesis
Machine learning has become a decisive technology for cybersecurity to protect the computer networks and systems against cybercriminals. Consequently, the aim of our conducted thesis is to enhance the applied security mechanism and to propose an intelligent system using machine learning techniques for cyber intrusion detection. Therefore, we applied the penetration testing technique, it permits the discovering of vulnerabilities for the most popular attacks. Hence, we provided security suggestions and solutions concerning these risk cyber-attacks. In addition, we applied the web mining techniques to identify several approaches in terms of the visitor behavior and the cyber security evaluation. Afterwards, we achieved the detection of the visitor activity, its behavior, the access resources control and the threats that may face the web server. Then, an intelligent host based intrusion detection system (HIDS) has been developed using the text mining techniques. Thus, we constructed a reliable textual dataset which includes 6000 records of malicious URLs. This kind of data derives us to propose the DOC2VEC model as a feature representation method in our HIDS. Additionally, we have applied several machine learning techniques. Hence, the multilayer perceptron found to be the most accurate model by 90.67% in detecting the SQLi, XSS and directory traversal attacks. Furthermore, we developed a new security intelligent system called SIS-ID adopted to detect the latest malicious URLs and expanded to the DDOS attacks. Moreover, our system that is based on several machine learning techniques was examined via two configured data bases which are the DB-MALCURL and DB-DDOS extracted from the Canadian institute for cybersecurity (CIC). Afterwards, we evolved the system performance using our proposed learning optimization methods. Eventually, the SIS-ID achieved the best accuracy (98.52%) based on the voting model that detects the malicious URLs attack. On the other hand, the stacking model recorded the top accuracy (77.04%) for detecting the DDOS attack. Ultimately, we validated our proposed SIS-ID using a hardware based-real-time simulation in the Lebanese university. Hence, the hardware was configured based on the local outlier factor model that achieved the efficiency of avoiding a performed denial of service attack (DOS) on real time stage.
Article
Full-text available
The rapid growth of the internet has encouraged mankind to extensively use mobile phones, computers, and laptops for our convenience. From our day-to-day schedule to our conversations and financial information, all reside in our electronic devices, and hence securing them would be of utmost importance for us. With all the data in our electronic devices and the internet being so vulnerable, cyber attackers are always trying to get access to our private and important data. This paper aims to bring into light the different methods and techniques employed by cyber attackers and criminals to commit cybercrimes and harass the victims. It discusses the various kinds of attacks that can lead an individual to fall prey to the attackers, why humans are a weak link in cyber-attacks, the various countermeasures available, and the role of AI, ML, and in preventing these attacks.
Chapter
Today's era, which is being ruled by Internet of Things (IoT) or the reformation; being the Internet of Everything, has combined various technological affirmations with it. But along with its deployment, it is also undergoing malicious threats to compromise on the security issues of the IoT devices with high priority over the cloud, hence proving to be the weakest link of today's computational intelligence infrastructure. Digital network security issue has become the desperate need of the hour to combat cyber attack. Although there have been various learning methods which have made break through, this chapter focuses on machine learning being used in cyber security to deal with spear phishing and corrosive malwares detection and classification. It also looks for the ways to exploit vulnerabilities in this domain which is invading the training data sets with power of artificial intelligence. Cloud being an inherent evolution, so as to deal with these issues, this chapter will be an approach to establish an interactive network, cognitively intervening the domains of cyber security services to the computational specifications of IoT.
Conference Paper
Full-text available
Financial technology (fintech) is emerging as an innovative way to achieve financial inclusion and the broader objective of inclusive growth. With the rise in fintechs, Cybercrimes are steadily emerging, and are unpredictable with increasing in frequency and in sophistication (International Monetary Fund, 2018). Cyber-threats have been identified as a major challenge because of the potential systemic risks and interaction with other risks. Despite these cyber-threats, start-up fintech firms are unable to implement expensive cyber security detection and prevention applications which might be overkill, both financially and functionally. This problem of cyber-attacks has led to monetary losses for financial institutions through denial of services or direct financial losses and has adversely impacted financial institutions through data privacy breaches and related reputational risks as recent high profile cyber-threats demonstrated (International Monetary Fund, 2018).A possible cause of this problem is limited domain knowledge about the types of threats and capability of analysing the possibility of threats and narrow knowledge on functional and least costly tools for detection and prevention of cyber-threats. . The paper objectives were: determine the types of cyber-threats prevalent to start-up fintech firms; establish the available open-source applications for detection and prevention of cyber-threats and finally to assess the future architecture for the management of cyber security. The study findings showed that there were a total of 149,403,307 cyber-threats to Kenyan businesses in a span of one year from July2019 to September 2020. The common cyber-threats to fintechs startups are Malware, distributed denial of service (DDoS) and Botnets, Web Application attacks and System Vulnerabilities threats. The study identified several open-source applications for detection and prevention these cyber-threats and recommends the following applications; Chkrootkit, ClamAV, NeoPI, CrowdSec, Suricata, SNORT, Grabber, SQLMap, Wapiti, Nessus, Sn1per and Nettacker. The study suggests further research on fifth generation architectures cloud computing, Internet of Things and Artificial Intelligence for detection and prevention of cyber-threats.
Article
Full-text available
Internet worms are malware programs that imitate themselves and spread around the network. Internet worm, a wide spreading malcode exploits vulnerability in the operating system, hard disk, software and web browsers. This paper analyzes and classifies the Internet worm, depending on the training signatures. This work presents the Internet worm detection mechanism, using Principal Component Analysis (PCA) and Support Vector Machine (SVM). A Selective sampling technique is applied to maximize the performance of the classifier and to reduce misleading data instances. The results obtained show improved memory utilization, detection time and detection accuracy for Internet worms.
Article
Full-text available
The number of malware is increasing rapidly regardless of the common use of anti-malware software. Detection of malware continues to be a challenge as attackers device new techniques to evade from the detection methods. Most of the anti-virus software uses signature based detection which is inefficient in the present scenario due to the rapid increase in the number and variants of malware. The signature is a unique identification for a binary file, which is created by analyzing the binary file using static analysis methods. Dynamic analysis uses the behavior and actions while in execution to identify whether the executable is a malware or not. Both methods have its own advantages and disadvantages. This paper proposes an integrated static and dynamic analysis method to analyses and classify an unknown executable file. The method uses machine learning in which known malware and benign programs are used as training data. The feature vector is selected by analyzing the binary code as well as dynamic behavior. The proposed method utilizes the benefits of both static and dynamic analysis thus the efficiency and the classification result are improved. Our experimental results shows an accuracy of 95.8% using static, 97.1% using dynamic and 98.7% using integrated method. Comparing with the standalone dynamic and static methods, our integrated method gives better accuracy.
Article
Full-text available
Phishing is one of the luring techniques used by phishing artist in the intention of exploiting the personal details of unsuspected users. Phishing website is a mock website that looks similar in appearance but different in destination. The unsuspected users post their data thinking that these websites come from trusted financial institutions. Several antiphishing techniques emerge continuously but phishers come with new technique by breaking all the antiphishing mechanisms. Hence there is a need for efficient mechanism for the prediction of phishing website. This paper employs Machine-learning technique for modelling the prediction task and supervised learning algorithms namely Multi layer perceptron, Decision tree induction and Naive bayes classification are used for exploring the results. It has been observed that the decision tree classifier predicts the phishing website more accurately when comparing to other learning algorithms. (C) 2011 Published by Elsevier Ltd. Selection and/or peer-review under responsibility of ICCTSD 2011
Article
Full-text available
Phishing is one of the major challenges faced by the world of e-commerce today. Thanks to phishing attacks, billions of dollars has been lost by many companies and individuals. In 2012, an online report puts the loss due to phishing attack at about $1.5 billon. This global impact of phishing attacks will continue to be on the increase and thus requires more efficient phishing detection techniques to curb the menace. This paper investigates and reports the use of random forest machine learning algorithm in classification of phishing attacks, with the major objective of developing an improved phishing email classifier with better prediction accuracy and fewer numbers of features. From a dataset consisting of 2000 phishing and ham emails, a set of prominent phishing email features (identified from literature) were extracted and used by the machine learning algorithm with a resulting classification accuracy of 99.7% and low false negative (FN) and false positive (FP) rates.
Conference Paper
The advent of digital media, Internet, web and online social media has drawn the attention of relevant research community significantly and created many new research challenges on cyber security. People, organisations and governments around the world are losing a huge amount of money because of having cyber-attacks. For this reason, cyber security has become one of the most difficult and significant problems across the world. Currently, cyber security researchers of both industries and academic institutes are analysing existing cyber-attacks happening across the world and are developing different types of techniques to protect the systems against potential cyber-threats and attacks. This paper discusses the recent cyber security-attacks and the economic loss resulted from the growing cyber-attacks. This paper also analyses the increasing exploitation of a computer system, which has created more opportunities for the current cyber-crimes. Protective mechanisms and relevant laws are being implemented to reduce cyber- crimes around the world. Contemporary and important mitigation approaches for cyber-crimes have also been articulated in this paper.
Chapter
The primary aim of the OWASP Top 10 is to educate developers, designers, architects and organizations about the consequences of the most important web application security weaknesses. The Top 10 provides basic methods to protect against these high risk problem areas –and provides guidance on where to go from here. The Top 10 project is referenced by many standards, books, tools, and organizations, including MITRE, PCI DSS, DISA, FTC, and many more. The OWASP Top 10 was initially released in 2003 and minor updates were made in 2004, 2007, and this 2010 release. We encourage you to use the Top 10 to get your organization started with application security.
Conference Paper
Now a day's mobile devices like Smartphone, tablets and Personal Digital Assistants etc. were playing most essential part in our daily lives. A high-end mobile device performs the same functionality as computers. Android based smart phone has become more vulnerable, because of an open source operating system. Anyone can develop a new application and post it into android market. These types of applications were not verified by authorized company. So it may include malevolent applications it may be virus, spyware, worms, etc. which can cause system failure, wasting memory resources, corrupting data, stealing personal information and also increases the maintenance cost. Due to these reasons, the mobile phone security or mobile security is very essential one in mobile computing. In the existing system is not able to detect new viruses, due to the limitation of updated signatures. The proposed system aims to motivate static code analysis based malware detection using search based machine learning algorithm which is called N-gram analysis and it detects the unnoticed malicious characteristics or vulnerabilities in the mobile applications.
Article
Current signature-based antivirus software is ineffective against many modern malicious software threats. Machine learning methods can be used to create more effective antimalware software, capable of detecting even zero-day attacks. Some studies have investigated the plausibility of applying machine learning to malware detection, primarily using features from n-grams of an executables file's byte code. We propose an approach that primarily learns from metadata, mostly contained in the headers of executable files, specifically the Windows Portable Executable 32-bit (PE32) file format. Our experiments indicate that executable file metadata is highly discriminative between malware and benign software. We also employ various machine learning methods, finding that Decision Tree classifiers outperform Logistic Regression and Naive Bayes in this setting. We analyze various features of the PE32 header and identify those most suitable for machine learning classifiers. Finally, we evaluate changes in classifier performance when the malware prevalence (fraction of malware versus benign software) is varied.
Article
Detection of text in images plays an important role in many situations such as video retrieval, annotation, indexing, and content analysis. In information security to filter image spam, one main feature can be used is text contents in image. Extracting text features from image spam needs efficient text detection. Obfuscating techniques used by spammers such as noisy background, wavy text and text with different colors pose challenges to the text detection process. In this paper, we present a text detection method that addresses these challenges. The contribution of this research consists of two parts: a) a new edge operator can specifically be used to detect text edges, and b) proposing of text detection method for image spam filtering that can detect obfuscated text. The proposed method Accumulated Text Extraction (ATE) works for detecting horizontal and vertical lines and intersecting them, then rules are used to determine the text area and reduce non text area. The approach focuses on using non-machine learning methods with simple calculations. ATE shows encouraging results which can be efficiently used in image spam filtering. Besides its robustness against obfuscating methods in image spam, ATE shows efficient performance when used for scene text detection.
Article
The co-occurrence word emphasize the word and word internal relations, so its use can improve shortage from the hypothetical of Bayesian algorithm. To build Token Dictionary, Information Gain algorithm is used to choose Tokens, and Synonyms Dictionary is used to acquire more Tokens. By large amounts of training, the matching scores of Token are counted, according to the matching rate the Tokens that is valuable are selected, and the Token Dictionary is established. The proposed method is used to E-mail classification experiment, the results show that the accuracy of spam filter has a well improvement.