submit Opinions CrossRef Open Access Subscribe New Journal Ideal

Click on image to enlarge

Indexed in Scopus

Journal of Cyber Security and Mobility

Editors-in-Chief:
Ashutosh Dutta, Johns Hopkins University, USA
Ruby Lee, Princeton University, USA
Neeli R. Prasad, International Technological University, San Jose, USA
Wojciech Mazurczyk, Warsaw University of Technology, Poland

Associate Editor:
Debdeep Mukhopadhyay, Indian Institute of Technology Kharagpur, India


ISSN: 2245-1439 (Print Version),

ISSN: 2245-4578 (Online Version)
Vol: 8   Issue: 2

Published In:   April 2019

Publication Frequency: Quarterly


Search Available Volume and Issue for Journal of Cyber Security and Mobility


Journal Description        Read Full Articles        Editorial Board        Subscription        Indexed       Opinions

Trustworthy Vehicular Communication Employing Multidimensional Diversification for Moving-target Defense

doi: https://doi.org/10.13052/jcsm2245-1439.821
Esraa M. Ghourab1, Effat Samir1, Mohamed Azab2,3, and Mohamed Eltoweissy3

1Electrical Engineering Department, Alexandria University, Alexandria 21544, Egypt
2Computer and Information Sciences Department, Virginia Military Institute, Lexington, VA, USA
3Informatics Research Institute, City of Scientific Research and Technological Applications, Alexandria, Egypt

Abstract: [+]    |    Download File [ 861KB ]    |   Read Article Online

Abstract: Enabling trustworthy Vehicle to Vehicle (V2V) communication given the wireless medium and the highly dynamic nature of the vehicular environment is a hard challenge. Eavesdropping and signal jamming in such highly dynamic environment is a real problem. This paper proposes a nature inspired multidimensional Moving-Target Defense (MTD) that employs real time spatiotemporal diversity to obfuscate wireless signals against attacker reach. In space: the mechanism manipulates the wireless transmission pattern and configuration to confuse eavesdroppers. In Time: we manipulate the transmission payload, by intentionally injecting some fake data into the real transmission. Further, the mechanism changes the data transmission granularity over time from fine to coarse grained data chunks. As a case study, we assumed the direct transmission model across dynamic multi-paths relayed communication via vehicles traveling on a multi-lane road. The system is evaluated based on a complete analysis of the system model and comprehensive simulated scenarios. Results showed the effectiveness of the presented approach with an increased confusion factor, a massive reduction in the intercept probability and clear increase in the channel secrecy.

Keywords: Security, Diversity, Moving target defense, Vehicle to Vehicle (V2V) communication.

Big Data Security Analysis with TARZAN Platform

doi: https://doi.org/10.13052/jcsm2245-1439.822
Marek Rychlý* and Ondřej Ryšavý

Brno University of Technology, Faculty of Information Technology, Department of Information Systems, IT4Innovations Centre of Excellence, Brno, Czech Republic

Abstract: [+]    |    Download File [ 585KB ]    |   Read Article Online

Abstract: The TARZAN platform is an integrated platform for analysis of digital data from security incidents. The platform serves primarily as a middleware between data sources and data processing applications, however, it also provides several supporting services and a runtime environment for the applications. The supporting services, such as a data storage, a resource and application registry, a synchronization service, and a distributed computing platform, are utilized by the TARZAN applications for various securityoriented analyses on the integrated data ranging from an IT security incident detection to inference analyses of data from social networks or crypto-currency transactions. To cope with a large amount of distributed data, both streamed in real-time and stored, and for the need of a large scale distributed computing, the platform has been designed as a big data processing system ensuring reliable, scalable, and cost-effective solution. The platform is demonstrated on the case of a security analysis of network traffic.

Keywords: Security, Big data, Framework.

ScaleNet: Scalable and Hybrid Framework for Cyber Threat Situational Awareness Based on DNS, URL, and Email Data Analysis

doi: https://doi.org/10.13052/jcsm2245-1439.823
R. Vinayakumar, K. P. Soman, Prabaharan Poornachandran, Vysakh S. Mohan and Amara Dinesh Kumar

Center for Computational Engineering and Networking (CEN), Amrita School of Engineering, Coimbatore, Amrita Vishwa Vidyapeetham, India

Abstract: [+]    |    Download File [ 863KB ]    |   Read Article Online

Abstract: A computer virus or malware is a computer program, but with the purpose of causing harm to the system. This year has witnessed the rise of malware and the loss caused by them is high. Cyber criminals have continually advancing their methods of attack. The existing methodologies to detect the existence of such malicious programs and to prevent them from executing are static, dynamic and hybrid analysis. These approaches are adopted by anti-malware products. The conventional methods of were only efficient till a certain extent. They are incompetent in labeling the malware because of the time taken to reverse engineer the malware to generate a signature. When the signature becomes available, there is a high chance that a significant amount of damage might have occurred. However, there is a chance of detecting the malicious activities quickly by analyzing the events of DNS logs, Emails, and URLs. As these unstructured raw data contains rich source of information, we explore how the large volume of data can be leveraged to create cyber intelligent situational awareness to mitigate advanced cyber threats. Deep learning is a machine learning technique largely used by researchers in recent days. It avoids feature engineering which served as a critical step for conventional machine learning algorithms. It can be used along with the existing automation methods such as rule and heuristics based and machine learning techniques. This work takes the advantage of deep learning architectures to classify and correlate malicious activities that are perceived from the various sources such as DNS, Email, and URLs. Unlike conventional machine learning approaches, deep learning architectures don’t follow any feature engineering and feature representation methods. They can extract optimal features by themselves. Still, additional domain level features can be defined for deep learning methods in NLP tasks to enhance the performance. The cyber security events considered in this study are surrounded by texts. To convert text to real valued vectors, various natural language processing and text mining methods are incorporated. To our knowledge, this is the first attempt, a framework that can analyze and correlate the events of DNS, Email, andURLsat scale to provide situational awareness against malicious activities. The developed framework is highly scalable and capable of detecting the malicious activities in near real time. Moreover, the framework can be easily extended to handle large volume of other cyber security events by adding additional resources. These characteristics have made the proposed framework stand out from any other system of similar kind.

Keywords: cyber security, natural language processing, text mining, machine learning, neural networks, deep learning, big data, cognitive security, distributed and semantic word representation, domain generation algorithms, uniform resource locator, spam, ransomware.

Czech Cyber Security System from a view of System Dynamics

doi: https://doi.org/10.13052/jcsm2245-1439.824
Ondrej Dolezal and Hana Tomaskova

Faculty of Informatics and Management, University of Hradec Kralove, Rokitanskeho 62, Hradec Kralove, Czech Republic

Abstract: [+]    |    Download File [ 3823KB ]    |   Read Article Online

Abstract: With the rapid development of information and communication technologies and the increasing dependence of modern civilization on them, the number and significance of threats to the functioning of the whole of society (not only smart society) are constantly increasing. Prevention, security, and protection against cyber threats pose a challenge that will have to be faced in the future. This article presents systems thinking and system dynamics approaches to solving complex problems and shows their potential use in cybersecurity, with a particular focus on the current state of cybersecurity in the Czech Republic.

Keywords: Cybersecurity, System dynamics, system thinking, Czech Republic.

River Publishers: Journal of Cyber Security and Mobility