Search for Articles:
Title / Keyword
Author / Affiliation / Email
Journal
Article Type
 
 
Advanced Search
 
Section
Special Issue
Volume
Issue
Number
Page
 
4.5
2.7
Journals
Applied Sciences
Special Issues
AI for Cybersecurity
share announcement

AI for Cybersecurity

A special issue of Applied Sciences (ISSN 2076-3417). This special issue belongs to the section "Computing and Artificial Intelligence".

Deadline for manuscript submissions: closed (31 October 2022) | Viewed by 42873

Special Issue Editor

Prof. Dr. Jongsub Moon

E-Mail Website
Guest Editor
System & Network Security Lab, Korea University, 145 Anam-ro, Anam-dong, Seongbuk-gu, Seoul, Korea
Interests: Artificial Intelligence; system security

Special Issue Information

Dear Colleagues,

Since the development of information systems during the last decade, cybersecurity has become a critical concern for many groups, organizations, and institutions. Moreover, recently, the concept of cyber warfare has emerged and been widely used due to cyberattacks at the national level. Traditionally, security experts have defined the rules to detect the threats from the signatures of the observed similar threats. However, the targets of cyberattacks are becoming more diverse, as in IoT devices. Additionally, new and sophisticated attacks such as zero-day attacks have become a recent category of severe threat. Due to the continued introduction of such diversified threats compared to the past, rule-based approaches have failed to respond to such uncertainty. Artificial intelligence, including deep learning, can be effective in discovering new threats that share their characteristics with the existing one.

With these motivations, this Special Issue provides communication on the latest artificial intelligence technologies to counter security threats that can be applied to components related to information systems, such as computing systems and networks. Research papers can cover the offensive/defensive applications associated with cybersecurity from academia to industry, such as an adversarial attack, steganography, malware detection, vulnerability discovery, authentication, and the learning theory for security application. Potential topics are listed below but are not limited thereto. 

Prof. Dr. Jongsub Moon
Guest Editor

Manuscript Submission Information

Manuscripts should be submitted online at www.mdpi.com by registering and logging in to this website. Once you are registered, click here to go to the submission form. Manuscripts can be submitted until the deadline. All submissions that pass pre-check are peer-reviewed. Accepted papers will be published continuously in the journal (as soon as accepted) and will be listed together on the special issue website. Research articles, review articles as well as short communications are invited. For planned papers, a title and short abstract (about 100 words) can be sent to the Editorial Office for announcement on this website.

Submitted manuscripts should not have been published previously, nor be under consideration for publication elsewhere (except conference proceedings papers). All manuscripts are thoroughly refereed through a single-blind peer-review process. A guide for authors and other relevant information for submission of manuscripts is available on the Instructions for Authors page. Applied Sciences is an international peer-reviewed open access semimonthly journal published by MDPI.

Please visit the Instructions for Authors page before submitting a manuscript. The Article Processing Charge (APC) for publication in this open access journal is 2400 CHF (Swiss Francs). Submitted papers should be well formatted and use good English. Authors may use MDPI's English editing service prior to publication or during author revisions.

Keywords

  • deep learning
  • cybersecurity
  • adversarial attack
  • vulnerability discovery
  • medical device security
  • medical information security
  • authentication
  • cloud security

Published Papers (10 papers)

Download All Papers
Order results
Result details
Show export options expand_more Show export options expand_less
Select all
Export citation of selected articles as:

Research

23 pages, 2536 KiB  
Article
VulEye: A Novel Graph Neural Network Vulnerability Detection Approach for PHP Application
by Chun Lin, Yijia Xu, Yong Fang and Zhonglin Liu
Appl. Sci. 2023, 13(2), 825; https://0-doi-org.brum.beds.ac.uk/10.3390/app13020825 - 06 Jan 2023
Cited by 5 | Viewed by 3012
Abstract
Following advances in machine learning and deep learning processing, cyber security experts are committed to creating deep intelligent approaches for automatically detecting software vulnerabilities. Nowadays, many practices are for C and C++ programs, and methods rarely target PHP application. Moreover, many of these [...] Read more.
Following advances in machine learning and deep learning processing, cyber security experts are committed to creating deep intelligent approaches for automatically detecting software vulnerabilities. Nowadays, many practices are for C and C++ programs, and methods rarely target PHP application. Moreover, many of these methods use LSTM (Long Short-Term Memory) but not GNN (Graph Neural Networks) to learn the token dependencies within the source code through different transformations. That may lose a lot of semantic information in terms of code representation. This article presents a novel Graph Neural Network vulnerability detection approach, VulEye, for PHP applications. VulEye can assist security researchers in finding vulnerabilities in PHP projects quickly. VulEye first constructs the PDG (Program Dependence Graph) of the PHP source code, slices PDG with sensitive functions contained in the source code into sub-graphs called SDG (Sub-Dependence Graph), and then makes SDG the model input to train with a Graph Neural Network model which contains three stack units with a GCN layer, Top-k pooling layer, and attention layer, and finally uses MLP (Multi-Layer Perceptron) and softmax as a classifier to predict if the SDG is vulnerable. We evaluated VulEye on the PHP vulnerability test suite in Software Assurance Reference Dataset. The experiment reports show that the best macro-average F1 score of the VulEye reached 99% in the binary classification task and 95% in the multi-classes classification task. VulEye achieved the best result compared with the existing open-source vulnerability detection implements and other state-of-art deep learning models. Moreover, VulEye can also locate the precise area of the flaw, since our SDG contains code slices closely related to vulnerabilities with a key triggering sensitive/sink function. Full article
(This article belongs to the Special Issue AI for Cybersecurity)
Show Figures

Figure 1

15 pages, 2625 KiB  
Article
A Heterogeneous Machine Learning Ensemble Framework for Malicious Webpage Detection
by Sam-Shin Shin, Seung-Goo Ji and Sung-Sam Hong
Appl. Sci. 2022, 12(23), 12070; https://0-doi-org.brum.beds.ac.uk/10.3390/app122312070 - 25 Nov 2022
Cited by 1 | Viewed by 1431
Abstract
The growing dependence on digital systems has heightened the risks posed by cybersecurity threats. This paper proposes a new method for detecting malicious webpages among several adversary activities. As shown in previous studies, malicious URL detection performance is significantly affected by the learning [...] Read more.
The growing dependence on digital systems has heightened the risks posed by cybersecurity threats. This paper proposes a new method for detecting malicious webpages among several adversary activities. As shown in previous studies, malicious URL detection performance is significantly affected by the learning dataset features. The overall performance of different machine learning models varies depending on the data features, and using a particular model alone is not always desirable in any given environment. To address these limitations, we propose an ensemble approach using different machine learning models. Our proposed method outperforms the existing single model by 6%, allowing for the detection of an additional 141 malicious URLs. In this study, repetitive tasks are automated, improving the performance of different machine learning models. In addition, the proposed framework builds an advanced feature set based on URL and web content and includes the most optimized detection model structure. The proposed technology can contribute to define an advanced feature set based on URL and web content and includes the most optimized detection model structure and research on automated technology for the detection of malicious websites, such as phishing websites and malicious code distribution. Full article
(This article belongs to the Special Issue AI for Cybersecurity)
Show Figures

Figure 1

15 pages, 2627 KiB  
Article
A Novel Deep Learning Approach for Deepfake Image Detection
by Ali Raza, Kashif Munir and Mubarak Almutairi
Appl. Sci. 2022, 12(19), 9820; https://0-doi-org.brum.beds.ac.uk/10.3390/app12199820 - 29 Sep 2022
Cited by 30 | Viewed by 13572
Abstract
Deepfake is utilized in synthetic media to generate fake visual and audio content based on a person’s existing media. The deepfake replaces a person’s face and voice with fake media to make it realistic-looking. Fake media content generation is unethical and a threat [...] Read more.
Deepfake is utilized in synthetic media to generate fake visual and audio content based on a person’s existing media. The deepfake replaces a person’s face and voice with fake media to make it realistic-looking. Fake media content generation is unethical and a threat to the community. Nowadays, deepfakes are highly misused in cybercrimes for identity theft, cyber extortion, fake news, financial fraud, celebrity fake obscenity videos for blackmailing, and many more. According to a recent Sensity report, over 96% of the deepfakes are of obscene content, with most victims being from the United Kingdom, United States, Canada, India, and South Korea. In 2019, cybercriminals generated fake audio content of a chief executive officer to call his organization and ask them to transfer $243,000 to their bank account. Deepfake crimes are rising daily. Deepfake media detection is a big challenge and has high demand in digital forensics. An advanced research approach must be built to protect the victims from blackmailing by detecting deepfake content. The primary aim of our research study is to detect deepfake media using an efficient framework. A novel deepfake predictor (DFP) approach based on a hybrid of VGG16 and convolutional neural network architecture is proposed in this study. The deepfake dataset based on real and fake faces is utilized for building neural network techniques. The Xception, NAS-Net, Mobile Net, and VGG16 are the transfer learning techniques employed in comparison. The proposed DFP approach achieved 95% precision and 94% accuracy for deepfake detection. Our novel proposed DFP approach outperformed transfer learning techniques and other state-of-the-art studies. Our novel research approach helps cybersecurity professionals overcome deepfake-related cybercrimes by accurately detecting the deepfake content and saving the deepfake victims from blackmailing. Full article
(This article belongs to the Special Issue AI for Cybersecurity)
Show Figures

Figure 1

21 pages, 11835 KiB  
Article
Malware Variants Detection Model Based on MFF–HDBA
by Shuo Wang, Jian Wang, Yafei Song, Sicong Li and Wei Huang
Appl. Sci. 2022, 12(19), 9593; https://0-doi-org.brum.beds.ac.uk/10.3390/app12199593 - 24 Sep 2022
Cited by 3 | Viewed by 1313
Abstract
A massive proliferation of malware variants has posed serious and evolving threats to cybersecurity. Developing intelligent methods to cope with the situation is highly necessary due to the inefficiency of traditional methods. In this paper, a highly efficient, intelligent vision-based malware variants detection [...] Read more.
A massive proliferation of malware variants has posed serious and evolving threats to cybersecurity. Developing intelligent methods to cope with the situation is highly necessary due to the inefficiency of traditional methods. In this paper, a highly efficient, intelligent vision-based malware variants detection method was proposed. Firstly, a bilinear interpolation algorithm was utilized for malware image normalization, and data augmentation was used to resolve the issue of imbalanced malware data sets. Moreover, the paper improved the convolutional neural network (CNN) model by combining multi-scale feature fusion (MFF) and channel attention mechanism for more discriminative and robust feature extraction. Finally, we proposed a hyperparameter optimization algorithm based on the bat algorithm, referred to as HDBA, in order to overcome the disadvantage of the traditional hyperparameter optimization method based on manual adjustment. Experimental results indicated that our model can effectively and efficiently identify malware variants from real and daily networks, with better performance than state-of-the-art solutions. Full article
(This article belongs to the Special Issue AI for Cybersecurity)
Show Figures

Figure 1

26 pages, 9568 KiB  
Article
Analysis of ToN-IoT, UNW-NB15, and Edge-IIoT Datasets Using DL in Cybersecurity for IoT
by Imad Tareq, Bassant M. Elbagoury, Salsabil El-Regaily and El-Sayed M. El-Horbaty
Appl. Sci. 2022, 12(19), 9572; https://0-doi-org.brum.beds.ac.uk/10.3390/app12199572 - 23 Sep 2022
Cited by 22 | Viewed by 5796
Abstract
The IoT’s quick development has brought up several security problems and issues that cannot be solved using traditional intelligent systems. Deep learning (DL) in the field of artificial intelligence (AI) has proven to be efficient, with many advantages that can be used to [...] Read more.
The IoT’s quick development has brought up several security problems and issues that cannot be solved using traditional intelligent systems. Deep learning (DL) in the field of artificial intelligence (AI) has proven to be efficient, with many advantages that can be used to address IoT cybersecurity concerns. This study trained two models of intelligent networks—namely, DenseNet and Inception Time—to detect cyber-attacks based on a multi-class classification method. We began our investigation by measuring the performance of these two networks using three datasets: the ToN-IoT dataset, which consists of heterogeneous data; the Edge-IIoT dataset; and the UNSW2015 dataset. Then, the results were compared by identifying several cyber-attacks. Extensive experiments were conducted on standard ToN-IoT datasets using the DenseNet multicategory classification model. The best result we obtained was an accuracy of 99.9% for Windows 10 with DenseNet, but by using the Inception Time approach we obtained the highest result for Windows 10 with the network, with 100% accuracy. As for using the Edge-IIoT dataset with the Inception Time approach, the best result was an accuracy of 94.94%. The attacks were also assessed in the UNSW-NB15 database using the Inception Time approach, which had an accuracy rate of 98.4%. Using window sequences for the sliding window approach and a six-window size to start training the Inception Time model yielded a slight improvement, with an accuracy rate of 98.6% in the multicategory classification. Full article
(This article belongs to the Special Issue AI for Cybersecurity)
Show Figures

Figure 1

28 pages, 6671 KiB  
Article
Construction of Power Fault Knowledge Graph Based on Deep Learning
by Peishun Liu, Bing Tian, Xiaobao Liu, Shijing Gu, Li Yan, Leon Bullock, Chao Ma, Yin Liu and Wenbin Zhang
Appl. Sci. 2022, 12(14), 6993; https://0-doi-org.brum.beds.ac.uk/10.3390/app12146993 - 11 Jul 2022
Cited by 7 | Viewed by 1854
Abstract
A knowledge graph can structure heterogeneous knowledge in the field of power faults, construct the correlation between different pieces of knowledge, and solve the diversification, complexity, and island of fault data. There are many kinds of entities in power fault defect text, the [...] Read more.
A knowledge graph can structure heterogeneous knowledge in the field of power faults, construct the correlation between different pieces of knowledge, and solve the diversification, complexity, and island of fault data. There are many kinds of entities in power fault defect text, the relationship between entities is complex, and the data are often mixed with noise. It is necessary to research how to effectively mine the target data and separate the salient knowledge from the noise. Moreover, the traditional entity and relationship extraction methods used in the construction of a power fault knowledge graph cannot fully understand the text semantics, and the response accuracy is low. The Log system usually contains all kinds of information related to faults and a log analysis helps us collect fault information and perform association analysis. Therefore, a Bidirectional Sliced GRU with Gated Attention mechanism (BiSGRU-GA) model is proposed to detect the anomalous logs in the power system, this enriches the fault knowledge base and provides a good data resource for the construction of the knowledge graph. A new Bidirectional GRU with Gated Attention mechanism and Conditional Random Fields and a BERT input layer (BBiGRU-GA-CRF) model is proposed by introducing a BERT layer and Attention Mechanism into the Bidirectional GRU (BiGRU) model to more fully understand the context information of fault sentences and improve the accuracy of entity recognition of fault sentences. Aiming to solve the problems of large calculation cost and propagation error which occur in the traditional relationship extraction model, an improved Bidirectional Gated Recurrent Unit neural network with fewer parameters and the Gated Attention Mechanism (BiGRU-GA) model is proposed. This new model introduces an improved Gated Attention Mechanism to achieve better effects in relationship extraction. Compared with Bidirectional Long Short-Term Memory with Attention Mechanism (BiLSTM-Attention), the accuracy, recall, and F-measure of the model were improved by 1.79%, 13.83%, and 0.30% respectively, and the time cost is reduced by about 16%. The experimental results show that the BiGRU-GA model can capture local features, reduce the training time cost, and improve the model recognition effect. Full article
(This article belongs to the Special Issue AI for Cybersecurity)
Show Figures

Figure 1

12 pages, 458 KiB  
Article
DriNet: Dynamic Backdoor Attack against Automatic Speech Recognization Models
by Jianbin Ye, Xiaoyuan Liu, Zheng You, Guowei Li and Bo Liu
Appl. Sci. 2022, 12(12), 5786; https://0-doi-org.brum.beds.ac.uk/10.3390/app12125786 - 07 Jun 2022
Cited by 9 | Viewed by 2145
Abstract
Automatic speech recognition (ASR) is popular in our daily lives (e.g., via voice assistants or voice input). Once its security attributes are destroyed, it poses as a severe threat to a user’s life and ‘property safety’. Prior research has demonstrated that ASR systems [...] Read more.
Automatic speech recognition (ASR) is popular in our daily lives (e.g., via voice assistants or voice input). Once its security attributes are destroyed, it poses as a severe threat to a user’s life and ‘property safety’. Prior research has demonstrated that ASR systems are vulnerable to backdoor attacks. A model embedded with a backdoor behaves normally on clean samples yet misclassifies malicious samples that contain triggers. Existing backdoor attacks have mostly been conducted in the image domain. However, they can not be applied in the audio domain because of poor transferability. This paper proposes a dynamic backdoor attack method against ASR models, named DriNet. Significantly, we designed a dynamic trigger generation network to craft a variety of audio triggers. It is trained jointly with the discriminative model incorporated with an attack success rate on poisoned samples and accuracy on clean samples. We demonstrate that DriNet achieves an attack success rate of 86.4% when infecting only 0.5% of the training set without reducing its accuracy. DriNet can still achieve comparable attack performance to backdoor attacks using static triggers, further enjoying richer attack patterns. We further evaluated DriNet’s resistance to a current state-of-the-art defense mechanism. The anomaly index of DriNet is more than 37.4% smaller than that of BadNets method. The triggers generated by DriNet are hard reverse, keeping DriNet from the detectors. Full article
(This article belongs to the Special Issue AI for Cybersecurity)
Show Figures

Figure 1

27 pages, 3429 KiB  
Article
Network Intrusion Detection Model Based on CNN and GRU
by Bo Cao, Chenghai Li, Yafei Song, Yueyi Qin and Chen Chen
Appl. Sci. 2022, 12(9), 4184; https://0-doi-org.brum.beds.ac.uk/10.3390/app12094184 - 21 Apr 2022
Cited by 48 | Viewed by 4605
Abstract
A network intrusion detection model that fuses a convolutional neural network and a gated recurrent unit is proposed to address the problems associated with the low accuracy of existing intrusion detection models for the multiple classification of intrusions and low accuracy of class [...] Read more.
A network intrusion detection model that fuses a convolutional neural network and a gated recurrent unit is proposed to address the problems associated with the low accuracy of existing intrusion detection models for the multiple classification of intrusions and low accuracy of class imbalance data detection. In this model, a hybrid sampling algorithm combining Adaptive Synthetic Sampling (ADASYN) and Repeated Edited nearest neighbors (RENN) is used for sample processing to solve the problem of positive and negative sample imbalance in the original dataset. The feature selection is carried out by combining Random Forest algorithm and Pearson correlation analysis to solve the problem of feature redundancy. Then, the spatial features are extracted by using a convolutional neural network, and further extracted by fusing Averagepooling and Maxpooling, using attention mechanism to assign different weights to the features, thus reducing the overhead and improving the model performance. At the same time, a Gated Recurrent Unit (GRU) is used to extract the long-distance dependent information features to achieve comprehensive and effective feature learning. Finally, a softmax function is used for classification. The proposed intrusion detection model is evaluated based on the UNSW_NB15, NSL-KDD, and CIC-IDS2017 datasets, and the experimental results show that the classification accuracy reaches 86.25%, 99.69%, 99.65%, which are 1.95%, 0.47% and 0.12% higher than that of the same type of CNN-GRU, and can solve the problems of low classification accuracy and class imbalance well. Full article
(This article belongs to the Special Issue AI for Cybersecurity)
Show Figures

Figure 1

14 pages, 3383 KiB  
Article
Generative Adversarial Network for Global Image-Based Local Image to Improve Malware Classification Using Convolutional Neural Network
by Sejun Jang, Shuyu Li and Yunsick Sung
Appl. Sci. 2020, 10(21), 7585; https://0-doi-org.brum.beds.ac.uk/10.3390/app10217585 - 28 Oct 2020
Cited by 5 | Viewed by 2749
Abstract
Malware detection and classification methods are being actively developed to protect personal information from hackers. Global images of malware (in a program that includes personal information) can be utilized to detect or classify it. This method is efficient, given that small changes in [...] Read more.
Malware detection and classification methods are being actively developed to protect personal information from hackers. Global images of malware (in a program that includes personal information) can be utilized to detect or classify it. This method is efficient, given that small changes in the program can be detected while maintaining the overall structure of the program. However, if any obfuscation approach that encrypts malware code is implemented, it becomes difficult to extract features such as opcodes and application programming interface functions. Given that malware detection and classification are performed differently depending on whether malware is obfuscated or not, methods that can simultaneously detect and classify general and obfuscated malware are required. This paper proposes a method that uses a generative adversarial network (GAN) and global image-based local image to classify unobfuscated and obfuscated malware. Global and local images of unobfuscated malware are generated using pixel and local feature visualizers. The GAN is utilized to visualize local features and generate local images of obfuscated malware by learning global and local images of unobfuscated malware. The local image of unobfuscated malware is merged with the global image generated via the pixel visualizer. To merge the global and local images of unobfuscated and obfuscated malware, the pixels extracted from global and local images are stored in a two-dimensional array, and then merged images are generated. Finally, unobfuscated and obfuscated malware are classified using a convolutional neural network (CNN). The results of experiments conducted on the Microsoft Malware Classification Challenge (BIG 2015) dataset indicate that the proposed method has a malware classification accuracy of 99.65%, which is 2.18% higher than that of the malware classification approach based on only global images and local features. Full article
(This article belongs to the Special Issue AI for Cybersecurity)
Show Figures

Figure 1

19 pages, 2365 KiB  
Article
Generating Optimized Guessing Candidates toward Better Password Cracking from Multi-Dictionaries Using Relativistic GAN
by Sungyup Nam, Seungho Jeon and Jongsub Moon
Appl. Sci. 2020, 10(20), 7306; https://0-doi-org.brum.beds.ac.uk/10.3390/app10207306 - 19 Oct 2020
Cited by 9 | Viewed by 4278
Abstract
Despite their well-known weaknesses, passwords are still the de-facto authentication method for most online systems. Due to its importance, password cracking has been vibrantly researched both for offensive and defensive purposes. Hashcat and John the Ripper are the most popular cracking tools, allowing [...] Read more.
Despite their well-known weaknesses, passwords are still the de-facto authentication method for most online systems. Due to its importance, password cracking has been vibrantly researched both for offensive and defensive purposes. Hashcat and John the Ripper are the most popular cracking tools, allowing users to crack millions of passwords in a short time. However, their rule-based cracking has an explicit limitation of depending on password-cracking experts to come up with creative rules. To overcome this limitation, a recent trend has been to apply machine learning techniques to research on password cracking. For instance, state-of-the-art password guessing studies such as PassGAN and rPassGAN adopted a Generative Adversarial Network (GAN) and used it to generate high-quality password guesses without knowledge of password structures. However, compared with the probabilistic context-free grammar (PCFG), rPassGAN shows inferior password cracking performance in some cases. It was also observed that each password cracker has its own cracking space that does not overlap with other models. This observation led us to realize that an optimized candidate dictionary can be made by combining the password candidates generated by multiple password generation models. In this paper, we suggest a deep learning-based approach called REDPACK that addresses the weakness of the cutting-edge cracking tools based on GAN. To this end, REDPACK combines multiple password candidate generator models in an effective way. Our approach uses the discriminator of rPassGAN as the password selector. Then, by collecting passwords selectively, our model achieves a more realistic password candidate dictionary. Also, REDPACK improves password cracking performance by incorporating both the generator and the discriminator of GAN. We evaluated our system on various datasets with password candidates composed of symbols, digits, upper and lowercase letters. The results clearly show that our approach outperforms all existing approaches, including rule-based Hashcat, GAN-based PassGAN, and probability-based PCFG. The proposed model was also able to reduce the number of password candidates by up to 65%, with only 20% cracking performance loss compared to the union set of passwords cracked by multiple-generation models. Full article
(This article belongs to the Special Issue AI for Cybersecurity)
Show Figures

Figure 1

Show export options expand_more Show export options expand_less
Select all
Export citation of selected articles as:
 
Displaying articles 1-10
Back to TopTop