Mohammed Amin Almaiah^1,*, Leen Mohammad Saqr¹, Leen Ahmad Al-Rawwash¹, Layan Ahmed Altellawi¹, Romel Al-Ali^2,*, Omar Almomani³

CMC-Computers, Materials & Continua, Vol.81, No.2, pp. 3189-3220, 2024, DOI:10.32604/cmc.2024.057673 - 18 November 2024

Abstract Database systems have consistently been prime targets for cyber-attacks and threats due to the critical nature of the data they store. Despite the increasing reliance on database management systems, this field continues to face numerous cyber-attacks. Database management systems serve as the foundation of any information system or application. Any cyber-attack can result in significant damage to the database system and loss of sensitive data. Consequently, cyber risk classifications and assessments play a crucial role in risk management and establish an essential framework for identifying and responding to cyber threats. Risk assessment aids in understanding… More >

GyuHyun Jeon¹, Hojun Jin¹, Ju Hyeon Lee¹, Seungho Jeon², Jung Taek Seo^2,*

CMES-Computer Modeling in Engineering & Sciences, Vol.141, No.2, pp. 1575-1622, 2024, DOI:10.32604/cmes.2024.053465 - 27 September 2024

Abstract The Internet of Wearable Things (IoWT) or Wearable Internet of Things (WIoT) is a new paradigm that combines IoT and wearable technology. Advances in IoT technology have enabled the miniaturization of sensors embedded in wearable devices and the ability to communicate data and access real-time information over low-power mobile networks. IoWT devices are highly interdependent with mobile devices. However, due to their limited processing power and bandwidth, IoWT devices are vulnerable to cyberattacks due to their low level of security. Threat modeling and frameworks for analyzing cyber threats against existing IoT or low-power protocols have… More >

Yifan Liu¹, Shancang Li^1,*, Xinheng Wang², Li Xu³

CMES-Computer Modeling in Engineering & Sciences, Vol.140, No.2, pp. 1233-1261, 2024, DOI:10.32604/cmes.2024.046473 - 20 May 2024

Abstract The Industrial Internet of Things (IIoT) has brought numerous benefits, such as improved efficiency, smart analytics, and increased automation. However, it also exposes connected devices, users, applications, and data generated to cyber security threats that need to be addressed. This work investigates hybrid cyber threats (HCTs), which are now working on an entirely new level with the increasingly adopted IIoT. This work focuses on emerging methods to model, detect, and defend against hybrid cyber attacks using machine learning (ML) techniques. Specifically, a novel ML-based HCT modelling and analysis framework was proposed, in which regularisation and Random Forest were More >

Adnan Hussein¹, Abdulwahab Ali Almazroi^2,*

CMC-Computers, Materials & Continua, Vol.77, No.3, pp. 3853-3866, 2023, DOI:10.32604/cmc.2023.040856 - 26 December 2023

Abstract The advances in technology increase the number of internet systems usage. As a result, cybersecurity issues have become more common. Cyber threats are one of the main problems in the area of cybersecurity. However, detecting cybersecurity threats is not a trivial task and thus is the center of focus for many researchers due to its importance. This study aims to analyze Twitter data to detect cyber threats using a multiclass classification approach. The data is passed through different tasks to prepare it for the analysis. Term Frequency and Inverse Document Frequency (TFIDF) features are extracted… More >

Zhen Zhen¹, Jian Gao^1,2,*

CMC-Computers, Materials & Continua, Vol.77, No.1, pp. 299-323, 2023, DOI:10.32604/cmc.2023.042090 - 31 October 2023

Abstract In recent years, cyber attacks have been intensifying and causing great harm to individuals, companies, and countries. The mining of cyber threat intelligence (CTI) can facilitate intelligence integration and serve well in combating cyber attacks. Named Entity Recognition (NER), as a crucial component of text mining, can structure complex CTI text and aid cybersecurity professionals in effectively countering threats. However, current CTI NER research has mainly focused on studying English CTI. In the limited studies conducted on Chinese text, existing models have shown poor performance. To fully utilize the power of Chinese pre-trained language models… More >

Ju Hyeon Lee¹, Jiho Shin², Jung Taek Seo^3,*

CMC-Computers, Materials & Continua, Vol.77, No.1, pp. 757-779, 2023, DOI:10.32604/cmc.2023.039461 - 31 October 2023

Abstract As energy-related problems continue to emerge, the need for stable energy supplies and issues regarding both environmental and safety require urgent consideration. Renewable energy is becoming increasingly important, with solar power accounting for the most significant proportion of renewables. As the scale and importance of solar energy have increased, cyber threats against solar power plants have also increased. So, we need an anomaly detection system that effectively detects cyber threats to solar power plants. However, as mentioned earlier, the existing solar power plant anomaly detection system monitors only operating information such as power generation, making… More >

Binhui Tang^1,3, Junfeng Wang^2,*, Huanran Qiu³, Jian Yu², Zhongkun Yu², Shijia Liu^2,4

CMC-Computers, Materials & Continua, Vol.74, No.1, pp. 235-252, 2023, DOI:10.32604/cmc.2023.029135 - 22 September 2022

Abstract The continuous improvement of the cyber threat intelligence sharing mechanism provides new ideas to deal with Advanced Persistent Threats (APT). Extracting attack behaviors, i.e., Tactics, Techniques, Procedures (TTP) from Cyber Threat Intelligence (CTI) can facilitate APT actors’ profiling for an immediate response. However, it is difficult for traditional manual methods to analyze attack behaviors from cyber threat intelligence due to its heterogeneous nature. Based on the Adversarial Tactics, Techniques and Common Knowledge (ATT&CK) of threat behavior description, this paper proposes a threat behavioral knowledge extraction framework that integrates Heterogeneous Text Network (HTN) and Graph Convolutional… More >

Mohammed Alshehri^*

CMC-Computers, Materials & Continua, Vol.67, No.1, pp. 917-931, 2021, DOI:10.32604/cmc.2021.014848 - 12 January 2021

Abstract Cyber Threat Intelligence (CTI) has gained massive attention to collect hidden knowledge for a better understanding of the various cyber-attacks and eventually paving the way for predicting the future of such attacks. The information exchange and collaborative sharing through different platforms have a significant contribution towards a global solution. While CTI and the information exchange can help a lot in focusing and prioritizing on the use of the large volume of complex information among different organizations, there exists a great challenge ineffective processing of large count of different Indicators of Threat (IoT) which appear regularly,… More >

Shailendra Mishra, Sunil Kumar Sharma^*, Majed A. Alowaidi

CMC-Computers, Materials & Continua, Vol.66, No.1, pp. 71-85, 2021, DOI:10.32604/cmc.2020.012475 - 30 October 2020

Abstract A data breach can seriously impact organizational intellectual property, resources, time, and product value. The risk of system intrusion is augmented by the intrinsic openness of commonly utilized technologies like TCP/IP protocols. As TCP relies on IP addresses, an attacker may easily trace the IP address of the organization. Given that many organizations run the risk of data breach and cyber-attacks at a certain point, a repeatable and well-developed incident response framework is critical to shield them. Enterprise cloud possesses the challenges of security, lack of transparency, trust and loss of controls. Technology eases quickens… More >

Hongbin Zhang^{1, 2}, Yuzi Yi^{1, *}, Junshe Wang¹, Ning Cao^{3, *}, Qiang Duan⁴

CMC-Computers, Materials & Continua, Vol.56, No.3, pp. 381-399, 2018, DOI:10.3970/cmc.2018.03787

Abstract Network security situation awareness is an important foundation for network security management, which presents the target system security status by analyzing existing or potential cyber threats in the target system. In network offense and defense, the network security state of the target system will be affected by both offensive and defensive strategies. According to this feature, this paper proposes a network security situation awareness method using stochastic game in cloud computing environment, uses the utility of both sides of the game to quantify the network security situation value. This method analyzes the nodes based on… More >