Narrow Results

To ensure the security of web applications and to reduce the constant risk of increasing cybercrime, basic security principles like integrity, confidentiality and availability should not be omitted. Even though Transport Layer Security/Secure Socket Layer (TLS/SSL) authentication protocols are developed to shield websites from intruders, these protocols also have their fair share of problems. Incorrect authentication process of websites can give birth to notorious attack like Man in The Middle attack, which is widespread in HTTPS websites. In MITM attack, the violator basically positions himself in a communication channel between user and website either to eavesdrop or impersonate the communicating party to achieve malicious goals. Initially, the MITM attack is defined as a binary machine learning problem. Deep Q learning is utilized to build the MITM attack classification model. Thereafter, training process is applied on 60% of the obtained dataset. Remaining 40% dataset is used for testing purpose. The experimental results indicate that the proposed technique performs significantly better than the existing machine learning technique-based MITM prediction techniques for SSL/TLS-based websites.

With the rapid development of embedded systems, users and services have been greatly facilitated while also experiencing security threats as a result of cyber-attacks and system vulnerabilities. Currently, the real-time embedded system (RTES) focus is to deal with these security issues. In this paper, we introduce a short review of security-aware techniques for RTES. We mainly discuss two common approaches to improve the security of RTESs. The first approach is achieved by exploring specific attacks. The second approach is realized by deploying security-guaranteed services. However, improving the security of embedded systems may cause excessive energy consumption at the same time. Therefore, we investigate the secure and energy-aware RTESs on a wide range of research. In addition, we study a number of common applications used in secure RETSs. This paper stands for providing awareness and better understanding of the current RTES research status as well as technical theory behind it. Hence, the RTES security issues are resolved.

In the early 2000s, the Internet meant being able to connect different communication devices, whereas the focus in the last few years is on connecting “things” to the Internet. Although there is no distinct classification for these devices and things on the Internet, the Internet of Things (IoT) ecosystem primarily consists of a complex network of devices, sensors, and things. These “things” are controlled by humans and utilize the existing cloud infrastructure. These devices provide facilities and benefits to make our lives comfortable. IoT domains include smart homes, healthcare, manufacturing, smart wearables, smart cities, smart grids, industrial IoT, connected vehicles, and smart retail. Different IoT models involve human-to-IoT, IoT-to-IoT, IoT-to-traditional systems architectures. In most scenarios, the architecture ends up connecting to the unsecured Internet. This has thrown open several critical issues leading to cybersecurity attacks on IoT devices. IoT communications, protocols or the architecture were never been conceptualized to handle the new age cybersecurity attacks. IoT devices have limited compute, storage, network, or memory. In this research, the authors present a unique IoT attack framework named IAF focusing on the impact of IoT attacks on IoT applications and service levels. The authors also proposed an all-inclusive attack taxonomy classifying various attacks on IoT ecosystems.

Due to the extraordinary advances in tech companies and development in cloud computing, it has turned out to be ever more familiar for companies to integrate virtualization in data centers to entirely exploit their hardware sources. Accordingly, virtualization and security have gone under varied changes recently. Virtualization and its exceptional design have numerous advantages and characteristics over conventional non-virtualized technologies. Nevertheless, these novel characters form novel vulnerabilities and probable attacks in virtualized systems. Many recent studies have developed to detect those attacks, but they still have challenges like, need to invest more, if it must be done fast, data security could be at danger and scalability could be difficult. As a result, the primary goal of this study is to detect attack for getting secured virtualization in cloud. Therefore, the purpose of this research is to suggest a new, two-stage, protected virtualization paradigm for the cloud. At first, the “higher-order statistical features, flow-based features, mutual information (MI) based features and improved correlation features” are derived. Deep convolutional neural network (DCNN) 1 and 2 are then used to classify the derived features. To detect network assaults, LSTM 1 and 2 are applied to the outputs from DCNN 1 and 2. Here, the Self Customized Aquila Optimizer is used to adjust the DCNN weights to their optimum level (SC-AO). Additionally, analysis is performed using a range of metrics. Particularly, the proposed HC + SC-AO scheme attained improved accuracy of 0.938108 and 0.958249 for both the datasets respectively.

Wireless sensor networks (WSNs) can take the advantages by utilizing the security schemes based on the concepts of quantum computation and cryptography. However, quantum wireless sensor networks (QWSNs) are shown to have many practical constraints. One of the constraints is the number of entangled qubits which is very high in the quantum security scheme proposed by [Nagy et al., Nat. Comput.9 (2010) 819]. In this work, we propose a modification of the security scheme introduced by Nagy et al. and hence the reduction in the number of entangled qubits is shown. Further, the modified scheme can overcome some of the constraints in the QWSNs.

With the advancements of networking technologies and miniaturization of electronic devices, wireless sensor networks (WSN) have become an emerging area of research in academic, industrial, and defense sectors. Sensors combined with low power processors and wireless radios will see widespread adoption in the new future for a variety of applications including battlefield, hazardous area, and structural health monitoring. However, many issues need to be solved before the full-scale implementations are practical. Among the research issues in WSN, security is one of the most challenging. Securing WSN is challenging because of the limited resources of the sensors participating in the network. Moreover, the reliance on wireless communication technology opens the door for various types of security threats and attacks. Considering the special features of this type of network, in this chapter we address the critical security issues in wireless sensor networks. We discuss cryptography, steganography, and other basics of network security and their applicability to WSN. We explore various types of threats and attacks against wireless sensor networks, possible countermeasures, and notable WSN security research. We also introduce the holistic view of security and future trends for research in wireless sensor network security.

Briefly, in this chapter we will present the following topics:

• Basics of security in wireless sensor networks.

• Feasibility of applying various security approaches in WSN.

• Threats and attacks against wireless sensor networks.

• Key management issues.

• Secure routing in WSN.

• Holistic view of security in WSN.

• Future research issues and challenges.