All articles published by MDPI are made immediately available worldwide under an open access license. No special permission is required to reuse all or part of the article published by MDPI, including figures and tables. For articles published under an open access Creative Common CC BY license, any part of the article may be reused without permission provided that the original article is clearly cited. For more information, please refer to https://www.mdpi.com/openaccess.
Feature papers represent the most advanced research with significant potential for high impact in the field. A Feature Paper should be a substantial original Article that involves several techniques or approaches, provides an outlook for future research directions and describes possible research applications.
Feature papers are submitted upon individual invitation or recommendation by the scientific editors and must receive positive feedback from the reviewers.
Editor’s Choice articles are based on recommendations by the scientific editors of MDPI journals from around the world. Editors select a small number of articles recently published in the journal that they believe will be particularly interesting to readers, or important in the respective research area. The aim is to provide a snapshot of some of the most exciting work published in the various research areas of the journal.
Original Submission Date Received: .
- Journals
-
- Active Journals
- Find a Journal
- Proceedings Series
-
- Topics
- Information
-
- For Authors
- For Reviewers
- For Editors
- For Librarians
- For Publishers
- For Societies
- For Conference Organizers
- Open Access Policy
- Institutional Open Access Program
- Special Issues Guidelines
- Editorial Process
- Research and Publication Ethics
- Article Processing Charges
- Awards
- Testimonials
-
- Author Services
- Initiatives
-
- Sciforum
- MDPI Books
- Preprints.org
- Scilit
- SciProfiles
- Encyclopedia
- JAMS
- Proceedings Series
-
- About
-
- Overview
- Contact
- Careers
- News
- Press
- Blog
-
Sign In / Sign Up Submit
Journal Description
Journal of Cybersecurity and Privacy is an international,peer-reviewed, open access journalon all aspects of computer, systems, and information security, published quarterly online by MDPI.
- Open Access— free for readers, with article processing charges (APC) paid by authors or their institutions.
- High Visibility:indexed withinScopus,EBSCO, andother databases.
- Rapid Publication: manuscripts are peer-reviewed and a first decision is provided to authors approximately 23.5 days after submission; acceptance to publication is undertaken in 9.8 days (median values for papers published in this journal in the second half of 2023).
- Journal Rank:CiteScore- Q1 (Computer Science (miscellaneous))
- Recognition of Reviewers: APC discount vouchers, optional signed peer review, and reviewer names published annually in the journal.
- Companion journal: Sensors.
subject Imprint Information get_app Journal Flyer Open Access ISSN: 2624-800X
Latest Articles
6 pages, 173 KiB
Open AccessEditorial
Diverse Intrusion and Malware Detection: AI-Based and Non-AI-Based Solutions
by Feng Wang and Yongning Tang
J. Cybersecur. Priv. 2024, 4(2), 382-387; https://doi.org/10.3390/jcp4020019 - 11 Jun 2024
Abstract
In today’s interconnected world, the need for robust intrusion and malware detection and prevention has never been more critical [...] Full article
(This article belongs to the Special Issue Intrusion, Malware Detection and Prevention in Networks)
25 pages, 579 KiB
Open AccessArticle
An Integrated Approach to Cyber Risk Management with Cyber Threat Intelligence Framework to Secure Critical Infrastructure
by Habib El Amin, Abed Ellatif Samhat, Maroun Chamoun, Lina Oueidat and Antoine Feghali
J. Cybersecur. Priv. 2024, 4(2), 357-381; https://doi.org/10.3390/jcp4020018 - 9 Jun 2024
Abstract
Emerging cyber threats’ sophistication, impact, and complexity rapidly evolve, confronting organizations with demanding challenges. This severe escalation requires a deeper understanding of adversary dynamics to develop enhanced defensive strategies and capabilities. Cyber threat actors’ advanced techniques necessitate a proactive approach to managing organizations’ [...] Read more.
Emerging cyber threats’ sophistication, impact, and complexity rapidly evolve, confronting organizations with demanding challenges. This severe escalation requires a deeper understanding of adversary dynamics to develop enhanced defensive strategies and capabilities. Cyber threat actors’ advanced techniques necessitate a proactive approach to managing organizations’ risks and safeguarding cyberspace. Cyber risk management is one of the most efficient measures to anticipate cyber threats. However, it often relies on organizations’ contexts and overlooks adversaries, their motives, capabilities, and tactics. A new cyber risk management framework incorporating emergent information about the dynamic threat landscape is needed to overcome these limitations and bridge the knowledge gap between adversaries and security practitioners. Such information is the product of a cyber threat intelligence process that proactively delivers knowledge about cyber threats to inform decision-making and strengthen defenses. In this paper, we overview risk management and threat intelligence frameworks. Then, we highlight the necessity of integrating cyber threat intelligence and assessment in cyber risk management. After that, we propose a novel risk management framework with integrated threat intelligence on top of EBIOS Risk Manager. Finally, we apply the proposed framework in the scope of a national telecommunications organization. Full article
(This article belongs to the Collection Intelligent Security and Privacy Approaches against Cyber Threats)
► Show Figures
Figure 1
---
Figure 3
---
Figure 4
---
Figure 5
---
---
Figure 7
---
Figure 8
17 pages, 1177 KiB
Open AccessArticle
Mapping Automated Cyber Attack Intelligence to Context-Based Impact on System-Level Goals
by Pete Burnap, Eirini Anthi, Philipp Reineckea, Lowri Williams, Fengnian Cao, Rakan Aldmoura and Kevin Jones
J. Cybersecur. Priv. 2024, 4(2), 340-356; https://doi.org/10.3390/jcp4020017 - 6 Jun 2024
Abstract
Traditionally, cyber risk assessment considers system-level risk separately from individual component-level risk, i.e., devices, data, people. This separation prevents effective impact assessment where attack intelligence for a specific device can be mapped to its impact on the entire system, leading to cascading failures. [...] Read more.
Traditionally, cyber risk assessment considers system-level risk separately from individual component-level risk, i.e., devices, data, people. This separation prevents effective impact assessment where attack intelligence for a specific device can be mapped to its impact on the entire system, leading to cascading failures. Furthermore, risk assessments typically follow a failure or attack perspective, focusing on potential problems, which means they need to be updated as attacks evolve. This approach does not scale to modern digital ecosystems. In this paper, we present a Data Science approach, which involves using machine learning algorithms and statistical models to analyse and predict the impact of cyber attacks. Specifically, this approach integrates automated attack detection on specific devices with a systems view of risk. By mapping operational goals in a top-down manner, we transform attack intelligence on individual components into system success probabilities. Full article
(This article belongs to the Special Issue Data Protection and Privacy)
► Show Figures
Figure 1
---
Figure 3
---
Figure 4
---
Figure 5
---
Figure 6
---
Figure 7
---
Figure 8
---
Figure 9
---
Figure 10
---
Figure 11
---
Figure 12
16 pages, 258 KiB
Open AccessArticle
Understanding and Classifying Permanent Denial-of-Service Attacks
by Stanislav Abaimov
J. Cybersecur. Priv. 2024, 4(2), 324-339; https://doi.org/10.3390/jcp4020016 - 11 May 2024
Abstract
In the evolving landscape of cybersecurity threats, permanent denial-of-service (PDoS) attacks have emerged as a particularly damaging form of cyber aggression. Unlike the more well-known denial-of-service (DoS) attacks, which disrupt services temporarily, PDoS attacks aim to inflict irreversible damage to systems, often resulting [...] Read more.
In the evolving landscape of cybersecurity threats, permanent denial-of-service (PDoS) attacks have emerged as a particularly damaging form of cyber aggression. Unlike the more well-known denial-of-service (DoS) attacks, which disrupt services temporarily, PDoS attacks aim to inflict irreversible damage to systems, often resulting in significant system overhauls and requiring hardware replacement. To enable the development of effective security measures, but also to address the knowledge gaps, this paper presents an in-depth exploration of PDoS attacks, emphasizing their distinguishing characteristics, underlying mechanisms, and potential further development. Through a comprehensive case study, this research highlights diverse tactics and strategies employed by attackers, from targeting IoT devices to manipulating boot processes and exploiting firmware vulnerabilities. A novel classification of PDoS attack vectors is proposed that also explains the ways in which the systems can be compromised. The findings confirm the pressing need for adaptive and robust defense mechanisms to mitigate the threats posed by PDoS attacks in our interconnected digital world. Full article
(This article belongs to the Topic Trends and Prospects in Security, Encryption and Encoding)
► Show Figures
Figure 1
26 pages, 675 KiB
Open AccessArticle
A Usable Encryption Solution for File-Based Geospatial Data within a Database File System
by Pankajeshwara Sharma, Michael Govorov and Michael Martin
J. Cybersecur. Priv. 2024, 4(2), 298-323; https://doi.org/10.3390/jcp4020015 - 9 May 2024
Abstract
Developing a security solution for spatial files within today’s enterprise Geographical Information System (GIS) that is also usable presents a multifaceted challenge. These files exist in “data silos” of different file server types, resulting in limited collaboration and increased vulnerability. While cloud-based data [...] Read more.
Developing a security solution for spatial files within today’s enterprise Geographical Information System (GIS) that is also usable presents a multifaceted challenge. These files exist in “data silos” of different file server types, resulting in limited collaboration and increased vulnerability. While cloud-based data storage offers many benefits, the associated security concerns have limited its uptake in GIS, making it crucial to explore comparable alternative security solutions that can be deployed on-premise and are also usable. This paper introduces a reasonably usable security solution for spatial files within collaborative enterprise GIS. We explore a Database File System (DBFS) as a potential repository to consolidate and manage spatial files based on its enterprise document management capabilities and security features inherited from the underlying legacy DBMS. These files are protected using the Advanced Encryption Standard (AES) algorithm with practical encryption times of 8 MB per second. The final part focuses on an automated encryption solution with schemes for single- and multi-user files that is compatible with various GIS programs and protocol services. Usability testing is carried out to assess the solution’s usability and focuses on effectiveness, efficiency, and user satisfaction, with the results demonstrating its usability based on the minimal changes it makes to how users work in a collaborative enterprise GIS environment. The solution furnishes a viable means for consolidating and protecting spatial files with various formats at the storage layer within enterprise GIS. Full article
(This article belongs to the Special Issue Usable Security)
► Show Figures
Figure 1
---
Figure 3
---
Figure 4
20 pages, 2825 KiB
Open AccessArticle
Passwordless Authentication Using a Combination of Cryptography, Steganography, and Biometrics
by Tunde Oduguwa and Abdullahi Arabo
J. Cybersecur. Priv. 2024, 4(2), 278-297; https://doi.org/10.3390/jcp4020014 - 1 May 2024
Abstract
User-generated passwords often pose a security risk in authentication systems. However, providing a comparative substitute poses a challenge, given the common tradeoff between security and user experience. This paper integrates cryptographic methods (both asymmetric and symmetric), steganography, and a combination of physiological and [...] Read more.
User-generated passwords often pose a security risk in authentication systems. However, providing a comparative substitute poses a challenge, given the common tradeoff between security and user experience. This paper integrates cryptographic methods (both asymmetric and symmetric), steganography, and a combination of physiological and behavioural biometrics to construct a prototype for a passwordless authentication system. We demonstrate the feasibility of scalable passwordless authentication while maintaining a balance between usability and security. We employ threat modeling techniques to pinpoint the security prerequisites for the system, along with choosing appropriate cryptographic protocols. In addition, a comparative analysis is conducted, examining the security impacts of the proposed system in contrast to that of traditional password-based systems. The results from the prototype indicate that authentication is possible within a timeframe similar to passwords (within 2 s), without imposing additional hardware costs on users to enhance security or compromising usability. Given the scalable nature of the system design and the elimination of shared secrets, the financial and efficiency burdens associated with password resets are alleviated. Furthermore, the risk of breaches is mitigated as there is no longer a need to store passwords and/or their hashes. Differing from prior research, our study presents a pragmatic design and prototype that deserves consideration as a viable alternative for both password-based and passwordless authentication systems. Full article
(This article belongs to the Special Issue Cyber Security and Digital Forensics)
► Show Figures
Figure 1
---
Figure 3
---
Figure 4
---
Figure 5
---
Figure 6
---
Figure 7
---
Figure 8
---
Figure 9
---
Figure 10
---
Figure 11
---
Figure 12
---
Figure 13
---
Figure 14
14 pages, 5231 KiB
Open AccessFeature PaperArticle
Facilitating the Integrative Use of Security Knowledge Bases within a Modelling Environment
by Avi Shaked
J. Cybersecur. Priv. 2024, 4(2), 264-277; https://doi.org/10.3390/jcp4020013 - 20 Apr 2024
Abstract
Security threat and risk assessment of systems requires the integrated use of information from multiple knowledge bases. Such use is typically carried out ad-hoc by security experts in an unstructured manner. Also, this ad-hoc use of information often lacks foundations that allow for [...] Read more.
Security threat and risk assessment of systems requires the integrated use of information from multiple knowledge bases. Such use is typically carried out ad-hoc by security experts in an unstructured manner. Also, this ad-hoc use of information often lacks foundations that allow for rigorous, disciplined applications of policy enforcement and the establishment of a well-integrated body of knowledge. This hinders organisational learning as well as the maturation of the threat modelling discipline. In this article, we uncover a newly developed extension of a state-of-the-art modelling tool that allows users to integrate and curate security-related information from multiple knowledge bases. Specifically, we provide catalogues of threats and security controls based on information from CAPEC, ATT&CK, and NIST SP800-53. We demonstrate the ability to curate security information using the designed solution. We highlight the contribution to improving the communication of security information, including the systematic mapping between user-defined security guidance and information derived from knowledge bases. The solution is open source and relies on model-to-model transformations and extendable threat and security control catalogues. Accordingly, the solution allows prospective users to adapt the modelling environment to their needs as well as keep it current with respect to evolving knowledge bases. Full article
► Show Figures
Figure 1
---
Figure 3
---
Figure 4
---
Figure 5
---
Figure 6
---
Figure 7
---
Figure 8
---
Figure 9
---
Figure 10
23 pages, 3062 KiB
Open AccessArticle
Data-Driven Network Anomaly Detection with Cyber Attack and Defense Visualization
by Eric Muhati and Danda Rawat
J. Cybersecur. Priv. 2024, 4(2), 241-263; https://doi.org/10.3390/jcp4020012 - 9 Apr 2024
Abstract
The exponential growth in data volumes, combined with the inherent complexity of network algorithms, has drastically affected network security. Data activities are producing voluminous network logs that often mask critical vulnerabilities. Although there are efforts to address these hidden vulnerabilities, the solutions often [...] Read more.
The exponential growth in data volumes, combined with the inherent complexity of network algorithms, has drastically affected network security. Data activities are producing voluminous network logs that often mask critical vulnerabilities. Although there are efforts to address these hidden vulnerabilities, the solutions often come at high costs or increased complexities. In contrast, the potential of open-source tools, recognized for their security analysis capabilities, remains under-researched. These tools have the potential for detailed extraction of essential network components, and they strengthen network security. Addressing this gap, our paper proposes a data analytics-driven network anomaly detection model, which is uniquely complemented with a visualization layer, making the dynamics of cyberattacks and their subsequent defenses distinctive in near real-time. Our novel approach, based on network scanning tools and network discovery services, allows us to visualize the network based on how many IP-based networking devices are live, then we implement a data analytics-based intrusion detection system that scrutinizes all network connections. We then initiate mitigation measures, visually distinguishing malicious from benign connections using red and blue hues, respectively. Our experimental evaluation shows an
score of
and a minimal false positive rate of
in our model, demonstrating a marked improvement over existing research in this domain. Full article
(This article belongs to the Special Issue Intrusion, Malware Detection and Prevention in Networks)
► Show Figures
Figure 1
---
Figure 3
---
Figure 4
---
Figure 5
---
Figure 6
18 pages, 30221 KiB
Open AccessArticle
Trustworthiness of Situational Awareness: Significance and Quantification
by Arslan Munir, Alexander Aved, Khanh Pham and Joonho Kong
J. Cybersecur. Priv. 2024, 4(2), 223-240; https://doi.org/10.3390/jcp4020011 - 8 Apr 2024
Abstract
Situational awareness (SA) is of tremendous significance for successful operations in many domains, such as surveillance, humanitarian, search, and rescue missions, and national security. SA is particularly important for the defense sector, and is regarded as the decisive factor in military and air [...] Read more.
Situational awareness (SA) is of tremendous significance for successful operations in many domains, such as surveillance, humanitarian, search, and rescue missions, and national security. SA is particularly important for the defense sector, and is regarded as the decisive factor in military and air combat engagements. Commanders and operators rely on the accuracy and fidelity of SA for comprehending the environment, decision-making, and carrying out actions based on these decisions for accomplishing a mission. SA, however, is susceptible to adversarial attacks that can compromise the security and trust of SA systems. In this paper, we discuss the significance of security and trust of SA from an air force perspective. We then propose a model for quantifying the trustworthiness of an SA system. We further present numerical examples that demonstrate the quantification of trustworthiness of an SA system using our proposed model. Finally, we conclude this paper with future research directions for quantifying the security of SA systems. Full article
(This article belongs to the Section )
► Show Figures
Figure 1
---
Figure 3
---
Figure 4
