Subjects -> LAW (Total: 1397 journals)
    - CIVIL LAW (30 journals)
    - CONSTITUTIONAL LAW (52 journals)
    - CORPORATE LAW (65 journals)
    - CRIMINAL LAW (28 journals)
    - CRIMINOLOGY AND LAW ENFORCEMENT (161 journals)
    - FAMILY AND MATRIMONIAL LAW (23 journals)
    - INTERNATIONAL LAW (161 journals)
    - JUDICIAL SYSTEMS (23 journals)
    - LAW (843 journals)
    - LAW: GENERAL (11 journals)

CRIMINOLOGY AND LAW ENFORCEMENT (161 journals)                     

Showing 1 - 160 of 160 Journals sorted alphabetically
Acta Criminologica : Southern African Journal of Criminology     Full-text available via subscription  
Advances in Cement Research     Hybrid Journal   (Followers: 7)
African Safety Promotion     Full-text available via subscription   (Followers: 4)
African Security Review     Partially Free   (Followers: 7)
Aggression and Violent Behavior     Hybrid Journal   (Followers: 362)
Aggressive Behavior     Hybrid Journal   (Followers: 16)
Annual Review of Criminology     Full-text available via subscription   (Followers: 9)
Asian Journal of Criminology     Hybrid Journal   (Followers: 9)
Australian and New Zealand Journal of Criminology     Hybrid Journal   (Followers: 406)
Australian Journal of Forensic Sciences     Hybrid Journal   (Followers: 351)
Biometric Technology Today     Full-text available via subscription   (Followers: 4)
Boletín Criminológico     Open Access  
Brill Research Perspectives in Transnational Crime     Full-text available via subscription   (Followers: 1)
British Journal of Criminology     Hybrid Journal   (Followers: 399)
Campbell Systematic Reviews     Open Access   (Followers: 5)
Canadian Graduate Journal of Sociology and Criminology     Open Access   (Followers: 6)
Canadian Journal of Criminology and Criminal Justice / La Revue canadienne de criminologie et de justice pénale     Full-text available via subscription   (Followers: 15)
Canadian Society of Forensic Science Journal     Hybrid Journal   (Followers: 258)
Champ pénal/Penal field     Open Access  
Computer Fraud & Security     Full-text available via subscription   (Followers: 286)
Computer Law & Security Review     Hybrid Journal   (Followers: 22)
Contemporary Challenges : The Global Crime, Justice and Security Journal     Open Access   (Followers: 3)
Contemporary Justice Review: Issues in Criminal, Social, and Restorative Justice     Hybrid Journal   (Followers: 39)
Corrections : Policy, Practice and Research     Hybrid Journal   (Followers: 1)
Crime & Delinquency     Hybrid Journal   (Followers: 83)
Crime and Justice     Full-text available via subscription   (Followers: 27)
Crime Prevention and Community Safety     Hybrid Journal   (Followers: 110)
Crime Psychology Review     Hybrid Journal   (Followers: 2)
Crime Science     Open Access   (Followers: 56)
Crime, Histoire & Sociétés     Open Access   (Followers: 10)
Crime, Security and Society     Open Access   (Followers: 2)
Criminal Justice and Behavior     Hybrid Journal   (Followers: 61)
Criminal Justice Ethics     Hybrid Journal   (Followers: 10)
Criminal Justice Matters     Hybrid Journal   (Followers: 9)
Criminal Justice Policy Review     Hybrid Journal   (Followers: 31)
Criminal Justice Review     Hybrid Journal   (Followers: 15)
Criminal Justice Studies: A Critical Journal of Crime, Law and Society     Hybrid Journal   (Followers: 24)
Criminal Law and Philosophy     Hybrid Journal   (Followers: 13)
Criminal Law Forum     Hybrid Journal   (Followers: 8)
Criminocorpus, revue hypermédia     Open Access  
Criminological Studies     Open Access  
Criminologie     Open Access   (Followers: 3)
Criminology and Criminal Justice     Hybrid Journal   (Followers: 51)
Crítica Penal y Poder     Open Access  
Critical Criminology     Hybrid Journal   (Followers: 24)
Critical Studies on Terrorism     Hybrid Journal   (Followers: 55)
Cryptologia     Hybrid Journal   (Followers: 3)
Current Issues in Criminal Justice     Hybrid Journal   (Followers: 13)
Datenschutz und Datensicherheit - DuD     Hybrid Journal  
Delito y Sociedad : Revista de Ciencias Sociales     Open Access  
Derecho Penal y Criminología     Open Access   (Followers: 2)
Detection     Open Access   (Followers: 3)
Dynamics of Asymmetric Conflict: Pathways toward terrorism and genocide     Hybrid Journal   (Followers: 11)
EDPACS: The EDP Audit, Control, and Security Newsletter     Hybrid Journal  
Estudios Penales y Criminológicos     Open Access  
EURASIP Journal on Information Security     Open Access   (Followers: 7)
European Journal of Crime, Criminal Law and Criminal Justice     Hybrid Journal   (Followers: 271)
European Journal of Criminology     Hybrid Journal   (Followers: 32)
European Journal of Probation     Hybrid Journal  
European Journal on Criminal Policy and Research     Hybrid Journal   (Followers: 9)
European Polygraph     Open Access  
European Review of Organised Crime     Open Access   (Followers: 46)
Feminist Criminology     Hybrid Journal   (Followers: 17)
Forensic Science International     Hybrid Journal   (Followers: 361)
Forensic Science International : Reports     Open Access   (Followers: 5)
Forensic Science International: Genetics     Hybrid Journal   (Followers: 15)
Forensic Science, Medicine, and Pathology     Hybrid Journal   (Followers: 27)
Forensic Toxicology     Hybrid Journal   (Followers: 18)
Global Crime     Hybrid Journal   (Followers: 283)
Health & Justice     Open Access   (Followers: 5)
Homicide Studies     Hybrid Journal   (Followers: 8)
IEEE Security & Privacy Magazine     Full-text available via subscription   (Followers: 30)
IEEE Transactions on Dependable and Secure Computing     Hybrid Journal   (Followers: 16)
IEEE Transactions on Information Forensics and Security     Hybrid Journal   (Followers: 25)
Incarceration     Full-text available via subscription  
Information Security Journal : A Global Perspective     Hybrid Journal   (Followers: 10)
International Annals of Criminology     Hybrid Journal  
International Criminal Justice Review     Hybrid Journal   (Followers: 14)
International Criminal Law Review     Hybrid Journal   (Followers: 18)
International Criminology     Hybrid Journal   (Followers: 4)
International Journal for Crime, Justice and Social Democracy     Open Access   (Followers: 7)
International Journal of Applied Cryptography     Hybrid Journal   (Followers: 9)
International Journal of Comparative and Applied Criminal Justice     Hybrid Journal   (Followers: 4)
International Journal of Conflict and Violence     Open Access   (Followers: 25)
International Journal of Criminology and Sociology     Open Access   (Followers: 1)
International Journal of Discrimination and the Law     Hybrid Journal   (Followers: 7)
International Journal of Electronic Security and Digital Forensics     Hybrid Journal   (Followers: 11)
International Journal of Information and Coding Theory     Hybrid Journal   (Followers: 7)
International Journal of Police Science and Management     Full-text available via subscription   (Followers: 313)
International Journal of Prisoner Health     Hybrid Journal   (Followers: 16)
International Journal of Punishment and Sentencing, The     Full-text available via subscription   (Followers: 8)
International Review of Victimology     Hybrid Journal   (Followers: 19)
Journal of Addictions & Offender Counseling     Partially Free   (Followers: 6)
Journal of Adult Protection, The     Hybrid Journal   (Followers: 16)
Journal of Aggression, Conflict and Peace Research     Hybrid Journal   (Followers: 43)
Journal of Computer Security     Hybrid Journal   (Followers: 12)
Journal of Computer Virology and Hacking Techniques     Hybrid Journal   (Followers: 6)
Journal of Contemporary Criminal Justice     Hybrid Journal   (Followers: 24)
Journal of Correctional Education     Full-text available via subscription   (Followers: 2)
Journal of Crime and Justice     Hybrid Journal   (Followers: 14)
Journal of Criminal Justice     Hybrid Journal   (Followers: 58)
Journal of Criminal Justice Education     Hybrid Journal   (Followers: 8)
Journal of Criminal Psychology     Hybrid Journal   (Followers: 126)
Journal of Criminological Research, Policy and Practice     Hybrid Journal   (Followers: 62)
Journal of Criminology     Open Access   (Followers: 12)
Journal of Criminology and Forensic Science     Open Access   (Followers: 7)
Journal of Developmental and Life-Course Criminology     Hybrid Journal  
Journal of Ethnicity in Criminal Justice     Hybrid Journal   (Followers: 3)
Journal of Forensic and Legal Medicine     Hybrid Journal   (Followers: 292)
Journal of Forensic Practice     Hybrid Journal   (Followers: 61)
Journal of Forensic Psychiatry & Psychology     Hybrid Journal   (Followers: 50)
Journal of Forensic Sciences     Hybrid Journal   (Followers: 369)
Journal of Gender-Based Violence     Hybrid Journal   (Followers: 13)
Journal of Genocide Research     Hybrid Journal   (Followers: 13)
Journal of Illicit Economies and Development     Open Access  
Journal of International Criminal Justice     Hybrid Journal   (Followers: 38)
Journal of Investigative Psychology and Offender Profiling     Hybrid Journal   (Followers: 11)
Journal of Learning Disabilities and Offending Behaviour     Hybrid Journal   (Followers: 30)
Journal of Penal Law & Criminology     Open Access   (Followers: 2)
Journal of Perpetrator Research     Open Access   (Followers: 1)
Journal of Policing, Intelligence and Counter Terrorism     Hybrid Journal   (Followers: 417)
Journal of Quantitative Criminology     Hybrid Journal   (Followers: 32)
Journal of Scandinavian Studies in Criminology and Crime Prevention     Hybrid Journal   (Followers: 10)
Journal of Strategic Security     Open Access   (Followers: 11)
Justice Evaluation Journal     Hybrid Journal   (Followers: 1)
Justice Research and Policy     Full-text available via subscription  
Juvenile and Family Court Journal     Hybrid Journal   (Followers: 34)
Kriminologia ikasten : Irakaskuntzarako aldizkaria     Open Access  
Kriminologisches Journal     Full-text available via subscription  
Law, Innovation and Technology     Hybrid Journal   (Followers: 15)
Nordic Journal of Criminology     Hybrid Journal   (Followers: 1)
Occasional Series in Criminal Justice and International Studies     Full-text available via subscription   (Followers: 3)
Police Journal : Theory, Practice and Principles     Hybrid Journal   (Followers: 320)
Police Quarterly     Hybrid Journal   (Followers: 298)
Policing: A Journal of Policy and Practice     Hybrid Journal   (Followers: 296)
Policing: An International Journal of Police Strategies & Management     Hybrid Journal   (Followers: 327)
Policy & Internet     Hybrid Journal   (Followers: 12)
Política Criminal     Open Access  
Psychology of Violence     Full-text available via subscription   (Followers: 15)
Psychology, Crime & Law     Hybrid Journal   (Followers: 27)
Punishment & Society     Hybrid Journal   (Followers: 37)
Research and Reports in Forensic Medical Science     Open Access   (Followers: 7)
Revista Arbitrada de Ciencias Jurídicas y Criminalísticas Iustitia Socialis     Open Access  
Revista Brasileira de Criminalística     Open Access  
Revista de Estudios Jurídicos y Criminológicos     Open Access  
Revista de Movimentos Sociais e Conflitos     Open Access  
Revista Digital de la Maestría en Ciencias Penales     Open Access  
Rivista di Studi e Ricerche sulla criminalità organizzata     Open Access  
Science & Global Security: The Technical Basis for Arms Control, Disarmament, and Nonproliferation Initiatives     Hybrid Journal   (Followers: 4)
Security and Defence Quarterly     Open Access   (Followers: 6)
Security Journal     Hybrid Journal   (Followers: 22)
Sexual Abuse in Australia and New Zealand     Full-text available via subscription   (Followers: 9)
South African Crime Quarterly     Open Access   (Followers: 4)
The Howard Journal of Criminal Justice     Hybrid Journal   (Followers: 9)
Theory and Practice of Forensic Science     Open Access   (Followers: 1)
Trauma, Violence, & Abuse     Hybrid Journal   (Followers: 58)
Trends in Organized Crime     Hybrid Journal   (Followers: 374)
URVIO - Revista Latinoamericana de Estudios de Seguridad     Open Access  
Women & Criminal Justice     Hybrid Journal   (Followers: 282)
Women Against Violence : An Australian Feminist Journal     Full-text available via subscription   (Followers: 15)

           

Similar Journals
Journal Cover
Journal of Computer Virology and Hacking Techniques
Journal Prestige (SJR): 0.271
Citation Impact (citeScore): 1
Number of Followers: 6  
 
  Hybrid Journal Hybrid journal (It can contain Open Access articles)
ISSN (Online) 2263-8733
Published by Springer-Verlag Homepage  [2469 journals]
  • Metamorphic malware detection using structural features and nonnegative
           matrix factorization with hidden markov model

    • Free pre-print version: Loading...

      Abstract: Abstract Metamorphic malware modifies its code structure using a morphing engine to evade traditional signature-based detection. Previous research has shown the use of opcode instructions as feature representation with Hidden Markov Model in the context of metamorphic malware detection. However, it would be more feasible to extract a file feature at fine-grained level. In this paper, we propose a novel detection approach by generating structural features through computing a stream of byte chunks using compression ratio, entropy, Jaccard similarity coefficient and Chi-square statistic test. Nonnegative Matrix Factorization is also considered to reduce the feature dimensions. We then use the coefficient vectors from the reduced space to train Hidden Markov Model. Experimental results show there is different performance between malware detection and classification among the proposed structural features.
      PubDate: 2022-09-01
       
  • 2Faces: a new model of malware based on dynamic compiling and reflection

    • Free pre-print version: Loading...

      Abstract: Abstract Nowadays malware writers are continually striving to find new ways to evade antimalware checks. To do this, they exploit the vulnerabilities of current antimalware that are unable to detect zero-day threats, because to detect malicious behavior, they need to know their signature, which must be stored in the database: to be recognized, a malware must already be widespread. In this paper we propose a novel malware model with the aim of promoting the development of innovative malware detection paradigms. The proposed model is based on the combination of following mechanisms: dynamic compiling, reflection and dynamic loading, to combine a series of source code snippets into a running application and dynamically alter the normal flow of program execution. We implemented the proposed malware model into the 2Faces Android application. We show also that current antimalware technologies are not able to identify the proposed malware model and we discuss the countermeasures that can be adopted to detect the 2Faces malware.
      PubDate: 2022-09-01
       
  • Detection and robustness evaluation of android malware classifiers

    • Free pre-print version: Loading...

      Abstract: Abstract Android malware attacks are tremendously increasing, and evasion techniques become more and more effective. For this reason, it is necessary to continuously improve the detection performances. With this paper, we wish to pursue this purpose with two contributions. On one hand, we aim at evaluating how improving machine learning-based malware detectors, and on the other hand, we investigate to which extent adversarial attacks can deteriorate the performances of the classifiers. Analysis of malware samples is performed using static and dynamic analysis. This paper proposes a framework for integrating both static and dynamic features trained on machine learning methods and deep neural network. On employing machine learning algorithms, we obtain an accuracy of 97.59% with static features using SVM, and 95.64% is reached with dynamic features using Random forest. Additionally, a 100% accuracy was obtained with CART and SVM using hybrid attributes (on combining relevant static and dynamic features). Further, using deep neural network models, experimental results showed an accuracy of 99.28% using static features, 94.61% using dynamic attributes, and 99.59% by combining both static and dynamic features (also known as multi-modal attributes). Besides, we evaluated the robustness of classifiers against evasion and poisoning attack. In particular comprehensive analysis was performed using permission, APIs, app components and system calls (especially n-grams of system calls). We noticed that the performances of the classifiers significantly dropped while simulating evasion attack using static features, and in some cases 100% of adversarial examples were wrongly labelled by the classification models. Additionally, we show that models trained using dynamic features are also vulnerable to attack, however they exhibit more resilience than a classifier built on static features.
      PubDate: 2022-09-01
       
  • Role based access control using identity and broadcast based encryption
           for securing cloud data

    • Free pre-print version: Loading...

      Abstract: Abstract Since integrity of data on cloud cannot be assured, several clients and users hesitate to upload their crucial data to the cloud, which eventually hinders cloud storage development. One of the biggest challenges with respect to cloud security is to ensure data confidentiality and one of the solutions to this issue can be by restricting unauthorized access to user data stored on cloud. In due course of time much research has been proposed using cryptographic techniques along with access control model(s) to deal with security issues pertaining to untrusted cloud environments. This work illustrates Role-Based access control policies over user data and permits the owner of the data to store it in an encrypted pattern to the cloud, thereby, allowing only permissible roles to access the data. Hence, the proposed work is an amalgamation of Role-Based Encryption (RBE) scheme using Identity and Broadcast based Encryption scheme to ensure data integrity in public clouds. In this paper we discuss the usage of several algorithmic modules that demonstrates how roles are governed by the membership rights, user revocation, encryption and decryption processes. Finally, the proposed model is compared with its peers on the basis of encryption and decryption time.
      PubDate: 2022-09-01
       
  • An approach to dynamic malware analysis based on system and application
           code split

    • Free pre-print version: Loading...

      Abstract: Abstract This paper discusses the development of tools for dynamic malware analysis. The main idea is to provide total control on a suspicious sample execution on the test computer. The approach we propose is to separate the application code from the system code by using memory pages access control. Thus, we are able to detect all system API calls and non-standard ways to transfer the control flow. Our tools (codename ToolChain) intentionally consist of a Control module, a Scheduling module, and a Cloaking module. In this paper, we focus mainly on the Control module. We monitor internal target process events by using invasive methods such as a system call hook or an executable file patch. This research describes the key creation stages of the prototype, with the basic functionality and technical ideas on handling several issues, such as analysis of multi-threaded applications, cloaking of the presence of analytical tools, and mitigation of the performance degradation of the operation system.
      PubDate: 2022-09-01
       
  • Partially identified Babassu cipher and attack on it

    • Free pre-print version: Loading...

      Abstract: Abstract In the present article, we consider a new class of one-pad ciphers. We define its encryption algorithm as a partial function with two arguments. The first argument is a key, which is a random and equiprobable sequence of natural language letters. The length of the key is N. The second argument is a coherent (readable) text of length L, where L < N. The partiality feature of the encryption function does not allow us to apply C. Shannon's mathematical model. For this class of ciphers, we present two operational modes. We chose positions (numbers) of letters in a given key with the encrypted coherent text in the first mode. The positions (numbers) of letters represent the encrypted text. If there is not enough key information to encrypt the whole text, we may repeat the encryption using the next chosen key. To illustrate cryptographic capabilities of this mode, we widely use a widely known perfect cipher secrecy concept of C. Shannon as a prototype to the concept of perfect partial secrecy. Newly presented concepts allow us to build a hypothesis stating that it is impossible to decrypt the presented cipher without finding the information about its key. The second operational mode of the cipher consists of multiple usage of the key to save the key information. We also calculate the complexity of finding the key.
      PubDate: 2022-09-01
       
  • An efficient IDS in cloud environment using feature selection based on DM
           algorithm

    • Free pre-print version: Loading...

      Abstract: Abstract Cloud Computing provides the use of a wide array of applications to a designated server outside one’s personal computer. In the current technological era with the evolution of the Internet, it is being used on a wider range. With such popularity and wide use comes a threat to its security. Intrusion Detection System (IDS) helps to secure the cloud environment from intruders by classifying the packets as an attack or normal. The datasets used for such purpose are very large which contains many features hence takes a huge time in computation. It is important to choose pertinent features to feed into the model which can give better results than using all the features and take less computational time. The authors proposed a nature-inspired Dolphin Mating (DM) algorithm to determine pertinent features from the dataset. For this purpose, the authors have used the NSL-KDD dataset and Kyoto dataset. The selected features are trained and tested using several machine learning algorithms. The result obtained is compared with several existing algorithms and it was found that the proposed DM algorithm selects the most relevant feature subset which made the IDS efficient in the Cloud environment.
      PubDate: 2022-09-01
       
  • About long period sequences

    • Free pre-print version: Loading...

      Abstract: Abstract This paper presents estimation results of the ratio of input to output sequence periods for combination schemes and the ratio of input to internal sequence periods for schemes with a memory element. A decrease in the length of output sequence period, which is possible in the case with circuits with a memory element, is not discussed. The following results are given: (1) for any \({\varvec{m}}\) sequences with period lengths of \({{\varvec{T}}}_{1}\) ,…, \({{\varvec{T}}}_{{\varvec{m}}}\) , \({\varvec{m}}>1\) , a lower bound of their modification period length is given using the combination function \(\varvec{\upvarphi }({{\varvec{y}}}_{1},\dots ,{{\varvec{y}}}_{{\varvec{m}}})\) that is bijective for some variables; (2) the modification period length for \({\varvec{m}}>1\) sequences generated by maximum-length linear feedback shift registers is proved to be maximal, using the combination function \(\varvec{\upvarphi }({{\varvec{y}}}_{1},\dots ,{{\varvec{y}}}_{{\varvec{m}}})\) , that depends essentially on all variables, and the number of ones per period of the output sequence is estimated; (3) for a certain class of non-autonomous automata, it is shown that the ratio of the period lengths of the internal sequence to the input sequence can be large, in particular, reach the number of automaton states. The conditions under which the period lengths of resulting sequences are maximum are specified.
      PubDate: 2022-09-01
       
  • Attacking TrustZone on devices lacking memory protection

    • Free pre-print version: Loading...

      Abstract: Abstract ARM TrustZone offers a Trusted Execution Environment (TEE) embedded into the processor cores. Some vendors offer ARM modules that do not fully comply with TrustZone specifications, which may lead to vulnerabilities in the system. In this paper, we present a DMA attack tutorial from the insecure world onto the secure world, and the design and implementation of this attack in a real insecure hardware.
      PubDate: 2022-09-01
       
  • XOR ciphers model and the attack to it

    • Free pre-print version: Loading...

      Abstract: Abstract This paper will propose a natural language model based on all coherent (meaningful) texts of fixed length used in encryption. We use Shannon's cipher model to describe XOR ciphers by incorporating equinumerous alphabets of plaintexts, keys, and ciphertexts. The encryption function between the plaintext alphabet and the key should be defined as bijective with regard to each variable. The selection of key symbols from the key alphabet to encrypt a text of finite length is made randomly (and possibly randomly and with equal probability). The supposed attack consists of identifying at least two plaintext segments with a given length D in a known ciphertext of a given length. Further, we will estimate the complexity of the attack and calculate the reliability of the attack lower estimate.
      PubDate: 2022-09-01
       
  • Joint detection and classification of signature and NetFlow based internet
           worms using MBGWO-based hybrid LSTM

    • Free pre-print version: Loading...

      Abstract: Abstract A worm is a self-reproducing malware that spreads from one computer to other computers through the internet. A single Internet worm has the potential to infect millions of computers within a relatively short period as it travels around the network. In addition, these worms affect the packets and performance of the network, where the packets are examined by a signature-based intrusion detection system (IDS), and the performance of the network is examined by a NetFlow-based IDS. Therefore, this article aims to provide a method for the simultaneous detection of Internet worms that are based on signatures and NetFlow utilizing the multi-layer hybrid long short-term memory (HLSTM) with meta-heuristic optimization called modified binary grey wolf optimizer (MBGWO). Initially, the dataset preprocessing is performed to overcome real-world data such as inconsistency, incompleteness, a lack of specific behaviors or dataset patterns, and the probability of having errors in worm detection. Next, the MBGWO is used to extract and select the optimal features. Then, HLSTM is used to detect the internet worm from the pre-trained datasets such as packet capture (PCAP) and KDDCUP99 datasets. In addition, the HLSTM also classifies the type of worm. Finally, the simulation results revealed that the proposed MBGWO-based HLSTM model resulted in superior performance as compared to conventional approaches. From this experiment, the proposed MBGWO-based HLSTM model attained 99.84% of accuracy and 100% of precision, recall, and F1 scores respectively.
      PubDate: 2022-08-10
       
  • Artificial intelligence enabled fuzzy multimode decision support system
           for cyber threat security defense automation

    • Free pre-print version: Loading...

      Abstract: Abstract Security defense automation uses technology that reduces human assistance to integrate security applications, processes, and infrastructure. In the process of defense and attack, there will be a period of delay in establishing the decision-making and strategy. Recently, fuzzy-based decision-making has been effectively utilized for uncertainty and vague data in security applications. Fuzzy decision tree blends fuzzy representation and associates approximate reasoning with symbolic decision trees. They provide for handling language-related uncertainty, noise, missing or faulty features, and robust behavior while also providing comprehensible knowledge interpretation. Cyber threat intelligence is information an organization utilizes to understand the dangers that have, might, and is presently attacking the company. The collection of single or multi-criteria techniques using fuzzy logic aiming at selecting the best alternative in case of inaccurate, incomplete, and vague information. Hence, this paper proposes a fuzzy multimode decision support system (FMMDSS) for security defense automation. Fuzzy logic is a progression to define the human inclination of accurate thinking that simplifies classical logic. This paper aims at the state explosion problem when network nodes increase and design the attack-defense graph to compress the state space and extract network states and defense policies. A simple example representing the suggested model to support decision-making accompanies the security attack and defense processes. This research will potentially offer new ideas and stimuli for future designs of network security and defense automation architecture. This paper concludes with a policy for implementing the recommended model in an operational setting with better dependability predictions, general comparison of predictive analysis ratio 89.7% and a cognitive ability ratio 92.5%, the security control selection ratio of 82.5%. Scalability ratios of 85.2% with an overall performance of 95.7% are measured using conventional methods and our proposed system.
      PubDate: 2022-08-06
       
  • XAI for intrusion detection system: comparing explanations based on global
           and local scope

    • Free pre-print version: Loading...

      Abstract: Abstract Intrusion Detection System is a device or software in the field of cybersecurity that has become an essential tool in computer networks to provide a secured network environment. Machine Learning based IDS offers a self-learning solution and provides better performance when compared to traditional IDS. As the predictive performance of IDS is based on conflicting criteria, the underlying algorithms are becoming more complex and hence, less transparent. Explainable Artificial Intelligence is a set of frameworks that help to develop interpretable and inclusive machine learning models. In this paper, we use Permutation Importance, SHapley Additive exPlanation, Local Interpretable Model-Agnostic Explanation algorithms, Contextual Importance and Utility algorithms, covering both global and local scope of explanation to IDSs on Random Forest, eXtreme Gradient Boosting and Light Gradient Boosting machine learning models along with a comparison of explanations in terms of accuracy, consistency and stability. This comparison can help cyber security personnel to have a better understanding of the predictions of cyber-attacks in the network traffic. A case study focusing on DoS attack variants shows some useful insights on the impact of features in prediction performance.
      PubDate: 2022-07-31
       
  • Intelligence in security countermeasures selection

    • Free pre-print version: Loading...

      Abstract: Abstract Identifying security risks in organizations and also determining their severity in order to select appropriate security countermeasures is of great importance in organizations. In the last two decades, a lot of work has been done to increase the accuracy of risk impact calculation as well as the right selection of countermeasures. Also, a variety of work has been proposed to select combined countermeasures instead of single ones. So there is a challenge to balance the cost of security with the improvement of the defense system. In this paper, a dataset that includes the organization business processes, security data, assets, vulnerabilities, and related security countermeasures is suggested for the first time. In the previous work, this chain of information from the content of the organization, which is definitely different from another organization, has not been considered for the analysis of the performance of countermeasures (success or failure). Based on the results of the countermeasures during the organization’s lifetime, more efficient countermeasures can be suggested for new or existing risks. Therefore, by intelligently selecting the security countermeasures presented in this paper, organizations will be able to identify ineffective countermeasures and prevent them from being re-selected to counter attackers. In this way, we can make our organization more resilient to attackers over time.
      PubDate: 2022-07-22
       
  • NADA: new architecture for detecting DoS and DDoS attacks in fog computing

    • Free pre-print version: Loading...

      Abstract: Abstract Nowadays, fog computing as a new part of the Internet of Things plays a vital and significant role in the development of technology in cities and smart homes, various industries, medical care, security and etc. This technology, like other emerging technologies, has security challenges. One of the most important attacks on fog nodes is the DoS and DDoS attacks. This article proposes new method for DoS and DDoS attack detection by combining machine learning techniques, DT and KNN with CNN algorithm. We have improved the performance of the intrusion detection systems in the Fog computing infrastructure by voting mechanism for DoS and DDoS detection. NADA is capable of detecting DoS and DDoS attacks with highest correct rate (about 99%). NADA can be applied in both edge and fog nodes. The proposed approach uses deep learning techniques and biological genetic algorithm for detecting suspicious traffic. Then the suspicious traffic applies to CNN, DT, and KNN as an input and based on the available samples, maximum vote-based attack detection validation is performed. Finally, we evaluated our method (NADA) and calculate criteria such as Precision, Accuracy, Recall, and Error. By simulating NADA, we observed that metrics cited improved on average by about 7% in comparison with other methods.
      PubDate: 2022-07-14
       
  • Security intrusion detection using quantum machine learning techniques

    • Free pre-print version: Loading...

      Abstract: Abstract Conventional machine learning approaches applied for the security intrusion detection degrades in case of big data input ( \(10^6\) and more samples in a dataset). Model training and computing by traditional machine learning executed on big data at a common computing environment may produce accurate outputs but take a long time, or produce poor accuracy by quick training, both disparate to malicious activity. The paper observes the quantum machine learning (QML) methods overcoming the barriers of big data and the computing abilities of common hardware for the purpose of high performance intrusion detection. Quantum support vector machine (QSVM) and quantum convolution neural network (QCNN) as concurrent methods are discussed and evaluated comparing to the conventional intrusion detectors running on the traditional computer. The QML-based intrusion detection utilizes our own dataset that implements the grouping of the network packets into the input streams eatable for the QML. We have developed the software solution that encodes the network traffic streams ready to the quantum computing. Experimental results show the ability of the QML-based intrusion detection for processing big data inputs with high accuracy (98%) providing a twice faster speed comparing to the conventional machine learning algorithms utilized for the same task.
      PubDate: 2022-06-24
       
  • Application of the SAMA methodology to Ryuk malware

    • Free pre-print version: Loading...

      Abstract: Abstract Malware analysis is an essential discipline for understanding the nature, attack vectors, and weaknesses of systems to combat the threats that emerge every day in the IT security world. To this end, a malware analysis methodology can facilitate and improve an otherwise complex, chaotic, and relatively inefficient process, optimising the results obtained and the productivity of the analysis. To prove the effectiveness of a malware analysis methodology, it is necessary to test it on relevant specimens. The aim of this paper is, on one hand, to test and demonstrate the value of the SAMA methodology as a systematic process for analysing malware with a real and significant use case and, on the other hand, to show, explain and put into practice several actual malware analysis techniques and tools using a real and relevant use case. The analysis process carried out with the methodology shows its ability to guide a malware analysis process as well as its flexibility to adapt the techniques according to the findings obtained during the process.
      PubDate: 2022-06-22
       
  • Behavior-based detection and classification of malicious software
           utilizing structural characteristics of group sequence graphs

    • Free pre-print version: Loading...

      Abstract: Abstract In this work we present a graph-based approach for behavior-based malware detection and classification utilizing the Group Relation Graphs (GrG), resulting after the grouping of disjoint vertices of System-call Dependency Graphs obtained through the dynamic taint analysis over after the execution of a program. Throughout this approach we utilize the sequence on the appearance of each edge in the GrG graph in order to depict the information regarding the sequential dependencies between the System-calls groups invoked during the execution of a program, proposing the so-called Group Sequence Graphs (GsG). Utilizing the proposed approach, we investigate further valuable structural characteristics of the graphs augmenting the GrG with further information that increase their potentials against the representation of mutated malware samples. We develop an integrated behavior-based malware detection and classification system that incorporates the proposed approach, utilizing different types of structural characteristics of GsG graphs, namely, the Relational, the Quantitative and the Qualitative characteristics, evaluating its potentials on distinguishing malicious from benign samples and indexing the malicious ones into known malware families, proving it potentials against a set of malicious samples from a wide variety of known malware families.
      PubDate: 2022-06-15
       
  • Detection and classification of malicious software utilizing Max-Flows
           between system-call groups

    • Free pre-print version: Loading...

      Abstract: Abstract In this work, we present a graph-based method for the detection and classification of malicious software samples utilizing the Max-Flows exhibited through their corresponding behavioral graphs. In the proposed approach, we utilize the Max-Flows exhibited in the behavioral graphs that represent the interaction of software samples with their host environment, in order to depict the flow of information between System-call Groups. Obtaining the System-call Dependency Graphs of the samples under consideration, we construct the corresponding Group Relation Graphs, and proceed with the construction of the so-called, Flow Maps, another representation of Group Relation Graphs, that depict the Max-Flows among its vertices. Additionally, we provide a detailed representation over the architecture and the core components of our proposed approach for malware detection and classification discussing also several technical aspects regarding its implementation and deployment. Finally, we conduct a series of five-fold cross validation experiments in order to evaluate the potentials of our proposed approach in detecting and classifying malicious samples discussing also the exhibited experimental results.
      PubDate: 2022-06-14
       
  • Editorial

    • Free pre-print version: Loading...

      PubDate: 2022-06-01
      DOI: 10.1007/s11416-021-00403-0
       
 
JournalTOCs
School of Mathematical and Computer Sciences
Heriot-Watt University
Edinburgh, EH14 4AS, UK
Email: journaltocs@hw.ac.uk
Tel: +00 44 (0)131 4513762
 


Your IP address: 3.235.140.84
 
Home (Search)
API
About JournalTOCs
News (blog, publications)
JournalTOCs on Twitter   JournalTOCs on Facebook

JournalTOCs © 2009-