Anomaly detection is a challenge well-suited to machine learning and in the context of information security, the benefits of unsupervised solutions show significant promise. Recent attention to Graph Neural Networks (GNNs) has provided an innovative approach to learn from attributed graphs. Using a GNN encoder-decoder architecture, anomalous edges between nodes can be detected during the reconstruction phase. The aim of this research is to determine whether an unsupervised GNN model can detect anomalous network connections in a static, attributed network. Network logs were collected from four corporate networks and one artificial network using endpoint monitoring tools. A GNN-based anomaly detection system was designed and employed to score and rank anomalous connections between hosts. The model was validated against four realistic experimental scenarios against the four large corporate networks and the smaller artificial network environment. Although quantitative metrics were affected by factors including the scale of the network, qualitative assessments indicated that anomalies from all scenarios were detected. The false positives across each scenario indicate that this model in its current form is useful as an initial triage, though would require further improvement to become a performant detector. This research serves as a promising step for advancing this methodology in detecting anomalous network connections. Future work to improve results includes narrowing the scope of detection to specific threat types and a further focus on feature engineering and selection.

The escalating visibility of secure direct object reference (IDOR) vulnerabilities in API security, as indicated in the compilation of OWASP Top 10 API Security Risks, highlights a noteworthy peril to sensitive data. This study explores IDOR vulnerabilities found within Android APIs, intending to clarify their inception while evaluating their implications for application security. This study combined the qualitative and quantitative approaches. Insights were obtained from an actual penetration test on an Android app into the primary reasons for IDOR vulnerabilities, underscoring insufficient input validation and weak authorization methods. We stress the frequent occurrence of IDOR vulnerabilities in the OWASP Top 10 API vulnerability list, highlighting the necessity to prioritize them in security evaluations. There are mitigation recommendations available for developers, which recognize its limitations involving a possibly small and homogeneous selection of tested Android applications, the testing environment that could cause some inaccuracies, and the impact of time constraints. Additionally, the study noted insufficient threat modeling and root cause analysis, affecting its generalizability and real-world relevance. However, comprehending and controlling IDOR dangers can enhance Android API security, protect user data, and bolster application resilience.

Vendor cybersecurity risk assessment is of critical importance to smart city infrastructure and sustainability of the autonomous mobility ecosystem. Lack of engagement in cybersecurity policies and process implementation by the tier companies providing hardware or services to OEMs within this ecosystem poses a significant risk to not only the individual companies but to the ecosystem overall. The proposed quantitative method of estimating cybersecurity risk allows vendors to have visibility to the financial risk associated with potential threats and to consequently allocate adequate resources to cybersecurity. It facilitates faster implementation of defense measures and provides a useful tool in the vendor selection process. The paper focuses on cybersecurity risk assessment as a critical part of the overall company mission to create a sustainable structure for maintaining cybersecurity health. Compound cybersecurity risk and impact on company operations as outputs of this quantitative analysis present a unique opportunity to strategically plan and make informed decisions towards acquiring a reputable position in a sustainable ecosystem. This method provides attack trees and assigns a risk factor to each vendor thus offering a competitive advantage and an insight into the supply chain risk map. This is an innovative way to look at vendor cybersecurity posture. Through a selection of unique industry specific parameters and a modular approach, this risk assessment model can be employed as a tool to navigate the supply base and prevent significant financial cost. It generates synergies within the connected vehicle ecosystem leading to a safe and sustainable economy.

An end-to-end cyber risk assessment process is presented that is based on the combination of guidelines from the National Institute of Standards \& Technology (NIST), the standard 5\times 5 risk matrix, and quantitative methods for generating loss exceedance curves.The NIST guidelines provide a framework for cyber risk assessment, and the standard 5\times 5 matrix is widely used across the industry for the representation of risk across multiple disciplines. Loss exceedance curves are a means of quantitatively assessing the loss that occurs due to a given risk profile. Combining these different techniques enables us to follow the guidelines, adhere to standard 5\times 5 risk management practices and develop quantitative metrics simultaneously. Our quantification process is based on the consideration of the NASA and JPL Cost Risk assessment modeling techniques as we define the cost associated with the cybersecurity risk profile of a mission as a function of the mission cost.

In recent times, the research looks into the measures taken by financial institutions to secure their systems and reduce the likelihood of attacks. The study results indicate that all cultures are undergoing a digital transformation at the present time. The dawn of the Internet ushered in an era of increased sophistication in many fields. There has been a gradual but steady shift in attitude toward digital and networked computers in the business world over the past few years. Financial organizations are increasingly vulnerable to external cyberattacks due to the ease of usage and positive effects. They are also susceptible to attacks from within their own organisation. In this paper, we develop a machine learning based quantitative risk assessment model that effectively assess and minimises this risk. Quantitative risk calculation is used since it is the best way for calculating network risk. According to the study, a network s vulnerability is proportional to the number of times its threats have been exploited and the amount of damage they have caused. The simulation is used to test the model s efficacy, and the results show that the model detects threats more effectively than the other methods.

Over the past decade, the number of cyber attack incidents targeting critical infrastructures such as the electrical power system has increased. To assess the risk of cyber attacks on the cyber-physical system, a holistic approach is needed that considers both system layers. However, the existing risk assessment methods are either qualitative in nature or employ probabilistic models to study the impact on only one system layer. Hence, in this work, we propose a quantitative risk assessment method for cyber-physical systems based on probabilistic and deterministic techniques. The former uses attack graphs to evaluate the attack likelihood, while the latter analyzes the potential cyber-physical impact. This is achieved through a dynamic cyber-physical power system model, i.e., digital twin, able to simulate power system cascading failures caused by cyber attacks. Additionally, we propose a domain-specific language to describe the assets of digital substations and thereby model the attack graphs. Using the proposed method, combined risk metrics are calculated that consider the likelihood and impact of cyber threat scenarios. The risk assessment is conducted using the IEEE 39-bus system, consisting of 27 user-defined digital substations. These substations serve as the backbone of the examined cyber system layer and as entry-points for the attackers. Results indicate that cyber attacks on specific substations can cause major cascading failures or even a blackout. Thereby, the proposed method identifies the most critical substations and assets that must be cyber secured.

Cybersecurity is largely based on the use of frameworks (ISO27k, NIST, etc.) which main objective is compliance with the standard. They do not, however, address the quantification of the risk deriving from a threat scenario. This paper proposes a methodology that, having evaluated the overall capability of the controls of an ISO27001 framework, allows to select those that mitigate a threat scenario and evaluate the risk according to a Cybersecurity Risk Quantification model.

Cybersecurity risk analysis is crucial for orga-nizations to assess, identify, and prioritize possible threats to their systems and assets. Organizations aim to estimate the loss cost in case cybersecurity risks occur to decide the control actions they should invest in. Quantitative risk analysis aids organizations in making well-informed decisions about risk mitigation strategies and resource allocation. Therefore, organizations must use quantitative risk analysis methods to identify and prioritize risks rather than relying on qualitative methods. This paper proposes a spreadsheet-based quantitative risk analysis method based on verbal likelihoods. Our approach relies on tables constructed by experts that map between linguistic likelihood and possible probability ranges. Using linguistic terms to estimate the probability of risk occurrence will help experts apply quantitative estimation easily by using common language as input, thus eliminating the need to assign precise probabilities. We experimented with real examples to validate our approach s accuracy and reliability and compared our results with those obtained from another method. Also, we conducted tests to measure our model s performance and robustness. Our study showcases the effectiveness of our approach and demonstrates its potential for risk analysts to use it in real-world applications.

In modern conditions, the relevance of the problem of assessing the information security risks for automated systems is increasing. Risk assessment is defined as a complex multi-stage task. Risk assessment requires prompt decision-making for effective information protection. To solve this problem, a method for automating risk assessment based on fuzzy cognitive maps is proposed. A fuzzy cognitive map is a model that can be represented as a directed graph in which concepts and connections between them have own weights. The automation process allows evaluate complex relationships between factors and threats, providing a more comprehensive risk assessment. The application of fuzzy cognitive maps proved to be an effective tool for automation, promptness, and quality in risk assessment.

Cyber security is a critical problem that causes data breaches, identity theft, and harm to millions of people and businesses. As technology evolves, new security threats emerge as a result of a dearth of cyber security specialists equipped with up-to-date information. It is hard for security firms to prevent cyber-attacks without the cooperation of senior professionals. However, by depending on artificial intelligence to combat cyber-attacks, the strain on specialists can be lessened. as the use of Artificial Intelligence (AI) can improve Machine Learning (ML) approaches that can mine data to detect the sources of cyberattacks or perhaps prevent them as an AI method, it enables and facilitates malware detection by utilizing data from prior cyber-attacks in a variety of methods, including behavior analysis, risk assessment, bot blocking, endpoint protection, and security task automation. However, deploying AI may present new threats, therefore cyber security experts must establish a balance between risk and benefit. While AI models can aid cybersecurity experts in making decisions and forming conclusions, they will never be able to make all cybersecurity decisions and judgments.

Anomaly detection is a challenge well-suited to machine learning and in the context of information security, the benefits of unsupervised solutions show significant promise. Recent attention to Graph Neural Networks (GNNs) has provided an innovative approach to learn from attributed graphs. Using a GNN encoder-decoder architecture, anomalous edges between nodes can be detected during the reconstruction phase. The aim of this research is to determine whether an unsupervised GNN model can detect anomalous network connections in a static, attributed network. Network logs were collected from four corporate networks and one artificial network using endpoint monitoring tools. A GNN-based anomaly detection system was designed and employed to score and rank anomalous connections between hosts. The model was validated against four realistic experimental scenarios against the four large corporate networks and the smaller artificial network environment. Although quantitative metrics were affected by factors including the scale of the network, qualitative assessments indicated that anomalies from all scenarios were detected. The false positives across each scenario indicate that this model in its current form is useful as an initial triage, though would require further improvement to become a performant detector. This research serves as a promising step for advancing this methodology in detecting anomalous network connections. Future work to improve results includes narrowing the scope of detection to specific threat types and a further focus on feature engineering and selection.

Cyberattacks, particularly those that take place in real time, will be able to target an increasing number of networked systems as more and more items connect to the Internet of items. While the system is operational, it is susceptible to intrusions that might have catastrophic consequences, such as the theft of sensitive information, the violation of personal privacy, or perhaps physical injury or even death. These outcomes are all possible while the system is operational. A mixed-methods research approach was required in order to fulfill the requirements for understanding the nature and scope of real-time assaults on IoT-powered cybersecurity infrastructure. The quantitative data that was utilized in this research came from an online survey of IoT security professionals as well as an analysis of publicly available information on IoT security incidents. For the purpose of gathering qualitative data, in-depth interviews with industry experts and specialists in the area of Internet of Things security were conducted. The authors provide a novel method for identifying cybersecurity flaws and breaches in cyber-physical systems, one that makes use of deep learning in conjunction with blockchain technology. This method has the potential to be quite useful. Their proposed technique compares and evaluates unsupervised and deep learning-based discriminative methods, in addition to introducing a generative adversarial network, in order to determine whether cyber threats are present in IICs networks that are powered by IoT. The results indicate an improvement in performance in terms of accuracy, reliability, and efficiency in recognizing all types of attacks. The dropout value was found to be 0.2, and the epoch value was set at 25.

The escalating visibility of secure direct object reference (IDOR) vulnerabilities in API security, as indicated in the compilation of OWASP Top 10 API Security Risks, highlights a noteworthy peril to sensitive data. This study explores IDOR vulnerabilities found within Android APIs, intending to clarify their inception while evaluating their implications for application security. This study combined the qualitative and quantitative approaches. Insights were obtained from an actual penetration test on an Android app into the primary reasons for IDOR vulnerabilities, underscoring insufficient input validation and weak authorization methods. We stress the frequent occurrence of IDOR vulnerabilities in the OWASP Top 10 API vulnerability list, highlighting the necessity to prioritize them in security evaluations. There are mitigation recommendations available for developers, which recognize its limitations involving a possibly small and homogeneous selection of tested Android applications, the testing environment that could cause some inaccuracies, and the impact of time constraints. Additionally, the study noted insufficient threat modeling and root cause analysis, affecting its generalizability and real-world relevance. However, comprehending and controlling IDOR dangers can enhance Android API security, protect user data, and bolster application resilience.

Over the past decade, the number of cyber attack incidents targeting critical infrastructures such as the electrical power system has increased. To assess the risk of cyber attacks on the cyber-physical system, a holistic approach is needed that considers both system layers. However, the existing risk assessment methods are either qualitative in nature or employ probabilistic models to study the impact on only one system layer. Hence, in this work, we propose a quantitative risk assessment method for cyber-physical systems based on probabilistic and deterministic techniques. The former uses attack graphs to evaluate the attack likelihood, while the latter analyzes the potential cyber-physical impact. This is achieved through a dynamic cyber-physical power system model, i.e., digital twin, able to simulate power system cascading failures caused by cyber attacks. Additionally, we propose a domain-specific language to describe the assets of digital substations and thereby model the attack graphs. Using the proposed method, combined risk metrics are calculated that consider the likelihood and impact of cyber threat scenarios. The risk assessment is conducted using the IEEE 39-bus system, consisting of 27 user-defined digital substations. These substations serve as the backbone of the examined cyber system layer and as entry-points for the attackers. Results indicate that cyber attacks on specific substations can cause major cascading failures or even a blackout. Thereby, the proposed method identifies the most critical substations and assets that must be cyber secured.

The Web of Things (IoT), which aids in the creation opportunities to meet various business requirements, support in improving company activities, create and interact with the customers for effective delivery of goods and services, has seen overall expansion and development fueled by the dynamic business environment. The utilization of IoT and similar solutions has expanded, raising concerns about security vulnerabilities and the crucial actions that management must take to safeguard data and improve operational efficiency. The study focuses more on analyzing the key elements of IoT technologies that an organization may utilize to protect itself from security threats and take the necessary countermeasures to achieve sustainable growth. Each kind of network intrusion is thought to be linked around one or more different architectural levels; as a result, suitable authenticity, confidentially, and validation need to be established for greater protection. SPSS is utilized in the study s qualitative research design to analyses the data and offer insight based on the findings.

Cybersecurity risk analysis is crucial for orga-nizations to assess, identify, and prioritize possible threats to their systems and assets. Organizations aim to estimate the loss cost in case cybersecurity risks occur to decide the control actions they should invest in. Quantitative risk analysis aids organizations in making well-informed decisions about risk mitigation strategies and resource allocation. Therefore, organizations must use quantitative risk analysis methods to identify and prioritize risks rather than relying on qualitative methods. This paper proposes a spreadsheet-based quantitative risk analysis method based on verbal likelihoods. Our approach relies on tables constructed by experts that map between linguistic likelihood and possible probability ranges. Using linguistic terms to estimate the probability of risk occurrence will help experts apply quantitative estimation easily by using common language as input, thus eliminating the need to assign precise probabilities. We experimented with real examples to validate our approach s accuracy and reliability and compared our results with those obtained from another method. Also, we conducted tests to measure our model s performance and robustness. Our study showcases the effectiveness of our approach and demonstrates its potential for risk analysts to use it in real-world applications.

Smartphones have completely altered the mobile communication scene. Wi-Fi, global positioning system navigation, high-resolution cameras, and touchscreens with high-speed internet access are just some of the cutting-edge capabilities that these devices offer, allowing users to stay in constant contact with the present. Since many of these features are embedded deeply in the mobile operating system, they are typically inaccessible to the average user. However, Google released Android, a revolutionary operating system. Because of its open system architecture, this platform encourages third-party development and a debugging environment that users may change to create their own unique apps. In this research project, we examine the development of an Emergency Based Remote Collateral Tracking System app on the Android mobile platform from Google. There are three main forms of emergencies: those involving the heart, those involving personal safety, and those involving the roads. Users who own and operate motor vehicles are the primary focus of this app. Our program can keep tabs on the driver’s pulse by connecting to a heart rate monitor. Our application has a backup function in case of anomalies. First, it sends SMS messages containing the user’s location data after using GPS to do so.

These days, safety measures can t be neglected. In a world where digital risks are becoming more prevalent, efficient security has become an essential aspect of any system or business. Protecting valuables now requires a defensive strategy with several layers. Security systems play an important role in today s modern, industrialised society. The security system is primarily intended to address the need for the protection of hard-earned treasures (jewels). Unlike the current method, which uses physical locks that are readily falsified, this system uses Bluetooth and RFID tags in conjunction with digital (electronic) code locks to unlock the door automatically once the series of authentications is validated and emits alarm noises when any discrepancy happens. The ability of subsequent layers of defense to prevent intrusion is unaffected by the failure of an earlier one to provide detection. In this effort, we use IoT to design and build a fully automated security system that will operate with no more human intervention when it is put into place. In addition, the system s overall cost of adoption is far lower than that of any other consumer security solution now on the market.

In today s world, security is a very important issue. People should always keep their belongings safe. To increase security, this research work proposes a IoT-based smart lockers with sensors and access keys with security, verification, and user-friendly tools. This model alerts the user when someone else tries to access their locker and quickly sends an alarm to the authorized user, and provides the option to either grant or reject access to the valid user. In this paper, smart locker is kept registered early to use a locker in the bank, office, home, etc. to ensure safety. The user demands to send an unlock direction with the help of microcontroller NUDE MCU ESP8266 and after accepting the command from the cloud (BLYNK APP), only the user can unlock the closet and access the valuables. This study has also introduced the encroachment detection in lockers with sensors and finally installed smart lockers with fire alarms for security and reliability.

Electronic devices and appliances are increasingly becoming a quintessential part of every household with the recent development and innovations in the field of technology affecting the day-to-day lives of individuals. Automation has caught the fame as people struggle to keep up with the demands of work, making it an easy solution to operate devices and machines to meet the individual needs. The paper describes the creation and execution of an affordable, versatile, and safe home automation system that is controlled through a mobile phone. The system relies on an independent Arduino BT board, which is connected to home appliances via relays attached to its input/output ports. Wireless communication is used to connect the mobile phone and the Arduino BT board. The system is designed to be both economical and expandable, allowing for control of a range of devices with minimal changes to its basic structure. The focus of the paper is to explain how to manage and regulate electronic devices using Android smartphones. The paper also outlines a home automation system that prioritizes security and safeguards user privacy. This system is designed to be affordable and flexible, making it possible to control various devices with minimalchanges to its core structure. Additionally, the appliances in the system are protected by passwords to ensure that only authorized users can access them.

The increasing prevalence of cyber threats necessitates the exploration of cybersecurity challenges in sustainable operating systems. This research paper addresses these challenges by examining the dynamic landscape of cyber threats and the modifications required in operating systems to ensure robust security measures. Through the classification of these threats, the diverse nature of attacks faced by operating systems is revealed, highlighting the need for proactive security measures. Furthermore, the study investigates current cyber security solutions and prevention mechanisms employed to mitigate these threats. It also explores the modifications and challenges that operating systems must undergo in response to cybersecurity crimes, emphasizing the significance of proactive measures to address vulnerabilities exploited by cybercriminals.

Technology has improved, and smart locking systems have become more sophisticated. In this case, the android-based Smart System is primarily intended for multimode operations. Such a system is necessary in banks and businesses since it provides f u n c t i o n s that let users control locks. The implementation’s efficiency the system is incredibly helpful because of its functionality and user-friendly interface. Some homeowners aim to connect their home’s numerous home automation devices. Those connected to a Windows-based PC are the most popular home controllers. In our study, we introduced a form of smart technology that utilized Bluetooth while using a mobile smartphone. Consequently, using it will be simpler and more effective. Additionally, it supported the free and open-source Android and Arduino platforms. This paper proposes a door lock automation system that uses an Android smartphone with Bluetooth as the first piece of hardware. Following a description of the design and software development process, a Bluetooth-based Smartphone application for locking and unlocking doors is demonstrated. The task module acts as the agent in the hardware design for the door-lock system, the Arduino microcontroller serves as the controller and data processing hub, and the solenoid acts as the door lock output. The results of each test show that it is compatible with the original plan for this study.

This paper focuses on the adoption of biometric and RFID security gadgets as innovative solutions for enhancing door lock systems. The traditional reliance on physical keys has proven vulnerable to security breaches, prompting the need for more robust measures. Biometric features such as Fingerprint, Voice and Bluetooth offer unparalleled security by leveraging unique biological characteristics for authentication. Additionally, integrating RFID technology enables convenient access control through assigned cards or tags, eliminating the need for physical keys or complex passwords. The combination of these cutting-edge solutions establishes a comprehensive security infrastructure, significantly reducing risks associated with conventional lock systems. This research highlights the benefits and applications of these technologies in various settings, emphasizing their role in creating a safer environment for individuals and organizations.

Every person must take precautions in the current pandemic crisis, such as wearing protective gear, keeping a safe distance, cleaning their hands, and avoiding touching anything unless absolutely essential. However, there is a potential of disease transmission while touching objects like tables, doors, cars, and other things. Therefore, this study has proposed a proposal to stop them; the project is based on automation, in which an automatic door closing and opening mechanism has been created once the voice command is given. In this scenario, when a proper voice command is provided, the mechanism is activated to open and close the door automatically. Hence that there is no direct human contact with the door, which will assist stop or slow the spread of pandemic disease. The developed Arduino-based module can automatically close and open the door. These devices produced a regulator for the input, which uses the Android s Bluetooth signal. Arduino-based Android customers may easily open and close the door with their phones by communicating via Bluetooth technology. Within range, Bluetooth Classic (BT) makes it possible to connect an Android device. You may open a door with a personalized audio message and operate it by speaking into modules. Here, everyone is using various modules, such as voice commands, to control various modules. When a voice command is provided, the door will open and close on its own.

The advancement of technology is challenging for designers of the security systems. When securing a property or different valuable items, it must be kept into account that often criminals are equipped with performant electric or electronic devices, constructed to disable security systems and to remove any trace of their activity. In consequence, reliable and fast responding security systems must be constructed. This paper proposes a design based on two different microcontrollers, both using Real Time Operating Systems, which has an increased capability to resist at attacks from intruders, and to warn the authorities as soon as a unauthorized access was detected in the secured space. This project is characterized by a low-cost implementation and an efficient operation, given that it is fast responding, and it contains two physically separated modules, making its disabling by intruders more difficult.