Editorial: Journal of Cyber Security and Risk Auditing
By Youakim Badr
PDFAbstract
Dear Readers, It is with great pleasure that we introduce to you our upcoming journal, "Journal of Cyber Security and Risk Auditing." This journal is dedicated to exploring the advancements in the field of cybersecurity and providing a platform for researchers and scholars to exchange ideas, fostering progress in the area of cybersecurity and risk auditing. On behalf of the editorial team, I extend our heartfelt gratitude and a warm welcome to the scholars, experts, researchers, and readers who support and follow our journal. Purpose of the Journal The Journal of Cyber Security and Risk Auditing aims to promote the development of cybersecurity fields, enhance the research level of cybersecurity technologies, and strengthen academic exchanges on an international scale. We are committed to building an open, inclusive, and innovative platform for researchers in the field of cybersecurity to present their findings, share experiences, and exchange ideas.
Adversarial Attack Detection in Industrial Control Systems Using LSTM-Based Intrusion Detection and Black-Box Defense Strategies
By Motaz Abdulaziz Almedires , Ahmed Elkhalil , Mohammed Amin
PDFAbstract
In industrial control systems (ICS), neural networks are increasingly being utilized to detect intrusions. The term ICS refers to a group of controlling technology and associated equipment that includes the devices, systems, networks, and controllers that are used to manage and/or execute manufacturing processes. Each ICS is developed to successfully handle work digitally and operates differently depending on the business. ICS devices and procedures are now found in practically every industry sector and key infrastructure, including production, transportation, power, and treatment plants. To avoid detection, attackers who aim to inflict harm on an ICS may resort to techniques such as adversarial examples to mask their attacks. ICS-based autoregressive intrusion detection systems (IDSs) are the focus of this study because of the unique issues that arise when being attacked. The attacker here is an LSTM-based IDS that can compromise a ICSs subset of sensors. In the wild cyber-physical attacks take place in ICSs that are masked from the IDS by the attacker manipulating data provided to it. Automation of ICS intrusion detection has become more flexible and efficient thanks to the growth and use of IDSs based on machine learning. Adversarial machine learning (AML), a term coined to describe cyberattacks on learning models, has been formed developed in response to the advent of the IDS. In ICSs, such attacks can have disastrous repercussions if the IDS is bypassed. Delay in attack detection could lead to damage to infrastructure, financial loss, and even human life. In this study we are proposing a defense study method that have been effective in combatting adversarial threats to ICSs and to assess adversarial attacks successfully in real-world circumstances. We are proposing a security solution IDS which can detect an adversarial attack on the industrial control system. We were able in this study to detect a black box attack by conducting DDoS attack scenario trained by black box adversarial attack in the ICS environment and use data from an ICS to train a classification model and test the ability to detect cyber intrusions in a similar context using IDS.
Security and Privacy Challenges and Solutions in Autonomous Driving Systems: A Comprehensive Review
By Giuseppe Lippi, Mahmoud Aljawarneh, Qais Al-Na’amneh, Rahaf Hazaymih, Lachhman Das Dhomeja
PDFAbstract
The rapid advancement of autonomous driving technology has transformed modern transportation, offering enhanced safety, efficiency, and convenience. However, as these vehicles become increasingly connected and reliant on complex software and sensor-based systems, they also become prime targets for a wide range of cyber and privacy threats. This review paper comprehensively examines the current landscape of security and privacy in autonomous driving systems. We explore emerging attack vectors targeting key components such as sensor perception, vehicle-to-everything (V2X) communication, machine learning models, and internal control systems. Particular attention is given to adversarial machine learning, GPS spoofing, Controller Area Network (CAN) bus attacks, and data privacy breaches. In parallel, we evaluate existing defense mechanisms and mitigation strategies, including intrusion detection systems (IDS), secure communication protocols, hardware-based security modules, and privacy-preserving architectures. We also highlight key challenges in securing autonomous systems, identify gaps in current research, and propose directions for future work to build resilient and trustworthy autonomous vehicles. This review aims to provide researchers and practitioners with a consolidated foundation for understanding and advancing the security posture of next-generation autonomous driving technologies.
A Hybrid Genetic Algorithm and Hidden Markov Model-Based Hashing Technique for Robust Data Security
By Aseel AlShuaibi, Muhammad Waqas Arshad, MohammedMaayah
PDFAbstract
The growing dependence on technology to store, process, and transmit data across interconnected systems has significantly elevated the need for robust data security. Modern computer systems emphasize the critical principles of authentication and data integrity. With the rise in cyber threats, the importance of securing data transactions against unauthorized or unintentional modifications has become more apparent than ever. As computers continue to play an increasingly vital role in daily operations, managing and safeguarding data alterations is essential. To address these challenges, businesses must adopt proactive measures to reinforce the security of sensitive data and passwords. Hashing functions, a well-established cryptographic approach, have proven effective in addressing a wide range of authentication and data integrity issues. A hash function generates a fixed-length output, known as a "digest," from an input. This one-way function is irreversible, providing a secure method of encoding data. However, hash functions are still vulnerable to various attacks, including dictionary attacks, brute-force attacks, and the use of lookup tables. The strength of a hashing function can be evaluated based on the number of attempts required to break it, the size of the hash key, and the specific algorithm employed. In response, this study proposes a novel hashing technique that integrates a Genetic Algorithm (GA) and Hidden Markov Models within a block hashing framework. Inspired by evolutionary biology, the GA applies operators such as mutation, crossover (recombination), and selection to simulate natural selection, offering a dynamic and efficient method for enhancing data security. The proposed algorithm utilizes the Hill cipher as an encryption mechanism and incorporates a singular Hill cipher key matrix to enhance security and reduce the likelihood of hash collisions or reversals. Experimental results demonstrate that the developed algorithm exhibits strong resistance to multiple attack types and outperforms several existing methods in terms of accuracy and robustness.
Analytical Analysis of Cyber Threats and Defense Mechanisms for Web Application Security
By Bashaer Almelehy, Mohammad Ahmad, Ghalia Nassreddine, Mohammed Maayah, Aparna Achanta
PDFAbstract
The use of internet technologies offers numerous advantages and has significantly transformed our daily lives, becoming a primary means of communication. Additionally, many businesses have shifted their services to digital platforms by leveraging web application technologies. As a result, vast amounts of data are exchanged between users and web applications—much of which contains sensitive and critical information. This makes them prime targets for cyber-attacks, including data theft and the unauthorized disclosure of confidential information. According to the Open Web Application Security Project (OWASP), there are ten major risks that pose significant threats to web applications. In response, this paper aims to provide a thorough understanding of web applications, the potential cyber threats they face, and a detailed review of existing literature related to cybersecurity risks in web applications. To achieve this, a comprehensive literature review will be conducted to identify the primary vulnerabilities in web applications and explore current methods for mitigating and preventing these security threats.