Journal of Cybersecurity and Information Management

Journal DOI

Submit Your Paper

2690-6775ISSN (Online) 2769-7851ISSN (Print)

Smart Model for Securing Software Defined Networks

Mohammed. I. Alghamdi , Abeer. Y. Salawi , Salwa. H. Alghamdi

Software defined networks (SDN) remain a hot research field as it provides controllable networking operations. The SDN controller can be treated as the operating system of the SDN model and it holds the responsibility of performing different networking applications. Despite the benefits of SDN, security remains a challenging problem. At the same time, distributed denial of services (DDoS) is a typical attack on SDN owing to centralized architecture, especially at the control layer of the SDN. This article develops a new Cat Swarm Optimization with Fuzzy Rule Base Classification (CSO-FRBCC) model for cybersecurity in SDN. The presented CSO-FRBCC model intends to effectually categorize the occurrence of DDoS attacks in SDN. To achieve this, the CSO-FRBCC model primarily pre-processes the input data to transform it to a uniform format. Besides, the CSO-FRBCC model employs FRBCC classifier for the recognition and classification of intrusions. Moreover, the parameter optimization of the FRBCC classification model is adjusted by the use of cat swarm optimization (CSO) algorithm which results in improved performance. A comprehensive set of simulations were carried out on benchmark dataset and the results highlighted the enhanced outcomes of the CSO-FRBCC model over the other recent approaches.

Read More


Vol. 10 Issue. 1 PP. 08-17, (2022)

Re-Evaluating the Necessity of Third-Party Antivirus Software on Windows Operating System

Faisal A. Garba , Rosemary M. Dima , A. Balarabe Isa , A. Abdulrazaq Bello , A. Sarki Aliyu , F. Umar Yarima , S. Abbas Ibrahim

There is a general assumption that one must purchase costly antivirus software products to defend one’s computer system. However, if one is using the Windows Operating System, the question that arises is whether one needs to purchase antivirus software or not. The Windows operating system has a market share of 31.15% behind Android with a market share of 41.56% worldwide amongst all the operating systems. This makes Windows a prime target for hacking due to its large user base. Windows 11 a recent upgrade to the Windows operating system has claimed to have taken its security to the next level. There is a need to evaluate the capability of the Windows 11 default security against antivirus evasion tools. This research investigated the capability of Windows 11 default security by evaluating it against 6 free and open-source antivirus evasion tools: TheFatRat, Venom, Paygen, Defeat Defender, Inflate and Defender Disabler. The criteria for the selection of the antivirus evasion tools were free and open source and recently updated. A research lab was set up using Oracle VirtualBox where two guest machines were installed: a Windows 11 victim machine and the Kali Linux attacking machine. The antivirus evasion tools were installed on the Kali Linux machine one at a time to generate a malware and pass it to the victim machine. Apache web server was used in holding the malicious sample for the Windows 11 victim machine to download. A score of 2 was awarded to an antivirus evasion tool that successfully evaded the Windows 11 security and created a reverse connection with the attacking machine. From the research results: TheFatRat had a 25% evasion score, Venom had 20% while the rest had a 0% evasion score. None of the payloads generated with the antivirus evasion tools was able to create a connection with the Kali Linux attacking machine. The research results imply that the default Windows 11 security is good enough to stand on its own. A third-party antivirus solution will only supplement the already good protection capability of Windows 11.

Read More


Vol. 10 Issue. 1 PP. 18-33, (2022)

Detection and Classification of Malware Using Guided Whale Optimization Algorithm for Voting Ensemble

Marwa M. Eid , M. I. Fath Allah

Malware is software that is designed to cause damage to computer systems. Locating malicious software is a crucial task in the cybersecurity industry. Malware authors and security experts are locked in a never-ending conflict. In order to combat modern malware, which often exhibits polymorphic behavior and a wide range of characteristics, novel countermeasures have had to be created. Here, we present a hybrid learning approach to malware detection and classification. In this scenario, we have merged the machine learning techniques of Random Forest and K-Nearest Neighbor Classifier to develop a hybrid learning model. We used current malware and an updated dataset of 10,000 examples of malicious and benign files, with 78 feature values and 6 different malware classes to deal with. We compared the model's results with those of current approaches after training it for both binary and multi-class classification. The suggested methodology may be utilized to create an anti-malware application that is capable of detecting malware on newly collected data.

Read More


Vol. 10 Issue. 1 PP. 34-42, (2022)

A Novel Intrusion Detection Framework (IDF) using Machine Learning Methods

Shereen H. Ali

An intrusion detection system is a critical security feature that analyses network traffic in order to avoid serious unauthorized access to network resources. For securing networks against potential breaches, effective intrusion detection is critical. In this paper, a novel Intrusion Detection Framework (IDF) is proposed. The three modules that comprise the suggested IDF are: (i) Data Pre-processing Module (DPM), (ii) Feature Selection Module (FSM), and Classification Module (CM). DPM collects and processes network traffic in order to prepare data for training and testing. The FSM seeks to identify the key elements for recognizing DPM intrusion attempts. An Improved Particle Swarm Optimization is used (IPSO). IPSO is a hybrid method that uses both filter and wrapper approaches to generate accurate and relevant information for the classification step that follows. Primary Selection Phase (PSP) and Completed Selection Phase (CSP) are the two consecutive feature selection phases in IPSO. PSP employs a filtering approaches to quickly identify the most significant features for detecting intrusion threats while eliminating those that are redundant or ineffective. In CSP, the next level of IPSO, this behavior reduces the computing cost. For accurate feature selection, CSP uses Binary Particle Swarm Optimization (Bi-PSO) as a wrapper approach. Based on the most effective features identified by FSM, The CM aims to identify intrusion attempts with the minimal processing time. Therefore, a K-Nearest Neighbor KNN classifier has been deployed. As a result, based on the significant features identified by the IPSO technique, KNN can accurately detect intrusion attacks with the least amount of processing time. The experimental results have shown that the proposed IDF outperforms other recent techniques using UNSW_NB-15 dataset. The accuracy, precision, recall, F1score, and processing time of the experimental outcomes of our findings were assessed. Our results were competitive with an accuracy of 99.8%, precision of 99.94%, recall of 99.85%, F1-score of 99.89%, and excursion time of 59.15s when compared to the findings of the current works.

Read More


Vol. 10 Issue. 1 PP. 43-54, (2022)

An Enhanced Hybrid Chaotic Technique for Protecting Medical Images

Marwa M. Eid , Shaimaa A. Hussien

Medical data has attracted much interest; a quick, lossless, and secure cryptosystem is required for saving and transferring images over open networks while maintaining the image's details. This paper shows how to protect medical images with an encryption method based on hybrid chaotic maps. The proposed hybrid method is constructed to deal with problems like confusion and diffusion with a large key space. The technique uses a mix of different chaos maps for a specific set of control settings. There is a complete explanation of how encryption and decryption operations work. The security analysis results showed that the suggested cryptosystem is safe from statistical, brute force, and differential attacks. Compared to already known methods, the estimated times for encryption and decryption make it likely that the proposed scheme can be applied in real-time applications.

Read More


Vol. 10 Issue. 1 PP. 55-68, (2022)