Volume 2024, Issue 1 - Table of Contents
Editorial: Journal of Cyber Security and Risk Auditing
By prof Youakim Badr
PDFAbstract
Dear Readers, It is with great pleasure that we introduce to you our upcoming journal, "Journal of Cyber Security and Risk Auditing." This journal is dedicated to exploring the advancements in the field of cybersecurity and providing a platform for researchers and scholars to exchange ideas, fostering progress in the area of cybersecurity and risk auditing. On behalf of the editorial team, I extend our heartfelt gratitude and a warm welcome to the scholars, experts, researchers, and readers who support and follow our journal. Purpose of the Journal The Journal of Cyber Security and Risk Auditing aims to promote the development of cybersecurity fields, enhance the research level of cybersecurity technologies, and strengthen academic exchanges on an international scale. We are committed to building an open, inclusive, and innovative platform for researchers in the field of cybersecurity to present their findings, share experiences, and exchange ideas.
Secure Offline Smart Office Automation System Using ESP32 and Bluetooth Control Architecture
By Mahmood A. Al-Shareeda, Ahmed Nader Jafer, Mohammed Tahseen Hashem, Murtaza Salman Fajr
PDFAbstract
This paper describes the development and deployment of an affordable and secure smart office automation system which is completely offline and it use Bluetooth technology and ESP32 microcontroller. In situations where internet access is limited or security is of utmost concern, the system provides an app-based control over the office devices like lighting, blinds, door access and alert systems, in real- time. The design eliminates dependence on the cloud, which in turn mitigates security threats from the outside, meanwhile, local Bluetooth communication shortens response time and cuts power consumption. Primary security requirements are direct device linking, local command control and encryption-capable communication protocols. Experimental results substantiate quick response of devices (<150) ms, low power consumption and robustness in the indoor range of Bluetooth (10 m). The device is designed to be modular to enable extension of the system itself including however not limited to environmental sensors, GUI based mobile applications and cutting edge authentication protocols. This paper presents proof to ant small-to-medium sized enterprises about the availability of a secure and offline smart office system which is cost-effective, user-friendly and immune against security threats from outside.
Enhancing DDoS Attack Detection and Mitigation in SDN Using Advanced Machine Learning Techniques
By Nathaniel Frederick, Aitizaz Ali
PDFAbstract
The introduction of Software-Defined Networking (SDN) as a new infrastructure has demonstrated significant advantages over traditional networks in terms of scalability, flexibility, and security. However, SDN networks are also more susceptible to Distributed Denial of Service (DDoS) attacks, which can lead to a loss of system availability. Therefore, in this research, a machine learning-based model is developed to detect and prevent DDoS attacks in SDN environments. Our approach extends traditional flow-based features by incorporating additional parameters such as average flow packet size and recent flow history, among others, to enhance detection accuracy. Six machine learning models—Logistic Regression (LR), Naïve Bayes (NB), K-Nearest Neighbors (KNN), Support Vector Machine (SVM), Decision Tree (DT), and Random Forest (RF)—were evaluated using the CIC-DDoS2019 dataset. The results show that the Random Forest model achieved the highest detection rate with the lowest false positive rate compared to the other models, while also having minimal impact on normal traffic. The proposed system functions as an Intrusion Prevention System (IPS) by sampling flow parameters from Open Flow switches at intervals. Upon detecting an attack, the system applies traffic policing measures. Experimental results confirm that the Random Forest model achieved a high F1-score of 99.87%, making it a promising candidate for real-time DDoS detection and mitigation in SDN networks.
A Comprehensive Review of Machine Learning Approaches for Android Malware Detection
By Aneesha Davarasan, Joshua Samual, Kulothunkan Palansundram, Aitizaz Ali
PDFAbstract
In today's digital age, smartphones have evolved beyond communication devices, becoming integral to various aspects of daily life. Android, as a leading mobile operating system, dominates the market due to its open-source nature and vast user base. However, this widespread adoption has made it a prime target for increasingly sophisticated malware attacks. Traditional malware detection methods, primarily reliant on signature recognition, have proven insufficient in countering these dynamic threats. This paper provides a detailed review of Android malware detection approaches leveraging machine learning techniques. By examining the underlying Android architecture and security models, we explore static, dynamic, and hybrid analysis methods, highlighting the crucial role of feature selection in improving detection accuracy. Additionally, we address the significant challenges posed by deterioration in detection model performance over time and evasion tactics employed by malware, proposing advanced strategies such as adversarial training and regular model updates to enhance system resilience. This review aims to synthesize current methodologies, offering a critical evaluation and identifying potential avenues for future research to fortify Android malware detection systems.
Cyber Security in Data Breaches
By Ayed Aldossary, Talal Algirim, Ibrahim Almubarak, Khalid Almuhish
PDFAbstract
In today's increasingly digital world, cyber-attacks have emerged as one of the most pressing threats to individuals, organizations, and national infrastructure. The consequences of such attacks are far-reaching, including financial losses, disruptions to daily operations, exposure of sensitive data, and even risks to public safety and national security. As cyber threats grow in frequency and sophistication, the ability to detect and prevent them becomes more critical. Notably, social media has shown potential as a tool for early detection of cyber incidents, with users acting as real-time social sensors. However, leveraging open-source indicators from social media remains a complex challenge due to the unstructured nature of the data and potential misinformation. Furthermore, as the integration of emerging technologies becomes central to business efficiency and innovation, the corresponding increase in cyber vulnerabilities poses significant risks. Data breaches—whether intentional or accidental—represent a persistent danger to organizations of all sizes, often involving the unauthorized exposure of confidential personal and corporate information. To address these threats, this paper explores technical cybersecurity practices such as the deployment of firewalls, malware protection, intrusion detection systems (IDS), and other defense mechanisms that help eliminate vulnerabilities and strengthen digital resilience. The paper emphasizes the importance of a proactive, multi-layered cybersecurity strategy to safeguard data and ensure secure, trustworthy digital environments.