Connectivity and data exchange are key features of Industry 4.0. In this paradigm, (Industrial) Internet of Things ((I)IoT) devices are a vital component facilitating the collection and transmission of environmental data from the physical sys- tem to the central station for processing and analysis(Digital Twin). However, although (I)IoT devices play a critical role in this process, they are not inherently equipped to run strong encryption mechanisms to secure the data they transmit over wired or wireless channels. This research aims to explore the potential of Digital Twins (DT) in securing Industry 4.0 appli- cations and the security mechanism employed to ensure con- fidentiality, integrity, and authentication of data communi- cated between (I)IoT and DT through a Systematic Literature Review (SLR). This systematic literature review, based on the analysis of 67 papers published between 2018 and 2023, un- derscores the evolving significance of Digital Twin technol- ogy, particularly within the ambit of Industry 4.0. The find- ings illuminate the pervasive influence of Digital Twin tech- nology across multiple industrial sectors. The result SLR re- vealed that DT is growing and being widely adopted as a se- curity tool particularly in Industry 4.0 using enabling tech- nology like machine learning, data analytics, blockchain, and 5G networks to provide security solutions such as intrusion detection, vulnerability assessment, cyber range, and threat intelligence.

Modern technologies of computing cloud are showing great promise, but at the same time create new security challenges that hinder full acceptance. Given that most of these services often use cloud networks as channels for communication, securing data transmission is crucial. This paper proposes a hybrid encryption algorithm, the proposed two-layered PRC6 cipher, developed to achieve high security in cloud computing environments with minimal resource constraints. The PRC6 cipher incorporates enhancements from Cha-cha into an extension of the RC6 cipher. PRC6 implements double encryption. At the first level, the plain text is divided into four equal parts, each encrypted by processes derived from RC6, which include shifting, summation, modulo arithmetic, and XOR with a generated key. The second level incorporates a Quarter round function, among others, to further obscure the encoded message. PRC6 is implemented in a parallel computing model to significantly reduce overall computation time, especially important for lightweight applications. Experimental results show that the algorithm can achieve a high level of security for cloud workloads in only a few encryption rounds. Performance evaluations against popular encryption standards also indicate that PRC6 offers promising security benefits when computational resources are limited. This hybrid approach presents a viable solution for strengthening data protection in modern cloud systems.

This systematic literature review scrutinizes the implementation and analysis of zk-SNARK, zk-STARK, and Bulletproof non-interactive zero-knowledge proof (NIZKP) protocols in privacy-preserving applications across diverse sectors. Examining 43 research works published from 2015 to April 2023, we categorized findings into financial, medical, business, general, and other domains. Our analysis highlights significant variations in real-world performance across implementations utilizing NIZKP protocols. However, divergent methodologies in security analyses hindered conclusive comparisons. Addressing research gaps, our future endeavors aim to establish a real-world benchmark for these protocols.

A document by K. Ramesh. Click on the document to view its contents.

Phishing attacks are thoroughly engineered attacks where the attackers use emails, messages, and websites of reputed sources as a medium to trick their targets into sharing sensitive content. This sensitive content primarily consists of their financial information, in the case of small attacks whereas some planned advanced attacks also target to obtain their login information. In the past few years, there has been a noticeable shift in attackers’ priorities, moving away from targeting individuals and instead concentrating on the organization’s employees. It is also observed that most cyber-attacks are the result of employee negligence. Due to the widespread availability of phishing kits and the expansion of ransomware as a service (RaaS), aspiring hackers now possess a straightforward method to defraud individuals. What is particularly worrisome about this growing trend is that individuals lacking technical expertise are engaging in such activities using simple tools and online instructional materials. Machine learning can help in recognizing different phishing attacks and patterns. We describe several classical algorithms to detect Phishing attacks. We aim to utilize machine learning techniques like Multilayer perceptron, Random Forest, XG Boost, and different classifiers for detection. This paper will compare various studies for detecting phishing attacks using each Artificial Intelligence technique: Deep Learning and Machine learning. In order to enhance our study, we have also listed various other conventional methods of detection that do not utilize the benefits of training through machine learning models.

In the ever-evolving landscape of cybersecurity, the application of game theoretic models has emerged as a powerful and innovative approach to enhance our understanding and management of cyber threats. This abstract explores the application of a variant of game theoretic models within the context of a Cyber Threat Intelligence (CTI) framework. With the proliferation of cyber-attacks targeting critical infrastructure, sensitive data, and national security, it has become imperative to develop proactive and adaptive strategies for threat detection, mitigation, and response. The variant of game theoretic models discussed in this abstract departs from traditional game theory by incorporating elements of dynamic adaptation and machine learning. This adaptation enables the framework to model and analyze the intricate and rapidly changing interactions between threat actors and defenders in real-time, thereby providing a more accurate representation of the evolving threat landscape. By leveraging machine learning algorithms, the model can continuously learn and adapt to new threats and tactics, making it a versatile tool for CTI. This abstract also explores the practical applications of the variant model in various aspects of cybersecurity, including threat actor profiling, vulnerability assessment, and decision support for incident response. By considering the strategic motivations and behaviors of threat actors, organizations can make informed decisions regarding resource allocation, risk assessment, and security investments. The integration of this variant of game theoretic models into CTI holds great potential to revolutionize our approach to cybersecurity, enabling organizations to stay one step ahead of adversaries. As the digital world becomes increasingly complex, the ability to predict, mitigate, and adapt to cyber threats is crucial for safeguarding critical assets and ensuring the resilience of digital infrastructure. This paper highlights the significance of this innovative approach and its potential to shape the future of cyber threat intelligence and cybersecurity practices.

In the realm of social media, cyberbullying’s pervasive impact raises urgent concerns about its emotional and psychological toll on victims. This study addresses the imperative of effectively detecting cyberbullying. By leveraging ML and DL techniques, we aim to develop reliable methods that accurately identify instances of cyberbullying in social media data, enhancing detection efficiency and accuracy. This facilitates timely intervention and support for affected individuals. In this comprehensive analysis of existing systems, various ML and DL models are extensively texted for cyberbullying detection. The evaluated models include Random Forest, XgBoost, Naive Bayes, SVM, CNN, RNN, and BERT. Pre-processed datasets are utilized to train and evaluate the models. To evaluate the ability of each model to reliably identify cyberbullying in social media data, performance metrics such as F1 score, recall, precision, and accuracy are used. The findings of this study demonstrate the efficacy of different ML and DL models in monitoring cyberbullying in social media data. Among the models evaluated, the BERT model exhibits exceptional performance, achieving the highest accuracy rates of 88 .8% for binary classification and 86 .6% for multiclass classification.

This article looks at Healthcare and the issues that exist with current cybersecurity measures. As attacks, including those related to ransomware become more commonplace it is important to provide safeguards to protect the data of patients and healthcare organizations. Examples of cybersecurity breaches are looked at with insights shared on how they happened and what could have been done to prevent them. Rather than the original perimeter security approach which many organizations took a newer approach known as Zero-Trust looks at how to neutralize attacks even if a hacker has penetrated the perimeter security. Key areas involved in Zero-Trust are reviewed and explained as to how the applicability to healthcare can make a difference in protecting individuals and healthcare organizations.

Ransomware is a menace to the vibrant digital ecosystem. The exponential growth in ransomware attacks, its detrimental impacts, and the ever-changing methods adopted by threat actor groups demands a focused understanding of the evolution of ransomware. This would help the organizations devise novel defensive frameworks and security controls against the modern ransomware. In this work, the impacts and evolution of ransomware through different phases up to its current form are detailed. Further, based on the study and analysis of the most prevalent modern ransomware variants, their most used tactics, techniques and procedures (TTPs) are identified as per the MITRE ATT&CK model. This acts as a platform to propose a generic attack model for ‘modern ransomware’. Building on the existing MITRE mitigation, D3FEND-based approaches and considering the resource and budget constraints of organizations, a simplified three-tier defensive model that is cost-effective and implementable is put forward. Thus, this work aims to open avenues for understanding the TTPs, and attack methodology of ‘modern ransomware’, thereby developing feasible and implementable defensive security controls.