Security Projects – ElysiumPro

This paper presents a sophisticated prediction framework for Random Access Channel (RACH) traffic within massive Machine Type Communications (mMTC), which is vital for 5G and beyond. Leveraging machine learning and time-series analysis, the framework accurately forecasts traffic loads to proactively mitigate RACH congestion. It effectively models device behaviors characterized by bursty and periodic access patterns common in IoT networks. By enhancing access success rates and minimizing latency and collisions, the system significantly improves network performance. Simulation studies confirm better efficiency and resource allocation, making this approach ideal for scalable, intelligent access management in ultra-dense IoT deployments for future communication systems.

This study investigates the impact of sociocultural nuances in annotated datasets on enhancing cybersecurity systems targeting phishing and social engineering attacks. It proposes broadening dataset diversity through global collaborations and developing adaptive models capable of learning cultural patterns in real time. To address annotation biases, the study incorporates automated annotation techniques. A novel adaptation of the LESCANT framework is introduced for more comprehensive phishing detection, supported by mathematical modeling and Python-based implementations. Regional case studies illustrate how sociocultural awareness improves detection accuracy and robustness. The findings highlight the critical role of integrating cultural context into cybersecurity models, paving the way for more effective, globally applicable defense mechanisms. This research advocates for the future expansion of sociocultural factors in diverse cybersecurity applications to better protect against evolving social engineering threats.

Vehicular Ad-hoc Networks (VANETs) are vital for Intelligent Transportation Systems, enabling critical vehicle-to-vehicle and vehicle-to-infrastructure communications. However, jamming attacks pose serious threats by disrupting these communications, endangering public safety. This study introduces a novel AI-based model designed to detect jamming attacks in VANETs by analyzing signal patterns through a combination of machine learning and deep learning classifiers. Fourteen ML and four DL models were evaluated, with Random Forest (RF), Extra Tree (ET), and a fine-tuned Convolutional Neural Network (CNN) showing top performance. An ensemble classifier combining RF, ET, and CNN achieved the highest detection accuracy of 99.81%, surpassing individual models. These results demonstrate the model’s effectiveness in enhancing VANET security against jamming attacks. Integrating this approach into VANET infrastructures can significantly improve communication reliability, supporting safer and smarter urban transportation systems.

This paper investigates proactive cyber threat intelligence (CTI) modeling tailored for Connected Autonomous Vehicles (CAVs) to counter emerging threats in vehicular networks. It employs machine learning, anomaly detection, and behavior modeling to develop a framework capable of early threat prediction and adaptive security responses. The approach integrates diverse data sources such as V2X communications, sensors, and control units to build robust CTI, significantly improving situational awareness and enhancing response times. The study also addresses critical challenges, including real-time data processing and managing evolving threat landscapes. Overall, this research contributes to safer, smarter cybersecurity solutions for CAVs through intelligent and predictive strategies.

This study presents a comprehensive machine learning (ML)-based framework designed for the real-time analysis of system and network logs within Security Operation Centers (SOCs). By utilizing both unsupervised and supervised ML algorithms, the framework effectively identifies abnormal patterns and malicious activities in complex log data. The model continuously learns and adapts from diverse data sources, improving detection accuracy while reducing false positives. It seamlessly integrates with Security Information and Event Management (SIEM) systems to enable automated alerting and expedite incident response. Addressing challenges such as scalability, high data volumes, and performance optimization, this research empowers SOCs with intelligent, proactive tools to enhance cyber defense and situational awareness.

This paper examines the cybersecurity risks and governance challenges associated with “Shadow AI,” which refers to the unauthorized or unmonitored use of AI tools within organizations. It highlights how such hidden deployments can cause data leakage, compliance breaches, and introduce unseen vulnerabilities. The research explores detection methods, risk mitigation frameworks, and offers policy recommendations to address these issues. While acknowledging the innovation and agility benefits of AI, the study stresses the importance of transparency and control. It advocates for robust AI governance, regular audits, and increased user awareness, promoting security-by-design to mitigate the silent risks posed by Shadow AI.

The rapid growth of Internet of Things (IoT) devices has intensified cybersecurity risks, with botnet attacks posing a significant threat. This study investigates the effectiveness of boosting-based machine learning algorithms for detecting botnet intrusions in IoT environments. Five boosting algorithms were evaluated for binary botnet detection, emphasizing accuracy and computational efficiency to accommodate the resource constraints typical of IoT devices. The empirical results demonstrate the strong potential of boosting methods, with the Histogram Gradient Boosting algorithm achieving the highest accuracy of 99.9977%. Additionally, a temporal evaluation assessed the computational demands of each algorithm, highlighting their suitability for real-time detection within constrained IoT systems. These findings underscore the promise of boosting-based approaches in enhancing IoT security by enabling fast, reliable botnet detection, contributing to safer and more resilient IoT ecosystems.

This study provides a comprehensive overview of smart grids for energy management, focusing on enhancing efficiency, reliability, and sustainability in modern power systems. Smart grids integrate advanced digital communication technologies with renewable energy sources, addressing challenges such as the intermittency of solar and wind power, cybersecurity threats, and the growing integration of electric vehicles. The paper highlights recent technical advancements and explores the role of artificial intelligence and data analytics in optimizing grid performance, improving energy management, and ensuring system resilience. Key issues including cyber-attack defenses and balancing energy demand with renewable variability are discussed. By reviewing ongoing research and identifying critical challenges, this study offers insights and recommendations to advance smart grid technologies, ultimately supporting the transition toward more sustainable and efficient energy infrastructures.

This comprehensive study explores security solutions for Software-Defined Networking (SDN), focusing on traditional, artificial intelligence (AI)-based, and moving target defense (MTD) approaches. SDN’s centralized controller offers flexible network management but also creates a critical point of failure. The paper surveys conventional security measures including authentication, encryption, and flow verification, addressing vulnerabilities in both data and control planes. It further investigates the application of machine learning and deep learning techniques to detect and mitigate advanced threats within SDN environments. Additionally, the study examines MTD strategies such as IP/MAC address randomization and flow table obfuscation to enhance network resilience. Using the STRIDE cybersecurity framework, potential threats are systematically identified and analyzed. The study concludes with a detailed overview of current challenges and proposes future research directions to bolster SDN security against evolving cyber threats.

This study presents an AI-driven cyber incident response system tailored for cloud environments, addressing the rising complexity of cyber threats. The system integrates Network Traffic Classification, Web Intrusion Detection, and Post-Incident Malware Analysis into an automated pipeline deployed via a Flask application, compatible with platforms like Google Cloud and Microsoft Azure. Tested on NSL-KDD, UNSW-NB15, and CIC-IDS-2017 datasets, the Random Forest model achieved classification accuracies of 90%, 75%, and 99%, respectively, with malware analysis precision reaching 96%. A neural network-based malware model further improved accuracy to 99%. Leveraging deep learning with cloud GPUs and TPUs, the system meets high computational demands efficiently. Containerization ensures scalability and portability across cloud platforms. By reducing incident response times and operational risks, this innovative solution advances cybersecurity capabilities in cloud infrastructures, offering a robust, cost-effective tool for organizations to proactively defend against evolving cyber threats.

This project focuses on developing a machine learning-based web application to predict potential cyber-attacks on educational (college) and business datasets using classification algorithms. The system employs Logistic Regression, Random Forest, and Decision Tree models to analyze and classify the data for threat prediction. By training on key features from real-world college and business environments, the models learn to identify patterns associated with attack vectors. The application is built using Flask as the web framework and SQLite as the backend database to manage user data and model results efficiently. This solution aims to provide a lightweight, accessible platform for proactive cyber threat detection tailored for academic and business sectors.

This paper proposes a deep hierarchical network for real-time malicious traffic detection at the packet level, addressing delays caused by traditional flow-based feature extraction. The model combines one-dimensional convolutional layers to capture spatial features of raw packet data with Gated Recurrent Units (GRU) to extract temporal dependencies. Evaluated on ISCX2012, USTC-TFC2016, and CICIDS2017 datasets, the approach demonstrates high effectiveness. It achieved accuracy (ACC), detection rate (DR), and false alarm rate (FAR) of 99.42%, 99.74%, and 1.77% on ISCX2012; 99.94%, 99.99%, and 0.99% on USTC-TFC2016; and a perfect 100%, 100%, and 0% on CICIDS2017, respectively. These results highlight the model’s superior capability for efficient and accurate packet-level intrusion detection. The study also discusses the potential applications and advantages of this approach in enhancing network security through faster and more precise threat identification.mpact of data balanced on classification performance and the time efficiency between the Long Short-TermMemory (LSTM) model and the GRU model. Experiments show that our approach can effectively detectmalicious traffic and outperforms many other state-of-the-art methods in terms of ACC and DR

This study addresses security vulnerabilities in RPL-based IoT networks by developing a lightweight Intrusion Detection System (IDS) for real-time detection of routing attacks. We first create a comprehensive routing attacks dataset covering four common RPL attack types through simulations on the Cooja platform. A feature extraction algorithm is designed to generate 24 key features for effective IDS training. To enhance detection accuracy and reduce computational overhead, we propose a novel hybrid detection approach combining Pearson Correlation for feature selection with Grid Search-Particle Swarm Optimization (GS-PSO) to optimize a Random Forest classifier. Experimental results demonstrate that our model achieves superior detection accuracy and faster training times compared to existing methods, making it suitable for resource-constrained IoT environments. This research contributes a practical and efficient solution to strengthen security in large-scale RPL-based IoT deployments.

This study presents a novel malware detection method for Android applications using an ensemble of Convolutional Neural Networks (CNNs) to improve classification accuracy. The approach involves extracting and preprocessing APK files by decompressing and decompiling them into bytecode and Dex files. These byte data are then transformed into 2D grayscale images, enabling CNNs to efficiently learn distinguishing features. Evaluated on the Drebin and AMD datasets, the proposed model achieves accuracies of 98.65% and 97.91%, with F1-scores of 96.43% and 96.73%, respectively, outperforming traditional detection techniques. These results demonstrate the model’s effectiveness in accurately identifying Android malware while maintaining reliability. The study lays a foundation for future research, including real-time detection, integration with mobile security systems, and testing across varied datasets to enhance adaptability against evolving malware threats.

Phishing websites pose a significant threat to cybersecurity, exploiting deceptive tactics to steal sensitive user information. Detecting such sites remains challenging due to the absence of universally accepted identification features. This study introduces a novel Rough Set Theory-based Hybrid Feature Selection (RSTHFS) method to enhance phishing website detection using Machine Learning (ML). RSTHFS was evaluated on three datasets with 2,456, 10,000, and 88,647 instances, demonstrating an average accuracy of 95.48% while reducing feature count by 69.11%. The method was tested with LightGBM, Random Forest, and CatBoost classifiers, with CatBoost achieving the highest accuracy. Additionally, RSTHFS reduced runtime by 61.43%, significantly improving efficiency. These results highlight RSTHFS as a reliable and effective feature selection technique that enhances both the accuracy and speed of phishing detection systems, offering a valuable contribution to cybersecurity solutions.

As cyber threats become increasingly sophisticated, combining ethical hacking with artificial intelligence (AI) offers a powerful approach to enhancing threat detection systems. Ethical hacking simulates real-world attacks to uncover vulnerabilities and generate high-quality datasets that train AI models, improving their accuracy and reducing false positives. This paper examines how ethical hackers’ insights and penetration testing help refine AI algorithms, enabling systems to recognize evolving attack patterns and adapt to new threats in real time. AI complements human expertise by efficiently analyzing large volumes of security data, while ethical hacking identifies complex vulnerabilities that automated tools may miss. This synergy supports more effective anomaly detection, automated responses, and proactive threat mitigation. Integrating ethical hacking with AI-driven security strengthens organizational defenses, fostering resilient digital infrastructures capable of adapting to an ever-changing cybersecurity landscape.

This paper introduces an anomaly-based intrusion detection system tailored for Internet of Medical Things (IoMT) networks, focusing on lightweight machine learning models optimized for resource-constrained devices. It includes the development of a specialized dataset representing typical medical device traffic and evaluates various ML algorithms to balance accuracy and computational efficiency. Realistic testbed environments simulate diverse attack scenarios to design effective and practical detection strategies. The system provides real-time monitoring and detection of abnormal activities and unauthorized access, with an emphasis on scalability, energy efficiency, and maintaining healthcare data privacy. This work significantly contributes to enhancing the security and reliability of IoMT deployments in clinical settings.

This study explores the application of Transformer-based models for packet-level intrusion detection, focusing on enhancing explainability. By examining attention weights and embedding structures, the research aims to reduce the black-box nature of deep learning models, making their decisions more transparent. The model is trained on diverse network traffic datasets to identify a broad spectrum of threats effectively. Additionally, an interpretable framework is proposed to help Security Operations Center (SOC) analysts better understand and trust the model’s decisions. This approach successfully balances high detection performance with transparency, advancing the development of trustworthy and efficient AI-driven Network Intrusion Detection Systems (NIDS).

This work presents a lightweight and energy-efficient defense method against Modified Version Number (MVN) attacks targeting routing protocols like RPL, commonly used in IoT networks. The approach leverages anomaly detection to identify suspicious version number manipulations and dynamically adjusts routing paths to mitigate the effects of such attacks. Specifically designed for low-power and resource-constrained IoT environments, the method effectively minimizes computational and communication overhead while ensuring network stability and robustness. Simulation results demonstrate notable improvements in packet delivery rates and a reduction in network disruptions. This practical solution offers an efficient and robust defense for IoT mesh networks against protocol-based attacks.

This paper introduces a deep reinforcement learning (DRL)-based framework aimed at detecting zero-day attacks within Network Intrusion Detection Systems (NIDS). Unlike traditional signature-based methods, the model dynamically adapts by continuously exploring and learning from network behavior patterns, allowing it to effectively identify new and previously unknown threats. The framework updates its defense strategies over time, enhancing resilience against evolving cyber threats. Experimental results show that this approach achieves significantly higher detection rates compared to conventional techniques. By enabling continuous learning and adaptation to emerging attack patterns, this study contributes to advancing autonomous and intelligent cyber defense systems for improved network security.

This study applies game theory to model the dynamic interactions between attackers and defenders within complex networks, emphasizing time-dependent strategies. It introduces a defense decision-making framework that incorporates the timing of attacks and defenses to optimize resource allocation and enable timely, strategic responses. By considering the temporal aspects of cyber threats, the model better reflects realistic adversarial behavior, especially in critical infrastructure systems. Extensive simulations validate the framework’s effectiveness under various threat scenarios, demonstrating its potential to improve defense planning. This approach enhances proactive and strategic network security, helping organizations allocate resources efficiently and respond to evolving attacks more effectively.

This comprehensive survey explores current trends in backdoor attacks on deep learning models, where attackers implant hidden malicious behaviors during training. It categorizes attacks by trigger types, model vulnerability, and attack surfaces. Applications across NLP, vision, and recommendation systems are discussed. It highlights challenges in detection and presents mitigation techniques. Future directions include robust model training and federated learning risks. This work lays the foundation for secure AI system development.

Anomaly-Flow introduces a federated Generative Adversarial Network (GAN) for Distributed Denial-of-Service (DDoS) attack detection across multiple domains without centralized data sharing. The model learns from distributed environments, preserving privacy. It generates synthetic attack traffic to enhance detection capabilities. Results show high accuracy in recognizing diverse DDoS patterns. The framework supports cross-domain generalization and scalable deployment. It marks a step forward in federated cybersecurity.

This paper presents RUP-GAN, an adversarial learning method to launch black-box attacks on social intelligence-based recommendation systems. It generates malicious profiles that subtly influence system outputs. The model requires minimal knowledge of the target system. Evaluation shows it can significantly degrade recommendation quality. The study discusses defense mechanisms and ethical concerns. It sheds light on security vulnerabilities in intelligent user profiling systems.

This work introduces a hybrid deep learning model using CNN-LSTM with attention mechanisms to detect malware and attacks in SCADA systems. It captures both spatial and temporal dependencies from IoT data streams. The model is trained on benchmark SCADA datasets and outperforms traditional classifiers. Attention layers enhance interpretability. The solution offers a real-time, efficient intrusion detection method. It is tailored for critical infrastructure protection.

This survey thoroughly investigates Load-Altering Attacks (LAAs) that target smart grids by manipulating electrical demand, leading to frequency instability and potential grid failures. It categorizes these attacks based on their impact severity, attack vectors, and the grid’s response mechanisms. Various detection methods are reviewed, including signal monitoring techniques and machine learning classifiers, which help identify abnormal load patterns. The paper also explores mitigation strategies such as grid hardening, adaptive load balancing, and cyber-physical system integration to enhance resilience. This comprehensive survey serves as a valuable reference for researchers and power system operators aiming to protect smart grids from evolving load manipulation threats.

This paper introduces CIRA, a Cyber Intelligent Risk Assessment methodology tailored for Industrial IoT (IIoT) environments using machine learning. CIRA quantifies cybersecurity risk by analyzing factors such as threat likelihood, system vulnerabilities, and potential impact. The framework integrates real-time threat intelligence feeds with anomaly detection techniques to continuously update and refine risk scores. Designed to be modular and flexible, CIRA adapts to evolving cyber threats and changing industrial landscapes. Additionally, it supports security policy enforcement and compliance monitoring. This research advances automated and dynamic risk evaluation, providing a valuable tool for enhancing security management in complex industrial IoT systems.

This survey thoroughly examines adversarial machine learning attacks that target malware detection systems, with a focus on key techniques such as evasion, poisoning, and generative adversarial examples. It systematically categorizes these attacks based on the attacker’s knowledge level, distinguishing between white-box and black-box scenarios, as well as the analysis domain, including static and dynamic methods. The paper also critically evaluates existing defense strategies, such as adversarial training and feature randomization, which help improve the robustness and reliability of detection systems. Furthermore, it highlights important open challenges like attack generalization and transferability across different models. This comprehensive review offers valuable insights and serves as a roadmap for future research aimed at building more resilient and effective malware detection frameworks against evolving adversarial threats.

This study introduces a comprehensive network security framework that leverages diversified features and knowledge graphs to effectively detect complex cyber threats. By connecting various entities such as IP addresses, processes, and system events, the framework uncovers multi-stage attacks that traditional methods might miss. It employs advanced machine learning models to analyze graph structures, enabling the identification of anomalies and enhancing threat correlation and contextual awareness. Supporting continuous learning from new data, the system improves detection accuracy over time. Integrating multiple data sources with sophisticated reasoning techniques, this scalable and adaptive framework significantly boosts Security Operations Center (SOC) efficiency and facilitates proactive threat hunting to tackle modern cybersecurity challenges.

This research applies convolutional neural networks (CNNs) optimized with the information bottleneck principle to classify encrypted network services. The model learns compact, task-relevant representations from packet metadata. It is resilient to encryption-induced obfuscation. Evaluations on real-world datasets show superior accuracy and robustness. The approach balances information preservation and noise reduction. It’s valuable for lawful network monitoring and traffic analysis.

This paper introduces a botnet detection method utilizing ensemble learning on graph-structured network data. By applying adaptive weighting and advanced feature extraction, the model effectively captures communication patterns. Graph properties such as centrality, density, and community structure inform the classification process. The ensemble approach enhances generalization across various botnet families. Experimental results demonstrate high precision in early-stage detection, showcasing the method's ability to identify botnet activities promptly. This approach offers scalable defenses against evolving botnet threats, providing a robust solution for network security. The integration of machine learning allows for continuous adaptation to emerging threats, ensuring that firewalls remain effective against sophisticated attack vectors. FADE's ability to autonomously update firewall rules based on real-time data analysis makes it a valuable tool for proactive network security management.

The study introduces a cloud security enhancement framework that integrates multi-factor authentication (MFA) with adaptive cryptographic schemes, managed by machine learning (ML). User behavior and contextual information guide dynamic key generation and access policies, enhancing security. This approach effectively mitigates common attacks such as phishing and session hijacking. The system is designed for scalability and user convenience, ensuring minimal performance trade-offs. Empirical testing demonstrates improved security without significant impact on system performance. By combining authentication, encryption, and AI-driven control, the framework offers a robust solution for cloud security challenges. This work contributes to the advancement of secure cloud computing environments.

FADE is an advanced framework designed to identify and extract attack signatures from firewall logs using statistical and machine learning techniques. It operates by detecting deviations in traffic flow and correlating these anomalies with known attack profiles. This enables the system to learn from evolving network patterns and generate adaptive firewall rules autonomously. By enhancing the adaptability of firewalls and improving attack traceability, FADE contributes significantly to autonomous firewall hardening. Empirical results demonstrate that FADE effectively reduces false positives and improves detection latency, thereby strengthening network security defenses. The integration of machine learning allows for continuous adaptation to emerging threats, ensuring that firewalls remain effective against sophisticated attack vectors. FADE's ability to autonomously update firewall rules based on real-time data analysis makes it a valuable tool for proactive network security management.

This survey explores the emerging field of machine unlearning—the process of removing data influence from trained models—and its associated security risks. It classifies threats such as unlearning attacks, data reconstruction, and poisoning during removal. Defensive strategies include certified unlearning and model regularization. Applications in GDPR compliance and data privacy are highlighted. The study discusses open challenges in efficiency and verification. It lays the groundwork for secure ML lifecycle management.

This study presents a novel Intrusion Detection System (IDS) framework tailored for Wireless Internet of Things Sensor Networks (WIoTSNs), addressing their unique scalability and efficiency challenges. The proposed model integrates a hybrid architecture combining Convolutional Neural Networks (CNNs) and Long Short-Term Memory (LSTM) networks, enhanced by an attention mechanism to improve feature extraction and temporal pattern recognition. To optimize performance under resource constraints, an improved Particle Swarm Optimization (PSO) algorithm dynamically selects relevant features in real time, boosting classification accuracy and adaptability. Experimental evaluation on a standard IoT intrusion dataset shows the model achieves accuracy rates of 98.73% (CNN), 99.87% (LSTM), 99.12% (CNN-LSTM), and 98.88% (enhanced CNN-LSTM with attention), outperforming existing methods. This framework demonstrates strong potential for efficient, robust, and adaptive intrusion detection in dynamic IoT environments, making it well-suited to safeguard real-world IoT networks against evolving cyber threats.

The rapid growth of the Internet of Medical Things (IoMT) has improved medical diagnostics but also increased vulnerability to cyberattacks, notably Distributed Denial of Service (DDoS) attacks. Existing intrusion detection systems (IDS) often struggle with the dynamic and complex nature of IoMT network traffic. This study proposes HIDSIoMT, a hybrid deep learning-based IDS that combines Convolutional Neural Networks (CNN) for effective feature extraction with Long Short-Term Memory (LSTM) networks for accurate sequence prediction. Implemented on a Raspberry Pi within a fog computing architecture, the system enables decentralized, low-latency processing close to IoMT devices. Evaluation using IoTID20 and Edge-IIoTset datasets—covering various DDoS and DoS attack types—demonstrates superior performance, achieving 99.92% accuracy, 99.91% precision, 99.99% recall, and a 99.95% F1-score. The results highlight HIDSIoMT’s effectiveness and robustness, making it a promising solution for securing IoMT networks against evolving cyber threats.

Phishing attacks exploit both human and technological vulnerabilities to steal sensitive information, posing a serious online security risk. This study presents a novel hybrid phishing detection method that integrates three advanced techniques: BERT for in-depth textual analysis, Graph Neural Networks (GNNs) for URL structural evaluation, and LightGBM for metadata feature extraction. By combining these approaches into a multi-layered model, the system effectively captures diverse phishing characteristics, improving detection accuracy and reducing false positives. Experimental results demonstrate the model achieves 97.3% accuracy, outperforming existing state-of-the-art methods across various online platforms. The hybrid model’s ability to analyze lexical, structural, and metadata features simultaneously enhances real-time phishing detection and adapts to evolving attack strategies. This research underscores the critical role of comprehensive, multi-dimensional detection frameworks in strengthening cybersecurity defenses against sophisticated phishing threats.

With the rapid advancement of interactive multimedia and autonomous systems, security concerns such as GPS signal spoofing in Unmanned Aerial Vehicles (UAVs) have become critical. This study proposes a novel detection methodology using Support Vector Machine (SVM) to protect UAVs from GPS spoofing attacks. After evaluating multiple machine learning algorithms, SVM was selected and enhanced through the development of K-learning models using K-fold cross-validation. These models are combined using voting techniques to improve detection robustness. The approach utilizes signal features including various jitter and shimmer metrics, along with frequency modulation, to effectively distinguish counterfeit GPS signals. Extensive experiments measuring accuracy, precision, recall, and F1-score demonstrate the superior performance of the proposed method compared to existing techniques. This work highlights the potential of advanced machine learning strategies to enhance the security and reliability of UAV navigation systems against spoofing threats.

With the rapid development of e-commerce, e- commerce platforms are facing an increasing number of fraudthreats. Effectively identifying and preventing these fraudulent activities has become a critical research problem. Traditionalfraud detection methods typically rely on supervised learning, which requires large amounts of labeled data. However, suchdata is often difficult to obtain, and the continuous evolution offraudulent activities further reduces the adaptability and effectiveness of traditional methods. To address this issue, tsstudy proposes an unsupervised e-commerce fraud detectionalgorithm based on SimCLR. The algorithm leverages thecontrastive learning framework to effectively detect fraud bylearning the underlying representations of transaction data in anunlabeled setting. Experimental results on the eBay platformdataset show that the proposed algorithm outperformstraditional unsupervised methods such as K-means, Isolation Forest, and Autoencoders in terms of accuracy, precision, recall, and F1 score, demonstrating strongfraud detection capabilities. The results confirm that the SimCLR-based unsupervised frauddetection method has broad application prospects in e-commerce platform security, improving both detection accuracy androbustness. In the future, with thencreasing scale and diversityof datasets, the model’s performance will continue to improve, and it could be integrated with real-time monitoring systems to provide more efficient security for e-commerce platforms.

With the rapid growth of e-commerce, platforms face escalating fraud threats that challenge traditional supervised detection methods reliant on large labeled datasets. This study proposes an unsupervised fraud detection algorithm based on SimCLR, a contrastive learning framework that effectively learns transaction data representations without requiring labels. The method addresses the adaptability issues posed by evolving fraudulent behaviors. Evaluated on an eBay dataset, the SimCLR-based approach outperforms traditional unsupervised techniques such as K-means, Isolation Forest, and Autoencoders in accuracy, precision, recall, and F1-score. These results demonstrate its strong capability in detecting fraudulent activities and improving detection robustness. The study highlights the algorithm’s potential for enhancing e-commerce security and anticipates further performance gains with larger, more diverse datasets. Future integration with real-time monitoring systems promises to advance proactive fraud prevention on e-commerce platforms

The rising complexity of cyber threats presents critical challenges for individuals, organizations, and nations. Traditional security solutions often lag behind these evolving attacks, necessitating advanced approaches. This paper offers a comprehensive analysis of Artificial Intelligence (AI) techniques—including Machine Learning (ML), Deep Learning (DL), Natural Language Processing (NLP), Explainable AI (XAI), and Generative AI (GenAI)—to enhance cybersecurity. Key contributions include: 1) a comparative evaluation of ML and DL methods for diverse cybersecurity tasks; 2) investigation of XAI to improve transparency and interpretability in AI-based anomaly detection; 3) exploration of GenAI and NLP for threat intelligence generation and attack simulation; and 4) real-world applications of GenAI in cybersecurity products. This research advances AI-driven cybersecurity by highlighting effective, reliable solutions that mitigate cyber risks and strengthen security posture in increasingly interconnected environments.

Domain Name System (DNS) tunneling is an emerging cyber threat that exploits DNS protocols to covertly transfer malicious data, often evading conventional detection systems. This paper proposes a hybrid deep learning framework combining Long Short-Term Memory (LSTM) networks and Deep Neural Networks (DNN) to detect and classify normal, attack, and adversarial DNS tunneling traffic. By leveraging temporal sequence modeling and advanced feature extraction, the model addresses limitations of existing DNS traffic classifiers. Evaluated on a comprehensive dataset, the proposed approach achieved a classification accuracy of 85.2%, outperforming traditional machine learning methods. Ablation studies highlight the critical role of the LSTM layer and dropout rate in enhancing robustness against adversarial perturbations. The solution offers scalable, real-time threat detection suitable for sensitive domains such as finance, healthcare, and government. Future work will focus on extending this approach to other network threats and countering sophisticated adversaries.

Cybercrime is a growing threat to organizations and individuals worldwide, withcriminals using sophisticated techniques to breach security systems and steal sensitive data. This paper aims to comprehensively survey the latest advancementsin cybercrime prediction, highlighting the relevant research. For this purpose, wereviewed more than 150 research articles and discussed 50 most recent and appropriate ones. We start the review with some standard methods cybercriminals useand then focus on the latest machine and deep learning techniques, which detectanomalous behavior and identify potential threats. We also discuss transfer learning, which allows models trained on one dataset to be adapted for use on anotherdataset. We then focus on active and reinforcement learning as part of early-stagealgorithmic research in cybercrime prediction. Finally, we discuss critical innovations, research gaps, and future research opportunities in Cybercrime prediction. This paper presents a holistic view of cutting-edge developments and publicly available datasets

This paper proposes a secure content-protection scheme that embeds the decryption key within an AES-encrypted color image using machine learning and nearest-centroid clustering combined with least significant bit matching (LSB-M) in the spatial domain. Initially, the image is encrypted with AES in output feedback mode, then the key is embedded by clustering pixels and shuffling their sequences to disperse key bits, enhancing attack resistance. Unlike prior methods, the scheme directly operates on RGB images without grayscale conversion and eliminates the need for separate key distribution. Parallel processing is employed to boost execution efficiency and speed. Extensive experiments on various image resolutions validate the method’s effectiveness, demonstrated by high structural similarity index scores and low mean squared errors, confirming imperceptible alterations and stealth of embedded data. The approach achieves 77% efficiency with a 1.5× speed-up, offering a robust, efficient solution for secure image-based data transmission.

Vehicular ad hoc networks (VANETs) play a crucial role in traffic management and accident prevention, yet their security remains a major challenge. This study explores VANET vulnerabilities and reviews recent security models, focusing on machine learning-based attack detection. To address unresolved challenges, we propose a lightweight Random Forest (RF) model enhanced by gain information feature selection and a balanced version of the CISDS2017 dataset, achieved through random oversampling. This dual enhancement approach—feature selection and dataset balancing—improves detection accuracy and efficiency. Experimental results demonstrate that the proposed model attains a superior classification accuracy of 99.8%, outperforming benchmark classifiers such as AdaBoost, Decision Tree, K-Nearest Neighbors, and Multi-Layer Perceptron. Additionally, it significantly reduces processing time, consuming only a fraction of the computational cost compared to other models, while maintaining minimal classification errors. This approach offers a robust, efficient solution for VANET security threat detection.

With the increasing prevalence of encrypted network traffic, traditional analysis methods have become less effective, prompting a surge in machine learning (ML) and deep learning (DL) approaches, particularly those leveraging pre-training techniques. This paper introduces the Multi-Level Pre-training for Encrypted Traffic Classification (MLETC) model, which uniquely incorporates multi-level traffic representations, including byte, field, and packet information. Unlike prior studies focusing mainly on byte and packet levels, MLETC employs two pre-training strategies to comprehensively capture the hierarchical structure of network traffic. Experiments on three public datasets demonstrate that MLETC outperforms existing ML and DL models across most classification tasks and achieves performance comparable to leading pre-trained models. Furthermore, results confirm that including field-level information in pre-training significantly enhances model robustness and accuracy over models limited to bytes and packets, marking a promising advance in encrypted traffic classification.

This study reviews recent advancements in machine learning (ML)-based intrusion detection systems (IDS) for Internet of Things (IoT) and Industrial IoT (IIoT) security, focusing on lightweight models suitable for resource-constrained environments. Using three benchmark datasets—TON_IoT, WUSTL-IIoT-2021, and Edge-IIoTset—the performance of classifiers including Decision Tree, Random Forest, and ensemble methods (Bagging, Stacking, LightGBM) was analyzed. Feature selection via Mutual Information was applied, and models were evaluated on metrics such as Precision, Recall, Micro-F1, model size, and training time. The study also addresses challenges posed by imbalanced datasets and investigates a cross-dataset transfer learning approach, demonstrating model generalization across IIoT environments. Finally, the trained models were deployed in a live network setup for real-time intrusion detection, providing insights on resource utilization and continuous threat monitoring. The results highlight the potential of ML-driven IDS for enhancing IoT/IIoT security while maintaining operational efficiency.

This paper introduces a novel framework for classifying cybercrimes based on relational contexts—focusing on the nature of the relationship between the victim and perpetrator rather than purely technical or legal categories. It proposes a taxonomy distinguishing cybercrimes as relational (e.g., intimate partner abuse, cyberstalking) and non-relational (e.g., data breaches, financial fraud). This relational lens helps uncover underrepresented forms of digital harm, especially those impacting vulnerable communities. The framework bridges gaps between criminology, cybersecurity, and digital sociology. It encourages more effective policy design, victim support, and law enforcement strategies. This paradigm shift offers deeper insights into the social dynamics of cybercrime.

Integrating Internet of Things (IoT) devices in healthcare has revolutionized patient care, offering improved monitoring, diagnostics, and treatment. However, the proliferation of these devices has also introduced significant cybersecurity challenges. This paper reviews the current landscape of cybersecurity threats targeting IoT devices in healthcare, discusses the underlying issues contributing to these vulnerabilities, and explores potential solutions. Additionally, this study offers solutions and suggestions for researchers, agencies, and security specialists to overcome these IoT in healthcare cybersecurity vulnerabilities. A comprehensive literature survey highlights the nature and frequency of cyber attacks, their impact on healthcare systems, and emerging strategies to mitigate these risks.