In the current digital environment, cyberattacks continue to pose a serious risk and difficulty. Internet of Things (IoT) devices are becoming more and more vulnerable due to security problems like ransomware, malware, poor encryption, and IoT botnets. These flaws may result in ransom demands, data tampering, illegal access, and system risks. Creating strong cybersecurity procedures for contemporary smart environments is essential to resolving these problems. This strategy uses proactive network traffic monitoring to spot any dangers in the Internet of Things (...) ecosystem. Our approach is to improve Smart Environments' security and awareness of potential threats. Two IoT gateways were used to examine the effectiveness and performance of a deep neural network (DNN) model. The results were promising: the model caused an average increase of less than 30 kb/s in network bandwidth and a mere 2% rise in CPU usage. Additionally, memory and power consumption were minimal, with 0.42 GB and 0.2 GB of memory usage for NVIDIA Jetson and Raspberry Pi devices, respectively, and an average 13.5% increase in power consumption per device. The machine learning models achieved nearly 93% detection accuracy and a 92% F1 score on the datasets used. Our framework demonstrates an effective and efficient method for detecting malware and attacks in Smart Environments. (shrink)

The main purpose of the study is to determine the key aspects of the mechanisms of state management of the exchange of information about cyberattacks, cyber incidents, and information security incidents. The methodology includes a set of theoretical methods. Modern government, on the one hand, must take into account the emergence of such a new weapon as cyber, which can break various information systems, can be used in hybrid wars, influence political events, pose a threat to the national security of (...) any state. As a result of the study, key elements of the mechanisms of state management of the exchange of information about cyberattacks, cyber incidents, and information security incidents were identified. (shrink)

Does it seem that with each reported state cyberattack, there comes an announcement of discovery, an attribution to one of a handful of usual suspects, some threatening language suggesting imminent retribution, and then nothing more? Increased incidence of cyberattack makes its occurrence seem simultaneously rampant in terms of publicity and minimal in terms of threat of war. If rampant, how can repeated deployment by the same actors carry no punitive consequences? How is such audaciousness tolerated? For some, a (...) cyberattack by a state is an act of war. Its prevalence suggests there must be a void somewhere that facilitates its use without consequence. Others think state cyberattack is like other internet novelties: digital malfeasance, amounting to a nuisance that naturally follows from a digital‐based existence, particularly since non‐state actors are typically involved. Yet, state‐on‐state hostilities are historically perilous on a vast scale, and there is a multilateral system for regulating the use of force in the context of war. Acts of war, even when seeming minimal in impact, are not by‐products of a digital fad, and cyberattack is now described as far more than ‘nuisance’. If anywhere, the place for clarity on hostile state cyberoperations use should be accounted for in International Humanitarian Law. Yet, in its present form, it is ambiguous if not silent on the subject, suggesting that cyberattack currently presents an advantage to perpetrating states. Does this void or these ambiguities make cyberattacks more legally advantageous to states than traditional, kinetic weaponry? I examine whether existing IHL is sufficiently adaptable to state cyberoperations through a mixed legal and theoretical approach and conclude that they do. (shrink)

Abstract: As the frequency and sophistication of cyberattacks continue to rise, organizations face increasing challenges in safeguarding their digital infrastructures. Traditional cybersecurity measures often struggle to keep pace with rapidly evolving threats, creating a pressing need for more adaptive and proactive solutions. Artificial Intelligence (AI) has emerged as a transformative force in this domain, offering enhanced capabilities for detecting, analyzing, and preventing cyberattacks in real- time. This paper explores the pivotal role of AI in strengthening cybersecurity defenses by leveraging machine (...) learning algorithms, predictive analytics, and automation to anticipate and mitigate potential threats before they manifest. Furthermore, it examines AI's ability to evolve with emerging attack vectors, providing a dynamic response to an ever-changing threat landscape. The paper also addresses the limitations and ethical considerations surrounding AI-driven cybersecurity, advocating for a balanced approach to its deployment. Through this exploration, the research underscores how AI is redefining the future of cyber defense by shifting the focus from reactive to proactive strategies. (shrink)

To secure computers and information systems from attackers taking advantage of vulnerabilities in the system to commit cybercrime, several methods have been proposed for real-time detection of vulnerabilities to improve security around information systems. Of all the proposed methods, machine learning had been the most effective method in securing a system with capabilities ranging from early detection of software vulnerabilities to real-time detection of ongoing compromise in a system. As there are different types of cyberattacks, each of the existing state-of-the-art (...) machine learning models depends on different algorithms for training which also impact their suitability for detection of a particular type of cyberattack. In this research, we analyzed each of the current state-of-the art machine learning models for different types of cyberattack detection from the past 10 years with a major emphasis on the most recent works for comparative study to identify the knowledge gap where work is still needed to be done with regard to detection of each category of cyberattack. (shrink)

A philosopher argues that state-sponsored cyberattacks against central military or civilian targets are always acts of war. What is this philosopher doing? According to conceptual analysts, the philosopher is making a claim about our concept of war. According to philosophical realists, the philosopher is making a claim about war per se. In a quickly developing literature, a third option is being explored: the philosopher is engineering the concept of war. On this view, the philosopher is making a proposal about which (...) concept we should have – even if it deviates from the extant concept, and even if it does not capture ‘what war really is’. The activity or method of proposing such revisionary definitions, as well as the metaphilosophical reflection on it, has become known as conceptual engineering. (shrink)

Current state-of-the-art out-of-distribution algorithm does not address the variation in dynamic and static behavior between malware variants from the same family as evidence in their poor performance against an out-of-distribution malware attack. We aims to address this limitation by: 1) exploitation of the in-dimensional embedding space between variants from the same malware family to account for all variations 2) exploitation of the inter-dimensional space between different malware family 3) building a deep learning-based model with a shallow neural network with maximum (...) of two connected layers to overcome overfitting from the scratch 4) building a Bayesian inference based computation algorithm that intertwine with connected network and is able to create new and adjust existing data points in response to an exposure to new out-of-distribution variants of existing or new malware family which determines the extent at which model weight is adjusted which in turn triggers update on the gradient. Preliminary result of our proposed framework gave an accuracy of 81\% in the successful classification of a novel out-of-distribution malware attack, something that could not be achieve by any of the state-of-the-art algorithms on novel malware classification. (shrink)

The ever-evolving landscape of cyber threats necessitates robust and adaptable intrusion detection systems (IDS) capable of identifying both known and emerging attacks. Traditional IDS models often struggle with detecting novel threats, leading to significant security vulnerabilities. This paper proposes an optimized intrusion detection model using Support Vector Machine (SVM) algorithms tailored to detect known and innovative cyberattacks with high accuracy and efficiency. The model integrates feature selection and dimensionality reduction techniques to enhance detection performance while reducing computational overhead. By leveraging (...) advanced optimization techniques such as Grid Search and Particle Swarm Optimization (PSO), the proposed SVM-based IDS achieves superior classification results. (shrink)

With the growing sophistication and frequency of cyberattacks, there is a critical need for effective systems that can detect and prevent breaches in real time. The AI/ML-based Network Intrusion Detection System (NIDS) addresses this need by analyzing traffic patterns to identify security breaches in firewalls, routers, and network infrastructures. By integrating machine learning algorithms—K-Nearest Neighbors (KNN), Support Vector Machine (SVM), and Random Forest—the system is able to detect both known cyber threats and previously unseen attack vectors. Unlike traditional methods that (...) rely heavily on predefined indicators of compromise (IoCs), this system utilizes anomaly detection techniques, allowing it to identify new and emerging threats. As cyberattacks evolve, organizations must adopt adaptive methods to secure their networks. This system achieves high accuracy in classifying network traffic, with real-time alerts that provide early warnings of suspicious activities. It also includes intuitive visualizations, helping network administrators gain insights into the nature and scope of attacks. With the rise of increasingly complex and frequent cyberattacks, this NIDS offers a robust solution for enhancing network security and response capabilities. (shrink)

Cyberspace relies on information technologies to mediate relations between different people, across different communication networks and is reliant on the supporting technology. These interactions typically occur without physical proximity and those working depending on cybersystems must be able to trust the overall human–technical systems that support cyberspace. As such, detailed discussion of cybersecurity policy would be improved by including trust as a key value to help guide policy discussions. Moreover, effective cybersystems must have resilience designed into them. This paper argues (...) that trustworthy cybersystems are a key element to resilient systems, and thus are core to cybersecurity policy. The paper highlights the importance of trustworthiness for resilient cybersystems. The importance of trustworthiness is shown through a discussion of three events where trustworthiness was the target or casualty of cyberattacks: Stuxnet, hacking of communications and the Edward Snowden revelations. The impact of losing trust is highlighted, to underpin the argument that a resilient cybersystem ought to design in trustworthiness. The paper closes off by presenting a general set of policy implications arising from recognition of the interplay between trust, trustworthiness and resilience for effective cybersecurity. (shrink)

The proliferation of the Internet of Things (IoT) has transformed various industries by enabling smart environments and improving operational efficiencies. However, this expansion has introduced numerous security vulnerabilities, making IoT systems prime targets for cyberattacks. This paper proposes a machine learning-based intrusion detection framework tailored to the unique characteristics of IoT environments. The framework leverages feature engineering, advanced machine learning algorithms, and real-time anomaly detection to identify and mitigate security threats effectively. Experimental results demonstrate the efficacy of the proposed approach (...) in detecting diverse IoT-specific attacks, including denial-of-service (DoS), man-in-the-middle (MITM), and malware-based attacks. The Internet of Things (IoT) has revolutionized modern living by interconnecting devices and enabling seamless communication. However, the increasing reliance on IoT systems has exposed significant vulnerabilities, making them a prime target for security attacks. This paper proposes a machine learning-based intrusion detection framework to detect and mitigate security attacks in IoT environments. The framework integrates diverse machine learning algorithms to identify abnormal behavior and potential threats. Through comprehensive experiments and evaluations, this research demonstrates the efficacy of the proposed framework in terms of accuracy, scalability, and robustness. (shrink)

The ever-evolving landscape of cyber threats necessitates robust and adaptable intrusion detection systems (IDS) capable of identifying both known and emerging attacks. Traditional IDS models often struggle with detecting novel threats, leading to significant security vulnerabilities. This paper proposes an optimized intrusion detection model using Support Vector Machine (SVM) algorithms tailored to detect known and innovative cyberattacks with high accuracy and efficiency. The model integrates feature selection and dimensionality reduction techniques to enhance detection performance while reducing computational overhead. By leveraging (...) advanced optimization techniques such as Grid Search and Particle Swarm Optimization (PSO), the proposed SVM-based IDS achieves superior classification results. (shrink)

The internet has made the world more linked than ever before. While taking advantage of this online transition, cybercriminals target flaws in online systems, networks, and infrastructure. Businesses, government organizations, people, and communities all across the world, particularly in African countries, are all severely impacted on an economic and social level. Many African countries focused more on developing secure electricity and internet networks; yet, cybersecurity usually receives less attention than it should. One of Africa's major issues is the lack of (...) adequate digital security infrastructure, which has harmed businesses, governmental institutions, and individual communities more than it has helped. The majority of African countries operate without cybersecurity measures in place to combat cyberattacks. Only a few examples of today's cyber risks include digital extortion, business email intrusion, data breaches, online fraud, ransomware, and phishing, and new types of cybercrime are always developing. Due to the advent of new technology, cybercriminals have become more organized and quicker in their attacks and alliance creation. To maintain a secure digital environment for all internet users, this study focused on the challenges, solutions, and need for African countries to improve their online safety by tackling cybercrime, online fraud, and cybersecurity concerns. The objective of this study is to offer practical and long-term answers to the problems posed by cybercrime, with a continuing emphasis on enhancing online safety. It will assess the effectiveness of cutting-edge cybersecurity measures, legislative frameworks, and cross-border cooperative efforts, as well as potential areas for improvement. Additionally, the study will examine cutting-edge methods like blockchain technology, machine learning, and other cutting-edge methods that could improve our using digital defences to stop cybercrime. (shrink)

The ever-evolving landscape of cyber threats necessitates robust and adaptable intrusion detection systems (IDS) capable of identifying both known and emerging attacks. Traditional IDS models often struggle with detecting novel threats, leading to significant security vulnerabilities. This paper proposes an optimized intrusion detection model using Support Vector Machine (SVM) algorithms tailored to detect known and innovative cyberattacks with high accuracy and efficiency. The model integrates feature selection and dimensionality reduction techniques to enhance detection performance while reducing computational overhead.

Current state-of-the-art out-of-distribution algorithm does not address the variation in dynamic and static behavior between malware variants from the same family as evidence in their poor performance against an out-of-distribution malware attack. We aims to address this limitation by: 1) exploitation of the in-dimensional embedding space between variants from the same malware family to account for all variations 2) exploitation of the inter-dimensional space between different malware family 3) building a deep learning-based model with a shallow neural network with maximum (...) of two connected layers to overcome overfitting from the scratch 4) building a Bayesian inference based computation algorithm that intertwine with connected network and is able to create new and adjust existing data points in response to an exposure to new out-of-distribution variants of existing or new malware family which determines the extent at which model weight is adjusted which in turn triggers update on the gradient. Preliminary result of our proposed framework gave an accuracy of 81\% in the successful classification of a novel out-of-distribution malware attack, something that could not be achieve by any of the state-of-the-art algorithms on novel malware classification. (shrink)

The increasing complexity and sophistication of cyber threats have rendered traditional perimeter-based security models insufficient for protecting modern digital infrastructures. Zero Trust Architecture (ZTA) has emerged as a transformative cybersecurity framework that operates on the principle of "never trust, always verify." Unlike conventional security models that rely on implicit trust, ZTA enforces strict identity verification, continuous monitoring, least-privilege access, and microsegmentation to mitigate risks associated with unauthorized access and lateral movement of threats. By integrating technologies such as artificial intelligence (AI), (...) machine learning (ML), and behavioral analytics, Zero Trust enhances threat detection, reduces attack surfaces, and ensures a proactive security posture across cloud, on-premises, and hybrid environments. This paper explores the core principles, implementation strategies, and benefits of Zero Trust Architecture, along with its challenges and future trends in cybersecurity. Furthermore, it highlights real-world applications and case studies that demonstrate the effectiveness of ZTA in protecting critical assets against advanced cyber threats. By adopting a Zero Trust approach, organizations can significantly improve their resilience to cyberattacks and ensure robust data protection in an evolving threat landscape. (shrink)

In the modern enterprise environment, where cybersecurity threats continue to evolve in complexity and sophistication, network segmentation and micro-segmentation have emerged as critical strategies for mitigating risks and reducing attack surfaces. This research paper explores the principles, implementation, and benefits of network segmentation and micro-segmentation as essential components of a comprehensive cybersecurity framework. By dividing networks into smaller, isolated segments, these methodologies aim to limit unauthorized access, minimize lateral movement, and contain potential breaches, ensuring a more secure network infrastructure. Network (...) segmentation focuses on dividing large networks into smaller, more manageable subnetworks. This process enforces boundaries between different areas of a network, reducing exposure and protecting sensitive data. Meanwhile, microsegmentation extends this concept to the individual workload level, offering granular security controls that adapt to dynamic and cloud-based environments. These approaches are particularly relevant in today's context, where hybrid infrastructures and multi-cloud deployments are becoming the norm, posing significant security challenges. The paper examines the technical underpinnings of segmentation techniques, highlighting tools and frameworks that facilitate their deployment. It also addresses key challenges, such as the complexity of configuration, potential performance bottlenecks, and the necessity for alignment with broader organizational policies. Case studies from industries such as healthcare, finance, and government are analyzed to demonstrate the effectiveness of segmentation in reducing the scope and impact of cyberattacks. Additionally, this study delves into the evolving landscape of cyber threats, emphasizing the role of segmentation in countering advanced persistent threats (APTs), ransomware attacks, and insider threats. By adopting a zero-trust architecture that integrates micro-segmentation, organizations can ensure that every access request is verified and confined to the least privileged level necessary. This proactive approach to network defense aligns with industry best practices and regulatory standards, enhancing an organization's security posture. Furthermore, the research highlights the importance of continuous monitoring and automation in maintaining segmented networks. Emerging technologies such as artificial intelligence (AI) and machine learning (ML) are explored for their potential to optimize and simplify segmentation processes. These advancements enable organizations to dynamically adapt to evolving threats while maintaining operational efficiency. The findings emphasize that while network segmentation and micro-segmentation are not silver bullets, they represent indispensable layers of defense within a multi-faceted cybersecurity strategy. Organizations that successfully implement these strategies can significantly reduce the likelihood and impact of breaches, protect critical assets, and build resilience against future threats. This paper aims to provide a comprehensive guide for cybersecurity professionals, IT administrators, and policymakers to understand and adopt network segmentation and micro-segmentation. By integrating these strategies into their security frameworks, enterprises can fortify their defenses in the face of a constantly shifting threat landscape, safeguarding their infrastructure, data, and operations. (shrink)

The rapid proliferation of Internet of Things (IoT) devices in smart cities has introduced numerous benefits, enhancing urban efficiency, sustainability, and automation. However, these interconnected systems also pose significant cybersecurity challenges, including data breaches, unauthorized access, and cyberattacks that can compromise critical infrastructure. This paper explores various cybersecurity strategies tailored for IoT environments in smart cities, focusing on encryption techniques, secure authentication mechanisms, network security protocols, and blockchain-based security models. Additionally, it discusses machine learningbased anomaly detection systems to identify potential (...) cyber threats in real time. By analyzing existing security frameworks and emerging solutions, this study provides a comprehensive approach to safeguarding IoT devices in smart urban ecosystems. The findings emphasize the need for a multi-layered security model and proactive threat mitigation strategies to ensure the resilience and integrity of smart city infrastructures. (shrink)

This article assesses how autonomy and machine learning impact the existential risk of nuclear war. It situates the problem of cyber security, which proceeds by stealth, within the larger context of nuclear deterrence, which is effective when it functions with transparency and credibility. Cyber vulnerabilities poses new weaknesses to the strategic stability provided by nuclear deterrence. This article offers best practices for the use of computer and information technologies integrated into nuclear weapons systems. Focusing on nuclear command and control, avoiding (...) autonomy and machine learning is recommended as one means to reduce the existential risk of unintended nuclear conflict. (shrink)

This book aims to provide a comprehensive analysis of Advanced Persistent Threats (APTs), including their characteristics, origins, methods, consequences, and defense strategies, with a focus on detecting these threats. It explores the concept of advanced persistent threats in the context of cyber security and cyber warfare. APTs represent one of the most insidious and challenging forms of cyber threats, characterized by their sophistication, persistence, and targeted nature. The paper examines the origins, characteristics and methods used by APT actors. It also (...) explores the complexities associated with APT detection, analyzing the evolving tactics used by threat actors and the corresponding advances in detection methodologies. It highlights the importance of a multi-faceted approach that integrates technological innovations with proactive defense strategies to effectively identify and mitigate APT. (shrink)