The main purpose of the study is to determine the key aspects of the mechanisms of state management of the exchange of information about cyberattacks, cyber incidents, and information security incidents. The methodology includes a set of theoretical methods. Modern government, on the one hand, must take into account the emergence of such a new weapon as cyber, which can break various information systems, can be used in hybrid wars, influence political events, pose a threat to the national security of (...) any state. As a result of the study, key elements of the mechanisms of state management of the exchange of information about cyberattacks, cyber incidents, and information security incidents were identified. (shrink)

Does it seem that with each reported state cyberattack, there comes an announcement of discovery, an attribution to one of a handful of usual suspects, some threatening language suggesting imminent retribution, and then nothing more? Increased incidence of cyberattack makes its occurrence seem simultaneously rampant in terms of publicity and minimal in terms of threat of war. If rampant, how can repeated deployment by the same actors carry no punitive consequences? How is such audaciousness tolerated? For some, a (...) cyberattack by a state is an act of war. Its prevalence suggests there must be a void somewhere that facilitates its use without consequence. Others think state cyberattack is like other internet novelties: digital malfeasance, amounting to a nuisance that naturally follows from a digital‐based existence, particularly since non‐state actors are typically involved. Yet, state‐on‐state hostilities are historically perilous on a vast scale, and there is a multilateral system for regulating the use of force in the context of war. Acts of war, even when seeming minimal in impact, are not by‐products of a digital fad, and cyberattack is now described as far more than ‘nuisance’. If anywhere, the place for clarity on hostile state cyberoperations use should be accounted for in International Humanitarian Law. Yet, in its present form, it is ambiguous if not silent on the subject, suggesting that cyberattack currently presents an advantage to perpetrating states. Does this void or these ambiguities make cyberattacks more legally advantageous to states than traditional, kinetic weaponry? I examine whether existing IHL is sufficiently adaptable to state cyberoperations through a mixed legal and theoretical approach and conclude that they do. (shrink)

Abstract: As the frequency and sophistication of cyberattacks continue to rise, organizations face increasing challenges in safeguarding their digital infrastructures. Traditional cybersecurity measures often struggle to keep pace with rapidly evolving threats, creating a pressing need for more adaptive and proactive solutions. Artificial Intelligence (AI) has emerged as a transformative force in this domain, offering enhanced capabilities for detecting, analyzing, and preventing cyberattacks in real- time. This paper explores the pivotal role of AI in strengthening cybersecurity defenses by leveraging machine (...) learning algorithms, predictive analytics, and automation to anticipate and mitigate potential threats before they manifest. Furthermore, it examines AI's ability to evolve with emerging attack vectors, providing a dynamic response to an ever-changing threat landscape. The paper also addresses the limitations and ethical considerations surrounding AI-driven cybersecurity, advocating for a balanced approach to its deployment. Through this exploration, the research underscores how AI is redefining the future of cyber defense by shifting the focus from reactive to proactive strategies. (shrink)

In the current digital environment, cyberattacks continue to pose a serious risk and difficulty. Internet of Things (IoT) devices are becoming more and more vulnerable due to security problems like ransomware, malware, poor encryption, and IoT botnets. These flaws may result in ransom demands, data tampering, illegal access, and system risks. Creating strong cybersecurity procedures for contemporary smart environments is essential to resolving these problems. This strategy uses proactive network traffic monitoring to spot any dangers in the Internet of Things (...) ecosystem. Our approach is to improve Smart Environments' security and awareness of potential threats. Two IoT gateways were used to examine the effectiveness and performance of a deep neural network (DNN) model. The results were promising: the model caused an average increase of less than 30 kb/s in network bandwidth and a mere 2% rise in CPU usage. Additionally, memory and power consumption were minimal, with 0.42 GB and 0.2 GB of memory usage for NVIDIA Jetson and Raspberry Pi devices, respectively, and an average 13.5% increase in power consumption per device. The machine learning models achieved nearly 93% detection accuracy and a 92% F1 score on the datasets used. Our framework demonstrates an effective and efficient method for detecting malware and attacks in Smart Environments. (shrink)

To secure computers and information systems from attackers taking advantage of vulnerabilities in the system to commit cybercrime, several methods have been proposed for real-time detection of vulnerabilities to improve security around information systems. Of all the proposed methods, machine learning had been the most effective method in securing a system with capabilities ranging from early detection of software vulnerabilities to real-time detection of ongoing compromise in a system. As there are different types of cyberattacks, each of the existing state-of-the-art (...) machine learning models depends on different algorithms for training which also impact their suitability for detection of a particular type of cyberattack. In this research, we analyzed each of the current state-of-the art machine learning models for different types of cyberattack detection from the past 10 years with a major emphasis on the most recent works for comparative study to identify the knowledge gap where work is still needed to be done with regard to detection of each category of cyberattack. (shrink)

A philosopher argues that state-sponsored cyberattacks against central military or civilian targets are always acts of war. What is this philosopher doing? According to conceptual analysts, the philosopher is making a claim about our concept of war. According to philosophical realists, the philosopher is making a claim about war per se. In a quickly developing literature, a third option is being explored: the philosopher is engineering the concept of war. On this view, the philosopher is making a proposal about which (...) concept we should have – even if it deviates from the extant concept, and even if it does not capture ‘what war really is’. The activity or method of proposing such revisionary definitions, as well as the metaphilosophical reflection on it, has become known as conceptual engineering. (shrink)

Current state-of-the-art out-of-distribution algorithm does not address the variation in dynamic and static behavior between malware variants from the same family as evidence in their poor performance against an out-of-distribution malware attack. We aims to address this limitation by: 1) exploitation of the in-dimensional embedding space between variants from the same malware family to account for all variations 2) exploitation of the inter-dimensional space between different malware family 3) building a deep learning-based model with a shallow neural network with maximum (...) of two connected layers to overcome overfitting from the scratch 4) building a Bayesian inference based computation algorithm that intertwine with connected network and is able to create new and adjust existing data points in response to an exposure to new out-of-distribution variants of existing or new malware family which determines the extent at which model weight is adjusted which in turn triggers update on the gradient. Preliminary result of our proposed framework gave an accuracy of 81\% in the successful classification of a novel out-of-distribution malware attack, something that could not be achieve by any of the state-of-the-art algorithms on novel malware classification. (shrink)

The ever-evolving landscape of cyber threats necessitates robust and adaptable intrusion detection systems (IDS) capable of identifying both known and emerging attacks. Traditional IDS models often struggle with detecting novel threats, leading to significant security vulnerabilities. This paper proposes an optimized intrusion detection model using Support Vector Machine (SVM) algorithms tailored to detect known and innovative cyberattacks with high accuracy and efficiency. The model integrates feature selection and dimensionality reduction techniques to enhance detection performance while reducing computational overhead.

The ever-evolving landscape of cyber threats necessitates robust and adaptable intrusion detection systems (IDS) capable of identifying both known and emerging attacks. Traditional IDS models often struggle with detecting novel threats, leading to significant security vulnerabilities. This paper proposes an optimized intrusion detection model using Support Vector Machine (SVM) algorithms tailored to detect known and innovative cyberattacks with high accuracy and efficiency. The model integrates feature selection and dimensionality reduction techniques to enhance detection performance while reducing computational overhead. By leveraging (...) advanced optimization techniques such as Grid Search and Particle Swarm Optimization (PSO), the proposed SVM-based IDS achieves superior classification results. (shrink)

Cyberspace relies on information technologies to mediate relations between different people, across different communication networks and is reliant on the supporting technology. These interactions typically occur without physical proximity and those working depending on cybersystems must be able to trust the overall human–technical systems that support cyberspace. As such, detailed discussion of cybersecurity policy would be improved by including trust as a key value to help guide policy discussions. Moreover, effective cybersystems must have resilience designed into them. This paper argues (...) that trustworthy cybersystems are a key element to resilient systems, and thus are core to cybersecurity policy. The paper highlights the importance of trustworthiness for resilient cybersystems. The importance of trustworthiness is shown through a discussion of three events where trustworthiness was the target or casualty of cyberattacks: Stuxnet, hacking of communications and the Edward Snowden revelations. The impact of losing trust is highlighted, to underpin the argument that a resilient cybersystem ought to design in trustworthiness. The paper closes off by presenting a general set of policy implications arising from recognition of the interplay between trust, trustworthiness and resilience for effective cybersecurity. (shrink)

The ever-evolving landscape of cyber threats necessitates robust and adaptable intrusion detection systems (IDS) capable of identifying both known and emerging attacks. Traditional IDS models often struggle with detecting novel threats, leading to significant security vulnerabilities. This paper proposes an optimized intrusion detection model using Support Vector Machine (SVM) algorithms tailored to detect known and innovative cyberattacks with high accuracy and efficiency. The model integrates feature selection and dimensionality reduction techniques to enhance detection performance while reducing computational overhead. By leveraging (...) advanced optimization techniques such as Grid Search and Particle Swarm Optimization (PSO), the proposed SVM-based IDS achieves superior classification results. (shrink)

The proliferation of the Internet of Things (IoT) has transformed various industries by enabling smart environments and improving operational efficiencies. However, this expansion has introduced numerous security vulnerabilities, making IoT systems prime targets for cyberattacks. This paper proposes a machine learning-based intrusion detection framework tailored to the unique characteristics of IoT environments. The framework leverages feature engineering, advanced machine learning algorithms, and real-time anomaly detection to identify and mitigate security threats effectively. Experimental results demonstrate the efficacy of the proposed approach (...) in detecting diverse IoT-specific attacks, including denial-of-service (DoS), man-in-the-middle (MITM), and malware-based attacks. The Internet of Things (IoT) has revolutionized modern living by interconnecting devices and enabling seamless communication. However, the increasing reliance on IoT systems has exposed significant vulnerabilities, making them a prime target for security attacks. This paper proposes a machine learning-based intrusion detection framework to detect and mitigate security attacks in IoT environments. The framework integrates diverse machine learning algorithms to identify abnormal behavior and potential threats. Through comprehensive experiments and evaluations, this research demonstrates the efficacy of the proposed framework in terms of accuracy, scalability, and robustness. (shrink)

The internet has made the world more linked than ever before. While taking advantage of this online transition, cybercriminals target flaws in online systems, networks, and infrastructure. Businesses, government organizations, people, and communities all across the world, particularly in African countries, are all severely impacted on an economic and social level. Many African countries focused more on developing secure electricity and internet networks; yet, cybersecurity usually receives less attention than it should. One of Africa's major issues is the lack of (...) adequate digital security infrastructure, which has harmed businesses, governmental institutions, and individual communities more than it has helped. The majority of African countries operate without cybersecurity measures in place to combat cyberattacks. Only a few examples of today's cyber risks include digital extortion, business email intrusion, data breaches, online fraud, ransomware, and phishing, and new types of cybercrime are always developing. Due to the advent of new technology, cybercriminals have become more organized and quicker in their attacks and alliance creation. To maintain a secure digital environment for all internet users, this study focused on the challenges, solutions, and need for African countries to improve their online safety by tackling cybercrime, online fraud, and cybersecurity concerns. The objective of this study is to offer practical and long-term answers to the problems posed by cybercrime, with a continuing emphasis on enhancing online safety. It will assess the effectiveness of cutting-edge cybersecurity measures, legislative frameworks, and cross-border cooperative efforts, as well as potential areas for improvement. Additionally, the study will examine cutting-edge methods like blockchain technology, machine learning, and other cutting-edge methods that could improve our using digital defences to stop cybercrime. (shrink)

Current state-of-the-art out-of-distribution algorithm does not address the variation in dynamic and static behavior between malware variants from the same family as evidence in their poor performance against an out-of-distribution malware attack. We aims to address this limitation by: 1) exploitation of the in-dimensional embedding space between variants from the same malware family to account for all variations 2) exploitation of the inter-dimensional space between different malware family 3) building a deep learning-based model with a shallow neural network with maximum (...) of two connected layers to overcome overfitting from the scratch 4) building a Bayesian inference based computation algorithm that intertwine with connected network and is able to create new and adjust existing data points in response to an exposure to new out-of-distribution variants of existing or new malware family which determines the extent at which model weight is adjusted which in turn triggers update on the gradient. Preliminary result of our proposed framework gave an accuracy of 81\% in the successful classification of a novel out-of-distribution malware attack, something that could not be achieve by any of the state-of-the-art algorithms on novel malware classification. (shrink)

This article assesses how autonomy and machine learning impact the existential risk of nuclear war. It situates the problem of cyber security, which proceeds by stealth, within the larger context of nuclear deterrence, which is effective when it functions with transparency and credibility. Cyber vulnerabilities poses new weaknesses to the strategic stability provided by nuclear deterrence. This article offers best practices for the use of computer and information technologies integrated into nuclear weapons systems. Focusing on nuclear command and control, avoiding (...) autonomy and machine learning is recommended as one means to reduce the existential risk of unintended nuclear conflict. (shrink)

This book aims to provide a comprehensive analysis of Advanced Persistent Threats (APTs), including their characteristics, origins, methods, consequences, and defense strategies, with a focus on detecting these threats. It explores the concept of advanced persistent threats in the context of cyber security and cyber warfare. APTs represent one of the most insidious and challenging forms of cyber threats, characterized by their sophistication, persistence, and targeted nature. The paper examines the origins, characteristics and methods used by APT actors. It also (...) explores the complexities associated with APT detection, analyzing the evolving tactics used by threat actors and the corresponding advances in detection methodologies. It highlights the importance of a multi-faceted approach that integrates technological innovations with proactive defense strategies to effectively identify and mitigate APT. (shrink)