Artificial intelligence in the cyber domain: Offense and defense

Artificial intelligence techniques have grown rapidly in recent years, and their applications in practice can be seen in many fields, ranging from facial recognition to image analysis. In the cybersecurity domain, AI-based techniques can provide better cyber defense tools and help adversaries improve methods of attack. However, malicious actors are aware of the new prospects too and will probably attempt to use them for nefarious purposes. This survey paper aims at providing an overview of how artificial intelligence can be used in the context of cybersecurity in both offense and defense.Web of Science123art. no. 41

Phishing Detection using Base Classifier and Ensemble Technique

Phishing attacks continue to pose a significant threat in today's digital landscape, with both individuals and organizations falling victim to these attacks on a regular basis. One of the primary methods used to carry out phishing attacks is through the use of phishing websites, which are designed to look like legitimate sites in order to trick users into giving away their personal information, including sensitive data such as credit card details and passwords. This research paper proposes a model that utilizes several benchmark classifiers, including LR, Bagging, RF, K-NN, DT, SVM, and Adaboost, to accurately identify and classify phishing websites based on accuracy, precision, recall, f1-score, and confusion matrix. Additionally, a meta-learner and stacking model were combined to identify phishing websites in existing systems. The proposed ensemble learning approach using stack-based meta-learners proved to be highly effective in identifying both legitimate and phishing websites, achieving an accuracy rate of up to 97.19%, with precision, recall, and f1 scores of 97%, 98%, and 98%, respectively. Thus, it is recommended that ensemble learning, particularly with stacking and its meta-learner variations, be implemented to detect and prevent phishing attacks and other digital cyber threats

Analysis into developing accurate and efficient intrusion detection approaches

Cyber-security has become more prevalent as more organisations are relying on cyber-enabled infrastructures to conduct their daily actives. Subsequently cybercrime and cyber-attacks are increasing. An Intrusion Detection System (IDS) is a cyber-security tool that is used to mitigate cyber-attacks. An IDS is a system deployed to monitor network traffic and trigger an alert when unauthorised activity has been detected. It is important for IDSs to accurately identify cyber-attacks against assets on cyber-enabled infrastructures, while also being efficient at processing current and predicted network traffic flows. The purpose of the paper is to outline the importance of developing an accurate and effective intrusion detection approach that can be deployed on an IDS. Further research aims to develop a hybrid data mining intrusion detection approach that uses Decision Tree classifications and Association Rules to extract rules using the classified data

Intelligent quality performance assessment for e-banking security using fuzzy logic

Security has been widely recognized as one of the main obstacles to the adoption of Internet banking and it is considered an important aspect in the debate over challenges facing internet banking. The performance evaluation of e-banking websites requires a model that enables us to analyze the various imperative factors and criteria related to the quality and performance of e-banking websites. Ebanking site evaluation is a complex and dynamic problem involving many factors, and because of the subjective considerations and the ambiguities involved in the assessment, Fuzzy Logic (FL) model can be an effective tool in assessing and evaluating of e-banking security performance and quality. In this paper, we propose an intelligent performance assessment model for evaluating e-banking security websites. The proposed model is based on FL operators and produces four measures of security risk attack dimensions: direct internal attack, communication tampering attack, code programming attack and denial of service attack with a hierarchical ring layer structure. Our experimental results show that direct internal attack risk has a large impact on e-banking security performance. The results also confirm that the risk of direct internal attack for e-banking dynamic websites is doubled that of all other attacks

Framework for Risk Identification of Renewable Energy Projects Using Fuzzy Case-Based Reasoning

Construction projects are highly risk-prone due to both internal factors (e.g., organizational, contractual, project, etc.) and external factors (e.g., environmental, economic, political, etc.). Construction risks can thus have a direct or indirect impact on project objectives, such as cost, time, safety, and quality. Identification of these risks is crucial in order to fulfill project objectives. Many tools and techniques have been proposed for risk identification, including literature review, questionnaire surveys, and expert interviews. However, the majority of these approaches are highly reliant on expert knowledge or prior knowledge of the project. Therefore, the application of such tools and techniques in risk identification for renewable energy projects (e.g., wind farm and solar power plant projects) is challenging due to their novelty and the limited availability of historical data or literature. This paper addresses these challenges by introducing a new risk identification framework for renewable energy projects, which combines case-based reasoning (CBR) with fuzzy logic. CBR helps to solve problems related to novel projects (e.g., renewable energy projects) based on their similarities to existing, well-studied projects (e.g., conventional energy projects). CBR addresses the issue of data scarcity by comparing novel types of construction projects to other well-studied project types and using the similarities between these two sets of projects to solve the different problems associated with novel types of construction projects, such as risk identification of renewable energy projects. Moreover, the integration of fuzzy logic with CBR, to develop fuzzy case-based reasoning (FCBR), increases the applicability of CBR in construction by capturing the subjective uncertainty that exists in construction-related problems. The applicability of the proposed framework was tested on a case study of an onshore wind farm project. The objectives of this paper are to introduce a novel framework for risk identification of renewable energy projects and to identify the risks associated with the construction of onshore wind farm projects at the work package level. The results of this paper will help to improve the risk management of renewable energy projects during the construction phase

Security challenges and solutions for e-business

The advantages of economic growth and increasing ease of operation afforded by e-business and e-commerce developments are unfortunately matched by growth in cyber attacks. This paper outlines the common attacks faced by e-business and describes the defenses that can be used against them. It also reviews the development of newer security defense methods. These are: (1) biometrics for authentication; parallel processing to increase power and speed of defenses; (2) data mining and machine learning to identify attacks; (3) peer-to-peer security using blockchains; 4) enterprise security modelling and security as a service; and (5) user education and engagement. The review finds overall that one of the most prevalent dangers is social engineering in the form of phishing attacks. Recommended counteractions include education and training, and the development of new machine learning and data sharing approaches so that attacks can be quickly discovered and mitigated

Encapsulation of Soft Computing Approaches within Itemset Mining a A Survey

Data Mining discovers patterns and trends by extracting knowledge from large databases. Soft Computing techniques such as fuzzy logic, neural networks, genetic algorithms, rough sets, etc. aims to reveal the tolerance for imprecision and uncertainty for achieving tractability, robustness and low-cost solutions. Fuzzy Logic and Rough sets are suitable for handling different types of uncertainty. Neural networks provide good learning and generalization. Genetic algorithms provide efficient search algorithms for selecting a model, from mixed media data. Data mining refers to information extraction while soft computing is used for information processing. For effective knowledge discovery from large databases, both Soft Computing and Data Mining can be merged. Association rule mining (ARM) and Itemset mining focus on finding most frequent item sets and corresponding association rules, extracting rare itemsets including temporal and fuzzy concepts in discovered patterns. This survey paper explores the usage of soft computing approaches in itemset utility mining