Mesopotamian Journal of CyberSecurity https://mesopotamian.press/journals/index.php/CyberSecurity <div class="flex flex-grow flex-col gap-3"> <div class="min-h-[20px] flex flex-col items-start gap-4 whitespace-pre-wrap break-words"> <div class="markdown prose w-full break-words dark:prose-invert light"> <p style="text-align: justify;">Attention cybersecurity scholars and researchers! The Mesopotamian Journal of Cybersecurity has successfully launched and is rapidly gaining recognition in the academic community. With three impactful issues already published, our journal is attracting attention from respected publishers such as Scopus, Taylor &amp; Francis, and others. We invite you to contribute your cutting-edge research and insights to our esteemed publication.</p> </div> </div> </div> Mesopotamian Academic Press en-US Mesopotamian Journal of CyberSecurity 2958-6542 An optimized model for network intrusion detection in the network operating system environment https://mesopotamian.press/journals/index.php/CyberSecurity/article/view/583 <p>With the heavy reliance on computers and information technology to send and receive data across networks of various types, there has been concern about securing that data from intrusions and cyber-attacks. The expansion of network usage has led to an increase in hacker attacks, which has led to prioritizing cybersecurity precautions in detecting potential threats. Intrusion detection techniques are a critical security measure to protect networks in both personal and corporate environments that are managed by network operating systems. For this, the paper relies on designing a network intrusion detection model. Since deep neural networks (DNNs) are classic deep learning models known for their strong classification performance, making them popular in intrusion detection along with other machine learning algorithms, they have been chosen to improve intrusion classification models based on datasets for intrusion detection systems. The basic structure of this proposal is to adopt one of the optimization algorithms in extracting features from the dataset to obtain more accurate results in the classification and intrusion detection stage. The developed Corona Virus algorithm is adopted to improve the system performance by identifying optimal features. This algorithm, which consists of several stages, optimally selects individuals based on features from the NSL-KDD dataset used for intrusion detection. The resulting optimization solution acts as a network structure for the intrusion classification model based on machine learning and deep learning algorithms. The test results showed exceptional performance on the NSL-KDD dataset, where the proposed Convolution Neural Network CNN model achieved 99.3% accuracy for multi-class classification, while the Decision Tree (DT) achieved 88.64% accuracy for anomaly detection in bi-class classification.</p> Abbas A. Abdulhameed Sundos A. Hameed Alazawi Ghassan Muslim Hassan Copyright (c) 2024 Abbas A. Abdulhameed , Sundos A. Hameed Alazawi, Ghassan Muslim Hassan https://creativecommons.org/licenses/by/4.0 2024-11-07 2024-11-07 4 3 75 85 10.58496/MJCS/2024/017 A New Lightweight Cryptosystem for IoT in Smart City Environments https://mesopotamian.press/journals/index.php/CyberSecurity/article/view/557 <p>Internet of Things (IoT) devices, user interfaces (UI), software, as well as communication networks are all deployed within Smart Cities topology. The security approach designed for Internet of Things IoT should be able to prevent and detect both internal and external attacks. The problem in IoT network that not every linked node or device has an adequate amount of processing power. This means that data encryption and other related activities will be impossible and means that the security of any kind must be lightweight. A trustworthy security solution that stops illegal access to private data on the network is necessary for maintaining the privacy of information on the Internet of Things. Cryptographic processes need to be quicker and more compact without sacrificing security. The aim of this study is to reduce the execution time and power consumption of encryption processes without compromise the complexity of the encryption algorithm. This research presents a new lightweight cryptographic technique to protect various multimedia and real-time traffics across IoT network, by using two S-box in SubByte of encryption process, without affecting its performance. &nbsp;In this study, different audio samples will be used to test the new algorithm efficiency. Comparing the suggested method to the most advanced standard algorithm, it can reduce the cryptography process's execution time as well as energy consumption while maintaining the required security level. The outcomes demonstrate good performance in terms of power usage and delay. The new technique consumed a roughly 0.2 µJ for encryption process while the typical AES algorithm consumed 0.29 µJ, this mean the new algorithm achieved (33% power savings), while maintaining a good complexity level (security) within the process of encryption according to the results in tables I, II, and the comparison in table III. The novelty of this work can be showed by using dual XOR S-box technique which increased the complexity of SubByte process making it more secure without overload the processing performance, in addition to the reduction in encryption rounds which contribute to enhance the performance without compromise the security. Making it more suited for the Internet of Things (IoT) used in smart city environments.</p> Firas Hazzaa Md Mahmudul Hasan Akram Qashou Sufian Yousef Copyright (c) 2024 Firas Hazzaa, Md Mahmudul Hasan, Akram Qashou, Sufian Yousef https://creativecommons.org/licenses/by/4.0 2024-10-13 2024-10-13 4 3 46 58 10.58496/MJCS/2024/015 Dental segmentation via enhanced YOLOv8 and image processing techniques https://mesopotamian.press/journals/index.php/CyberSecurity/article/view/660 <p>By blending computer-aided medical systems with cutting-edge privacy technologies, healthcare providers can deliver more personalized, effective care while maintaining the highest data security standards and patient trust. The challenge of dental segmentation in computer vision, a task focused on accurately outlining dental structures in images, traditional methods, particularly convolution neural networks (CNNs), didn't reach high accuracy in this area due to suboptimal performance and computational inefficiency. The goal of image segmentation is to group pixels on the basis of their visual properties, such as color, texture, intensity, or spatial proximity, to identify and delineate the boundaries of distinct objects or regions within the image. In this paper, You Only Look Once (YOLOv8) algorithm is improved to segment teeth with high accuracy and high execution speed. The increase in the number of layers of YOLOv8 relied upon, as the accuracy of the algorithm segmentation depends on the number of layers used to extract features from the image (backbone) and the number of layers of the head (prediction). In addition, the size of the layers is decreased to increase the execution speed. The novelty of this paper is the proposed YOLOv8 model in addition to the Proposed Activation Function (PAF). The dataset (top view) used was taken from a dental clinic where 526 images were taken of dental and different patients. The best accuracy reached 99.561% when the enhanced YOLOv8 segmentation model was applied to the&nbsp;dental dataset. It can be concluded that the improved model of the YOLOv8 algorithm has increased the accuracy of dental segmentation compared to previous research because it relies on a proposed PAF that increases the difference between the features extracted from the layers of the proposed model which makes it able to distinguish between teeth and surrounding parts significantly.</p> Dhiaa Mohammed Abed Shuzlina Abdul-Rahman Sofianita Mutalib Copyright (c) 2024 Dhiaa Mohammed Abed , Shuzlina Abdul-Rahman , Sofianita Mutalib https://creativecommons.org/licenses/by/4.0 2024-12-08 2024-12-08 4 3 189 202 10.58496/MJCS/2024/022 Enhancing Electronic Agriculture Data Security with a Blockchain-Based Search Method and E-Signatures https://mesopotamian.press/journals/index.php/CyberSecurity/article/view/413 <p>The production of digital signatures with blockchain constitutes a prerequisite for the security of electronic agriculture applications (EAA), such as the Internet of Things (IoT). To prevent irresponsibility within the blockchain, attackers regularly attempt to manipulate or intercept data stored or sent via EAA-IoT. Additionally, cybersecurity has not received much attention recently because IoT applications are still relatively new. As a result, the protection of EAAs against security threats remains insufficient. Moreover, the security protocols used in contemporary research are still insufficient to thwart a wide range of threats. For these security issues, first, this study proposes a security system to combine consortium blockchain blocks with Edwards25519 (Ed25519) signatures to stop block data tampering in the IoT. Second, the proposed study leverages an artificial bee colonizer (ABC) approach to preserve the unpredictable nature of Ed25519 signatures while identifying the optimal solution and optimizing various complex challenges. Advanced deep learning (ADL) technology is used as a model to track and evaluate objects in the optimizer system. We tested our system in terms of security measures and performance overhead. Tests conducted on the proposed system have shown that it can prevent the most destructive applications, such as obfuscation, selfish mining, block blocking, block ignoring, blind blocking, and heuristic attacks, and that our system fends off these attacks through the use of the test of the Scyther tool. Additionally, the system measures performance parameters, including a scalability of 99.56%, an entropy of 60.99 Mbps, and a network throughput rate of 200,000.0 m/s, which reflects the acceptability of the proposed system over existing security systems.</p> <p><br /><br /></p> Duaa Hammoud Tahayur Mishall Al-Zubaidie Copyright (c) 2024 Duaa Hammoud Tahayur, Mishall Al-Zubaidie https://creativecommons.org/licenses/by/4.0 2024-09-09 2024-09-09 4 3 1 21 10.58496/MJCS/2024/012 Intermediary Decentralized Computing and Private Blockchain Mechanisms for Privacy Preservation in the Internet of Medical Things https://mesopotamian.press/journals/index.php/CyberSecurity/article/view/643 <p>Protecting patient data in the Internet of Medical Things (IoMT) is one of the major challenges facing healthcare organizations because of increasing threats to privacy and security. Although there are many existing protocols and solutions, such as Rivest–Shamir–Adleman (RSA) and El-Gamal cryptographies or centralized methods, that aim to protect data, they suffer from weaknesses such as slow performance or inability to handle large volumes of data. The issue of security in medical records has become an urgent need, and the use of centralized methods can expose them to single-point failure. In this paper, we present the efficient approach to securing patient information (EASPI), which depends on blockchain and integrates innovative techniques such as the advanced encryption algorithm (AES), reverse word frequency analysis (TF-IDF), Lemplel-Ziv-Welch (LZW), decision tree model (DTM), and naive Bayes classifier (NBC). EASPI seeks to improve the security of medical data by storing it encrypted and securely via blockchain technology, providing a high level of privacy and reliability. The experimental results indicate that the EASPI reduces the encryption execution time to 0.2 ms and the decryption execution time to 0.3 ms while improving the accuracy of medical diagnosis. The potential of the suggested methods for healthcare systems is further demonstrated by the fact that the TF-IDF algorithm attained an execution time of 0.004 ms, while the blockchain's greatest execution time was 0.014 ms. Additionally, using the formal verification Scyther tool, the security of the suggested system is examined both theoretically and practically. The suggested solution is an appropriate option for healthcare institutions since it offers a strong defense against a range of cyber threats, including targeted and espionage assaults.</p> Rasha Halim Razzaq Mishall Al-Zubaidie Rajaa Ghali Atiyah Copyright (c) 2024 Rasha Halim Razzaq, Mishall Al-Zubaidie, Rajaa Ghali Atiyah https://creativecommons.org/licenses/by/4.0 2024-12-05 2024-12-05 4 3 152 165 10.58496/MJCS/2024/020 A Systematic Literature Review on Cyber Attack Detection in Software-Define Networking (SDN) https://mesopotamian.press/journals/index.php/CyberSecurity/article/view/589 <p>The increasing complexity and sophistication of cyberattacks pose significant challenges to traditional network security tools. Software-defined networking (SDN) has emerged as a promising solution because of its centralized management and adaptability. However, cyber-attack detection in SDN settings remains a vital issue. The current literature lacks comprehensive assessment of SDN cyber-attack detection methods including preparation techniques, benefits and types of attacks analysed in datasets. This gap hinders the understanding of the strengths and weaknesses of various detection approaches. This systematic literature review aims to examine SDN cyberattack detection, identify strengths, weaknesses, and gaps in existing techniques, and suggest future research directions in this critical area. A systematic approach was used to review and analyse various SDN cyberattack detection techniques from 2017--2024. A comprehensive assessment was conducted to address these research gaps and provide a comprehensive understanding of different detection methods. The study classified attacks on SDN planes, analysed detection datasets, discussed feature selection methods, evaluated approaches such as entropy, machine learning (ML), deep learning (DL), and federated learning (FL), and assessed metrics for evaluating defense mechanisms against cyberattacks. The review emphasized the importance of developing SDN-specific datasets and using advanced feature selection algorithms. It also provides valuable insights into the state-of-the-art techniques for detecting cyber-attacks in SDN and outlines a roadmap for future research in this critical area. This study identified research gaps and emphasized the importance of further exploration in specific areas to increase cybersecurity in SDN environments.</p> Dalia Shihab Ahmed Abbas Abdulazeez Abdulhameed Methaq T. Gaata Copyright (c) 2024 Dalia Shihab Ahmed, Abbas Abdulazeez Abdulhameed , Methaq T. Gaata https://creativecommons.org/licenses/by/4.0 2024-11-11 2024-11-11 4 3 86 135 10.58496/MJCS/2024/018 Hybrid Classifier for Detecting Zero-Day Attacks on IoT Networks https://mesopotamian.press/journals/index.php/CyberSecurity/article/view/581 <p>Recently, Internet of Things (IoT) networks have been exposed to many electronic attacks, giving rise to concerns about the security of these networks, where their weaknesses and gaps can be exploited to access or steal data. These networks are threatened by several cyberattacks, one of which is the zero-day distributed denial-of-service (DDoS) attack, which is considered one of the dangerous attacks targeting network security. As such, it is necessary to find smart solutions to address such attacks swiftly. To address these attacks, this research proposed a hybrid IDS to detect cyber-attacks on IoT networks via machine learning (ML) algorithms, namely, XGBoost, K-nearest neighbors, and stochastic gradient descent (SGD), while classifiers are combined via an ML ensemble. Grid search CV was used to find the best hyperparameters for each classifier at each classification stage. Random projection was used to select the relevant features for training the model. In the evaluation and performance testing phase of the model, two cybersecurity datasets (CIC-IDS2017 and CIC-DDoS2019) were used to test the efficiency of the model in detecting zero-day threats. The best results were obtained for the CIC-DDoS2019 dataset, where 20 features out of the total selection were used. The model was able to achieve an accuracy of 99.91% and an intrusion detection time of 0.22 seconds. The confusion matrix results also revealed a reduction in false alarms. The results and their comparison with those of recent relevant studies demonstrated the effectiveness of the hybrid model in securing IoT networks from zero-day attacks as well as its superiority in terms of accuracy and intrusion detection time. This study is an important step in enhancing security in the IoT environment by presenting a new hybrid model that is capable of dealing with zero-day attacks that are difficult to detect with traditional models.</p> Rana M. Zaki Inam S. Naser Copyright (c) 2024 Rana M. Zaki , Inam S. Naser https://creativecommons.org/licenses/by/4.0 2024-11-02 2024-11-02 4 3 59 74 10.58496/MJCS/2024/016 Development of Robust and Efficient Symmetric Random Keys Model based on the Latin Square Matrix https://mesopotamian.press/journals/index.php/CyberSecurity/article/view/661 <p>Symmetric cryptography forms the backbone of secure data communication and storage by relying on the strength and randomness of cryptographic keys. This increases complexity, enhances cryptographic systems' overall robustness, and is immune to various attacks. The present work proposes a hybrid model based on the Latin square matrix (LSM) and subtractive random number generator (SRNG) algorithms for producing random keys. The hybrid model enhances the security of the cipher key against different attacks and increases the degree of diffusion. Different key lengths can also be generated based on the algorithm without compromising security. It comprises two phases. The first phase generates a seed value that depends on producing a randomly predefined set of key numbers of size n via the Donald E. Knuths SRNG algorithm (subtractive method). The second phase uses the output key (or seed value) from the previous phase as input to the Latin square matrix (LSM) to formulate a new key randomly. To increase the complexity of the generated key, another new random key of the same length that fulfills Shannon’s principle of confusion and diffusion properties is XORed. Four test keys for each 128, 192,256,512, and 1024–bit length are used to evaluate the strength of the proposed model. The experimental results and security analyses revealed that all test keys met the statistical National Institute of Standards (NIST) standards and had high values for entropy values exceeding 0.98. The key length of the proposed model for n bits is 25*n, which is large enough to overcome brute-force attacks. Moreover, the generated keys are very sensitive to initial values, which increases the complexity against different attacks.</p> Nada Hussein M. Ali Mays M. Hoobi Dunia F. Saffo Copyright (c) 2024 Nada Hussein M. Ali , Mays M. Hoobi , Dunia F. Saffo https://creativecommons.org/licenses/by/4.0 2024-12-10 2024-12-10 4 3 203 215 10.58496/MJCS/2024/023 A Classifier-Driven Deep Learning Clustering Approach to Enhance Data Collection in MANETs https://mesopotamian.press/journals/index.php/CyberSecurity/article/view/522 <p>The conventional clustering and routing approaches used in mobile ad hoc networks (MANETs) may fail to work effectively in a dynamic network environment where nodes are highly mobile and the traffic load may also vary significantly. These limitations result in negative effects such as high packet drop rates, delays in data transmission, and low delivery rates, which make these methods unfit for modern high-density networks. To overcome these issues, this paper proposes a new deep learning-based classifier for adaptive clustering in MANETs. Through the use of machine learning algorithms, the proposed method is able to adapt to node clustering through node behavior, mobility, and content distribution in real-time, thus improving network performance. This work compares the performance of the network on networks that contain 50, 100, and 200 nodes via a clustering algorithm. The performance parameters considered include the delivery ratio, packet drop ratio, and end-to-end delay. The evaluation findings show that the developed deep learning-based classifier is far more effective than the non-clustered and conventional clustering approaches are. In particular, the classifier approach provides a delivery rate of up to 89.4%, which is significantly better than that of the baseline scenarios and decreases packet drop rates by more than 70%, especially in high-density node scenarios. In addition, the proposed approach reduces the network delay and effectively handles the inherent dynamic characteristics of MANETs.</p> Ali Abdullah Ali Mohammed Khaleel Hussein Mohammed Ahmed Subhi Copyright (c) 2024 Ali Abdullah Ali ; Mohammed Khaleel Hussein ; Mohammed Ahmed Subhi https://creativecommons.org/licenses/by/4.0 2024-09-26 2024-09-26 4 3 36 45 10.58496/MJCS/2024/014 AI-Powered Cyber Threats: A Systematic Review https://mesopotamian.press/journals/index.php/CyberSecurity/article/view/648 <p>The joining of artificial intelligence (AI) across different areas has fundamentally improved productivity and development. Nevertheless, this progression has increased cybersecurity threats, especially those determined by AI itself. These AI-powered threats exploit the advancements intended to obtain computerized frameworks, in this manner subverting their honesty. This systematic review focuses on the intricacies of AI-driven cyber threats, which use complex AI abilities to lead to intricate and tricky cyberattacks. Our review integrates existing examinations to determine the extension, location procedures, effects, and relief systems connected with AI-initiated threats. We feature the powerful exchange between AI improvement and cybersecurity, underlining the requirement for cutting edge protective frameworks that advance pairs with increasing threats. The discoveries highlight the basic job of AI in both carrying out and countering cybersecurity measures, representing a dualistic effect that requires ceaseless development in cybersecurity techniques.</p> Mafaz Alanezi Ruah Mouad Alyas AL-Azzawi Copyright (c) 2024 Mafaz Alanezi, Ruah Mouad Alyas AL-Azzawi https://creativecommons.org/licenses/by/4.0 2024-12-06 2024-12-06 4 3 166 188 10.58496/MJCS/2024/021 Design and Practical Implementation of a Stream Cipher Algorithm Based on a Lorenz System https://mesopotamian.press/journals/index.php/CyberSecurity/article/view/603 <p>Currently, the security of data has gained significant attention in modern life. Researchers have continued to address this issue. This work addresses image encryption in communication systems. It presents a proposed design and implementation of a cryptography system based on the Lorenz chaos oscillator. The paper methodology uses Xilinx System Generator (XSG) and Field Programmable Gate Array (FPGA) technologies to implement the chaotic system. To determine the approach that uses the least amount of FPGA resources while providing effective and efficient performance, the differential equations of the Lorenz chaotic system are solved via the forward-Euler and Runge–Kutta integration techniques. In the XSG environment, a secure communication system is constructed on the basis of the&nbsp;solution of the&nbsp;differential equations. After that, the planned communication system is implemented on the FPGA board and tested&nbsp;to encrypt images (coloured images). The histogram, entropy and other related security analysis factors are calculated and analysed to test the efficiency of the designed system. Six statistical methods were employed to provide a high level of image encryption in this work. Findings have shown that the proposed system generates (with stable, fast and robust performance) pseudorandom bits that can be successfully used to encrypt the data bits. The simulation and FPGA results are in good agreement; however, the security analysis factors prove that the system can be successfully adopted for image encryption purposes in real-time applications.</p> Hayder Mazin Makki Alibraheemi Mazen M. A. Al Ibraheemi Zainb Hassan Radhy Copyright (c) 2024 Hayder Mazin Makki Alibraheemi , Mazen M. A. Al Ibraheemi , Zainb Hassan Radhy https://creativecommons.org/licenses/by/4.0 2024-11-18 2024-11-18 4 3 136 151 10.58496/MJCS/2024/019 CryptoGenSec: A Hybrid Generative AI Algorithm for Dynamic Cryptographic Cyber Defence https://mesopotamian.press/journals/index.php/CyberSecurity/article/view/352 <p>As the world of cybersecurity constantly changes, traditional cryptographic techniques have faced limitations in the context of today's sophisticated and dynamic threats. Existing protections usually adopt static algorithms and key structures, making it difficult for them to resist the categories of modern attacks. This research paper, therefore, presents CryptoGenSec, a brand-new generative AI algorithm based on a hybrid consisting of generative adversarial networks (GANs) on reconnaissance learning (RL), for the purpose of increasing cryptographic cyber defences. CryptoGenSec applies a GAN to simulate various types of attack scenarios in cyberspace to perceive possible vulnerabilities. Then, RL refines the response strategies of our algorithm through recursive learning from the above simulations in real time and realizes the dynamic adaptation and evolution of defense mechanisms. By assessing the results of CryptoGenSec’s performance when traditional security methods are used as baselines, we can use several metrics for evaluation, such as detection accuracy, response time, resilience and evolution ability. According to these findings, the superiority of CryptoGenSec over conventional mechanisms becomes evident. To be more specific, it even shows an overwhelming edge in terms of threat detection, resulting in a 20% increase in speed of response, a 30% decrease in speed of response, and resisting power, making it 25% harder than the other methods. Moreover, it has a greater possibility of eliminating false-positive effects, which usually come from new and even dawned jeopardy: 50%. Moreover, to highlight the making-a-fortune frauds in the zero-day world, a comparison of the cohorts makes CryptoGenSec a 40% upper step. Stopping attackers from taking away all their data is also its plus point, which gains 95% achievement, whereas using mere methods only results in a 70% possibility. An enormous step in cybersecurity was taken with the combination of GANs and RL within the CryptoGenSec algorithm. Instead of being defenceless against all attacks, this approach changes and matches the threat level when necessary. The highly promising results presented here demonstrate its potential as a crucial technology for addressing the growing complexities of cyber challenges. This is a large step toward making defensive mechanisms more efficient and reliable.</p> Ghada Al-Kateb Ismael Khaleel Mohammad Aljanabi Copyright (c) 2024 Ghada Emad Al-Kateb, Ismael Khaleel, Mohammad Aljanabi https://creativecommons.org/licenses/by/4.0 2024-09-09 2024-09-09 4 3 22 35 10.58496/MJCS/2024/013