Showing 1–7 of 7 results for author: Rehman, M U

A Systematic Literature Review of Cyber Security Monitoring in Maritime

Authors: Risto Vaarandi, Leonidas Tsiopoulos, Gabor Visky, Muaan Ur Rehman, Hayretdin Bahsi

Abstract: In recent years, many cyber incidents have occurred in the maritime sector, targeting the information technology (IT) and operational technology (OT) infrastructure. One of the key approaches for handling cyber incidents is cyber security monitoring, which aims at timely detection of cyber attacks with automated methods. Although several literature review papers have been published in the field of… ▽ More In recent years, many cyber incidents have occurred in the maritime sector, targeting the information technology (IT) and operational technology (OT) infrastructure. One of the key approaches for handling cyber incidents is cyber security monitoring, which aims at timely detection of cyber attacks with automated methods. Although several literature review papers have been published in the field of maritime cyber security, none of the previous studies has focused on cyber security monitoring. The current paper addresses this research gap and surveys the methods, algorithms, tools and architectures used for cyber security monitoring in the maritime sector. For the survey, a systematic literature review of cyber security monitoring studies is conducted following the Preferred Reporting Items for Systematic reviews and Meta-Analyses (PRISMA) protocol. The first contribution of this paper is the bibliometric analysis of related literature and the identification of the main research themes in previous works. For that purpose, the paper presents a taxonomy for existing studies which highlights the main properties of maritime cyber security monitoring research. The second contribution of this paper is an in-depth analysis of previous works and the identification of research gaps and limitations in existing literature. The gaps and limitations include several dataset and evaluation issues and a number of understudied research topics. Based on these findings, the paper outlines future research directions for cyber security monitoring in the maritime field. △ Less

Submitted 21 May, 2025; v1 submitted 23 March, 2025; originally announced March 2025.

Comments: Accepted for publication in IEEE Access

Journal ref: IEEE Access, vol. 13, pp. 85307-85329, 2025

A Chaotic Image Encryption Scheme Using Novel Geometric Block Permutation and Dynamic Substitution

Authors: Muhammad Ali, Jawad Ahmad, Muhammad Abdullah Hussain Khan, Safee Ullah, Mujeeb Ur Rehman, Syed Aziz Shah, Muhammad Shahbaz Khan

Abstract: In this digital era, ensuring the security of digital data during transmission and storage is crucial. Digital data, particularly image data, needs to be protected against unauthorized access. To address this, this paper presents a novel image encryption scheme based on a confusion diffusion architecture. The diffusion module introduces a novel geometric block permutation technique, which effectiv… ▽ More In this digital era, ensuring the security of digital data during transmission and storage is crucial. Digital data, particularly image data, needs to be protected against unauthorized access. To address this, this paper presents a novel image encryption scheme based on a confusion diffusion architecture. The diffusion module introduces a novel geometric block permutation technique, which effectively scrambles the pixels based on geometric shape extraction of pixels. The image is converted into four blocks, and pixels are extracted from these blocks using L-shape, U-shape, square-shape, and inverted U-shape patterns for each block, respectively. This robust extraction and permutation effectively disrupts the correlation within the image. Furthermore, the confusion module utilises bit-XOR and dynamic substitution techniques. For the bit-XOR operation, 2D Henon map has been utilised to generate a chaotic seed matrix, which is bit-XORed with the scrambled image. The resultant image then undergoes the dynamic substitution process to complete confusion phase. A statistical security analysis demonstrates the superior security of the proposed scheme, with being high uncertainty and unpredictability, achieving an entropy of 7.9974 and a correlation coefficient of 0.0014. These results validate the proposed scheme's effectiveness in securing digital images. △ Less

Submitted 12 March, 2025; originally announced March 2025.

AI-Driven Chatbot for Intrusion Detection in Edge Networks: Enhancing Cybersecurity with Ethical User Consent

Authors: Mugheez Asif, Abdul Manan, Abdul Moiz ur Rehman, Mamoona Naveed Asghar, Muhammad Umair

Abstract: In today's contemporary digital landscape, chatbots have become indispensable tools across various sectors, streamlining customer service, providing personal assistance, automating routine tasks, and offering health advice. However, their potential remains underexplored in the realm of network security, particularly for intrusion detection. To bridge this gap, we propose an architecture chatbot sp… ▽ More In today's contemporary digital landscape, chatbots have become indispensable tools across various sectors, streamlining customer service, providing personal assistance, automating routine tasks, and offering health advice. However, their potential remains underexplored in the realm of network security, particularly for intrusion detection. To bridge this gap, we propose an architecture chatbot specifically designed to enhance security within edge networks specifically for intrusion detection. Leveraging advanced machine learning algorithms, this chatbot will monitor network traffic to identify and mitigate potential intrusions. By securing the network environment using an edge network managed by a Raspberry Pi module and ensuring ethical user consent promoting transparency and trust, this innovative solution aims to safeguard sensitive data and maintain a secure workplace, thereby addressing the growing need for robust network security measures in the digital age. △ Less

Submitted 8 August, 2024; originally announced August 2024.

Accurate and Scalable Detection and Investigation of Cyber Persistence Threats

Authors: Qi Liu, Muhammad Shoaib, Mati Ur Rehman, Kaibin Bao, Veit Hagenmeyer, Wajih Ul Hassan

Abstract: In Advanced Persistent Threat (APT) attacks, achieving stealthy persistence within target systems is often crucial for an attacker's success. This persistence allows adversaries to maintain prolonged access, often evading detection mechanisms. Recognizing its pivotal role in the APT lifecycle, this paper introduces Cyber Persistence Detector (CPD), a novel system dedicated to detecting cyber persi… ▽ More In Advanced Persistent Threat (APT) attacks, achieving stealthy persistence within target systems is often crucial for an attacker's success. This persistence allows adversaries to maintain prolonged access, often evading detection mechanisms. Recognizing its pivotal role in the APT lifecycle, this paper introduces Cyber Persistence Detector (CPD), a novel system dedicated to detecting cyber persistence through provenance analytics. CPD is founded on the insight that persistent operations typically manifest in two phases: the "persistence setup" and the subsequent "persistence execution". By causally relating these phases, we enhance our ability to detect persistent threats. First, CPD discerns setups signaling an impending persistent threat and then traces processes linked to remote connections to identify persistence execution activities. A key feature of our system is the introduction of pseudo-dependency edges (pseudo-edges), which effectively connect these disjoint phases using data provenance analysis, and expert-guided edges, which enable faster tracing and reduced log size. These edges empower us to detect persistence threats accurately and efficiently. Moreover, we propose a novel alert triage algorithm that further reduces false positives associated with persistence threats. Evaluations conducted on well-known datasets demonstrate that our system reduces the average false positive rate by 93% compared to state-of-the-art methods. △ Less

Submitted 26 July, 2024; originally announced July 2024.

Comments: 16 pages

A DNA Based Colour Image Encryption Scheme Using A Convolutional Autoencoder

Authors: Fawad Ahmed, Muneeb Ur Rehman, Jawad Ahmad, Muhammad Shahbaz Khan, Wadii Boulila, Gautam Srivastava, Jerry Chun-Wei Lin, William J. Buchanan

Abstract: With the advancement in technology, digital images can easily be transmitted and stored over the Internet. Encryption is used to avoid illegal interception of digital images. Encrypting large-sized colour images in their original dimension generally results in low encryption/decryption speed along with exerting a burden on the limited bandwidth of the transmission channel. To address the aforement… ▽ More With the advancement in technology, digital images can easily be transmitted and stored over the Internet. Encryption is used to avoid illegal interception of digital images. Encrypting large-sized colour images in their original dimension generally results in low encryption/decryption speed along with exerting a burden on the limited bandwidth of the transmission channel. To address the aforementioned issues, a new encryption scheme for colour images employing convolutional autoencoder, DNA and chaos is presented in this paper. The proposed scheme has two main modules, the dimensionality conversion module using the proposed convolutional autoencoder, and the encryption/decryption module using DNA and chaos. The dimension of the input colour image is first reduced from N $\times$ M $\times$ 3 to P $\times$ Q gray-scale image using the encoder. Encryption and decryption are then performed in the reduced dimension space. The decrypted gray-scale image is upsampled to obtain the original colour image having dimension N $\times$ M $\times$ 3. The training and validation accuracy of the proposed autoencoder is 97% and 95%, respectively. Once the autoencoder is trained, it can be used to reduce and subsequently increase the dimension of any arbitrary input colour image. The efficacy of the designed autoencoder has been demonstrated by the successful reconstruction of the compressed image into the original colour image with negligible perceptual distortion. The second major contribution presented in this paper is an image encryption scheme using DNA along with multiple chaotic sequences and substitution boxes. The security of the proposed image encryption algorithm has been gauged using several evaluation parameters, such as histogram of the cipher image, entropy, NPCR, UACI, key sensitivity, contrast, etc. encryption. △ Less

Submitted 7 November, 2022; originally announced November 2022.

Journal ref: (2022) ACM Trans. Multimedia Comput. Commun. Appl

Intrusion Detection using Machine Learning Techniques: An Experimental Comparison

Authors: Kathryn-Ann Tait, Jan Sher Khan, Fehaid Alqahtani, Awais Aziz Shah, Fadia Ali Khan, Mujeeb Ur Rehman, Wadii Boulila, Jawad Ahmad

Abstract: Due to an exponential increase in the number of cyber-attacks, the need for improved Intrusion Detection Systems (IDS) is apparent than ever. In this regard, Machine Learning (ML) techniques are playing a pivotal role in the early classification of the attacks in case of intrusion detection within the system. However, due to a large number of algorithms available, the selection of the right method… ▽ More Due to an exponential increase in the number of cyber-attacks, the need for improved Intrusion Detection Systems (IDS) is apparent than ever. In this regard, Machine Learning (ML) techniques are playing a pivotal role in the early classification of the attacks in case of intrusion detection within the system. However, due to a large number of algorithms available, the selection of the right method is a challenging task. To resolve this issue, this paper analyses some of the current state-of-the-art intrusion detection methods and discusses their pros and cons. Further, a review of different ML methods is carried out with four methods showing to be the most suitable one for classifying attacks. Several algorithms are selected and investigated to evaluate the performance of IDS. These IDS classifies binary and multiclass attacks in terms of detecting whether or not the traffic has been considered as benign or an attack. The experimental results demonstrate that binary classification has greater consistency in their accuracy results which ranged from 0.9938 to 0.9977, while multiclass ranges from 0.9294 to 0.9983. However, it has been also observed that multiclass provides the best results with the algorithm k-Nearest neighbor giving an accuracy score of 0.9983 while the binary classification highest score is 0.9977 from Random Forest. The experimental results demonstrate that multiclass classification produces better performance in terms of intrusion detection by specifically differentiating between the attacks and allowing a more targeted response to an attack. △ Less

Submitted 27 May, 2021; originally announced May 2021.

Voting Classifier-based Intrusion Detection for IoT Networks

Authors: Muhammad Almas Khan, Muazzam A Khan, Shahid Latif, Awais Aziz Shah, Mujeeb Ur Rehman, Wadii Boulila, Maha Driss, Jawad Ahmad

Abstract: Internet of Things (IoT) is transforming human lives by paving the way for the management of physical devices on the edge. These interconnected IoT objects share data for remote accessibility and can be vulnerable to open attacks and illegal access. Intrusion detection methods are commonly used for the detection of such kinds of attacks but with these methods, the performance/accuracy is not optim… ▽ More Internet of Things (IoT) is transforming human lives by paving the way for the management of physical devices on the edge. These interconnected IoT objects share data for remote accessibility and can be vulnerable to open attacks and illegal access. Intrusion detection methods are commonly used for the detection of such kinds of attacks but with these methods, the performance/accuracy is not optimal. This work introduces a novel intrusion detection approach based on an ensemble-based voting classifier that combines multiple traditional classifiers as a base learner and gives the vote to the predictions of the traditional classifier in order to get the final prediction. To test the effectiveness of the proposed approach, experiments are performed on a set of seven different IoT devices and tested for binary attack classification and multi-class attack classification. The results illustrate prominent accuracies on Global Positioning System (GPS) sensors and weather sensors to 96% and 97% and for other machine learning algorithms to 85% and 87%, respectively. Furthermore, comparison with other traditional machine learning methods validates the superiority of the proposed algorithm. △ Less

Submitted 25 April, 2021; v1 submitted 20 April, 2021; originally announced April 2021.