information
Editorial
Advances in Cybersecurity and Reliability
Moutaz Alazab 1, * and Ammar Alazab 2, *
[email protected]
(M.A.);
[email protected]
(A.A.)
Citation: Alazab, M.; Alazab, A.
Advances in Cybersecurity and
Reliability. Information 2024, 15, 361.
https://doi.org/10.3390/info15060361
Received: 30 May 2024
Accepted: 13 June 2024
Published: 19 June 2024
Copyright: © 2024 by the authors.
Licensee MDPI, Basel, Switzerland.
This article is an open access article
distributed under the terms and
conditions of the Creative Commons
Attribution (CC BY) license (https://
creativecommons.org/licenses/by/
4.0/).
Information 2024, 15, 361. https://doi.org/10.3390/info15060361
1 Department of Intelligent Systems, Faculty of Artificial Intelligence, Al-Balqa Applied University,
Al-Salt 19385, Jordan
2 Centre for Artificial Intelligence and Optimization, DCT, Torrens University, Ultimo, NSW 2007, Australia
* Correspondence:
In recent years, the significant increase in financial and data losses impacting individu-
als and businesses has highlighted the pressing need to tackle cybersecurity challenges in to-
day’s digital environment. As cyber threats continue to evolve, robust defence mechanisms
are crucial for both government bodies and private sectors. The growing sophistication of
such attacks requires the continual improvement of detection strategies to ensure their effi-
cacy against evolving threats. Thorough assessments and regular updates of cybersecurity
measures are vital in order to stay ahead of cybercriminals. This Special Issue explores the
recent approaches that address cybersecurity-related issues, from countering cyberattacks
to malware analysis strategies, as well as developing secure computer communication
methods using cryptography and artificial intelligence techniques. Our objective is to raise
awareness of these issues and to improve mitigation efforts. By fostering collaboration
between businesses and law enforcement agencies, we can collectively protect against
advanced cyber threats and safeguard sensitive information and financial assets.
The paper titled “Automated Mapping of Common Vulnerabilities and Exposures
to MITRE ATT&CK Tactics” by Ioana Branescu, Octavian Grigorescu, and Mihai Dascalu
addresses the challenge of linking Common Vulnerabilities and Exposures (CVEs) to
MITRE ATT&CK tactics. The authors propose an automated approach using state-of-the-
art transformer-based models, and the methodology involves training various architectures,
including SecRoBERTa, SecBERT, CyBERT, TARS, and GPT-4, to map CVEs to one of the
fourteen corresponding ATT&CK tactics. The results are promising, with SecRoBERTa
achieving the highest F1 score (77.81%), and an in-depth error analysis was conducted to
understand the model’s limitations. The code used for experiments is released as open
source, contributing to bridging the gap between vulnerabilities and defence strategies in
the cybersecurity landscape.
The paper “Countermeasure Strategies to Address Cybersecurity Challenges Amidst
Major Crises in the Higher Education and Research Sector: An Organisational Learning
Perspective” by Samreen Mahmood, Mehmood Chadhar, and Selena Firmin analyses
counterstrategies to address cybersecurity challenges during major crises in the Higher
Education and Research Sector (HERS); this is carried out using organizational learning
loops. Through qualitative analysis and semi-structured interviews with cybersecurity
experts and top managers, the study proposes a learning loop framework. Significant coun-
terstrategies include introducing new policies, changing existing systems, partnering with
other companies, integrating new software, enhancing employee learning, improving secu-
rity, and monitoring and evaluating security measures. These counterstrategies not only
address current crises, but also prepare the HERS for future cybersecurity challenges. The
proposed model offers both theoretical and practical insights, aiding efficient cybersecurity
mitigation during and after major crises.
The paper entitled “Identifying Malware Packers through Multilayer Feature Engi-
neering in Static Analysis” by Ehab Alkhateeb, Ali Ghorbani, and Arash Habibi Lashkari
addresses the critical challenge of identifying both known and unknown malware pack-
ers using static analysis. Packed malicious programs employ encryption and advanced
https://www.mdpi.com/journal/information
Information 2024, 15, 361 2 of 4

techniques to obfuscate their payloads, rendering them elusive to antivirus (AV) scanners
and security analysts. To tackle this problem, the authors propose an innovative malware
packer classifier that has been specifically designed to adeptly identify packer families and
to detect unknown packers in real-world scenarios. Their approach involves meticulous
feature engineering, employing multiple layers of analysis to extract the salient features
that are input into the classifier. This method not only demonstrates a remarkable accuracy
rate of 99.6% for known packers, but also achieves a notable rate of 91% for unknown
packers, providing cybersecurity professionals and antivirus engines with a powerful
weapon against the relentless threat of packed malware.
In the paper titled “Industry 4.0 Innovation: A Systematic Literature Review on the
Role of Blockchain Technology in Creating Smart and Sustainable Manufacturing Facilities”,
the authors Moutaz Alazab and Salah Alhyari look into how blockchain technology (BCT)
affects smart and sustainable manufacturing processes. Three crucial areas are highlighted
via their thorough comprehensive analysis of research publications, of which BCT makes
a major contribution. First and foremost, BCT promotes environmentally responsible
manufacturing practices by endorsing effective resource management, waste minimization
plans, and eco-friendly production processes. Second, utilizing BCT technologies enables
businesses to implement intelligent and environmentally responsible production practices.
Furthermore, by improving visibility, traceability, and cooperation amongst participants
in supply chain operations, BCT improves supply chain management. The review does,
however, also recognize certain drawbacks such as the requirement for standardized
protocols, in addition to scaling issues. Future research should address these limitations
and further explore the potential of BCT in the context of Industry 4.0.
In “CapGAN: Text-to-Image Synthesis Using Capsule GANs”, Maryam Omar, Hafeez
Ur Rehman, Omar Samin, Moutaz Alazab, Gianfranco Politano, and Alfredo Benso propose
an innovative model called CapGAN that addresses the challenge of globally coherent
structures in complex scenes during text-to-image synthesis. The model employs skip-
thought vectors to transform input text into vector representations, creating a rich and
nuanced foundation for image generation. CapGAN employs an adversarial process with
two concurrently trained models—a generator (G) and a discriminator (D). Notably, the
discriminator integrates capsules to understand the relative spatial and orientational re-
lationships between different entities within an image. Quantitative evaluation metrics,
including the inception score (IS) and Fréchet inception distance (FID), demonstrate the
effectiveness of CapGAN; the IS for images generated using CapGAN is 4.05 ± 0.050,
approximately 34% higher than traditional GANs, while the FID score is 44.38, representing
an almost 9% improvement over previous state-of-the-art models. This breakthrough ap-
proach enhances text-to-image synthesis by considering scene understanding and coherent
structures. The proposed method holds promise for advancing generative modelling and
automatic learning in image creation, modification, analysis, and optimization.
In the paper titled “A Deep Learning Methodology for Predicting Cybersecurity At-
tacks on the Internet of Things” by Omar Azib Alkhudaydi, Moez Krichen, and Ans D.
Alghamdi, the authors propose an AI model-based deep learning (DL) approach combined
with various machine learning (ML) and ensemble learning classifiers to detect cyberat-
tacks targeting IoT networks. The study addresses the challenge of defending IoT devices
from security breaches, especially given the vast communication traffic data between these
devices. The authors leverage a realistic network traffic BoT-IoT dataset to extract essential
features using machine and deep learning algorithms. They evaluate ten distinct ML mod-
els, including single classifiers (KNN and SVM), ensemble classifiers (e.g., Random Forest,
Extra Trees, AdaBoost, and LGBM), and deep learning architectures (LSTM, GRU, and
RNN). Notably, the CatBoost and XGBoost classifiers achieve remarkable accuracy rates of
98.19% and 98.50%, respectively. Additionally, the study enhances model generalization by
addressing class imbalance issues through the Synthetic Minority Over-sampling Technique
(SMOTE). This work contributes to improving IoT security by preventing unauthorized
Information 2024, 15, 361 3 of 4

access, data breaches, and service interruptions through accurate and reliable predictions
of cybersecurity attacks.
“Enhancing Organizational Data Security on Employee-Connected Devices Using
BYOD Policy” by Manal AlShalaan and Suliman Fati addresses the need for secure data
management in organizations that allow employees to use their personal devices (bring
your own device—BYOD) for work-related tasks. The study investigates security risks
associated with BYOD policies and proposes an innovative encryption approach. This
approach combines both symmetric and asymmetric algorithms, leveraging digital signa-
tures and organization-specific digital certificates. By employing the Advanced Encryption
Standard (AES), Blowfish, RSA, and El-Gamal algorithms, their approach ensures robust
encryption, alongside user authentication, confidentiality, and data integrity. Their experi-
mental results reveal the superior performance of AES and Blowfish in terms of execution
speed, showcasing the method’s efficiency and practicality. The study provides essential
insights and a viable solution for organizations striving to safeguard sensitive data in the
increasingly prevalent BYOD environments.
In the paper entitled, “A Multi-Key with Partially Homomorphic Encryption Scheme
for Low-End Devices Ensuring Data Integrity”, Saci Medileh, Abdelkader Laouid, Moham-
mad Hammoudeh, Mostefa Kara, Tarek Bejaoui, Amna Eleyan, and Mohammed Al-Khalidi
delve into the urgent issues of security and privacy within cloud-based Internet of Things
(IoT) systems. These systems often rely on untrusted clouds, necessitating robust encryption
methods that allow for secure data operations. The proposed asymmetric multi-key and
partially homomorphic encryption scheme achieves this by separately encrypting each dec-
imal digit of an integer using a special key. Additionally, the scheme ensures data integrity
when untrusted third parties perform homomorphic operations on encrypted data. Notably,
the ciphertext size closely matches the plaintext size, and order-preserving capabilities are
maintained using an the first version of an asymmetrical encryption. This work extends
and improves upon previous research, making it suitable for IoT-constrained devices.
In the paper titled “Usable Security: A Systematic Literature Review”, Francesco
Di Nocera, Giorgia Tempestini, and Matteo Orsini explore the intricate balance between
usability and security. Usable security involves designing security measures that accom-
modate users’ needs and behaviours. As systems become more secure by implementing
authentication mechanisms and encryption protocols, they also become more complex and
less intuitive for users. This complexity can result in a steeper learning curve, a greater
effort required to perform tasks, and potential frustration. Conversely, prioritizing usability
may sacrifice some security measures, making systems more susceptible to cyber-attacks.
The authors systematically reviewed articles on usable security from 2005 to 2022, select-
ing 55 research studies for evaluation. These studies were broadly categorized into the
following four main clusters: (1) usability of authentication methods, (2) strategies to
improve usability for security developers, (3) design approaches influencing user security
behaviour, and (4) formal models for usable security evaluation. The review highlights
the field’s current immaturity, with studies often focusing on system comparisons rather
than establishing robust design guidelines based on thorough analyses of user behaviours.
Additionally, the absence of requirements for usable security in developmental contexts
discourages the implementation of good practices early on in the development process.
In the paper titled “A Comprehensive Study of ChatGPT: Advancements, Limitations,
and Ethical Considerations in Natural Language Processing and Cybersecurity” by Moat-
sum Alawida, Sami Mejri, Abid Mehmood, Belkacem Chikhaoui, and Oludare Abiodun, the
authors present an in-depth examination of ChatGPT, a state-of-the-art language model that
has significantly impacted generative text. The study provides a comprehensive analysis of
ChatGPT’s architecture, training data, and evaluation metrics, highlighting its advance-
ments and enhancements over time. They offer a balanced critique of ChatGPT’s prowess
in natural language processing tasks such as language translation, text summarization, and
dialogue generation, juxtaposing its capabilities against other language generation models.
The study also addressed ethical and privacy concerns with proposed mitigation strategies,
Information 2024, 15, 361 4 of 4

and further explores the unsettling potential of ChatGPT in facilitating cyberattacks, under-
scoring significant security threats. By examining ChatGPT’s applications across diverse
industries and its performance in various languages and domains, the authors provide a
thorough analysis of its strengths and limitations, painting a comprehensive picture of this
revolutionary technology.

Acknowledgments: The Guest Editor would like to thank the authors for their valuable submissions,
and the reviewers for their precious and constructive comments.
Conflicts of Interest: The authors declare no conflicts of interest.

Disclaimer/Publisher’s Note: The statements, opinions and data contained in all publications are solely those of the individual
author(s) and contributor(s) and not of MDPI and/or the editor(s). MDPI and/or the editor(s) disclaim responsibility for any injury to
people or property resulting from any ideas, methods, instructions or products referred to in the content.