فصلنامه پدافند الکترونیکی و سایبری
سال یازدهم شماره 1 (پیاپی 41، بهار 1402)

With the explosive growth of threats to Internet security, malware visualization in malware classification has become a promising study area in security and machine learning. This paper proposes a visualization method for malware analysis based on word embedding features of byte sequences.Based on some assistant information such as word embedding, the basic to a strong malware classification approach is to transfer the learned information from the malware domain to the image domain, which needs correlation modeling between these domains. However, most current methods neglect to model the relationships in an embedding way, ensue in low performance of malware classification. To catch this challenge, we consider the Word Embeddings duty as a Semantic Information Extraction. Our Proposed method aims to learn effective representations of malware families, which takes as input a set of embedded vectors corresponding to the malware. Word embedding is designed to generate features of a malware sample by leveraging its malware semantics. Our results show that visual models in the domain of images can be used for efficient malware classification. We evaluated our method on the kaggle dataset of Windows PE file instances, obtaining an average classification accuracy of 0.9896%.

In most Internet of Things (IoT) applications, network nodes are limited in terms of energy source. Therefore, the need for innovative methods to eliminate energy loss which shortens the life of networks is fully felt in such networks. One of the optimization techniques of energy consumption on the Internet of things is efficient energy routing that the required energy can be reduced by choosing an optimal path. In this paper, an informed or efficient energy approach is proposed for routing on the Internet of Things in which focus is on the sleep-wake schedule of nodes; therefore, a new optimization algorithm called chaos fuzzy grasshopper optimization algorithm was used. In chaos fuzzy grasshopper algorithm, the initial population of grasshoppers is generated by Lorenz chaos theory and the input and output parameters of the algorithm are adjusted by fuzzy approach. To evaluate the efficiency of the proposed method, three criteria of evaluation of remaining energy, network life and coverage rate were used. Investigating the findings in two different scenarios (efficiency over time and efficiency per number of different nodes) showed that the proposed method always is better than the base methods in all scenarios and for all performance evaluation criteria. So that in the study of the death of 30% of nodes which indicates the life of the network, results showed that the proposed method of the paper (FLGOA) has 9% better efficiency than FGOA, 12% better than GOA and 16% better than GSO. Also, the findings about the remaining energy of the network showed that the proposed method has 16% better efficiency than FGOA method, 21% better than GOA and 22% better than GSO. Finally, studies in the coverage rate evaluation criterion showed that the proposed method has 12% coverage rate better than FGOA method, 15% better than GOA and 16% better than GSO.

Social engineering is the art of deceiving people in a way that no use of force and threat, something to do or provide that information to social engineer . Social engineering can follow self-interest or organizational or national interest. Hackers, criminals, spies, saboteurs and ... all use social engineering to achieve their goals .social engineer uses Various techniques. In this study, the effect of this techniques on the vulnerability of people looked at the combined method (qualitative and quantitative ) to measure this effect .First, various social engineering techniques as well as their vulnerability conducted by reviewing previous research and the interviewing with the experts in the field of engineering social was obtained and different techniques in a variety of technical, social, physical and technical – social were categorized. Afterwards in quantitative stage, By creating a questionnaire and various Items In the form of Likert scale and Provide the questionnaire to the target community(Employees of Tehran Municipality) The degree of vulnerability of people to a variety of social engineering techniques was obtained. It was found vulnerability of the target population is more than to the techniques of technical, social, technical – social and physical respectively . to prevent social engineering, human –driven and technology –based solutions were proposed that human –centered mainly on training personnel and IT solutions based on the provision of the right equipment, computers and creating a right information access cycle in organizations .

This article presents a method to solve the weapon target assignment problem, which is one of the problems of distributed constraint optimization. The previous methods do not guarantee the convergence problem properly and when faced with scale increase, they do not work correctly and effectively. Also, some of these methods solve the weapon target assignment problem in a centralized manner. While the method presented in this article solves the problem in a decentralized and distributed manner with better "accuracy" and "speed".The present article solves the weapon target assignment problem by using learning automata, which is a relatively simple method and requires little information, and the results of implementations show that when the scale of the problem becomes larger, the proposed method it solves the problem with a better speed than other methods, so that the objective function is minimized. Also, this method can well address the shortcomings of previous methods without the need for other exploratory methods in real-time multi-agent environments.

Recently, the radio frequency fingerprint (RFF) has received attention in applications such as specific emiiter identification, detection of deception in navigation signals and detection of intrusion in wireless networks. The RFF is caused by the non-ideal manufacturing of the transmitter components. This effect appears as unintentional modulation in the output of the transmitter and its extraction can be considered as a solution of mentioned applications; Therefore, it is important to provide a method for extracting the RFF, using realistic modeling of the transmitter components. For this purpose, in this article, the combined effects of the power amplifier and local oscillator are considered as the fingerprint of the transmitter. Then, two blind algorithms based on the transmitter output signal are presented to extract the amplifier phase characteristic and the local oscillator phase noise. In the first algorithm, the phase function of the power amplifier in the presence of phase noise is estimated using the M’th order moment of the transmitter output signal. Then the power characteristic of the transmitter's local oscillator noise phase is obtained by blind estimation of its autocorrelation function. At the end, the results of the performance of the algorithms in the simulations are examined and it is shown that only for 1.5dB difference in power amplifier saturation power and 2dB difference in phase noise amount, two transmitters with the same modulations and frequencies can be separated with 98% accuracy in signal-to-noise ratio(SNR) equal to 10dB, where this precision is achievable in the recent works at 20dB SNR.

Cybercriminals are targeting more humans than machines these days because they try to exploit users' vulnerabilities to achieve their destructive goals. The main purpose of this study is to identify the factors affecting the culture and awareness of cyber security using theme analysis. The research is applied in terms of purpose, exploratory in terms of method and qualitative in terms of data type. The research data includes all valid articles in the field of culture and cyber security awareness published in 2020 to 2022 inside and outside the country, with 3 keywords (culture, awareness, cyber security) in the valid have been collected and reviewed in the framework of MAXQDA software. The criteria for entering articles in the research was the applicable content for the research question and the criteria for excluding abstracts, book chapters, short reports and lack of access to the full text of the article. Validity was assessed using content validity and data reliability was estimated using Holstie method. Findings showed a review of 392 theme identified the basic themes related to cybersecurity culture and awareness, of which 12 themes were asset organizing, continuity, access and trust, operations, protection, security governance, attitude, behavior, competence, commitment and support, cyber security and they covered the budget. The identified factors can be used as analytical tools in the field of assessing the culture and awareness of cyber security, which is an important factor in the occurrence of cybercrime, in a logical and principled way to reduce cybercrime and solve related problems in the economic field. Educational, security, social and cultural payments.

In recent years, Unmanned Aerial Vehicles have become significantly available to the public of people. Affordable prices, being equipped with advanced technologies, small sizes, easy portability and … etc. create a lot of worries. For example UAVs can be used for malicious activities, spying from private places, monitoring important locations, carrying dangerous objects such as explosives and etc., which is great threat to society. for this reason, detection and identification is an important work. To solving these challenges, university and industry have present many solutions in recent years. from radar detection systems, video base systems, RF base systems is used to identify and detection UAVs. Based on recent studies, that suggest machine learning-based classification to identify UAVs can be successful. this paper introduces an improved method for detecting UAVs based on deep learning. this system is based on detection by the camera and based on the camera images determine the location of the UAVs on the image and dragging the box around it. This Approach uses the OpenCV library and the YOLO algorithm. images of UAVs are collected and by considering the speed parameter, starting the learning process .after that, The simulation results show that in about 17milliseconds,the UAVs is detected with 85% accuracy.

Accurate timing is one of the key features of the Global Positioning System (GPS), which is employed in many critical infrastructures. Any imprecise time measurement in GPS-based structures, such as smart power grids, and Phasor Measurement Units (PMUs), can lead to disastrous results. The vulnerability of the stationary GPS receivers to the Time Synchronization Attacks (TSAs) jeopardizes the GPS timing precision and trust level. In this paper, the PMU receiver clock deviation monitoring method is used. In this method, a deception and fraud reduction algorithm is presented based on clock deviation observations. A multi-layer perceptron neural network is trained to track clock behavior information behavior and maintain a valid trend under time-synchronization attack conditions that can dramatically mimic clock deviation. Finally, the results were compared with a strong and low-memory RE estimator, which is one of the most recent methods of counteracting TSA, as well as an extended Kalman filter and a Luenberger observer. This indicates the good performance of the proposed method.

Today, increasing the science and technology and the communication technologies, especially in cyberspace, however physically act have become interact with cyberspace has caused a more significant effect on the culture and geography of each country. Accordingly, dealing with these physical crimes interacts with cyberspace. Therefore, detecting crimes and identifying criminals using old methods is almost impossible. Therefore, databases and their processing can play an essential role in detecting crime patterns for police-security organizations. The highly effective methods and tools of social network analysis can discover the pattern and extract knowledge from the database to prevent and control crime. This article explores crime rules using social network analysis methods and offers suggestions for preventing crimes and identifying perpetrators. The analysis of social networks has great importance, and the results obtained from these analyzes can be used in similar applications. In this article, the first has been collected the data related to currency disruptors in recent years, then analyzed this data with social network techniques and identified compelling features for identifying virtual nodes. The results show that social network analysis methods have simulated a model with acceptable accuracy and introduced destructive nodes by analyzing features. However, identifying destructive nodes and crime prevention can be considered, thoroughly describing how to do this in the paper.