|
|
|
 |
Search published articles |
 |
|
Morteza Asadi, Mohammad Reza Zamani, Kasra Tawakoli,
Volume 13, Issue 1 (8-2024)
Abstract
Passwords have been utilized as the primary means of authentication since the inception of the World Wide Web and the introduction of online services. The security risks associated with the use of passwords and their vulnerabilities to various types of cyberattacks have rendered this method no longer secure. In recent years, online service providers have sought to protect their users and data from cyber threats by implementing various multi-factor authentication methods. Although these methods have been successful in reducing the incidence of security breaches, they have generally resulted in increased complexity for users. The FIDO standard employs asymmetric encryption, mandates the storage of the private key on the user’s device, and combines it with biometric factors, thereby enabling the most secure authentication method for systems while simplifying the process for users [1-4]. This standard monitors the entire authentication process and prevents potential risks by establishing regulations within operating systems, browsers, and authentication tools. Rahavard Samanehaye Amn Company has implemented this standard locally, offering FIDO authentication under the product name ”Neshane” for smart phones. This article discusses the applications, specifications, and capabilities of this standard and the developed product.
Nasrin Taaj, Amir Mansour Yadegari, Abouzar Arabsorkhi, Reza Kalantari,
Volume 13, Issue 1 (8-2024)
Abstract
The development of the country's infrastructure as an independent, safe and stable infrastructure is one of the strategic priorities of the country, the realization of which, in addition to the technological requirements in the field of information and communication technology, laying the foundation for the establishment, development and supply of various services and content of the country's cyber space, requires the provision of secure communications. And the vital infrastructure of the country is also stable.
Based on the conceptual model contained in the resolution of the 66th meeting of the Supreme Council of Cyberspace, the communication and information infrastructure of the country consists of a series of main modules, whose risk analysis is in line with the reversibility in accidents, protection against threats, monitoring and intelligent response from the basic needs of communication access. It is safe and secure. Due to the space limitations of this article, the author intends to explain how to achieve multi-sample risk analysis from these basic modules and then based on the results, how to exploit the emerging knowledge in the form of a diagram to identify the type of threat and its source and extract Explain the mentioned preventive requirements.
Babak Siabi, Parvin Rastegari,
Volume 13, Issue 1 (8-2024)
Abstract
Due to the increasing amount of data collection and processing in today’s digital world, preserving individual and organizational privacy has become an undeniable necessity. In this regard, alongside the efforts of scientific and research centers to address privacy issues, several laws have been established in different countries. Among these, the General Data Protection Regulation (GDPR) at the European level is widely regarded by researchers as the most significant change in the field of privacy laws in recent decades and serves as a strong model for managing personal data. Based on this, in this article, to explore the multifaceted nature of privacy, we first review the history of privacy protection, then focus on the GDPR law. Some of the most important points and considerations regarding the nature and structure of this law, as well as the necessity and challenges of compliance with it, are presented. Additionally, the extensive measures outlined in this law for the implementation and enforcement of privacy protection mechanisms are discussed. Finally, by mapping the discussed content to the current state of privacy in Iran, some key points for the practical implementation of privacy laws in Iran are highlighted.
Ghodsieh Karimi , Morteza Adeli, Mohammad Ali Hadavi,
Volume 13, Issue 2 (12-2024)
Abstract
With the increasing use of RFID tags, there is a need for specific protocols to communicate with these tags. Among these protocols, the ownership transfer stands out as it ensures the security and privacy of objects for the new owner after a change of ownership. Recently, a lightweight object ownership transfer protocol has been proposed for RFID networks. This protocol utilizes a lightweight linear function for security. The designers of the protocol claim that it is secure against known attacks while also being lightweight. In this paper, we identify vulnerabilities in the function used in this protocol and demonstrate that it is susceptible to the secret disclosure attack. We show that with at most 4 × L executions of the protocol (where L is the key length), one can obtain the necessary information from intercepted data to execute the attack and subsequently recover the shared keys used in the protocol.
Abouzar Arabsorkhi, Tala Tafazoli,
Volume 13, Issue 2 (12-2024)
Abstract
One of the most important issues in information technology era is data protection; If this issue is not considered, confidence and usability and extension of information and communication technology will be threatened. In this way, politiceans and decision makers in organizations, industry and governments want to regulate the information and communication era. This regularization is performed based on decision making considerations and variables, while forgetting them may rise challenges and cause crisis. In management sciences they are called strategic issues. Current research identifies, defines, and analyzes strategic issues that different goverments, use them to reinfornce information governance structures like maintenance and governance of data and information security. These strategic issues are in the range of national documents, reference standards and documentation related to general data protection regulations (GDPR). In this research, we investigate documents and references related to data protection regulations using content analysis, to identify strategic issues.
Seyed Hesam Odin Hashemi, Mohammad Hassan Majidi,
Volume 13, Issue 2 (12-2024)
Abstract
With the ever-increasing growth of the Internet and the expansion of imaging tools, digital images are a huge part of the information we work with. This information often contains sensitive data that requires protection. This paper presents a chaotic image encryption method that effectively safeguards the information contained within digital images. The IEPS encryption system is an image encryption scheme based on a Piecewise linear chaotic map (PWLCM) and the SHA-512 hashing function. This design incorporates two operations: permutation and substitution of image pixels. In the permutation stage, the PWLCM map is employed, and the features of the SHA-512 are utilized to substitute the pixels. The experimental results demonstrate that the PWLCM encryption algorithm successfully encrypts the information within the image and exhibits robust performance against various analyses, including the entropy, histogram, key sensitivity criterion, and resistance to differential attacks.
Farnoosh Karimi, Behrouz Tork Ladani, Behrouz Shahgholi Ghahfarokhi,
Volume 13, Issue 2 (12-2024)
Abstract
As the intensity of global cybersecurity threats continues to rise, the need for training security professionals has gained greater significance. Educational programs, complemented by laboratories and the execution of cybersecurity exercises, play a fundamental role in enhancing both offensive and defensive capabilities. The execution of such exercises is particularly crucial in operational networks, where testing cyberattacks may not be feasible. Cyber ranges offer an appropriate platform for conducting these exercises. A primary challenge in cybersecurity education is aligning training programs with the diverse skill levels of learners. Adaptive learning, powered by artificial intelligence and recommendation systems, can provide an effective solution for delivering personalized instruction. This study focuses on the KYPO Cyber Range to examine the potential of substituting or augmenting the role of the instructor with an AI-based recommendation agent. The objective of this research is to minimize human intervention and improve the efficiency of the training process. To this end, data collected from the KYPO Cyber Range, developed by Masaryk University, has been utilized, and various machine learning models have been applied to automate and optimize the training process. The results of this research indicate that the integration of artificial intelligence can enhance the performance of educational systems and reduce evaluation time.
Fateme Pishdad, Reza Ebrahimi Atani,
Volume 13, Issue 2 (12-2024)
Abstract
With the advancement and development of Internet of Things (IoT) applications, the need for securing infrastructure in this domain has gained particular importance due to the limitations of computational and storage resources. Botnets are among IoT security challenges in which, by infecting computational nodes of this technology, they are capble of turning the network into a collection of compromised machines under the control of attackers. This paper proposes an anomaly detection system based on ensemble learning to prevent and identify IoT botnet attacks at the initial scanning stage and DDoS attacks. This system uses feature selection and optimal hyperparameter tuning for each classifier to increase model accuracy and prevent overfitting. The data used in this paper is taken from the BoT-IoT dataset, which covers activities related to different stages of the botnet lifecycle. For feature selection and classification, two ensemble learning algorithms, LightGBM and Random Forest, are used, and hyperparameter optimization is performed using the TPE method. Results demonstrated that the LightGBM algorithm achieved an error rate of 0.98% and an accuracy of 99.02%, while the Random Forest algorithm exhibited an error rate of 0.01% and an accuracy of 99.99%, indicating highly satisfactory performance in attack detection. The proposed models, with increased training and prediction time, have offered significantly higher accuracy compared to previous models.
Fatemeh Gholami Sabzevar, Masoumeh Safkhani,
Volume 13, Issue 2 (12-2024)
Abstract
Privacy preservation in healthcare monitoring systems has always been a concern for both patients and doctors. To address this issue, many protocols have been designed. In this article, we examine the proposed scheme by Nasr Esfahani and colleagues, evaluating it from a security perspective. Their proposed scheme uses a three-layer hierarchical template chain to store and maintain critical medical information of patients in a centralized and secure manner. Additionally, by using Zero-Knowledge Proof (ZKP) and ring signature methods, they demonstrate that their scheme protects medical data against both internal and external attacks. According to potential scenarios, the Nasr Esfahani et al. protocol has shown good performance against many attacks, such as storage attacks and replay attacks, but it is vulnerable to integrity violation attacks. The success probability of the attacks presented in this article is one, and the complexity is only a single execution of the protocol.
Mahnaz Noroozi, Atiye Sadeghi ,
Volume 13, Issue 2 (12-2024)
Abstract
Arian Arabnouri, Soheil Eissazadeh, Alireza Shafieinejad,
Volume 13, Issue 2 (12-2024)
Abstract
Auditable log is a common approach for monitoring system performance, forensic investigations, and event analysis. Regarding the crucial role of logs in identification of attackers, adversaries often attempt to tamper with these files to hide their traces. As a result, ensuring the secure storage of logs is critical. Blockchain technology, with its immutability feature, provides an ideal solution for secure storing of logs. However, the scalability limitations of existing public blockchains have made blockchain-based solutions impractical. To address this challenge, this paper proposes an approach where logs are categorized into time-based intervals, and a chain of linked entries using Message Authentication Codes (MAC) for each type of log. In addition to MAC, a counter is assigned to each class of log to enable detection of any deletion, insertion, repetition, or even reordering of log records, as the logical chain would be disrupted. At the end of each interval, known as checkpoint, newly verified log is appended to the blockchain. This approach not only ensures the security of logs but also enhances system efficiency by reducing the amount of data stored on the blockchain through batch processing. Our implementation demonstrates that the proposed system offers improved efficiency, requiring fewer computations compared to other methods.
Keivan Khoormehr, Javad Alizadeh, Mohsen Jahanbani,
Volume 13, Issue 2 (12-2024)
Abstract
Side-channel attacks, particularly power analysis attacks, pose a significant threat to the security of block cipher applications in hardware. These attacks can be executed using three primary methods: Simple Power Analysis (SPA), Differential Power Analysis (DPA), and Correlation Power Analysis (CPA). This paper examines the vulnerability of the SPEEDY block cipher to such power analysis attacks. In the first section, we demonstrate that the non-linear layer of the SPEEDY block cipher is susceptible to information leakage when subjected to power analysis attacks. By implementing the cipher in hardware and utilizing 1000 input samples, we establish that key-recovery attacks are feasible. The second section focuses on countermeasures to enhance the security of the SPEEDY block cipher against power analysis attacks. We propose a secure implementation method that employs Domain-Oriented Masking (DOM). Using the SILVER tool and the T-test method, we show that the secured version of the SPEEDY block cipher effectively mitigates the vulnerabilities and information leakages present in the original version when exposed to power analysis attacks.
Mrs Vahideh Ghanooni Shishavan, Doctor Shaban Elahi, Doctor Sadegh Dorri Nogoorani, Doctor Ali Yazdian Varjani,
Volume 14, Issue 1 (9-2025)
Abstract
The issuance of electronic invoices in the tax sys�tem, although a new topic, has not yet been able to fully provide an optimized tax system. Some of the challenges in the tax system include transaction data forgery, the complexity of the invoicing process, and the risks associated with storing data in centralized databases. Blockchain technology, with features such as transparency, resistance to tampering, and decen�tralization, can be a suitable solution. Ensuring the privacy and security of tax data and maintaining a balance between transparency and confidentiality in tax systems is of utmost importance. In this paper, a tax system model has been pro�posed base on a permissioned private blockchain. In this type of blockchain, only validating nodes have access to the information, and data access is restricted. This approach prevents the exposure of confidential information. Our proposed model con�sists of several processing nodes that are part of the blockchain network. These nodes are responsible for validating transactions and verifying information. In this model, various organizations, including the tax. All rights reserved. administration, banks, and other entities, connect to the blockchain network via nodes, but the network is not organizationally part of any single entity. Each organization interacts with the network through its own specific processing nodes. The model includes six layers, explained as follows: 1) Network Layer: This layer consists of processing nodes that represent various organizations (e.g., the tax administration, banks, tax payers, cham�bers of commerce, and official accountants). These nodes are responsible for validating transactions and maintaining the distributed ledger. The net�work generally includes organizations, processing nodes, and users. 2) Protocol Layer: This layer manages transaction processes, consensus, and data storage. Here, sales transactions are recorded, and the global state is maintained in the distributed ledger. Consensus in this model is achieved through the Raft algorithm, which is resistant to potential failures. 3) Privacy Layer: Private data is isolated and stored in different channels to prevent unautho�rized access. For each transaction, data related to goods and services, exemptions, and liabilities are stored in private datasets. These data are only accessible by authorized processing nodes. 4) Governance Layer: This layer is responsible for managing electronic certificates and network security. Security is ensured through a certificate au�thority, public and private keys, and access con�trol mechanisms. Additionally, identity manage�ment and member access control within the net�work are handled in this layer. 5) Integration Layer: This layer uses tools like gRPC and Oracles to communicate with exter�nal systems. Events are recorded and sent to other network members, and the necessary data for completing transactions is supplied through Oracles. 6) Application Layer: This layer consists of appli�cations that provide a user interface for interacting with the blockchain. These applications connect to smart contracts and other blockchain components through a Software Development Kit (SDK). The model has been evaluated from four perspec�tives: (1) Qualitative Evaluation: Experts in various fields have reviewed the model. (2) Technical perspective: the model ensures data se�curity through consensus protocols and digital certificates. It also offers better scalability due to the use of a private blockchain. (3) Organizational Perspective: The model is com�patible with traditional systems and can be easily implemented on existing infrastructures. (4) Environmental Perspective: Some challenges, such as coordination with tax laws and processes, require attention. From a security perspective, three main aspects have been examined: (1) Confidentiality: This is ensured by storing data in the private blockchain, identity verification through digital certificates, and appropriate ac�cess control. (2) Data Integrity: This is guaranteed through the consensus protocol and the recording of transac�tions via smart contracts. (3) Availability: This is maintained by designing a distributed network that is resilient to node fail�ures. Regarding the efficiency of the proposed model, it is suitable for large-scale and national implementations. The system continuously records transactions and, compared to traditional systems, places less strain on the infrastructure. Tests have shown that the Raft consensus protocol has low latency and good perfor�mance. Our comparison with previous systems that use public or centralized blockchains shows that our pro�posed model has more advantages. The most signifi�cant benefits are its transparency, security, and scal�ability. In comparison to other models, this system has successfully addressed challenges related to data forgery and the complexity of the invoicing process.
Fatemeh Charlank Bakhtiari, Abbas Ghaemi Bafghi,
Volume 14, Issue 1 (9-2025)
Abstract
With the rapid development of digital technolo gies, the need for new solutions to protect privacy and data security has increased. One technology that has attracted much attention is blockchain, a distributed ledger known for its features like transparency, de centralization, and security, particularly regarding privacy. However, this technology can pose a threat to users’ privacy, especially concerning the origin, destination, and flow of cryptocurrency transactions. Therefore, anonymity in blockchain transactions and the protection of users’ privacy are key aspects of this technology. In this paper, we review the secu rity features of blockchain, which include integrity, transparency, traceability, honesty, anonymity, and immutability. Each feature plays a fundamental role in maintaining the security and integrity of blockchain-based systems. Also, the problems in pro tecting privacy in permissionless blockchains have been examined. For this purpose, a systematic re view of the existing articles and research in this field has been reviewed and categorized. A systematic literature review is an efficient research tool. It in cludes three main stages: planning, implementation, and reporting. In the planning phase, research ques tions are extracted and appropriate databases are selected for searching. In the implementation phase, data is extracted from various articles and publi cations, and in the reporting phase, the results are presented in detail. Finally, this research method answers fundamental questions in various blockchain f ields, including privacy, anonymity, and threats. The four main research questions are: 1) What are the characteristics, advantages, and disadvantages of different types of blockchains? 2) What are the concepts of anonymity, pseudo-anonymity, privacy, and confidentiality, and how are privacy practices implemented? 3) What are the vulnerabilities and threats to privacy and anonymity? 4) What methods can address threats to privacy and anonymity? To carry out this research, a detailed plan was de veloped to search for and collect scientific articles and resources from reputable databases, including IEEE Xplore, ACM, ScienceDirect, Springer, and Google Scholar. The searches were conducted using keywords like ”blockchain,” ”privacy,” ”anonymity,” and ”se curity.” A review was conducted of articles published between 2018 and 2023. Based on the established in clusion and exclusion criteria, duplicate studies were eliminated, refining the final results. The initial stage of searching using the keyword ”Blockchain” in various databases identified numer ous articles from diverse fields such as the Internet of Things, healthcare, smart contracts, banking and f inance, and other fields. After reviewing the titles, keywords, and abstracts, it was determined that a sig nificant challenge in this field is ensuring the privacy and security of users’ identities in the blockchain. In the nextstage, thekeywords”Blockchain,””Privacy,” ”Anonymity,” and ”Security” were used to search and identify morearticles. The article filtering process was divided into three stages. In the first stage, the ini tial review of titles and keywords reduced the number of articles from 1,233 to 947. In the second stage, af ter reviewing the abstracts, 404 relevant articles were identified. Finally, in the third stage, the full texts of the remaining articles were read, and the same num ber of articles was selected for more accurate infor mation extraction. The distribution of articles was analyzed in three ways: year of publication, source of publication, and topic. This survey indicates that the scientific com munity’s attention has fluctuated, increasing and then decreasing until 2019. IEEE and ScienceDirect have contributed the most to this topic, with 328 and 251 papers, respectively, while ACM has contributed the least. Figures 1, 2, and 3 demonstrate an increas ing use of blockchain technology across various fields, including cybersecurity, privacy, and anonymity. Answer to the first research question: Blockchains can be classified into three categories: public (permis sionless), private (permissioned), and consortium. Public chains like Bitcoin and Ethereum offer high transparency and decentralized security, enabling participation from everyone. The need for widespread consensus leads to decreased efficiency and increased energy consumption. In contrast, private chains allow access only to specific individuals or organizations and are suitable for corporate applications with high efficiency, faster processing, and greater control over data, but may lead to centralization and are vulner able to changes. Consortium chains blend elements of both public and private blockchains. They main tain a balance between transparency and privacy by being managed by a group of trusted organizations. Nonetheless, this management approach can compli cate processes because it necessitates coordination among the various network members. Answertothesecondresearchquestion:Anonymity, pseudo-anonymity, privacy, and confidentiality are key concepts in blockchain security. Anonymity refers to the concealment of users’ identities, while pseudo-anonymity refers to the use of pseudonymous addresses that still allow indirect identification of users. Privacy gives users control over their personal information and transactions, while confidentiality protects against unauthorized disclosure of that in formation. Although these concepts are related, they have distinct differences. Anonymity can improve user security but may also foster abuse, while privacy mainly focuses on the management of user data. To preserve privacy on the blockchain, methods such as one-time addresses (generating a new address for each transaction), group signatures (allowing an in dividual’s identity to remain hidden among a group of users), zero-knowledge proofs (which allow a claim to be verified without revealing information), and transaction mixers (which combine transaction data to prevent tracking) are used, each of which offers different levels of security and efficiency. The follow ing is a comparison of various privacy methods and their key features, including security level, efficiency, level of anonymity, and implementation challenges. Some methods, such as zero-knowledge proofs, are highly secure but computationally expensive, while methods such as one-time addresses are simpler but provide a lower level of anonymity. This table helps you decide which method is best for your needs. Answer to the third research question: Blockchain threats and vulnerabilities are categorized into nine main groups: application attacks, consensus attacks, cryptanalysis, double spending, identity privacy, net work attacks, smart contracts, mining attacks, and unclassified attacks, each of which threatens user se curity and privacy differently. Network attacks such as sibyl attacks, denial of service, and data inter ception are the most common threats that can ex pose user information and reduce network perfor mance. Consensus and cryptanalysis attacks can dis rupttransactionsecurityandputuserdataatrisk.On the other hand, double spending attacks and smart contract vulnerabilities (such as the DAO attack) mayleadtofinancialfraudandassettheft. Also, iden tity privacy attacks such as impersonation and wal let information leakage can reveal user identities. Ad dressing these threats necessitates the use of stronger cryptography, enhanced consensus mechanisms, and the application of privacy-preserving methods. Addi tionally, the focus of the scientific community high lights that network attacks are particularly critical due to their direct impact on the security and per formance of blockchain technology. To address the fourth research question, various security solutions have been evaluated to counter threats to the chain of custody, tailored to the specific type of attack. Self-organizing maps, access control layer encryption, and rigorous transaction validation are employed to combat application and consensus attacks. Network attacks and cryptanalysis can be mitigated through data encryption, traffic analysis, security protocols like BGPsec,andstrongdigitalsignatures. Toprevent double spending, techniques such as utilizing nonces in transactions and combining digital signatures are employed. Smart contracts are secured through dy namicrules, secure payment methods, and smart con tracts. Also, to prevent user identity extraction and general threats, techniques such as zero-knowledge proofs, zero-blocks, anonymity, and intrusion detec tion are implemented in the network, which plays an important role in maintaining user security and pri vacy. This study can be used as a research basis to identify open issues and create new research direc tions in the future. The statistical data presented in tables and graphs indicate the positive impact of the blockchain on improving the performance of in formation systems and reducing costs. The findings of this study can guide the development of secure blockchain-based systems in the future and provide new directions for further research.
M.s Amin Chahardoli, Dr Abouzar Arabsorkhi,
Volume 14, Issue 1 (9-2025)
Abstract
In today’s modern world, with the emergence of technological advancements, cybersecurity has become one of the most critical issues. Every day, millions of data items are exchanged across the internet, exposing organizations and individuals to threats such as cyber intrusions, unauthorized access to information, and more. In this dynamic environment, Threat Intelligence has emerged as a prominent and effective tool to combat these threats—without overlooking necessary sensitivities. This modern approach enables organizations to analyze threat intelligence data meticulously, respond proactively to cyberattacks, and ensure the desired level of information security.
Given the increasing trend of cyberattacks, governments and organizations worldwide are pursuing strategies to strengthen institutional capacities for threat intelligence. In this article, through a comparative study of frameworks, standards, platforms, and coalitions (as key tools for enhancing cybersecurity and preventing attacks), the researcher provides a detailed analytical examination of these tools and their role in reinforcing cybersecurity systems. By focusing on the structural strengths and implementation components of threat intelligence in organizations—and leveraging the experiences of governments and international coalitions—this research aims to illustrate the essential role of these components in the production, dissemination, and utilization of threat intelligence. It also highlights the importance of effectively integrating these solutions into an organization’s information security cycle.
Achieving threat intelligence through frameworks, standards, platforms, and related coalitions requires attention to diverse requirements and actions. Based on the findings of this research, decision-makers and stakeholders can anticipate and operationalize necessary measures to implement threat intelligence approaches at an organizational level. Furthermore, adopting these frameworks, standards, platforms, and coalitions not only helps organizations utilize threat intelligence more effectively but also plays a critical role in decision-making and countering cyberattacks.
Frameworks, standards, platforms, and coalitions supporting threat intelligence development represent the most vital components, tools, and approaches used in the collection, analysis, and application of threat intelligence. These tools and standards have advanced significantly over time to assist organizations in effectively combating cyber threats. They enable organizations to better produce, disseminate, and implement threat intelligence strategies to address diverse attacks and threats.
This article is based on an extensive and in-depth study of major international frameworks for implementing and developing threat intelligence, as well as adopting standards and structures aligned with organizational needs—including principles, processes, responsibilities, and roles—within the threat intelligence lifecycle. By analyzing published best practices and insights from this research, practical recommendations are provided to organizations for managing threat intelligence. The production, dissemination, analysis, and application of threat intelligence are critically important for organizations due to the following reasons:
• Threat Identification and Prediction: Threat intelligence helps organizations identify and analyze patterns and trends in cyberattacks. This information guides organizations in predicting future attack types and planning appropriate countermeasures.
• Enhancing Incident Response: By leveraging threat intelligence, organizations can respond swiftly and effectively to cyberattacks. This minimizes potential damages and reduces the costs associated with attacks.
• Strengthening Cybersecurity: Organizations can implement necessary improvements to their systems and networks using threat intelligence, thereby better protecting their resources. These measures include researching and developing security technologies, enforcing efficient security policies, and enhancing employee awareness and trainin.
The development and implementation of frameworks, standards, platforms, and coalitions not only empower organizations to leverage threat intelligence more effectively but are also pivotal in strategic decision-making and countering cyberattacks. In the pervasive world of information technology, threat intelligence serves as a vital and undeniable tool in addressing organizations’ security challenges. The use of threat intelligence in cybersecurity management—encompassing concepts such as threat identification, data-driven security decision-making, protection of sensitive information, defensive strategies, early detection and rapid response, and risk prediction and mitigation—emerges as a key factor in elevating security standards. By emphasizing the importance of these issues and the unparalleled role of threat intelligence in preventing and countering cyber threats, organizations are encouraged to leverage this powerful tool in the realm of cybersecurity.
Based on the outlined considerations, the primary research question of this study is:
• What are the functional roles of frameworks, standards, platforms, and alliances supporting threat intelligence in organizations? Addressing this main question requires answering the following sub-questions:
• What are the constituent components and elements of frameworks, standards, platforms, and alliances supporting threat intelligence in organizations?
• What are the factors influencing the selection and implementation of frameworks, standards, platforms, and alliances supporting threat intelligence in organizations?
• What are the criteria influencing the selection and implementation of frameworks, standards, platforms, and alliances supporting threat intelligence in organizations?
• What is the status of these influential criteria concerning each selected framework, standard, platform, or alliance supporting threat intelligence in organizations?
• How will the evaluation and assessment of selected frameworks, standards, platforms, and alliances supporting threat intelligence be conducted based on these criteria?
Dr. Marzieh Vahid Dastjerdi, Mr. Majid Rahimi,
Volume 14, Issue 1 (9-2025)
Abstract
The objective of this paper is to analyze and evaluate the behaviour of modular addition and subtraction in symmetric cipher attacks. Modular addition is one of the most widely used nonlinear operators in symmetric cryptographic algorithms. In ARX symmetric algorithms, only three operators are utilized: modular addition, rotation, and XOR. In ARX-like algorithms, modular subtraction or a substitution box is employed, in addition to the standard ARX operations. Since modular subtraction exhibits similar behaviour to modular addition, its behaviour against cryptanalytic attacks has not been explicitly studied in the literature. Therefore, this paper aims to provide a comprehensive overview of the behaviour of modular addition and subtraction in differential, linear, integral cryptanalysis based on division property, and rotational attacks, using both manual analysis and automated methods via MILP (Mixed-Integer Linear Programming). We demonstrate that there is no difference between modular addition and subtraction in differential, linear, and rotational cryptanalysis. However, in integral cryptanalysis based on the division property, these two operations behave differently.
|
|
