Journal of Cyber Security and Risk Auditing

Volume 2025, Issue 1 - Table of Contents

Cybersecurity threats, countermeasures and mitigation techniques on the IoT: Future research directions

By Almaha Adel Almuqren

PDF logoPDF

Abstract

The Internet of Things (IoT) has gotten a lot of interest from the information and communication technology community. The availability of tools afforded by this paradigm, such as environmental monitoring using user data and everyday items, is one of the key reasons. In addition, the IoT infrastructure's capabilities enable the creation of a wide range of new business models and applications such as smart homes, smart cities and e-health. However, there are still concerns over the security issues that need addressing to ensure an appropriate deployment. With the increasing threat of cyber-attacks, cybersecurity has emerged as one of the most critical aspects on the IoT. IoT cybersecurity aims to secure IoT assets and privacy while lowering cybersecurity risks for enterprises and consumers. In addition, new cybersecurity tools and technology have the potential to improve IoT security management. This paper aims to provide a comprehensive analysis of the classification of cyber threats, attacks in IoT layers. The study’s findings show that viruses, spyware and malware attacks were the most prevalent technical threats in IoT application layer, each accounting for 30% of incidents. Malicious code attacks were identified as the second rank of main threats and attacks that representing 20% of incidents. While, phishing attacks was identified as the third level of main threats and attacks that representing 15% of incidents. In fourth classification was cross-site scripting and Botnet attacks, with 10% of incidents in IoT application layer. The results from this research could help organizations in understanding the main types of cyber-attacks in IoT applications in order to develop robust methods against these types of these attacks.

Applying risk analysis for determining threats and countermeasures in workstation domain

By Rama Soliman Mousa, Rami Shehab

PDF logoPDF

Abstract

The main purpose of this research is to perform a comprehensive analysis of cyber risks in workstation domain, including classifying threats, vulnerabilities, impacts, and countermeasures. This classification helps to identify suitable security controls to mitigate cyber risks for each type of attack. Additionally, this study aims to explore the main vulnerabilities based on the type of attack in workstation domain. This study employs the content analysis technique to collect, analyze, and classify data in terms of types of threats, vulnerabilities, and countermeasures. The methodology comprises four primary steps: (1) identifying key components, (2) threat identification, (3) vulnerability identification, and (4) countermeasure identification. The findings indicate that malware attacks and man in middle attacks were the most prevalent attacks in workstation domain, each accounting for 27% and 25% of incidents. The results found that unpatched software and weak access controls were classified as the most critical threats in the workstation domain, comprising 21% and 20% of incidents, respectively. The results also indicated that encryption methods, access controls mechanisms and firewall malware protection are the most significant and effective countermeasures for protecting the workstation domain environment. The findings of this study provides valuable recommendations for academic research in classifying the different types of cyber threats and understanding the significant security controls against cyber-attacks in workstation domain.

Risk auditing for Digital Twins in cyber physical systems: A systematic review

By Shahed Otoom

PDF logoPDF

Abstract

Digital Twins are emerging as a transformative technology within Cyber-Physical Systems (CPS), offering enhanced optimization, predictive maintenance, and real-time monitoring. However, their integration also introduces significant security challenges. These include vulnerabilities such as data breaches, unauthorized access, and cyber-attacks that disrupt real-time data flow between their physical and digital components. The involvement of IoT devices, sensors, and complex networked environments expands the attack surface, making Digital Twins susceptible to threats like Distributed Denial-ofService (DDoS) attacks, malware infiltration, and insider sabotage. Effective risk management and assessment are crucial in identifying vulnerabilities, evaluating risks, and implementing mitigation strategies. Securing Digital Twins ensures data integrity, system reliability, and the continued functionality of the physical assets they represent. This paper aims to classify the various security threats associated with Digital Twins and propose structured risk management approaches to enhance their security within CPS. By addressing these challenges, organizations can ensure the dependability and trustworthiness of Digital Twin implementations across industries such as manufacturing, healthcare, smart cities, and IoT ecosystems.

Machine Learning for Cybersecurity Issues : A systematic Review

By Aseel Alshuaibi, Mohammed Almaayah, Aitizaz Ali

PDF logoPDF

Abstract

With growing of the usage of the Information technologies and social networks, the identification of different network attacks, especially those not previously discovered, is an important concern that needs to be addressed. This paper is reviewing recent studies on security incidents and related security issues. The aim of the study is to clarify how Machine Learning techniques can influence cybersecurity. Moreover, this study aims to analyze and review previous studies related to machine learning (ML) and how could ML techniques improve the security. In addition, it will discuss and highlight different applications of ML in cybersecurity. As well as understand the use of ML in addressing some of cybersecurity problems. After reviewing previous studies and analyzing the results, the results show that machine learning are positively change the cybersecurity field. By mapping major machine learning algorithms with cyber-attacks and discuss the effectiveness of each algorithm for corresponding attack.

Assessment of cybersecurity threats and defense mechanisms in wireless sensor networks

By Elham Alotaibi, Rejwan Bin Sulaiman, Mohammed Almaiah

PDF logoPDF

Abstract

Wireless sensor networks (WSNs) are a rapidly advancing technology and serve as a foundational component for the Internet of Things (IoT) and various other domains, including healthcare, education, surveillance, military applications, and more. These networks possess unique characteristics such as limited memory, battery life, and processing power, as well as the ability to be deployed in remote or inaccessible areas. While these features enable their widespread use, they also impose significant constraints, making the implementation of robust security and protection mechanisms a complex challenge. This research paper examines a collection of recent scientific studies and proposals aimed at enhancing the security of wireless sensor networks against diverse types of attacks. The primary objective of this study is to explore the common challenges faced by WSNs as an emerging technology. Through a comprehensive review of existing research and practical implementations, it identifies potential risks and threats, evaluates current security measures, and analyzes the outcomes of these studies to provide insights for future advancements in the field.