Explore the vast range of titles available.

The cybersecurity threat landscape has lately become overly complex. Threat actors leverage weaknesses in the network and endpoint security in a very coordinated manner to perpetuate sophisticated attacks that could bring down the entire network and many critical hosts in the network. To defend against such attacks, cybersecurity solutions are upgrading from the traditional to advanced deep and machine learning defense mechanisms for threat detection and protection. The application of these techniques has been reviewed well in the scientific literature. Deep Reinforcement Learning has shown great promise in developing AI solutions for areas that had earlier required advanced human cognizance. Different techniques and algorithms under deep reinforcement learning have shown great promise in applications ranging from games to industrial processes, where it is claimed to augment systems with general AI capabilities. These algorithms have recently also been used in cybersecurity, especially in threat detection and protection, where these are showing state-of-the-art results. Unlike supervised machine learning and deep learning, deep reinforcement learning is used in more diverse ways and is empowering many innovative applications in the threat defense landscape. However, there does not exist any comprehensive review of deep reinforcement learning applications in advanced cybersecurity threat detection and protection. Therefore, in this paper, we intend to fill this gap and provide a comprehensive review of the different applications of deep reinforcement learning in this field.

This paper presents the automated speech signal segmentation problem. Segmentation algorithms based on energetic threshold showed good results only in noise-free environments. With higher noise level automatic threshold calculation becomes complicated task. Rule based postprocessing of segments can give more stable results. Off-line, on-line and extrema types of rules are reviewed. An extrema-type segmentation algorithm is proposed. This algorithm is enhanced bya rule base to extract higher energy level segments from noise. This algorithm can work well with energy like features. The experiments were made to compare threshold and rule-based segmentation in different noise types. Also was tested if multifeature segmentation can improve segmentation results. The extrema rule-based segmentation showed smaller error ratio in different noise types and levels. Proposed algorithm does not require high calculation resources. Such algorithm can be processed by devices with limited computing power.

The modulation recognition technology for acoustic signals holds significant research importance in signal demodulation and communication signal reconnaissance, serving as a crucial component and key aspect. This paper investigates the modulation recognition technology for acoustic signals (< 20 kHz) from the perspectives of signal preprocessing and feature extraction. Firstly, it selects seven modulation signals 2ASK, 4ASK, 2FSK, 4FSK, 2PSK, 4PSK, and OFDM as recognition targets and systematically compares the effectiveness of four different endpoint detection algorithms in modulation signal recognition. To further enhance the performance of the short-time energy entropy ratio algorithm, this study introduces three different noise reduction algorithms for optimization. Finally, to accurately identify and distinguish between 2 and 4FSK signals, this study optimizes the related algorithms of the cyclic spectrum by using the kurtosis coefficient value Kur of the cyclic spectrum parameter matrix when the cyclic frequency α  =  0 to differentiate between these two signals. The results show that at SNR of 4 dB, the proposed modulation recognition algorithm can effectively distinguish between these two signals, achieving a recognition accuracy of over 99%.

With the rise of remote work and the digital industry, advanced cyberattacks have become more diverse and complex in terms of attack types and characteristics, rendering them difficult to detect with conventional intrusion detection methods. Signature-based intrusion detection methods can be used to detect attacks; however, they cannot detect new malware. Endpoint detection and response (EDR) tools are attracting attention as a means of detecting attacks on endpoints in real-time to overcome the limitations of signature-based intrusion detection techniques. However, EDR tools are restricted by the continuous generation of unnecessary logs, resulting in poor detection performance and memory efficiency. Machine learning-based intrusion detection techniques for responding to advanced cyberattacks are memory intensive, using numerous features; they lack optimal feature selection for each attack type. To overcome these limitations, this study proposes a memory-efficient intrusion detection approach incorporating multi-binary classifiers using optimal feature selection. The proposed model detects multiple types of malicious attacks using parallel binary classifiers with optimal features for each attack type. The experimental results showed a 2.95% accuracy improvement and an 88.05% memory reduction using only six features compared to a model with 18 features. Furthermore, compared to a conventional multi-classification model with simple feature selection based on permutation importance, the accuracy improved by 11.67% and the memory usage decreased by 44.87%. The proposed scheme demonstrates that effective intrusion detection is achievable with minimal features, making it suitable for memory-limited mobile and Internet of Things devices.

The risk of intelligent cyber-attacks is increasing as the number of endpoint devices surges and non-face-to-face services expand. As the damage caused by advanced persistent threat (APT), an advanced cyber-attack, increases, companies are researching endpoint detection and response (EDR) or endpoint protection platform. However, because conventional open source-based EDR tools rely on the administrator's preset settings, detecting or responding to APT attacks with new patterns or variant malware requires substantial effort. In this study, fast detection and proactive response (FDPR) is proposed. FDPR complements the limitations of existing single EDR tools by combining google rapid response, an open-source detection-centric tool, an open-source host-based intrusion detection system security (OSSEC), and a response-centric EDR tool. As a result of the experiment, the attack detection performance of FDPR was 97.6%, 3.55 times, and 1.2 times, respectively, compared to the conventional ruleset-based intrusion detection system (R-IDS) and the conventional deep learning-based intrusion detection system (DL-IDS). In addition, compared to R-IDS, the passive response level was improved by 5.76 times, and the active response was enhanced by 11.53%, proving the superiority of the FDPR model.

Because of the problem of low recognition accuracy in the recognition of intrusion vibration events by the distributed Sagnac type optical fiber sensing system, this paper combines the traditional optical fiber vibration signal recognition idea and the characteristics of automatic feature extraction by a convolutional neural network (CNN) to construct a new endpoint detection algorithm and a method of fusing multiple–scale features CNN to recognize fiber vibration signals. Firstly, a new endpoint detection algorithm combining spectral centroid and energy spectral entropy product is used to detect the vibration part of the original signal, which is used to improve the detection effect of endpoint detection. Then, CNNs of different scales are used to extract the multi–level and multi–scale features of the signal. Aiming at the problem of information loss in the pooling process, a new method of combining differential pooling features is used. Finally, a multi–layer perceptron (MLP) is used to recognize the extracted features. Experiments show that the method has an average recognition accuracy rate of 98.75% for the four types of vibration signals. Compared with traditional EMD and VMD pattern recognition and 1D–CNN methods, the accuracy of the optical fiber vibration signal recognition is higher.

In order to identify the elements of folk dance creation, two methods of continuous folk dance movement recognition are proposed in this paper. By considering the dance movement patterns as a whole and the templates as incomplete patterns, OE-DTW is applied to match them to segment and recognize each movement pattern one by one. To enhance the performance, a global restriction K-Repetition and endpoint detection condition are proposed to match with OE-DTW, and a penalty-based layer matching algorithm is proposed by using the layer structure feature of SegSVD so that the endpoint of the input movement pattern can be determined by the top layer matching of the latter when matching with the template pattern. Meanwhile, the similarity between two patterns based on this algorithm can also be calculated by the local results obtained from the weighted cumulative layer matching. Experiments show that the average recognition rate of OE-DTW is 0.891, SegSVD is 0.86, and CDP is 0.828. Both methods can effectively deal with the continuous action recognition problem, and they have better recognition results compared with CDP.

Abstract The double-edged sword of continuous digitization of services and systems opens the door to a myriad of beneficial opportunities, as well as challenging threats. Currently, ransomware is catalogued as the first threat in cybersecurity due to its impact on organizations, critical infrastructure, industry, and society as a whole. Thus, devoting efforts toward developing methodologies to effectively prevent and mitigate ransomware is crucial. In this article, we present an accurate method to identify encrypted bit streams by differentiating them from other high-entropy streams (e.g. compressed files), which is a critical task to detect potentially malicious file write events on the file system in current operating systems. After extensive evaluation, our findings demonstrate that the proposed solution outperforms the current state of the art in both adaptability and accuracy, enabling it to be integrated into current Endpoint Detection and Response systems.

Birds are iconic species of the environment. Bird monitoring can be achieved by collecting recordings of the calls of wild birds and later identifying the species. A new approach suggested in this study involves the application of ensemble empirical mode decomposition (EEMD) to analyze the time‐frequency characteristics of bird calls, along with assessing the variance ratio and correlation coefficient of intrinsic mode functions (IMFs) for recognizing bird vocalizations. A significant aspect of the approach lies in the ability to break down bird call signals characterized by nonstationary and nonlinear features into a limited set of IMFs. In contrast to conventional approaches that are easily influenced by noise disruption and tend to encounter mode aliasing issues, the suggested framework proficiently segregates the signal by the following steps. First, the vocalization signals of bird vocalizations are preprocessed and endpoint detection is used to separate the vocalization signals of each call. Then, through the decomposition of EEMD, multiple intrinsic mode components are acquired, and the ratio of the variance of each IMF to the variance of the original signal is calculated along with the correlation coefficient between each IMF and the original signal. These ratios, in conjunction with the correlation coefficients are used as the call features. Finally, applying a support vector machine classification and recognition algorithm enables a comparative analysis of various calls. The findings of the experiment reveal that the approach introduced in this paper demonstrates superior accuracy in identification compared to conventional methods, offering valuable insights for the identification of bird species, providing certain reference significance for bird species recognition.