<p>The increasing cybersecurity vulnerabilities in smart cities are driven by complex and interconnected infrastructure. Traditional security measures often fail to address emerging and sophisticated cyber threats that target critical city systems. Therefore, a proactive and adaptive framework is required to detect, mitigate, and respond to cyber threats in real-time, ensuring the safety and continuity of urban services. The Cybersecurity Threat Detection and Mitigation Framework (CTDMF-SC) is the ultimate solution to all of these issues. The proposed framework operates in two phases. In the first phase, cyber threats are detected using the Smart City Honeypot Integration Framework (SCHIF), which deploys a multi-tiered array of location-based and protocol-aware honeypots across various smart city domains. The honeypots send attack data and logs to the Management Layer. This layer pushes updates to honeypots, configuration changes, and response instructions. The tiered honeypot architecture establishes a multi-stage deception environment, forcing attackers to navigate through successive defensive rings, and ultimately, threats are detected and responded to before they reach the critical infrastructure. In the second phase, the chances of threat occurrence are mitigated through a predictive threat mitigation process, which leverages a hybrid CNN-LSTM model for predictive threat analysis, demonstrating 96.3% detection accuracy in comparative evaluation and outperforming several baseline algorithms. The framework orchestrates automated mitigation responses including firewall rule updates. Automated decoy systems mislead attackers to false targets. Real-time global threat intelligence enables coordinated municipal response across all city departments during cyberattacks and instant security updates deployed across the city infrastructure. The performance of the CTDMF-SC is evaluated across five distinct dimensions: Threat Detection and Mitigation, which exhibit metrics of 96% and 91%, respectively. The system demonstrated a Threat Response time of 15 min and a false-positive rate of 10%. In terms of Threat Categories, there was a 60% reduction in threats associated with Social Engineering and other types. Infrastructure Protection achieves security levels that range from 85% to 100%. The Cost–Benefit Analysis indicated a significant reduction in security losses, coupled with a high Return on Investment (ROI), thereby preventing cyberattacks and ensuring the uninterrupted functioning of critical services.</p>

错误:搜索内容不能为空,请输入英文关键词
错误:关键词超出字数限制,请精简
高级检索

CTDMF-SC: cybersecurity threat detection and mitigation framework for smart cities

  • Shahzad Ashraf,
  • Chang Choi,
  • Ahmad Bilal

摘要

The increasing cybersecurity vulnerabilities in smart cities are driven by complex and interconnected infrastructure. Traditional security measures often fail to address emerging and sophisticated cyber threats that target critical city systems. Therefore, a proactive and adaptive framework is required to detect, mitigate, and respond to cyber threats in real-time, ensuring the safety and continuity of urban services. The Cybersecurity Threat Detection and Mitigation Framework (CTDMF-SC) is the ultimate solution to all of these issues. The proposed framework operates in two phases. In the first phase, cyber threats are detected using the Smart City Honeypot Integration Framework (SCHIF), which deploys a multi-tiered array of location-based and protocol-aware honeypots across various smart city domains. The honeypots send attack data and logs to the Management Layer. This layer pushes updates to honeypots, configuration changes, and response instructions. The tiered honeypot architecture establishes a multi-stage deception environment, forcing attackers to navigate through successive defensive rings, and ultimately, threats are detected and responded to before they reach the critical infrastructure. In the second phase, the chances of threat occurrence are mitigated through a predictive threat mitigation process, which leverages a hybrid CNN-LSTM model for predictive threat analysis, demonstrating 96.3% detection accuracy in comparative evaluation and outperforming several baseline algorithms. The framework orchestrates automated mitigation responses including firewall rule updates. Automated decoy systems mislead attackers to false targets. Real-time global threat intelligence enables coordinated municipal response across all city departments during cyberattacks and instant security updates deployed across the city infrastructure. The performance of the CTDMF-SC is evaluated across five distinct dimensions: Threat Detection and Mitigation, which exhibit metrics of 96% and 91%, respectively. The system demonstrated a Threat Response time of 15 min and a false-positive rate of 10%. In terms of Threat Categories, there was a 60% reduction in threats associated with Social Engineering and other types. Infrastructure Protection achieves security levels that range from 85% to 100%. The Cost–Benefit Analysis indicated a significant reduction in security losses, coupled with a high Return on Investment (ROI), thereby preventing cyberattacks and ensuring the uninterrupted functioning of critical services.