Do Thi Thu Hien

Trong-Nghia To, Danh Le Kim, Do Thi Thu Hien et al.

Recently, there has been a growing focus and interest in applying machine learning (ML) to the field of cybersecurity, particularly in malware detection and prevention. Several research works on malware analysis have been proposed, offering promising results for both academic and practical applications. In these works, the use of Generative Adversarial Networks (GANs) or Reinforcement Learning (RL) can aid malware creators in crafting metamorphic malware that evades antivirus software. In this study, we propose a mutation system to counteract ensemble learning-based detectors by combining GANs and an RL model, overcoming the limitations of the MalGAN model. Our proposed FeaGAN model is built based on MalGAN by incorporating an RL model called the Deep Q-network anti-malware Engines Attacking Framework (DQEAF). The RL model addresses three key challenges in performing adversarial attacks on Windows Portable Executable malware, including format preservation, executability preservation, and maliciousness preservation. In the FeaGAN model, ensemble learning is utilized to enhance the malware detector's evasion ability, with the generated adversarial patterns. The experimental results demonstrate that 100\% of the selected mutant samples preserve the format of executable files, while certain successes in both executability preservation and maliciousness preservation are achieved, reaching a stable success rate.

Tran Vy Khang, Nguyen Dang Nguyen Khang, Nghi Hoang Khoa et al.

Web applications remain the dominant attack surface in cybersecurity, where vulnerabilities such as SQL injection, XSS, and business logic flaws continue to cause significant data breaches. While penetration testing is effective for identifying these weaknesses, traditional manual approaches are time-consuming and heavily dependent on scarce expert knowledge. Recent Large Language Models (LLM)-based multi-agent systems have shown promise in automating penetration testing, yet they still suffer from critical limitations: over-reliance on parametric knowledge, fragmented session memory, and insufficient validation of attack payloads and responses. This paper proposes Red-MIRROR, a novel multi-agent automated penetration testing system that introduces a tightly coupled memory-reflection backbone to explicitly govern inter-agent reasoning. By synthesizing Retrieval-Augmented Generation (RAG) for external knowledge augmentation, a Shared Recurrent Memory Mechanism (SRMM) for persistent state management, and a Dual-Phase Reflection mechanism for adaptive validation, Red-MIRROR provides a robust solution for complex web exploitation. Empirical evaluation on the XBOW benchmark and Vulhub CVEs shows that Red-MIRROR achieves performance comparable to state-of-the-art agents on Vulhub scenarios, while demonstrating a clear advantage on the XBOW benchmark. On the XBOW benchmark, Red-MIRROR attains an overall success rate of 86.0 percent, outperforming PentestAgent (50.0 percent), AutoPT (46.0 percent), and the VulnBot baseline (6.0 percent). Furthermore, the system achieves a 93.99 percent subtask completion rate, indicating strong long-horizon reasoning and payload refinement capability. Finally, we discuss ethical implications and propose safeguards to mitigate misuse risks.

Phan The Duy, Hien Do Hoang, Do Thi Thu Hien et al.

Software-Defined Network (SDN) is a new arising terminology of network architecture with outstanding features of orchestration by decoupling the control plane and the data plane in each network element. Even though it brings several benefits, SDN is vulnerable to a diversity of attacks. Abusing the single point of failure in the SDN controller component, hackers can shut down all network operations. More specifics, a malicious OpenFlow application can access to SDN controller to carry out harmful actions without any limitation owing to the lack of the access control mechanism as a standard in the Northbound. The sensitive information about the whole network such as network topology, flow information, and statistics can be gathered and leaked out. Even worse, the entire network can be taken over by the compromised controller. Hence, it is vital to build a scheme of access control for SDN's Northbound. Furthermore, it must also protect the data integrity and availability during data exchange between application and controller. To address such limitations, we introduce B-DAC, a blockchain-based framework for decentralized authentication and fine-grained access control for the Northbound interface to assist administrators in managing and protecting critical resources. With strict policy enforcement, B-DAC can perform decentralized access control for each request to keep network applications under surveillance for preventing over-privileged activities or security policy conflicts. To demonstrate the feasibility of our approach, we also implement a prototype of this framework to evaluate the security impact, effectiveness, and performance through typical use cases.

Phan The Duy, Do Thi Thu Hien, Van-Hau Pham

The modern society, economy and industry have been changed remarkably by many cutting-edge technologies over the last years, and many more are in development and early implementation that will in turn led even wider spread of adoptions and greater alteration. Blockchain technology along with other rising ones is expected to transform virtually every aspect of global business and individuals' lifestyle in some areas. It has been spreading with multi-sector applications from financial services to healthcare, supply chain, and cybersecurity emerging every passing day. Simultaneously, in the digital world, data protection and privacy are the most enormous issues which customers, companies and policymakers also take seriously into consideration due to the recent increase of security breaches and surveillance in reported incidents. In this case, blockchain has the capability and potential to revolutionize trust, security and privacy of individual data in the online world. Hence, the purpose of this paper is to study the actual cases of Blockchain applied in the reformation of privacy and security field by discussing its impacts as well as the opportunities and challenges.