Journal of Information Security System and Cyber Criminology Research

Design and Development of a Password Strength Auditor and Leak Detection Tool Using Python

2026-05-26T09:19:27+00:00

In today’s digital world, it is more important than ever to protect user credentials from cyber threats. Passwords are one of the most common entry points for cybercriminals. This study outlines the design and development of a password strength auditor and leak detection tool built entirely in Python on Kali Linux. Password strength is calculated on the basis of several factors, including password length, use of uppercase letters, lowercase letters, numbers, and special characters. SHA-256 hashing is employed for secure password storage. The system integrates ethical security tools to simulate password cracking attacks, including brute-force and dictionary attacks, using Crunch-generated wordlists and John the Ripper. Leak detection is implemented by comparing entered passwords against a curated database of known compromised credentials. A Tkinter-based graphical user interface (GUI) improves usability and accessibility. Evaluation results demonstrate that the system accurately classifies passwords as weak, medium, or strong, and provides actionable recommendations to improve password hygiene. The tool also serves as a practical learning platform for cybersecurity education.

A Review on Cryptographic and Federated Approaches for Privacy-preserving Cyber Threat Intelligence Sharing

2026-05-11T10:31:07+00:00

Cyber threat intelligence (CTI) sharing is now a vital part of modern cybersecurity. It helps organizations detect and reduce new threats more effectively. However, effective cooperation often faces challenges related to data privacy, confidentiality, and trust. This is especially true when sensitive organizational information is involved. This review looks at how CTI sharing can connect with cryptographic techniques and federated learning, highlighting their potential to support secure and privacy-focused collaboration in distributed environments. The study examines current methods, such as open-source intelligence gathering, standardized CTI frameworks, and privacy-focused machine learning models. It points out their shortcomings in promoting secure data sharing between organizations. To tackle these issues, the study proposes a federated threat intelligence sharing (FTIS) framework. This framework combines decentralized federated learning with functional encryption to allow organizations to work together on global threat detection models without revealing raw data. Although the proposed method provides solid privacy protections and enhanced collaboration, challenges like computational demands, varying data quality, and adversarial threats still pose significant obstacles. Yet, the merging of cryptographic strategies and federated systems offers a promising path for creating scalable, secure, and trust-based CTI sharing systems. This work highlights the need to improve privacy-protecting technologies to foster a more coordinated and proactive approach to global cybersecurity.

Dark Web Intelligence Model for Cybercrime Prevention: A Case Study of Cyber Fraud

2026-06-08T11:28:08+00:00

Cyber fraud conducted through dark web platforms continues to pose significant challenges for cybersecurity monitoring and digital investigations. This study presents a dark web intelligence framework that identifies and analyzes fraudulent cyber activity by integrating natural language processing, network analysis, and machine learning. The framework processes unstructured data from underground forums and anonymized communication channels through data preprocessing, feature engineering, and supervised learning. Naive Bayes and random forest algorithms were implemented for fraud classification, while Bayesian risk inference was applied to prioritize threat severity and enhance analytical interpretation. In addition, interaction-based network analysis was utilized to identify influential actors and communication patterns associated with cyber fraud operations. Experimental results indicate that the framework successfully identified multiple fraud-related activities and extracted meaningful threat indicators, achieving strong classification performance. However, reduced performance was observed in categories with overlapping semantic characteristics, indicating the need for improved contextual feature representation. The framework achieved macro F1-scores above 0.92 during fraud classification and further generated intelligence-driven outputs, including automated alerts and high-risk actor identification, to support proactive cybercrime investigation and prevention efforts. The proposed approach provides a scalable, interpretable, and intelligence-driven solution for dark web cyber threat analysis and contributes to ongoing research in cybersecurity intelligence operations.

IoT Threats and Vulnerabilities: Integrated Kali Linux-based Security Framework

2026-05-11T12:05:29+00:00

The Internet of Things (IoT) is a subdivision of technology nowadays. It connects numerous devices such as sensors, cameras and smart home systems. This simplifies the process of doing things a lot. IoT devices also have some big security issues. The majority of such devices lack security since they are not very strong, and they lack excellent methods of controlling the user. This renders them vulnerable to attack. They allow people to access them without being authorized to steal data and attack the network. To resolve this issue, a new security system was developed named KaliIoTSec+. This system is based on lots of Kali Linux tools to make IoT devices safer. KaliIoTSec+ operates by analyzing the network to identify all the connected devices. Then it watches the data that is being sent. It attempts to identify flaws within the system. This is tested by making the system believe that it is being attacked. This is to observe the functionality of the system. The security is also verified to ensure that the system is secure and no one is attempting to enter the system without authorization. The security checks are similar to door locks. The system must be powerful so that no one can sneak in. The system is very important in the security checks. The performance was satisfactory. The combination of a large number of tools increases the security of IoT devices compared to the security of a single tool. Threats can be detected by KaliIoTSec+. Stop them. This assists in maintaining IoT systems. It further demonstrates that security systems should secure digital systems. Perhaps, one day, one will be able to make KaliIoTSec+ even smarter. This will assist it in detecting threats more quickly and independently.