Network intrusion detection systems (IDS) face persistent challenges with imbalanced datasets, limited effectiveness against zero-day attacks, and inconsistent performance across diverse attack vectors. This paper presents the Adaptive Multi-View Transformer Ensemble for Intrusion Detection (AMTE-IDS), a comprehensive framework that addresses these limitations through innovative integration of advanced data balancing, multi-perspective feature learning, and dynamic ensemble classification. We introduce a Multi-Modal Wasserstein GAN with Gradient Penalty (MM-WGAN-GP) architecture employing multiple critics with complementary perspectives to generate high-quality synthetic samples for minority attack classes. Our Multi-View Feature Learning module extracts complementary representations of network traffic through specialized transformer-based pathways focusing on global features, temporal patterns, and protocol-specific characteristics. A Dynamic Ensemble Detection module adaptively combines specialized classifiers based on input characteristics, enabling effective detection across diverse attack vectors while maintaining robust performance against evolving threats. Extensive experimentation on NSL-KDD, UNSW-NB15, and CIC-IDS2017 datasets demonstrates that AMTE-IDS achieves 97.8% overall accuracy with 73.2% F1-score for minority classes, outperforming state-of-the-art MCGC-IDS by +0.9%/+2.4% respectively (p < 0.001), with 57.1% false positive rate reduction and 0.35ms per-sample inference latency confirming real-time deployment viability. The framework demonstrates strong generalization across different network environments and attack patterns, offering a promising approach for addressing the complex challenges of modern network security.

The Internet of Things (IoT) devices have brought invaluable convenience to our daily lives. However, they also introduce significant security challenges. Common vulnerabilities in numerous IoT devices predominantly reside in their web services. Unfortunately, existing vulnerability detection methods either incur heavy execution overhead or produce excessive false positives/negatives. This significantly hinders the efficient analysis of vulnerabilities in web services. This paper proposes CID4IoT, a novel static automated vulnerability detection approach designed to effectively detect command injection vulnerabilities in web services provided by IoT devices. Inspired by the concept of taint analysis, CID4IoT first analyzes vulnerability reports to identify taint source functions and sink functions. Then, CID4IoT extracts pseudocode between taint source functions and sink functions to form critical code snippets. Subsequently, it utilizes LLM to analyze these critical code snippets for vulnerability detection.We implemented a prototype of CID4IoT and evaluated it on real firmware devices. CID4IoT discovered 54 previously unknown vulnerabilities, of which 39 are confirmed by CVE. Compared with state-of-the-art tools KARONTE and SaTC, it identified significantly more vulnerabilities in the test set while achieving notable improvements in analysis efficiency. The results demonstrate that CID4IoT is effective in detecting flaws in IoT devices

Smart metering systems represent a transformative advancement in electrical energy measurement, replacing traditional electromechanical meters with digital devices capable of automated data collection, real-time communication, and advanced analytics. This paper examines the fundamental principles, advantages, and challenges associated with smart metering technology deployment. Key advantages include accurate billing through fine-grained metrology, real-time monitoring capabilities, enhanced energy efficiency via demand response programs, remote operational control, power theft detection, and seamless smart grid integration. However, significant challenges persist, including high installation costs, data privacy concerns, cybersecurity vulnerabilities, technical connectivity issues, limited user awareness, and ongoing maintenance requirements. Through comprehensive analysis of current literature and field deployments, this paper demonstrates that while smart metering delivers measurable operational and consumer benefits, realizing full societal value requires coordinated technical solutions and robust policy frameworks to address cost, privacy, security, and user engagement challenges.

Integrating Management Information Systems (MIS) into business education is crucial for preparing future leaders to navigate technological advancements. The digital revolution, characterized by cloud computing, social media, and mobile systems, has fundamentally transformed business operations and educational delivery. MIS courses equip students with essential technological skills, fostering an environment where proficiency becomes second nature. Innovative tools like MyMISLab, video libraries, and decision-making simulations enhance student engagement by bridging theory and practice. Additionally, teaching ethics and security within MIS curricula is vital; case studies provide insights into the ethical and security challenges of the digital age, preparing students for real-world dilemmas. MIS education also helps students identify emerging job roles by developing non-routine cognitive skills such as critical thinking and problem-solving, essential for data-driven decision-making. Thus, integrating MIS into business curricula is necessary to ensure graduates are equipped to meet future business demands, emphasizing real-world applications and job preparedness.

Deception Detection is still a challenge in security, forensics and high stakes interviews. The conventional approaches such as polygraphs are inaccurate and can be easily tampered. The paper will analyze a multimodal artificial intelligence structure of detecting truthfulness, which involves three complementary modalities: vocal features, linguistic text pattern and facial micro-expression. Machine learning and deep learning are used in the methodology to detect minor and subconscious cues of deception that could be overlooked with single-modality analysis. The system processes acoustic, semantic and syntactic, and micro-expressions as well. Multimodal learning systems combine these cues to make them more robust and less ambiguous, in addition being more accurate. Very initial signs that can be obtained through the current literature and the test of prototypes prove that multimodal fusion is far better than unimodal methods in terms of reliability and usability. The possible uses include border control, fraud detection, law enforcement interrogation, recruitment screening, and digital communication systems in which authenticity seems paramount. The paper is an addition to the developing body of AI-based deception detection by offering a scalable, flexible, and ethically conscious framework.

Abstract - Deepfakes are artificially generated multimedia content that can convincingly mimic real human faces and voices using advanced AI techniques such as Generative Adversarial Networks (GANs). This poses serious ethical, social, and security challenges in digital communication. To address this issue, the proposed project presents a Multimodal Deepfake Detection System that integrates image, video, and audio analysis pipelines within a unified framework. The system employs Efficient Net-based CNN for image forgery detection, CNN combined with Bi-LSTM for temporal video analysis, and a 1D-CNN with LSTM for detecting manipulated or cloned audio. The predictions from these modalities are combined using a Fuzzy Fusion Engine, which intelligently weights each confidence score to produce a final verdict with high accuracy and interpretability. The model is trained using public Deepfake datasets such as Face Forensics++, Celeb-DF, and DFDC, with binary cross-entropy loss, data augmentation, and early stopping to ensure stable convergence and better generalization. The trained models are deployed on Hugging Face Spaces, while the web interface is hosted on Vercel, enabling real-time Deepfake detection for users through a browser interface. This approach enhances detection accuracy by leveraging multimodal evidence (visual, temporal, and auditory), improves generalization across datasets, and provides an explainable and efficient solution to combat the growing threat of Deepfakes. Key Words: Deepfake Detection, Multimodal Learning, Bi-LSTM, Fuzzy Fusion, Convolutional Neural Network (CNN), Face Forensics++, Celeb DF, DFDC, Machine Learning, Real-Time Detection, Hugging Face.

Large Language Models (LLMs) are increasingly deployed across professional and societal domains, introducing security, privacy, and governance challenges beyond traditional software vulnerabilities. Despite extensive research on individual risk categories, a unified lifecycle-oriented perspective connecting architectural properties, adversarial threats, and governance implications remains limited. This review examines security and privacy risks associated with LLMs through a lifecycle framework covering data acquisition, model training, alignment procedures, deployment, and post-deployment interaction. The study synthesizes prior research to construct a taxonomy of threats including prompt injection, jailbreaking, adversarial manipulation, training-stage attacks, privacy leakage, and socio-technical misuse. Ethical issues such as hallucination, bias amplification, and malicious use are analyzed alongside governance and regulatory frameworks. Results indicate that vulnerabilities in LLM systems arise primarily from probabilistic generation mechanisms, large-scale data ingestion, and complex deployment ecosystems rather than isolated implementation defects. Classical software vulnerability models therefore provide only partial coverage of risks associated with generative AI systems. The review is grounded in the concept of the alignment gap to explain how discrepancies between training objectives and real-world interaction contribute to persistent vulnerabilities. The findings highlight the need for lifecycle-oriented defense-in-depth strategies combining technical safeguards, privacy-preserving training, runtime monitoring, and governance mechanisms to support responsible deployment of LLM-based systems.

This Forum discusses how different international actors learn different lessons from Russia’s invasion of Ukraine, and how the logics discernible behind these lessons may define the future shapes of a new international order to substitute the post-1991 system of international relations. In this Forum, a group of scholars discuss the lessons learned from the perspective of Europe’s normative credentials, demonstrating tensions between idea(l)s of liberal normativity and practices of security governance. Together, these contributions suggest that contemporary security challenges require not merely new applications of existing theories, but fundamental reconsideration of how protection, threat identification, and institutional adaptation operate under war conditions. They point towards a research agenda focused on understanding when and why security governance produces its own contradictions, and what this means for both theoretical development and policy practice. With all the different interpretations in mind, what unites all the contributions to this Forum is the connection between lesson learning and agency that is built on this cognitive basis and defines where international actors stand regarding issues of normativity and security.

Abstract— In the evolving digital landscape, cloud computing has become a cornerstone for scalable and flexible IT infrastructure. However, the rapid adoption of cloud services introduces a wide range of security threats, compliance challenges, and operational risks. This paper, From Threats to Trust: Securing Cloud Infrastructure through Resilience and Compliance presents a comprehensive analysis of cloud security challenges and explores effective mitigation strategies to enhance resilience and regulatory adherence. The study examines critical issues such as data breaches, insider threats, vendor lock-in, insecure interfaces, and distributed denial-of-service (DDoS) attacks within cloud environments. It further highlights the importance of robust security mechanisms, including identity and access management, encryption techniques, continuous monitoring, intrusion detection systems, and secure key management. Emphasis is also placed on compliance with global data protection regulations and the implementation of governance frameworks. By integrating best practices with proactive risk management approaches, this paper provides a structured framework for building secure, resilient, and compliant cloud infrastructures. The findings aim to support organizations in strengthening their security posture, ensuring data integrity and availability, and fostering trust in cloud-based systems. Keywords— Cloud Security, Cloud Computing, Identity and Access Management and Intrusion Detection Systems.

Despite its continued growth, cloud computing remains susceptible to significant security challenges, as shared virtualised environments pose threats at multiple levels. These vulnerabilities are caused by a lack of security coverage in the responsibility model between the provider and the tenant. In this work, we propose the multi-layered architecture VIRTUOSO (VIRTual Unified Operation Security Optimiser) to cover these security gaps through advanced automation and ML. VIRTUOSO has four layers. The Input Layer extracts key risk components from collected telemetry data. The Deep Automation Security Layer provides automated actions and continuous monitoring of security defences. Its counterpart, the Intelligent Security Layer, predicts threats using anomaly detection. The last layer, the Output Layer, returns an aggregated risk summary. The datasets we used were chosen for their relevance: the UNSW-NB15 dataset, a subset of the web-attack classification from CSE-CIC-IDS2018, and a sample of anonymised log events from AWS CloudTrail. Our ensemble classifiers achieve a best accuracy of 95.08% ± 0.13% on UNSW-NB15 (RF), with statistically significant differences among models confirmed by the Friedman test (p &lt; 0.004) and Nemenyi post hoc analysis, and 99.25% ± 0.52% on web-attack (CatBoost), where ensemble differences are not statistically significant (p = 0.093), consistent with the high separability of this dataset. The training-test gap and DNN curves show no overfitting, whereas our adversarial tests show a maximum accuracy loss of 8.1% at ε = 0.02. With these promising results, we can assert that, pending verification in an actual cloud environment and potential integration with FL, our ensemble classifier model appears to be a good real-world prototype.

Cloud-based storage has become a widely adopted solution for managing and sharing digital data due to its flexibility, scalability, and cost efficiency; however, it introduces critical security challenges such as unauthorized access, data leakage, and weak authentication mechanisms. Traditional cloud systems often rely on password-based authentication and server-side encryption, which remain vulnerable if the infrastructure is compromised, potentially exposing sensitive information. To address these limitations, this work proposed a secure cloud file storage and sharing model that emphasized robust data protection and controlled accessibility. The system incorporated Multi-Factor Authentication (MFA), where users authenticated using a combination of passwords and One-Time Passwords (OTP) delivered via Simple Mail Transfer Protocol (SMTP), thereby enhancing login security. For data protection, Advanced Encryption Standard–Galois/Counter Mode (AES-GCM) was employed to encrypt files efficiently, while Rivest–Shamir–Adleman (RSA) was utilized for secure key exchange, ensuring that encryption keys remained protected. All files were encrypted before storage, eliminating the risk of plaintext exposure. Additionally, Access Control Lists (ACL) mechanisms were implemented to enable secure file sharing among authorized users only. To ensure data integrity, Secure Hash Algorithm (SHA-256) hashing was applied during file upload, allowing verification of file authenticity and detection of tampering. Files were decrypted only after validating access permissions. Furthermore, the system maintained detailed activity logs, ensuring traceability and accountability.

The article examines the managerial aspects of the implementation of basic military training in higher education institutions of Ukraine under martial law and the transformation of state policy in the field of national security and defense. It is substantiated that the implementation of basic military training is a response to modern security challenges and is aimed at forming citizens' readiness to defend the state, as well as increasing the resilience of society. The regulatory and legal principles for the implementation of this training are determined, in particular the role of legislation on national resistance and by-laws regulating its organization in higher education institutions. The scientific approaches to understanding basic military training as a multi-level system combining theoretical, pedagogical, legal and methodological components are analyzed, and the insufficient development of its managerial dimension is established. It is substantiated that the effectiveness of the implementation of basic military training depends on the quality of public administration, interdepartmental coordination, resource provision and organizational mechanisms for its implementation. Particular attention is paid to the specifics of the implementation of basic military training in the pharmaceutical education system, where it provides a combination of professional training with elements of medical and logistical support of military formations. It is shown that the integration of military training into the training of future pharmacists contributes to the formation of complex competencies necessary for activities in wartime and emergency situations. It is determined that basic military training in higher education institutions is an important management mechanism for implementing state policy aimed at increasing defense capabilities, developing institutional and social stability, as well as training specialists for activities in conditions of military and post-crisis transformations. The need for further improvement of management approaches, regulatory support and interagency cooperation in this area is substantiated.

The article examines the role of the National Police of Ukraine in ensuring the stability of territorial communities in the face of modern security challenges and full-scale armed aggression against Ukraine. It is substantiated that the stability of territorial communities is an important component of the national security of the state, since it is at the local level that the vital activity of the population, maintenance of public security, response to crisis situations and protection of critical infrastructure are ensured. Scientific approaches to understanding the categories of “territorial community”, “community capacity” and “stability” are analyzed, and modern research devoted to the functioning of territorial communities and the role of law enforcement agencies in ensuring public security is considered. It is established that the effectiveness of the functioning of communities largely depends on the interaction of local government bodies, military administrations, state institutions and law enforcement agencies. Particular attention is paid to the analysis of the regulatory and legal principles for ensuring the stability of territorial communities under martial law, in particular legislative changes aimed at increasing the efficiency of management decisions and coordination between public administration entities. It is proven that the National Police of Ukraine is an important entity for ensuring the internal stability of the state and plays a key role in forming a safe environment at the local level. The article reveals the main areas of police activity during martial law, including maintaining public order, combating crime and looting, protecting critical infrastructure, participating in evacuation and humanitarian measures, combating information threats and cybercrime. It is substantiated that an important element of ensuring the stability of communities is the partnership between the police and local governments, public organizations and the population. A special role in this process is played by the development of the “Community Police Officer” project, which contributes to increasing the level of trust in law enforcement agencies and strengthening preventive activities. It has been established that the role of the National Police in ensuring the stability of territorial communities is implemented through a system of interrelated functions: preventive, security, coordination, communication and partnership, and reactive in crisis conditions.

There is no denying either the importance of the Baltic Sea or the strategic importance of the Kola Peninsula to Russia’s military deterrent. It is in Russia’s interest to secure the use of these areas for all eventualities. The country’s armed forces are expected to increase in size in the coming years, and this will result in both changes to the force structure and the establishment of new forces, especially on the borders of north-west Russia. Alongside this, the inevitable thawing of the Northeast Passage will bring new challenges and actors to the region, impacting the general security situation there. In the current situation, where transatlantic relations are in a state of flux, it is important that the EU and NATO’s European member states also prepare for China to become more aggressive in terms of its military capabilities in the northern regions.

The Russo-Ukrainian war, the potential expansion of the EU’s border on the eastern shore of the Black Sea, the ongoing pressing need for the diversification of the EU’s energy resources, the strategic interest in gaining access to the vast reserves of critically important minerals in Central Asia and, finally, the recent outbreak of a new violent conflict in Iran, have all turned the Black Sea region into an important strategic hotspot for the EU. As the ‘buffer zone’ between the EU and Russia, which is likely to remain a security challenge for Europe for some time to come, becomes thinner, the EU needs to seriously upgrade its policy on the Black Sea region. This article reviews the EU’s approach. It argues that while the EU’s new strategy for the region offers promise, its implementation will require the EU to live up to its potential as a geopolitical actor in this volatile space.

In Norway, children are entitled to all individual and collective rights under the UN Convention on the Rights of the Child (CRC), while parents play an important role in facilitating access to these rights. However, conflicts may arise when a teenager’s right to freedom of association clashes with their parents’ religious beliefs and identity. This article studies the ontological (in)security challenge faced by Muslim parents in Norway when their teenage children choose to participate in confirmation rites. The article explores how Muslim parents navigate the tension between their responsibility to pass on religious beliefs and identity to their children and their children’s assertion of the right to freedom of association with peer groups. The study is based on a pilot survey of Muslim parents whose children participated in confirmation rites at the Norwegian Humanist Association (NHA).

Robotic systems in internet of things: addressing security challenges through threat modeling and penetration testing

Emerging technologies, such as artificial intelligence (AI), quantum computing, and cybersecurity, are rapidly evolving, and their individual impacts on our lives are already perceptible. Every day, we hear about innovative solutions to global health, climate, and security challenges by leveraging advances in healthcare, finance, energy, and manufacturing.

The increasing computerization of organizations creates major challenges in information systems security and IT risk management. The complexity of modern infrastructures, characterized by their interconnectedness, increases the attack surface and makes risk management more critical. This article proposes an innovative hybrid approach, combining the EBIOS methodology with frameworks such as the Cyber Kill Chain, ISO/IEC 27005, and MEHARI, to strengthen information systems security through more comprehensive and dynamic risk analysis and treatment. This approach begins with context analysis and threat source identification using EBIOS, followed by the construction of detailed attack scenarios based on the Cyber Kill Chain model. Quantitative risk assessment is enhanced by MEHARI, while ISO/IEC 27005 ensures governance and the definition of treatment options. The adopted approach thus facilitates a better understanding of threats, more precise risk prioritization, operational anticipation of attacks, and continuous management. It also allows organizations to adapt their security strategies in the face of constantly evolving cyber threats and technologies, offering a more robust and resilient solution than methods used in isolation.

Detecting vulnerabilities in smart contracts is a critical challenge for blockchain security, as flaws such as reentrancy, timestamp dependence, and infinite loops have resulted in severe financial losses in decentralized systems. Accurate and interpretable detection of these vulnerabilities remains challenging due to the complex semantics of smart contract code. In this study, we propose a multimodal hybrid recurrent framework for smart contract vulnerability detection that integrates sequential and structural code representations. The framework introduces a Selective Subpattern Activation (SSA) mechanism, which highlights vulnerability-indicative code subpatterns during the pattern extraction phase and provides interpretable insights into model predictions. Pattern-based features enhanced by SSA are processed using a Bidirectional Gated Recurrent Unit (BiGRU), while structural features derived from control and data flow representations are modeled using a Bidirectional Long Short-Term Memory (BiLSTM) network. The proposed approach is evaluated on a publicly available Ethereum smart contract dataset using five independent experimental runs, with results reported as averages. The results show that the framework achieves an accuracy of 92.16% and an F1 score of 88.83% for reentrancy vulnerability detection, achieving higher performance compared to baseline deep learning and graph-based models. Ablation experiments are performed to demonstrate the contribution of the SSA mechanism to both detection performance and interpretability.