The paper introduces STRIKE, a multi-dimensional structured taxonomy designed to provide a comprehensive and unified framework for classifying the rapidly evolving complexity of modern cybercrimes.

The paper analyzes the real threat of GenAI in cybercrime, arguing that while high-end automation (Stand-Alone Complex) is possible, current adoption is low and primarily affects skilled actors, sugge…

This paper uses Colonel Blotto game models, grounded in Routine Activity Theory, to determine the optimal allocation of defensive resources against social engineering attacks, providing data-driven de…

The paper proposes CyberAId, a hybrid multi-agent system designed to enhance cybersecurity for financial institutions by integrating specialized LLM subagents with existing SIEM/XDR telemetry, address…

This paper systematically analyzes 123 publications on anti-forensics to quantify techniques and attack vectors, identify research patterns, and propose directions for a more coherent and ethical unde…

The paper forecasts that agentic AI will compress the cyber attack lifecycle by lowering the cost of multiple attack stages, necessitating immediate operational security upgrades for enterprises and t…

This study provides a longitudinal analysis of dark web content, revealing that cybercrime discussions are dominated by a few persistent core topics rather than rapidly shifting themes.

This study provides the first measurement of authentication security in real-world remote Model Context Protocol (MCP) servers, finding pervasive and critical authentication weaknesses, particularly i…

The paper proposes S3CDM, a secret-sharing-scheme-based model that enhances cyberattack detection, particularly against insider threats, by distributing authentication secrets across multiple network…

This study empirically measures the consistency and success rate of autonomous LLM penetration testing across multiple services, finding statistically significant differences in exploitation capabilit…

This study empirically measures the consistency and effectiveness of autonomous LLM penetration testing across multiple services, finding statistically significant differences in exploitation rates am…

The paper systematically analyzes 36 existing and proposed digital payment system designs to identify recurring patterns, technical trade-offs, and implementation challenges relevant for future Centra…

The paper proposes a dynamic queueing framework that estimates an organization's cyber resources and attack surface dynamics by analyzing the timestamps of vulnerabilities and fixes, achieving high ac…

The paper analyzes the CIIM risk model using postphenomenology, arguing that such formal models act as mediating artifacts that fundamentally shape how cybersecurity practitioners perceive and respond…

This cross-national review analyzed government cybersecurity guidance for smart homes, finding that while general security advice is abundant, structured, step-by-step incident response guidance is ra…

By analyzing over 27,000 posts from 325 public ransomware leak sites, this paper demonstrates that ransomware groups exhibit non-random, predictable operational regularities concerning victim concentr…

The paper introduces a novel six-agent AI architecture for cybersecurity risk assessment, demonstrating high accuracy and speed compared to human experts, though its performance is ultimately limited…

The paper argues that over-engineered university cybersecurity protocols, while necessary, create significant accessibility barriers that disproportionately harm remote international students, particu…

This paper introduces and evaluates a scalable, reproducible 'CTF as a Service' (CaaS) platform designed to simplify the infrastructure management required for cybersecurity training.

The paper introduces a large, consensus-labeled prompt bank that reliably distinguishes between requests for executable malicious code and requests for harmful security knowledge, providing a standard…