ArXivCSExplorer
☆☆Bookmarks🏆RSSHow to UseFAQ
Built with and by Teycir Ben Soltane•
How to Use•FAQ•GitHub•arXiv.org•
Share:

~ similar to 2604.21604v1· 20 results

cs.CRRecentMay 6, 2026

Evaluating the Reliability of Multiple Large Language Models in Risk Assessment: A CIS Controls Based Approach

Gustavo Roberto Pinto, Arthur do Prado Labaki, Rodrigo Sanches Miani

The study compared the cybersecurity risk assessment capabilities of five popular large language models (LLMs) against human experts, finding that LLMs consistently underestimated risks and require ma…

View →
cs.CRcs.ETRecentApr 23, 2026

Risk Models as Mediating Artifacts: A Postphenomenological Analysis of the CIIM Framework in Cybersecurity Practice

Rommel Salas-Guerra

The paper analyzes the CIIM risk model using postphenomenology, arguing that such formal models act as mediating artifacts that fundamentally shape how cybersecurity practitioners perceive and respond…

View →
cs.CRcs.HCRecentMay 23, 2026

Routing Cybersecurity Awareness Training by FFM Personality Trait: A Quasi-Experimental Evaluation

Glory Okwata, Mohammad A. Razzaque

This study evaluated a personality-conditional cybersecurity training system, TailoredSec, finding that routing content based on a user's Five-Factor Model (FFM) trait significantly improved post-trai…

View →
cs.CRcs.CYRecentMay 20, 2026

Profiling User Vulnerability to Phishing Through Psychological and Behavioral Factors

Valeria Formisano, Danilo Gentile, Gennaro Esposito Mocerino, Michela Ponticorvo +3 more

This study profiles user vulnerability to phishing by identifying key psychological and behavioral factors, revealing that most users are high-risk due to hasty decision-making rather than lacking tec…

View →
cs.CRRecentMay 10, 2026

Operationalizing Cybersecurity Governance for Mitigation Planning with Attack-Path Modeling and Reinforcement Learning

Philip Huff, Dakota Dale, Harshith Guduru, Rohan Singh +1 more

The paper proposes a system that operationalizes cybersecurity governance frameworks by integrating them with attack-path modeling and Deep Reinforcement Learning to generate practical, resource-const…

View →
cs.CRcs.GTRecentMay 11, 2026

Cybercrime and Prevention: Colonel Blotto in Social Engineering

Gergely Benkő, Katalin Parti, Gergely Biczók

This paper uses Colonel Blotto game models, grounded in Routine Activity Theory, to determine the optimal allocation of defensive resources against social engineering attacks, providing data-driven de…

View →
cs.CRcs.SERecentMar 22, 2026

SkillProbe: Security Auditing for Emerging Agent Skill Marketplaces via Multi-Agent Collaboration

Zihan Guo, Zhiyu Chen, Xiaohang Nie, Jianghao Lin +2 more

The paper proposes SkillProbe, a multi-agent security auditing framework, demonstrating that high-popularity skills in LLM agent marketplaces are often insecure due to systemic combinatorial risks.

View →
cs.CRcs.CYcs.HCRecentJun 1, 2026

Human Factors in Cybersecurity in Icelandic Small and Medium-sized Enterprises

Goda Cicėnaitė, Thomas Welsh, Helmut Neukirchen

This study surveyed Icelandic organizations to find that human factors, such as poor training and culture, pose significant cybersecurity risks that often bypass technical controls.

View →
cs.CRRecentMay 26, 2026

Assessor Experiences in CMMC Level 2 Certification Assessments: An Interpretative Phenomenological Analysis of Role Expectations

Samuel Heuchert, John Hastings

This study explores how CMMC assessors navigate the conflicting role expectations of maintaining impartiality within a non-consultative assessment model, finding that they rely on technical competence…

View →
eess.SYcs.AIcs.CRRecentMar 20, 2026

An Agentic Multi-Agent Architecture for Cybersecurity Risk Management

Ravish Gupta, Saket Kumar, Shreeya Sharma, Maulik Dang +1 more

The paper introduces a novel six-agent AI architecture for cybersecurity risk assessment, demonstrating high accuracy and speed compared to human experts, though its performance is ultimately limited…

View →
cs.CRRecentMar 24, 2026

Security Barriers to Trustworthy AI-Driven Cyber Threat Intelligence in Finance: Evidence from Practitioners

Emir Karaosman, Advije Rizvani, Irdin Pekaric

This paper investigates the practical barriers preventing the trustworthy deployment of AI-driven Cyber Threat Intelligence (CTI) in the highly regulated financial sector, identifying four key socio-t…

View →
econ.GNcs.AIcs.CRRecentApr 24, 2026

The Security Cost of Intelligence: AI Capability, Cyber Risk, and Deployment Paradox

Sukwoong Choi

The paper models the trade-off between deploying increasingly capable AI systems and managing associated cyber risks, finding a 'deployment paradox' where high-loss environments with weak governance l…

View →
cs.CRRecentApr 10, 2026

Hagenberg Risk Management Process (Part 3): Operationalization, Probabilities, and Causal Analysis

Eckehard Hermann, Harald Lampesberger

The paper introduces a comprehensive framework, Realtime Risk Studio, that operationalizes qualitative risk models (Bowtie diagrams) into formal, probabilistic, and intervention-ready runtime models u…

View →
cs.CRcs.AIRecentApr 11, 2026

Like a Hammer, It Can Build, It Can Break: Large Language Model Uses, Perceptions, and Adoption in Cybersecurity Operations on Reddit

Souradip Nath, Chih-Yi Huang, Aditi Ganapathi, Kashyap Thimmaraju +2 more

Analyzing Reddit discussions, the paper finds that while security practitioners see LLMs as useful for boosting productivity, their adoption is constrained by concerns over reliability, verification,…

View →
cs.HCcs.CRRecentMay 22, 2026

From Preventive to Reactive: How AI Coding Assistants Transform Developers' Security Awareness

Faisal Haque Bappy, Tahrim Hossain, Sidratul Muntaher Meheraj, Annoor Sharara Akhand +4 more

The paper investigates how AI coding assistants shift developers' security focus from proactive prevention to reactive review, finding that this structural change is reinforced by current tool interac…

View →
cs.CRcs.AIRecentMay 11, 2026

Threat Modelling using Domain-Adapted Language Models: Empirical Evaluation and Insights

Saba Pourhanifeh, AbdulAziz AbdulGhaffar, Ashraf Matrawy

The paper empirically evaluates domain-adapted and general-purpose LLMs for structured threat modelling (STRIDE on 5G security), finding that domain adaptation and model size do not guarantee reliable…

View →
cs.CRcs.ETcs.HCRecentMar 30, 2026

"What Did It Actually Do?": Understanding Risk Awareness and Traceability for Computer-Use Agents

Zifan Peng, Mingchen Li

The paper addresses the lack of user understanding regarding the actions and residual effects of advanced computer-use agents by proposing AgentTrace, a traceability framework for visualizing agent be…

View →
cs.HCcs.AIcs.CLRecentMay 28, 2026

Inform, Coach, Relate, Listen: Auditing LLM Caregiving Support Roles

Drishti Goel, Agam Goyal, Veda Duddu, Olivia Pal +7 more

This study demonstrates that an LLM's assigned support role (e.g., Inform, Coach, Relate) significantly alters its safety profile and the types of risks it presents when assisting users in complex car…

View →
cs.CRRecentApr 2, 2026

Evolution and Perspectives of the Keep IT Secure Ecosystem:A Six-Year Analysis of Cybersecurity Experts Supporting Belgian SMEs

Christophe Ponsard, Jean-François Daune, Denis Darquennes, Malik Bouhou +1 more

This paper analyzes a six-year cybersecurity initiative in Belgium, demonstrating how structured expert validation and networking can significantly improve the cybersecurity posture of Small and Mediu…

View →
cs.CRcs.CYRecentMar 23, 2026

Cybersecurity Guidance for Smart Homes: A Cross-National Review of Government Sources

Victor Jüttner, Erik Buchmann

This cross-national review analyzed government cybersecurity guidance for smart homes, finding that while general security advice is abundant, structured, step-by-step incident response guidance is ra…

View →