Richard Mathenge^*, Catherine Mukunga, Ephantus Mwangi

Journal of Cyber Security, Vol.8, pp. 129-151, 2026, DOI:10.32604/jcs.2026.077183 - 11 March 2026

Abstract The rapid digitization of microfinance institutions (MFIs) has strengthened financial inclusion but has simultaneously increased exposure to phishing attacks and other cybersecurity threats driven by organizational, technical, and human vulnerabilities. Grounded in socio-technical systems theory, this systematic analysis evaluates AI-based mitigation strategies, with particular emphasis on gated recurrent unit (GRU) architectures. It compares them with Transformer and LSTM models. GRUs are prioritized due to their computational efficiency and suitability for low-resource environments typical of digital MFIs. Following PRISMA 2020 guidelines, 32 empirical studies published between January 2012 and April 2025 were analyzed from the Web… More >

Mostafa Mohamed Ahmed Mohamed Alsaedy^1,*, Haitham A. Ghalwash²

Journal of Cyber Security, Vol.8, pp. 111-127, 2026, DOI:10.32604/jcs.2026.077021 - 24 February 2026

Abstract Mobile payment applications processed trillions of dollars globally in 2024, making them extremely profitable targets for attackers exploiting Android manifest vulnerabilities. Current security solutions demonstrate critical weaknesses; previous hardware-attestation frameworks, such as SafetyNet, demonstrated susceptibility to evasion by sophisticated dynamic instrumentation tools. While the Google Play Integrity API improves upon this baseline, it adds noticeable latency overhead, and traditional code signing cannot detect runtime permission manipulations. This research introduces SM-AAPIV (Split Merkle Android Apps Permissions Integrity Verifier), a novel cryptographic framework that partitions Merkle tree verification across hardware-isolated segments using the Android Keystore, achieving 99.89%… More >

Kwabena Owusu-Mensah^*, Edward Danso Ansong , Kofi Sarpong Adu-Manu, Winfred Yaokumah

Journal of Cyber Security, Vol.8, pp. 33-92, 2026, DOI:10.32604/jcs.2026.074265 - 20 January 2026

Abstract The rapid growth of digital payment systems and remote financial services has led to a significant increase in Card-Not-Present (CNP) fraud, which is now the primary source of card-related losses worldwide. Traditional rule-based fraud detection methods are becoming insufficient due to several challenges, including data imbalance, concept drift, privacy concerns, and limited interpretability. In response to these issues, a systematic review of twenty-four CNP fraud detection frameworks developed between 2014 and 2025 was conducted. This review aimed to identify the technologies, strategies, and design considerations necessary for adaptive solutions that align with evolving regulatory standards.… More >

Fatemeh Ahmadi Abkenari^*, Melika Zandi, Shanmugapriya Gopalakrishnan

Journal of Cyber Security, Vol.8, pp. 93-109, 2026, DOI:10.32604/jcs.2026.074197 - 20 January 2026

Abstract Nowadays, cyberattacks are considered a significant threat not only to the reputation of organizations through the theft of customers’ data or reducing operational throughput, but also to their data ownership and the safety and security of their operations. In recent decades, machine learning techniques have been widely employed in cybersecurity research to detect various types of cyberattacks. In the domain of cybersecurity data, and especially in Trojan detection datasets, it is common for datasets to record multiple statistical measures for a single concept. We referred to them as SWMF features in this paper, which include… More >

Samuel Acheme^*, Glory Nosawaru Edegbe

Journal of Cyber Security, Vol.8, pp. 1-31, 2026, DOI:10.32604/jcs.2026.073923 - 07 January 2026

Abstract Federated learning (FL) enables collaborative model training across decentralized datasets, thus maintaining the privacy of training data. However, FL remains vulnerable to malicious actors, posing significant risks in privacy-sensitive domains like healthcare. Previous machine learning trust frameworks, while promising, often rely on resource-intensive blockchain ledgers, introducing computational overhead and metadata leakage risks. To address these limitations, this study presents a novel Decentralized Identity (DID) framework for mutual authentication that establishes verifiable trust among participants in FL without dependence on centralized authorities or high-cost blockchain ledgers. The proposed system leverages Decentralized Identifiers (DIDs) and Verifiable Credentials… More >

MD Hamid Borkot Tulla^1,*, MD Moniur Rahman Ratan², Rashid MD Mamunur³, Abdullah Hil Safi Sohan⁴, MD Matiur Rahman⁵

Journal of Cyber Security, Vol.7, pp. 675-691, 2025, DOI:10.32604/jcs.2025.074737 - 24 December 2025

Abstract Phishing is considered one of the most widespread cybercrimes due to the fact that it combines both technical and human vulnerabilities with the intention of stealing sensitive information. Traditional blacklist and heuristic-based defenses fail to detect such emerging attack patterns; hence, intelligent and transparent detection systems are needed. This paper proposes an explainable machine learning framework that integrates predictive performance with regulatory accountability. Four models were trained and tested on a balanced dataset of 10,000 URLs, comprising 5000 phishing and 5000 legitimate samples, each characterized by 48 lexical and content-based features: Decision Tree, XGBoost, Logistic… More >

Sapan Pandya^*

Journal of Cyber Security, Vol.7, pp. 637-651, 2025, DOI:10.32604/jcs.2025.073670 - 24 December 2025

Abstract Ransomware has evolved from opportunistic malware into a global economic weapon, crippling critical services and extracting billions in illicit revenue. While most research has centered on enterprise networks and healthcare systems, an equally vulnerable frontier is emerging in lottery and betting kiosks—self-service financial Internet of Things (IoT) devices that handle billions of dollars annually. These terminals operate unattended, rely on legacy operating systems, and interact with sensitive transactional data, making them prime ransomware targets. This paper introduces a Resilient Security Framework (RSF) for kiosks under ransomware threat conditions. RSF integrates three defensive layers: (1) prevention… More >

Mostafa Mohamed Ahmed Mohamed Alsaedy^1,*, Atef Zaki Ghalwash¹, Aliaa Abd Elhalim Yousif², Safaa Magdy Azzam¹

Journal of Cyber Security, Vol.7, pp. 653-674, 2025, DOI:10.32604/jcs.2025.073547 - 24 December 2025

Abstract Mobile financial applications and payment systems face significant security challenges from reverse engineering attacks. Attackers can decompile Android Package Kit (APK) files, modify permissions, and repackage applications with malicious capabilities. This work introduces E-AAPIV (Enhanced Android Apps Permissions Integrity Verifier), an advanced framework that uses Merkle Tree technology for real-time manifest integrity verification. The proposed system constructs cryptographic Merkle Tree from AndroidManifest.xml permission structures. It establishes secure client-server connections using Elliptic Curve Diffie-Hellman Protocol (ECDH-P384) key exchange. Root hashes are encrypted with Advanced Encryption Standard-256-Galois/Counter Mode (AES-256-GCM), integrated with hardware-backed Android Keystore for enhanced security. More >

Chunyong Yin, Williams Kyei^*

Journal of Cyber Security, Vol.7, pp. 615-635, 2025, DOI:10.32604/jcs.2025.072740 - 24 December 2025

Abstract The evolving sophistication of network threats demands anomaly detection methods that are both robust and adaptive. While autoencoders excel at learning normal traffic patterns, they struggle with complex feature interactions and require manual tuning for different environments. We introduce the Adaptive Robust AutoEncoder (ARAE), a novel framework that dynamically balances reconstruction fidelity with latent space regularization through learnable loss weighting. ARAE incorporates multi-head attention to model feature dependencies and fuses multiple anomaly indicators into an adaptive scoring mechanism. Extensive evaluation on four benchmark datasets demonstrates that ARAE significantly outperforms existing autoencoder variants and classical methods, More >

Mircea Ţălu^1,2,*

Journal of Cyber Security, Vol.7, pp. 565-587, 2025, DOI:10.32604/jcs.2025.073690 - 11 December 2025

Abstract The rapid proliferation of Internet of Things (IoT) devices has intensified the demand for cryptographic solutions that balance security, performance, and resource efficiency. However, existing studies often focus on isolated algorithmic families, lacking a comprehensive structural and experimental comparison across diverse lightweight cryptographic designs. This study addresses that gap by providing an integrated analysis of modern lightweight cryptographic algorithms spanning six structural classes—Substitution–Permutation Network (SPN), Feistel Network (FN), Generalized Feistel Network (GFN), Addition–Rotation–XOR (ARX), Nonlinear Feedback Shift Register (NLFSR), and Hybrid models—evaluated on resource-constrained IoT platforms. The key contributions include: (i) establishing a unified benchmarking… More >