Engineering Proceedings

Editorial

Jump to: Other

2 pages, 136 KB

Open AccessEditorial

Preface to the First Summer School on Artificial Intelligence in Cybersecurity

by Luis Javier García Villalba, Héctor Manuel Pérez Meana, Gabriel Sánchez Pérez and Ana Lucila Sandoval Orozco

Eng. Proc. 2026, 123(1), 1; https://doi.org/10.3390/engproc2026123001 - 13 Jan 2026

Viewed by 164

Abstract

The First Summer School on Artificial Intelligence in Cybersecurity (CYBER-AI 2025) was held at the Instituto Politécnico Nacional (IPN), Cancún, Mexico, from 3rd to 7th November 2025 [...] Full article

(This article belongs to the Proceedings of First Summer School on Artificial Intelligence in Cybersecurity)

Other

Jump to: Editorial

13 pages, 517 KB

Open AccessProceeding Paper

Reinforcement Learning for the Optimization of Adaptive Intrusion Detection Systems

by Óscar Mogollón-Gutiérrez, David Escudero García, José Carlos Sancho Núñez and Noemí DeCastro-García

Eng. Proc. 2026, 123(1), 2; https://doi.org/10.3390/engproc2026123002 - 29 Jan 2026

Viewed by 50

Abstract

Network intrusion detection is an activity of increasing importance due to the annual rise in attacks. In the literature, the use of machine learning solutions is one of the most common mechanisms for improving the performance of detection systems. One of the main [...] Read more.

Network intrusion detection is an activity of increasing importance due to the annual rise in attacks. In the literature, the use of machine learning solutions is one of the most common mechanisms for improving the performance of detection systems. One of the main problems with these approaches is data imbalance: the volume of malicious traffic is much lower than normal traffic, making it difficult to create an effective model. The use of ensemble models, which combine several individual models, can increase robustness against data imbalance. To try to improve the effectiveness of ensemble models against imbalance, in this work, we apply reinforcement learning to combine the individual predictions of the ensemble models, with the objective of improving predictions compared to classic weighted voting algorithms. Full article

(This article belongs to the Proceedings of First Summer School on Artificial Intelligence in Cybersecurity)

► Show Figures

Figure 1

5 pages, 801 KB

Open AccessProceeding Paper

From Pose to Pitch: Classifying Baseball Pitch Types with Projection-Gated ST-GCN

by Sergio Huesca-Flores, Gibran Benitez-Garcia, Oswaldo Juarez-Sandoval, Hiroki Takahashi, Hector Perez-Meana and Mariko Nakano-Miyatake

Eng. Proc. 2026, 123(1), 3; https://doi.org/10.3390/engproc2026123003 - 29 Jan 2026

Viewed by 51

Abstract

We present a skeleton-based approach to baseball pitch type classification from broadcast video. We leverage Human Pose Estimation and an ST-GCN architecture, improved with a projection-gated temporal downsampler, to learn kinematic signatures of the pitcher’s body, adaptively selecting the most informative frames, enabling [...] Read more.

We present a skeleton-based approach to baseball pitch type classification from broadcast video. We leverage Human Pose Estimation and an ST-GCN architecture, improved with a projection-gated temporal downsampler, to learn kinematic signatures of the pitcher’s body, adaptively selecting the most informative frames, enabling pitch type classification without the need for ball tracking. On the MLB-YouTube dataset, our proposed method reaches ~62% six-class accuracy, highlighting body mechanics as a practical biometric cue. Full article

(This article belongs to the Proceedings of First Summer School on Artificial Intelligence in Cybersecurity)

► Show Figures

Figure 1

5 pages, 173 KB

Open AccessProceeding Paper

From Camera to Algorithm: OpenCV and AI Workshop for the Cybersecurity of the Future

by Pablo Natera-Muñoz, Fernando Broncano-Morgado and Pablo Garcia-Rodriguez

Eng. Proc. 2026, 123(1), 4; https://doi.org/10.3390/engproc2026123004 - 30 Jan 2026

Viewed by 52

Abstract

Artificial vision and artificial intelligence (AI) are increasingly interconnected in cybersecurity. This work presents an overview of OpenCV-based visual computing as a core tool for intelligent security systems that analyze real-time visual data. It includes practical exercises on face, edge, motion, and color [...] Read more.

Artificial vision and artificial intelligence (AI) are increasingly interconnected in cybersecurity. This work presents an overview of OpenCV-based visual computing as a core tool for intelligent security systems that analyze real-time visual data. It includes practical exercises on face, edge, motion, and color detection, forming the basis for advanced object recognition using YOLOv10. Real applications, such as document processing and camera-based anomaly detection, are implemented in a microservice architecture with OpenCV, and deep learning frameworks. Integrating computer vision and AI is shown to be essential for developing resilient and autonomous cybersecurity infrastructures. Full article

(This article belongs to the Proceedings of First Summer School on Artificial Intelligence in Cybersecurity)

5 pages, 484 KB

Open AccessProceeding Paper

Dynamic Facial Expression Recognition by Concatenation of Raw, Semi-Raw, and Distance Features

by Jose Sotelo-Barrales, Mariko Nakano-Miyatake, David Mata-Mendoza, Hector Perez-Meana and Enrique Escamilla-Hernandez

Eng. Proc. 2026, 123(1), 5; https://doi.org/10.3390/engproc2026123005 - 2 Feb 2026

Viewed by 67

Abstract

We propose a method for dynamic facial expression recognition that integrates three complementary feature streams from video sequences: (1) raw texture features extracted with EfficientNet-B0, (2) deep geometric features from face mesh representations (semi-raw, EfficientNet-B0), and (3) explicit geometric features derived from facial [...] Read more.

We propose a method for dynamic facial expression recognition that integrates three complementary feature streams from video sequences: (1) raw texture features extracted with EfficientNet-B0, (2) deep geometric features from face mesh representations (semi-raw, EfficientNet-B0), and (3) explicit geometric features derived from facial landmark distances. After refinement with Neighborhood Component Analysis (NCA), features are concatenated and fed to Bi-LSTM modeling temporal dynamics. The method achieved 58.25% (UAR) and 58.40% (WAR) on CREMA-D, and it achieved 82.81% (UAR) and 82.99% (WAR) on RAVDESS. The Bi-LSTM contains 8.68 M parameters, while the EfficientNet-B0 feature extractors add approximately 4 M parameters. Full article

(This article belongs to the Proceedings of First Summer School on Artificial Intelligence in Cybersecurity)

► Show Figures

Figure 1

5 pages, 433 KB

Open AccessProceeding Paper

Exploring the Real Capabilities of the Flipper Zero

by Francisco Javier Muñoz-Ruiz, Agustín Javier Di-Bartolo, Fernando Broncano-Morgado, Belén M. Ramírez-Gabardino and Mar Ávila

Eng. Proc. 2026, 123(1), 6; https://doi.org/10.3390/engproc2026123006 - 2 Feb 2026

Viewed by 151

Abstract

Wireless devices are increasingly used today, and the presence of vulnerabilities represents a significant risk to modern security systems. This study analyzes the different functionalities of the Flipper Zero device and its capability to compromise everyday systems. Through various tests and an exhaustive [...] Read more.

Wireless devices are increasingly used today, and the presence of vulnerabilities represents a significant risk to modern security systems. This study analyzes the different functionalities of the Flipper Zero device and its capability to compromise everyday systems. Through various tests and an exhaustive analysis of its infrared, RFID/NFC, sub-GHz, USB, and Bluetooth functionalities, several critical vulnerabilities were identified, such as access credential emulation and interference with remote control signals. These results demonstrate that the device is a highly versatile and useful tool for performing security audits, not only improving traditional testing methods but also opening new possibilities for developing more resilient defense systems. However, it also poses a potential risk if misused for malicious purposes. Full article

(This article belongs to the Proceedings of First Summer School on Artificial Intelligence in Cybersecurity)

► Show Figures

Figure 1

5 pages, 770 KB

Open AccessProceeding Paper

Monitoring Water Quality in Small Reservoirs Using Sentinel-2 Imagery and Machine Learning

by Victoria Amores-Chaparro, Fernando Broncano-Morgado, Pablo Fernández-González, Aurora Cuartero and Jesús Torrecilla-Pinero

Eng. Proc. 2026, 123(1), 7; https://doi.org/10.3390/engproc2026123007 - 2 Feb 2026

Viewed by 82

Abstract

This article investigates the estimation of water quality parameters, specifically chlorophyll-a, applying machine learning techniques to Sentinel-2 images. This study focuses on five small reservoirs located in the Extremadura region (Spain), as these are the ones for which continuous daily records from automatic [...] Read more.

This article investigates the estimation of water quality parameters, specifically chlorophyll-a, applying machine learning techniques to Sentinel-2 images. This study focuses on five small reservoirs located in the Extremadura region (Spain), as these are the ones for which continuous daily records from automatic in situ sensors are available. Chlorophyll-a estimates are obtained from two sources: (1) From the C2RCC atmospheric correction of Sentinel-2 images using Sen2Cor and radiometric calibration to ensure temporal consistency, and (2) from in situ data obtained from the official website of the Guadiana Basin Automatic Network Information System. The machine learning (ML)-based methodology significantly improves the predicted results for inland water bodies, enabling enhanced continuous assessment of water quality in small reservoirs. Full article

(This article belongs to the Proceedings of First Summer School on Artificial Intelligence in Cybersecurity)

► Show Figures

Figure 1

5 pages, 198 KB

Open AccessProceeding Paper

From Vibe Coding to Jailbreaking in Large Language Models: A Comparative Security Study

by Eduardo Salas Castillo, Alejandra Guadalupe Silva-Trujillo, Marián Sánchez Ibarra, Daniel Juárez Dominguez and Juan Carlos Cuevas-Tello

Eng. Proc. 2026, 123(1), 8; https://doi.org/10.3390/engproc2026123008 - 2 Feb 2026

Viewed by 223

Abstract

This paper explores the emerging security risks in Large Language Models (LLMs) through a comparative study of jailbreaking techniques. These adversarial methods exploit linguistic and alignment weaknesses in LLMs to bypass content safeguards and generate restricted outputs. Through experiments on models such as [...] Read more.

This paper explores the emerging security risks in Large Language Models (LLMs) through a comparative study of jailbreaking techniques. These adversarial methods exploit linguistic and alignment weaknesses in LLMs to bypass content safeguards and generate restricted outputs. Through experiments on models such as ChatGPT, Gemini, Claude, and Grok, we evaluate their resilience to prompt-based attacks and analyze the factors influencing their vulnerability, including response configuration and model version. The results reveal significant disparities in robustness across models and underscore the need for standardized evaluation frameworks to detect and mitigate these threats. This research contributes to the broader discourse on Artificial Intelligence (AI) security, emphasizing the importance of developing adaptive defense mechanisms to ensure responsible and trustworthy AI deployment. Full article

(This article belongs to the Proceedings of First Summer School on Artificial Intelligence in Cybersecurity)

5 pages, 270 KB

Open AccessProceeding Paper

Multi-Objective Generation of S-Boxes Using Evolutionary Algorithms

by Enrique Dávalos, Adolfo Salas, Javier Benítez and Christian Von Lücken

Eng. Proc. 2026, 123(1), 9; https://doi.org/10.3390/engproc2026123009 - 30 Jan 2026

Viewed by 58

Abstract

Substitution boxes, or S-boxes, are critical elements of symmetric block cipher algorithms—these being the ones that provide “confusion” (a concept defined by Claude Shannon). This work presents a method for generating

8 \times 8

S-boxes using a multi-objective evolutionary algorithm, aiming to simultaneously [...] Read more.

Substitution boxes, or S-boxes, are critical elements of symmetric block cipher algorithms—these being the ones that provide “confusion” (a concept defined by Claude Shannon). This work presents a method for generating

8 \times 8

S-boxes using a multi-objective evolutionary algorithm, aiming to simultaneously optimize Nonlinearity (NL) and the Strict Avalanche Criterion (SAC), which are two important cryptographic properties of S-boxes. Chaotic maps were used to generate the initial population. Experimental executions were carried out, and the results were compared to evaluate the different Pareto fronts obtained. The results indicate that the proposed versions of our algorithm achieve good performance, comparable to the state of the art (with only 150 generations of execution), and it was also found that they continue to improve for runs of 5000 generations. This method can be used for the generation of S-boxes with specific properties. Full article

(This article belongs to the Proceedings of First Summer School on Artificial Intelligence in Cybersecurity)

► Show Figures

Figure 1

6 pages, 915 KB

Open AccessProceeding Paper

Shield-X: Vectorization and Machine Learning-Based Pipeline for Network Traffic Threat Detection

by Claudio Henrique Marques de Oliveira, Marcelo Ladeira, Gustavo Cordeiro Galvao Van Erven and João José Costa Gondim

Eng. Proc. 2026, 123(1), 10; https://doi.org/10.3390/engproc2026123010 - 2 Feb 2026

Viewed by 72

Abstract

This paper presents an integrative methodology combining advanced network packet vectorization techniques, parallel processing with Dask, GPU-optimized machine learning models, and the Qdrant vector database. Our approach achieves a 99.9% detection rate for malicious traffic with only a 1% false-positive rate, setting new [...] Read more.

This paper presents an integrative methodology combining advanced network packet vectorization techniques, parallel processing with Dask, GPU-optimized machine learning models, and the Qdrant vector database. Our approach achieves a 99.9% detection rate for malicious traffic with only a 1% false-positive rate, setting new performance benchmarks for cybersecurity systems. The methodology establishes an average detection time limit not exceeding 10% of the total response time, maintaining high precision even for sophisticated attacks. The system processes 56 GB of PCAP files from Malware-Traffic-Analysis.net (2020–2024) through a five-stage pipeline: distributed packet processing, feature extraction, vectorization, vector database storage, and GPU-accelerated classification using XGBoost, Random Forest, and K-Nearest Neighbors models. Full article

(This article belongs to the Proceedings of First Summer School on Artificial Intelligence in Cybersecurity)

► Show Figures

Figure 1

5 pages, 1305 KB

Open AccessProceeding Paper

Audiovisual Fusion Technique for Detecting Sensitive Content in Videos

by Daniel Povedano Álvarez, Ana Lucila Sandoval Orozco and Luis Javier García Villalba

Eng. Proc. 2026, 123(1), 11; https://doi.org/10.3390/engproc2026123011 - 2 Feb 2026

Viewed by 129

Abstract

The detection of sensitive content in online videos is a key challenge for ensuring digital safety and effective content moderation. This work proposes the Multimodal Audiovisual Attention (MAV-Att), a multimodal deep learning framework that jointly exploits audio and visual cues to improve detection [...] Read more.

The detection of sensitive content in online videos is a key challenge for ensuring digital safety and effective content moderation. This work proposes the Multimodal Audiovisual Attention (MAV-Att), a multimodal deep learning framework that jointly exploits audio and visual cues to improve detection accuracy. The model was evaluated on the LSPD dataset, comprising 52,427 video segments of 20 s each, with optimized keyframe extraction. MAV-Att consists of dual audio and image branches enhanced by attention mechanisms to capture both temporal and cross-modal dependencies. Trained using a joint optimisation loss, the system achieved F1-scores of 94.9% on segments and 94.5% on entire videos, surpassing previous state-of-the-art models by 6.75%. Full article

(This article belongs to the Proceedings of First Summer School on Artificial Intelligence in Cybersecurity)

► Show Figures

Figure 1

5 pages, 1524 KB

Open AccessProceeding Paper

SMSProcessing Using Optical Character Recognition for Smishing Detection

by Lidia Prudente-Tixteco, Jesus Olivares-Mercado and Linda Karina Toscano-Medina

Eng. Proc. 2026, 123(1), 12; https://doi.org/10.3390/engproc2026123012 - 3 Feb 2026

Viewed by 110

Abstract

Instant messaging services are the main modern means of communication because they allow the exchange of messages between people anywhere and through many types of devices. Smishing involves sending text messages spoofing banks, government institutions, or companies in order to deceive. These messages [...] Read more.

Instant messaging services are the main modern means of communication because they allow the exchange of messages between people anywhere and through many types of devices. Smishing involves sending text messages spoofing banks, government institutions, or companies in order to deceive. These messages often include malicious links that redirect users to fraudulent websites designed to steal personal information and commit financial fraud, identity theft, and extortion, among other crimes. Detecting smishing requires techniques to prevent access to dynamic links generated by cybercriminals to take control of devices or to consult blacklists of malicious links. Optical Character Recognition (OCR) recognizes text embedded in images without accessing links. This paper presents a conceptual model that uses OCR to extract text from messages suspected of smishing from a screenshot of a mobile device so that further processing can analyze whether it is smishing. Full article

(This article belongs to the Proceedings of First Summer School on Artificial Intelligence in Cybersecurity)

► Show Figures

Figure 1

4 pages, 176 KB

Open AccessProceeding Paper

Cybersecurity and System Resilience for Deep Learning in Construction and Demolition Waste Classification

by Ruth Torres Gallego, Andrés Caro Lindo, Mohammadhossein Homaei, Pablo Natera Muñoz and Pablo Fernández González

Eng. Proc. 2026, 123(1), 13; https://doi.org/10.3390/engproc2026123013 - 30 Jan 2026

Viewed by 48

Abstract

Construction and Demolition Waste (CDW) management represents a growing global challenge due to the large volume and heterogeneous nature of materials involved. This study addresses this issue by developing an automated classification system based on computer vision and deep learning, aiming to enhance [...] Read more.

Construction and Demolition Waste (CDW) management represents a growing global challenge due to the large volume and heterogeneous nature of materials involved. This study addresses this issue by developing an automated classification system based on computer vision and deep learning, aiming to enhance efficiency and sustainability compared to manual sorting methods. A representative dataset was collected in a recycling facility, and multiple convolutional architectures were evaluated, with ResNet50 employing transfer learning achieving the best performance. The model was integrated into a web-based prototype capable of processing both still images and real-time video, offering visualization and interpretability tools for users. In addition to performance evaluation, the system’s cybersecurity and resilience were analyzed, focusing on data integrity, secure model deployment, and robustness against potential cyber threats. Experimental results demonstrate competitive classification accuracy and stable operation under realistic conditions. The study confirms the technical feasibility of the approach and emphasizes the importance of incorporating cybersecurity considerations into AI-driven industrial solutions, establishing a foundation for secure, scalable, and sustainable CDW management systems. Full article

(This article belongs to the Proceedings of First Summer School on Artificial Intelligence in Cybersecurity)

5 pages, 476 KB

Open AccessProceeding Paper

Maturity Models in Information Security Audits

by Daniel Zamora-Jimenez, Lidia Prudente-Tixteco and Pablo Ramon Mercado-Hernandez

Eng. Proc. 2026, 123(1), 14; https://doi.org/10.3390/engproc2026123014 - 2 Feb 2026

Viewed by 43

Abstract

Information security auditing plays an important role in information security management because it assesses the status of security mechanisms, risk management, and regulatory compliance. Most information security auditing methodologies have been based on binary assessments or checklists, an approach that is limited in [...] Read more.

Information security auditing plays an important role in information security management because it assesses the status of security mechanisms, risk management, and regulatory compliance. Most information security auditing methodologies have been based on binary assessments or checklists, an approach that is limited in the constant evolution of cyber threats. This paper presents a comparative analysis of the most recognized maturity level structures, such as the Capability Maturity Model Integration (CMMI), the Cybersecurity Capability Maturity Model (C2M2), and the Cybersecurity Maturity Model Certification (CMMC), in order to identify the most suitable one for an innovative change in the auditing process to obtain a deeper and more detailed evaluation of security controls and, consequently, better decision-making. Full article

(This article belongs to the Proceedings of First Summer School on Artificial Intelligence in Cybersecurity)

► Show Figures

Figure 1

5 pages, 393 KB

Open AccessProceeding Paper

Use of Natural Language Processing Techniques for Forensic Analysis in Spanish

by Luis Alberto Martínez Hernández, Ana Lucila Sandoval Orozco and Luis Javier García Villalba

Eng. Proc. 2026, 123(1), 15; https://doi.org/10.3390/engproc2026123015 - 4 Feb 2026

Abstract

In the digital forensics process, an essential step is the analysis of evidence contained in seized devices, a task that requires a significant investment of time to identify patterns and evidence that strengthen a judicial investigation. Advances in Natural Language Processing (NLP), particularly [...] Read more.

In the digital forensics process, an essential step is the analysis of evidence contained in seized devices, a task that requires a significant investment of time to identify patterns and evidence that strengthen a judicial investigation. Advances in Natural Language Processing (NLP), particularly models based on Transformers, offer great potential for automating this analysis and facilitating the accurate detection of relevant information. However, there are still a few solutions in Spanish aimed at processing legal texts or identifying crimes. This work proposes an automated methodology for analysing digital evidence using NLP techniques trained for Spanish text. Its objective is to optimise the extraction of relevant information in the forensic context, reducing the analysis time and improving the accuracy of detecting data that is significant for investigations. Full article

(This article belongs to the Proceedings of First Summer School on Artificial Intelligence in Cybersecurity)

► Show Figures

Figure 1

5 pages, 182 KB

Open AccessProceeding Paper

Detection of Vulnerabilities in Tensorflow with LSTM and BERT

by Sergio Muñoz Martín, Luis Alberto Martinez Hernandez, Ana Lucila Sandoval Orozco and Luis Javier García Villalba

Eng. Proc. 2026, 123(1), 16; https://doi.org/10.3390/engproc2026123016 - 4 Feb 2026

Abstract

This work has developed a Deep Learning model that analyses the semantics of the Python code used when working with TensorFlow and detects vulnerabilities to improve data security and bug recognition. This research not only seeks to improve the security of TensorFlow, but [...] Read more.

This work has developed a Deep Learning model that analyses the semantics of the Python code used when working with TensorFlow and detects vulnerabilities to improve data security and bug recognition. This research not only seeks to improve the security of TensorFlow, but also aims to be a solution for other deep learning frameworks in the future and help developers find existing vulnerabilities to facilitate secure code writing. Full article

(This article belongs to the Proceedings of First Summer School on Artificial Intelligence in Cybersecurity)

0 pages, 164 KB

Open AccessProceeding Paper

Vulnerabilities in the DNP 3.0 Communication Protocol in ICS/SCADA Systems on Critical Electrical Infrastructure ^†

by Jacinto Pérez García, Ana Lucia Sandoval Orozco and Luis Javier García Villalba

Eng. Proc. 2026, 123(1), 17; https://doi.org/10.3390/engproc2026123017 - 4 Feb 2026

Abstract

Supervisory control and data acquisition systems are an essential part of industrial control systems that form part of the critical infrastructure in the energy sector, which in the last decade have increased their interconnection, complexity, and dependence on other systems. In addition, the [...] Read more.

Supervisory control and data acquisition systems are an essential part of industrial control systems that form part of the critical infrastructure in the energy sector, which in the last decade have increased their interconnection, complexity, and dependence on other systems. In addition, the data generated and transmitted play a crucial role during acquisition and monitoring through the distributed network protocol version 3, which is used for analysis. As a result, they have become susceptible to cyberattacks that compromise data integrity, specifically unauthorized manipulation, which can cause significant disruptions and impacts on critical infrastructure. Therefore, the purpose of this work is to analyze the limitations, drawbacks, and vulnerabilities of the DNP3 and to present recommendations for identifying anomalous patterns in protocol communication. Full article

(This article belongs to the Proceedings of First Summer School on Artificial Intelligence in Cybersecurity)

4 pages, 323 KB

Open AccessProceeding Paper

Artificial Intelligence for Intrusion Detection Through Side-Channel Techniques

by Felipe Lemus-Prieto, José-Luis González-Sánchez and Andrés Caro

Eng. Proc. 2026, 123(1), 18; https://doi.org/10.3390/engproc2026123018 - 4 Feb 2026

Abstract

The rapid expansion of Internet of Things (IoT) technologies has introduced diverse applications while simultaneously exposing devices to increasing cybersecurity risks. Sensitive data handled within IoT networks and the limited resources of connected devices make conventional intrusion detection methods often impractical. This work [...] Read more.

The rapid expansion of Internet of Things (IoT) technologies has introduced diverse applications while simultaneously exposing devices to increasing cybersecurity risks. Sensitive data handled within IoT networks and the limited resources of connected devices make conventional intrusion detection methods often impractical. This work introduces an approach for detecting cyberattacks in IoT environments through side-channel analysis based on device power consumption. A lightweight machine learning framework is employed to identify anomalous behavior without disrupting normal device operation. Experiments conducted on various setups, including custom datasets and unseen attack patterns, confirm the system’s effectiveness and real-time detection capability. The proposed solution stands out for its simplicity, reproducibility, and ease of deployment across heterogeneous IoT infrastructures with minimal computational overhead. Full article

(This article belongs to the Proceedings of First Summer School on Artificial Intelligence in Cybersecurity)

► Show Figures

Figure 1

5 pages, 209 KB

Open AccessProceeding Paper

Privacy and Security in Mobile Applications Assisted by Artificial Intelligence

by Sandra Pérez Arteaga, Ana Lucila Sandoval Orozco and Luis Javier García Villalba

Eng. Proc. 2026, 123(1), 19; https://doi.org/10.3390/engproc2026123019 - 5 Feb 2026

Abstract

The use of technology in mobile devices and the integration of Artificial Intelligence offers a wide range of benefits and personalised services that help users perform countless activities that assist them in their daily lives, such as at work, school, and when communicating [...] Read more.

The use of technology in mobile devices and the integration of Artificial Intelligence offers a wide range of benefits and personalised services that help users perform countless activities that assist them in their daily lives, such as at work, school, and when communicating with friends and loved ones. However, this technological evolution poses significant challenges and risks in terms of user privacy, as the personal data and information that may be shared or stored must be taken into account in order to preserve the physical and psychological integrity of users. Balancing innovation and privacy is essential to maximise the benefits of AI on mobile devices while protecting the rights and security of users. This requires a comprehensive approach involving multiple stakeholders working together to create a secure, user-centred digital environment and implement security measures to preserve that data security. Full article

(This article belongs to the Proceedings of First Summer School on Artificial Intelligence in Cybersecurity)

► Show Figures

Figure 1

5 pages, 397 KB

Open AccessProceeding Paper

Explainable Reputation Estimation from Web Service Reviews

by Elmira Saeedi Taleghani, Ronald Iván Maldonado Valencia, Ana Lucila Sandoval Orozco and Luis Javier García Villalba

Eng. Proc. 2026, 123(1), 20; https://doi.org/10.3390/engproc2026123020 - 5 Feb 2026

Abstract

Star ratings alone are noisy, manipulable, and ignore aspect-level sentiment. We present Scrape2Repute, a compact and reproducible pipeline that ingests Yelp reviews under policy constraints; cleans and normalises text/metadata; learns a calibrated text sentiment per review; fuses stars and text via a tunable [...] Read more.

Star ratings alone are noisy, manipulable, and ignore aspect-level sentiment. We present Scrape2Repute, a compact and reproducible pipeline that ingests Yelp reviews under policy constraints; cleans and normalises text/metadata; learns a calibrated text sentiment per review; fuses stars and text via a tunable hybrid label; downweights suspicious reviews with unsupervised anomaly scoring; and aggregates evidence into a time-decayed business reputation with uncertainty bounds. The system is explainable (top-k rationales, aspect summaries), runs on commodity hardware, and ships with CLI/GUI. On the Yelp Open Dataset, we show strong predictive validity for forecasting future ratings and stable behaviour under sensitivity sweeps. We release implementation and an ethics checklist for compliant use. Full article

(This article belongs to the Proceedings of First Summer School on Artificial Intelligence in Cybersecurity)

► Show Figures

Figure 1

5 pages, 206 KB

Open AccessProceeding Paper

Transparent Trust Assessment in 6G Using Blockchain

by Ronald Iván Maldonado Valencia, Elmira Saeedi Taleghani, Jesús Angel Alonso Lopez, Ana Lucila Sandoval Orozco and Luis Javier García Villalba

Eng. Proc. 2026, 123(1), 21; https://doi.org/10.3390/engproc2026123021 - 4 Feb 2026

Abstract

Trust assurance will be a cornerstone of the security and autonomy of sixth-generation (6G) networks. Traditional trust models focus on data authenticity and integrity; however, 6G systems increasingly rely on autonomous decision-making. This article presents blockchain as a dual function in 6G: first, [...] Read more.

Trust assurance will be a cornerstone of the security and autonomy of sixth-generation (6G) networks. Traditional trust models focus on data authenticity and integrity; however, 6G systems increasingly rely on autonomous decision-making. This article presents blockchain as a dual function in 6G: first, as a decentralized and immutable ledger, and second, as a trustor, an entity that guarantees the transparency, traceability, and immutability of the trust assessment process itself. A conceptual framework is proposed in which blockchain houses both trust metrics and the logic that governs their assessment using smart contracts. Full article

(This article belongs to the Proceedings of First Summer School on Artificial Intelligence in Cybersecurity)

► Show Figures

Figure 1

5 pages, 178 KB

Open AccessProceeding Paper

Adversarial Attacks on Machine Learning Models for Network Traffic Filtering

by Luis Alberto Martínez Hernández, Sandra Pérez Arteaga, Ana Lucila Sandoval Orozco and Luis Javier García Villalba

Eng. Proc. 2026, 123(1), 23; https://doi.org/10.3390/engproc2026123023 - 5 Feb 2026

Abstract

Due to people’s increasing access to computers, IT security has become extremely important in today’s society. This increase in connectivity has also led cybercriminals to take advantage of the anonymity and privacy offered by the Internet to carry out illegal activities. One of [...] Read more.

Due to people’s increasing access to computers, IT security has become extremely important in today’s society. This increase in connectivity has also led cybercriminals to take advantage of the anonymity and privacy offered by the Internet to carry out illegal activities. One of the most innovative solutions for protecting systems and networks is the use of artificial intelligence. However, these same technologies can become attractive targets for attackers seeking to compromise an organisation’s security. This paper analyses attacks targeting machine learning algorithms used in the classification of messaging application traffic, using Generative Adversarial Networks. Three algorithms were specifically evaluated and the results obtained were compared. The analyses show that all algorithms have a certain degree of vulnerability to malicious manipulation, highlighting the need to strengthen their defence mechanisms. Full article

(This article belongs to the Proceedings of First Summer School on Artificial Intelligence in Cybersecurity)

7 pages, 620 KB

Open AccessProceeding Paper

Bridging Forecasts and Mitigation Through Retrieval-Augmented Time-Series Models for Cybersecurity Incidents

by Aldo Hernandez-Suarez, Gabriel Sanchez-Perez, Linda Karina Toscano-Medina, Hector Perez-Meana, Jose Portillo-Portillo, Jesus Olivares Mercado and Enrique Escamilla-Hernandez

Eng. Proc. 2026, 123(1), 24; https://doi.org/10.3390/engproc2026123024 - 5 Feb 2026

Abstract

In Cyber Threat Intelligence, anticipating threat events and linking forecasts to standards-based mitigations is essential, yet many approaches rely on non-unified event representations within the analysis window, introducing bias and weakening tactical signal. In this manuscript, an end-to-end workflow is introduced that canonicalizes [...] Read more.

In Cyber Threat Intelligence, anticipating threat events and linking forecasts to standards-based mitigations is essential, yet many approaches rely on non-unified event representations within the analysis window, introducing bias and weakening tactical signal. In this manuscript, an end-to-end workflow is introduced that canonicalizes seven public threat feeds, constructs exogenous covariates, applies Elastic Net under Walk-Forward Cross-Validation (WFCV), and models continuous and intermittent series with SARIMAX and ADIDA estimators. Forecasts are consolidated into a fourteen-dimensional risk vector aligned with the MITRE ATT&CK framework taxonomy and translated into mitigations through a Retrieval-Augmented Generation (RAG) module that also consults the CISA Known Exploited Vulnerabilities catalogue. At a seven-day forecast horizon

h = 7

with weekly seasonality

m = 7

, forecasting attains MAPE 12.0%, RMSE 6.8, and MAE 4.9. Mitigation retrieval, evaluated on 73 tactic-specific contextual queries from the test set, achieves 84.5% Exact Match and 91.3% Coverage. Full article

(This article belongs to the Proceedings of First Summer School on Artificial Intelligence in Cybersecurity)

► Show Figures

Figure 1

5 pages, 398 KB

Open AccessProceeding Paper

A Lightweight Deep Learning Framework for Robust Video Watermarking in Adversarial Environments

by Antonio Cedillo-Hernandez, Lydia Velazquez-Garcia and Manuel Cedillo-Hernandez

Eng. Proc. 2026, 123(1), 25; https://doi.org/10.3390/engproc2026123025 - 5 Feb 2026

Abstract

The widespread distribution of digital videos in social networks, streaming services, and surveillance systems has increased the risk of manipulation, unauthorized redistribution, and adversarial tampering. This paper presents a lightweight deep learning framework for robust and imperceptible video watermarking designed specifically for cybersecurity [...] Read more.

The widespread distribution of digital videos in social networks, streaming services, and surveillance systems has increased the risk of manipulation, unauthorized redistribution, and adversarial tampering. This paper presents a lightweight deep learning framework for robust and imperceptible video watermarking designed specifically for cybersecurity environments. Unlike heavy architectures that rely on multi-scale feature extractors or complex adversarial networks, our model introduces a compact encoder–decoder pipeline optimized for real-time watermark embedding and recovery under adversarial attacks. The proposed system leverages spatial attention and temporal redundancy to ensure robustness against distortions such as compression, additive noise, and adversarial perturbations generated via Fast Gradient Sign Method (FGSM) or recompression attacks from generative models. Experimental simulations using a reduced Kinetics-600 subset demonstrate promising results, achieving an average PSNR of 38.9 dB, SSIM of 0.967, and Bit Error Rate (BER) below 3% even under FGSM attacks. These results suggest that the proposed lightweight framework achieves a favorable trade-off between resilience, imperceptibility, and computational efficiency, making it suitable for deployment in video forensics, authentication, and secure content distribution systems. Full article

(This article belongs to the Proceedings of First Summer School on Artificial Intelligence in Cybersecurity)

► Show Figures

Figure 1

5 pages, 4387 KB

Open AccessProceeding Paper

MAS-Hunt: A Resilient AI Multi-Agent System for Threat Hunting

by Paulo Matheus Nicolau Silva, Daniel Alves da Silva, Robson de Oliveira Albuquerque, Georges Daniel Amvame Nze and Fábio Lúcio Lopes de Mendonça

Eng. Proc. 2026, 123(1), 26; https://doi.org/10.3390/engproc2026123026 - 5 Feb 2026

Abstract

Modern cyber threats exhibit sophisticated, evasive behaviors that overwhelm traditional security systems, leading to prolonged periods of attackers remaining undetected. AI-driven autonomous agents promise a proactive solution but are themselves vulnerable to adversarial manipulation, including memory poisoning and behavioral exploitation. This paper introduces [...] Read more.

Modern cyber threats exhibit sophisticated, evasive behaviors that overwhelm traditional security systems, leading to prolonged periods of attackers remaining undetected. AI-driven autonomous agents promise a proactive solution but are themselves vulnerable to adversarial manipulation, including memory poisoning and behavioral exploitation. This paper introduces MAS-Hunt—a novel multi-agent system architecture for proactive threat hunting that operates directly on live telemetry within the Elastic Stack. MAS-Hunt employs a collaborative team of specialized AI agents to automate the threat hunting lifecycle while incorporating a security-first design with built-in defenses for memory integrity, cross-agent validation, and behavioral anomaly detection. Full article

(This article belongs to the Proceedings of First Summer School on Artificial Intelligence in Cybersecurity)

► Show Figures

Figure 1

5 pages, 336 KB

Open AccessProceeding Paper

Towards Reliable 6G: Intelligent Trust Assessment with Hybrid Learning

by Elmira Saeedi Taleghani, Ronald Iván Maldonado Valencia, Ana Lucila Sandoval Orozco and Luis Javier García Villalba

Eng. Proc. 2026, 123(1), 27; https://doi.org/10.3390/engproc2026123027 - 6 Feb 2026

Abstract

Sixth-generation (6G) networks will operate with pervasive autonomy and minimal centralised control, imposing stringent requirements on security and trust. This short communication presents a hybrid trust evaluation approach that combines fuzzy inference for uncertainty management, bidirectional long short-term memory (BiLSTM) networks for temporal [...] Read more.

Sixth-generation (6G) networks will operate with pervasive autonomy and minimal centralised control, imposing stringent requirements on security and trust. This short communication presents a hybrid trust evaluation approach that combines fuzzy inference for uncertainty management, bidirectional long short-term memory (BiLSTM) networks for temporal prediction, and blockchain for immutable verification. The pipeline first maps multi-source interaction and context metrics into linguistic trust values via fuzzy rules, then leverages BiLSTM to anticipate trust fluctuations under dynamic conditions, and finally anchors trust updates on a permissioned blockchain to ensure integrity and traceability. Using CIC-IoT2023, the proposed approach attains high accuracy and F1-score while reducing Execution Time (ET) and energy demands relative to a recent spatial-temporal trust model for 6G IoT. Results indicate that jointly addressing uncertainty, temporal evolution, and ledger-backed validation yields stable trust trajectories suitable for resource-constrained devices. The study outlines a practical path toward explainable, adaptive, and tamper-resistant trust management for 6G ecosystems. Full article

(This article belongs to the Proceedings of First Summer School on Artificial Intelligence in Cybersecurity)

► Show Figures

Figure 1

Journal Menu

Journal Browser

Eng. Proc., 2026, CYBER-AI 2025

First Summer School on Artificial Intelligence in Cybersecurity

Editorial

Other

Further Information

Guidelines

MDPI Initiatives

Follow MDPI