Engineering Proceedings

Editorial

Jump to: Other

2 pages, 136 KB

Open AccessEditorial

Preface to the First Summer School on Artificial Intelligence in Cybersecurity

by Luis Javier García Villalba, Héctor Manuel Pérez Meana, Gabriel Sánchez Pérez and Ana Lucila Sandoval Orozco

Eng. Proc. 2026, 123(1), 1; https://doi.org/10.3390/engproc2026123001 - 13 Jan 2026

Viewed by 350

Abstract

The First Summer School on Artificial Intelligence in Cybersecurity (CYBER-AI 2025) was held at the Instituto Politécnico Nacional (IPN), Cancún, Mexico, from 3rd to 7th November 2025 [...] Full article

(This article belongs to the Proceedings of First Summer School on Artificial Intelligence in Cybersecurity)

Other

Jump to: Editorial

13 pages, 517 KB

Open AccessProceeding Paper

Reinforcement Learning for the Optimization of Adaptive Intrusion Detection Systems

by Óscar Mogollón-Gutiérrez, David Escudero García, José Carlos Sancho Núñez and Noemí DeCastro-García

Eng. Proc. 2026, 123(1), 2; https://doi.org/10.3390/engproc2026123002 - 29 Jan 2026

Viewed by 588

Abstract

Network intrusion detection is an activity of increasing importance due to the annual rise in attacks. In the literature, the use of machine learning solutions is one of the most common mechanisms for improving the performance of detection systems. One of the main [...] Read more.

Network intrusion detection is an activity of increasing importance due to the annual rise in attacks. In the literature, the use of machine learning solutions is one of the most common mechanisms for improving the performance of detection systems. One of the main problems with these approaches is data imbalance: the volume of malicious traffic is much lower than normal traffic, making it difficult to create an effective model. The use of ensemble models, which combine several individual models, can increase robustness against data imbalance. To try to improve the effectiveness of ensemble models against imbalance, in this work, we apply reinforcement learning to combine the individual predictions of the ensemble models, with the objective of improving predictions compared to classic weighted voting algorithms. Full article

(This article belongs to the Proceedings of First Summer School on Artificial Intelligence in Cybersecurity)

► Show Figures

Figure 1

5 pages, 801 KB

Open AccessProceeding Paper

From Pose to Pitch: Classifying Baseball Pitch Types with Projection-Gated ST-GCN

by Sergio Huesca-Flores, Gibran Benitez-Garcia, Oswaldo Juarez-Sandoval, Hiroki Takahashi, Hector Perez-Meana and Mariko Nakano-Miyatake

Eng. Proc. 2026, 123(1), 3; https://doi.org/10.3390/engproc2026123003 - 29 Jan 2026

Viewed by 526

Abstract

We present a skeleton-based approach to baseball pitch type classification from broadcast video. We leverage Human Pose Estimation and an ST-GCN architecture, improved with a projection-gated temporal downsampler, to learn kinematic signatures of the pitcher’s body, adaptively selecting the most informative frames, enabling [...] Read more.

We present a skeleton-based approach to baseball pitch type classification from broadcast video. We leverage Human Pose Estimation and an ST-GCN architecture, improved with a projection-gated temporal downsampler, to learn kinematic signatures of the pitcher’s body, adaptively selecting the most informative frames, enabling pitch type classification without the need for ball tracking. On the MLB-YouTube dataset, our proposed method reaches ~62% six-class accuracy, highlighting body mechanics as a practical biometric cue. Full article

(This article belongs to the Proceedings of First Summer School on Artificial Intelligence in Cybersecurity)

► Show Figures

Figure 1

5 pages, 173 KB

Open AccessProceeding Paper

From Camera to Algorithm: OpenCV and AI Workshop for the Cybersecurity of the Future

by Pablo Natera-Muñoz, Fernando Broncano-Morgado and Pablo Garcia-Rodriguez

Eng. Proc. 2026, 123(1), 4; https://doi.org/10.3390/engproc2026123004 - 30 Jan 2026

Viewed by 598

Abstract

Artificial vision and artificial intelligence (AI) are increasingly interconnected in cybersecurity. This work presents an overview of OpenCV-based visual computing as a core tool for intelligent security systems that analyze real-time visual data. It includes practical exercises on face, edge, motion, and color [...] Read more.

Artificial vision and artificial intelligence (AI) are increasingly interconnected in cybersecurity. This work presents an overview of OpenCV-based visual computing as a core tool for intelligent security systems that analyze real-time visual data. It includes practical exercises on face, edge, motion, and color detection, forming the basis for advanced object recognition using YOLOv10. Real applications, such as document processing and camera-based anomaly detection, are implemented in a microservice architecture with OpenCV, and deep learning frameworks. Integrating computer vision and AI is shown to be essential for developing resilient and autonomous cybersecurity infrastructures. Full article

(This article belongs to the Proceedings of First Summer School on Artificial Intelligence in Cybersecurity)

5 pages, 484 KB

Open AccessProceeding Paper

Dynamic Facial Expression Recognition by Concatenation of Raw, Semi-Raw, and Distance Features

by Jose Sotelo-Barrales, Mariko Nakano-Miyatake, David Mata-Mendoza, Hector Perez-Meana and Enrique Escamilla-Hernandez

Eng. Proc. 2026, 123(1), 5; https://doi.org/10.3390/engproc2026123005 - 2 Feb 2026

Viewed by 307

Abstract

We propose a method for dynamic facial expression recognition that integrates three complementary feature streams from video sequences: (1) raw texture features extracted with EfficientNet-B0, (2) deep geometric features from face mesh representations (semi-raw, EfficientNet-B0), and (3) explicit geometric features derived from facial [...] Read more.

We propose a method for dynamic facial expression recognition that integrates three complementary feature streams from video sequences: (1) raw texture features extracted with EfficientNet-B0, (2) deep geometric features from face mesh representations (semi-raw, EfficientNet-B0), and (3) explicit geometric features derived from facial landmark distances. After refinement with Neighborhood Component Analysis (NCA), features are concatenated and fed to Bi-LSTM modeling temporal dynamics. The method achieved 58.25% (UAR) and 58.40% (WAR) on CREMA-D, and it achieved 82.81% (UAR) and 82.99% (WAR) on RAVDESS. The Bi-LSTM contains 8.68 M parameters, while the EfficientNet-B0 feature extractors add approximately 4 M parameters. Full article

(This article belongs to the Proceedings of First Summer School on Artificial Intelligence in Cybersecurity)

► Show Figures

Figure 1

5 pages, 433 KB

Open AccessProceeding Paper

Exploring the Real Capabilities of the Flipper Zero

by Francisco Javier Muñoz-Ruiz, Agustín Javier Di-Bartolo, Fernando Broncano-Morgado, Belén M. Ramírez-Gabardino and Mar Ávila

Eng. Proc. 2026, 123(1), 6; https://doi.org/10.3390/engproc2026123006 - 2 Feb 2026

Viewed by 7762

Abstract

Wireless devices are increasingly used today, and the presence of vulnerabilities represents a significant risk to modern security systems. This study analyzes the different functionalities of the Flipper Zero device and its capability to compromise everyday systems. Through various tests and an exhaustive [...] Read more.

Wireless devices are increasingly used today, and the presence of vulnerabilities represents a significant risk to modern security systems. This study analyzes the different functionalities of the Flipper Zero device and its capability to compromise everyday systems. Through various tests and an exhaustive analysis of its infrared, RFID/NFC, sub-GHz, USB, and Bluetooth functionalities, several critical vulnerabilities were identified, such as access credential emulation and interference with remote control signals. These results demonstrate that the device is a highly versatile and useful tool for performing security audits, not only improving traditional testing methods but also opening new possibilities for developing more resilient defense systems. However, it also poses a potential risk if misused for malicious purposes. Full article

(This article belongs to the Proceedings of First Summer School on Artificial Intelligence in Cybersecurity)

► Show Figures

Figure 1

5 pages, 770 KB

Open AccessProceeding Paper

Monitoring Water Quality in Small Reservoirs Using Sentinel-2 Imagery and Machine Learning

by Victoria Amores-Chaparro, Fernando Broncano-Morgado, Pablo Fernández-González, Aurora Cuartero and Jesús Torrecilla-Pinero

Eng. Proc. 2026, 123(1), 7; https://doi.org/10.3390/engproc2026123007 - 2 Feb 2026

Viewed by 490

Abstract

This article investigates the estimation of water quality parameters, specifically chlorophyll-a, applying machine learning techniques to Sentinel-2 images. This study focuses on five small reservoirs located in the Extremadura region (Spain), as these are the ones for which continuous daily records from automatic [...] Read more.

This article investigates the estimation of water quality parameters, specifically chlorophyll-a, applying machine learning techniques to Sentinel-2 images. This study focuses on five small reservoirs located in the Extremadura region (Spain), as these are the ones for which continuous daily records from automatic in situ sensors are available. Chlorophyll-a estimates are obtained from two sources: (1) From the C2RCC atmospheric correction of Sentinel-2 images using Sen2Cor and radiometric calibration to ensure temporal consistency, and (2) from in situ data obtained from the official website of the Guadiana Basin Automatic Network Information System. The machine learning (ML)-based methodology significantly improves the predicted results for inland water bodies, enabling enhanced continuous assessment of water quality in small reservoirs. Full article

(This article belongs to the Proceedings of First Summer School on Artificial Intelligence in Cybersecurity)

► Show Figures

Figure 1

5 pages, 198 KB

Open AccessProceeding Paper

From Vibe Coding to Jailbreaking in Large Language Models: A Comparative Security Study

by Eduardo Salas Castillo, Alejandra Guadalupe Silva-Trujillo, Marián Sánchez Ibarra, Daniel Juárez Dominguez and Juan Carlos Cuevas-Tello

Eng. Proc. 2026, 123(1), 8; https://doi.org/10.3390/engproc2026123008 - 2 Feb 2026

Viewed by 4223

Abstract

This paper explores the emerging security risks in Large Language Models (LLMs) through a comparative study of jailbreaking techniques. These adversarial methods exploit linguistic and alignment weaknesses in LLMs to bypass content safeguards and generate restricted outputs. Through experiments on models such as [...] Read more.

This paper explores the emerging security risks in Large Language Models (LLMs) through a comparative study of jailbreaking techniques. These adversarial methods exploit linguistic and alignment weaknesses in LLMs to bypass content safeguards and generate restricted outputs. Through experiments on models such as ChatGPT, Gemini, Claude, and Grok, we evaluate their resilience to prompt-based attacks and analyze the factors influencing their vulnerability, including response configuration and model version. The results reveal significant disparities in robustness across models and underscore the need for standardized evaluation frameworks to detect and mitigate these threats. This research contributes to the broader discourse on Artificial Intelligence (AI) security, emphasizing the importance of developing adaptive defense mechanisms to ensure responsible and trustworthy AI deployment. Full article

(This article belongs to the Proceedings of First Summer School on Artificial Intelligence in Cybersecurity)

5 pages, 270 KB

Open AccessProceeding Paper

Multi-Objective Generation of S-Boxes Using Evolutionary Algorithms

by Enrique Dávalos, Adolfo Salas, Javier Benítez and Christian Von Lücken

Eng. Proc. 2026, 123(1), 9; https://doi.org/10.3390/engproc2026123009 - 30 Jan 2026

Viewed by 390

Abstract

Substitution boxes, or S-boxes, are critical elements of symmetric block cipher algorithms—these being the ones that provide “confusion” (a concept defined by Claude Shannon). This work presents a method for generating

8 \times 8

S-boxes using a multi-objective evolutionary algorithm, aiming to simultaneously [...] Read more.

Substitution boxes, or S-boxes, are critical elements of symmetric block cipher algorithms—these being the ones that provide “confusion” (a concept defined by Claude Shannon). This work presents a method for generating

8 \times 8

S-boxes using a multi-objective evolutionary algorithm, aiming to simultaneously optimize Nonlinearity (NL) and the Strict Avalanche Criterion (SAC), which are two important cryptographic properties of S-boxes. Chaotic maps were used to generate the initial population. Experimental executions were carried out, and the results were compared to evaluate the different Pareto fronts obtained. The results indicate that the proposed versions of our algorithm achieve good performance, comparable to the state of the art (with only 150 generations of execution), and it was also found that they continue to improve for runs of 5000 generations. This method can be used for the generation of S-boxes with specific properties. Full article

(This article belongs to the Proceedings of First Summer School on Artificial Intelligence in Cybersecurity)

► Show Figures

Figure 1

6 pages, 915 KB

Open AccessProceeding Paper

Shield-X: Vectorization and Machine Learning-Based Pipeline for Network Traffic Threat Detection

by Claudio Henrique Marques de Oliveira, Marcelo Ladeira, Gustavo Cordeiro Galvao Van Erven and João José Costa Gondim

Eng. Proc. 2026, 123(1), 10; https://doi.org/10.3390/engproc2026123010 - 2 Feb 2026

Viewed by 472

Abstract

This paper presents an integrative methodology combining advanced network packet vectorization techniques, parallel processing with Dask, GPU-optimized machine learning models, and the Qdrant vector database. Our approach achieves a 99.9% detection rate for malicious traffic with only a 1% false-positive rate, setting new [...] Read more.

This paper presents an integrative methodology combining advanced network packet vectorization techniques, parallel processing with Dask, GPU-optimized machine learning models, and the Qdrant vector database. Our approach achieves a 99.9% detection rate for malicious traffic with only a 1% false-positive rate, setting new performance benchmarks for cybersecurity systems. The methodology establishes an average detection time limit not exceeding 10% of the total response time, maintaining high precision even for sophisticated attacks. The system processes 56 GB of PCAP files from Malware-Traffic-Analysis.net (2020–2024) through a five-stage pipeline: distributed packet processing, feature extraction, vectorization, vector database storage, and GPU-accelerated classification using XGBoost, Random Forest, and K-Nearest Neighbors models. Full article

(This article belongs to the Proceedings of First Summer School on Artificial Intelligence in Cybersecurity)

► Show Figures

Figure 1

5 pages, 1305 KB

Open AccessProceeding Paper

Audiovisual Fusion Technique for Detecting Sensitive Content in Videos

by Daniel Povedano Álvarez, Ana Lucila Sandoval Orozco and Luis Javier García Villalba

Eng. Proc. 2026, 123(1), 11; https://doi.org/10.3390/engproc2026123011 - 2 Feb 2026

Viewed by 837

Abstract

The detection of sensitive content in online videos is a key challenge for ensuring digital safety and effective content moderation. This work proposes the Multimodal Audiovisual Attention (MAV-Att), a multimodal deep learning framework that jointly exploits audio and visual cues to improve detection [...] Read more.

The detection of sensitive content in online videos is a key challenge for ensuring digital safety and effective content moderation. This work proposes the Multimodal Audiovisual Attention (MAV-Att), a multimodal deep learning framework that jointly exploits audio and visual cues to improve detection accuracy. The model was evaluated on the LSPD dataset, comprising 52,427 video segments of 20 s each, with optimized keyframe extraction. MAV-Att consists of dual audio and image branches enhanced by attention mechanisms to capture both temporal and cross-modal dependencies. Trained using a joint optimisation loss, the system achieved F1-scores of 94.9% on segments and 94.5% on entire videos, surpassing previous state-of-the-art models by 6.75%. Full article

(This article belongs to the Proceedings of First Summer School on Artificial Intelligence in Cybersecurity)

► Show Figures

Figure 1

5 pages, 1524 KB

Open AccessProceeding Paper

SMSProcessing Using Optical Character Recognition for Smishing Detection

by Lidia Prudente-Tixteco, Jesus Olivares-Mercado and Linda Karina Toscano-Medina

Eng. Proc. 2026, 123(1), 12; https://doi.org/10.3390/engproc2026123012 - 3 Feb 2026

Viewed by 481

Abstract

Instant messaging services are the main modern means of communication because they allow the exchange of messages between people anywhere and through many types of devices. Smishing involves sending text messages spoofing banks, government institutions, or companies in order to deceive. These messages [...] Read more.

Instant messaging services are the main modern means of communication because they allow the exchange of messages between people anywhere and through many types of devices. Smishing involves sending text messages spoofing banks, government institutions, or companies in order to deceive. These messages often include malicious links that redirect users to fraudulent websites designed to steal personal information and commit financial fraud, identity theft, and extortion, among other crimes. Detecting smishing requires techniques to prevent access to dynamic links generated by cybercriminals to take control of devices or to consult blacklists of malicious links. Optical Character Recognition (OCR) recognizes text embedded in images without accessing links. This paper presents a conceptual model that uses OCR to extract text from messages suspected of smishing from a screenshot of a mobile device so that further processing can analyze whether it is smishing. Full article

(This article belongs to the Proceedings of First Summer School on Artificial Intelligence in Cybersecurity)

► Show Figures

Figure 1

4 pages, 176 KB

Open AccessProceeding Paper

Cybersecurity and System Resilience for Deep Learning in Construction and Demolition Waste Classification

by Ruth Torres Gallego, Andrés Caro Lindo, Mohammadhossein Homaei, Pablo Natera Muñoz and Pablo Fernández González

Eng. Proc. 2026, 123(1), 13; https://doi.org/10.3390/engproc2026123013 - 30 Jan 2026

Viewed by 425

Abstract

Construction and Demolition Waste (CDW) management represents a growing global challenge due to the large volume and heterogeneous nature of materials involved. This study addresses this issue by developing an automated classification system based on computer vision and deep learning, aiming to enhance [...] Read more.

Construction and Demolition Waste (CDW) management represents a growing global challenge due to the large volume and heterogeneous nature of materials involved. This study addresses this issue by developing an automated classification system based on computer vision and deep learning, aiming to enhance efficiency and sustainability compared to manual sorting methods. A representative dataset was collected in a recycling facility, and multiple convolutional architectures were evaluated, with ResNet50 employing transfer learning achieving the best performance. The model was integrated into a web-based prototype capable of processing both still images and real-time video, offering visualization and interpretability tools for users. In addition to performance evaluation, the system’s cybersecurity and resilience were analyzed, focusing on data integrity, secure model deployment, and robustness against potential cyber threats. Experimental results demonstrate competitive classification accuracy and stable operation under realistic conditions. The study confirms the technical feasibility of the approach and emphasizes the importance of incorporating cybersecurity considerations into AI-driven industrial solutions, establishing a foundation for secure, scalable, and sustainable CDW management systems. Full article

(This article belongs to the Proceedings of First Summer School on Artificial Intelligence in Cybersecurity)

5 pages, 476 KB

Open AccessProceeding Paper

Maturity Models in Information Security Audits

by Daniel Zamora-Jimenez, Lidia Prudente-Tixteco and Pablo Ramon Mercado-Hernandez

Eng. Proc. 2026, 123(1), 14; https://doi.org/10.3390/engproc2026123014 - 2 Feb 2026

Viewed by 611

Abstract

Information security auditing plays an important role in information security management because it assesses the status of security mechanisms, risk management, and regulatory compliance. Most information security auditing methodologies have been based on binary assessments or checklists, an approach that is limited in [...] Read more.

Information security auditing plays an important role in information security management because it assesses the status of security mechanisms, risk management, and regulatory compliance. Most information security auditing methodologies have been based on binary assessments or checklists, an approach that is limited in the constant evolution of cyber threats. This paper presents a comparative analysis of the most recognized maturity level structures, such as the Capability Maturity Model Integration (CMMI), the Cybersecurity Capability Maturity Model (C2M2), and the Cybersecurity Maturity Model Certification (CMMC), in order to identify the most suitable one for an innovative change in the auditing process to obtain a deeper and more detailed evaluation of security controls and, consequently, better decision-making. Full article

(This article belongs to the Proceedings of First Summer School on Artificial Intelligence in Cybersecurity)

► Show Figures

Figure 1

5 pages, 393 KB

Open AccessProceeding Paper

Use of Natural Language Processing Techniques for Forensic Analysis in Spanish

by Luis Alberto Martínez Hernández, Ana Lucila Sandoval Orozco and Luis Javier García Villalba

Eng. Proc. 2026, 123(1), 15; https://doi.org/10.3390/engproc2026123015 - 4 Feb 2026

Viewed by 606

Abstract

In the digital forensics process, an essential step is the analysis of evidence contained in seized devices, a task that requires a significant investment of time to identify patterns and evidence that strengthen a judicial investigation. Advances in Natural Language Processing (NLP), particularly [...] Read more.

In the digital forensics process, an essential step is the analysis of evidence contained in seized devices, a task that requires a significant investment of time to identify patterns and evidence that strengthen a judicial investigation. Advances in Natural Language Processing (NLP), particularly models based on Transformers, offer great potential for automating this analysis and facilitating the accurate detection of relevant information. However, there are still a few solutions in Spanish aimed at processing legal texts or identifying crimes. This work proposes an automated methodology for analysing digital evidence using NLP techniques trained for Spanish text. Its objective is to optimise the extraction of relevant information in the forensic context, reducing the analysis time and improving the accuracy of detecting data that is significant for investigations. Full article

(This article belongs to the Proceedings of First Summer School on Artificial Intelligence in Cybersecurity)

► Show Figures

Figure 1

5 pages, 182 KB

Open AccessProceeding Paper

Detection of Vulnerabilities in Tensorflow with LSTM and BERT

by Sergio Muñoz Martín, Luis Alberto Martinez Hernandez, Ana Lucila Sandoval Orozco and Luis Javier García Villalba

Eng. Proc. 2026, 123(1), 16; https://doi.org/10.3390/engproc2026123016 - 4 Feb 2026

Viewed by 411

Abstract

This work has developed a Deep Learning model that analyses the semantics of the Python code used when working with TensorFlow and detects vulnerabilities to improve data security and bug recognition. This research not only seeks to improve the security of TensorFlow, but [...] Read more.

This work has developed a Deep Learning model that analyses the semantics of the Python code used when working with TensorFlow and detects vulnerabilities to improve data security and bug recognition. This research not only seeks to improve the security of TensorFlow, but also aims to be a solution for other deep learning frameworks in the future and help developers find existing vulnerabilities to facilitate secure code writing. Full article

(This article belongs to the Proceedings of First Summer School on Artificial Intelligence in Cybersecurity)

5 pages, 164 KB

Open AccessProceeding Paper

Vulnerabilities in the DNP 3.0 Communication Protocol in ICS/SCADA Systems on Critical Electrical Infrastructure

by Jacinto Pérez García, Ana Lucia Sandoval Orozco and Luis Javier García Villalba

Eng. Proc. 2026, 123(1), 17; https://doi.org/10.3390/engproc2026123017 - 4 Feb 2026

Cited by 1 | Viewed by 662

Abstract

Supervisory control and data acquisition systems are an essential part of industrial control systems that form part of the critical infrastructure in the energy sector, which in the last decade have increased their interconnection, complexity, and dependence on other systems. In addition, the [...] Read more.

Supervisory control and data acquisition systems are an essential part of industrial control systems that form part of the critical infrastructure in the energy sector, which in the last decade have increased their interconnection, complexity, and dependence on other systems. In addition, the data generated and transmitted play a crucial role during acquisition and monitoring through the distributed network protocol version 3, which is used for analysis. As a result, they have become susceptible to cyberattacks that compromise data integrity, specifically unauthorized manipulation, which can cause significant disruptions and impacts on critical infrastructure. Therefore, the purpose of this work is to analyze the limitations, drawbacks, and vulnerabilities of the DNP3 and to present recommendations for identifying anomalous patterns in protocol communication. Full article

(This article belongs to the Proceedings of First Summer School on Artificial Intelligence in Cybersecurity)

4 pages, 323 KB

Open AccessProceeding Paper

Artificial Intelligence for Intrusion Detection Through Side-Channel Techniques

by Felipe Lemus-Prieto, José-Luis González-Sánchez and Andrés Caro

Eng. Proc. 2026, 123(1), 18; https://doi.org/10.3390/engproc2026123018 - 4 Feb 2026

Viewed by 623

Abstract

The rapid expansion of Internet of Things (IoT) technologies has introduced diverse applications while simultaneously exposing devices to increasing cybersecurity risks. Sensitive data handled within IoT networks and the limited resources of connected devices make conventional intrusion detection methods often impractical. This work [...] Read more.

The rapid expansion of Internet of Things (IoT) technologies has introduced diverse applications while simultaneously exposing devices to increasing cybersecurity risks. Sensitive data handled within IoT networks and the limited resources of connected devices make conventional intrusion detection methods often impractical. This work introduces an approach for detecting cyberattacks in IoT environments through side-channel analysis based on device power consumption. A lightweight machine learning framework is employed to identify anomalous behavior without disrupting normal device operation. Experiments conducted on various setups, including custom datasets and unseen attack patterns, confirm the system’s effectiveness and real-time detection capability. The proposed solution stands out for its simplicity, reproducibility, and ease of deployment across heterogeneous IoT infrastructures with minimal computational overhead. Full article

(This article belongs to the Proceedings of First Summer School on Artificial Intelligence in Cybersecurity)

► Show Figures

Figure 1

5 pages, 209 KB

Open AccessProceeding Paper

Privacy and Security in Mobile Applications Assisted by Artificial Intelligence

by Sandra Pérez Arteaga, Ana Lucila Sandoval Orozco and Luis Javier García Villalba

Eng. Proc. 2026, 123(1), 19; https://doi.org/10.3390/engproc2026123019 - 5 Feb 2026

Viewed by 904

Abstract

The use of technology in mobile devices and the integration of Artificial Intelligence offers a wide range of benefits and personalised services that help users perform countless activities that assist them in their daily lives, such as at work, school, and when communicating [...] Read more.

The use of technology in mobile devices and the integration of Artificial Intelligence offers a wide range of benefits and personalised services that help users perform countless activities that assist them in their daily lives, such as at work, school, and when communicating with friends and loved ones. However, this technological evolution poses significant challenges and risks in terms of user privacy, as the personal data and information that may be shared or stored must be taken into account in order to preserve the physical and psychological integrity of users. Balancing innovation and privacy is essential to maximise the benefits of AI on mobile devices while protecting the rights and security of users. This requires a comprehensive approach involving multiple stakeholders working together to create a secure, user-centred digital environment and implement security measures to preserve that data security. Full article

(This article belongs to the Proceedings of First Summer School on Artificial Intelligence in Cybersecurity)

► Show Figures

Figure 1

5 pages, 397 KB

Open AccessProceeding Paper

Explainable Reputation Estimation from Web Service Reviews

by Elmira Saeedi Taleghani, Ronald Iván Maldonado Valencia, Ana Lucila Sandoval Orozco and Luis Javier García Villalba

Eng. Proc. 2026, 123(1), 20; https://doi.org/10.3390/engproc2026123020 - 5 Feb 2026

Viewed by 499

Abstract

Star ratings alone are noisy, manipulable, and ignore aspect-level sentiment. We present Scrape2Repute, a compact and reproducible pipeline that ingests Yelp reviews under policy constraints; cleans and normalises text/metadata; learns a calibrated text sentiment per review; fuses stars and text via a tunable [...] Read more.

Star ratings alone are noisy, manipulable, and ignore aspect-level sentiment. We present Scrape2Repute, a compact and reproducible pipeline that ingests Yelp reviews under policy constraints; cleans and normalises text/metadata; learns a calibrated text sentiment per review; fuses stars and text via a tunable hybrid label; downweights suspicious reviews with unsupervised anomaly scoring; and aggregates evidence into a time-decayed business reputation with uncertainty bounds. The system is explainable (top-k rationales, aspect summaries), runs on commodity hardware, and ships with CLI/GUI. On the Yelp Open Dataset, we show strong predictive validity for forecasting future ratings and stable behaviour under sensitivity sweeps. We release implementation and an ethics checklist for compliant use. Full article

(This article belongs to the Proceedings of First Summer School on Artificial Intelligence in Cybersecurity)

► Show Figures

Figure 1

5 pages, 206 KB

Open AccessProceeding Paper

Transparent Trust Assessment in 6G Using Blockchain

by Ronald Iván Maldonado Valencia, Elmira Saeedi Taleghani, Jesús Angel Alonso Lopez, Ana Lucila Sandoval Orozco and Luis Javier García Villalba

Eng. Proc. 2026, 123(1), 21; https://doi.org/10.3390/engproc2026123021 - 4 Feb 2026

Viewed by 355

Abstract

Trust assurance will be a cornerstone of the security and autonomy of sixth-generation (6G) networks. Traditional trust models focus on data authenticity and integrity; however, 6G systems increasingly rely on autonomous decision-making. This article presents blockchain as a dual function in 6G: first, [...] Read more.

Trust assurance will be a cornerstone of the security and autonomy of sixth-generation (6G) networks. Traditional trust models focus on data authenticity and integrity; however, 6G systems increasingly rely on autonomous decision-making. This article presents blockchain as a dual function in 6G: first, as a decentralized and immutable ledger, and second, as a trustor, an entity that guarantees the transparency, traceability, and immutability of the trust assessment process itself. A conceptual framework is proposed in which blockchain houses both trust metrics and the logic that governs their assessment using smart contracts. Full article

(This article belongs to the Proceedings of First Summer School on Artificial Intelligence in Cybersecurity)

► Show Figures

Figure 1

4 pages, 303 KB

Open AccessProceeding Paper

Leveraging MFCC and Mel-Spectrogram Representations for Deep Learning-Based Speech Recognition

by Jose Antonio Lopez-Olvera, Hector Manuel Perez-Meana, Elizabeth Garcia-Rios and Enrique Escamilla-Hernandez

Eng. Proc. 2026, 123(1), 22; https://doi.org/10.3390/engproc2026123022 - 5 Feb 2026

Viewed by 835

Abstract

This work propose an audio feature pipeline to support machine learning tasks through the extraction of the Mel Frequency Cepstral Coefficients and Mel-spectrogram which is then used as the input of an Convolutional Neural Network which is trained to make the classification tasks. [...] Read more.

This work propose an audio feature pipeline to support machine learning tasks through the extraction of the Mel Frequency Cepstral Coefficients and Mel-spectrogram which is then used as the input of an Convolutional Neural Network which is trained to make the classification tasks. This approach enables de creation of a rich-feature dataset and an end-to-end pipeline that reduces the gap between the audio and Machine Learning ready models with application in sound classification, speech recognition and spatial audio analysis. Full article

(This article belongs to the Proceedings of First Summer School on Artificial Intelligence in Cybersecurity)

► Show Figures

Figure 1

5 pages, 178 KB

Open AccessProceeding Paper

Adversarial Attacks on Machine Learning Models for Network Traffic Filtering

by Luis Alberto Martínez Hernández, Sandra Pérez Arteaga, Ana Lucila Sandoval Orozco and Luis Javier García Villalba

Eng. Proc. 2026, 123(1), 23; https://doi.org/10.3390/engproc2026123023 - 5 Feb 2026

Viewed by 1364

Abstract

Due to people’s increasing access to computers, IT security has become extremely important in today’s society. This increase in connectivity has also led cybercriminals to take advantage of the anonymity and privacy offered by the Internet to carry out illegal activities. One of [...] Read more.

Due to people’s increasing access to computers, IT security has become extremely important in today’s society. This increase in connectivity has also led cybercriminals to take advantage of the anonymity and privacy offered by the Internet to carry out illegal activities. One of the most innovative solutions for protecting systems and networks is the use of artificial intelligence. However, these same technologies can become attractive targets for attackers seeking to compromise an organisation’s security. This paper analyses attacks targeting machine learning algorithms used in the classification of messaging application traffic, using Generative Adversarial Networks. Three algorithms were specifically evaluated and the results obtained were compared. The analyses show that all algorithms have a certain degree of vulnerability to malicious manipulation, highlighting the need to strengthen their defence mechanisms. Full article

(This article belongs to the Proceedings of First Summer School on Artificial Intelligence in Cybersecurity)

7 pages, 620 KB

Open AccessProceeding Paper

Bridging Forecasts and Mitigation Through Retrieval-Augmented Time-Series Models for Cybersecurity Incidents

by Aldo Hernandez-Suarez, Gabriel Sanchez-Perez, Linda Karina Toscano-Medina, Hector Perez-Meana, Jose Portillo-Portillo, Jesus Olivares Mercado and Enrique Escamilla-Hernandez

Eng. Proc. 2026, 123(1), 24; https://doi.org/10.3390/engproc2026123024 - 5 Feb 2026

Viewed by 332

Abstract

In Cyber Threat Intelligence, anticipating threat events and linking forecasts to standards-based mitigations is essential, yet many approaches rely on non-unified event representations within the analysis window, introducing bias and weakening tactical signal. In this manuscript, an end-to-end workflow is introduced that canonicalizes [...] Read more.

In Cyber Threat Intelligence, anticipating threat events and linking forecasts to standards-based mitigations is essential, yet many approaches rely on non-unified event representations within the analysis window, introducing bias and weakening tactical signal. In this manuscript, an end-to-end workflow is introduced that canonicalizes seven public threat feeds, constructs exogenous covariates, applies Elastic Net under Walk-Forward Cross-Validation (WFCV), and models continuous and intermittent series with SARIMAX and ADIDA estimators. Forecasts are consolidated into a fourteen-dimensional risk vector aligned with the MITRE ATT&CK framework taxonomy and translated into mitigations through a Retrieval-Augmented Generation (RAG) module that also consults the CISA Known Exploited Vulnerabilities catalogue. At a seven-day forecast horizon

h = 7

with weekly seasonality

m = 7

, forecasting attains MAPE 12.0%, RMSE 6.8, and MAE 4.9. Mitigation retrieval, evaluated on 73 tactic-specific contextual queries from the test set, achieves 84.5% Exact Match and 91.3% Coverage. Full article

(This article belongs to the Proceedings of First Summer School on Artificial Intelligence in Cybersecurity)

► Show Figures

Figure 1

5 pages, 398 KB

Open AccessProceeding Paper

A Lightweight Deep Learning Framework for Robust Video Watermarking in Adversarial Environments

by Antonio Cedillo-Hernandez, Lydia Velazquez-Garcia and Manuel Cedillo-Hernandez

Eng. Proc. 2026, 123(1), 25; https://doi.org/10.3390/engproc2026123025 - 5 Feb 2026

Viewed by 603

Abstract

The widespread distribution of digital videos in social networks, streaming services, and surveillance systems has increased the risk of manipulation, unauthorized redistribution, and adversarial tampering. This paper presents a lightweight deep learning framework for robust and imperceptible video watermarking designed specifically for cybersecurity [...] Read more.

The widespread distribution of digital videos in social networks, streaming services, and surveillance systems has increased the risk of manipulation, unauthorized redistribution, and adversarial tampering. This paper presents a lightweight deep learning framework for robust and imperceptible video watermarking designed specifically for cybersecurity environments. Unlike heavy architectures that rely on multi-scale feature extractors or complex adversarial networks, our model introduces a compact encoder–decoder pipeline optimized for real-time watermark embedding and recovery under adversarial attacks. The proposed system leverages spatial attention and temporal redundancy to ensure robustness against distortions such as compression, additive noise, and adversarial perturbations generated via Fast Gradient Sign Method (FGSM) or recompression attacks from generative models. Experimental simulations using a reduced Kinetics-600 subset demonstrate promising results, achieving an average PSNR of 38.9 dB, SSIM of 0.967, and Bit Error Rate (BER) below 3% even under FGSM attacks. These results suggest that the proposed lightweight framework achieves a favorable trade-off between resilience, imperceptibility, and computational efficiency, making it suitable for deployment in video forensics, authentication, and secure content distribution systems. Full article

(This article belongs to the Proceedings of First Summer School on Artificial Intelligence in Cybersecurity)

► Show Figures

Figure 1

5 pages, 4387 KB

Open AccessProceeding Paper

MAS-Hunt: A Resilient AI Multi-Agent System for Threat Hunting

by Paulo Matheus Nicolau Silva, Daniel Alves da Silva, Robson de Oliveira Albuquerque, Georges Daniel Amvame Nze and Fábio Lúcio Lopes de Mendonça

Eng. Proc. 2026, 123(1), 26; https://doi.org/10.3390/engproc2026123026 - 5 Feb 2026

Viewed by 1195

Abstract

Modern cyber threats exhibit sophisticated, evasive behaviors that overwhelm traditional security systems, leading to prolonged periods of attackers remaining undetected. AI-driven autonomous agents promise a proactive solution but are themselves vulnerable to adversarial manipulation, including memory poisoning and behavioral exploitation. This paper introduces [...] Read more.

Modern cyber threats exhibit sophisticated, evasive behaviors that overwhelm traditional security systems, leading to prolonged periods of attackers remaining undetected. AI-driven autonomous agents promise a proactive solution but are themselves vulnerable to adversarial manipulation, including memory poisoning and behavioral exploitation. This paper introduces MAS-Hunt—a novel multi-agent system architecture for proactive threat hunting that operates directly on live telemetry within the Elastic Stack. MAS-Hunt employs a collaborative team of specialized AI agents to automate the threat hunting lifecycle while incorporating a security-first design with built-in defenses for memory integrity, cross-agent validation, and behavioral anomaly detection. Full article

(This article belongs to the Proceedings of First Summer School on Artificial Intelligence in Cybersecurity)

► Show Figures

Figure 1

5 pages, 336 KB

Open AccessProceeding Paper

Towards Reliable 6G: Intelligent Trust Assessment with Hybrid Learning

by Elmira Saeedi Taleghani, Ronald Iván Maldonado Valencia, Ana Lucila Sandoval Orozco and Luis Javier García Villalba

Eng. Proc. 2026, 123(1), 27; https://doi.org/10.3390/engproc2026123027 - 6 Feb 2026

Viewed by 360

Abstract

Sixth-generation (6G) networks will operate with pervasive autonomy and minimal centralised control, imposing stringent requirements on security and trust. This short communication presents a hybrid trust evaluation approach that combines fuzzy inference for uncertainty management, bidirectional long short-term memory (BiLSTM) networks for temporal [...] Read more.

Sixth-generation (6G) networks will operate with pervasive autonomy and minimal centralised control, imposing stringent requirements on security and trust. This short communication presents a hybrid trust evaluation approach that combines fuzzy inference for uncertainty management, bidirectional long short-term memory (BiLSTM) networks for temporal prediction, and blockchain for immutable verification. The pipeline first maps multi-source interaction and context metrics into linguistic trust values via fuzzy rules, then leverages BiLSTM to anticipate trust fluctuations under dynamic conditions, and finally anchors trust updates on a permissioned blockchain to ensure integrity and traceability. Using CIC-IoT2023, the proposed approach attains high accuracy and F1-score while reducing Execution Time (ET) and energy demands relative to a recent spatial-temporal trust model for 6G IoT. Results indicate that jointly addressing uncertainty, temporal evolution, and ledger-backed validation yields stable trust trajectories suitable for resource-constrained devices. The study outlines a practical path toward explainable, adaptive, and tamper-resistant trust management for 6G ecosystems. Full article

(This article belongs to the Proceedings of First Summer School on Artificial Intelligence in Cybersecurity)

► Show Figures

Figure 1

5 pages, 928 KB

Open AccessProceeding Paper

TransLowNet: An Online Framework for Video Anomaly Detection, Classification, and Localization

by Jonathan Flores-Monroy, Gibran Benitez-Garcia, Mariko Nakano-Miyatake, Hector Perez-Meana and Hiroki Takahashi

Eng. Proc. 2026, 123(1), 28; https://doi.org/10.3390/engproc2026123028 - 9 Feb 2026

Viewed by 444

Abstract

This work presents TransLowNet, an online framework for video anomaly detection, classification, and spatial localization. The system segments incoming video streams into clips processed by an X3D-S feature extractor to obtain spatio-temporal representations, which are analyzed by dedicated modules for anomaly detection and [...] Read more.

This work presents TransLowNet, an online framework for video anomaly detection, classification, and spatial localization. The system segments incoming video streams into clips processed by an X3D-S feature extractor to obtain spatio-temporal representations, which are analyzed by dedicated modules for anomaly detection and recognition, while a MoG2-based stage estimates the spatial regions of anomalous activity. Evaluated on the UCF-Crime dataset, TransLowNet achieved 80.0% AUC, 54.5% accuracy, and 20.3% mAP@0.5, offering an efficient and interpretable approach for continuous video surveillance. Full article

(This article belongs to the Proceedings of First Summer School on Artificial Intelligence in Cybersecurity)

► Show Figures

Figure 1

4 pages, 159 KB

Open AccessProceeding Paper

DNP3 Protocol Taxonomy

by Jacinto Pérez García, Ana Lucila Sandoval Orozco and Luis Javier García Villalba

Eng. Proc. 2026, 123(1), 29; https://doi.org/10.3390/engproc2026123029 - 9 Feb 2026

Viewed by 441

Abstract

SCADA and remote monitoring systems employ a communications protocol called DNP3. The Distributed Network Protocol is a popular open-standard protocol. As a result, any manufacturer can create DNP3 equipment that works with other DNP3 devices. Since its launch in 1993, the Distributed Network [...] Read more.

SCADA and remote monitoring systems employ a communications protocol called DNP3. The Distributed Network Protocol is a popular open-standard protocol. As a result, any manufacturer can create DNP3 equipment that works with other DNP3 devices. Since its launch in 1993, the Distributed Network Protocol—also referred to as DNP3—has gained widespread popularity. This protocol was created to communicate the condition of essential infrastructure, enabling dependable remote control, making it an instantly deployable solution for monitoring distant locations. The groundbreaking work on the protocol is typically attributed to GE-Harris Canada (previously Westronic, Inc.). However, a wide range of firms are presently using this protocol in a number of industrial applications, including power utilities. Three tiers of the OSI seven-layer functions model make up DNP3. The application layer, data link layer, and transport layer are these layers. Additionally, DNP3 can be sent via a TCP/IP network or a serial bus link. Full article

(This article belongs to the Proceedings of First Summer School on Artificial Intelligence in Cybersecurity)

6 pages, 194 KB

Open AccessProceeding Paper

Audio-Based Drone Detection System Using FFT and Machine Learning Models

by Leonardo Vicente Jimenez, Gabriel Sánchez Pérez, José Portillo-Portillo, Linda Karina Toscano Medina, Aldo Hernández Suárez, Jesús Olivares Mercado and Héctor Manuel Pérez Meana

Eng. Proc. 2026, 123(1), 30; https://doi.org/10.3390/engproc2026123030 - 10 Feb 2026

Viewed by 927

Abstract

In recent years, the use of drones, also known as unmanned aerial vehicles (UAVs), has experienced a rapid increase due to their wide availability, compact size, low cost, and ease of operation. These devices have found applications in various areas, facilitating human work [...] Read more.

In recent years, the use of drones, also known as unmanned aerial vehicles (UAVs), has experienced a rapid increase due to their wide availability, compact size, low cost, and ease of operation. These devices have found applications in various areas, facilitating human work by covering large distances and operating in inaccessible or dangerous zones. However, their use has also been associated with malicious activities, such as property damage or threats to public security, which highlights the need to develop efficient and precise UAV detection systems. Although approaches based on neural networks have been proposed, they require large amounts of data for training and more computational resources for operation, which limits their applicability. In this study, we propose an alternative approach based on an analysis of audio features obtained through the fast Fourier transform (FFT) algorithm and classification using machine learning (ML) models. Our approach aims to detect the presence of drones using a minimal number of samples, meeting the requirements of efficiency, accuracy, robustness, low cost, and scalability necessary for a functional detection system. Full article

(This article belongs to the Proceedings of First Summer School on Artificial Intelligence in Cybersecurity)

► Show Figures

Figure 1

4 pages, 162 KB

Open AccessProceeding Paper

Ensuring the Secure Integration of Generative AI in Video Game Developments

by Pablo Natera-Muñoz, Ruth Torres-Gallego, Antonio Silva-Luengo, Pablo García-Rodríguez and Alberto Carrón-Campón

Eng. Proc. 2026, 123(1), 31; https://doi.org/10.3390/engproc2026123031 - 11 Feb 2026

Viewed by 578

Abstract

The use of generative artificial intelligence (AI) is rapidly transforming video game development, enabling the creation of dynamic dialogues, procedural environments, and customized in-game experiences. However, this paradigm shift also introduces significant cybersecurity challenges. This paper explores the integration of generative AI in [...] Read more.

The use of generative artificial intelligence (AI) is rapidly transforming video game development, enabling the creation of dynamic dialogues, procedural environments, and customized in-game experiences. However, this paradigm shift also introduces significant cybersecurity challenges. This paper explores the integration of generative AI in game design and the associated risks, including prompt injection, generation of harmful content, and potential data leakage. We propose a secure generative framework for video games that incorporates input sanitization, content moderation, and sandboxed model execution to mitigate these threats. Our methodology aims to balance creativity and security, enabling safe deployment of generative systems in modern game environments. Full article

(This article belongs to the Proceedings of First Summer School on Artificial Intelligence in Cybersecurity)

5 pages, 331 KB

Open AccessProceeding Paper

A Survey on Deep-Learning-Based Techniques for Detecting AI-Generated Synthetic Images

by Staycy Guevara, Ana Lucila Sandoval Orozco and Luis Javier García Villalba

Eng. Proc. 2026, 123(1), 32; https://doi.org/10.3390/engproc2026123032 - 11 Feb 2026

Viewed by 2532

Abstract

Detecting synthetic images has become increasingly challenging due to the high realism achieved by current generation models. Generative adversarial networks (GANs) and diffusion models can produce images that mimic human features and textures with remarkable accuracy, raising concerns about the spread of sensitive [...] Read more.

Detecting synthetic images has become increasingly challenging due to the high realism achieved by current generation models. Generative adversarial networks (GANs) and diffusion models can produce images that mimic human features and textures with remarkable accuracy, raising concerns about the spread of sensitive content, such as AI-generated child sexual abuse material (CSAM). To address this issue, deep-learning-based detection techniques can accurately distinguish AI-generated images from real ones, offering robust generalization capabilities. This review provides an in-depth examination of AI-generated synthetic image detection techniques, highlighting strengths, limitations, and emerging trends, with a focus on applications in detecting manipulated content and identifying areas for future research and development. Full article

(This article belongs to the Proceedings of First Summer School on Artificial Intelligence in Cybersecurity)

► Show Figures

Figure 1

5 pages, 214 KB

Open AccessProceeding Paper

Methodology for Rapid Security Testing of IP Cameras

by Lidia Prudente-Tixteco, Gabriel Sanchez-Perez, Jesus Olivares-Mercado and Aldo Hernandez-Suarez

Eng. Proc. 2026, 123(1), 33; https://doi.org/10.3390/engproc2026123033 - 11 Feb 2026

Viewed by 906

Abstract

There are many types of IP surveillance cameras that connect to organizational or home data networks. However, these devices have vulnerabilities from their technological nature, and people often ignore procedures to protect their networks and devices, which generates security risks for networks, users, [...] Read more.

There are many types of IP surveillance cameras that connect to organizational or home data networks. However, these devices have vulnerabilities from their technological nature, and people often ignore procedures to protect their networks and devices, which generates security risks for networks, users, and information where they are connected. IP camera vulnerabilities can be exploited by threats and unauthorized persons to cause damage to an infrastructure. Security tests require specific knowledge, equipment, and specialized tools. Furthermore, their execution includes different steps and devices that require time for execution and processing. A methodology for rapid security testing of IP cameras could help identify vulnerabilities and security gaps to select cybersecurity controls to mitigate the risk of their use. This article presents a proof of concept for a methodology for rapid security tests on IP cameras based on NIST SP 800-115, to guide analysts in security tests to obtain results that allow them to take actions to mitigate risks. Full article

(This article belongs to the Proceedings of First Summer School on Artificial Intelligence in Cybersecurity)

► Show Figures

Figure 1

5 pages, 895 KB

Open AccessProceeding Paper

Auditable Security Assessment of Proprietary and Open-Source Wi-Fi Router Firmware: A Reproducible Approach for Academic Infrastructures

by Leonardo de Paiva Souza, Robson de Oliveira Albuquerque, Luis Javier García Villalba, Fábio Lúcio Lopes Mendonça and Georges Daniel Amvame Nze

Eng. Proc. 2026, 123(1), 34; https://doi.org/10.3390/engproc2026123034 - 12 Feb 2026

Viewed by 697

Abstract

Wi-Fi router security is a real concern for universities and research centers that rely on strong, dependable networks for everything they do. In this study, we took a close look at four popular Wi-Fi router firmwares using open-source tools such as Binwalk, CVE-Bin-Tool, [...] Read more.

Wi-Fi router security is a real concern for universities and research centers that rely on strong, dependable networks for everything they do. In this study, we took a close look at four popular Wi-Fi router firmwares using open-source tools such as Binwalk, CVE-Bin-Tool, and Semgrep. We carefully examined the file systems, cross-referenced them with the National Vulnerability Database (NVD), and searched for outdated software like BusyBox and OpenSSL. What we found was clear: proprietary firmwares had more Critical and High vulnerabilities, while OpenWrt stood out for being more secure, easier to update, and openly maintained by its community. Our reproducible process automates how we gather evidence and map vulnerabilities, making firmware auditing more practical and trustworthy. These results make a strong case for using open-source firmware as a safer, more manageable choice for institutional networks. Full article

(This article belongs to the Proceedings of First Summer School on Artificial Intelligence in Cybersecurity)

► Show Figures

Figure 1

6 pages, 699 KB

Open AccessProceeding Paper

Towards Electoral Digitization: Automatic Classification of Handwritten Numbers in PREP System Records

by Miguel Angel Camargo Rojas, Gabriel Sánchez Pérez, José Portillo-Portillo, Linda Karina Toscano Medina, Aldo Hernández Suárez, Jesús Olivares Mercado, Héctor Manuel Pérez Meana and Luis Javier García Villalba

Eng. Proc. 2026, 123(1), 35; https://doi.org/10.3390/engproc2026123035 - 12 Feb 2026

Viewed by 417

Abstract

The digitization of electoral processes requires robust systems for processing handwritten numerical data from voting documents. This paper presents a convolutional neural network study for handwritten digit recognition in Mexico’s PREP (Programa de Resultados Electorales Preliminares) system. Rather than individual digit classification, we [...] Read more.

The digitization of electoral processes requires robust systems for processing handwritten numerical data from voting documents. This paper presents a convolutional neural network study for handwritten digit recognition in Mexico’s PREP (Programa de Resultados Electorales Preliminares) system. Rather than individual digit classification, we approach the problem as direct 1000-class classification, treating each three-digit combination as a single class to maximize accuracy and simplify inference. We evaluated eight CNN architectures including ResNet variants, MobileNetV3, ShuffleNetV2, and EfficientNet, with ResNet-18 emerging as optimal for balancing accuracy and computational efficiency under CPU-only deployment. To address dataset challenges including class imbalance and image artifacts, we developed a customized RandAugment strategy applying photometric and limited geometric transformations that preserve semantic integrity. Our methodology demonstrates feasibility of deploying robust digit recognition systems in resource-constrained electoral environments while maintaining high accuracy. The research provides a practical framework for automated electoral data processing adaptable to similar systems across Latin America. Full article

(This article belongs to the Proceedings of First Summer School on Artificial Intelligence in Cybersecurity)

► Show Figures

Figure 1

6 pages, 380 KB

Open AccessProceeding Paper

Bridging the Data Gap in ML-Based NIDS: An Automated Honeynet Platform for Generating Real-World Malware Traffic Datasets

by Gabriel Ulloa Cano, Gabriel Sánchez Pérez, José Portillo-Portillo, Linda Karina Toscano Medina, Aldo Hernández Suárez, Jesús Olivares Mercado, Héctor Manuel Pérez Meana, Luis Javier García Villalba and Pablo Velarde Alvarado

Eng. Proc. 2026, 123(1), 36; https://doi.org/10.3390/engproc2026123036 - 13 Feb 2026

Viewed by 470

Abstract

The effectiveness of Machine Learning (ML)-based Network Intrusion Detection Systems (NIDS) is critically hampered by the scarcity of realistic and up-to-date malware traffic datasets. To address this gap, we present an automated platform for generating real-world malware traffic datasets. Our solution leverages a [...] Read more.

The effectiveness of Machine Learning (ML)-based Network Intrusion Detection Systems (NIDS) is critically hampered by the scarcity of realistic and up-to-date malware traffic datasets. To address this gap, we present an automated platform for generating real-world malware traffic datasets. Our solution leverages a production-environment honeynet (T-Pot), deployed within a university network and segmented via a secure WireGuard VPN, to capture live attacks using high-interaction honeypots (Dionaea, Cowrie, ADBhoney). A fully automated pipeline handles traffic capture, transfer, filtering based on honeypot logs, and malware analysis (VirusTotal, VxAPI). The output is the IPN-UAN-23 dataset—a curated, labeled corpus of malicious network traffic. This platform functions as a vital automated security tool, providing the continuous stream of actionable intelligence required to develop and refine robust ML-based NIDS within a DevSecOps lifecycle. Full article

(This article belongs to the Proceedings of First Summer School on Artificial Intelligence in Cybersecurity)

► Show Figures

Figure 1

5 pages, 462 KB

Open AccessProceeding Paper

Design and Implementation of a UART Module on FPGA Using RTL for Cryptographic Encryption and Decryption Techniques

by Christian-Antonio Colin-Cejudo, Gonzalo-Issac Duchén-Sánchez and Gabriel Sánchez-Pérez

Eng. Proc. 2026, 123(1), 37; https://doi.org/10.3390/engproc2026123037 - 10 Feb 2026

Viewed by 495

Abstract

The increasing demand for robust and efficient information security has led to the growing adoption of specialized hardware for cryptographic operations. In response to the rise in cyber threats and the need to process large volumes of data in real time, hardware-based cryptographic [...] Read more.

The increasing demand for robust and efficient information security has led to the growing adoption of specialized hardware for cryptographic operations. In response to the rise in cyber threats and the need to process large volumes of data in real time, hardware-based cryptographic solutions offer significant advantages in terms of performance, resistance to attacks, and secure storage of cryptographic keys. This paper presents the implementation of a secure communication system using the UART (Universal Asynchronous Receiver-Transmitter) protocol as the foundation for a Register Transfer Level (RTL) design on an FPGA platform. The base protocol was modified to introduce an additional hardware-level security layer. Furthermore, cryptographic techniques—specifically encryption and decryption—were integrated into the design to enhance data protection and integrity during transmission. The results demonstrate the feasibility of embedding cryptographic mechanisms directly into communication hardware, providing a scalable and efficient solution for secure embedded systems. Full article

(This article belongs to the Proceedings of First Summer School on Artificial Intelligence in Cybersecurity)

► Show Figures

Figure 1

5 pages, 294 KB

Open AccessProceeding Paper

How User Training Can Be Used to Strengthen the “Weakest Link” in the Chain of Protection Against Cybercrime

by José Agustín Portas Yáñez, Ana Lucila Sandoval Orozco and Luis Javier García Villalba

Eng. Proc. 2026, 123(1), 38; https://doi.org/10.3390/engproc2026123038 - 9 Feb 2026

Viewed by 313

Abstract

According to the most recent reports from the Ministry of Interior, a large percentage of computer crimes committed in Spain correspond to fraud. By analysing the components that are involved in such crimes, we find that a primary component is participation, whether that [...] Read more.

According to the most recent reports from the Ministry of Interior, a large percentage of computer crimes committed in Spain correspond to fraud. By analysing the components that are involved in such crimes, we find that a primary component is participation, whether that be in a voluntary or involuntary and unnoticed way, as it is with some of the victims. We then analyse a proposal to incorporate instructional components within the academic frameworks of several degrees in computer science, with the aim that the new professionals in such areas can become educators for and leaders of the prevention against cybercrimes and thus increase protection for both individuals and institutions against attempts of deception and other computer crimes. Full article

(This article belongs to the Proceedings of First Summer School on Artificial Intelligence in Cybersecurity)

► Show Figures

Figure 1

6 pages, 215 KB

Open AccessProceeding Paper

Measuring Risk in Cybersecurity via Likelihood

by Pablo Corona-Fraga, Vanessa Díaz-Rodriguez and Jesús M. Niebla-Zatarain

Eng. Proc. 2026, 123(1), 39; https://doi.org/10.3390/engproc2026123039 - 4 Mar 2026

Viewed by 545

Abstract

Cybersecurity risk is commonly expressed as impact × probability, yet probability is rarely defensible because incidents are underreported, data are heterogeneous, and adversary behavior changes quickly. We present a preliminary, data-driven framework to estimate cyber likelihood without relying on naive event frequencies. The [...] Read more.

Cybersecurity risk is commonly expressed as impact × probability, yet probability is rarely defensible because incidents are underreported, data are heterogeneous, and adversary behavior changes quickly. We present a preliminary, data-driven framework to estimate cyber likelihood without relying on naive event frequencies. The approach fuses incident narratives, threat intelligence, vulnerabilities, and control mappings into an organization-specific cyber-exposure profile represented as a typed knowledge graph and a normalized metric vector. Four measurable variables—Exposure, Traceability, Motivation, and System Update—are computed from standardized sensors spanning attack surface, observability, asset value, and patch velocity, then combined into a refreshable likelihood score for monitoring and control prioritization and to support transparent, repeatable risk governance. Unsupervised NLP (TF–IDF, latent semantic representations, and spherical clustering) supports construct discovery and profile population. Full article

(This article belongs to the Proceedings of First Summer School on Artificial Intelligence in Cybersecurity)

8 pages, 562 KB

Open AccessProceeding Paper

Automated Vulnerability Repair Using Prototype-Based Deep Metric Learning with Normative Compliance Constraints

by Aldo Hernandez-Suarez, Gabriel Sanchez-Perez, Linda Karina Toscano-Medina, Hector Perez-Meana, Jesús Olivares Mercado, Andrew Wilson and Marco Perez-Cisneros

Eng. Proc. 2026, 123(1), 40; https://doi.org/10.3390/engproc2026123040 - 16 Mar 2026

Viewed by 484

Abstract

Automated Program Repair (APR) is increasingly used for vulnerability patching, yet many existing methods focus primarily on syntactic similarity between vulnerable and fixed code, with limited guarantees of semantic correctness and limited alignment with security frameworks. This work presents a prototype-based deep metric [...] Read more.

Automated Program Repair (APR) is increasingly used for vulnerability patching, yet many existing methods focus primarily on syntactic similarity between vulnerable and fixed code, with limited guarantees of semantic correctness and limited alignment with security frameworks. This work presents a prototype-based deep metric learning method for vulnerability repair that integrates normative constraints from OWASP and NIST SSDF. The method combines embeddings of vulnerable code and CWE descriptions, refines category prototypes to improve separation among CWE types, and validates repairs against statement-level control requirements derived from the normative mapping. Experiments on 959 vulnerable–fixed pairs across Python, Java, C, and C++ covering 15 CWE categories achieved a Match Ratio of 88.95%, 0.81 compliance, and 0.84 consistency. Full article

(This article belongs to the Proceedings of First Summer School on Artificial Intelligence in Cybersecurity)

► Show Figures

Figure 1

4 pages, 607 KB

Open AccessProceeding Paper

Biometrics and Cybersecurity: Beyond Passwords for Digital Protection

by José Portillo-Portillo, Aldo Hernández Suárez, Gabriel Sánchez Pérez, Linda Karina Toscano Medina and Jesús Olivares Mercado

Eng. Proc. 2026, 123(1), 41; https://doi.org/10.3390/engproc2026123041 - 20 Mar 2026

Viewed by 575

Abstract

During the early years of interaction between humans and computer systems, user authentication and identification was carried out with the support of knowledge-based factors (something the user knows: passwords, PINs, etc.) and tokens (something the user possesses: credentials, RFID cards, etc.) or a [...] Read more.

During the early years of interaction between humans and computer systems, user authentication and identification was carried out with the support of knowledge-based factors (something the user knows: passwords, PINs, etc.) and tokens (something the user possesses: credentials, RFID cards, etc.) or a combination of both. In other words, the user presents a token and a password to the system in order to gain access. These solutions pose major challenges: Knowledge-based systems, which rely on secrets like passwords, are vulnerable to those secrets being guessed, shared, or forgotten. On the other hand, tokens are also vulnerable; some, despite implementing encryption, attract cyber attackers who can forge them, and users can share or lose them. In the search for more robust methods, the use of biometrics has been considered. Full article

(This article belongs to the Proceedings of First Summer School on Artificial Intelligence in Cybersecurity)

► Show Figures

Figure 1

Journal Menu

Journal Browser

Eng. Proc., 2026, CYBER-AI 2025

First Summer School on Artificial Intelligence in Cybersecurity

Editorial

Other

Further Information

Guidelines

MDPI Initiatives

Follow MDPI