Search Results (192)

The rapid rise of AI-driven cybercrime and deepfake fraud poses complex organisational challenges for US law enforcement, particularly the Federal Bureau of Investigation (FBI). Applying Maguire’s (2003) police organisation theory, this qualitative single-case study analyses the FBI’s structure, culture, technological integration, and inter-agency collaboration. Findings underscore the organisational strengths of the FBI, including a specialised Cyber Division, advanced detection tools, and partnerships with agencies such as the Cybersecurity and Infrastructure Security Agency (CISA). However, constraints, such as resource limitations, detection inaccuracies, inter-agency rivalries, and ethical concerns, including privacy risks associated with AI surveillance, hinder operational effectiveness. Fragmented global legal frameworks, diverse national capacities, and inconsistent detection of advanced deepfakes further complicate responses to this issue. This study proposes the establishment of agile task forces, public–private partnerships, international cooperation protocols, and ethical AI frameworks to counter evolving threats, offering scalable policy and technological solutions for global law enforcement. Full article

In such a dynamic and increasingly digitalized financial sector, many sophisticated fraudulent and cybercrime activities continue to challenge conventional detection systems. This research study explores a decentralized anomaly detection framework using deep autoencoders, designed to meet the dual imperatives of fraud detection effectiveness and user data privacy. Instead of relying on centralized aggregation or data sharing, the proposed model simulates distributed training across multiple financial nodes, with each institution processing data locally and independently. The framework is evaluated using two real-world datasets, the Credit Card Fraud dataset and the NeurIPS 2022 Bank Account Fraud dataset. The research methodology applied robust preprocessing, the implementation of a compact autoencoder architecture, and a threshold-based anomaly detection strategy. Evaluation metrics, such as confusion matrices, receiver operating characteristic (ROC) curves, precision–recall (PR) curves, and reconstruction error distributions, are used to assess the model’s performance. Also, a threshold sensitivity analysis has been applied to explore detection trade-offs at varying levels of strictness. Although the model’s recall remains modest due to class imbalance, it demonstrates strong precision at higher thresholds, which demonstrates its utility in minimizing false positives. Overall, this research study is a practical and privacy-conscious approach to fraud detection that aligns with the operational realities of financial institutions and regulatory compliance toward scalability, privacy preservation, and interpretable fraud detection solutions suitable for real-world financial environments. Full article

This study attempts to provide a comprehensive explanation for cybercrimes, with emphasis on cyberbullying, by applying situational action theory (SAT). Various hypotheses regarding the motivational and moral dimensions of cyberbullying are presented. Specifically, the interaction effects between motivational and moral factors, such as individual morality and environmental factors of differential association with cyberbullying peers, are examined. Moreover, the roles of self-control and deterrence are investigated as internal and external control factors in situations where conflicts arise between an individual’s morality and the moral rules of their environment. The findings of this study support the assertions of SAT and demonstrate significant interaction effects between cyberbullying victimization and moral factors. Furthermore, consistent with SAT’s discussion on conflicts in the moral dimension, this study reveals that self-control functions as a control factor in situations where individuals possess high morality but are confronted with high levels of differential association with cyberbullying peers; however, the argument that deterrence operates in situations of low differential association with cyberbullying peers and low individual morality is not supported. Despite the partial verification of SAT, this theory is generally endorsed and offers utility in explaining cyberbullying. Full article

The style change detection (SCD) task asks to find the positions of authors’ style changes within multi-authored texts. It has several application areas, such as forensics, cybercrime, and literary analysis. Since 2017, SCD solutions in English have been actively investigated. However, to the best of our knowledge, this task has not yet been investigated in Arabic text. Moreover, most existing SCD solutions represent boundaries surrounding segments by concatenating them. This shallow concatenation may lose style patterns within each segment and also increase input lengths while several embedding models restrict these lengths. This study seeks to bridge these gaps by introducing an Edge Convolutional Neural Network for the Arabic SCD task (ECNN-ASCD) solution. It represents boundaries as standalone learnable parameters across layers based on graph neural networks. ECNN-ASCD was trained on an Arabic dataset containing three classes of instances according to difficulty level: easy, medium, and hard. The results show that ECNN-ASCD achieved a high $F_1$ score of 0.9945%, 0.9381%, and 0.9120% on easy, medium, and hard instances, respectively. The ablation experiments demonstrated the effectiveness of ECNN-ASCD components. As the first publicly available solution for Arabic SCD, ECNN-ASCD would open the door for more active research on solving this task and contribute to boosting research in Arabic NLP. Full article

The rapid growth of internet usage in daily life has led to a significant increase in cyber threats, with malicious URLs serving as a common cybercrime. Traditional detection methods often suffer from high false alarm rates and struggle to keep pace with evolving threats due to outdated feature extraction techniques and datasets. To address these limitations, we propose a deep learning-based approach aimed at developing an effective model for detecting malicious URLs. Our proposed method, the Char2B model, leverages a fusion of BERT and CharBiGRU embedding, further enhanced by a Conv1D layer with a kernel size of three and unit-sized stride and padding. After combining the embedding, we used the BERT model as a baseline for comparison. The study involved collecting a dataset of 87,216 URLs, comprising both benign and malicious samples sourced from the open project directory (DMOZ), PhishTank, and Any.Run. Models were trained using the training set and evaluated on the test set using standard metrics, including accuracy, precision, recall, and F1-score. Through iterative refinement, we optimized the model’s performance to maximize its effectiveness. As a result, our proposed model achieved 98.50% accuracy, 98.27% precision, 98.69% recall, and a 98.48% F1-score, outperforming the baseline BERT model. Additionally, the false positive rate of our model was 0.017 better than the baseline model’s 0.018. By effectively extracting and utilizing informative features, the model accurately classified URLs into benign and malicious categories, thereby improving detection capabilities. This study highlights the significance of our deep learning approach in strengthening cybersecurity by integrating advanced algorithms that enhance detection accuracy, bolster defense mechanisms, and contribute to a safer digital environment. Full article

As cyber threats escalate in scale and sophistication, the imperative to secure public data through theoretically grounded and practically viable frameworks becomes increasingly urgent. This review investigates whether and how criminology theories have effectively informed the development and implementation of information security management frameworks (ISMFs) to prevent cybercrime and fortify the digital ecosystem’s resilience. Anchored in a comprehensive bibliometric analysis of 617 peer-reviewed records extracted from Scopus and Web of Science, the study employs Multiple Correspondence Analysis (MCA), conceptual co-word mapping, and citation coupling to systematically chart the intellectual landscape bridging criminology and cybersecurity. The review reveals those foundational criminology theories—particularly routine activity theory, rational choice theory, and deterrence theory—have been progressively adapted to cyber contexts, offering novel insights into offender behaviour, target vulnerability, and systemic guardianship. In parallel, the study critically engages with global cybersecurity standards such as National Institute of Standards and Technology (NIST) and ISO, to evaluate how criminological principles are embedded in practice. Using data from the Global Cybersecurity Index (GCI), the paper introduces an innovative visual mapping of the divergence between cybersecurity preparedness and digital development across 170+ countries, revealing strategic gaps and overperformers. This paper ultimately argues for an interdisciplinary convergence between criminology and cybersecurity governance, proposing that the integration of criminological logic into cybersecurity frameworks can enhance risk anticipation, attacker deterrence, and the overall security posture of digital public infrastructures. Full article

With the growing prevalence of cybercrime, botnets have emerged as a significant threat, infiltrating an increasing number of legitimate computers annually. Challenges arising for organizations, educational institutions, and individuals as a result of botnet attacks include distributed denial of service (DDoS) attacks, phishing attacks, and extortion attacks, generation of spam, and identity theft. The stealthy nature of botnets, characterized by constant alterations in network structures, attack methodologies, and data transmission patterns, poses a growing difficulty in their detection. This paper introduces an innovative strategy for mitigating botnet threats. Employing differential evolution, we propose a feature selection approach that enhances the ability to discern peer-to-peer (P2P) botnet traffic amidst evolving cyber threats. Differential evolution is a population-based meta-heuristic technique which can be applied to nonlinear and non-differentiable optimization problems owing to its fast convergence and use of few control parameters. Apart from that, an ensemble learning algorithm is also employed to support and enhance the detection phase, providing a robust defense against the dynamic and sophisticated nature of modern P2P botnets. The results demonstrate that our model achieves 99.99% accuracy, 99.49% precision, 98.98% recall, and 99.23% F1-score, which outperform the state-of-the-art P2P detection approaches. Full article

Blockchain technology has emerged as a transformative innovation, providing a transparent, immutable, and decentralized platform that underpins critical applications across industries such as cryptocurrencies, supply chain management, healthcare, and finance. Despite their promise of enhanced security and trust, the increasing sophistication of cyberattacks has exposed vulnerabilities within blockchain ecosystems, posing severe threats to their integrity, reliability, and adoption. This study presents a comprehensive and systematic review of blockchain vulnerabilities by categorizing and analyzing potential threats, including network-level attacks, consensus-based exploits, smart contract vulnerabilities, and user-centric risks. Furthermore, the research evaluates existing countermeasures and mitigation strategies by examining their effectiveness, scalability, and adaptability to diverse blockchain architectures and use cases. The study highlights the critical need for context-aware security solutions that address the unique requirements of various blockchain applications and proposes a framework for advancing proactive and resilient security designs. By bridging gaps in the existing literature, this research offers valuable insights for academics, industry practitioners, and policymakers, contributing to the ongoing development of robust and secure decentralized ecosystems. Full article

As more IoT devices become connected to the Internet, the attack surface for cybercrimes expands, leading to significant security concerns for these devices. Existing intrusion detection systems (IDSs) designed to address these concerns often suffer from high rates of false positives and missed threats due to the presence of redundant and irrelevant information for the IDSs. Furthermore, recent IDSs that utilize artificial intelligence are often presented as black boxes, offering no explanation of their internal operations. In this study, we develop a solution to the identified challenges by presenting a deep learning-based model that adapts to new attacks by selecting only the relevant information as inputs and providing transparent internal operations for easy understanding and adoption by cybersecurity personnel. Specifically, we employ a hybrid approach using statistical methods and a metaheuristic algorithm for feature selection to identify the most relevant features and limit the overall feature set while building an LSTM-based model for intrusion detection. To this end, we utilize two publicly available datasets, NF-BoT-IoT-v2 and IoTID20, for training and testing. The results demonstrate an accuracy of 98.42% and 89.54% for the NF-BoT-IoT-v2 and IoTID20 datasets, respectively. The performance of the proposed model is compared with that of other machine learning models and existing state-of-the-art models, demonstrating superior accuracy. To explain the proposed model’s predictions and increase trust in its outcomes, we applied two explainable artificial intelligence (XAI) tools: Local Interpretable Model-agnostic Explanations (LIME) and Shapley Additive Explanations (SHAP), providing valuable insights into the model’s behavior. Full article

This study conducts a systematic literature review following the PRISMA framework and the guidelines of Kitchenham and Charters to analyze the application of Internet of Things (IoT) technologies and deep learning models in monitoring violent actions and criminal activities in smart cities. A total of 45 studies published between 2010 and 2024 were selected, revealing that most research, primarily from India and China, focuses on cybersecurity in IoT networks (76%), while fewer studies address the surveillance of physical violence and crime-related events (17%). Advanced neural network models, such as Convolutional Neural Networks (CNNs), Long Short-Term Memory (LSTM) networks, and hybrid approaches, have demonstrated high accuracy rates, averaging over 97.44%, in detecting suspicious behaviors. These models perform well in identifying anomalies in IoT security; however, they have primarily been tested in simulation environments (91% of analyzed studies), most of which incorporate real-world data. From a legal perspective, existing proposals mainly emphasize security and privacy. This study contributes to the development of smart cities by promoting IoT-based security methodologies that enhance surveillance and crime prevention in cities in developing countries. Full article

In recent years, there has been a sharp increase in the number of online fraud cases. However, research on crime geography has paid little attention to online crimes, especially to the influencing factors behind their spatial distributions. Online fraud is closely related to people’s daily internet use. The existing literature has explored the impact of internet use on online crimes based on small samples of individual interviews. There is a lack of large-scale studies from a community perspective. This study applies the routine activity theory to online activities to test the relationship between online fraud alert data and the usage durations of different types of mobile phone users’ applications (apps) for communities in ZG City. It builds negative binomial regression models for analyzing the impact of the usage of different types of apps on the spatial distribution of online fraud. The results reveal that the online fraud crime rate and the online time spent on a financial management app share the most similar spatial distribution. While financial management, online education, transportation, and search engine app usages have a significant positive association with online fraud, the use of a financial management app has the greatest impact. Additionally, time spent on social media, online shopping and entertainment, and mobile reading apps have a significant negative association with online fraud. As not all online activities lead to cybercrime, crime prevention efforts should target specific types of apps, such as financial management, online education, transportation, and search engines. Full article

Encrypted network traffic classification remains a critical component in network security monitoring. However, existing approaches face two fundamental limitations: (1) conventional methods rely on manual feature engineering and are inadequate in handling high-dimensional features; and (2) they lack the capability to capture dynamic temporal patterns. This paper introduces TransECA-Net, a novel hybrid deep learning architecture that addresses these limitations through two key innovations. First, we integrate ECA-Net modules with CNN architecture to enable automated feature extraction and efficient dimension reduction via channel selection. Second, we incorporate a Transformer encoder to model global temporal dependencies through multi-head self-attention, supplemented by residual connections for optimal gradient flow. Extensive experiments on the ISCX VPN-nonVPN dataset demonstrate the superiority of our approach. TransECA-Net achieved an average accuracy of 98.25% in classifying 12 types of encrypted traffic, outperforming classical baseline models such as 1D-CNN, CNN + LSTM, and TFE-GNN by 6.2–14.8%. Additionally, it demonstrated a 37.44–48.84% improvement in convergence speed during the training process. Our proposed framework presents a new paradigm for encrypted traffic feature disentanglement and representation learning. This paradigm enables cybersecurity systems to achieve fine-grained service identification of encrypted traffic (e.g., 98.9% accuracy in VPN traffic detection) and real-time responsiveness (48.8% faster than conventional methods), providing technical support for combating emerging cybercrimes such as monitoring illegal transactions on darknet networks and contributing significantly to adaptive network security monitoring systems. Full article

The proliferation of Internet of Things (IoT) devices presents significant challenges for cybersecurity and digital forensics, particularly as these devices have become increasingly weaponised for malicious activities. This research focuses on the forensic analysis capabilities of Raspberry Pi devices configured with Kali Linux, comparing their forensic capabilities to conventional PC-based forensic investigations. The study identifies key gaps in existing IoT forensic methodologies, including limited tool compatibility, constrained data retention, and difficulties in live memory analysis due to architectural differences. The research employs a testbed-based approach to simulate cyberattacks on both platforms, capturing and analysing forensic artefacts such as system logs, memory dumps, and network traffic. The research findings reveal that while traditional PCs offer extensive forensic capabilities due to superior storage, tool support, and system logging, Raspberry Pi devices present significant forensic challenges, primarily due to their ARM architecture and limited forensic readiness. The study emphasises the need for specialised forensic tools tailored to IoT environments and suggests best practices to enhance forensic investigation capabilities in weaponised IoT scenarios. This research contributes to the field by bridging the gap between theoretical frameworks and real-world forensic investigations, offering insights into the evolving landscape of IoT forensics and its implications for digital evidence collection, analysis, and forensic readiness. Full article

Cybercrime prevention is critical for the effective functioning of e-government services. Despite its importance, internal cybercrime mitigation processes within these services are underrepresented in the existing literature. This study addresses this gap by conducting a systematic review and bibliometric analysis of e-government research from January 2015 to January 2025. Using the Web of Science and Scopus databases, 3790 studies were identified; after removing duplicates, bibliometric analysis was performed using R Studio (Build 467). The analysis revealed that Government Information Quarterly was the leading journal, with China, the USA, and the UK contributing the most publications. Nineteen major themes emerged, with “adoption” identified as the dominant theme, followed by “governance” and “development”. Among 88 security-related studies, 19 specifically addressed cybersecurity in e-government services. Findings indicate a predominant focus on user-centric perspectives, such as service adoption and system vulnerabilities, while internal cybersecurity issues, including managerial practices and mitigation strategies, remain largely unexplored. Limited data availability may contribute to this gap. This study highlights the need for future research to adopt an integrated approach, emphasising management-level practices for cybercrime mitigation within e-government institutions from both developing and developed nations. Full article

Technological advancements have helped all sectors to evolve. This advancement has widened the cyberspace and attack surface, which has led to a drastic increase in cyberattacks. Cybersecurity solutions have also evolved. The advancement is relatively slower in developing countries. However, the financial sector in developing countries has shown resistance to cyberattacks. This paper investigates the reasons for this resistance. Despite using legacy systems, the banking sector in Pakistan has demonstrated resistance to cyberattacks. The research used a qualitative approach. Semi-structured interviews were conducted with nine cybersecurity experts in the banking sector to illustrate the reasons for this cybersecurity resistance. The research focused on cybersecurity experts in the banking sector, recognizing that this industry is particularly prone to cyberattacks on a global scale. The study utilised a thematic analysis technique to find resistance factors. The analysis suggests that the opportunity cost of cyberattacks and lower attack surface in developing countries like Pakistan are the main reasons for the lower financial losses. The findings of this research will encourage the adoption of advanced technologies such as artificial intelligence (AI) and machine learning (ML) for cybersecurity in developing countries’ banking and financial sectors. Full article