Search Results (141)

3D city models (3DCMs) are increasingly used in urban simulations, cadastral workflows, and digital building permit processes, and automated validation of these models has become a routine requirement. Existing validation services typically produce dense, frequently generated by SHACL engines, text-based reports that are difficult for users without a semantic-web background to interpret. This paper describes the CHEK Validation Results Viewer (CHEK VRV), a Flask-based web application that couples the OGC Data Completeness Validator with an interactive Three.js 3D viewer of the CityJSON input. SHACL violations and geometric invalidities are spatially explorable on a visual representation of the model, and the tool supports both predefined CHEK Building Block Profiles and user-uploaded custom profiles. We report a formative usability study with twelve domain experts (urban planners, data vendors, academics) and use it to identify the tool’s current strengths, its limitations, and a prioritized development roadmap. As reported by the participant experts, such a presentation is easier to interpret than the raw JSON-LD report. Full article

Artificial intelligence (AI) is increasingly embedded in development systems, enabling new capabilities for poverty prediction, social protection targeting and service delivery optimisation. However, the implications of these technologies for poverty governance—the institutional mechanisms for designing and delivering poverty reduction strategies—remain fragmented in the literature. This study conducted a PRISMA 2020-guided systematic review of peer-reviewed journal articles and scholarly book chapters published between 2015 and 2025 and retrieved from Scopus, Web of Science and DOAJ. Following title/abstract screening, full-text eligibility assessment and quality appraisal, 48 studies were selected, thematically identifying cross-cutting patterns related to system performance, implementation processes, governance considerations and contextual constraints. The reviewed literature indicates that AI can improve poverty governance through multimodal data integration, enhanced targeting accuracy and automated administrative processes. However, persistent challenges include biased datasets, infrastructural limitations, regulatory gaps and ethical risks such as algorithmic bias and digital exclusion, which may reinforce structural inequalities. The review contributes an integrated evidence base and introduces a conceptual framework for understanding AI in poverty governance, highlighting that developmental gains depend on robust data governance, inclusive digital infrastructure, context-sensitive design, algorithmic transparency and institutional capacity. Future research should prioritise impact evaluation, fairness-aware AI, participatory design and scalable approaches for low-resource environments. Full article

This work presents a case study of a Large Language Model based system for automated classification of student survey responses. The system processes 22,286 open-text responses collected from 2062 students across 12 academic programs and 21 nationalities spanning the years 2010–2025. The system architecture has been deployed on institutional servers for security, while integrating databases, an asynchronous task queue for processing, a web-based service layer, and distributed background workers that interact with remote LLM inference services. This work provides a practical reference framework for educational institutions aiming to responsibly and effectively operationalize LLMs in real-world applications. Full article

REST APIs have become a dominant interface for modern web applications and cloud services, and a growing body of work has studied automated testing and reproducible error discovery for such systems. Prior approaches have explored dependency inference, cross-request value reuse, and, more recently, learning- or LLM-based test generation. However, deep stateful multi-step reproducible error discovery remains difficult in practice because sequence construction is still often performed directly in the endpoint space, reusable runtime artifacts are not always tightly coupled with sequence expansion, and online LLM-driven generation may introduce cost and instability. We present Spec2SeqFuzz, a stateful multi-step fuzzing framework for REST API systems. The central idea is to guide online exploration in a compact category space rather than directly in the full endpoint space. Spec2SeqFuzz uses LLMs only in an offline pre-processing stage to normalize public multi-step PoCs, classify OpenAPI endpoints into a transferable category taxonomy, and construct training data for next-category prediction. During online fuzzing, the framework predicts the next likely API category from the executed prefix and observed response feedback, maps the predicted categories back to concrete endpoints, and combines this guidance with black-box endpoint fuzzing, proxy-based payload collection, and snapshot-assisted state restoration. We implemented a prototype and evaluated it on GitLab and WordPress, using MINER as the primary reproduced baseline in our current study. The results show that Spec2SeqFuzz is promising for both multi-step and single-endpoint error discovery on these two targets. Following the terminology used in MINER, we report reproducible errors rather than treating every triggered failure as a confirmed security vulnerability. Across the two targets, Spec2SeqFuzz discovers more reproducible multi-step errors than MINER, while the ablation results further suggest that category guidance, payload reuse, and depth-first stateful exploration are important to the final error-discovery performance. Full article

Credit card fraud constitutes a core component of the contemporary cybercrime economy, in which dark web carding forums play a pivotal role in coordinating, commoditising, and disseminating illicit activities. While prior research has primarily focused on transaction-level fraud detection, comparatively limited attention has been devoted to the systematic analysis of the social and organisational ecosystems within which these practices are enacted. This study addresses this gap by proposing and validating a domain-specific taxonomy for the automated classification of content in P2P carding forums. To this end, we adopt an iterative, data-driven methodology that integrates large language models (LLMs), lexical co-occurrence analysis, and semantic network analysis. Using a corpus of 3260 posts, we define and operationalise a taxonomy structured around four predicates: activity context, actor role, products and services, and technical tools, supported by a locally deployed LLM (Llama 4 Scout). A human-annotated subset was additionally used to evaluate inter-annotator agreement and standard classification metrics, complementing the coverage-based assessment and enabling comparison against a keyword-based baseline. Evaluation was further strengthened through manual benchmarking, confidence intervals, sensitivity analysis of key pipeline components, and comparison with alternative open-weight models. The results indicate that the proposed taxonomy achieves broad corpus-level representational coverage, with at least one semantic dimension identified in 98.71% of posts. However, coverage is uneven across predicates: activity-context is highly explicit, whereas actor-role and product-service show only moderate coverage and technique-tool remains substantially underrepresented and ambiguous. Overall, the findings show that combining domain-specific taxonomies with LLM-assisted classification and network analysis offers a robust framework for understanding and monitoring carding ecosystems in the dark web. Full article

The China Medium- and Long-term Earthquake Hazard Assessment Database (CMLEHAD) has been established by sorting and summarizing various datasets related to the assessment of earthquake hazard areas in the Chinese mainland. It integrates five key datasets: Seismic Geology, Geodesy, Seismology, Numerical Simulation, and Fundamental Model, providing comprehensive data for long-term and medium-term earthquake hazard analysis and other relevant studies. The data supports the analysis of the fault segments with seismic gap, motion strongly locked, sparse small–moderate earthquakes, and apparent Coulomb stress increase. In system architecture, the CMLEHAD is divided into three layers: data layer, service layer and application layer. It is designed for interactive display through Web and Geographic Information System (GIS) platforms. The data acquisition and method in the database have been widely recognized and used in the corresponding field. The database is continuously updated and maintained through collaboration between provincial earthquake agencies, research institutes, and technical experts to ensure its accuracy and relevance. Currently, the database provides tailored data sharing services to multiple provincial earthquake agencies and immediate centers, granting them access permissions and specific datasets according to their needs. The future work will focus on improving the database’s functionality by incorporating advanced models and automated data services, thereby consolidating the data foundation and serving the purpose of earthquake disaster mitigation. Full article

Ransomware operations have evolved from isolated malware incidents into organized ransomware-as-a-service (RaaS) ecosystems that employ coordinated tactics, techniques, and procedures and increasingly rely on automation and artificial intelligence to scale intrusions. However, most assessments remain artifact-centric, focusing on malware signatures or aggregate victim counts, which provide limited visibility into differences in actor-level behavior and operational capability. This study introduces the AI-Amplification Indicator (AIAI), an interpretable actor-level scoring framework that transforms publicly observable leak-site disclosures and verifiable open-source evidence into quantitative behavioral profiles. Using continuous monitoring of dark web leak portals, we construct a standardized dataset of ransomware disclosures for 2025 with temporal, geographic, and sector metadata. AIAI measures four complementary dimensions: GenAI-enabled social engineering, operational tempo and orchestration, targeting breadth and diversification, and temporal scaling dynamics. Indicators are computed for all observed actors, while comparative profiling focuses on the ten most active actors to ensure stable behavioral estimation. The analysis reveals substantial heterogeneity in posting cadence, targeting strategies, and scaling dynamics, as well as limited but measurable evidence of automated or AI-assisted deception. These differences are not captured by victim counts alone. The proposed framework provides a transparent and reproducible approach for actor-level ransomware intelligence, enabling systematic comparison of operational styles and supporting data-driven defensive prioritization. Full article

This study presents an analytical formulation for predicting the additional elastic deflection of tapered steel beams with variable-diameter circular web openings, a configuration that is not addressed by existing analytical models or current design codes. The proposed formulation accounts for the coupled effects of cross-section tapering, progressive variation in opening diameter along the span, and shear–bending interaction within perforated regions. To the best of the authors’ knowledge, this is the first analytical model addressing such complex non-prismatic cellular beam configurations. The formulation is implemented in MATLAB R2019a, enabling fast and automated deflection calculations over a wide parametric range, including various loading cases, tapering ratios, beam spans, web-post widths, and opening dimensions. For prismatic configurations, the analytical predictions are benchmarked against Eurocode 3 and the SCI P355 design guide, both originally developed for beams with constant cross-sections and regular openings. The results demonstrate the improved accuracy and broader applicability of the proposed approach. For tapered configurations with variable-diameter openings, the formulation is assessed against finite element simulations performed in Abaqus/CAE 2017, with the numerical model previously validated against experimental results available in the literature. The proposed method provides a reliable and practical analytical tool for the serviceability assessment of tapered perforated steel beams in structural engineering applications. Full article

Infrastructure as Code (IaC) underpins automated cloud provisioning in modern DevOps environments; however, controlled comparative evaluations of leading IaC tools under identical conditions remain limited. This study presents a controlled comparative evaluation of Terraform, Pulumi, and AWS CloudFormation within a standardized Amazon Web Services environment. An identical multi-tier architecture was implemented using each tool, and repeated deployment cycles were conducted to observe differences in provisioning duration, removal time, structural maintainability, and operational characteristics. Descriptive statistical analysis across 30 controlled repetitions indicates that Terraform and Pulumi achieve comparable deployment performance, whereas CloudFormation requires more than twice the average provisioning time under the conditions evaluated. Removal durations were similar across tools but remained longest for CloudFormation. Structural analysis reveals trade-offs between declarative modular design, programmatic flexibility, and native cloud integration. The study provides a controlled, comparative framework to support evidence-based selection of IaC tools in production-oriented cloud environments. Full article

In recent years, autonomous liquid pouring systems have gained more relevance, with applications from daily service tasks to complex industrial operations. While seemingly simple for humans, this task poses major challenges for automated systems, as it requires precise control and adaptation to varying container geometries, liquid properties, and environmental conditions. This review examines the state-of-the-art on liquid pouring through five research questions: (1) What are the characteristics of the liquids used in the experiments? (2) What are the characteristics of the containers used in the experiments and how do they affect the performance of the pouring tasks? (3) What techniques are used to control liquid pouring (i.e., to control the robotic arm or device)? (4) What metrics are used to assess the methods for pouring liquid? (5) What devices are used to measure poured volume? This scoping review follows the Arksey and O’Malley framework, and uses the PRISMA-ScR protocol to filter the articles. A total of 285 studies published between 2018 and 2025 were screened from IEEE Xplore, SpringerLink, ScienceDirect, Web of Science, and EBSCOhost, of which 23 met the inclusion criteria. Results showed that the most widely used methods for autonomous liquid pouring were classical control methods—PID, PD (30.4% of the studies). Conversely, the least widely used methods for autonomous liquid pouring were learning, imitation learning, and probabilistic models (15% of the studies). Full article

Seagrass meadows are essential coastal ecosystems that provide key ecological services, including carbon sequestration, sediment stabilization, and shoreline protection. Increasing threats from natural and anthropogenic stressors highlight the need for efficient, reproducible, and non-invasive monitoring solutions. This study evaluates the performance of low-cost commercial drones for seagrass assessment in shallow coastal waters, with an emphasis on freely accessible mission-planning and photogrammetric workflows. Field surveys were conducted along the Calabrian coast (southern Italy), where automated flight paths were generated using the software WaypointMap, and high-resolution orthophotos were generated using the WebODM software and subsequently analyzed in QGIS for seagrass patch detection, mapping, and surface estimation. The methodological pipeline is described in detail to facilitate full reproducibility. Compared with traditional diver-based methods, this workflow offers faster data collection, broader spatial coverage, and minimal environmental disturbance. Although some limitations remain, the results demonstrate that combining low-cost drones with open-source tools provides a practical and scalable solution for routine monitoring. This approach has strong potential for integration into routine coastal habitat assessment, supports early impact detection, and contributes to evidence-based conservation and management strategies. Full article

Impersonation attacks causing online fraud are a growing challenge for digital services, demanding the integration of biometric and behavioral factors into traditional authentication methods. Behavioral impersonation detection during online sessions is particularly critical for online banking, and the existing solutions focus mostly on mouse and keyboard dynamics. We study behavioral patterns extracted from standard web-server logs and claim that our methods are applicable in a banking scenario. Using a Siamese neural network, we classify pairs of web sessions from the same user with 90% accuracy. Experiments conducted on real-world intranet weblogs, serving as a proxy for banking data, highlight challenges in filtering and aggregating data. To address variability in website technologies and browsing behaviors, we introduce an automated procedure for grouping requested pages based on a low-rank approximation of the user browsing matrix. This approach consistently improves classification accuracy while reducing reliance on costly, error-prone manual log analysis, offering a scalable, viable approach for fraud detection in online services. Full article

The convergence of artificial intelligence (AI), machine learning (ML), blockchain, and big data analytics is transforming the governance, sustainability, and resilience of modern banking ecosystems. This study provides a multivariate bibliometric analysis using Principal Component Analysis (PCA) of research indexed in Scopus and Web of Science to explore how decentralized digital infrastructures and AI-driven analytical capabilities contribute to sustainable financial development, transparent governance, and climate-resilient digital societies. Findings indicate a rapid increase in interdisciplinary work integrating Distributed Ledger Technology (DLT) with large-scale data processing, federated learning, privacy-preserving computation, and intelligent automation—tools that can enhance financial inclusion, regulatory integrity, and environmental risk management. Keyword network analyses reveal blockchain’s growing role in improving data provenance, security, and trust—key governance dimensions for sustainable and resilient financial systems—while AI/ML and big data analytics dominate research on predictive intelligence, ESG-related risk modeling, customer well-being analytics, and real-time decision support for sustainable finance. Comparative analyses show distinct emphases: Web of Science highlights decentralized architectures, consensus mechanisms, and smart contracts relevant to transparent financial governance, whereas Scopus emphasizes customer-centered analytics, natural language processing, and high-throughput data environments supporting inclusive and equitable financial services. Patterns of global collaboration demonstrate strong internationalization, with Europe, China, and the United States emerging as key hubs in shaping sustainable and digitally resilient banking infrastructures. By mapping intellectual, technological, and collaborative structures, this study clarifies how decentralized intelligence—enabled by the fusion of AI/ML, blockchain, and big data—supports secure, scalable, and sustainability-driven financial ecosystems. The results identify critical research pathways for strengthening financial governance, enhancing climate and social resilience, and advancing digital transformation, which contributes to more inclusive, equitable, and sustainable societies. Full article

The exponential proliferation of the Internet of Things (IoT) has catalyzed a paradigm shift in industrial automation and smart city infrastructure. However, this rapid expansion has engendered significant heterogeneity in communication protocols, creating critical barriers to seamless data integration and interoperability. Conventional gateway solutions frequently exhibit limited flexibility in supporting diverse protocol stacks simultaneously and often lack granular user controllability. To mitigate these deficiencies, this paper proposes a novel, modular IoT gateway architecture, designated as MIGS (Modular IoT Gateway System). The proposed architecture comprises four distinct components: a Management Component, a Southbound Component, a Northbound Component, and a Cache Component. Specifically, the Southbound Component employs instance-based isolation and independent task threading to manage heterogeneous field devices utilizing protocols such as Modbus, MQTT, and OPC UA. The Northbound Component facilitates reliable bidirectional data transmission with cloud platforms. A dedicated Cache Component is integrated to decouple data acquisition from transmission, ensuring data integrity during network latency. Furthermore, a web-based Control Service Module affords comprehensive runtime management. We explicate the data transmission methodology and formulate a theoretical latency model to quantify the impact of the Python Global Interpreter Lock (GIL) and serialization overhead. Functional validation and theoretical analysis confirm the system’s efficacy in concurrent multi-protocol communication, robust data forwarding, and operational flexibility. The MIGS framework significantly enhances interoperability within heterogeneous IoT environments, offering a scalable solution for next-generation industrial applications. Full article

The rise of connected and automated vehicles has transformed in-vehicle infotainment (IVI) systems into critical gateways linking user interfaces, vehicular networks, and cloud-based fleet services. A concerning architectural reality is that hardcoded credentials like access point names (APNs) in IVI firmware create a cross-layer attack surface where local exposure can escalate into entire vehicle fleets being remotely compromised. To address this risk, we propose a cross-layer security framework that integrates firmware extraction, symbolic execution, and targeted fuzzing to reconstruct authentic IVI-to-backend interactions and uncover high-impact web vulnerabilities such as server-side request forgery (SSRF) and broken access control. Applied across seven diverse automotive systems, including major original equipment manufacturers (OEMs) (Mercedes-Benz, Tesla, SAIC, FAW-VW, Denza), Tier-1 supplier Bosch, and advanced driver assistance systems (ADAS) vendor Minieye, our approach exposes systemic anti-patterns and demonstrates a fully realized exploit that enables remote control of approximately six million Mercedes-Benz vehicles. All 23 discovered vulnerabilities, including seven CVEs, were patched within one month. In closed automotive ecosystems, we argue that the true measure of efficacy lies not in maximizing code coverage but in discovering actionable, fleet-wide attack paths, which is precisely what our approach delivers. Full article