Journal of Cybersecurity and Information Management

As technology advances, the frequency and variety of intrusions and other security threats within network environments continue to grow. Intrusion detection systems (IDS) play a vital role in securing networks against unauthorized access and attacks on computer systems; however, traditional IDSs are very limited in their ability to recognize new, complex malicious threats because they rely on signature-based detection. Approaches based on machine learning have shown a promising alternative in identifying unknown malicious attacks. This study proposes a computationally efficient, generalizable machine-learning framework for robust cyber-threat prediction. Three benchmark datasets (HIKARI-2021, CIC-IDS2017, and KDDCup99) were used for full-pipeline evaluations, including preprocessing, feature selection, class-imbalance handling, hyperparameter optimization, and strict model validation. Eight classifiers were assessed, which included traditional classifiers and more modern ensemble methods. The results from this study showed that tree-based models, mainly both Random Forest and XGBoost achieved near-perfect performance across all datasets, reaching accuracy values up to 0.999 and F1-scores between 0.99 and 0.999. Additionally, the SHAP-based explainability analysis was applied to reveal features that drove predictions, enabling interpretability and transparency. Compared with prior studies, the proposed framework consistently delivers improved, more stable detection performance. The findings highlight that optimized ML models combined with balanced datasets and rigorous validation protocols can significantly enhance intrusion detection reliability. Furthermore, this approach provides a practical and scalable solution for strengthening cybersecurity defenses against evolving and emerging cyber threats.

Cyberattack detection in unmanned aerial vehicle environments has become an essential requirement for dependable digital operations. Security analytics for these environments should not only separate benign and malicious traffic, but should also provide interpretable evidence that can support timely triage and intervention. This paper presents a risk-aware classification framework for UAV communication security based on a leakage-screened feature design and a gradient-boosting ensemble model. The framework combines multiclass discrimination, probability-based decision logic, and feature-level interpretation within one coherent workflow. The study demonstrates that a carefully designed ensemble approach can provide balanced and operationally meaningful cyberattack recognition while remaining transparent enough for practical cybersecurity management. The results also show that communication-structure variables provide strong discriminatory power and that replay-type activity remains more difficult to separate than benign or denial-of-service behavior. The proposed framework therefore contributes a reproducible analytical design and a managerial reading of cyberattack classification for UAV operations.

Phishing URLs still present a security threat to organizations because they enable credential theft and account takeover together with payment fraud and unauthorized digital service access. The existing research on phishing detection has been studied extensively yet most published papers still show a preference for predictive performance assessment compared to operational system capabilities and tests and governance system implementation. The researchers developed OPH-Guard as an operational security system which uses compact tree ensembles to identify phishing URLs for their secure web access management system. The integrated workflow system enables institutional and small enterprise to implement public data ingestion and feature validation together with tabular model learning and post-hoc explanation and security-action mapping. The empirical evaluation used a public GitHub-hosted phishing URL dataset which contains 11,481 labeled records and 87 predictive features. The researchers conducted a comparison between three tree-based learners according to a stratified 80/20 hold-out protocol which included Decision Tree and Random Forest and Extra Trees. The actual results from Extra Trees produced the highest accuracy score of 0.9856 which included 0.9921 precision and 0.9791 recall and 0.9855 F1-score and 0.9984 ROC-AUC from the held-out test results. The study investigates security relevance for top predictors through google index and page rank and domain age and phish hints which provide evidence that the resulting model enables organizations to manage browsing risk through URL triage together with secure information management controls. The study presents a reproducible framework together with a complete screening algorithm and a summary of existing research from ten studies and a system which connects model results to security operations.

Email has been a key communication and information-management tool in contemporary organizations, yet it is also one of the most misused avenues to spam, fraud, credential theft, and malicious code delivery. Lightweight and reproducible detection models are especially useful to universities, public institutions, and small-to-medium enterprises which might not have access to costly proprietary filtering infrastructures because of the operational relevance of email security. In this paper I suggest an Explainable Hybrid SVM Framework (EHSF) to detect spam and malicious-risk email in a business information system. The framework integrates TF–IDF representation of text with lightweight risk-based email indicators, such as structural and lexical cues that can be obtained at low computation cost. An external Enron- Spam data were used so that it may be reproducible and will be checked later by the reviewers and readers. The experimentation process was coded in Python and assessed in terms of accuracy, precision, recall, F1-score, ROC-AUC, and confusion-matrix. These findings demonstrate that the suggested Linear SVM-based framework has the highest overall performance with accuracy of 0.9853, precision of 0.9818, recall of 0.9893, F1-score of 0.9855, and ROC-AUC of 0.9981 on the held-out test set. The confusion matrix shows that there were only 34 false negatives and 58 false positives which show that there was a good discrimination between ham and spam classes. Besides the predictive performance, the framework provides an interpretable layer based on the analysis of influential lexical indicators related to risky and legitimate enterprise emails. The research adds a replicable and operationally viable methodology that complies with the needs of cybersecurity and information-management, and is lightweight enough to be implemented in the real-life setting within an organization.

This article is part of an exhaustive study that aspired to determine the relationship between cybercrime and digital competence in sixth-cycle undergraduate students at a public university in Lima. The hypothesis was a sincere relationship between the two variables. The methodology applied is a quantitative, basic, correlational approach with a non-experimental cross-sectional design. The results reflected a medium positive correlation between cybercrime and digital competence, with a Kendall's Tau-b coefficient of 0.585 and a significance level of 0.000 (p < 0.05). In conclusion, it was evident that greater digital competence is associated with greater exposure to cybercrime risks, suggesting the need to implement educational strategies aimed at strengthening digital security in the university environment.

MQTT-based Internet of Things networks face major security problems because they have high-dimensional data, class imbalance, and no detection mechanisms that can be understood. This paper proposes a unified intrusion detection framework that integrates attention-based deep learning, GAN-driven data augmentation, and MDA-based feature selection (CNN-LSTM-Attention). The proposed pipeline outperforms both classical and recent state-of-the-art baselines. When tested on MQTTEEB-D, a real-world MQTT dataset with 200,000 flows, an accuracy of 99.12% and macro F1-score of 98.37 were achieved. However, the attention maps provide clear explanations for the obtained prediction, and the system performs well even against tough attacks such as SlowITe: 96–98%. Moreover, the system's very short inference time makes it possible to deploy on a real IoT gateway with limited resources. The synergistic combination of feature engineering, generative augmentation, and interpretable deep learning sets a standard for reliable and effective IoT/MQTT intrusion detection.