Previous Issue
Volume 5, September
 
 

J. Cybersecur. Priv., Volume 5, Issue 4 (December 2025) – 7 articles

  • Issues are regarded as officially published after their release is announced to the table of contents alert mailing list.
  • You may sign up for e-mail alerts to receive table of contents of newly released issues.
  • PDF is the official format for papers published in both, html and pdf forms. To view the papers in pdf format, click on the "PDF Full-text" link, and use the free Adobe Reader to open them.
Order results
Result details
Section
Select all
Export citation of selected articles as:
15 pages, 577 KB  
Article
Blockchain-Enabled GDPR Compliance Enforcement for IIoT Data Access
by Amina Isazade, Ali Malik and Mohammed B. Alshawki
J. Cybersecur. Priv. 2025, 5(4), 84; https://doi.org/10.3390/jcp5040084 - 3 Oct 2025
Abstract
The General Data Protection Regulation (GDPR) imposes additional demands and obligations on service providers that handle and process personal data. In this paper, we examine how advanced cryptographic techniques can be employed to develop a privacy-preserving solution for ensuring GDPR compliance in Industrial [...] Read more.
The General Data Protection Regulation (GDPR) imposes additional demands and obligations on service providers that handle and process personal data. In this paper, we examine how advanced cryptographic techniques can be employed to develop a privacy-preserving solution for ensuring GDPR compliance in Industrial Internet of Things (IIoT) systems. The primary objective is to ensure that sensitive data from IIoT devices is encrypted and accessible only to authorized entities, in accordance with Article 32 of the GDPR. The proposed system combines Decentralized Attribute-Based Encryption (DABE) with smart contracts on a blockchain to create a decentralized way of managing access to IIoT systems. The proposed system is used in an IIoT use case where industrial sensors collect operational data that is encrypted according to DABE. The encrypted data is stored in the IPFS decentralized storage system. The access policy and IPFS hash are stored in the blockchain’s smart contracts, allowing only authorized and compliant entities to retrieve the data based on matching attributes. This decentralized system ensures that information is stored encrypted and secure until it is retrieved by legitimate entities, whose access rights are automatically enforced by smart contracts. The implementation and evaluation of the proposed system have been analyzed and discussed, showing the promising achievement of the proposed system. Full article
(This article belongs to the Special Issue Data Protection and Privacy)
Show Figures

Figure 1

23 pages, 1019 KB  
Article
Simulating Collaboration in Small Modular Nuclear Reactor Cybersecurity with Agent-Based Models
by Michael B. Zamperini and Diana J. Schwerha
J. Cybersecur. Priv. 2025, 5(4), 83; https://doi.org/10.3390/jcp5040083 - 3 Oct 2025
Abstract
This study proposes methods of computer simulation to study and optimize the cybersecurity of Small Modular Nuclear Reactors (SMRs). SMRs hold the potential to help build a clean and sustainable power grid but will struggle to gain widespread adoption without public confidence in [...] Read more.
This study proposes methods of computer simulation to study and optimize the cybersecurity of Small Modular Nuclear Reactors (SMRs). SMRs hold the potential to help build a clean and sustainable power grid but will struggle to gain widespread adoption without public confidence in their security. SMRs are emerging technologies and potentially carry higher cyber threats due to remote operations, large numbers of cyber-physical systems, and cyber connections with other industrial concerns. A method of agent-based computer simulations to model the effects, or payoff, of collaboration between cyber defenders, power plants, and cybersecurity vendors is proposed to strengthen SMR cybersecurity as these new power generators enter into the market. The agent-based model presented in this research is intended to illustrate the potential of using simulation to model a payoff function for collaborative efforts between stakeholders. Employing simulation to heighten cybersecurity will help to safely leverage the potential of SMRs in a modern and low-emission energy grid. Full article
(This article belongs to the Special Issue Intrusion/Malware Detection and Prevention in Networks—2nd Edition)
Show Figures

Figure 1

27 pages, 1146 KB  
Article
Attacking Tropical Stickel Protocol by MILP and Heuristic Optimization Techniques
by Sulaiman Alhussaini and Sergeĭ Sergeev
J. Cybersecur. Priv. 2025, 5(4), 82; https://doi.org/10.3390/jcp5040082 - 3 Oct 2025
Abstract
Known attacks on the tropical implementation of Stickel protocol involve finding minimal covers for a certain covering problem, and this leads to an exponential growth in the worst case time required to recover the secret key as the used polynomial degree increases. The [...] Read more.
Known attacks on the tropical implementation of Stickel protocol involve finding minimal covers for a certain covering problem, and this leads to an exponential growth in the worst case time required to recover the secret key as the used polynomial degree increases. The computational inefficiency of this attack is also observed in practice, unless the number of explored covers is limited, on the expense of the success rate of the attack. Consequently, it can be argued that Alice and Bob can still repel these attacks on tropical Stickel protocol by utilizing very high polynomial degrees, a feasible approach due to the efficiency of tropical operations. The same is true for the implementation of Stickel protocol over some other semirings with idempotent addition (such as the max–min or digital semiring). In this paper, we propose alternative methods to attack the Stickel protocols that avoid solving the covering problem. These methods involve framing the attacks as a mixed integer linear programming (MILP) problem or applying certain heuristic global optimization techniques. We also include a number of numerical experiments to analyze the success rate and the time required to execute the suggested attacks in practice. Full article
(This article belongs to the Special Issue Applied Cryptography)
Show Figures

Figure 1

17 pages, 1058 KB  
Article
Trends and Challenges in Cybercrime in Greece
by Anastasios Papathanasiou, Georgios Germanos, Vasiliki Liagkou and Vasileios Vlachos
J. Cybersecur. Priv. 2025, 5(4), 81; https://doi.org/10.3390/jcp5040081 - 2 Oct 2025
Abstract
This study investigates the evolution of cybercrime in Greece by analyzing data from the Cyber Crime Division of the Hellenic Police. By combining 2023 statistics with earlier national and international data (e.g., Europol, FBI), this study presents a comprehensive 15-year view of cybercrime [...] Read more.
This study investigates the evolution of cybercrime in Greece by analyzing data from the Cyber Crime Division of the Hellenic Police. By combining 2023 statistics with earlier national and international data (e.g., Europol, FBI), this study presents a comprehensive 15-year view of cybercrime trends. Key findings highlight a persistent rise in cyber incidents, with financial fraud as the most common type. Other major threats include unauthorized system access, data breaches, and crimes targeting vulnerable populations. The study assesses national legislation aligned with EU directives and outlines stakeholder roles. It underscores the need for adaptive legal frameworks, inter-agency cooperation, and public awareness to mitigate Greece’s growing cybersecurity challenges. Full article
(This article belongs to the Section Security Engineering & Applications)
Show Figures

Figure 1

18 pages, 1699 KB  
Article
A Comparative Analysis of Defense Mechanisms Against Model Inversion Attacks on Tabular Data
by Neethu Vijayan, Raj Gururajan and Ka Ching Chan
J. Cybersecur. Priv. 2025, 5(4), 80; https://doi.org/10.3390/jcp5040080 - 2 Oct 2025
Abstract
As more machine learning models are used in sensitive fields like healthcare, finance, and smart infrastructure, protecting structured tabular data from privacy attacks is a key research challenge. Although several privacy-preserving methods have been proposed for tabular data, a comprehensive comparison of their [...] Read more.
As more machine learning models are used in sensitive fields like healthcare, finance, and smart infrastructure, protecting structured tabular data from privacy attacks is a key research challenge. Although several privacy-preserving methods have been proposed for tabular data, a comprehensive comparison of their performance and trade-offs has yet to be conducted. We introduce and empirically assess a combined defense system that integrates differential privacy, federated learning, adaptive noise injection, hybrid cryptographic encryption, and ensemble-based obfuscation. The given strategies are analyzed on the benchmark tabular datasets (ADULT, GSS, FTE), showing that the suggested methods can mitigate up to 50 percent of model inversion attacks in relation to baseline models without decreasing the model utility (F1 scores are higher than 0.85). Moreover, on these datasets, our results match or exceed the latest state-of-the-art (SOTA) in terms of privacy. We also transform each defense into essential data privacy laws worldwide (GDPR and HIPAA), suggesting the best applicable guidelines for the ethical and regulation-sensitive deployment of privacy-preserving machine learning models in sensitive spaces. Full article
(This article belongs to the Section Privacy)
Show Figures

Figure 1

30 pages, 1774 KB  
Review
A Systematic Literature Review on AI-Based Cybersecurity in Nuclear Power Plants
by Marianna Lezzi, Luigi Martino, Ernesto Damiani and Chan Yeob Yeun
J. Cybersecur. Priv. 2025, 5(4), 79; https://doi.org/10.3390/jcp5040079 - 1 Oct 2025
Abstract
Cybersecurity management plays a key role in preserving the operational security of nuclear power plants (NPPs), ensuring service continuity and system resilience. The growing number of sophisticated cyber-attacks against NPPs requires cybersecurity experts to detect, analyze, and defend systems and data from cyber [...] Read more.
Cybersecurity management plays a key role in preserving the operational security of nuclear power plants (NPPs), ensuring service continuity and system resilience. The growing number of sophisticated cyber-attacks against NPPs requires cybersecurity experts to detect, analyze, and defend systems and data from cyber threats in near real time. However, managing a large numbers of attacks in a timely manner is impossible without the support of Artificial Intelligence (AI). This study recognizes the need for a structured and in-depth analysis of the literature in the context of NPPs, referring to the role of AI technology in supporting cyber risk assessment processes. For this reason, a systematic literature review (SLR) is adopted to address the following areas of analysis: (i) critical assets to be preserved from cyber-attacks through AI, (ii) security vulnerabilities and cyber threats managed using AI, (iii) cyber risks and business impacts that can be assessed by AI, and (iv) AI-based security countermeasures to mitigate cyber risks. The SLR procedure follows a macro-step approach that includes review planning, search execution and document selection, and document analysis and results reporting, with the aim of providing an overview of the key dimensions of AI-based cybersecurity in NPPs. The structured analysis of the literature allows for the creation of an original tabular outline of emerging evidence (in the fields of critical assets, security vulnerabilities and cyber threats, cyber risks and business impacts, and AI-based security countermeasures) that can help guide AI-based cybersecurity management in NPPs and future research directions. From an academic perspective, this study lays the foundation for understanding and consciously addressing cybersecurity challenges through the support of AI; from a practical perspective, it aims to assist managers, practitioners, and policymakers in making more informed decisions to improve the resilience of digital infrastructure. Full article
(This article belongs to the Section Security Engineering & Applications)
Show Figures

Figure 1

21 pages, 2975 KB  
Article
ARGUS: An Autonomous Robotic Guard System for Uncovering Security Threats in Cyber-Physical Environments
by Edi Marian Timofte, Mihai Dimian, Alin Dan Potorac, Doru Balan, Daniel-Florin Hrițcan, Marcel Pușcașu and Ovidiu Chiraș
J. Cybersecur. Priv. 2025, 5(4), 78; https://doi.org/10.3390/jcp5040078 - 1 Oct 2025
Abstract
Cyber-physical infrastructures such as hospitals and smart campuses face hybrid threats that target both digital and physical domains. Traditional security solutions separate surveillance from network monitoring, leaving blind spots when attackers combine these vectors. This paper introduces ARGUS, an autonomous robotic platform designed [...] Read more.
Cyber-physical infrastructures such as hospitals and smart campuses face hybrid threats that target both digital and physical domains. Traditional security solutions separate surveillance from network monitoring, leaving blind spots when attackers combine these vectors. This paper introduces ARGUS, an autonomous robotic platform designed to close this gap by correlating cyber and physical anomalies in real time. ARGUS integrates computer vision for facial and weapon detection with intrusion detection systems (Snort, Suricata) for monitoring malicious network activity. Operating through an edge-first microservice architecture, it ensures low latency and resilience without reliance on cloud services. Our evaluation covered five scenarios—access control, unauthorized entry, weapon detection, port scanning, and denial-of-service attacks—with each repeated ten times under varied conditions such as low light, occlusion, and crowding. Results show face recognition accuracy of 92.7% (500 samples), weapon detection accuracy of 89.3% (450 samples), and intrusion detection latency below one second, with minimal false positives. Audio analysis of high-risk sounds further enhanced situational awareness. Beyond performance, ARGUS addresses GDPR and ISO 27001 compliance and anticipates adversarial robustness. By unifying cyber and physical detection, ARGUS advances beyond state-of-the-art patrol robots, delivering comprehensive situational awareness and a practical path toward resilient, ethical robotic security. Full article
(This article belongs to the Special Issue Cybersecurity Risk Prediction, Assessment and Management)
Show Figures

Figure 1

Previous Issue
Back to TopTop