MQTT-based Internet of Things networks face major security problems because they have high-dimensional data, class imbalance, and no detection mechanisms that can be understood. This paper proposes a unified intrusion detection framework that integrates attention-based deep learning, GAN-driven data augmentation, and MDA-based feature selection (CNN-LSTM-Attention). The proposed pipeline outperforms both classical and recent state-of-the-art baselines. When tested on MQTTEEB-D, a real-world MQTT dataset with 200,000 flows, an accuracy of 99.12% and macro F1-score of 98.37 were achieved. However, the attention maps provide clear explanations for the obtained prediction, and the system performs well even against tough attacks such as SlowITe: 96–98%. Moreover, the system's very short inference time makes it possible to deploy on a real IoT gateway with limited resources. The synergistic combination of feature engineering, generative augmentation, and interpretable deep learning sets a standard for reliable and effective IoT/MQTT intrusion detection.
Read MoreDoi: https://doi.org/10.54216/JCIM.180101
Vol. 18 Issue. 1 PP. 01-21, (2026)
This article is part of an exhaustive study that aspired to determine the relationship between cybercrime and digital competence in sixth-cycle undergraduate students at a public university in Lima. The hypothesis was a sincere relationship between the two variables. The methodology applied is a quantitative, basic, correlational approach with a non-experimental cross-sectional design. The results reflected a medium positive correlation between cybercrime and digital competence, with a Kendall's Tau-b coefficient of 0.585 and a significance level of 0.000 (p < 0.05). In conclusion, it was evident that greater digital competence is associated with greater exposure to cybercrime risks, suggesting the need to implement educational strategies aimed at strengthening digital security in the university environment.
Read MoreDoi: https://doi.org/10.54216/JCIM.180102
Vol. 18 Issue. 1 PP. 22-44, (2026)
Email has been a key communication and information-management tool in contemporary organizations, yet it is also one of the most misused avenues to spam, fraud, credential theft, and malicious code delivery. Lightweight and reproducible detection models are especially useful to universities, public institutions, and small-to-medium enterprises which might not have access to costly proprietary filtering infrastructures because of the operational relevance of email security. In this paper I suggest an Explainable Hybrid SVM Framework (EHSF) to detect spam and malicious-risk email in a business information system. The framework integrates TF–IDF representation of text with lightweight risk-based email indicators, such as structural and lexical cues that can be obtained at low computation cost. An external Enron- Spam data were used so that it may be reproducible and will be checked later by the reviewers and readers. The experimentation process was coded in Python and assessed in terms of accuracy, precision, recall, F1-score, ROC-AUC, and confusion-matrix. These findings demonstrate that the suggested Linear SVM-based framework has the highest overall performance with accuracy of 0.9853, precision of 0.9818, recall of 0.9893, F1-score of 0.9855, and ROC-AUC of 0.9981 on the held-out test set. The confusion matrix shows that there were only 34 false negatives and 58 false positives which show that there was a good discrimination between ham and spam classes. Besides the predictive performance, the framework provides an interpretable layer based on the analysis of influential lexical indicators related to risky and legitimate enterprise emails. The research adds a replicable and operationally viable methodology that complies with the needs of cybersecurity and information-management, and is lightweight enough to be implemented in the real-life setting within an organization.
Read MoreDoi: https://doi.org/10.54216/JCIM.180103
Vol. 18 Issue. 1 PP. 45-55, (2026)
Phishing URLs still present a security threat to organizations because they enable credential theft and account takeover together with payment fraud and unauthorized digital service access. The existing research on phishing detection has been studied extensively yet most published papers still show a preference for predictive performance assessment compared to operational system capabilities and tests and governance system implementation. The researchers developed OPH-Guard as an operational security system which uses compact tree ensembles to identify phishing URLs for their secure web access management system. The integrated workflow system enables institutional and small enterprise to implement public data ingestion and feature validation together with tabular model learning and post-hoc explanation and security-action mapping. The empirical evaluation used a public GitHub-hosted phishing URL dataset which contains 11,481 labeled records and 87 predictive features. The researchers conducted a comparison between three tree-based learners according to a stratified 80/20 hold-out protocol which included Decision Tree and Random Forest and Extra Trees. The actual results from Extra Trees produced the highest accuracy score of 0.9856 which included 0.9921 precision and 0.9791 recall and 0.9855 F1-score and 0.9984 ROC-AUC from the held-out test results. The study investigates security relevance for top predictors through google index and page rank and domain age and phish hints which provide evidence that the resulting model enables organizations to manage browsing risk through URL triage together with secure information management controls. The study presents a reproducible framework together with a complete screening algorithm and a summary of existing research from ten studies and a system which connects model results to security operations.
Read MoreDoi: https://doi.org/10.54216/JCIM.180104
Vol. 18 Issue. 1 PP. 56–69, (2026)
Cyberattack detection in unmanned aerial vehicle environments has become an essential requirement for dependable digital operations. Security analytics for these environments should not only separate benign and malicious traffic, but should also provide interpretable evidence that can support timely triage and intervention. This paper presents a risk-aware classification framework for UAV communication security based on a leakage-screened feature design and a gradient-boosting ensemble model. The framework combines multiclass discrimination, probability-based decision logic, and feature-level interpretation within one coherent workflow. The study demonstrates that a carefully designed ensemble approach can provide balanced and operationally meaningful cyberattack recognition while remaining transparent enough for practical cybersecurity management. The results also show that communication-structure variables provide strong discriminatory power and that replay-type activity remains more difficult to separate than benign or denial-of-service behavior. The proposed framework therefore contributes a reproducible analytical design and a managerial reading of cyberattack classification for UAV operations.
Read MoreDoi: https://doi.org/10.54216/JCIM.180105
Vol. 18 Issue. 1 PP. 70–85, (2026)