Publication Search

The rapid advancement of digital technology has fundamentally altered the landscape of public governance, compelling local governments to adapt and embrace digital transformation. This study investigates the challenges and opportunities faced by local governments in Indonesia in implementing digital governance transformation within the framework of Society 5.0. Using a systematic literature review and case study methodology, this research analyzes governance transformation policies, institutional readiness, digital infrastructure, and human resource capacity across selected Indonesian regional governments. The findings reveal that while significant opportunities exist including enhanced public service delivery, improved transparency, citizen participation, and inter-agency coordination substantial challenges persist in digital infrastructure disparities, limited human resource capacity, regulatory ambiguity, and cybersecurity vulnerabilities. The study identifies five critical success factors for effective digital governance transformation: strong political commitment, adequate digital infrastructure investment, comprehensive human resource development, adaptive regulatory frameworks, and inclusive citizen engagement mechanisms. This research contributes to the theoretical discourse on e-government and digital governance in the context of developing countries, while offering practical policy recommendations for local governments navigating the transition to Society 5.0. The implications extend to policymakers, practitioners, and scholars engaged in public administration reform in the digital age.

Inconsistent terminology across cybersecurity frameworks undermines global governance and interoperability. The National Institute of Standards and Technology Cybersecurity Framework (NIST CSF 2.0) and ISO/IEC 27001:2022 share similar objectives but diverge semantically in defining risk, control, and resilience. This semantic gap causes difficulties in compliance mapping and automated policy translation. Research Objectives: This study aims to analyze the semantic similarity and divergence between NIST and ISO/IEC 27000 terminologies, identify conceptual structures influencing interoperability, and propose an AI-assisted foundation for harmonizing cybersecurity language globally. Methodology: A mixed-method semantic comparative design integrates Natural Language Processing (NLP) and ontology mapping. Using the nist_glossary.csv dataset and ISO vocabularies, terms were normalized and analyzed via cosine similarity using sentence-transformer embeddings. Ontological alignment was visualized through the Semantic Threat Graph (STG) and validated by certified experts using Cohen’s Kappa reliability tests. Results: From 672 term pairs, results show 40.9% high semantic equivalence, 38.8% partial overlap, and 20.3% semantic divergence. Strongest alignment appears in “Protect” and “Identify” domains, while divergences occur in governance and recovery-related terms. Ontology mapping revealed three conceptual clusters—Risk Governance, Technical Safeguards, and Organizational Readiness. Conclusions: Findings confirm a 79.7% total semantic alignment, indicating strong potential for harmonizing global cybersecurity standards. The study contributes an empirical model combining computational linguistics and AI-based ontology mapping to establish semantic interoperability, enabling unified cybersecurity governance and AI-driven compliance automation. Keywords: Semantic Interoperability; Ontology Mapping; Cybersecurity Frameworks; Terminology Alignment; AI Harmonization

Explainable artificial intelligence (XAI) has become a critical requirement in cybersecurity due to the high-stakes nature of security decision-making and the limitations of black-box learning models. This study investigates the construction of an explainable cybersecurity knowledge representation by leveraging standardized terminology from the NIST cybersecurity glossary. The primary problem addressed is the lack of transparent and semantically grounded reasoning mechanisms in existing AI-driven cybersecurity systems, which limits trust, accountability, and analyst adoption. To address this challenge, we propose a NIST-based semantic knowledge graph that embeds explainability directly into its ontology structure and reasoning process. The proposed framework systematically extracts definitional entities and relations from NIST glossary entries to construct a domain ontology and a multi-relational knowledge graph. A rule-based semantic relation extraction method is employed to ensure faithful, interpretable, and reproducible reasoning paths. The resulting knowledge graph contains over 3,000 cybersecurity concepts and approximately 27,000 semantic relations, covering hierarchical, associative, dependency, and mitigation semantics. Experimental evaluation demonstrates that the proposed approach achieves a high level of explainability, with 92.4% of reasoning outcomes being fully traceable and only 1.4% classified as non-traceable. Most explainable reasoning paths are limited to two or three hops, indicating an effective balance between inferential depth and human interpretability. Structural analysis further confirms the presence of meaningful hub concepts that support multi-hop semantic inference. These results confirm that ontology-driven, standard-based knowledge graphs provide a robust foundation for explainable cybersecurity intelligence. The study concludes that explainability-by-design, grounded in authoritative standards, offers a viable and trustworthy alternative to opaque AI models for cybersecurity applications.

The rapid expansion of internet usage has led to a significant increase in cybersecurity threats, particularly phishing attacks delivered through malicious links. Phishing links are designed to imitate legitimate websites in order to deceive users and steal sensitive information. This study presents the implementation of a phishing link detection website based on SSL validation and URL scoring mechanisms. The proposed system integrates heuristic-based URL analysis with real-time SSL certificate validation obtained through the SSL handshake process. Digital certificates are verified using RSA-based digital signature verification issued by trusted Certificate Authorities (CAs). In addition, the SHA-256 hash algorithm is employed to generate certificate fingerprints and URL hashes to ensure data integrity and uniqueness. The system also evaluates HTTPS usage, domain and certificate consistency, certificate validity period, and RSA public key strength. All validation results are processed using a URL scoring system to generate a security score ranging from 0 to 100, which classifies links into safe, suspicious, or dangerous categories. Experimental results demonstrate that the proposed website is capable of effectively identifying phishing indicators and providing transparent cryptographic evidence in real time. This approach can assist users in making informed decisions and improving protection against phishing threats in web environments.

The development of technology-based peer-to-peer financing services (LPBBTI) in Indonesia, including platforms like Shopee Paylater, has facilitated easier access to credit. However, this progress is accompanied by cybersecurity risks, such as unauthorized use and account breaches. This study aimed to (1) analyze the operation of LPBBTI under prevailing regulations, and (2) examine the legal liability of parties in cases of Shopee Paylater credit breaches.The study employed a normative legal approach with prescriptive characteristics, combining statutory, conceptual, and case-based analyses. Primary and secondary legal materials were obtained through literature review of Law No. 8 of 1999, POJK No. 10 of 2022, POJK No. 40 of 2024, and personal data protection regulations. The analysis was conducted descriptively and qualitatively. The findings indicate that, despite OJK regulations, Shopee Paylater’s electronic agreements still contain standard clauses that unilaterally shift all account security risks to users. This practice potentially violates Article 18(1)(a) of the Consumer Protection Law and is void under Article 18(3). Consequently, consumers remain liable for payments even if transactions are conducted illegally by third parties. In line with Article 19 of the Consumer Protection Law, service providers should assume liability, as system security is under their control.

The increasing complexity and scale of modern network traffic driven by IoT and cloud-based infrastructures have made accurate intrusion detection a critical challenge. Conventional network intrusion detection systems (NIDS) and many deep learning–based approaches struggle to reliably detect minority and stealthy attacks due to severe class imbalance and limited discrimination of subtle traffic patterns. To address these limitations, this study proposes a hybrid CNN–RBF–Attention framework for network intrusion detection. The proposed model integrates three complementary components: (i) a convolutional neural network for hierarchical feature extraction from network flow data, (ii) a radial basis function (RBF) network for localized nonlinear classification using prototype-based decision regions, and (iii) an attention mechanism that adaptively weights RBF activations to emphasize discriminative traffic patterns. SMOTE is applied exclusively to the training data to mitigate class imbalance. The framework is evaluated on the widely used CICIDS2017 and CICIDS2018 benchmark datasets in both binary and multiclass settings, using recall, precision, F1-score, confusion matrices, and ROC analysis. Experimental results demonstrate that the proposed hybrid model consistently outperforms standalone CNN and RBF baselines, particularly in terms of recall and F1-score. On the CICIDS2018 dataset, the model achieves 99.81% accuracy and 99.81% F1-score in binary classification, and 99.54% accuracy and 99.54% F1-score in multiclass classification. On CICIDS2017, it achieves 98.12% accuracy and 98.12% F1-score in binary classification, and 98.92% accuracy and 98.92% F1-score in multiclass classification. Confusion matrix and ROC analyses further show strong class separability and reliable performance in low–false-positive-rate regions, which is critical for real-world IDS deployment. These results confirm that combining deep hierarchical feature learning, localized prototype-based classification, and attention-guided refinement yields a robust, operationally reliable intrusion detection framework for highly imbalanced network environments.

Digital fraud, particularly schemes involving the distribution of fake wedding invitations through instant messaging applications such as WhatsApp, has developed into a serious problem in Indonesia along with the increasing use of digital technology in everyday life. This fraudulent modus operandi exploits victims’ curiosity, trust, and panic to prompt them to open malicious links or download harmful files containing malware. Such malware has the potential to damage device systems, steal personal data, and access sensitive information, including banking accounts and social media profiles. This form of fraud not only causes significant financial losses for victims but also results in psychological impacts, such as fear, trauma, and a loss of trust in digital communication. This article aims to comprehensively examine the modus operandi of digital fraud through fake wedding invitations, analyze the relevant legal framework, and assess the social and economic impacts on society. In addition, the article emphasizes the importance of improving digital literacy as an effective preventive measure to minimize the risk of digital fraud. To address this issue, the article proposes strengthening cooperation among law enforcement agencies, cybersecurity institutions, and technology service providers. Recommendations are also directed toward reinforcing regulations, enhancing the effectiveness of law enforcement, and intensifying public awareness campaigns to reduce the incidence of digital fraud in Indonesia.

Digital transformation has become a strategic necessity for both public and private organizations in improving efficiency, service quality, and competitiveness in the digital era. The success of digital transformation is greatly influenced by the readiness and planning of integrated and sustainable IT infrastructure. This study aims to analyze the role of IT infrastructure planning in supporting the implementation of organizational digital transformation. The method used is a systematic literature review of scientific publications relevant to the topic of IT infrastructure, strategic information system planning, and digital transformation. The review results indicate that IT infrastructure serves as the main foundation of digital transformation, encompassing hardware, software, networks, data centers, information security, and human resources. Poorly planned IT infrastructure has the potential to cause various issues, such as limited technology capacity, digital divides, cybersecurity risks, and investment inefficiencies. Therefore, strategic IT infrastructure planning that aligns with the organization's vision is required, supported by adequate funding, human resource competency development, and adaptive digital leadership to ensure the successful and sustainable implementation of digital transformation.

Big data platforms face significant challenges related to cybersecurity and privacy due to the vast volume, variety, and velocity of data they manage. Traditional static security measures often fail to address the dynamic and complex nature of big data environments. This research proposes an adaptive cybersecurity framework that integrates dynamic access control and differential privacy mechanisms to enhance both the security and privacy of big data platforms. The dynamic access control mechanism continuously adjusts access permissions in real-time based on changing risk and trust levels, ensuring that sensitive data remains secure even as user roles and data flows evolve. The differential privacy mechanism adds noise to data, preserving individual privacy while allowing for meaningful data analysis. Through simulations and case studies, the framework was evaluated in various real-world environments, including healthcare, IoT, and finance, where it demonstrated scalability, efficiency, and robust security performance. The results showed that the proposed framework significantly reduced unauthorized access attempts and maintained data privacy, while still enabling effective data analysis. Although there were some challenges regarding performance overhead, particularly in resource-constrained environments, the framework remained effective in large-scale systems. The findings highlight the importance of adaptive security practices in big data environments and suggest that future research should focus on refining dynamic security mechanisms and applying differential privacy in diverse real-world scenarios. These advancements are essential for ensuring that big data platforms can handle evolving cyber threats without compromising data utility or privacy.

The increasing complexity and scale of modern cybersecurity threats necessitate the development of advanced systems capable of efficiently detecting, analyzing, and mitigating incidents in real time. This paper proposes an automated framework for digital forensics and incident response that leverages big data analytics and real time network traffic profiling. The framework integrates cutting-edge technologies, including Apache Spark for real time data processing and Hadoop for scalable data storage, combined with machine learning models like LSTM and Autoencoders to detect anomalies and threats in network traffic. By automating the process of incident detection and response, this framework significantly reduces the time required to identify threats and improves the accuracy of forensic evidence correlation across heterogeneous network environments. The study highlights the advantages of using machine learning models and big data tools to address the limitations of traditional manual and semi-automated systems, which often struggle to keep pace with large-scale data generation. Testing results demonstrate that the proposed framework can handle large data volumes efficiently, providing real time, actionable insights with significantly reduced response times. Additionally, the framework improves forensic analysis by enabling the correlation of evidence from different devices and protocols, making it more effective than traditional methods in identifying the root cause of security incidents. However, challenges related to data heterogeneity, scalability, and system integration were encountered during testing. The proposed framework holds promise for significantly enhancing the efficiency and effectiveness of cybersecurity operations, with future work focusing on further integration of advanced AI techniques and machine learning models for dynamic and adaptive incident response.

The increasing sophistication of cyber threats has rendered traditional cybersecurity models insufficient in safeguarding enterprise networks. This study introduces a risk aware cybersecurity governance model that integrates real time threat intelligence with predictive anomaly detection to proactively mitigate potential threats. By leveraging advanced machine learning and AI techniques, the model enhances the ability to identify and address cyber threats before they can escalate into significant incidents. The model’s ability to predict anomalies, analyze real time threat intelligence feeds, and provide early warnings allows for faster response times and reduced risk exposure compared to traditional reactive models. Through simulations and real-world use cases, the proposed model demonstrated a 30% reduction in response time and a 25% decrease in overall risk exposure, showing its potential to improve security decision-making and resilience in dynamic threat environments. Unlike traditional models that rely on static rules and periodic policies, the proposed model uses predictive analytics to stay ahead of evolving threats, ensuring continuous monitoring and rapid adaptation. This proactive approach enhances organizational resilience, particularly in handling sophisticated cyber threats such as ransomware, malware, and phishing attacks. Despite its effectiveness, challenges such as data overload, scalability, and the need for interpretability in AI models remain. Future research will focus on refining predictive models, improving scalability for larger networks, and enhancing the explainability of machine learning models to foster greater trust in automated cybersecurity systems. This study contributes to the ongoing evolution of cybersecurity governance by demonstrating the value of integrating predictive and real time monitoring technologies for enhanced threat detection and mitigation.

The rapid proliferation of Internet of Things (IoT) devices across diverse industries has significantly increased the vulnerability of IoT edge networks to sophisticated cyber threats. Traditional intrusion detection systems (IDS), such as signature-based and anomaly-based approaches, are often insufficient in addressing the dynamic and evolving nature of these threats. This study proposes a hybrid intrusion detection system (IDS) framework that combines supervised machine learning (ML) techniques with deep reinforcement learning (DRL) to enhance detection performance in real-time, resource-constrained IoT environments. The proposed framework utilizes supervised learning for initial traffic classification and DRL for adaptive decision-making, enabling the system to continuously learn and optimize its detection policies based on new attack patterns. The hybrid approach significantly improves detection accuracy and reduces false positives when compared to conventional signature-based and single-model ML systems. In addition to improved detection capabilities, the framework's computational efficiency allows it to operate effectively within the constraints of IoT devices, ensuring that it is suitable for large-scale deployments. Benchmark evaluations using publicly available datasets, such as NSL-KDD, IoT-23, and BoT-IoT, show that the hybrid IDS framework outperforms traditional methods, providing a more robust and adaptive solution to cybersecurity challenges in IoT edge networks. The findings of this study suggest that combining machine learning with deep reinforcement learning offers a promising approach to secure IoT environments and address the limitations of existing IDS techniques. Future work will explore enhancing real-time adaptability, scalability, and the detection of zero-day attacks in evolving IoT ecosystems.

This study investigates the role of Information Technology (IT) governance in enhancing risk management performance and ensuring regulatory compliance within multinational digital enterprises. As digital transformation continues to reshape the global business landscape, organizations face increasing challenges in managing technological risks and complying with complex regulatory requirements across various jurisdictions. The study adopts a quantitative approach, using a survey methodology to collect data from senior IT and compliance managers in multinational digital enterprises. The survey focuses on how IT governance frameworks, such as COBIT 2019 and ISO 27000, are utilized to align IT strategies with business objectives, mitigate risks, and maintain regulatory compliance. The findings indicate that organizations with well-established IT governance structures are better positioned to proactively identify and mitigate risks, ensuring greater consistency in meeting regulatory requirements. These organizations demonstrate improved risk management effectiveness, especially concerning cybersecurity, data privacy, and compliance with global regulations like GDPR. In contrast, organizations with ad hoc or decentralized governance structures struggle with fragmented risk management and compliance efforts. The study further highlights the importance of integrating IT governance frameworks with internal audit functions, specifically the Chief Audit Executive (CAE), to enhance cybersecurity resilience and ensure compliance with global standards. This research contributes to the literature by providing empirical evidence on the integration of IT governance, risk management, and regulatory compliance in multinational enterprises. It also highlights the need for a structured and systematic approach to IT governance to improve organizational performance in managing risks and ensuring consistent regulatory adherence. The study offers practical insights for organizations looking to optimize their IT governance structures in the face of rapid digital transformation.

This study presents a comprehensive comparative analysis of four traditional machine learning algorithms Decision Tree, Random Forest, K-Nearest Neighbors, and Support Vector Machine for Android malware detection using the preprocessed TUANDROMD dataset comprising 4,465 instances and 241 features representing both static and dynamic application characteristics. Motivated by the limitations of conventional signature-based and hybrid detection methods, especially in managing imbalanced datasets and detecting emerging malware variants, the study employed SMOTE to ensure balanced training data and fair model evaluation. The dataset was divided into 80% training and 20% testing subsets, and models were assessed using key performance metrics including accuracy, precision, recall, F1-score, and ROC AUC. The findings revealed that the proposed Random Forest model outperformed the other classifiers, achieving an accuracy of 0.993, precision of 0.992, recall of 1.000, F1-score of 0.996, and a near-perfect ROC AUC of 0.9998 surpassing state-of-the-art approaches. These results affirm the superior predictive capability, consistency, and robustness of the Random Forest algorithm in Android malware detection. The study concludes that base models, when integrated with class-balancing techniques, provide reliable and efficient malware detection across imbalanced datasets. For future research, the study recommends exploring advanced hybrid or ensemble frameworks that integrate Random Forest with deep learning architectures or other meta-heuristic optimization techniques to further enhance detection accuracy, adaptability, and resilience against rapidly evolving Android malware threats.

This study analyzes online fraud as one of the most common forms of cybercrime in Indonesia, which has expanded alongside rapid advances in information and communication technology. These crimes utilize digital platforms such as social media, online marketplaces, and fraudulent websites to deceive victims for unlawful financial gain. The research aims to examine online fraud from a criminological perspective by identifying its causes, patterns, and relevance to routine activity theory and differential association theory. A normative juridical method is employed, using statutory, conceptual, and case-based approaches, with qualitative and descriptive analysis. The findings show that online fraud reflects a shift from conventional fraud to digital-based crimes, driven by low public awareness of cybersecurity, easy access to technology, and weak online supervision. Several fraud schemes were identified, including online investment scams, phishing, and identity impersonation. This study highlights the need for an integrated approach that goes beyond law enforcement by emphasizing digital literacy, public education, and cross-sector collaboration to reduce cybercrime in Indonesia.

This study examines the dynamics of Data Driven Policy implementation in Indonesia, which faces a disconnect between the ambitions of digital regulation and the reality of execution on the ground. Using a qualitative approach with the Three Lenses of Evidence-Based Policy analysis framework (Head, 2008), this study examines the interaction between scientific evidence, political considerations, and professional practices in government data governance. The results show that although legal infrastructure such as Satu Data Indonesia (SDI) has been established, its effectiveness is hampered by structural barriers: the dominance of sectoral egos and a culture of intuitive decision-making (political lens), as well as a mix of digital talent and resistance from a paternalistic bureaucratic culture (practical lens). These findings confirm that data fragmentation and cybersecurity incidents are not simply technical failures, but rather systemic governance failures. Therefore, this study recommends a “soft reform” strategy that integrates the enforcement of technical standards, budget incentive mechanisms, and digital leadership transformation to align data validity with the political realities of the bureaucracy.

The digital era has transformed the financial sector through the integration of FinTech, making it more susceptible to increasingly complex cyber threats. As these risks rise, there has been a significant increase in academic research to better understand the cybersecurity challenges within the financial sector. This study aims to explore the development of cybersecurity research globally within this field. By utilizing bibliometrics, the research analyzes literature data collected from the Scopus database over the last five years. The analysis was conducted using VOSviewer and RStudio to identify dominant clusters, with cybersecurity and network security as the central themes linking various sub-fields, including artificial intelligence, cyberattacks, and phishing. The findings reveal areas of extensive research and highlight gaps that require further exploration. This study provides valuable insights for researchers and professionals in the cybersecurity field, offering a roadmap for future investigations and the identification of underexplored areas that need attention. Ultimately, this research contributes to advancing knowledge in the financial sector’s cybersecurity landscape and assists in shaping future research directions.

This study presents a meta-analysis of open-access accounting information systems (AIS) literature in Indonesia during the digital transition period of 2015-2025. The primary objective is to identify and map the taxonomy of Independent Variables (X) and Dependent Variables (Y) predominantly used in academic and practical research. Through a systematic review of 15 key accredited articles with Digital Object Identifiers (DOI), this research finds that AIS success determinants (Variable X) have evolved from purely technical factors to integrative clusters encompassing Human Capital (competence, training), Organizational (culture, management commitment), and Technological (infrastructure, internal control) aspects. Meanwhile, Dependent Variables (Y) have shifted from mere technical user satisfaction to strategic impacts such as financial report quality, operational efficiency, and MSME business performance. These findings indicate that AIS research in Indonesia is heavily influenced by public sector regulatory contexts and cloud technology adoption in the MSME sector. This report serves as a reference framework for future researchers to explore emerging variables such as artificial intelligence and cybersecurity behavior within the accounting ecosystem.

: The rapid expansion of cybersecurity standards and threat intelligence frameworks has led to significant semantic fragmentation among security terminologies, hindering effective information retrieval and interoperability across systems. Traditional keyword-based search approaches are inadequate for capturing the contextual meaning of security terms, particularly within formal frameworks such as NIST, MITRE ATT&CK, and CWE. This study addresses this challenge by proposing CyberBERT, a transformer-based semantic search framework designed to align cybersecurity terminologies through deep contextual representation and ontology-driven reasoning. Research Objectives: The primary objective of this research is to develop a semantic retrieval model capable of understanding conceptual relationships between security terms beyond lexical similarity. Methodology: The proposed methodology fine-tunes a BERT-based model on the NIST Glossary corpus using a combination of masked language modeling and triplet loss objectives to generate discriminative semantic embeddings. These embeddings are further aligned with cybersecurity ontologies, including MITRE ATT&CK and CWE, to enhance semantic consistency and explainability. Semantic retrieval is performed using cosine similarity within a 768-dimensional embedding space and evaluated using Mean Reciprocal Rank (MRR) and Precision@K metrics. Results: Experimental results demonstrate that CyberBERT achieves an MRR of 0.832, outperforming domain-adapted baselines such as SecureBERT and CyBERT. The integration of ontology alignment improves semantic accuracy by over 6%, while robustness evaluations confirm resilience against adversarial linguistic perturbations. Visualization using t-SNE reveals coherent semantic clustering aligned with the five core NIST Cybersecurity Framework functions. Conclusions: In conclusion, CyberBERT effectively bridges semantic gaps across cybersecurity terminologies by combining transformer-based contextual learning with ontological reasoning. The framework offers a robust, interpretable, and scalable solution for semantic search, supporting improved interoperability and knowledge discovery in cybersecurity operations and standards harmonization.

The development of information technology has produced a significant transformation in election administration mechanisms, including within the City of Palangka Raya. The digitalization of various services and information systems requires the General Elections Commission (KPU) to enhance transparency while simultaneously ensuring the security of voter data and election results. This study aims to examine the key challenges faced by the Palangka Raya KPU in balancing the need for information openness with data protection in the digital era. The research employs a qualitative descriptive method through literature review, direct observation, and structured interviews with KPU staff, election supervisors, and relevant stakeholders. The findings indicate that digitalization improves the effectiveness of public information dissemination, including through the use of Sidalih and Sirekap, yet it also introduces vulnerabilities such as potential voter data breaches, cyberattacks, and the spread of disinformation through social media. Moreover, limitations in human resources with technological expertise serve as constraints in optimizing digital security. Conversely, the implementation of data security standards and improvements in voter digital literacy contribute to strengthening public trust in the election process. Thus, the Palangka Raya KPU needs to reinforce cybersecurity infrastructure, enhance internal technical capacity, and broaden public education programs to safeguard electoral integrity amid increasing transparency demands and digital risks. Collaboration among government, academia, and the community is a strategic element in maintaining the quality of democracy in the digital era.