Publication Search

The rapid advancement of digital technology has fundamentally altered the landscape of public governance, compelling local governments to adapt and embrace digital transformation. This study investigates the challenges and opportunities faced by local governments in Indonesia in implementing digital governance transformation within the framework of Society 5.0. Using a systematic literature review and case study methodology, this research analyzes governance transformation policies, institutional readiness, digital infrastructure, and human resource capacity across selected Indonesian regional governments. The findings reveal that while significant opportunities exist including enhanced public service delivery, improved transparency, citizen participation, and inter-agency coordination substantial challenges persist in digital infrastructure disparities, limited human resource capacity, regulatory ambiguity, and cybersecurity vulnerabilities. The study identifies five critical success factors for effective digital governance transformation: strong political commitment, adequate digital infrastructure investment, comprehensive human resource development, adaptive regulatory frameworks, and inclusive citizen engagement mechanisms. This research contributes to the theoretical discourse on e-government and digital governance in the context of developing countries, while offering practical policy recommendations for local governments navigating the transition to Society 5.0. The implications extend to policymakers, practitioners, and scholars engaged in public administration reform in the digital age.

Inconsistent terminology across cybersecurity frameworks undermines global governance and interoperability. The National Institute of Standards and Technology Cybersecurity Framework (NIST CSF 2.0) and ISO/IEC 27001:2022 share similar objectives but diverge semantically in defining risk, control, and resilience. This semantic gap causes difficulties in compliance mapping and automated policy translation. Research Objectives: This study aims to analyze the semantic similarity and divergence between NIST and ISO/IEC 27000 terminologies, identify conceptual structures influencing interoperability, and propose an AI-assisted foundation for harmonizing cybersecurity language globally. Methodology: A mixed-method semantic comparative design integrates Natural Language Processing (NLP) and ontology mapping. Using the nist_glossary.csv dataset and ISO vocabularies, terms were normalized and analyzed via cosine similarity using sentence-transformer embeddings. Ontological alignment was visualized through the Semantic Threat Graph (STG) and validated by certified experts using Cohen’s Kappa reliability tests. Results: From 672 term pairs, results show 40.9% high semantic equivalence, 38.8% partial overlap, and 20.3% semantic divergence. Strongest alignment appears in “Protect” and “Identify” domains, while divergences occur in governance and recovery-related terms. Ontology mapping revealed three conceptual clusters—Risk Governance, Technical Safeguards, and Organizational Readiness. Conclusions: Findings confirm a 79.7% total semantic alignment, indicating strong potential for harmonizing global cybersecurity standards. The study contributes an empirical model combining computational linguistics and AI-based ontology mapping to establish semantic interoperability, enabling unified cybersecurity governance and AI-driven compliance automation. Keywords: Semantic Interoperability; Ontology Mapping; Cybersecurity Frameworks; Terminology Alignment; AI Harmonization

Explainable artificial intelligence (XAI) has become a critical requirement in cybersecurity due to the high-stakes nature of security decision-making and the limitations of black-box learning models. This study investigates the construction of an explainable cybersecurity knowledge representation by leveraging standardized terminology from the NIST cybersecurity glossary. The primary problem addressed is the lack of transparent and semantically grounded reasoning mechanisms in existing AI-driven cybersecurity systems, which limits trust, accountability, and analyst adoption. To address this challenge, we propose a NIST-based semantic knowledge graph that embeds explainability directly into its ontology structure and reasoning process. The proposed framework systematically extracts definitional entities and relations from NIST glossary entries to construct a domain ontology and a multi-relational knowledge graph. A rule-based semantic relation extraction method is employed to ensure faithful, interpretable, and reproducible reasoning paths. The resulting knowledge graph contains over 3,000 cybersecurity concepts and approximately 27,000 semantic relations, covering hierarchical, associative, dependency, and mitigation semantics. Experimental evaluation demonstrates that the proposed approach achieves a high level of explainability, with 92.4% of reasoning outcomes being fully traceable and only 1.4% classified as non-traceable. Most explainable reasoning paths are limited to two or three hops, indicating an effective balance between inferential depth and human interpretability. Structural analysis further confirms the presence of meaningful hub concepts that support multi-hop semantic inference. These results confirm that ontology-driven, standard-based knowledge graphs provide a robust foundation for explainable cybersecurity intelligence. The study concludes that explainability-by-design, grounded in authoritative standards, offers a viable and trustworthy alternative to opaque AI models for cybersecurity applications.

The rapid expansion of internet usage has led to a significant increase in cybersecurity threats, particularly phishing attacks delivered through malicious links. Phishing links are designed to imitate legitimate websites in order to deceive users and steal sensitive information. This study presents the implementation of a phishing link detection website based on SSL validation and URL scoring mechanisms. The proposed system integrates heuristic-based URL analysis with real-time SSL certificate validation obtained through the SSL handshake process. Digital certificates are verified using RSA-based digital signature verification issued by trusted Certificate Authorities (CAs). In addition, the SHA-256 hash algorithm is employed to generate certificate fingerprints and URL hashes to ensure data integrity and uniqueness. The system also evaluates HTTPS usage, domain and certificate consistency, certificate validity period, and RSA public key strength. All validation results are processed using a URL scoring system to generate a security score ranging from 0 to 100, which classifies links into safe, suspicious, or dangerous categories. Experimental results demonstrate that the proposed website is capable of effectively identifying phishing indicators and providing transparent cryptographic evidence in real time. This approach can assist users in making informed decisions and improving protection against phishing threats in web environments.

The development of technology-based peer-to-peer financing services (LPBBTI) in Indonesia, including platforms like Shopee Paylater, has facilitated easier access to credit. However, this progress is accompanied by cybersecurity risks, such as unauthorized use and account breaches. This study aimed to (1) analyze the operation of LPBBTI under prevailing regulations, and (2) examine the legal liability of parties in cases of Shopee Paylater credit breaches.The study employed a normative legal approach with prescriptive characteristics, combining statutory, conceptual, and case-based analyses. Primary and secondary legal materials were obtained through literature review of Law No. 8 of 1999, POJK No. 10 of 2022, POJK No. 40 of 2024, and personal data protection regulations. The analysis was conducted descriptively and qualitatively. The findings indicate that, despite OJK regulations, Shopee Paylater’s electronic agreements still contain standard clauses that unilaterally shift all account security risks to users. This practice potentially violates Article 18(1)(a) of the Consumer Protection Law and is void under Article 18(3). Consequently, consumers remain liable for payments even if transactions are conducted illegally by third parties. In line with Article 19 of the Consumer Protection Law, service providers should assume liability, as system security is under their control.

The increasing complexity and scale of modern network traffic driven by IoT and cloud-based infrastructures have made accurate intrusion detection a critical challenge. Conventional network intrusion detection systems (NIDS) and many deep learning–based approaches struggle to reliably detect minority and stealthy attacks due to severe class imbalance and limited discrimination of subtle traffic patterns. To address these limitations, this study proposes a hybrid CNN–RBF–Attention framework for network intrusion detection. The proposed model integrates three complementary components: (i) a convolutional neural network for hierarchical feature extraction from network flow data, (ii) a radial basis function (RBF) network for localized nonlinear classification using prototype-based decision regions, and (iii) an attention mechanism that adaptively weights RBF activations to emphasize discriminative traffic patterns. SMOTE is applied exclusively to the training data to mitigate class imbalance. The framework is evaluated on the widely used CICIDS2017 and CICIDS2018 benchmark datasets in both binary and multiclass settings, using recall, precision, F1-score, confusion matrices, and ROC analysis. Experimental results demonstrate that the proposed hybrid model consistently outperforms standalone CNN and RBF baselines, particularly in terms of recall and F1-score. On the CICIDS2018 dataset, the model achieves 99.81% accuracy and 99.81% F1-score in binary classification, and 99.54% accuracy and 99.54% F1-score in multiclass classification. On CICIDS2017, it achieves 98.12% accuracy and 98.12% F1-score in binary classification, and 98.92% accuracy and 98.92% F1-score in multiclass classification. Confusion matrix and ROC analyses further show strong class separability and reliable performance in low–false-positive-rate regions, which is critical for real-world IDS deployment. These results confirm that combining deep hierarchical feature learning, localized prototype-based classification, and attention-guided refinement yields a robust, operationally reliable intrusion detection framework for highly imbalanced network environments.

Digital fraud, particularly schemes involving the distribution of fake wedding invitations through instant messaging applications such as WhatsApp, has developed into a serious problem in Indonesia along with the increasing use of digital technology in everyday life. This fraudulent modus operandi exploits victims’ curiosity, trust, and panic to prompt them to open malicious links or download harmful files containing malware. Such malware has the potential to damage device systems, steal personal data, and access sensitive information, including banking accounts and social media profiles. This form of fraud not only causes significant financial losses for victims but also results in psychological impacts, such as fear, trauma, and a loss of trust in digital communication. This article aims to comprehensively examine the modus operandi of digital fraud through fake wedding invitations, analyze the relevant legal framework, and assess the social and economic impacts on society. In addition, the article emphasizes the importance of improving digital literacy as an effective preventive measure to minimize the risk of digital fraud. To address this issue, the article proposes strengthening cooperation among law enforcement agencies, cybersecurity institutions, and technology service providers. Recommendations are also directed toward reinforcing regulations, enhancing the effectiveness of law enforcement, and intensifying public awareness campaigns to reduce the incidence of digital fraud in Indonesia.

Digital transformation has become a strategic necessity for both public and private organizations in improving efficiency, service quality, and competitiveness in the digital era. The success of digital transformation is greatly influenced by the readiness and planning of integrated and sustainable IT infrastructure. This study aims to analyze the role of IT infrastructure planning in supporting the implementation of organizational digital transformation. The method used is a systematic literature review of scientific publications relevant to the topic of IT infrastructure, strategic information system planning, and digital transformation. The review results indicate that IT infrastructure serves as the main foundation of digital transformation, encompassing hardware, software, networks, data centers, information security, and human resources. Poorly planned IT infrastructure has the potential to cause various issues, such as limited technology capacity, digital divides, cybersecurity risks, and investment inefficiencies. Therefore, strategic IT infrastructure planning that aligns with the organization's vision is required, supported by adequate funding, human resource competency development, and adaptive digital leadership to ensure the successful and sustainable implementation of digital transformation.

Big data platforms face significant challenges related to cybersecurity and privacy due to the vast volume, variety, and velocity of data they manage. Traditional static security measures often fail to address the dynamic and complex nature of big data environments. This research proposes an adaptive cybersecurity framework that integrates dynamic access control and differential privacy mechanisms to enhance both the security and privacy of big data platforms. The dynamic access control mechanism continuously adjusts access permissions in real-time based on changing risk and trust levels, ensuring that sensitive data remains secure even as user roles and data flows evolve. The differential privacy mechanism adds noise to data, preserving individual privacy while allowing for meaningful data analysis. Through simulations and case studies, the framework was evaluated in various real-world environments, including healthcare, IoT, and finance, where it demonstrated scalability, efficiency, and robust security performance. The results showed that the proposed framework significantly reduced unauthorized access attempts and maintained data privacy, while still enabling effective data analysis. Although there were some challenges regarding performance overhead, particularly in resource-constrained environments, the framework remained effective in large-scale systems. The findings highlight the importance of adaptive security practices in big data environments and suggest that future research should focus on refining dynamic security mechanisms and applying differential privacy in diverse real-world scenarios. These advancements are essential for ensuring that big data platforms can handle evolving cyber threats without compromising data utility or privacy.

The increasing complexity and scale of modern cybersecurity threats necessitate the development of advanced systems capable of efficiently detecting, analyzing, and mitigating incidents in real time. This paper proposes an automated framework for digital forensics and incident response that leverages big data analytics and real time network traffic profiling. The framework integrates cutting-edge technologies, including Apache Spark for real time data processing and Hadoop for scalable data storage, combined with machine learning models like LSTM and Autoencoders to detect anomalies and threats in network traffic. By automating the process of incident detection and response, this framework significantly reduces the time required to identify threats and improves the accuracy of forensic evidence correlation across heterogeneous network environments. The study highlights the advantages of using machine learning models and big data tools to address the limitations of traditional manual and semi-automated systems, which often struggle to keep pace with large-scale data generation. Testing results demonstrate that the proposed framework can handle large data volumes efficiently, providing real time, actionable insights with significantly reduced response times. Additionally, the framework improves forensic analysis by enabling the correlation of evidence from different devices and protocols, making it more effective than traditional methods in identifying the root cause of security incidents. However, challenges related to data heterogeneity, scalability, and system integration were encountered during testing. The proposed framework holds promise for significantly enhancing the efficiency and effectiveness of cybersecurity operations, with future work focusing on further integration of advanced AI techniques and machine learning models for dynamic and adaptive incident response.

The increasing sophistication of cyber threats has rendered traditional cybersecurity models insufficient in safeguarding enterprise networks. This study introduces a risk aware cybersecurity governance model that integrates real time threat intelligence with predictive anomaly detection to proactively mitigate potential threats. By leveraging advanced machine learning and AI techniques, the model enhances the ability to identify and address cyber threats before they can escalate into significant incidents. The model’s ability to predict anomalies, analyze real time threat intelligence feeds, and provide early warnings allows for faster response times and reduced risk exposure compared to traditional reactive models. Through simulations and real-world use cases, the proposed model demonstrated a 30% reduction in response time and a 25% decrease in overall risk exposure, showing its potential to improve security decision-making and resilience in dynamic threat environments. Unlike traditional models that rely on static rules and periodic policies, the proposed model uses predictive analytics to stay ahead of evolving threats, ensuring continuous monitoring and rapid adaptation. This proactive approach enhances organizational resilience, particularly in handling sophisticated cyber threats such as ransomware, malware, and phishing attacks. Despite its effectiveness, challenges such as data overload, scalability, and the need for interpretability in AI models remain. Future research will focus on refining predictive models, improving scalability for larger networks, and enhancing the explainability of machine learning models to foster greater trust in automated cybersecurity systems. This study contributes to the ongoing evolution of cybersecurity governance by demonstrating the value of integrating predictive and real time monitoring technologies for enhanced threat detection and mitigation.

The rapid proliferation of Internet of Things (IoT) devices across diverse industries has significantly increased the vulnerability of IoT edge networks to sophisticated cyber threats. Traditional intrusion detection systems (IDS), such as signature-based and anomaly-based approaches, are often insufficient in addressing the dynamic and evolving nature of these threats. This study proposes a hybrid intrusion detection system (IDS) framework that combines supervised machine learning (ML) techniques with deep reinforcement learning (DRL) to enhance detection performance in real-time, resource-constrained IoT environments. The proposed framework utilizes supervised learning for initial traffic classification and DRL for adaptive decision-making, enabling the system to continuously learn and optimize its detection policies based on new attack patterns. The hybrid approach significantly improves detection accuracy and reduces false positives when compared to conventional signature-based and single-model ML systems. In addition to improved detection capabilities, the framework's computational efficiency allows it to operate effectively within the constraints of IoT devices, ensuring that it is suitable for large-scale deployments. Benchmark evaluations using publicly available datasets, such as NSL-KDD, IoT-23, and BoT-IoT, show that the hybrid IDS framework outperforms traditional methods, providing a more robust and adaptive solution to cybersecurity challenges in IoT edge networks. The findings of this study suggest that combining machine learning with deep reinforcement learning offers a promising approach to secure IoT environments and address the limitations of existing IDS techniques. Future work will explore enhancing real-time adaptability, scalability, and the detection of zero-day attacks in evolving IoT ecosystems.

This study investigates the role of Information Technology (IT) governance in enhancing risk management performance and ensuring regulatory compliance within multinational digital enterprises. As digital transformation continues to reshape the global business landscape, organizations face increasing challenges in managing technological risks and complying with complex regulatory requirements across various jurisdictions. The study adopts a quantitative approach, using a survey methodology to collect data from senior IT and compliance managers in multinational digital enterprises. The survey focuses on how IT governance frameworks, such as COBIT 2019 and ISO 27000, are utilized to align IT strategies with business objectives, mitigate risks, and maintain regulatory compliance. The findings indicate that organizations with well-established IT governance structures are better positioned to proactively identify and mitigate risks, ensuring greater consistency in meeting regulatory requirements. These organizations demonstrate improved risk management effectiveness, especially concerning cybersecurity, data privacy, and compliance with global regulations like GDPR. In contrast, organizations with ad hoc or decentralized governance structures struggle with fragmented risk management and compliance efforts. The study further highlights the importance of integrating IT governance frameworks with internal audit functions, specifically the Chief Audit Executive (CAE), to enhance cybersecurity resilience and ensure compliance with global standards. This research contributes to the literature by providing empirical evidence on the integration of IT governance, risk management, and regulatory compliance in multinational enterprises. It also highlights the need for a structured and systematic approach to IT governance to improve organizational performance in managing risks and ensuring consistent regulatory adherence. The study offers practical insights for organizations looking to optimize their IT governance structures in the face of rapid digital transformation.

This study presents a comprehensive comparative analysis of four traditional machine learning algorithms Decision Tree, Random Forest, K-Nearest Neighbors, and Support Vector Machine for Android malware detection using the preprocessed TUANDROMD dataset comprising 4,465 instances and 241 features representing both static and dynamic application characteristics. Motivated by the limitations of conventional signature-based and hybrid detection methods, especially in managing imbalanced datasets and detecting emerging malware variants, the study employed SMOTE to ensure balanced training data and fair model evaluation. The dataset was divided into 80% training and 20% testing subsets, and models were assessed using key performance metrics including accuracy, precision, recall, F1-score, and ROC AUC. The findings revealed that the proposed Random Forest model outperformed the other classifiers, achieving an accuracy of 0.993, precision of 0.992, recall of 1.000, F1-score of 0.996, and a near-perfect ROC AUC of 0.9998 surpassing state-of-the-art approaches. These results affirm the superior predictive capability, consistency, and robustness of the Random Forest algorithm in Android malware detection. The study concludes that base models, when integrated with class-balancing techniques, provide reliable and efficient malware detection across imbalanced datasets. For future research, the study recommends exploring advanced hybrid or ensemble frameworks that integrate Random Forest with deep learning architectures or other meta-heuristic optimization techniques to further enhance detection accuracy, adaptability, and resilience against rapidly evolving Android malware threats.