1. Towards a sustainable cybersecurity governance : threat modelling with large language modelsNika Jeršič, Muhamed Turkanović, Tina Beranič, 2025, izvirni znanstveni članek Opis: With the increased complexity of applications and systems, threat modelling struggles to keep pace with the evolution of risks. This article addresses this challenge by exploring how large language models (LLMs) can be leveraged to create comprehensive threat models across different risk assessment methodologies. We examine whether a single generic prompt can support frameworks such as LINDDUN, PASTA, and STRIDE, despite their different requirements. Through this comparative analysis, we identify components that enable AI-based assessments, while acknowledging that privacy, regulatory, and dynamic risks require adaptation of the frameworks. Our findings show that a universal guideline is feasible for broad applications, but adaptation is necessary for effective use. Overall, LLM-based threat modelling improves the accessibility, repeatability, and effectiveness of risk analysis and supports stronger and more sustainable practices.
Ključne besede: cybersecurity, large language models, threat modelling, sustainability, resilient infrastructure, SDG 9
Objavljeno v DKUM: 02.12.2025; Ogledov: 0; Prenosov: 1
 Celotno besedilo (875,62 KB) |
2. The impact of students’ cybersecurity vulnerability behavior on e-learning obstaclesIbrahim Mohamed Taha, Rajaa Hussein Abd Ali, Ali Abdulhassan Abbas, 2025, izvirni znanstveni članek Opis: Background/purpose: This study examines the relationship between students’ cybersecurity vulnerability behavior and e-learning obstacles. With the rapid growth of online education, ensuring the security and privacy of digital
platforms has become crucial. In this background, the current study is a first-of-its-kind attempt to understand the
relationship between these two variables in the background of higher educational institutions in Iraq.
Methods: For this study, the researchers collected data during 2023 from students aged between 19 and 25 enrolled
in the University of Karbala, Iraq, using a semi-structured research questionnaire, who were selected through a random sampling method. The questionnaire comprised questions pertaining to the dimensions of both the dependent
and the independent variable. A total of 350 valid responses were considered for the analysis in which PLS-SEM
was conducted.
Results: The outcomes revealed that the professional and human obstacles have a high association with cybersecurity vulnerability behavior. The study also found that the overall obstacles have a significant effect on the cybersecurity vulnerability behavior. All hypotheses were verified and the outcomes confirm that there is an effective
relationship between cybersecurity vulnerability behavior and e-learning obstacles Conclusion: Based on the study outcomes, the authors proposed a few recommendations for all the stakeholders of the e-learning process, such as ducational institutions, governments, faculty members, students, and their parents. Though the current study has been confined to a single university in Iraq, future researchers can focus on expanding the study to other higher educational institutions so that a nationwide policy-level initiative can be brought based on the research evidence.
Ključne besede: cybersecurity vulnerability behavior, e-learning obstacles, higher education, PLS-SEM, student motivation, learning behaviour
Objavljeno v DKUM: 06.08.2025; Ogledov: 0; Prenosov: 2
Celotno besedilo (2,90 MB)
Gradivo ima več datotek! Več... |
3. Data breaches in healthcare: security mechanisms for attack mitigationLili Nemec Zlatolas, Tatjana Welzer-Družovec, Lenka Lhotska, 2024, izvirni znanstveni članek Opis: The digitalisation of healthcare has increased the risk of cyberattacks in this sector, targeting sensitive personal information. In this paper, we conduct a systematic review of existing solutions for data breach mitigation in healthcare, analysing 99 research papers. There is a growing trend in research emphasising the security of electronic health records, data storage, access control, and personal health records. The analysis identified the adoption of advanced technologies, including Blockchain and Artificial Intelligence, alongside encryption in developing resilient solutions. These technologies lay the foundations for addressing the prevailing cybersecurity threats, with a particular focus on hacking or malicious attacks, followed by unauthorised access. The research highlights the development of strategies to mitigate data breaches and stresses the importance of technological progress in strengthening data security. The paper outlines future directions, highlighting the need for continuous technological progress and identifying the gaps in the attack mitigations.
Ključne besede: data security, privacy, sensitive personal information, electronic health records, cybersecurity
Objavljeno v DKUM: 23.08.2024; Ogledov: 109; Prenosov: 14
Celotno besedilo (1,51 MB) |
4. Privacy and data protection concerns in the regulatory framework of Slovenian energy lawZoran Dimović, 2023, izvirni znanstveni članek Opis: The implementation of smart energy systems (SES) in the Slovenian energy sector has raised significant privacy and data protection concerns. The collection and processing of personal data from energy consumers, as well as cybersecurity threats, pose risks that must be addressed. The legal framework governing privacy and data protection in the energy field in Slovenia is based on the GDPR, ZOEE, ZVPot-1, ZVOP-2 and others, which impose significant obligations on entities processing personal data. To mitigate these risks, exact terminology must be used to implement privacy, data protection and also cybersecurity measures and ensure compliance with the legal framework.
Ključne besede: cybersecurity, data protection, energy law, green and digital transformation, privacy protection
Objavljeno v DKUM: 20.02.2024; Ogledov: 341; Prenosov: 46
Celotno besedilo (456,29 KB)
Gradivo ima več datotek! Več... |
5. Identifying key activities, artifacts and roles in agile engineering of secure software with hierarchical clusteringAnže Mihelič, Tomaž Hovelja, Simon Vrhovec, 2023, izvirni znanstveni članek Opis: Different activities, artifacts, and roles can be found in the literature on the agile engineering of secure software (AESS). The purpose of this paper is to consolidate them and thus identify key activities, artifacts, and roles that can be employed in AESS. To gain initial sets of activities, artifacts, and roles, the literature was first extensively reviewed. Activities, artifacts, and roles were then cross-evaluated with similarity matrices. Finally, similarity matrices were converted into distance matrices, enabling the use of Ward’s hierarchical clustering method for consolidating activities, artifacts, and roles into clusters. Clusters of activities, artifacts, and roles were then named as key activities, artifacts, and roles. We identified seven key activities (i.e., security auditing, security analysis and testing, security training, security prioritization and monitoring, risk management, security planning and threat modeling; and security requirements engineering), five key artifacts (i.e., security requirement artifacts, security repositories, security reports, security tags, and security policies), and four key roles (i.e., security guru, security developer, penetration tester, and security team) in AESS. The identified key activities, artifacts, and roles can be used by software development teams to improve their software engineering processes in terms of software security.
Ključne besede: secure software development, security engineering, agile methods, agile development, software development, software engineering, software security, application security, cybersecurity, cyber resilience
Objavljeno v DKUM: 29.11.2023; Ogledov: 417; Prenosov: 14
Celotno besedilo (557,17 KB)
Gradivo ima več datotek! Več... |
6. Advances in cybersecurity 20172017, znanstvena monografija Opis: Understanding the cyberspace and awareness of its effects impacts the lives of all individuals. Thus, the knowledge of cybersecurity in both organizations and private operations is essential. Research on various aspects of cybersecurity is crucial for achieving adequate levels of cybersecurity. The content of this scientific monograph provides answers to various topical questions from the organizational, individual, sociological, technical and legal aspects of security in the cyberspace. The papers in the monograph combine the findings of researchers from different subareas of cybersecurity, show the effects of adequate levels of cybersecurity on the operations of organizations and individuals, and present the latest methods to defend against threats in the cyberspace from technical, organizational and security aspects.
Ključne besede: cybersecurity, cyber resilience, mobile security, digital privacy, IoT security
Objavljeno v DKUM: 08.12.2017; Ogledov: 1933; Prenosov: 426
Celotno besedilo (3,56 MB)
Gradivo ima več datotek! Več... |
