Explore the vast range of titles available.

Due to the widespread acceptance of ChatGPT, implementing large language models (LLMs) in real-world applications has become an important research area. Such productisation of technologies allows the public to use AI without technical knowledge. LLMs can revolutionise and automate various healthcare processes, but security is critical. If implemented in critical sectors such as healthcare, adversaries can manipulate the vulnerabilities present in such systems to perform malicious activities such as data exfiltration and manipulation, and the results can be devastating. While LLM implementation in healthcare has been discussed in numerous studies, threats and vulnerabilities identification in LLMs and their safe implementation in healthcare remain largely unexplored. Based on a comprehensive review, this study provides new findings which do not exist in the current literature. This research has proposed a taxonomy to explore LLM applications in healthcare, a threat model considering the vulnerabilities of LLMs which may affect their implementation in healthcare, and a security framework for the implementation of LLMs in healthcare and has identified future avenues of research in LLMs, cybersecurity, and healthcare.

The aim of the study is to assess the security of information systems during an influence of advanced persistent threats. The article shows the need to build a threat model during an analyzing the security of information systems. Various approaches to modeling threats in information systems are considered, their advantages and disadvantages are noted, requirements for the developed methodology are formed. As a result of the study, a method for modeling computer attack scenarios and assessing the security of information systems under the influence of advanced persistent threats is formed, based on the use of risk matrix models. A method for determining categorical variables characterizing the probability and damage as a result of the implementation of information threats using clustering methods is also proposed. The example demonstrates the use of a graph of threat matrices for modeling scenarios of targeted computer attacks on information system assets. The scientific novelty of the work consists in the proposal of a method for analyzing the security of information systems, which takes into account the possibility of changing the probability of the implementation of information threats during the life cycle of an advanced persistent threat, the dependence of information threats and the value of information assets for the intruder and their owner, which makes it possible to predict various scenarios of computer attacks.

Quantum computing challenges the long-term security assumptions of blockchain systems that rely on classical public-key cryptography, motivating the adoption of post-quantum cryptography and quantum key distribution (QKD). This review maps research fronts at the intersection of blockchain and quantum-safe security, linking threat assumptions to post-quantum mechanisms, blockchain layers, and QKD positioning. Records were retrieved from Scopus and Web of Science using a two-block query and filtered through a PRISMA-guided workflow for bibliometric mapping. The final corpus comprises 648 journal articles and shows accelerated publication growth after 2023, with scientific production concentrated in a small set of leading countries. Keyword structures indicate that IoT-centric deployments dominate the semantic backbone, where authentication and intelligent methods co-occur with blockchain security primitives, while post-quantum and privacy-preserving constructs form a cohesive technical stream. QKD appears as a distinct but more specialized theme, typically discussed at the system level and shaped by infrastructure and scalability constraints. Overall, the literature is moving from conceptual risk articulation toward engineering integration; however, progress is limited by inconsistent reporting of threat models, post-quantum parameter sets, and ledger-level cost trade-offs, highlighting the need for auditable and reproducible evaluation.

With the rapid growth of the software industry, the software supply chain (SSC) has become the most intricate system in the complete software life cycle, and the security threat situation is becoming increasingly severe. For the description of the SSC, the relevant research mainly focuses on the perspective of developers, lacking a comprehensive understanding of the SSC. This paper proposes a chain portrait framework of the SSC based on a resource perspective, which comprehensively depicts the threat model and threat surface indicator system of the SSC. The portrait model includes an SSC threat model and an SSC threat indicator matrix. The threat model has 3 levels and 32 dimensions and is based on a generative artificial intelligence model. The threat indicator matrix is constructed using the Attack Net model comprising 14-dimensional attack strategies and 113-dimensional attack techniques. The proposed portrait model’s effectiveness is verified through existing SSC security events, domain experts, and event visualization based on security analysis models.

This article highlights the issue of identifying information security threats to computer networks. The aim of the study is to increase the number of identified threats. Firstly, it was carried out the analysis of computer network models used to identify threats, as well as in approaches to building computer network threat models. The shortcomings that need to be corrected are highlighted. On the basis of the mathematical apparatus of attributive metagraphs, a computer network model is developed that allows to describe the software components of computer networks and all possible connections between them. On the basis of elementary operations on metagraphs, a model of threats to the security of computer network software is developed, which allows compiling lists of threats to the integrity and confidentiality of computer network software. These lists include more threats in comparison with the considered analogues.

Digital systems are almost always vulnerable, yet we increasingly depend on these systems. There will be many threats towards these system. In a fully networked system, the vulnerabilities will literally be exposed to the whole world. The exposed vulnerabilities may be transformed into attacks. To counter this state of “vulnerability”, the standard remedy is to conduct security requirements analysis and security threat modeling. Threats are assessed, and various countermeasures are devised. The totality of these measures may be described as a security architecture. The goal of a security architecture will largely be to make the system robust and resilient in the face of an adversary. However, we shall argue that this is not enough. Security architecture designs should go one step further, and actually improve the defenses when faced with hostile actions. That is, the security architectures must become antifragile.

Traditional attack descriptions and threat modeling are discussed directly from the perspective of attacking infrastructure, i.e., platforms, using malicious code. For example, it is believed that exploiting vulnerabilities to access the system, and then invading the target platform that support the specified business through lateral movement can achieve the purpose of attacking the business. The most classic Cyber Kill Chain model expresses the attack process almost directly as a life cycle of malicious code execution, but in fact there are many ways can be utilized by adversary, such as the dependencies among businesses. In this paper, we discuss threat transmission from a business perspective. In a business dependency sequence, if any of the businesses prior to the specified business is abnormal, it is unlikely that the business will operate normally either. This leads adversary to target various business support platforms of the business dependent sequence in order to disrupt the normal operation of the target business, rather than attacking through lateral movement. For adversary organizations whose goal is to paralyze the architecture which includes many systems, they will utilize the interrelationships of businesses in the architecture to make the effects of the attack transmit from business to business, this attack pattern cannot be described by traditional threat models. This paper constructs an architecture model that integrates the platform and business, and also constructs a threat model that reflects the ripple effect of threats utilizing the dependency among businesses. The threat model is able to characterize the logic of the transmission of the threat in the architecture after it encounters an attack. By using our architecture model and threat model to characterize real attack event and to model the financial scenario, this paper indicates that our threat modeling approach can be used for threat event assessment and threat effect inference.

The influence of software environment and its changes on software safety are becoming more and more important. This paper analyzes the relationship between software environment and software safety requirement, and builds software environment model related to safety requirement based on threat model from a conceptual hierarchy. Finally, an application is given for case study.

Depending on their motivation, offenders have different goals, and disclosure of information is not always such a goal. It often happens that the purpose of the offender is to disrupt the normal operation of the system. This can be achieved both by acting directly on the information and by acting on the elements of the system. Actions of this kind lead to a violation of integrity and availability, but not confidentiality. It follows that the process of forming a threat model for the integrity and availability of information differs from a similar process for confidentiality threats. The purpose of this study is to develop an information integrity threat model that focuses on threats disrupting the normal operation of the system. The research methodology is based on the methods of system analysis, graph theory, discrete mathematics, and automata theory. As a result of the research, we proposed a model of threats to the integrity and availability of information. The proposed threat model differs from analogues by a high level of abstraction without reference to the subject area and identification of threats to the availability of information as a subset of threats to the integrity of the information transmission channel.

This paper provides an extensive and complete survey on the process of detecting and preventing various types of IoT-based security attacks. It is designed for software developers, researchers, and practitioners in the Internet of Things field who aim to understand the process of detecting and preventing these attacks. For each entry identified from the list, a brief description is provided along with references where more information can be found. However, We surveyed the current state-of-the-art IoT security solutions and focused on four main aspects: (1) handpicking representative attacks, (2) identifying potential solutions, (3) performing a threat analysis for each attack and solution, and (4) ranking solutions according to the threats they overcome. By adopting this framework, we identified five main categories of defense mechanisms: distributed denial of service detection/prevention, default password protection, encryption mechanisms, intrusion detection/prevention, and anomaly detection. These solutions are relatively mature in terms of utility and usability. However, the security analysis is conducted only concerning specific attacks, which may or may not be relevant to real-world deployment. Appropriate IoT security solutions should incorporate threat modeling while considering other factors such as resource consumption and implementation effort. Overall, evaluation of IoT security solutions is arduous due to the complexity of IoT OSes, heterogeneous IoT devices (e.g., various hardware platforms), limited availability of open-source codebases, and restrictive policies towards intellectual property disclosure. In addition, we note that there remains a lack of studies that perform a systematic evaluation of the state-of-the-art in terms of both frameworks/methodologies and mechanisms proposed.