EBISION 2026: THE 2ND IFIP WG 8.4 INTERNATIONAL SYMPOSIUM ON E-BUSINESS INFORMATION SYSTEMS EVOLUTION
PROGRAM FOR FRIDAY, JULY 10TH
Days:
previous day
all days

View: session overviewtalk overview

09:00-10:30 Session 11A: Networks
Chair:
Location: Room 1
09:00
A Formal Security Analysis of SUCI-Stage Reused Key Binding in the 5G-AKA Family

ABSTRACT. The 5G Authentication and Key Agreement (5G-AKA) family protects subscriber privacy in the initial identification stage through the Subscription Concealed Identifier (SUCI). However, the cryptographic relationship between the SUCI stage and the subsequent AKA stage remains relatively loose in many designs, leaving open questions regarding the security benefits of tighter cross-phase binding. This paper investigates the security implications of reusing SUCI-stage key materials to bind later AKA computations in the 5G-AKA family. Rather than focusing on a single protocol instance, we study this binding strategy as a general design principle and analyze its impact on representative 5G-AKA-style constructions. Our analysis focuses on two main questions: whether reused key binding introduces explicit cross-phase consistency between the SUCI and AKA stages, and whether it mitigates replay-driven failure-message-based linkability. To support this comparison, we also check basic SUCI-stage consistency using correspondence queries. We develop formal models in ProVerif and compare a baseline 5G-AKA-style setting with a bound setting that incorporates SUCI-stage reused key binding. In particular, we use correspondence queries to analyze basic SUCI-stage consistency and explicit cross-phase binding, and we employ choice-based observational equivalence to evaluate replay-driven linkability between same-subscriber and different-subscriber replay cases. The results show that both models preserve basic SUCI-stage consistency, but only the bound model satisfies the explicit cross-phase binding query. In addition, the bound model yields observational equivalence in the replay-driven linkability experiment, whereas the baseline model does not. These findings indicate that SUCI-stage reused key binding is not merely an implementation optimization, but a meaningful security design principle that can transform a weakly coupled SUCI-to-AKA relation into an explicitly bound one and can eliminate replay-driven distinguishability in the modeled setting.

09:20
EAP-EDHOC-PQC: Quantum-Safe Onboarding for IoT E-Business Based on Extensible Authentication Protocol

ABSTRACT. The Internet of Things (IoT) underpins a growing range of e-business operations: networked vending machines, smart point-of-sale and self-checkout terminals, electronic shelf labels, smart-retail beacons, electric-vehicle (EV) chargers, smart parking meters, fleet and cold-chain trackers, and industrial sensor gateways. All of these onboard onto Wi-Fi or other non-3GPP networks via the Extensible Authentication Protocol (EAP) and must remain secure against a future quantum adversary. Ephemeral Diffie–Hellman over COSE (EDHOC, RFC 9528) is a lightweight authenticated key exchange for constrained devices, and the Internet-Draft draft-papon-lake-pq-edhoc defines five post-quantum (PQ) authentication variants over ML-KEM and ML-DSA. The combined impact of PQ key enlargement, EAP fragmentation, and RADIUS transport on a real AAA deployment, however, has not yet been quantified, and formal analyses of the PQ-EDHOC variants integrated with EAP are scarce. We close these gaps by proposing EAP-EDHOC-PQ, a unified EAP method that embeds all five PQ-EDHOC variants. We verify mutual authentication, session-key secrecy, forward secrecy, and replay resistance under a Dolev–Yao adversary in ProVerif, and we empirically evaluate the design on a heterogeneous IoT testbed (Raspberry Pi 5 Initiator, MacBook Air M3 Authenticator/Responder) across three deployments: Non-EAP, EAP-Standalone, and full EAP/RADIUS with FreeRADIUS. At a conservative 256-byte fragment size, total wire bytes range from 7,031 to 11,614 (29 to 48 fragments) and AAA-path handshake time from 56 ms to 440 ms across variants. A first-order energy model derived from the same measurements shows that fragment-induced I/O wait not cryptography—dominates the per-handshake energy of an IoT-class endpoint. The results quantify the trade-off between authentication strength, round-trip count, and fragmentation, and give concrete deployment guidance for PQ network-access authentication in e-business IoT settings.

09:40
Ubiquitous Intelligence for 6G Security: Hierarchical Federated Small Language Models for Resilient False Base Station Detection

ABSTRACT. As the industry transitions toward 6G and Beyond 5G (B5G) systems, the paradigm is shifting from simple connectivity to ubiquitous intelligence. However, this evolution introduces significant security vulnerabilities, specifically the persistent threat of False Base Stations (FBS) that execute identity catching, Man-in-the-Middle (MitM) attacks, and service rejections. Traditional centralized AI solutions often fail to meet the strict privacy mandates and resource constraints of edge devices. This paper proposes a decentralized framework for on-device FBS detection that integrates Federated Learning (FL) with a Small Language Model (SLM) classifier built on a hierarchical packet-encoder bridge: a learned residual MLP maps each Radio Resource Control (RRC) and Non-Access Stratum (NAS) packet to a virtual token, which is concatenated with a short text instruction prefix and fed to a frozen 4-bit NormalFloat (NF4) quantized 270-million parameter Gemma-3 base with trainable Low-Rank Adaptation (LoRA) adapters. To enable federation under realistic edge constraints, we introduce Hierarchical Federated Adaptation (HFA), in which the packet encoder is personalized per client to absorb device-level feature variation while LoRA adapters are aggregated across clients via FedAvg, yielding a privacy-by-design layer that never transmits raw signaling logs. We evaluate the framework on the MODI cellular signaling corpus across a naturally non-IID per-file partition of $110$ training clients with $5.5\%$ per-round participation. Preliminary results show that initializing the federated phase from a converged centralized checkpoint recovers all three regimes (FedAvg-full, FedAvg-LoRA, HFA) to within $1\%$ of the centralized accuracy ceiling at round~$4$ ($0.802$--$0.816$ vs.\ centralized $0.818$) at a per-round communication cost approximately $4.7\times$ smaller than federating the full bf16 base. At round~$8$, HFA additionally beats the centralized baseline on the operational false-positive metric, reducing FPR by $35\%$ relative ($0.234$ vs.\ $0.356$) at comparable accuracy ($0.825$ vs.\ $0.818$); the mean per-client local accuracy under HFA reaches $\bar{a} = 0.958$ with standard deviation $\sigma = 0.148$, confirming that personalized encoders absorb device-level distribution variation.

10:00
An Energy-Efficient Synchronization Scheme Using Exponential Moving Average-Based Drift Compensation and Adaptive Reception Window for Wireless Sensor Networks

ABSTRACT. Wireless sensor networks (WSNs) use long sleep intervals for low-power operation. However, accumulated clock drift during these periods leads to beacon reception failures and additional resynchronization overhead, thereby degrading both energy efficiency and reliability. Existing methods rely on fixed symmetric reception windows, which fail to capture the actual distribution characteristics of clock drift. Consequently, reception windows are typically configured based on the maximum drift rate, resulting in unnecessary listening overhead. To address these limitations, this paper proposes a synchronization scheme that combines Exponential Moving Average (EMA)-based drift pre-compensation with a residual statistics-based adaptive reception window. The proposed scheme predicts the drift accumulated during sleep intervals from historical observations and compensates for it at the wake-up time. It then dynamically determines the center and size of the reception window by continuously tracking the mean and variance of the residual error after compensation. Simulation results based on real measurement data collected using Raspberry Pi 5 show that the proposed scheme achieves an average reduction of over 90% in reception window size and approximately 83% in daily energy consumption compared to Time Slotted Channel Hopping (TSCH). In addition, it maintains a stable synchronization success rate of around 91%, demonstrating a clear improvement in reliability compared to TSCH, which achieves only about 50%.

09:00-10:30 Session 11B: Cryptography
Location: Room 2
09:00
A Generic Algebraic Framework for Preimage Attacks: Application to Reduced-Round Ascon-Xof

ABSTRACT. Secure and resilient digital infrastructures increasingly rely on standardized lightweight and sponge-based cryptographic primitives deployed across constrained Internet of Things (IoT) and edge environments. In this paper, we propose a generic algebraic framework for preimage attacks on hash functions. We compute the probability that a matrix encoding the relationship between input variables and linear equations derived from the hash value is solvable, and use this probability to estimate the expected guessing time under the assumption that the output polynomials behave randomly in the attack setting. To validate this assumption, we experimentally evaluate the randomness of the underlying permutations by analyzing the variance and entropy of polynomial distributions across rounds, using Ascon as a case study. We also calculate the required bit operations in detail to obtain precise attack complexities. Applying the proposed framework, we present the first preimage attack on 8-round AsconXof faster than exhaustive search. These results provide practical security-margin insights for standardized trust primitives used in lightweight and resource-constrained digital infrastructures.

09:20
GPU-Accelerated CKKS Inference via PyTorch-Compatible Model Conversion

ABSTRACT. Wepresent our system, a CUDA-accelerated Cheon–Kim–Kim–Song (CKKS) homomorphic en cryption library for private neural network inference. Rather than requiring developers to hand-write an encrypted circuit for each neural-network architecture, our system converts supported PyTorch modules into encrypted inference modules and executes them through a modified OpenFHE-based CUDAbackend. The system uses device-resident encoded-weight reuse and GPU-resident execution to reduce three practical bottlenecks in the evaluated CKKS inference path: repeated plaintext encoding of model weights, host–device synchronization during rescaling, and CPU fallback for plaintext arithmetic. On encrypted multilayer perceptron inference for MNIST and Fashion-MNIST, our system achieves warm-cache forward-pass speedups of 176–252× over single-threaded CPU, 83–109×over 16-threaded CPU, and 179–185× over TenSEAL. For a 256-hidden-unit MLP, warm-cache end to-end latency is 379 ms, while encrypted accuracy remains within one percentage point of plaintext baselines.

09:40
Higher Dynamic AES for Commercial Market

ABSTRACT. Recently, Advanced Encryption Standard (AES) has been widely used in commercial markets. Auctions that compete expensive objects are typical examples. However, recent developments in cryptanalysis have revealed vulnerabilities, such as key-independent and static operations. In this study, AES AddRoundKey was identified as the only key-dependent operation, whereas the others were key independent operations. Hence, we proposed an enhanced version of AES called the Dynamic AES (DAES) to reinforce its commercial security. In addition, we designed an irreversible algorithm called Dynamic Shifting Mapping (DSM) to produce a dynamic box given a string. It has the key-dependent property of 64 variations to replace AES’s ShiftRows. The results of our qualitative and efficiency analyses indicate that the DAES surpasses the AES in terms of security level with a slight trade-off in execution efficiency.

10:00
Data Spaces for Data Exchange across Different Sectors and Promoting Digitalization.

ABSTRACT. Electronic-Business Information Systems (EBIS), originally focused on automation, have been evolving towards a value creation through the large-scale exchange of digital assets. Nowadays, data has become one of the most valuable asset for every organization. On the other hand, Data Spaces are ecosystems designed to allow multiple organizations or companies to share data in a secure, decentralized and sovereign manner. This paper aims to describe how Data Spaces can add value within the context of EBIS and how they promote digitalization. In addition, in thithis study will include a number of use cases where Data Spaces have been applied to facilitate the secure exchange and sharing of data across various sectors. Specifically, these include oceanography, the food industry, agri-culture and healthcare. The research will focus on presenting the basic concepts of data spaces, the benefits they can bring to EBIS, and outlining use cases to demonstrate that these technologies have already helped to strengthen multiple sectors.

09:00-10:30 Session 11C: Artificial Intelligence (2)
Location: Room 3
09:00
Optimizing Multi-Hop Reasoning in E-Business Information Systems through Agentic Graph RAG with Efficient Reranking

ABSTRACT. Traditional Retrieval Augmented Generation (RAG) systems often struggle with multi-hop reasoning and efficiency, limiting their ability to deliver accurate and context-rich responses in E-Business Information Systems. Although Graph RAG improves retrieval by leveraging structured knowledge, it still faces challenges of relevance, scalability, and latency. We propose an Agentic Graph RAG framework, where reasoning-model-based agents (o4-mini, Gemini-2.5-Flash) decompose queries and prune irrelevant paths, and rerankers (bge-reranker-base, ms-marco-MiniLM-L6-v2) enhance the quality of retrieved contexts. By addressing noise, computational overhead, and irrelevant retrieval, our framework effectively overcomes the limitations of traditional RAG and Graph RAG for knowledge-intensive digital business activities. Evaluations on subsets of LegalBench-RAG-mini and HotpotQA show that Agentic Graph RAG outperforms Graph RAG baselines in retrieval efficacy and correctness while maintaining real-time efficiency, demonstrating its potential as an adaptable and interpretable solution for multi-hop reasoning. This work further highlights the applicability of the framework to digital business environments where precision, effectiveness, and trustworthy decision-making are crucial, as evidenced by its evaluation on a legal-domain dataset.

09:20
Plan-First Parallelism for Hard Mathematical Reasoning: A Search-Space Failure Analysis

ABSTRACT. Recent advances in large language model (LLM) research have prompted growing interest in improving reasoning capabilities, yet hard reasoning problems remain stubbornly difficult to solve. Evidence suggests that simply increasing test-time compute yields diminishing returns on the hardest problem regimes, and that the structure of the search space itself is the more critical factor. In this work, we propose Plan-First Parallelism (PF), a strategy-level branching approach that generates multiple distinct solution plans before execution, as opposed to answer-level parallel sampling. To analyze failure systematically, we introduce a three-way error taxonomy distinguishing search-space failure (E1), selection failure (E2), and plan-execution divergence (E3). Experiments on AIME and BeyondAIME benchmarks show that PF consistently outperforms Answer-First Parallelism (AF) for o3-mini, improving accuracy by +11.5\%p on AIME and +14.5\%p on BeyondAIME. However, PF fails to generalize across all models, and our analysis reveals that its effectiveness depends on the combination of reasoning quality and instruction-following capability.

09:40
IT Ticket Classification for Application Management Services using Classical Machine Learning Techniques

ABSTRACT. IT outsourcing company is widely used for many organizations to support applications used in the organizations without interrupting business processes. The challenging problem for IT outsourcing company is that a helpdesk officer must specify the reported problem for which supported applications, and the officer must forward the ticket to a correct expert to solve that problem. If many errors occur, the company could breach the Service Level Agreement (SLA). This paper proposed a framework to handle imbalanced dataset with Thai and English languages and to use 8 machine learning models, i.e. Support Vector Machine (SVM), Stochastic Gradient Descent (SGD), Logistic Regression (LR), Multinomial Naïve Bayes (MNB), Decision Tree (DT), Bernoulli Naïve Bayes (BNB), Light Gradient-Boosting Machine (LightGBM), and Extreme Gradient Boosting (XGB) to classify IT tickets since the models required less computational resources when comparing to deep learning models. The dataset is from ServiceNow application in an IT outsourcing company with 20,586 records to be classified into 142 applications, which is highly imbalanced dataset. The performance metrics are accuracy, precision, recall, and F1-score. From two experiments using a class weight with lemmatization, and 6 input features, SVM model gives the best F1-score at 85.71% and the features are short description, description, business unit, sub business unit, and company code.

11:00-12:30 Session 12A: E-Business
Location: Room 1
11:00
A Multi-Criteria Decision-Making Framework for Optimal Supplier Selection in E-Commerce

ABSTRACT. The strategic supplier selection is one of the most important success factors in E- commerce operations, as it affects cost efficiency, product quality, delivery performance, and consequently customer satisfaction. This is a complex multi-criteria decision-making (MCDM) problem that demands highly sophisticated analytical tools that can address quantitative as well as qualitative criteria. This paper carries out an extensive comparative analysis of four prominent MCDM techniques: Analytic Hierarchy Process (AHP), Analytic Network Process (ANP), Fuzzy Analytic Hierarchy Process (FAHP), and Technique for Order of Preference by Similarity to Ideal Solution (TOPSIS). This comparative analysis is carried out on a unified numerical example for selecting the most appropriate supplier in E-commerce operations. Our comparative analysis shows that all the methodologies have similar ranking results. However, the proposed FAHP-TOPSIS method is the most comprehensive framework for supplier selection in E-commerce operations. This is because it successfully handles the uncertainty of judgment in supplier selection while still being precise in ranking supplier performance.

11:20
Multi-Criteria Decision Analysis for Strategic Supplier Selection: A Comparative Study of AHP, ANP, and TOPSIS in the Electronics Industry

ABSTRACT. Electronics industry is a complex industry, and the system of supplier selection is linked with multiple contradictory conditions, qualitative selection and uncertainty. Even the more conservative practices are not even inclined towards these complications. In this work we use three Multi-Criteria Decision-Making (MCDM) methods (AHP, ANP, and TOPSIS) to classify the suppliers in a structured manner based on some criteria, such as Cost, Quality, Delivery, Technology, and Financial Stability. The comparative analysis indicates the strong points, the weaknesses and usability of the two approaches and is a good structure in the well-crafted and clear strategic sourcing.

11:40
Multi-Criteria Decision-Making for AI Company Investment: A Comparative Analysis

ABSTRACT. In today’s competitive artificial intelligence (AI) landscape, investors face increas- ing challenges in selecting companies with the highest potential for growth, innovation, and long-term sustainability. This study applies multiple multi-criteria decision-making (MCDM) techniques—namely the Technique for Order Preference by Similarity to Ideal Solution (TOPSIS), Analytic Scoring Process (ASP), Analytic Hierarchy Process (AHP), and Fuzzy Analytic Hierarchy Process (FAHP)—to evaluate four leading AI companies from an investor’s perspective. The evaluation considers diverse criteria in two dimen- sions: business perspective (innovation, market adoption, revenue growth, scalability, eth- ical AI practices, team expertise, and funding history) and technical perspective (model performance benchmarks, API reliability, model capabilities, cost efficiency, developer ex- perience, and safety alignment). A comparative analysis of the four methods is conducted to highlight similarities and differences in ranking outcomes. Results demonstrate that while all methods provide structured decision support, variations in prioritization of crite- ria and handling of uncertainty lead to different investment recommendations. Company A emerges as the most attractive investment across all methods, followed by Company B, Company C, and Company D. This comparative approach offers practical insights for in- vestors, emphasizing the importance of combining decision-making frameworks to achieve robust and reliable outcomes in high-stakes technology investments.

12:00
A Decision Support System for Startup Viability Based on Market Trends, Saturation, and Business Dynamics
PRESENTER: Godwin Monserate

ABSTRACT. Startup businesses in the Philippines often struggle to identify viable ventures due to reliance on guesswork, peer advice, and trends, leading to poor product–market fit, oversaturation, and high failure rates. The lack of accessible, data-driven tools further limits informed decision-making. This study presents the design of a localized business viability assessment system integrating business directories, online reviews, social media engagement, and geospatial data. It evaluates three dimensions: popularity, volatility, and competition. Popularity reflects customer feedback, volatility captures business openings and closures, and competition measures business density. Results show the Volatility Model (Logistic Regression) achieved the highest performance (85.23% ROC-AUC), with has_recent_renewal as the strongest predictor. Model optimization improved performance to 85.12% accuracy and 91.18% ROC-AUC. Although the 90% accuracy target was not met due to dataset and prediction constraints, results align with literature benchmarks. Restaurants exhibit the highest risk, while Hotels/Resorts show the strongest viability.

11:00-12:30 Session 12B: FinTech
Location: Room 2
11:00
Interpretable Bankruptcy Prediction for B2B Trade Credit Risk

ABSTRACT. This study proposes a Multi-Head LSTM (MH-LSTM) architecture for corporate bankruptcy prediction based on financial time-series data, aimed at trade credit risk assessment in B2B environments. Each financial variable is assigned an independent LSTM head to learn its unique temporal dynamics, while multi-period inputs spanning 3, 4, and 5 years capture the cumulative progression of financial distress. Using a benchmark dataset of 8,262 U.S. listed companies with 78,682 observations (1999–2018), MH-LSTM achieves stable performance of ROC-AUC 0.886–0.895 and PR-AUC 0.345–0.407, with bankruptcy detection rate improving monotonically as the window extends. Expected Gradients SHAP and Layer Gradient×Activation analyses consistently identify market_value and net_income as the top predictors, and reveal that recent fiscal-year changes contribute more strongly to predictions than historical records. The Spearman rank correlation of ρ ranging from 0.851 (W3) to 0.895 (W5) across window settings between the two XAI approaches confirms high internal consistency of the interpretations.

11:20
Key Success Factors for Gold-Backed Stablecoins Development in Hong Kong

ABSTRACT. Against the backdrop of structural transformation in the global monetary system, weakening sovereign currency credit, accelerated re-monetization of gold, and rising tokenization of real-world assets, Gold-Backed Stablecoins have emerged as one of the most promising innovations in digital finance and cross-border payments. Their appeal lies in supra-sovereign credit, low volatility, anti-inflation properties, and on-chain verifiability. As an international financial center, Asia’s hub for gold spot pricing and trading, and the world’s first jurisdiction to enact dedicated stablecoin legislation featuring a licensing regime, 100% reserve segregation, and mandatory redemption, Hong Kong offers unparalleled institutional, market, infrastructural, and ecosystem synergies for Gold-Backed Stablecoins. This study systematically identifies and analyzes the key success factors for Gold-Backed Stablecoins in Hong Kong from seven dimensions: pegged asset quality, regulatory certainty, reserve governance, price stability mechanisms, locational-ecological synergy, risk prevention and control systems, and technology-compliance integration. Findings indicate that Hong Kong’s unique triple synergy as a gold hub, offshore financial center, and digital asset center, full-lifecycle risk management, and deep governance integration of compliance and technology collectively form the seven-dimensional core logic for successful Gold-Backed Stablecoin development in Hong Kong. Conclusions provide theoretical support and practical references for the global development of commodity-pegged stablecoins, digital asset strategies of offshore financial centers, and innovations in gold digitization and cross-border payments.

11:40
Bridging AI and Business Constraints: A Cost-Aware Decision Framework for Fraud Detection under Operational Capacity Limits

ABSTRACT. Fraud detection models are typically evaluated using metrics such as AUPRC or F1-score. However, these metrics do not directly reflect real-world deployment requirements, where financial institutions must operate under strict audit capacity constraints. In practice, the number of false positives per day (FP/day) is a critical factor, as excessive false alarms can overwhelm human reviewers and render otherwise accurate models impractical. To address this gap, this paper proposes a cost-aware decision framework that explicitly incorporates operational constraints into fraud detection. We reformulate the task as a constrained decision problem, where model outputs are translated into deployable actions through threshold selection under FP/day limits. The proposed framework introduces a capacity-aware thresholding mechanism that determines decision thresholds based on both expected and quantile-based formulations of false positive volume, improving robustness under temporal variability. Experimental results show that high predictive performance does not guarantee deployability under operational constraints. The proposed approach effectively controls false positive volume while maintaining competitive detection performance and reduces false alarm rebound in out-of-time evaluation.

12:00
An Exploratory Taxonomy of Use Cases for Zero-Liquidity Micro Payments Utilizing Cryptocurrency Web Mining

ABSTRACT. The structural architecture of modern e-business monetization is fundamentally constrained by the fiat "Penny Gap" and the Mental Transaction Costs (MTC) associated with managing Web3 digital wallets. This manuscript explores "zero-liquidity" computational payments, utilizing browser-based cryptocurrency web mining to replace financial capital with computational attestation. Employing an exploratory landscape mapping methodology that synthesizes multivocal literature—including formal academic research, industry documentation, and non-formal developer innovations—this study identifies a comprehensive array of historical and contemporary web mining applications. These applications are formalized into an exploratory taxonomy comprising four foundational pillars: Content Monetization, Philanthropy, Programmatic Utilities, and Digital Security. To transition these theoretical concepts into actionable e-business integrations, this manuscript designs a modular front-end architecture. Utilizing Object-Oriented JavaScript and Unified Modeling Language (UML) diagrams, we propose a Minimum Viable Product (MVP) framework that integrates with a backend Stratum proxy. Finally, we subject the MVP to an empirical hardware evaluation on a live Mintme blockchain network, capturing kernel-level system telemetry to profile CPU saturation, power consumption, and network footprints. We combine these metrics with real-world Mintme blockchain difficulty parameters to mathematically model the economic feasibility of zero-liquidity transactions across four e-business scenarios. The results outline infeasibility for most end user hardware but remained feasible for high specifications ones and still shows potential pathways for future deployment, cybersecurity mitigation, and standardized Proof-of-Consent protocols.

11:00-12:30 Session 12C: Virtual Session
Location: Room 3
11:00
Ensuring Secure Battery Management Systems Through Commercial Standard Practices Using ISO/SAE 21434

ABSTRACT. The development and deployment of commercial systems require strict compliance with applicable standards and regulatory requirements, including cybersecurity sector. Server-connected battery management systems (BMS) introduce significant cybersecurity challenges, as network connectivity increases exposure to external threats while directly influencing battery operations critical to safety. This paper presents a workflow for maintaining the cybersecurity of commercial BMS platforms in accordance with the ISO/SAE 21434 standard. The ISO/SAE 21434 addresses cybersecurity activities throughout the entire system or product lifecycle and therefore covers cybersecurity governance and maintenance during development, deployment, and post-deployment operation of BMS software and associated backend services. The study highlights the importance of systematic risk assessment, secure design, continuous monitoring, and vulnerability management for networked control systems. The paper demonstrates how ISO/SAE 21434 can support the secure and reliable operation of server‑integrated BMS platforms in commercial electric vehicle environments.

11:20
Securing the Sky: Lightweight Machine Learning for Zero-Day Intrusion Detection in UAV Systems

ABSTRACT. Unmanned Aerial Vehicles are increasingly employed in civilian and commercial applications, which heightens the need for robust and reliable security mechanisms. UAV systems are exposed to a wide range of cyber and cyber-physical attacks that can disrupt missions, compromise data integrity, or lead to unsafe physical behavior. This work investigates machine learning-based intrusion detection for UAV systems with a particular focus on zero-day attack detection and computational feasibility. The objective is to assess whether lightweight classification models with low architectural complexity can achieve strong detection performance while remaining suitable for deployment in resource-constrained environments. To this end, four classifiers are evaluated. Detection performance is examined under a supervised zero-day learning framework. Experimental results demonstrate that meaningful generalization to unseen attacks can be achieved using compact machine learning models. Detection performance is competitive with results reported in related work, while computational efficiency measurements indicate promising suitability for real-world deployment.

11:40
Unsupervised Root-Cause Analysis in Multi-System Logs Using Embedding-Based Event Graphs

ABSTRACT. Root-cause analysis (RCA) represents a challenge in security operations. This is because the evidence that explains the incident can be found in different (heterogeneous) systems (e.g., VPN/RADIUS, firewalls, host authentication), with different schemas, vocabularies, and timestamp precision. We investigate unsupervised RCA and frame it as a ranked log-evidence retrieval under realistic constraints: no labels, limited reliance on sensitive identifiers, and high background noise. We propose a pipeline that starts with an anchored alert and builds a temporal event graph where nodes are log events and edges encode plausible continuity. We compare a TF–IDF baseline against a self-supervised contrastive representation model trained on masked log templates with heuristic positive-pair mining. Also, we evaluate on a manually reconstructed "golden" SSH brute-force episode and report set-based and ranking-aware metrics, plus reachability diagnostics to separate connectivity from prioritization failures. Results show that simple continuity assumptions can make ground-truth evidence fully reachable, while precision is the main bottleneck due to noise. Contrastive learning has modest set-level gains, but improves early ranking of the core causal chain, suggesting learned representations help prioritization more than coverage in this setting.

12:00
Analysis and Design for Disaster Supply Provision System Based on the Transition of Required Information in the Noto Peninsula Earthquake

ABSTRACT. Large scale earthquakes frequently cause serious damage in Japan, and past experiences have shown that the information and relief supplies required by disaster victims change over time. Recent advances in information and communication technology have improved information sharing during disasters, but have also created challenges such as the overloads or mismatches between actual needs and supplied goods. Therefore, this paper analyzes the transition of required information during the Noto Peninsula Earthquake using access data on the official website of Nanao City. The results show a clear shift from immediate survival related information, including water, food, and relief supplies, to recovery related information such as donations and support systems in later phases. Based on these findings, issues in disaster relief supply provision under modern communication environments are discussed, and the paper also proposes the key requirements for a Disaster Relief Supply Provision System that considers time dependent needs and supports efficient supply management.