The emergence of Large Language Models (LLMs) has opened new frontiers in artificial intelligence applications across multiple domains, including cybersecurity. This paper presents a comprehensive review of the role of LLMs in enhancing cyber defense mechanisms, with a particular focus on their effectiveness in identifying, mitigating, and responding to Advanced Persistent Threats (APTs) and other sophisticated cyber-attacks. We explore the integration of LLMs in threat intelligence, anomaly detection, automated incident response, and adversarial behavior analysis. By examining recent advancements, case studies, and state-of-the-art implementations, we highlight the strengths and limitations of current LLM-based approaches. Furthermore, we assess the challenges related to scalability, adversarial robustness, and ethical considerations inherent in deploying LLMs within cybersecurity infrastructures. The review concludes with future research directions, emphasizing the need for hybrid AI systems that combine LLMs with traditional rule-based and statistical methods to provide resilient and adaptive cybersecurity solutions in the face of evolving digital threats.
Smart cities represent a nexus where urban planning, engineering, digital technologies, and societal needs converge. In emerging economies such as Iraq, conventional top-down smart city models often fail to account for contextual realities, resulting in fragmented or unsustainable initiatives. This paper proposes a novel interdisciplinary smart city development framework that integrates Artificial Intelligence (AI)-based planning, engineering simulations, urban design heuristics, and insights from social sciences particularly those related to digital inclusion and governance. Leveraging publicly available datasets and simulation environments, we demonstrate that the proposed approach can reduce urban traffic congestion by up to 35%, improve equitable access to public services by over 30%, forecast energy demands with more than 85% accuracy, and detect cyber threats with a precision and recall of 85.7%. These results validate the feasibility of a modular, adaptable smart city blueprint that embeds cybersecurity and data governance principles from the outset offering a scalable alternative suited to the institutional and infrastructural realities of developing contexts like Iraq.
The growing sophistication of cyber threats exposes the limits of signature-based detection in Security Information and Event Management (SIEM) systems. User and Entity Behavior Analytics (UEBA) advances SIEM by enabling behavior-based anomaly detection, yet legacy approaches struggle with high false positives and poor adaptability to evolving threats. This research proposes an AI-driven UEBA framework that combines deep learning for modeling user behavior with graph-based tools to map system relationships, enhancing anomaly detection in enterprise environments. Using datasets such as CERT Insider Threat, UNSW-NB15, and TON_IoT, we simulate diverse behaviors and evaluate performance. Our Transformer-GNN ensemble achieved an F1-score of 0.90, reduced false positives by 40%, and cut incident triage time by 78% compared to rule-based SIEM. To support real-world use, we provide an open-source pipeline integrating with SIEM platforms via Kafka, Elastic search, and a modular ML inference layer. This work bridges AI research and deployable cybersecurity practice, advancing the development of adaptive, intelligent, and robust UEBA systems.
The rapid expansion of smart home and smart city technologies has introduced a complex array of interconnected Internet of Things (IoT) devices, exposing both cyber and physical infrastructures to a growing spectrum of security threats. Traditional cybersecurity models are insufficient to address the dynamic and distributed nature of modern cyber-physical environments, particularly in emerging economies where standardized security frameworks are often lacking. This research proposes a unified, hybrid cyber-physical security framework tailored for smart home and smart city IoT systems. Leveraging publicly available datasets such as UNSW-NB15, TON_IoT, and CICIDS2019, we simulate various attack vectors and evaluate a multi-layered intrusion detection system (IDS) that combines both signature-based and anomaly-based machine learning models. The proposed framework is validated using simulated network topologies built with NS-3 and Cooja, focusing on performance metrics including detection accuracy, false-positive rate, and computational overhead. Results demonstrate that our hybrid approach achieves over 95% accuracy in detecting complex multi-stage attacks, while maintaining scalability and adaptability across different IoT environments. The findings contribute to the development of more secure, resilient, and context-aware smart infrastructure systems offering a practical foundation for real-world deployment in smart cities and connected home ecosystems, especially within developing regions such as Iraq.