{"id":"https://openalex.org/W7151605071","doi":"https://doi.org/10.48550/arxiv.2604.03912","title":"Automating Cloud Security and Forensics Through a Secure-by-Design Generative AI Framework","display_name":"Automating Cloud Security and Forensics Through a Secure-by-Design Generative AI Framework","publication_year":2026,"publication_date":"2026-04-05","ids":{"openalex":"https://openalex.org/W7151605071","doi":"https://doi.org/10.48550/arxiv.2604.03912"},"language":null,"primary_location":{"id":"doi:10.48550/arxiv.2604.03912","is_oa":true,"landing_page_url":"https://doi.org/10.48550/arxiv.2604.03912","pdf_url":null,"source":{"id":"https://openalex.org/S4306400194","display_name":"arXiv (Cornell University)","issn_l":null,"issn":null,"is_oa":true,"is_in_doaj":false,"is_core":false,"host_organization":"https://openalex.org/I205783295","host_organization_name":"Cornell University","host_organization_lineage":["https://openalex.org/I205783295"],"host_organization_lineage_names":[],"type":"repository"},"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":null,"is_accepted":false,"is_published":false,"raw_source_name":null,"raw_type":"article"},"type":"preprint","indexed_in":["datacite"],"open_access":{"is_oa":true,"oa_status":"green","oa_url":"https://doi.org/10.48550/arxiv.2604.03912","any_repository_has_fulltext":true},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5082014850","display_name":"Dalal Alharthi","orcid":"https://orcid.org/0000-0003-0299-024X"},"institutions":[],"countries":[],"is_corresponding":false,"raw_author_name":"Alharthi, Dalal","raw_affiliation_strings":[],"raw_orcid":null,"affiliations":[]},{"author_position":"last","author":{"id":"https://openalex.org/A5079503975","display_name":"Isa\u00edas Garc\u00eda-Rodr\u00edguez","orcid":"https://orcid.org/0000-0001-5209-8773"},"institutions":[],"countries":[],"is_corresponding":false,"raw_author_name":"Garcia, Ivan Roberto Kawaminami","raw_affiliation_strings":[],"raw_orcid":null,"affiliations":[]}],"institutions":[],"countries_distinct_count":0,"institutions_distinct_count":2,"corresponding_author_ids":[],"corresponding_institution_ids":[],"apc_list":null,"apc_paid":null,"fwci":null,"has_fulltext":false,"cited_by_count":0,"citation_normalized_percentile":null,"cited_by_percentile_year":null,"biblio":{"volume":null,"issue":null,"first_page":null,"last_page":null},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T12034","display_name":"Digital and Cyber Forensics","score":0.4219000041484833,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T12034","display_name":"Digital and Cyber Forensics","score":0.4219000041484833,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T12127","display_name":"Software System Performance and Reliability","score":0.12349999696016312,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11689","display_name":"Adversarial Robustness in Machine Learning","score":0.06589999794960022,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/cloud-computing","display_name":"Cloud computing","score":0.8252999782562256},{"id":"https://openalex.org/keywords/scalability","display_name":"Scalability","score":0.5206000208854675},{"id":"https://openalex.org/keywords/automation","display_name":"Automation","score":0.47690001130104065},{"id":"https://openalex.org/keywords/digital-forensics","display_name":"Digital forensics","score":0.4740000069141388},{"id":"https://openalex.org/keywords/adversarial-system","display_name":"Adversarial system","score":0.46959999203681946},{"id":"https://openalex.org/keywords/vetting","display_name":"Vetting","score":0.37220001220703125},{"id":"https://openalex.org/keywords/cloud-computing-security","display_name":"Cloud computing security","score":0.3646000027656555}],"concepts":[{"id":"https://openalex.org/C79974875","wikidata":"https://www.wikidata.org/wiki/Q483639","display_name":"Cloud computing","level":2,"score":0.8252999782562256},{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.743399977684021},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.5703999996185303},{"id":"https://openalex.org/C48044578","wikidata":"https://www.wikidata.org/wiki/Q727490","display_name":"Scalability","level":2,"score":0.5206000208854675},{"id":"https://openalex.org/C115901376","wikidata":"https://www.wikidata.org/wiki/Q184199","display_name":"Automation","level":2,"score":0.47690001130104065},{"id":"https://openalex.org/C84418412","wikidata":"https://www.wikidata.org/wiki/Q3246940","display_name":"Digital forensics","level":2,"score":0.4740000069141388},{"id":"https://openalex.org/C37736160","wikidata":"https://www.wikidata.org/wiki/Q1801315","display_name":"Adversarial system","level":2,"score":0.46959999203681946},{"id":"https://openalex.org/C2522767166","wikidata":"https://www.wikidata.org/wiki/Q2374463","display_name":"Data science","level":1,"score":0.4223000109195709},{"id":"https://openalex.org/C2777230681","wikidata":"https://www.wikidata.org/wiki/Q7923820","display_name":"Vetting","level":2,"score":0.37220001220703125},{"id":"https://openalex.org/C184842701","wikidata":"https://www.wikidata.org/wiki/Q370563","display_name":"Cloud computing security","level":3,"score":0.3646000027656555},{"id":"https://openalex.org/C556601545","wikidata":"https://www.wikidata.org/wiki/Q878553","display_name":"Computer forensics","level":3,"score":0.32910001277923584},{"id":"https://openalex.org/C2776650193","wikidata":"https://www.wikidata.org/wiki/Q264661","display_name":"Obstacle","level":2,"score":0.30790001153945923},{"id":"https://openalex.org/C153701036","wikidata":"https://www.wikidata.org/wiki/Q659974","display_name":"Trustworthiness","level":2,"score":0.30480000376701355},{"id":"https://openalex.org/C124304363","wikidata":"https://www.wikidata.org/wiki/Q673661","display_name":"Abstraction","level":2,"score":0.28859999775886536},{"id":"https://openalex.org/C207267971","wikidata":"https://www.wikidata.org/wiki/Q120208","display_name":"Emerging technologies","level":2,"score":0.28619998693466187},{"id":"https://openalex.org/C35525427","wikidata":"https://www.wikidata.org/wiki/Q745881","display_name":"Intrusion detection system","level":2,"score":0.28200000524520874},{"id":"https://openalex.org/C120115606","wikidata":"https://www.wikidata.org/wiki/Q5135723","display_name":"Cloud testing","level":4,"score":0.2773999869823456},{"id":"https://openalex.org/C2780980858","wikidata":"https://www.wikidata.org/wiki/Q110022","display_name":"Dual (grammatical number)","level":2,"score":0.2526000142097473}],"mesh":[],"locations_count":1,"locations":[{"id":"doi:10.48550/arxiv.2604.03912","is_oa":true,"landing_page_url":"https://doi.org/10.48550/arxiv.2604.03912","pdf_url":null,"source":{"id":"https://openalex.org/S4306400194","display_name":"arXiv (Cornell University)","issn_l":null,"issn":null,"is_oa":true,"is_in_doaj":false,"is_core":false,"host_organization":"https://openalex.org/I205783295","host_organization_name":"Cornell University","host_organization_lineage":["https://openalex.org/I205783295"],"host_organization_lineage_names":[],"type":"repository"},"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":null,"is_accepted":false,"is_published":null,"raw_source_name":null,"raw_type":"article"}],"best_oa_location":{"id":"doi:10.48550/arxiv.2604.03912","is_oa":true,"landing_page_url":"https://doi.org/10.48550/arxiv.2604.03912","pdf_url":null,"source":{"id":"https://openalex.org/S4306400194","display_name":"arXiv (Cornell University)","issn_l":null,"issn":null,"is_oa":true,"is_in_doaj":false,"is_core":false,"host_organization":"https://openalex.org/I205783295","host_organization_name":"Cornell University","host_organization_lineage":["https://openalex.org/I205783295"],"host_organization_lineage_names":[],"type":"repository"},"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":null,"is_accepted":false,"is_published":false,"raw_source_name":null,"raw_type":"article"},"sustainable_development_goals":[{"id":"https://metadata.un.org/sdg/9","score":0.5689961314201355,"display_name":"Industry, innovation and infrastructure"}],"awards":[],"funders":[],"has_content":{"pdf":false,"grobid_xml":false},"content_urls":null,"referenced_works_count":0,"referenced_works":[],"related_works":[],"abstract_inverted_index":{"As":[0],"cloud":[1,83,145,161,177],"environments":[2],"become":[3],"increasingly":[4],"complex,":[5],"cybersecurity":[6],"and":[7,27,38,57,78,107,117,133,158,163],"forensic":[8,40,84,96,118],"investigations":[9,85],"must":[10],"evolve":[11],"to":[12,34],"meet":[13],"emerging":[14],"threats.":[15],"Large":[16],"Language":[17],"Models":[18],"(LLMs)":[19],"have":[20],"shown":[21],"promise":[22],"in":[23,113,144],"automating":[24],"log":[25],"analysis":[26],"reasoning":[28,89],"tasks,":[29],"yet":[30],"they":[31],"remain":[32],"vulnerable":[33],"prompt":[35],"injection":[36],"attacks":[37],"lack":[39],"rigor.":[41],"To":[42],"address":[43],"these":[44],"dual":[45],"challenges,":[46],"we":[47],"propose":[48],"a":[49,167],"unified,":[50],"secure-by-design":[51],"GenAI":[52],"framework":[53,153],"that":[54,74],"integrates":[55],"PromptShield":[56,64,123],"the":[58,95,155],"Cloud":[59],"Investigation":[60],"Automation":[61],"Framework":[62],"(CIAF).":[63],"proactively":[65],"defends":[66],"LLMs":[67],"against":[68],"adversarial":[69],"prompts":[70],"using":[71,147],"ontology-driven":[72],"validation":[73],"standardizes":[75],"user":[76],"inputs":[77],"mitigates":[79],"manipulation.":[80],"CIAF":[81,139],"streamlines":[82],"through":[86],"structured,":[87],"ontology-based":[88],"across":[90,175],"all":[91],"six":[92],"phases":[93],"of":[94,160],"process.":[97],"We":[98],"evaluate":[99],"our":[100],"system":[101],"on":[102],"real-world":[103],"datasets":[104],"from":[105],"AWS":[106],"Microsoft":[108],"Azure,":[109],"demonstrating":[110],"substantial":[111],"improvements":[112],"both":[114],"LLM":[115],"security":[116],"accuracy.":[119],"Experimental":[120],"results":[121],"show":[122],"boosts":[124],"classification":[125],"performance":[126,149],"under":[127],"attack":[128],"conditions,":[129],"achieving":[130],"precision,":[131],"recall,":[132],"F1":[134],"scores":[135],"above":[136],"93%,":[137],"while":[138],"enhances":[140],"ransomware":[141],"detection":[142],"accuracy":[143],"logs":[146],"Likert-transformed":[148],"features.":[150],"Our":[151],"integrated":[152],"advances":[154],"automation,":[156],"interpretability,":[157],"trustworthiness":[159],"forensics":[162],"LLM-based":[164],"systems,":[165],"offering":[166],"scalable":[168],"foundation":[169],"for":[170],"real-time,":[171],"AI-driven":[172],"incident":[173],"response":[174],"diverse":[176],"infrastructures.":[178]},"counts_by_year":[],"updated_date":"2026-06-11T09:08:48.828518","created_date":"2026-04-08T00:00:00"}