Treffer: A generative AI cybersecurity risks mitigation model for code generation: using ANN-ISM hybrid approach.
Title:
A generative AI cybersecurity risks mitigation model for code generation: using ANN-ISM hybrid approach.
Authors:
Al-Hashimi HA; College of Computer and Information Sciences, King Saud University, Riyadh, Saudi Arabia. halhashimi@ksu.edu.sa.
Source:
Scientific reports [Sci Rep] 2026 Jan 14. Date of Electronic Publication: 2026 Jan 14.
Publication Model:
Ahead of Print
Publication Type:
Journal Article
Language:
English
Journal Info:
Publisher: Nature Publishing Group Country of Publication: England NLM ID: 101563288 Publication Model: Print-Electronic Cited Medium: Internet ISSN: 2045-2322 (Electronic) Linking ISSN: 20452322 NLM ISO Abbreviation: Sci Rep Subsets: MEDLINE
Imprint Name(s):
Original Publication: London : Nature Publishing Group, copyright 2011-
References:
Sîrbu, A.-G. & Czibula, G. Automatic code generation based on abstract syntax-based encoding. Application on malware detection code generation based on MITRE attack techniques. Expert Syst. Appl. 264, 125821 (2025).
Patsakis, C., Casino, F. & Lykousas, N. Assessing LLMs in malicious code deobfuscation of real-world malware campaigns. Expert Syst. Appl. 256, 124912 (2024).
Ding, H., Liu, Y., Piao, X., Song, H. & Ji, Z. SmartGuard: An LLM-enhanced framework for smart contract vulnerability detection. Expert Syst. Appl. 269, 126479 (2025).
Gurtu, A. & Lim, D. Chapter 101—Use of artificial intelligence (AI) in cybersecurity. In Computer and Information Security Handbook (Fourth Edition), (ed. Vacca, J. R.) 1617–1624 (Morgan Kaufmann, 2025).
Diro, A. et al. Workplace security and privacy implications in the GenAI age: A survey. J. Inf. Secur. Appl. 89, 103960 (2025).
Sá, D. et al. A state-of-the-art of intelligent problem-oriented low-code systems. Proced. Comput. Sci. 257, 1122–1127 (2025).
Qu, Y., Huang, S. & Nie, P. A review of backdoor attacks and defenses in code large language models: Implications for security measures. Inf. Softw. Technol. 182, 107707 (2025).
Becker, B.A., Denny, P., Finnie-Ansley, J., Luxton-Reilly, A., Prather, J. & Santos, E.A. Programming is hard-or at least it used to be: Educational opportunities and challenges of AI code generation. 500–506 (2023).
Cotroneo, D., Foggia, A., Improta, C., Liguori, P. & Natella, R. Automating the correctness assessment of AI-generated code for security contexts. J. Syst. Softw. 216, 112113 (2024).
Khan, H. U. et al. AI-driven cybersecurity framework for software development based on the ANN-ISM paradigm. Sci. Rep. 15(1), 13423 (2025).
Alfayez, R., Winn, R., Alwehaibi, W., Venson, E. & Boehm, B. How SonarQube-identified technical debt is prioritized: An exploratory case study. Inf. Softw. Technol. 156, 107147 (2023).
del Hoyo-Gabaldon, J. A., Moreno-Cediel, A., Garcia-Lopez, E., Garcia-Cabot, A. & de Fitero-Dominguez, D. Automatic dataset generation for automated program repair of bugs and vulnerabilities through SonarQube. SoftwareX 26, 101664 (2024).
Kessel, M. & Atkinson, C. Code search engines for the next generation. J. Syst. Softw. 215, 112065 (2024).
Sparkes, M. AI programmer may be reusing code without asking. New Sci. 251(3343), 13 (2021).
Ndukwe, I. G., Licorish, S. A., Tahir, A. & MacDonell, S. G. How have views on software quality differed over time? Research and practice viewpoints. J. Syst. Softw. 195, 111524 (2023).
Tooki, O. O. & Popoola, O. M. A critical review on intelligent-based techniques for detection and mitigation of cyberthreats and cascaded failures in cyber-physical power systems. Renew. Energy Focus 51, 100628 (2024).
Sinha, M., Bera, P. & Satpathy, M. SDN_Guard: An advanced machine learning based defense system against packet injection attacks in SDN. Proced. Comput. Sci. 258, 2490–2499 (2025).
Rahman, M. A., Bhuiyan, T. & Ali, M. A. Enhancing aviation safety: Machine learning for real-time ADS-B injection detection through advanced data analysis. Alex. Eng. J. 126, 262–276 (2025).
Crespo-Martínez, I. S. et al. SQL injection attack detection in network flow data. Comput. Secur. 127, 103093 (2023).
Gaber, T., El-Ghamry, A. & Hassanien, A. E. Injection attack detection using machine learning for smart IoT applications. Phys. Commun. 52, 101685 (2022).
Kaur, R., Gabrijelčič, D. & Klobučar, T. Artificial intelligence for cybersecurity: Literature review and future research directions. Information Fusion97, 101804 (2023).
Fui-Hoon Nah, F., Zheng, R., Cai, J., Siau, K. & Chen, L. Generative AI and ChatGPT: Applications, Challenges, and AI-Human Collaboration 3, 277–304 (Taylor & Francis, 2023).
Huang, L., Liu, H., Liu, Y., Shang, Y. & Li, Z. A Generative Adversarial Imitation Learning Method for Continuous Integration Testing 1084–1089 (2024).
Ma, Z., Mei, G. & Xu, N. Generative deep learning for data generation in natural hazard analysis: Motivations, advances, challenges, and opportunities. Artif. Intell. Rev. 57(6), 160 (2024).
Nadella, G. S. et al. Generative AI-enhanced cybersecurity framework for enterprise data privacy management. Computers 14(2), 55 (2025).
Sharma, P., Kumar, M., Sharma, H. K. & Biju, S. M. Generative adversarial networks (GANs): Introduction, Taxonomy, Variants, Limitations, and Applications. Multimed. Tools Appl. 83, 88811 (2024).
Sabuhi, M., Zhou, M., Bezemer, C. P. & Musilek, P. Applications of generative adversarial networks in anomaly detection: A systematic literature review. IEEE Access 9, 161003–161029 (2021).
Venkatesan, K. & Rahayu, S. B. Blockchain security enhancement: An approach towards hybrid consensus algorithms and machine learning techniques. Sci. Rep. 14(1), 1149 (2024).
Rabhi, M., Bakiras, S. & Di Pietro, R. Audio-deepfake detection: Adversarial attacks and countermeasures. Expert Syst. Appl. 250, 123941 (2024).
Coppolino, L., D’Antonio, S., Mazzeo, G. & Uccello, F. The good, the bad, and the algorithm: The impact of generative AI on cybersecurity. Neurocomputing 623, 129406 (2025).
Khan, R. A., Khan, H. U., Alwageed, H. S., Al Hashimi, H. A. & Keshta, I. 5G networks security mitigation model: An ANN-ISM hybrid approach. IEEE Open J. Commun. Soc. 6, 881–925 (2025).
Guo, X. Towards Automated Software Testing with Generative Adversarial Networks 21–22 (2021).
Ding, A., Li, G., Yi, X., Lin, X., Li, J. & Zhang, C Generative artificial intelligence for software security analysis: fundamentals, applications, and challenges. IEEE Soft. 1–8 (2024).
Ebert, C. & Louridas, P. Generative AI for software practitioners. IEEE Softw. 40(4), 30–38 (2023).
Garousi, V., Felderer, M. & Mäntylä, M. V. Guidelines for including grey literature and conducting multivocal literature reviews in software engineering. Inf. Softw. Technol. 106, 101–121 (2019).
Itodo, C. & Ozer, M. Multivocal literature review on zero-trust security implementation. Comput. Secur. 141, 103827 (2024).
Akbar, M. A., Smolander, K., Mahmood, S. & Alsanad, A. Toward successful DevSecOps in software development organizations: A decision-making framework. Inf. Softw. Technol. 147, 106894 (2022).
Al-Matouq, H., Mahmood, S., Alshayeb, M. & Niazi, M. A maturity model for secure software design: A multivocal study. IEEE Access 8, 215758–215776 (2020).
Wagner, S. et al. Status Quo in requirements engineering: A theory and a global family of surveys. ACM Trans. Softw. Eng. Methodol. 28(2), Article 9 (2019).
Humayun, M., Niazi, M., Assiri, M. & Haoues, M. Secure global software development: A practitioners’ perspective. Appl. Sci. 13(4), 2465 (2023).
Ilyas, M., Khan, S. U., Khan, H. U. & Rashid, N. Software integration model: An assessment tool for global software development vendors. J. Soft: Evol. Process 36, e2540 (2023).
Creswell, J. W. Research Design: Qualitative, Quantitative and Mixed Methods Approaches 3rd edn. (Sage, London, 2009).
Lethbridge, T. C., Sim, S. E. & Singer, J. Studying software engineers: Data collection techniques for software field studies. Empir. Softw. Eng. 10(3), 311–341 (2005).
Lee, S.-C. Prediction of concrete strength using artificial neural networks. Eng. Struct. 25(7), 849–857 (2003).
Leong, L.-Y., Hew, T.-S., Tan, G.W.-H. & Ooi, K.-B. Predicting the determinants of the NFC-enabled mobile credit card acceptance: A neural networks approach. Expert Syst. Appl. 40(14), 5604–5620 (2013).
Chan, F. T. & Chong, A. Y. A SEM–neural network approach for understanding determinants of interorganizational system standard adoption and performances. Decis. Support Syst. 54(1), 621–630 (2012).
Zhang, H., Wang, L., Sheng, Y., Xu, X., Mankoff, J. & Dey, A. K. A framework for designing fair ubiquitous computing systems. arXiv preprint arXiv:2308.08710 (2023).
Chong, A.Y.-L. Predicting m-commerce adoption determinants: A neural network approach. Expert Syst. Appl. 40(2), 523–530 (2013).
Hertz, J., Krogh, A., Palmer, R. G. & Horner, H. Introduction to the Theory of Neural Computation (American Institute of Physics, 1991).
Alnaizy, R., Aidan, A., Abachi, N. & Jabbar, N. A. Neural network model identification and advanced control of a membrane biological reactor. J. Membr. Sep. Technol. 2(4), 231 (2013).
S. A. P, Interpretive Structural Modeling: Methodology for Large Scale Systems 1–445 (New York, McGraw-Hill 1977).
Ravi, V. & Shankar, R. Analysis of interactions among the barriers of reverse logistics. Technol. Forecast. Soc. Chang. 72(8), 1011–1029 (2005).
Rafi, S., Akbar, M. A., Mahmood, S., Alsanad, A. & Alothaim, A. Selection of DevOps best test practices: A hybrid approach using ISM and fuzzy TOPSIS analysis. J. Soft. Evol. Process 34(5), e2448 (2022).
Qureshi, K. M. et al. Exploring the lean implementation barriers in small and medium-sized enterprises using interpretive structure modeling and interpretive ranking process. Appl. Syst. Innov. 5(4), 84 (2022).
Talib, F., Rahman, Z. & Qureshi, M. R. An interpretive structural modeling approach for modeling the practices of total quality management in service sector. Int. J. Model. Oper. Manage. Indersci. 1, 223–250 (2011).
Rafi, S. et al. Exploration of DevOps testing process capabilities: An ISM and fuzzy TOPSIS analysis. Appl. Soft Comput. 116, 108377 (2022).
Sakar, C., Koseoglu, B., Toz, A. C. & Buber, M. Analysing the effects of liquefaction on capsizing through integrating interpretive structural modelling (ISM) and fuzzy Bayesian networks (FBN). Ocean Eng. 215, 107917 (2020).
Patel, M. N., Pujara, A. A., Kant, R. & Malviya, R. K. Assessment of circular economy enablers: Hybrid ISM and fuzzy MICMAC approach. J. Clean. Prod. 317, 128387 (2021).
Ali, S., Huang, J., Khan, S. U. & Li, H. A framework for modelling structural association amongst barriers to software outsourcing partnership formation: An interpretive structural modelling approach. J. Softw. Evol. Process 32(6), e2243 (2020).
Ali, S. et al. Analyzing the interactions among factors affecting cloud adoption for software testing: a two-stage ISM-ANN approach. Soft Comput. 26(16), 8047–8075 (2022).
Qureshi, K. M. et al. Accomplishing sustainability in manufacturing system for small and medium-sized enterprises (SMEs) through lean implementation. Sustainability 14(15), 9732 (2022).
Qureshi, M. R. & Kumar, P. An integrated model to identify and classify the key criteria and their role in the assessment of 3PL services providers. Asia Pacific J. Mark. Logist. 20, 227–249 (2008).
Qureshi, M. R. & Kumar, P. Modeling the logistics outsourcing relationship variables to enhance shippers’ productivity and competitiveness in logistical supply chain. Int. J. Product. Perform. Manag. 56, 689–714 (2007).
Gershfeld, I. & Sturm, A. Evaluating the effectiveness of a security flaws prevention tool. Inf. Softw. Technol. 170, 107427 (2024).
McKevitt, J., Vorobyov, E. I. & Kulikov, I. Accelerating Fortran codes: A method for integrating Coarray Fortran with CUDA Fortran and OpenMP. Journal of Parallel and Distributed Computing 195, 104977 (2025).
Dobre, D. & Vasilățeanu, A. Electronic health record authentication and authorization using Blockchain and QR codes. Proced. Comput. Sci. 239, 1784–1791 (2024).
Harmening, J. Chapter 24—Information security essentials for IT managers: Protecting mission-critical systems. In Computer and Information Security Handbook (Fourth Edition), (ed. Vacca, J. R.), 423–432 (Morgan Kaufmann, 2025).
Lange, F. & Kunz, I. Evolution of secure development lifecycles and maturity models in the context of hosted solutions. J. Soft: Evol. Process 36, e2711 (2024).
Kim, M., Yang, H. & Lee, J. Fully private and secure coded matrix multiplication with colluding workers. ICT Express 9, 722 (2023).
McIntosh, T. R. et al. From COBIT to ISO 42001: Evaluating cybersecurity frameworks for opportunities, risks, and regulatory compliance in commercializing large language models. Comput. Secur. 144, 103964 (2024).
Casola, V., De Benedictis, A., Mazzocca, C. & Orbinato, V. Secure software development and testing: A model-based methodology. Computers & Security 137, 103639 (2023).
Chomutare, T. et al. Improving quality of ICD-10 (International statistical classification of diseases, tenth revision) coding using AI: Protocol for a crossover randomized controlled trial. JMIR Res. Protoc. 13, e54593 (2024).
Almeida, Y. et al. AICodeReview: Advancing code quality with AI-enhanced reviews. SoftwareX 26, 101677 (2024).
Rodriguez, D. V. et al. Leveraging generative AI tools to support the development of digital solutions in health care research: Case study. JMIR Hum. Factors 11, e52885 (2024).
Maikantis, T. et al. Code beauty is in the eye of the beholder: Exploring the relation between code beauty and quality. J. Syst. Softw. 229, 112494 (2025).
Wang, M., Zhang, Y. & Wen, W. Improved capsule networks based on Nash equilibrium for malicious code classification. Comput. Secur. 136, 103503 (2024).
Kim, H., Kim, I. & Kim, K. AIBFT: Artificial intelligence browser forensic toolkit. Forensic Sci. Int. Digit. Investig. 36, 301091 (2021).
Butt, M. A., Qayyum, A., Ali, H., Al-Fuqaha, A. & Qadir, J. Towards secure private and trustworthy human-centric embedded machine learning: An emotion-aware facial recognition case study. Comput. Secur. 125, 103058 (2023).
Chen, P., Du, X., Lu, Z. & Chai, H. Universal adversarial backdoor attacks to fool vertical federated learning. Comput. Secur. 137, 103601 (2024).
Sharma, O., Sharma, A. & Kalia, A. MIGAN: GAN for facilitating malware image synthesis with improved malware classification on novel dataset. Expert Syst. Appl. 241, 122678 (2024).
Marashdih, A. W., Zaaba, Z. F. & Suwais, K. Predicting input validation vulnerabilities based on minimal SSA features and machine learning. J. King Saud Univ. Comput. Inf. Sci. 34(10), 9311–9331 (2022).
Im, D. et al. Prediction of load-dependent power loss based on a machine learning approach in gear pairs with mixed elastohydrodynamic lubrication. Tribol. Int. 206, 110597 (2025).
Wang, T. & Strodthoff, N. S4Sleep: Elucidating the design space of deep-learning-based sleep stage classification models. Comput. Biol. Med. 187, 109735 (2025).
Sun, Y. & Wang, Z. Intrusion detection in IoT and wireless networks using image-based neural network classification. Appl. Soft Comput. 177, 113236 (2025).
Azha, S. F. et al. Enhancing river health monitoring: Developing a reliable predictive model and mitigation plan. Ecol. Ind. 156, 111190 (2023).
Pritee, Z. T. et al. Machine learning and deep learning for user authentication and authorization in cybersecurity: A state-of-the-art review. Comput. Secur. 140, 103747 (2024).
Thapliyal, S. et al. Secure artificial intelligence of things (AIoT)-enabled authenticated key agreement technique for smart living environment. Comput. Electr. Eng. 118, 109353 (2024).
Al-Ghamdi, A. S. A. L. M. & Ragab, M. Artificial intelligence techniques based learner authentication in cybersecurity higher education institutions. Comput. Mater. Contin. 72(2), 3131–3144 (2022).
Pannyagol, D. B. B. & Deshpande, D. S. L. Ensure authentication and confidentiality in blockchain-based IoT with cryptanalysis and machine learning in 6G-enabled heterogeneous IoT-Blockchain. Comput. Electr. Eng. 124, 110303 (2025).
Yao, L. & Jin, M. Research on accounting data encryption processing system based on artificial intelligence. Proced. Comput. Sci. 228, 373–382 (2023).
Xu, D., Li, G., Xu, W. & Wei, C. Design of artificial intelligence image encryption algorithm based on hyperchaos. Ain Shams Eng. J. 14(3), 101891 (2023).
Xiong, J., Chen, J., Lin, J., Jiao, D. & Liu, H. Enhancing privacy-preserving machine learning with self-learnable activation functions in fully homomorphic encryption. J. Inf. Secur. Appl. 86, 103887 (2024).
Ameur, Y. & Bouzefrane, S. Enhancing privacy in VANETs through homomorphic encryption in machine learning applications. Proced. Comput. Sci. 238, 151–158 (2024).
Johnston, R., Sarkani, S., Mazzuchi, T., Holzer, T. & Eveleigh, T. Bayesian-model averaging using MCMCBayes for web-browser vulnerability discovery. Reliab. Eng. Syst. Saf. 183, 341–359 (2019).
Li, X., Xin, Y., Zhu, H., Yang, Y. & Chen, Y. Cross-domain vulnerability detection using graph embedding and domain adaptation. Comput. Secur. 125, 103017 (2023).
Tang, X., Du, Y., Lai, A., Zhang, Z. & Shi, L. Deep learning-based solution for smart contract vulnerabilities detection. Sci. Rep. 13(1), 20106 (2023).
Ain, Q. U., Javed, A. & Irtaza, A. DeepEvader: An evasion tool for exposing the vulnerability of deepfake detectors using transferable facial distraction blackbox attack. Eng. Appl. Artif. Intell. 145, 110276 (2025).
Ferrag, M.A., Alwahedi, F., Battah, A., Cherif, B., Mechri, A., Tihanyi, N., Bisztray, T. & Debbah, M. Generative AI in Cybersecurity: A Comprehensive Review of LLM Applications and Vulnerabilities (2025).
Tasneem, S., Gupta, K. D., Roy, A. & Dasgupta, D. Generative Adversarial Networks (GAN) for Cyber Security: Challenges and Opportunities (2023).
Layman, L. & Vetter, R. Generative Artificial Intelligence and the Future of Software Testing 57(01), 27–32 (2024).
Sengar, S. S., Hasan, A. B., Kumar, S. & Carroll, F. Generative artificial intelligence: A systematic review and applications. Multimed. Tools Appl. (2024).
Abumalloh, R. A., Nilashi, M., Ooi, K. B., Tan, G. W. H. & Chan, H. K. Impact of generative artificial intelligence models on the performance of citizen data scientists in retail firms. Comput. Ind. 161, 104128 (2024).
Alwahedi, F., Aldhaheri, A., Ferrag, M. A., Battah, A. & Tihanyi, N. Machine learning techniques for IoT security: Current research and future vision with generative AI and large language models. Internet Things Cyber Phys. Syst. 4, 167–185 (2024).
Jati, A. et al. Adversarial attack and defense strategies for deep speaker recognition systems. Comput. Speech Lang. 68, 101199 (2021).
Goodfellow, I. J., Pouget-Abadie, J., Mirza, M., Xu, B., Warde-Farley, D., Ozair, S., Courville, A. C. & Bengio, Y. Generative Adversarial Nets (2014).
Cai, Z. et al. Generative adversarial networks: A survey toward private and secure applications. ACM Comput. Surv. 54(6), Article 132 (2021).
Gupta, P., Ding, B., Guan, C. & Ding, D. Generative AI: A systematic review using topic modelling techniques. Data Inf. Manag. 8(2), 100066 (2024).
Mhlanga, D. Generative AI for emerging researchers: The promises, ethics, and risks. SSRN Electr. J. (2024).
Novelli, C., Casolari, F., Hacker, P., Spedicato, G. & Floridi, L. Generative AI in EU law: Liability, privacy, intellectual property, and cybersecurity. Comput. Law Secur. Rev. 55, 106066 (2024).
Teo, Z. L., Quek, C. W. N., Wong, J. L. Y. & Ting, D. S. W. Cybersecurity in the generative artificial intelligence era. Asia Pac. J. Ophthalmol. 13(4), 100091 (2024).
Gupta, R. & Rathore, B. Exploring the generative AI adoption in service industry: A mixed-method analysis. J. Retail. Consum. Serv. 81, 103997 (2024).
Dalalah, D. & Dalalah, O. M. The false positives and false negatives of generative AI detection tools in education and academic research: The case of ChatGPT. Int. J. Manag. Educ. 21(2), 100822 (2023).
Aleti, A. Software Testing of Generative AI Systems: Challenges and Opportunities 4–14.
Kaur, R., Klobučar, T. & Gabrijelčič, D. Harnessing the power of language models in cybersecurity: A comprehensive review. Int. J. Inf. Manag. Data Insights 5(1), 100315 (2025).
Shafiq, M., Yu, X., Bashir, A. K., Chaudhry, H. N. & Wang, D. A machine learning approach for feature selection traffic classification using security analysis. J. Supercomput. 74(10), 4867–4892 (2018).
Abba, S., Bizi, A. M., Lee, J.-A., Bakouri, S. & Crespo, M. L. Real-time object detection, tracking, and monitoring framework for security surveillance systems. Heliyon 10(15), e34922 (2024).
Azeem Akbar, M., Mahmood, S., Alsanad, A. & Com, A. Toward successful DevSecOps in software development organizations: A decision-making framework. Inf. Softw. Technol. 147, 1068694 (2022).
Kannan, G., Pokharel, S. & Sasi Kumar, P. A hybrid approach using ISM and fuzzy TOPSIS for the selection of reverse logistics provider. Resour. Conserv. Recycl. 54(1), 28–36 (2009).
Agarwal, A. & Vrat, P. Modeling attributes of human body organization using ISM and AHP. Jindal J. Bus. Res. 6(1), 44–62 (2017).
Venson, E., Clark, B. & Boehm, B. The effects of required security on software development effort: Quantifying secure software practices impact on development cost and quality. J. Syst. Softw. 209, 111874 (2024).
Soni, M. End to End Automation on Cloud with Build Pipeline: The Case for DevOps in Insurance Industry, Continuous Integration, Continuous Testing, and Continuous Delivery (2015).
Attri, R., Grover, S., Dev, N. & Kumar, D. Analysis of barriers of total productive maintenance (TPM). Int. J. Syst. Assur. Eng. Manag. 4(4), 365–377 (2013).
Warfield, J. N. Developing interconnection matrices in structural modeling. IEEE Trans. Syst. Man Cybernet. SMC-4(1), 81–87 (1974).
Alwageed, H. S. et al. An empirical study for mitigating sustainable cloud computing challenges using ISM-ANN. PLoS ONE 19(9), 1–34 (2024).
S. A. M. M. S. A. g. t. b. s. i. s. development.
McGraw, G., Migues, S. & West, J. Building Security In Maturity Model (BSIMM) Version 6 1–65, (2015).
S. U. Team, Standard CMMI Appraisal Method for Process Improvement (SCAMPI) A, Version 1.3: Method Definition Document, HANDBOOKCMU/SEI-2011-HB-001, (2011).
Aldin, N. A. N., Abdellatif, W. S. E., Elbarbary, Z. M. S., Omar, A. I. & Mahmoud, M. M. Robust speed controller for PMSG Wind system based on Harris Hawks optimization via wind speed estimation: A real case study. IEEE Access 11, 5929–5943 (2023).
Khan, T. A. et al. Secure IoMT for disease prediction empowered with transfer learning in healthcare 5.0, the concept and case study. IEEE Access 11, 39418–39430 (2023).
Elghanam, E., Ndiaye, M., Hassan, M. S. & Osman, A. H. Location selection for wireless electric vehicle charging lanes using an integrated TOPSIS and binary goal programming method: A UAE case study. IEEE Access 11, 94521–94535 (2023).
Krishnamoorthy, P. et al. Effective scheduling of multi-load automated guided vehicle in spinning mill: A case study. IEEE Access 11, 9389–9402 (2023).
Saeed, H., Shafi, I., Ahmad, J., Ahmed Khan, A., Khurshaid, T. & Ashraf, I. Review of techniques for integrating security in the software development lifecycle. Computers, Materials & Continua 82 (1), 1–35 (2025).
Alzahrani, A. & Khan, R. A. Secure software design evaluation and decision making model for ubiquitous computing: A two-stage ANN-Fuzzy AHP approach. Comput. Human Behav. 153, 108109 (2023).
Patsakis, C., Casino, F. & Lykousas, N. Assessing LLMs in malicious code deobfuscation of real-world malware campaigns. Expert Syst. Appl. 256, 124912 (2024).
Ding, H., Liu, Y., Piao, X., Song, H. & Ji, Z. SmartGuard: An LLM-enhanced framework for smart contract vulnerability detection. Expert Syst. Appl. 269, 126479 (2025).
Gurtu, A. & Lim, D. Chapter 101—Use of artificial intelligence (AI) in cybersecurity. In Computer and Information Security Handbook (Fourth Edition), (ed. Vacca, J. R.) 1617–1624 (Morgan Kaufmann, 2025).
Diro, A. et al. Workplace security and privacy implications in the GenAI age: A survey. J. Inf. Secur. Appl. 89, 103960 (2025).
Sá, D. et al. A state-of-the-art of intelligent problem-oriented low-code systems. Proced. Comput. Sci. 257, 1122–1127 (2025).
Qu, Y., Huang, S. & Nie, P. A review of backdoor attacks and defenses in code large language models: Implications for security measures. Inf. Softw. Technol. 182, 107707 (2025).
Becker, B.A., Denny, P., Finnie-Ansley, J., Luxton-Reilly, A., Prather, J. & Santos, E.A. Programming is hard-or at least it used to be: Educational opportunities and challenges of AI code generation. 500–506 (2023).
Cotroneo, D., Foggia, A., Improta, C., Liguori, P. & Natella, R. Automating the correctness assessment of AI-generated code for security contexts. J. Syst. Softw. 216, 112113 (2024).
Khan, H. U. et al. AI-driven cybersecurity framework for software development based on the ANN-ISM paradigm. Sci. Rep. 15(1), 13423 (2025).
Alfayez, R., Winn, R., Alwehaibi, W., Venson, E. & Boehm, B. How SonarQube-identified technical debt is prioritized: An exploratory case study. Inf. Softw. Technol. 156, 107147 (2023).
del Hoyo-Gabaldon, J. A., Moreno-Cediel, A., Garcia-Lopez, E., Garcia-Cabot, A. & de Fitero-Dominguez, D. Automatic dataset generation for automated program repair of bugs and vulnerabilities through SonarQube. SoftwareX 26, 101664 (2024).
Kessel, M. & Atkinson, C. Code search engines for the next generation. J. Syst. Softw. 215, 112065 (2024).
Sparkes, M. AI programmer may be reusing code without asking. New Sci. 251(3343), 13 (2021).
Ndukwe, I. G., Licorish, S. A., Tahir, A. & MacDonell, S. G. How have views on software quality differed over time? Research and practice viewpoints. J. Syst. Softw. 195, 111524 (2023).
Tooki, O. O. & Popoola, O. M. A critical review on intelligent-based techniques for detection and mitigation of cyberthreats and cascaded failures in cyber-physical power systems. Renew. Energy Focus 51, 100628 (2024).
Sinha, M., Bera, P. & Satpathy, M. SDN_Guard: An advanced machine learning based defense system against packet injection attacks in SDN. Proced. Comput. Sci. 258, 2490–2499 (2025).
Rahman, M. A., Bhuiyan, T. & Ali, M. A. Enhancing aviation safety: Machine learning for real-time ADS-B injection detection through advanced data analysis. Alex. Eng. J. 126, 262–276 (2025).
Crespo-Martínez, I. S. et al. SQL injection attack detection in network flow data. Comput. Secur. 127, 103093 (2023).
Gaber, T., El-Ghamry, A. & Hassanien, A. E. Injection attack detection using machine learning for smart IoT applications. Phys. Commun. 52, 101685 (2022).
Kaur, R., Gabrijelčič, D. & Klobučar, T. Artificial intelligence for cybersecurity: Literature review and future research directions. Information Fusion97, 101804 (2023).
Fui-Hoon Nah, F., Zheng, R., Cai, J., Siau, K. & Chen, L. Generative AI and ChatGPT: Applications, Challenges, and AI-Human Collaboration 3, 277–304 (Taylor & Francis, 2023).
Huang, L., Liu, H., Liu, Y., Shang, Y. & Li, Z. A Generative Adversarial Imitation Learning Method for Continuous Integration Testing 1084–1089 (2024).
Ma, Z., Mei, G. & Xu, N. Generative deep learning for data generation in natural hazard analysis: Motivations, advances, challenges, and opportunities. Artif. Intell. Rev. 57(6), 160 (2024).
Nadella, G. S. et al. Generative AI-enhanced cybersecurity framework for enterprise data privacy management. Computers 14(2), 55 (2025).
Sharma, P., Kumar, M., Sharma, H. K. & Biju, S. M. Generative adversarial networks (GANs): Introduction, Taxonomy, Variants, Limitations, and Applications. Multimed. Tools Appl. 83, 88811 (2024).
Sabuhi, M., Zhou, M., Bezemer, C. P. & Musilek, P. Applications of generative adversarial networks in anomaly detection: A systematic literature review. IEEE Access 9, 161003–161029 (2021).
Venkatesan, K. & Rahayu, S. B. Blockchain security enhancement: An approach towards hybrid consensus algorithms and machine learning techniques. Sci. Rep. 14(1), 1149 (2024).
Rabhi, M., Bakiras, S. & Di Pietro, R. Audio-deepfake detection: Adversarial attacks and countermeasures. Expert Syst. Appl. 250, 123941 (2024).
Coppolino, L., D’Antonio, S., Mazzeo, G. & Uccello, F. The good, the bad, and the algorithm: The impact of generative AI on cybersecurity. Neurocomputing 623, 129406 (2025).
Khan, R. A., Khan, H. U., Alwageed, H. S., Al Hashimi, H. A. & Keshta, I. 5G networks security mitigation model: An ANN-ISM hybrid approach. IEEE Open J. Commun. Soc. 6, 881–925 (2025).
Guo, X. Towards Automated Software Testing with Generative Adversarial Networks 21–22 (2021).
Ding, A., Li, G., Yi, X., Lin, X., Li, J. & Zhang, C Generative artificial intelligence for software security analysis: fundamentals, applications, and challenges. IEEE Soft. 1–8 (2024).
Ebert, C. & Louridas, P. Generative AI for software practitioners. IEEE Softw. 40(4), 30–38 (2023).
Garousi, V., Felderer, M. & Mäntylä, M. V. Guidelines for including grey literature and conducting multivocal literature reviews in software engineering. Inf. Softw. Technol. 106, 101–121 (2019).
Itodo, C. & Ozer, M. Multivocal literature review on zero-trust security implementation. Comput. Secur. 141, 103827 (2024).
Akbar, M. A., Smolander, K., Mahmood, S. & Alsanad, A. Toward successful DevSecOps in software development organizations: A decision-making framework. Inf. Softw. Technol. 147, 106894 (2022).
Al-Matouq, H., Mahmood, S., Alshayeb, M. & Niazi, M. A maturity model for secure software design: A multivocal study. IEEE Access 8, 215758–215776 (2020).
Wagner, S. et al. Status Quo in requirements engineering: A theory and a global family of surveys. ACM Trans. Softw. Eng. Methodol. 28(2), Article 9 (2019).
Humayun, M., Niazi, M., Assiri, M. & Haoues, M. Secure global software development: A practitioners’ perspective. Appl. Sci. 13(4), 2465 (2023).
Ilyas, M., Khan, S. U., Khan, H. U. & Rashid, N. Software integration model: An assessment tool for global software development vendors. J. Soft: Evol. Process 36, e2540 (2023).
Creswell, J. W. Research Design: Qualitative, Quantitative and Mixed Methods Approaches 3rd edn. (Sage, London, 2009).
Lethbridge, T. C., Sim, S. E. & Singer, J. Studying software engineers: Data collection techniques for software field studies. Empir. Softw. Eng. 10(3), 311–341 (2005).
Lee, S.-C. Prediction of concrete strength using artificial neural networks. Eng. Struct. 25(7), 849–857 (2003).
Leong, L.-Y., Hew, T.-S., Tan, G.W.-H. & Ooi, K.-B. Predicting the determinants of the NFC-enabled mobile credit card acceptance: A neural networks approach. Expert Syst. Appl. 40(14), 5604–5620 (2013).
Chan, F. T. & Chong, A. Y. A SEM–neural network approach for understanding determinants of interorganizational system standard adoption and performances. Decis. Support Syst. 54(1), 621–630 (2012).
Zhang, H., Wang, L., Sheng, Y., Xu, X., Mankoff, J. & Dey, A. K. A framework for designing fair ubiquitous computing systems. arXiv preprint arXiv:2308.08710 (2023).
Chong, A.Y.-L. Predicting m-commerce adoption determinants: A neural network approach. Expert Syst. Appl. 40(2), 523–530 (2013).
Hertz, J., Krogh, A., Palmer, R. G. & Horner, H. Introduction to the Theory of Neural Computation (American Institute of Physics, 1991).
Alnaizy, R., Aidan, A., Abachi, N. & Jabbar, N. A. Neural network model identification and advanced control of a membrane biological reactor. J. Membr. Sep. Technol. 2(4), 231 (2013).
S. A. P, Interpretive Structural Modeling: Methodology for Large Scale Systems 1–445 (New York, McGraw-Hill 1977).
Ravi, V. & Shankar, R. Analysis of interactions among the barriers of reverse logistics. Technol. Forecast. Soc. Chang. 72(8), 1011–1029 (2005).
Rafi, S., Akbar, M. A., Mahmood, S., Alsanad, A. & Alothaim, A. Selection of DevOps best test practices: A hybrid approach using ISM and fuzzy TOPSIS analysis. J. Soft. Evol. Process 34(5), e2448 (2022).
Qureshi, K. M. et al. Exploring the lean implementation barriers in small and medium-sized enterprises using interpretive structure modeling and interpretive ranking process. Appl. Syst. Innov. 5(4), 84 (2022).
Talib, F., Rahman, Z. & Qureshi, M. R. An interpretive structural modeling approach for modeling the practices of total quality management in service sector. Int. J. Model. Oper. Manage. Indersci. 1, 223–250 (2011).
Rafi, S. et al. Exploration of DevOps testing process capabilities: An ISM and fuzzy TOPSIS analysis. Appl. Soft Comput. 116, 108377 (2022).
Sakar, C., Koseoglu, B., Toz, A. C. & Buber, M. Analysing the effects of liquefaction on capsizing through integrating interpretive structural modelling (ISM) and fuzzy Bayesian networks (FBN). Ocean Eng. 215, 107917 (2020).
Patel, M. N., Pujara, A. A., Kant, R. & Malviya, R. K. Assessment of circular economy enablers: Hybrid ISM and fuzzy MICMAC approach. J. Clean. Prod. 317, 128387 (2021).
Ali, S., Huang, J., Khan, S. U. & Li, H. A framework for modelling structural association amongst barriers to software outsourcing partnership formation: An interpretive structural modelling approach. J. Softw. Evol. Process 32(6), e2243 (2020).
Ali, S. et al. Analyzing the interactions among factors affecting cloud adoption for software testing: a two-stage ISM-ANN approach. Soft Comput. 26(16), 8047–8075 (2022).
Qureshi, K. M. et al. Accomplishing sustainability in manufacturing system for small and medium-sized enterprises (SMEs) through lean implementation. Sustainability 14(15), 9732 (2022).
Qureshi, M. R. & Kumar, P. An integrated model to identify and classify the key criteria and their role in the assessment of 3PL services providers. Asia Pacific J. Mark. Logist. 20, 227–249 (2008).
Qureshi, M. R. & Kumar, P. Modeling the logistics outsourcing relationship variables to enhance shippers’ productivity and competitiveness in logistical supply chain. Int. J. Product. Perform. Manag. 56, 689–714 (2007).
Gershfeld, I. & Sturm, A. Evaluating the effectiveness of a security flaws prevention tool. Inf. Softw. Technol. 170, 107427 (2024).
McKevitt, J., Vorobyov, E. I. & Kulikov, I. Accelerating Fortran codes: A method for integrating Coarray Fortran with CUDA Fortran and OpenMP. Journal of Parallel and Distributed Computing 195, 104977 (2025).
Dobre, D. & Vasilățeanu, A. Electronic health record authentication and authorization using Blockchain and QR codes. Proced. Comput. Sci. 239, 1784–1791 (2024).
Harmening, J. Chapter 24—Information security essentials for IT managers: Protecting mission-critical systems. In Computer and Information Security Handbook (Fourth Edition), (ed. Vacca, J. R.), 423–432 (Morgan Kaufmann, 2025).
Lange, F. & Kunz, I. Evolution of secure development lifecycles and maturity models in the context of hosted solutions. J. Soft: Evol. Process 36, e2711 (2024).
Kim, M., Yang, H. & Lee, J. Fully private and secure coded matrix multiplication with colluding workers. ICT Express 9, 722 (2023).
McIntosh, T. R. et al. From COBIT to ISO 42001: Evaluating cybersecurity frameworks for opportunities, risks, and regulatory compliance in commercializing large language models. Comput. Secur. 144, 103964 (2024).
Casola, V., De Benedictis, A., Mazzocca, C. & Orbinato, V. Secure software development and testing: A model-based methodology. Computers & Security 137, 103639 (2023).
Chomutare, T. et al. Improving quality of ICD-10 (International statistical classification of diseases, tenth revision) coding using AI: Protocol for a crossover randomized controlled trial. JMIR Res. Protoc. 13, e54593 (2024).
Almeida, Y. et al. AICodeReview: Advancing code quality with AI-enhanced reviews. SoftwareX 26, 101677 (2024).
Rodriguez, D. V. et al. Leveraging generative AI tools to support the development of digital solutions in health care research: Case study. JMIR Hum. Factors 11, e52885 (2024).
Maikantis, T. et al. Code beauty is in the eye of the beholder: Exploring the relation between code beauty and quality. J. Syst. Softw. 229, 112494 (2025).
Wang, M., Zhang, Y. & Wen, W. Improved capsule networks based on Nash equilibrium for malicious code classification. Comput. Secur. 136, 103503 (2024).
Kim, H., Kim, I. & Kim, K. AIBFT: Artificial intelligence browser forensic toolkit. Forensic Sci. Int. Digit. Investig. 36, 301091 (2021).
Butt, M. A., Qayyum, A., Ali, H., Al-Fuqaha, A. & Qadir, J. Towards secure private and trustworthy human-centric embedded machine learning: An emotion-aware facial recognition case study. Comput. Secur. 125, 103058 (2023).
Chen, P., Du, X., Lu, Z. & Chai, H. Universal adversarial backdoor attacks to fool vertical federated learning. Comput. Secur. 137, 103601 (2024).
Sharma, O., Sharma, A. & Kalia, A. MIGAN: GAN for facilitating malware image synthesis with improved malware classification on novel dataset. Expert Syst. Appl. 241, 122678 (2024).
Marashdih, A. W., Zaaba, Z. F. & Suwais, K. Predicting input validation vulnerabilities based on minimal SSA features and machine learning. J. King Saud Univ. Comput. Inf. Sci. 34(10), 9311–9331 (2022).
Im, D. et al. Prediction of load-dependent power loss based on a machine learning approach in gear pairs with mixed elastohydrodynamic lubrication. Tribol. Int. 206, 110597 (2025).
Wang, T. & Strodthoff, N. S4Sleep: Elucidating the design space of deep-learning-based sleep stage classification models. Comput. Biol. Med. 187, 109735 (2025).
Sun, Y. & Wang, Z. Intrusion detection in IoT and wireless networks using image-based neural network classification. Appl. Soft Comput. 177, 113236 (2025).
Azha, S. F. et al. Enhancing river health monitoring: Developing a reliable predictive model and mitigation plan. Ecol. Ind. 156, 111190 (2023).
Pritee, Z. T. et al. Machine learning and deep learning for user authentication and authorization in cybersecurity: A state-of-the-art review. Comput. Secur. 140, 103747 (2024).
Thapliyal, S. et al. Secure artificial intelligence of things (AIoT)-enabled authenticated key agreement technique for smart living environment. Comput. Electr. Eng. 118, 109353 (2024).
Al-Ghamdi, A. S. A. L. M. & Ragab, M. Artificial intelligence techniques based learner authentication in cybersecurity higher education institutions. Comput. Mater. Contin. 72(2), 3131–3144 (2022).
Pannyagol, D. B. B. & Deshpande, D. S. L. Ensure authentication and confidentiality in blockchain-based IoT with cryptanalysis and machine learning in 6G-enabled heterogeneous IoT-Blockchain. Comput. Electr. Eng. 124, 110303 (2025).
Yao, L. & Jin, M. Research on accounting data encryption processing system based on artificial intelligence. Proced. Comput. Sci. 228, 373–382 (2023).
Xu, D., Li, G., Xu, W. & Wei, C. Design of artificial intelligence image encryption algorithm based on hyperchaos. Ain Shams Eng. J. 14(3), 101891 (2023).
Xiong, J., Chen, J., Lin, J., Jiao, D. & Liu, H. Enhancing privacy-preserving machine learning with self-learnable activation functions in fully homomorphic encryption. J. Inf. Secur. Appl. 86, 103887 (2024).
Ameur, Y. & Bouzefrane, S. Enhancing privacy in VANETs through homomorphic encryption in machine learning applications. Proced. Comput. Sci. 238, 151–158 (2024).
Johnston, R., Sarkani, S., Mazzuchi, T., Holzer, T. & Eveleigh, T. Bayesian-model averaging using MCMCBayes for web-browser vulnerability discovery. Reliab. Eng. Syst. Saf. 183, 341–359 (2019).
Li, X., Xin, Y., Zhu, H., Yang, Y. & Chen, Y. Cross-domain vulnerability detection using graph embedding and domain adaptation. Comput. Secur. 125, 103017 (2023).
Tang, X., Du, Y., Lai, A., Zhang, Z. & Shi, L. Deep learning-based solution for smart contract vulnerabilities detection. Sci. Rep. 13(1), 20106 (2023).
Ain, Q. U., Javed, A. & Irtaza, A. DeepEvader: An evasion tool for exposing the vulnerability of deepfake detectors using transferable facial distraction blackbox attack. Eng. Appl. Artif. Intell. 145, 110276 (2025).
Ferrag, M.A., Alwahedi, F., Battah, A., Cherif, B., Mechri, A., Tihanyi, N., Bisztray, T. & Debbah, M. Generative AI in Cybersecurity: A Comprehensive Review of LLM Applications and Vulnerabilities (2025).
Tasneem, S., Gupta, K. D., Roy, A. & Dasgupta, D. Generative Adversarial Networks (GAN) for Cyber Security: Challenges and Opportunities (2023).
Layman, L. & Vetter, R. Generative Artificial Intelligence and the Future of Software Testing 57(01), 27–32 (2024).
Sengar, S. S., Hasan, A. B., Kumar, S. & Carroll, F. Generative artificial intelligence: A systematic review and applications. Multimed. Tools Appl. (2024).
Abumalloh, R. A., Nilashi, M., Ooi, K. B., Tan, G. W. H. & Chan, H. K. Impact of generative artificial intelligence models on the performance of citizen data scientists in retail firms. Comput. Ind. 161, 104128 (2024).
Alwahedi, F., Aldhaheri, A., Ferrag, M. A., Battah, A. & Tihanyi, N. Machine learning techniques for IoT security: Current research and future vision with generative AI and large language models. Internet Things Cyber Phys. Syst. 4, 167–185 (2024).
Jati, A. et al. Adversarial attack and defense strategies for deep speaker recognition systems. Comput. Speech Lang. 68, 101199 (2021).
Goodfellow, I. J., Pouget-Abadie, J., Mirza, M., Xu, B., Warde-Farley, D., Ozair, S., Courville, A. C. & Bengio, Y. Generative Adversarial Nets (2014).
Cai, Z. et al. Generative adversarial networks: A survey toward private and secure applications. ACM Comput. Surv. 54(6), Article 132 (2021).
Gupta, P., Ding, B., Guan, C. & Ding, D. Generative AI: A systematic review using topic modelling techniques. Data Inf. Manag. 8(2), 100066 (2024).
Mhlanga, D. Generative AI for emerging researchers: The promises, ethics, and risks. SSRN Electr. J. (2024).
Novelli, C., Casolari, F., Hacker, P., Spedicato, G. & Floridi, L. Generative AI in EU law: Liability, privacy, intellectual property, and cybersecurity. Comput. Law Secur. Rev. 55, 106066 (2024).
Teo, Z. L., Quek, C. W. N., Wong, J. L. Y. & Ting, D. S. W. Cybersecurity in the generative artificial intelligence era. Asia Pac. J. Ophthalmol. 13(4), 100091 (2024).
Gupta, R. & Rathore, B. Exploring the generative AI adoption in service industry: A mixed-method analysis. J. Retail. Consum. Serv. 81, 103997 (2024).
Dalalah, D. & Dalalah, O. M. The false positives and false negatives of generative AI detection tools in education and academic research: The case of ChatGPT. Int. J. Manag. Educ. 21(2), 100822 (2023).
Aleti, A. Software Testing of Generative AI Systems: Challenges and Opportunities 4–14.
Kaur, R., Klobučar, T. & Gabrijelčič, D. Harnessing the power of language models in cybersecurity: A comprehensive review. Int. J. Inf. Manag. Data Insights 5(1), 100315 (2025).
Shafiq, M., Yu, X., Bashir, A. K., Chaudhry, H. N. & Wang, D. A machine learning approach for feature selection traffic classification using security analysis. J. Supercomput. 74(10), 4867–4892 (2018).
Abba, S., Bizi, A. M., Lee, J.-A., Bakouri, S. & Crespo, M. L. Real-time object detection, tracking, and monitoring framework for security surveillance systems. Heliyon 10(15), e34922 (2024).
Azeem Akbar, M., Mahmood, S., Alsanad, A. & Com, A. Toward successful DevSecOps in software development organizations: A decision-making framework. Inf. Softw. Technol. 147, 1068694 (2022).
Kannan, G., Pokharel, S. & Sasi Kumar, P. A hybrid approach using ISM and fuzzy TOPSIS for the selection of reverse logistics provider. Resour. Conserv. Recycl. 54(1), 28–36 (2009).
Agarwal, A. & Vrat, P. Modeling attributes of human body organization using ISM and AHP. Jindal J. Bus. Res. 6(1), 44–62 (2017).
Venson, E., Clark, B. & Boehm, B. The effects of required security on software development effort: Quantifying secure software practices impact on development cost and quality. J. Syst. Softw. 209, 111874 (2024).
Soni, M. End to End Automation on Cloud with Build Pipeline: The Case for DevOps in Insurance Industry, Continuous Integration, Continuous Testing, and Continuous Delivery (2015).
Attri, R., Grover, S., Dev, N. & Kumar, D. Analysis of barriers of total productive maintenance (TPM). Int. J. Syst. Assur. Eng. Manag. 4(4), 365–377 (2013).
Warfield, J. N. Developing interconnection matrices in structural modeling. IEEE Trans. Syst. Man Cybernet. SMC-4(1), 81–87 (1974).
Alwageed, H. S. et al. An empirical study for mitigating sustainable cloud computing challenges using ISM-ANN. PLoS ONE 19(9), 1–34 (2024).
S. A. M. M. S. A. g. t. b. s. i. s. development.
McGraw, G., Migues, S. & West, J. Building Security In Maturity Model (BSIMM) Version 6 1–65, (2015).
S. U. Team, Standard CMMI Appraisal Method for Process Improvement (SCAMPI) A, Version 1.3: Method Definition Document, HANDBOOKCMU/SEI-2011-HB-001, (2011).
Aldin, N. A. N., Abdellatif, W. S. E., Elbarbary, Z. M. S., Omar, A. I. & Mahmoud, M. M. Robust speed controller for PMSG Wind system based on Harris Hawks optimization via wind speed estimation: A real case study. IEEE Access 11, 5929–5943 (2023).
Khan, T. A. et al. Secure IoMT for disease prediction empowered with transfer learning in healthcare 5.0, the concept and case study. IEEE Access 11, 39418–39430 (2023).
Elghanam, E., Ndiaye, M., Hassan, M. S. & Osman, A. H. Location selection for wireless electric vehicle charging lanes using an integrated TOPSIS and binary goal programming method: A UAE case study. IEEE Access 11, 94521–94535 (2023).
Krishnamoorthy, P. et al. Effective scheduling of multi-load automated guided vehicle in spinning mill: A case study. IEEE Access 11, 9389–9402 (2023).
Saeed, H., Shafi, I., Ahmad, J., Ahmed Khan, A., Khurshaid, T. & Ashraf, I. Review of techniques for integrating security in the software development lifecycle. Computers, Materials & Continua 82 (1), 1–35 (2025).
Alzahrani, A. & Khan, R. A. Secure software design evaluation and decision making model for ubiquitous computing: A two-stage ANN-Fuzzy AHP approach. Comput. Human Behav. 153, 108109 (2023).
Grant Information:
ORF-2025-1439 Deanship of Scientific Research, King Saud University; No. CRPG-25-3126 National Cybersecurity Authority (NCA) in the Kingdom of Saudi Arabia
Contributed Indexing:
Keywords: ANN-ISM; Automatic code generation; Case study; Cybersecurity risks; Empirical study; Generative AI practices; Multivocal literature review
Entry Date(s):
Date Created: 20260114 Latest Revision: 20260114
Update Code:
20260116
DOI:
10.1038/s41598-025-34350-3
PMID:
41535698
Database:
MEDLINE
Weitere Informationen
The increasing reliance on automatic code generation integrated with Generative AI technology has raised new challenges for cybersecurity defense against code injection, insecure code templates, and adversarial manipulation of an AI model. These risks make developing advanced frameworks imperative to ensure secure, reliable, and privacy-preserving code generation processes. The paper presents a novel Hybrid Artificial Neural Network (ANN)-Interpretive Structural Modeling (ISM) Framework to alleviate the cybersecurity risks associated with the automatic code generation using Generative AI. The proposed framework integrates the predictive capability of ANN and structured analysis of ISM for the identification, evaluation, and treatment of common vulnerabilities and risks in automatic code generation. We first conduct a multivocal literature review (MLR) to identify cybersecurity risks and generative AI practices for addressing these risks in automatic code generation. Then we conduct a questionnaire survey to identify and validate the identified risks and practices. An expert panel review was then assigned for the process of ANN-ISM. The ANN model can predict potential security risks by learning from historical data and code generation patterns. ISM is used to (1) structure and visualize (2) relations between identified risks and mitigation approaches and (3) offer a combined, multi-layered risk management methodology. We then perform an in-depth examination of the framework with a case study of an AI-based code generation company. We further determine its practicality and usefulness in real-world settings. The case study results show that the framework efficiently handles the primary cybersecurity challenges, such as injection attacks, code quality, backdoors, and lack of input validation. The analysis characterizes the maturity of several mitigation practices and areas for improvement for security integration with automatic code generation functionality. Advanced risk mitigation is enabled in the framework across multiple process areas, where techniques such as static code analysis, automated penetration testing, and adversarial training hold much promise. The Hybrid ANN-ISM Mechanism is a stable and flexible solution for cybersecurity risk reduction in automatic code generation environments. The coupling of ANN and ISM, in terms of predictive analysis and structured risk management, respectively, contributes effectively towards the security of AI-based code generation tools. More research is required to improve the scalability, privacy preserving, and dynamic integration of the framework with cybersecurity threat intelligence.
(© 2026. The Author(s).)
Declarations. Competing interests: The authors declare no competing interests. Ethics approval: This study was conducted in accordance with ethical research guidelines and was reviewed and approved by the Research Ethics Committee at King Saud University and University of Southampton. Informed consent: All participants involved in the survey and expert panel provided their informed consent prior to participation. They were informed about the purpose of the study, assured of the confidentiality of their responses, and notified that their participation was voluntary and anonymous. No personal or identifiable information was collected.