Application of generative artificial intelligence models for cyber threat modelling in e-government systems
Yuliia TovkunRapid digitalisation has turned state platforms into critical-infrastructure assets that require methods for detecting context-dependent attacks beyond traditional approaches. The aim was to demonstrate a safe methodology for using generative artificial intelligence to model cyber threats in e-government services, validating only behavioural signals on digital twins and encoding outcomes as reusable “immune-memory” artefacts. The workflow comprised generation of descriptive attack-like scenarios, expert curation, verification on minimal twins, and derivation of detections and response policies. A total of 170 hypotheses were produced; 107 (62.9%) were retained after curation, and 86 (80.4% of those retained) were reproduced on twins. Across four clusters the recorded metrics were: precision 0.76-0.85, recall 0.68-0.74, and false-positive rate 0.4-1.2%. For sign-in anomalies, precision/recall were 0.81/0.74; for entitlement drift 0.85/0.69; for registry probing 0.79/0.71; and for voting tempo spikes 0.76/0.68. Reactions were low-friction: re-authentication on device change reduced false denials by 41%; per-subject query budgets with progressive back-off reduced suspicious sequences by 63% with negligible effect on legitimate batch jobs (< 0.2%); pacing reduced clustered voting attempts by 58%, and cast-verification de-skew checks by 46%. No exploits were created and no production systems were touched. The practical value is a reproducible process for government cyber-security teams, security operations center operators, and election administrators: twin-validated scenarios translate directly into monitoring rules, moderate-intervention policies (throttling, step-up, pacing, clear denials), and versioned, auditable knowledge artefacts
References
[1] Adida, B. (2008). Helios: Web-based open-audit voting. In Proceedings of the 17th USENIX security symposium (pp. 335-348). Berkeley: USENIX Association.
[2] Alguliyev, R., Aliguliyev, R., & Yusifov, F. (2018). Role of social networks in e-government: Risks and security threats. Online Journal of Communication and Media Technologies, 8(4), 363-376. doi: 10.12973/ojcmt/3957.
[3] Al-Mushayt, O.S. (2019). Automating e-government services with artificial intelligence. IEEE Access, 7, 146821-146829. doi: 10.1109/ACCESS.2019.2946204.
[4] Arif, A., Khan, M.I., & Khan, A.R.A. (2024). An overview of cyber threats generated by AI. International Journal of Multidisciplinary Sciences and Arts, 3(4), 67-76. doi: 10.47709/ijmdsa.v3i4.4753.
[5] Basu, S. (2004). E-government and developing countries: An overview. International Review of Law, Computers & Technology, 18(1), 109-133. doi: 10.1080/13600860410001674779.
[6] Bécue, A., Praça, I., & Gama, J. (2021). Artificial intelligence, cyber-threats and Industry 4.0: Challenges and perspectives. Artificial Intelligence Review, 54, 3849-3886. doi: 10.1007/s10462-020-09942-2.
[7] Bodeau, D.J., McCollum, C.D., & Fox, D.B. (2018). Cyber threat modeling: Survey, assessment, and representative framework. McLean: The MITRE Corporation.
[8] De Santis, M., Esposito, C., & Mastroianni, M. (2025). Privacy risks in connected vehicles: Profiling threats and mitigation strategies. In O. Gervasi, B. Murgante, C. Garau, Y. Karaca, M.N. Faginas Lago, F. Scorza & A.C. Braga (Eds.), Computational science and its applications – ICCSA 2025 workshops (pp. 285-302). Cham: Springer. doi: 10.1007/9783-031-97645-2_19.
[9] Diia. (n.d.). Retreived from https://diia.gov.ua/.
[10] George, A.S., George, A.S.H., & Baskar, T. (2023). Digitally immune systems: Building robust defences in the age of cyber threats. Partners Universal International Innovation Journal, 1(4), 155-172. doi: 10.5281/zenodo.8274514.
[11] Grosse, K., Dixit, P., Stark, E., Trinquier, V., Johansson, T., & Pinkas, B. (2024). Towards more practical threat models in artificial intelligence security. In Proceedings of the 33rd USENIX security symposium (4891-4908). Berkeley: USENIX Association.
[12] Guembe, B., Cáceres-Ortega, A., del Ser, J., Galar, M., Sanchis, A., & Sanz, R. (2022). The emerging threat of AI-driven cyber attacks: A review. Applied Artificial Intelligence, 36(1), article number 2037254. doi: 10.1080/08839514.2022.2037254.
[13] ISO 8601. (2019). Date and time format. Retrieved from https://www.iso.org/iso-8601-date-and-time-format.html.
[14] Jatkiewicz, P. (2025). Assessing cybersecurity methodologies: Integrating competitiveness factor for risk analysis and IT system design. Expert Systems with Applications, 296(D), article number 129220. doi: 10.1016/j.eswa.2025.129220.
[15] Kumar, R., Abdul Hamid, A., Ya’akub, N., Nyamasvisva, T., & Tiwari, R. (Eds.). (2025). Leveraging futuristic machine learning and next-generational security for e-governance. Hershey: IGI Global Scientific Publishing. doi: 10.4018/9798-3693-7883-0.
[16] Lauer, T.W. (2004). The risk of e-voting. Electronic Journal of e-Government, 2(3), 167-186.
[17] Law of Ukraine No. 2297-VI “On Personal Data Protection”. (2010, June). Retrieved from https://zakon.rada.gov.ua/ laws/show/2297-17.
[18] Lunhol, O.M. (2024). Review of methods and strategies of cybersecurity using artificial intelligence. Cybersecurity: Education, Science, Technique, 1(25), 379-389. doi: 10.28925/2663-4023.2024.25.379389.
[19] Miah, M.N.I., Uddin, M.J., & Ahmed, M.W. (2025). AI-driven threat intelligence: Evaluating machine learning for real-time cyber threat sharing among U.S. national security agencies. Journal of Computer Science and Technology Studies, 7(8), 300-313. doi: 10.32996/jcsts.2025.7.8.34.
[20] Mohammed, A. (2023). Elevating cybersecurity audits: How AI is shaping compliance and threat detection. Aitoz Multidisciplinary Review, 2(1), 35-43.
[21] Moore, B.N. (2018). Cyber threats in e-government. (Doctoral dissertation, Northcentral University, San Diego, USA).
[22] Niarakis, A., et al. (2024). Immune digital twins for complex human pathologies: Applications, limitations, and challenges. NPJ Systems Biology and Applications, 10, article number 141. doi: 10.1038/s41540-024-00450-5.
[23] Pardue, H., Landry, J.P., & Yasinsac, A. (2011). E-voting risk assessment: A threat tree for direct recording electronic systems. International Journal of Information Security and Privacy, 5(3), 19-35. doi: 10.4018/jisp.2011070102.
[24] Przystalski, K., Argasiński, J.K., Grabska-Gradzińska, I., & Ochab, J.K. (2025). Stylometry recognizes human and LLM-generated texts in short samples. Expert Systems with Applications, 296(B), article number 129001. doi: 10.1016/j. eswa.2025.129001.
[25] Regulation of the European Parliament and of the Council No. 679 “On the Protection of Natural Persons With Regard to the Processing of Personal Data and on the Free Movement of Such Data and Repealing Directive 95/46/EC” (2016, April). Retrieved from https://eur-lex.europa.eu/eli/reg/2016/679/oj.
[26] Risnanto, S., Abd Rahim, Y., Mohd, O., Andinata, K., Effendi, A.R., & Perdana, R.S. (2021). E-voting: Security, threats and prevention. In 2021 15th international conference on telecommunication systems, services, and applications (TSSA) (pp. 1-8). Piscataway: IEEE. doi: 10.1109/TSSA52866.2021.9768214.
[27] Schatz, M.C., & Phillippy, A.M. (2012). The rise of a digital immune system. GigaScience, 1(1), article number 2047-217X-1-4. doi: 10.1186/2047-217X-1-4.
[28] Sindiramutty, S.R., Tan, C.E., Lau, S.P., Thangaveloo, R., Gharib, A.H., Manchuri, A.R., Khan, N.A., Tee, W.J., & Muniandy, L. (2024). Explainable AI for cybersecurity. In M.M. Ghonge, N. Pradeep & N.Z. Jhanjhi (Eds.), Advances in explainable AI applications for smart cities (pp. 31-97). Hershey: IGI Global. doi: 10.4018/978-1-6684-6361-1.ch002.
[29] Tao, F., Akhtar, M.S., & Jiayuan, Z. (2021). The future of artificial intelligence in cybersecurity: A comprehensive survey. EAI Endorsed Transactions on Creative Technologies, 8(28), article number e3. doi: 10.4108/eai.7-7-2021.170285.
[30] Tovkun, Y. (2025). Cybercrime in the world of digital employment. Collection of Scientific Papers “ΛÓГОΣ”, 225-231. doi: 10.36074/logos-13.12.2024.047.
[31] Vavryk, Y.L., & Opirskyy, I.R. (2024). Artificial intelligence: Cybersecurity of the new generation. Ukrainian Scientific Journal of Information Security, 30(2), 244-255. doi: 10.18372/2225-5036.30.19235.
[32] Weldemariam, K., Villafiorita, A., & Mattioli, A. (2007). Assessing procedural risks and threats in e-voting: Challenges and an approach. In A. Alkassar & M. Volkamer (Eds.), E-voting and identity (pp. 38-49). Berlin: Springer. doi: 10.1007/978-3-540-77493-8_4.
[33] Zambare, P., Thanikella, V.N., & Liu, Y. (2025). Securing agentic AI: Threat modeling and risk analysis for network monitoring agentic AI system. ArXiv. doi: 10.48550/arXiv.2508.10043.
[34] Zhao, J.J., & Zhao, S.Y. (2010). Opportunities and threats: A security assessment of state e-government websites. Government Information Quarterly, 27(1), 49-56. doi: 10.1016/j.giq.2009.07.004.