Computer Science and Mathematics

Abstract: Acoustic side-channel attacks (ASCAs) exploit unintended sound emitted by keyboards to infer typed input, but existing methods generally assume manually-labelled training data and controlled environments, limiting their applicability to realistic scenarios such as online lectures. We develop a pipeline that automatically labels keystroke-sound samples captured from online coding tutorials: video frames are processed with optical character recognition (OCR) to extract the ground-truth character sequence, audio is segmented into clips centred on detected click events, and the two streams are aligned. A convolutional neural network (CNN) is trained on mel-spectrogram features, with transfer learning used to adapt the pretrained model to a target user with minimal samples. Our dataset contains 50 unique keys from standard QWERTZ keyboards recorded during real programming lectures. On a held-out test set the CNN achieves 98.1 % top-1, 99.4 % top-2 and 100 % top-3 accuracy. Transfer learning retains strong performance with as few as 13 samples per key. Pairing OCR-derived ground truth with acoustic CNN classification removes the labelling bottleneck that has limited previous ASCAs, and the transfer-learning stage makes the attack viable with minimal per-victim data. All code, trained models, and labelled datasets are released to support reproducible research.

Abstract: This paper introduces the concept of Omniscient Mathematics as a formal framework for analyzing the epistemological and computational limits of superintelligent systems operating in spaces of total information. Inspired by Jorge Luis Borges’ Library of Babel, the proposed framework investigates axiomatically environments in which all possible symbolic combinations already exist, including all true statements, false statements, mathematical proofs, scientific theories, and random structures. I demonstrate that the existence of total information does not imply the existence of accessible knowledge. In such environments, exhaustive search becomes computationally and physically infeasible due to combinatorial explosion, semantic entropy, and the impossibility of brute-force verification. Consequently, intelligence emerges not as a mechanism for generating information, but as a necessary process of semantic selection, compression, interpretation, and truth extraction. The paper formally distinguishes structural omniscience from cognitive omniscience, showing that possessing all possible information is fundamentally different from understanding or identifying meaningful knowledge within it. Based on this distinction, we establish the Theorem of the Necessary Emergence of Intelligence, demonstrating that intelligent agents necessarily arise whenever informational spaces become sufficiently large, dense, or combinatorially complete. The proposed theory establishes deep connections between information theory, computability, artificial intelligence, semantic search, and superintelligence. Furthermore, it suggests that future superintelligent systems will not primarily depend on infinite storage or exhaustive computation, but rather on increasingly efficient mechanisms for semantic navigation in spaces of extreme informational complexity. The results provide a new theoretical perspective on the nature of intelligence, knowledge discovery, and the fundamental limits of artificial superintelligence.

Abstract: Rare and safety-critical traffic situations remain challenging for autonomous driving (AD) because they are poorly represented in common training data and may include objects outside standard detector classes. This paper presents a real-time RGB-LiDAR fusion framework for detecting and reacting to rare traffic situations in CARLA. The approach combines YOLOv8-based RGB perception, bird’s-eye-view (BEV) LiDAR clustering, decision-level fusion, an interpretable rule-based safety agent with hysteresis, and an automatic emergency braking (AEB) override. Fused observations are classified as semantic-geometric detections, semantic-only detections, or geometric-only obstacle candidates, where unmatched LiDAR clusters are treated conservatively as candidate-level physical evidence. The framework was evaluated on three CARLA maps and 3CSim-inspired corner-case scenarios, comprising 19253 frames. On a manually annotated subset of 1200 frames, the full pipeline achieved 93.7% precision, 94.7% recall, and a 94.2% F1-score. The CPU implementation processed one frame in 34.7 ms on average, remaining within the 50 ms budget of a 20 Hz simulation tick.

Abstract: The unauthorized internal movement of classified documents represents a significant threat to information security because it compromises accountability, traceability, and document control mechanisms. This case study examines a fictional but operationally realistic incident involving the informal transfer of a NATO “Confidential” document within a Portuguese government institution. The document was moved between departments without a transfer form, prior authorization, receipt, or signature, with poor registry update, resulting in a six-day discrepancy between the document's physical location and its recorded location in the Central Registry. Using a technical-operating approach, the study analyses the sequence of events, identifies procedural failures, evaluates the resulting risks, and examines their impact on the chain of custody and organization accountability. Attention is given to the risks of document loss, unauthorized access, registry inaccuracy, and weakened auditability. The study proposes a formal document movement framework based on mandatory transfer documentation, centralized real-time recording, dual validation by sender and receiver, return deadlines, automated escalation mechanisms, and periodic audits. The findings demonstrate that effective protection of classified information depends not only on regulatory requirements but also on the consistent application of enforceable procedural controls capable of preventing and rapidly detecting non-compliant document movements.

Abstract: Agent identity governance is advancing, though core agent identity and authorization questions remain unresolved: existing frameworks provision, authenticate, authorize, and retire non-human and agentic identities, governing the agent’s identity, credentials, and lifecycle while assuming the composition an agent was approved with remains the composition it runs with. This paper argues that assumption is the open seam. An agent’s effective composition—its tools, data sources, delegated authorities, policies, and child agents—is a runtime supply chain of capability, and that supply chain drifts. We introduce composition drift as the departure of an agent’s effective composition from the terms of its approval, and isolate its most consequential form, compositional drift: the accumulation of individually approved changes into capability that none authorized alone. We formalize this with a two-stage operator: a component-level diff detects that the composition changed (component divergence); a capability-closure stage detects when the change authorized something new (compositional drift)—a qualitative boundary, not a numeric threshold. The contribution is not the observation that approved changes can combine dangerously—long known to authorization security—but a temporal governance model for approved composition drift in agentic systems, linking emergent capability to reauthorization and inventory reconciliation. This drift produces shadow infrastructure: resources provisioned outside any inventory through benign, individually approved pathways. We propose composition attestation, a runtime composition-control layer complementary to identity governance. Paired positive and negative scenarios show the model discriminates, not labels. We bound our claims: the model establishes the phenomenon by construction and claims no deployment efficacy.

Abstract: Circumscription is a classical non-monotonic formalism in which selected atoms are minimized while other atoms are fixed or allowed to vary. For propositional clause theories, checking whether a candidate interpretation is a circumscription model amounts to a global minimality test. We study this checking problem through the minimal reduct of the candidate interpretation. The reduct turns the global test into a residual entailment problem; we then decompose that entailment problem along the collapsed negative dependency graph. The checker verifies source components over their ancestor scopes, contracts atoms whose obligations have been certified, and records certificate fragments that refer back to clauses of the original input theory. We give two exact local certification strategies: a direct SAT check and a MUS-based extraction procedure. Experiments on solved random 3CNF instances and industrial CNF instances show that the decomposition-based checker agrees with the global reduct baseline and that its certificates can be replayed. The MUS variant produces much smaller supports, but it also spends more time on extraction.

Abstract: Few-shot domain adaptation (FSDA) has become a key approach for cross-domain intrusion detection, enabling models to leverage limited labeled target data under distribution shift. While a wide range of adaptation methods have been proposed, their effectiveness often varies significantly across different transfer scenarios, leading to inconsistent performance and limited interpretability. In this work, it is argued that such variability stems from an overlooked factor: transfer difficulty. This study proposes a transfer-difficulty-aware perspective on FSDA and shows that adaptation behavior is fundamentally dependent on cross-domain compatibility rather than solely on intrinsic domain structure. To this end, a distinction is made between intra-domain separability, which characterizes the internal structure of each domain, and transfer difficulty, which captures how well source-derived representations generalize to the target domain. A set of asymmetric transferability metrics is introduced to quantify this phenomenon and accompanied by a systematic analysis across multiple transfer directions. The results reveal that a domain with strong internal separability does not necessarily yield easy transfer, highlighting that intra-domain structure alone is insufficient to explain cross-domain performance. Furthermore, it is shown that different adaptation strategies exhibit distinct behaviors depending on transfer difficulty: target-only few-shot learning is effective in low-difficulty settings, whereas alignment-based approaches become essential in high-difficulty scenarios. These findings explain the inconsistent performance of existing methods and suggest that domain adaptation should be treated as a transfer-dependent problem rather than a uniform strategy. Ultimately, this work offers both theoretical insights and practical guidance for designing robust cross-domain intrusion detection systems.

Abstract: To assess how Bayesian network structures are built and learned in applied work, we screened 5,993 recent papers (2020-2025) whose abstracts mention “Bayesian (belief) network” and deemed 3,661 relevant. Among these relevant papers, expert knowledge was used in 2,059 papers (56.2%): 1,785 (48.8%) relied on expert knowledge alone, whereas 274 (7.5%) combined expert input with algorithmic structure learning through edge modification or structural constraints. Data sharing was scarce: only 129 studies (3.5%) provided functional dataset links, which we curated into an open benchmark index. These findings support a data-first norm: share datasets, prefer automatic structure-learning baselines, and document expert input. Among 1,106 papers (30.2%) using algorithms without expert knowledge, score-based flags were most common (797, 72.1%; mainly hill climbing, K2, and tabu), followed by constraint-based methods (194, 17.5%; mainly PC and Grow-Shrink), fixed or restricted-topology BN classifiers (143, 12.9%; mainly TAN and naive Bayes), and hybrid methods (131, 11.8%; mainly MMHC); bootstrapping appeared in 223 papers (6.1%). Reported practice remains concentrated around familiar algorithms.

Abstract: LLM-based agents increasingly interact with external environments through terminal command execution, yet existing surveys have rarely treated the terminal itself as a primary analytical object. This survey examines terminal agents, namely systems whose task progress depends on iterative command execution, textual feedback, and stateful terminal command interaction, and clarifies their boundaries with adjacent categories such as software-engineering agents, GUI- or browser-based computer-use agents, and CLI-packaged assistants. Through a substrate-centered lens, we systematize the literature around architectures and outer-loop design patterns, competence acquisition through executable environments, command--observation trajectories, and post-training, and evaluation protocols for terminal-mediated capabilities. Across systems, acquisition pipelines, and benchmarks, the synthesis shows that outer-loop design is not an implementation detail but a first-class variable that materially shapes measured performance. The evidence further indicates that terminal competence is multi-dimensional, spanning how agents formulate actions, interpret feedback, manage runtimes, track state and context, verify progress, recover from failures, and control side effects, rather than reducible to a single capability ranking. Current evidence remains concentrated in software engineering, while cross-domain transfer, model-versus-scaffold attribution, reliable recovery in mutable environments, and process-level evaluation remain underdeveloped. The survey provides an evidence-calibrated map of established findings, emerging practices, and unresolved challenges for terminal agents.

Abstract: We construct a k-shadow complex Δ_k(N) from the nerve N of a convex sensor cover. We prove that the region covered by at least k sensors is homotopy equivalent to Δ_k(N), recovering the usual nerve-based coverage test when k=1 and giving a direct combinatorial method for redundant coverage. A synthetic network computation for k=1,2 agrees with direct geometric sampling, and the scripts and data are supplied for reproduction.

Abstract: Intelligence analysts are increasingly able, and required, to consume and interpret outputs generated by artificial intelligence (AI) enabled tools — yet most receive little training in what these outputs actually represent, or how these might be robustly evaluated. This primer addresses that gap. It argues that analysts do not need to know how to develop or operate AI tools in order to use these tools’ outputs critically and judiciously. But they do need sufficient conceptual understanding, and foundational technical knowledge, to evaluate these outputs competently. Three principles provide the framework for this understanding: First, the distinction between AI-facilitated outputs – where automation improves the pace, scale and fidelity of data collection, processing and analytical procedures that analysts could otherwise perform; and AI-generated outputs – where many of the novel outputs generated by the semi-autonomous techniques involved could not have been produced by analysts working independently; Second, the critical difference between interpolative and extrapolative estimation and mechanistic prediction; and Third, the critical dependencies and substantive limitations that govern the reproducibility and practical utility of all AI-facilitated and AI-generated outputs. Together these principles constitute the technical and conceptual foundations of the AI literacy training that all-source intelligence analysts should receive – the case for which is presented in a companion piece to this article.

Abstract: This paper presents a structured technical-operational case study concerning the improper use of a personal mobile device within a classified communications operations centre. The scenario examines an incident in which an operator connected a personal mobile phone to a classified workstation through a USB interface, intending only to charge the device. However, the workstation operating system automatically mounted the device and established an unauthorised data communication interface. A later routine audit identified evidence of a data transfer between the classified workstation and the personal device, raising concerns regarding potential exposure of classified information. The investigation was significantly constrained by the absence of real-time connection logs, device authentication records, a complete audit trail, and a documented chain of custody for any data potentially transferred. The analysis identifies technical, procedural, and human failures, including unrestricted USB ports, lack of removable media control, insufficient logging, absence of formal personal device policies, and inadequate operator awareness. Corrective and preventive measures are proposed across access control, media protection, monitoring, incident response, evidence preservation, and auditable compliance. The expected outcome of these measures is the restoration of operational control, the enforcement of accountability, the strengthening of continuous monitoring, and the establishment of verifiable evidence that classified information is handled in accordance with security requirements. As a simulated and anonymised scenario, the case does not involve real classified information but provides a transferable model for analysing comparable risks in sensitive or regulated environments. The findings are particularly relevant for critical systems environments, where the improper connection of personal mobile devices to classified workstations may affect operational continuity, resilience, accountability, auditability, and the protection of sensitive or classified information.

Abstract: This narrative review examines algorithmic accountability and continuous audit in high-risk public AI systems. Public-sector AI systems are increasingly used in areas such as criminal justice, healthcare, welfare, migration, taxation, education, and public security, where automated or semi-automated outputs may affect rights, access to services, liberty, welfare, and public trust. Rather than presenting original empirical data, this review synthesises interdisciplinary literature, regulatory instruments, standards, and documented public-sector AI cases to identify recurring accountability gaps. The review argues that transparency and compliance-oriented documentation are necessary but insufficient for high-risk public AI systems. Public institutions require audit-ready governance structures capable of linking system design, data provenance, model behaviour, human oversight, monitoring, redress, and institutional responsibility. The article proposes an audit-ready accountability perspective in which algorithmic systems are assessed as sociotechnical infrastructures rather than isolated technical tools. The review concludes that continuous audit, traceability, contestability, and post-deployment monitoring are essential conditions for accountable public-sector AI.

Abstract: Artificial intelligence (AI) is rapidly reshaping how information is collected, processed and analyzed by intelligence agencies. There is therefore a pressing need for foundational AI literacy training to ensure intelligence analysts become confident consumers of the outputs that AI-enabled tools can provide – but not for the specialised computational and statistical training required to become accomplished designers, builders or operators of such tools. AI literacy training should distinguish between: AI-facilitated outputs, where automated collection, processing and analytical workflows can improve the consistency and efficiency of tasks that analysts themselves could perform; and AI-generated outputs, where semi-autonomous computational techniques can prompt unprecedented insights into hitherto, and in some cases previously unknowable, dataset features – insights that nonetheless entail dependencies and limitations requiring careful consideration and evaluation. Drawing on influential policy reports and academic articles exploring the potential utility of AI within intelligence analysis, this paper concludes that the transition to fully AI-enabled analytical capability demands a substantive expansion in AI literacy training; the technical and conceptual foundations of which have been summarized in a companion piece to this article.

Abstract: This paper presents a study on the use of a microservices-based composite architecture for building a digital twin. It substantiates the importance of consciously choosing an architecture for a digital twin system. It proposes considering the twin as a high-order, multi-agent, distributed system that incorporates similar systems. It proposes using a microservices-based composite architecture as the foundation for building such systems. The key aspects and advantages of using such an architecture are described, noting its flexibility, scalability, and integrability with existing solutions. Potential for reducing cognitive complexity and building a conveyor-based organization for the production of the system itself is highlighted. A digital twin architecture is proposed, accompanied by a diagram and additional clarification of internal rules. The need for system components to comply with a number of responsibilities for the correct operation of such architectures is noted: contract persistence, environmental persistence, responsibility persistence, versioned changes persistence, and documentation completeness persistence. The possibility of using Domain-Driven Design (DDD) as a basis for dividing the system into subsystems is separately noted.

Abstract: We present PetroAgents, a multi-agent, multi-modal large-language-model framework for petroleum-engineering reasoning on the Equinor Volve open dataset. The target architecture mirrors an integrated asset team: discipline-specific evidence surfaces, cross-examination, a Council Synthesiser, distributional well-action proposals, and risk review. Read as an agent-design pattern map, the architecture is organised around the seven cognitive functions of a language agent, with the per-discipline evidence lock as its governance layer; four functions are implemented and evaluated in this submission and three are specified as design. The current quantitative evidence is narrower by design. We specify Volve Bench, a six-task Volve benchmark suite spanning DRILL-NPT root-cause attribution, formation top picking, six-month production forecasting, stuck-pipe early warning, multi-modal Discovery-Report QA, and per-wellbore lifecycle forensic analysis over 26 wellbores, 1,759 daily drilling reports, 56 million WITSML rows, 602 LAS files, 5.7 million horizon points, and a decade of production. This submission reports two landed evidence slices: a three-seed DRILL-NPT study on stratified samples drawn from a 1,750-example pool, and a 12-question DISCOVERY-QA smoke test on three rendered pages of the 194-page Hugin Discovery Report. Every reported LLM call goes through a local OpenAI-compatible gateway using locally-hosted open weights (GPT-OSS-120B, Qwen3.6-35B, Gemma-4-31B, MiniMax-M2.7, Qwen3-VL-235B-FP8); no paid frontier API is invoked. On DRILL-NPT, the four-family vote attains macro-F1 0.464 ± 0.012 on the broad all-wellbore sample and 0.442 ± 0.019 on the WITSML-applicable subset. The Drilling+HSE+Council path lifts WITSML-applicable macro-F1 by +0.048 over the single-LLM baseline, but the paired test is not significant at three seeds (p = 0.22), so we report it as directional evidence rather than a settled win. A same-subset evidence-redaction ablation shows that exposing state_detail and proprietary_code lifts B1 from 0.355 to 0.431 macro-F1, quantifying how much of DRILL-NPT is label-code leakage rather than prose reasoning. On DISCOVERY-QA, Qwen3-VL reading rendered page images reaches a 0.958 keyword-hit score versus 0.792 for GPT-OSS-120B reading pdftotext, a bounded +16.7 percentage-point lift concentrated on figure annotations and OCR-damaged numerics.

Abstract: There is a worldwide danger of fire incidents that can lead to significant destruction of lives and property, especially in urban and smart cities. Existing fire and smoke detection systems are often inadequate for detecting the location of a fire, assessing the speed of its spread, and providing real-time alerts that can be acted upon quickly. This study proposes a method termed SmartFire Vision, which uses a hybrid deep-learning framework consisting of an Efficient Vision Transformer (E-ViT) and a Detection Transformer (DETR) for real-time fire and smoke detection from video sequences. A major contribution of this study is the integration of a new Removing Inefficient Attention Heads (RIAH) pruning strategy to reduce the computational overhead and maintain a global context in the ViT encoder. The E-ViT and DETR feature representations were fused and passed to a fully connected classification head enhanced with a probabilistic thresholding function and an integrated alarm system. The proposed model was trained and evaluated using the FURG fire benchmark dataset, which comprises 28,022 annotated frames. The proposed model achieved an overall accuracy of 91.37%, precision of 88.55%, recall of 85.27%, and F1-score of 86.64%, surpassing the current state-of-the-art methods. The SmartFire Vision framework provides a highly capable and computationally efficient means of fire detection and is particularly beneficial for CCTV-based smart city surveillance, with a high likelihood of deployment in edge devices in the future.

Abstract: This paper studies the Liouville-correlation route to the Riemann Hypothesis by separating two issues that are often treated together. We show that, for all sufficiently large X, the collar-scale bound for Σ_n≤Y λ(n)λ(n + h) cannot follow from boundedness of the coefficients alone: an explicit bounded sequence forces the corresponding correlation energy above the required scale by a fixed power of X. We also show that a fixed-endpoint spectral large sieve bound upgrades to a maximal-endpoint bound with no power loss, so the moving endpoint is not the source of the difficulty. The remaining problem is therefore a genuinely signed Liouville estimate, stated here as a precise hypothesis and shown to imply the Riemann Hypothesis; the purpose of the paper is to isolate that arithmetic estimate and rule out the coefficient-uniform shortcut, not to present a proof of the hypothesis itself.

Abstract: World Action Models (WAMs) are embodied predictive-action models that make a forecast of the future available to action. Recent WAMs repurpose large video generation models, and a parallel line relies on language or vision-language backbones without a video-generation core. This rapid expansion has blurred the boundary among broad world models, video generation models, action-grounded video world models, Vision-Language-Action policies, and WAMs. This survey gives the field a common account. It first clarifies these boundaries, then organizes existing works through two complementary views. The first view asks what each method is required to generate, spanning rendered futures, latent futures, and video-generation-free action reasoning. The second view decomposes each method by predictive substrate, backbone, action coupling, and deployment regime. This anatomy supports a unified discussion of interactability, causality, persistence, physical plausibility, and generalization, followed by data, evaluation, and open challenges. Across these axes, a consistent design pattern emerges: WAMs are not simply video generators with action heads, but predictive-action methods whose design choices trade representational richness against compute, memory, latency, and action-label cost. The field is moving toward methods that generate less of the future while preserving what control requires. The survey homepage is available at https://world-action-models.github.io/.

Abstract: State-level health resource systems require timely and robust prediction models; nonetheless, they face the persistent issue of declining model effectiveness due to continuously changing data distributions (data drift). This issue is particularly pronounced in markedly imbalanced classification tasks, such as predicting rare yet critical events like Sickle Cell Crisis. This research introduces an Evolving AI-Driven Ensemble Learning Framework that integrates advanced ensemble methods (stacking XGBoost, Deep Neural Network, and Random Forest with a meta-learner) alongside novelty detection employing the F1-Score. Sophisticated feature engineering techniques, including automated feature selection through evolutionary algorithms and meta-learning (MAML), are employed to handle complex, high-dimensional health data. We simulated real-time data drift and performed empirical assessments on a reactive re-training method enhanced by ensemble stacking. The technique successfully validated its novelty detection, as the F1-Score consistently and significantly remained below the adaptation threshold in response to drift. The enhanced ensemble and feature engineering mitigated the shortcomings of basic adaption methods, resulting in a 10% gain in F1-Score and a 15% improvement in Precision compared to the original model after five re-training iterations. This outcome demonstrates that optimised ensemble learning and automated feature engineering improve model stability and maintain accuracy for minority classes in complex data environments. A resolved runtime issue in the SHAP explainability layer improves model transparency in pipeline development. This study substantiates the necessity for intelligent control systems, specifically Meta-Learning for precise feature updates and Reinforcement Learning (RL) for the dynamic development of optimal adaptation policies, thus ensuring the framework's effectiveness as a dependable and truly autonomous system in public health.