Pub Date : 2026-01-30DOI: 10.1016/j.compeleceng.2026.110999
Erzhou Zhu, Xiangshan Qu, Xiaohan Liu, Xuejian Li
Deep learning is widely used in vulnerability detection due to its high accuracy. However, existing models often fail to capture both token-level and function-level features. To address this limitation, a BERT-based Multi-Granularity Attention Network (BMGANet) is proposed. In the BMGANet model, Program Dependence Graphs (PDGs) are first constructed using the Joern tool, and Abstract Syntax Trees (ASTs) are extracted according to predefined vulnerability rules. Cross-user-defined-function program slicing and code normalization are then applied to enhance analysis efficiency. Processed code slices are fed into a BERT network to extract initial token-level and function-level features. To overcome BERT’s limitation in modeling temporal dependencies, an LSTM network and a multi-head attention mechanism are sequentially employed to refine token-level features. The refined token-level features are then fused with function-level features for accurate vulnerability detection. Two pretraining tasks, namely the dynamic masked token prediction and the inter-code-line logical correlation prediction, are introduced to strengthen the model’s ability to handle semantic gaps and weak logical connections. Experimental results on both synthetic and real-world datasets show that BMGANet outperforms state-of-the-art methods.
{"title":"BMGANet: A deep learning model for source code vulnerability detection by integrating token-level and function-level features","authors":"Erzhou Zhu, Xiangshan Qu, Xiaohan Liu, Xuejian Li","doi":"10.1016/j.compeleceng.2026.110999","DOIUrl":"10.1016/j.compeleceng.2026.110999","url":null,"abstract":"<div><div>Deep learning is widely used in vulnerability detection due to its high accuracy. However, existing models often fail to capture both token-level and function-level features. To address this limitation, a BERT-based Multi-Granularity Attention Network (BMGANet) is proposed. In the BMGANet model, Program Dependence Graphs (PDGs) are first constructed using the Joern tool, and Abstract Syntax Trees (ASTs) are extracted according to predefined vulnerability rules. Cross-user-defined-function program slicing and code normalization are then applied to enhance analysis efficiency. Processed code slices are fed into a BERT network to extract initial token-level and function-level features. To overcome BERT’s limitation in modeling temporal dependencies, an LSTM network and a multi-head attention mechanism are sequentially employed to refine token-level features. The refined token-level features are then fused with function-level features for accurate vulnerability detection. Two pretraining tasks, namely the dynamic masked token prediction and the inter-code-line logical correlation prediction, are introduced to strengthen the model’s ability to handle semantic gaps and weak logical connections. Experimental results on both synthetic and real-world datasets show that BMGANet outperforms state-of-the-art methods.</div></div>","PeriodicalId":50630,"journal":{"name":"Computers & Electrical Engineering","volume":"132 ","pages":"Article 110999"},"PeriodicalIF":4.9,"publicationDate":"2026-01-30","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"146080148","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":3,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
With the advancement of technology, cyberattacks on Internet-based services such as email, e-commerce, social networking, and electronic healthcare are increasing. Since many of these services are accessed through URLs, they have become a primary source for cyberattacks, including phishing and malware. Anti-Phishing Working Group (APWG) reported nearly 1 million phishing attacks in the first quarter of 2025. Early detection of malicious URLs is therefore critical to preventing these threats. Therefore, an efficient detection of malicious URLs is an emerging research problem. However, most ML/DL-based studies focus on overall model accuracy and tend to be biased towards majority classes in imbalanced datasets. In this paper, we propose a machine learning-based malicious URL detection framework specifically designed for imbalanced datasets. We use the ISCX-URL2016 dataset to evaluate model performance across multiple ML algorithms and classbalancing techniques. Our proposed framework, combining the LightGBM classifier with ADASYN oversampling, achieves 99.76% accuracy in multi-class and 99.92% in binary classification. Notably, it shows a 5.93% improvement in detecting phishing URLs, a minority class in the dataset, over existing models. A significant achievement of our approach is its uniform performance across all classes, effectively reducing bias towards majority classes, while existing models fail to achieve it, particularly minority classes. We also validated the proposed model using recent datasets. We further evaluate the framework using various feature selection techniques, demonstrating its effectiveness with fewer features. Additionally, we perform statistical significance testing to validate the reliability of our model, confirming its suitability for real-world applications.
{"title":"A framework for handling class imbalance in malicious URL dataset","authors":"K.G. Raghavendra Narayan , Srijanee Mookherji , Vanga Odelu , Rajendra Prasath","doi":"10.1016/j.compeleceng.2026.111004","DOIUrl":"10.1016/j.compeleceng.2026.111004","url":null,"abstract":"<div><div>With the advancement of technology, cyberattacks on Internet-based services such as email, e-commerce, social networking, and electronic healthcare are increasing. Since many of these services are accessed through URLs, they have become a primary source for cyberattacks, including phishing and malware. Anti-Phishing Working Group (APWG) reported nearly 1 million phishing attacks in the first quarter of 2025. Early detection of malicious URLs is therefore critical to preventing these threats. Therefore, an efficient detection of malicious URLs is an emerging research problem. However, most ML/DL-based studies focus on overall model accuracy and tend to be biased towards majority classes in imbalanced datasets. In this paper, we propose a machine learning-based malicious URL detection framework specifically designed for imbalanced datasets. We use the ISCX-URL2016 dataset to evaluate model performance across multiple ML algorithms and classbalancing techniques. Our proposed framework, combining the LightGBM classifier with ADASYN oversampling, achieves 99.76% accuracy in multi-class and 99.92% in binary classification. Notably, it shows a 5.93% improvement in detecting phishing URLs, a minority class in the dataset, over existing models. A significant achievement of our approach is its uniform performance across all classes, effectively reducing bias towards majority classes, while existing models fail to achieve it, particularly minority classes. We also validated the proposed model using recent datasets. We further evaluate the framework using various feature selection techniques, demonstrating its effectiveness with fewer features. Additionally, we perform statistical significance testing to validate the reliability of our model, confirming its suitability for real-world applications.</div></div>","PeriodicalId":50630,"journal":{"name":"Computers & Electrical Engineering","volume":"132 ","pages":"Article 111004"},"PeriodicalIF":4.9,"publicationDate":"2026-01-30","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"146080161","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":3,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2026-01-30DOI: 10.1016/j.compeleceng.2026.110987
Qian Zheng , Yuyan Han , Yuting Wang , Daqing Liu , Mingxiao Ma , Leilei Meng
This paper investigates the Hybrid Flow Shop Scheduling Problem with Batch Processing Machines and Variable Sublots (HFSP-BVS), considering sequence-dependent setup times and transportation times, with the objective of minimizing total tardiness. The complexity of HFSP-BVS lies in the tight coupling among lot sequencing, lot splitting, and machine assignment, making it highly challenging in modern manufacturing environments. To address this problem, a Mixed-Integer Linear Programming (MILP) model is formulated and validated using the Gurobi solver. Subsequently, a hybrid algorithm, MADDQN_IG, is proposed by integrating the Multi-Agent Double Deep Q-Network (MADDQN) with Iterated Greedy (IG). The algorithm incorporates four key components: (1) a triple two-layer initialization strategy; (2) a dual-layer destruction-reconstruction parameter selection agent; (3) a local search strategy selection agent; and (4) a multi-agent DDQN construction and training process. These elements are embedded within a unified framework to enhance search efficiency and optimization depth. Extensive computational experiments on 100 benchmark instances demonstrate that MADDQN_IG consistently outperforms existing advanced algorithms (NCIG, QABC, vCCEA, GA), achieving superior solution quality and robustness within limited computation time. Specifically, under three termination criteria (δ = 100, 200, 300), MADDQN_IG improves the ARDI by 78.57%–98.57% and ranks first in the Friedman test, confirming the effectiveness and adaptability of the proposed framework.
本文研究了具有批处理机和可变子批的混合流水车间调度问题,考虑了顺序相关的设置时间和运输时间,以最小化总延误为目标。HFSP-BVS的复杂性在于批排序、批拆分和机器分配之间的紧密耦合,这使得它在现代制造环境中极具挑战性。为了解决这个问题,提出了一个混合整数线性规划(MILP)模型,并使用Gurobi求解器进行了验证。随后,将Multi-Agent Double Deep Q-Network (MADDQN)算法与迭代贪婪(IG)算法相结合,提出了一种混合算法MADDQN_IG。该算法包含四个关键部分:(1)三层两层初始化策略;(2)双层破坏重建参数选择剂;(3)局部搜索策略选择代理;(4)多智能体DDQN构建和训练过程。这些元素被嵌入到一个统一的框架中,以提高搜索效率和优化深度。在100个基准实例上的大量计算实验表明,MADDQN_IG持续优于现有的高级算法(NCIG、QABC、vCCEA、GA),在有限的计算时间内实现了卓越的解质量和鲁棒性。具体而言,在三个终止准则(δ = 100,200,300)下,MADDQN_IG将ARDI提高了78.57%-98.57%,在Friedman检验中排名第一,证实了所提框架的有效性和适应性。
{"title":"Optimization of hybrid flow shop scheduling with batch processing and variable sublots via a multi-agent deep reinforcement learning–guided hybrid algorithm","authors":"Qian Zheng , Yuyan Han , Yuting Wang , Daqing Liu , Mingxiao Ma , Leilei Meng","doi":"10.1016/j.compeleceng.2026.110987","DOIUrl":"10.1016/j.compeleceng.2026.110987","url":null,"abstract":"<div><div>This paper investigates the Hybrid Flow Shop Scheduling Problem with Batch Processing Machines and Variable Sublots (HFSP-BVS), considering sequence-dependent setup times and transportation times, with the objective of minimizing total tardiness. The complexity of HFSP-BVS lies in the tight coupling among lot sequencing, lot splitting, and machine assignment, making it highly challenging in modern manufacturing environments. To address this problem, a Mixed-Integer Linear Programming (MILP) model is formulated and validated using the Gurobi solver. Subsequently, a hybrid algorithm, MADDQN_IG, is proposed by integrating the Multi-Agent Double Deep Q-Network (MADDQN) with Iterated Greedy (IG). The algorithm incorporates four key components: (1) a triple two-layer initialization strategy; (2) a dual-layer destruction-reconstruction parameter selection agent; (3) a local search strategy selection agent; and (4) a multi-agent DDQN construction and training process. These elements are embedded within a unified framework to enhance search efficiency and optimization depth. Extensive computational experiments on 100 benchmark instances demonstrate that MADDQN_IG consistently outperforms existing advanced algorithms (NCIG, QABC, vCCEA, GA), achieving superior solution quality and robustness within limited computation time. Specifically, under three termination criteria (<em><strong>δ</strong></em> = 100, 200, 300), MADDQN_IG improves the ARDI by 78.57%–98.57% and ranks first in the Friedman test, confirming the effectiveness and adaptability of the proposed framework.</div></div>","PeriodicalId":50630,"journal":{"name":"Computers & Electrical Engineering","volume":"132 ","pages":"Article 110987"},"PeriodicalIF":4.9,"publicationDate":"2026-01-30","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"146080167","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":3,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2026-01-30DOI: 10.1016/j.compeleceng.2026.110994
Mays Abukeshek , Mohammed Al-Mhiqani , Simon Parkinson , Saad Khan , George Bearfield
The rapid digitalisation unfolding in railway systems poses new cybersecurity concerns, thereby requiring solutions that will take the necessary steps to defend against tangible emerging threats. This study aims to systematically review the current cybersecurity research landscape within railway systems. Using a systematic protocol, we comprehensively searched five key online databases: IEEE Xplore, Web of Science, Scopus, ACM, and ScienceDirect. These online databases are recognised for their overall broad coverage and the exhibition of relevance to this study's purpose. Our systematic selection process, facilitated through a predetermined set of inclusion and exclusion criteria, resulted in 114 relevant articles. Among them, 51.8% of the articles reviewed also addressed Control System Security Solutions, while 14% of the articles examined Network Security Solutions, and 12.3% addressed Data Protection and Privacy Solutions. 7% of the articles studied Awareness and Training Solutions, while the remaining 14.9% adopted other approaches. Results identified several significant gaps and challenges relating to railway cybersecurity research, which include issues relating to embracing critical technologies, confirming data privacy, and the need for ongoing education and training of railway workers. Additionally, the study indicated a lack of standardised performance measures and the use of testing datasets, which will impact confidence in measuring the effectiveness of cybersecurity solutions. Ultimately, this research paper advances understanding and contributions to the current railway cybersecurity research landscape, while providing critical recommendations for future research. Efforts towards enhancing international collaboration, adopting emergent technologies such as AI and Blockchain and prioritising education and awareness initiatives are some of the most critical emerging next steps related to cybersecurity and resilience of railway systems.
铁路系统的快速数字化发展带来了新的网络安全问题,因此需要采取必要措施来防御切实的新威胁的解决方案。本研究旨在系统回顾当前铁路系统内的网络安全研究现状。使用系统协议,我们全面检索了五个关键在线数据库:IEEE Xplore, Web of Science, Scopus, ACM和ScienceDirect。这些在线数据库因其全面广泛的覆盖范围和与本研究目的相关的展示而得到认可。我们通过一套预先确定的纳入和排除标准,进行了系统的选择过程,产生了114篇相关文章。其中,51.8%的文章涉及控制系统安全解决方案,14%的文章涉及网络安全解决方案,12.3%的文章涉及数据保护和隐私解决方案,7%的文章研究意识和培训解决方案,其余14.9%采用其他方法。结果确定了与铁路网络安全研究相关的几个重大差距和挑战,其中包括与采用关键技术、确认数据隐私以及对铁路工人进行持续教育和培训的必要性有关的问题。此外,该研究表明,缺乏标准化的性能衡量标准和测试数据集的使用,这将影响衡量网络安全解决方案有效性的信心。最后,本研究论文促进了对当前铁路网络安全研究格局的理解和贡献,同时为未来的研究提供了关键建议。努力加强国际合作,采用人工智能和区块链等新兴技术,优先开展教育和提高意识举措,是与网络安全和铁路系统弹性相关的一些最关键的后续步骤。
{"title":"Cybersecurity in intelligent railway systems: Taxonomy, research trends, challenges, and future directions","authors":"Mays Abukeshek , Mohammed Al-Mhiqani , Simon Parkinson , Saad Khan , George Bearfield","doi":"10.1016/j.compeleceng.2026.110994","DOIUrl":"10.1016/j.compeleceng.2026.110994","url":null,"abstract":"<div><div>The rapid digitalisation unfolding in railway systems poses new cybersecurity concerns, thereby requiring solutions that will take the necessary steps to defend against tangible emerging threats. This study aims to systematically review the current cybersecurity research landscape within railway systems. Using a systematic protocol, we comprehensively searched five key online databases: IEEE Xplore, Web of Science, Scopus, ACM, and ScienceDirect. These online databases are recognised for their overall broad coverage and the exhibition of relevance to this study's purpose. Our systematic selection process, facilitated through a predetermined set of inclusion and exclusion criteria, resulted in 114 relevant articles. Among them, 51.8% of the articles reviewed also addressed Control System Security Solutions, while 14% of the articles examined Network Security Solutions, and 12.3% addressed Data Protection and Privacy Solutions. 7% of the articles studied Awareness and Training Solutions, while the remaining 14.9% adopted other approaches. Results identified several significant gaps and challenges relating to railway cybersecurity research, which include issues relating to embracing critical technologies, confirming data privacy, and the need for ongoing education and training of railway workers. Additionally, the study indicated a lack of standardised performance measures and the use of testing datasets, which will impact confidence in measuring the effectiveness of cybersecurity solutions. Ultimately, this research paper advances understanding and contributions to the current railway cybersecurity research landscape, while providing critical recommendations for future research. Efforts towards enhancing international collaboration, adopting emergent technologies such as AI and Blockchain and prioritising education and awareness initiatives are some of the most critical emerging next steps related to cybersecurity and resilience of railway systems.</div></div>","PeriodicalId":50630,"journal":{"name":"Computers & Electrical Engineering","volume":"132 ","pages":"Article 110994"},"PeriodicalIF":4.9,"publicationDate":"2026-01-30","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"146080164","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":3,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2026-01-30DOI: 10.1016/j.compeleceng.2026.110933
Koosha Mohammad Hossein , Negar Rezaei , Ahmad Khonsari , Mahdi Dolati , Tooska Dargahi , Meisam Babaie
Modern connected vehicles continuously generate large volumes of data, enabling new data-sharing and monetization services while simultaneously raising serious concerns about privacy, access control, and scalability. Recent blockchain-based approaches improve transparency and user control, but often rely on coarse-grained access policies, costly symmetric key management, and limited scalability, making them unsuitable for realistic, high-volume vehicle data markets. Moreover, purely owner-centric access control may conflict with legitimate requirements from authorized third parties, such as manufacturers or regulatory authorities. In this paper, we propose a scalable, privacy-preserving framework for vehicle data sharing and monetization that combines blockchain-based smart contracts with attribute-based and identity-based encryption. The framework enables fine-grained, policy-driven access control while preserving data confidentiality and supporting authorized exceptional access when required. We evaluate the proposed design through security analysis and experimental measurements1, demonstrating that it achieves strong privacy guarantees with modest overhead and scales to realistic workloads.
{"title":"Blockchain-based user-centric privacy-preserving framework for vehicular data sharing and monetization","authors":"Koosha Mohammad Hossein , Negar Rezaei , Ahmad Khonsari , Mahdi Dolati , Tooska Dargahi , Meisam Babaie","doi":"10.1016/j.compeleceng.2026.110933","DOIUrl":"10.1016/j.compeleceng.2026.110933","url":null,"abstract":"<div><div>Modern connected vehicles continuously generate large volumes of data, enabling new data-sharing and monetization services while simultaneously raising serious concerns about privacy, access control, and scalability. Recent blockchain-based approaches improve transparency and user control, but often rely on coarse-grained access policies, costly symmetric key management, and limited scalability, making them unsuitable for realistic, high-volume vehicle data markets. Moreover, purely owner-centric access control may conflict with legitimate requirements from authorized third parties, such as manufacturers or regulatory authorities. In this paper, we propose a scalable, privacy-preserving framework for vehicle data sharing and monetization that combines blockchain-based smart contracts with attribute-based and identity-based encryption. The framework enables fine-grained, policy-driven access control while preserving data confidentiality and supporting authorized exceptional access when required. We evaluate the proposed design through security analysis and experimental measurements<span><span><sup>1</sup></span></span>, demonstrating that it achieves strong privacy guarantees with modest overhead and scales to realistic workloads.</div></div>","PeriodicalId":50630,"journal":{"name":"Computers & Electrical Engineering","volume":"132 ","pages":"Article 110933"},"PeriodicalIF":4.9,"publicationDate":"2026-01-30","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"146080160","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":3,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2026-01-29DOI: 10.1016/j.compeleceng.2026.110975
Ayush Purwar , Risha Mal , Saheli Ray
Brushless DC motors controlled using conventional 120° electronic commutation schemes exhibit stator current discontinuities during phase commutation, resulting in torque ripple that leads to flow fluctuations, noise, and vibration in aqua-pumping applications. This paper proposes a Hall-sensored 180° electronic commutation scheme implemented as a simplified six-step logic using Boolean Disjunctive Normal Form (DNF), enabling extended-angle conduction while avoiding the implementation complexity of zero-crossing detection (every 60° electrical) required in sensorless methods. A new multi-stage off-grid solar photovoltaic array (SPA)-powered pumping system assisted by twin-battery storage is presented, incorporating a two-phase direct-coupled interleaved boost (2P-DCIB) converter to raise the SPA voltage to 310 V at the DC link, achieving a voltage gain of 2 at a duty cycle of 0.327. To manage dynamic irradiance conditions, an ANN-based MPPT employing alternative inputs (error Er and change in error ΔEr) is formulated to accelerate tracking, eliminate the need for dataloggers required by conventional-input ANN MPPTs, and remove the complex manual tuning associated with fuzzy rule-based approaches. This work further introduces a Twin Battery Storage Control (TBSC) scheme that coordinates the master and secondary battery stacks through parallel-active bidirectional converters. The TBSC enforces state-of-charge limits (15 % ≤ SoC ≤ 95 %), corresponding to an effective 80 % depth of discharge, and provides protection against overcharging and over-discharging while simultaneously addressing DC-link voltage deviations typically observed with conventional controllers during protective actions. The scheme stabilizes the DC-link voltage with near-zero deviation, ensuring rated motor operation even under extreme conditions. The effectiveness of the proposed control strategies in suppressing peak-to-peak and RMS torque ripple and maintaining tight DC-link voltage regulation is demonstrated through MATLAB/Simulink simulations and validated using real-time digital simulations on the OPAL-RT OP4510 platform. Comparative evaluation against existing commutation and MPPT techniques confirms the performance improvements achieved by the proposed system.
{"title":"Torque ripple suppression in a BLDC driven solar-fed aqua pumping system integrating an ANN-Based MPPT controlled coupled interleaved boost converter","authors":"Ayush Purwar , Risha Mal , Saheli Ray","doi":"10.1016/j.compeleceng.2026.110975","DOIUrl":"10.1016/j.compeleceng.2026.110975","url":null,"abstract":"<div><div>Brushless DC motors controlled using conventional 120° electronic commutation schemes exhibit stator current discontinuities during phase commutation, resulting in torque ripple that leads to flow fluctuations, noise, and vibration in aqua-pumping applications. This paper proposes a Hall-sensored 180° electronic commutation scheme implemented as a simplified six-step logic using Boolean Disjunctive Normal Form (DNF), enabling extended-angle conduction while avoiding the implementation complexity of zero-crossing detection (every 60° electrical) required in sensorless methods. A new multi-stage off-grid solar photovoltaic array (SPA)-powered pumping system assisted by twin-battery storage is presented, incorporating a two-phase direct-coupled interleaved boost (2P-DCIB) converter to raise the SPA voltage to 310 V at the DC link, achieving a voltage gain of 2 at a duty cycle of 0.327. To manage dynamic irradiance conditions, an ANN-based MPPT employing alternative inputs (error E<sub>r</sub> and change in error ΔE<sub>r</sub>) is formulated to accelerate tracking, eliminate the need for dataloggers required by conventional-input ANN MPPTs, and remove the complex manual tuning associated with fuzzy rule-based approaches. This work further introduces a Twin Battery Storage Control (TBSC) scheme that coordinates the master and secondary battery stacks through parallel-active bidirectional converters. The TBSC enforces state-of-charge limits (15 % ≤ SoC ≤ 95 %), corresponding to an effective 80 % depth of discharge, and provides protection against overcharging and over-discharging while simultaneously addressing DC-link voltage deviations typically observed with conventional controllers during protective actions. The scheme stabilizes the DC-link voltage with near-zero deviation, ensuring rated motor operation even under extreme conditions. The effectiveness of the proposed control strategies in suppressing peak-to-peak and RMS torque ripple and maintaining tight DC-link voltage regulation is demonstrated through MATLAB/Simulink simulations and validated using real-time digital simulations on the OPAL-RT OP4510 platform. Comparative evaluation against existing commutation and MPPT techniques confirms the performance improvements achieved by the proposed system.</div></div>","PeriodicalId":50630,"journal":{"name":"Computers & Electrical Engineering","volume":"132 ","pages":"Article 110975"},"PeriodicalIF":4.9,"publicationDate":"2026-01-29","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"146080166","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":3,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2026-01-28DOI: 10.1016/j.compeleceng.2025.110929
Manal Gafar , Saied M. Abd El-atty , Mohamed S Arafa
The convergence of Software-Defined Networking (SDN) with the Internet of Things (IoT) has introduced powerful programmability but also exposed critical vulnerabilities, particularly to Address Resolution Protocol (ARP) spoofing and distributed denial-of-service (DDoS) attacks. Traditional countermeasures often focus narrowly on either ARP or L3/L4 threats, lack real-time responsiveness, and rely heavily on centralized controllers, making them unsuitable for dynamic and large-scale Software-Defined IoT (SD-IoT) deployments. This paper introduces a Distributed Multi-Contextual Architecture (DiMCA) that integrates machine learning (ML) techniques to enhance detection and mitigation capabilities. DiMCA addresses the limitations of existing methods through a holistic, scalable, and adaptive security framework. DiMCA integrates four novel components: Data Plane Stateful Inspection (DPSI), a P4-based module for line-rate detection of ARP anomalies and traffic irregularities; Multi-Controller Plane Architecture (MCPA), which enhances scalability and availability through distributed control; Control Plane Intrusion Analysis (CPIA), an ensemble ML classification engine that distinguishes between benign, ARP, DDoS, and hybrid attacks; and Coordinated Multi-Layer Mitigation (CMLM), a synchronized mitigation strategy that coordinates local and global responses in real time. Results show that DiMCA achieves up to 99.22% accuracy in binary classification and 94.77–98.92% in multi-class detection under realistic adversarial conditions. Ablation experiments confirm the contribution of each module (DPSI, MCPA, CPIA, CMLM) to overall performance, while sensitivity tests clarify trade-offs in latency and false-positive rates. Compared to baselines including OpenFlow-centric monitoring, ARP inspection, and DHCP-snooping policies, DiMCA reduces detection latency from 4.3 s to 0.21 s and lowers controller CPU and bandwidth usage by 31% and 36% without compromising accuracy. By combining real-time monitoring, distributed control, and adaptive ML-driven mitigation, DiMCA offers a practical and resilient solution for securing modern SD-IoT networks against complex and evolving threats.
{"title":"DiMCA: A novel P4-powered framework using machine learning for adaptive defense against combined DDoS and ARP spoofing attacks in SD-IoT networks","authors":"Manal Gafar , Saied M. Abd El-atty , Mohamed S Arafa","doi":"10.1016/j.compeleceng.2025.110929","DOIUrl":"10.1016/j.compeleceng.2025.110929","url":null,"abstract":"<div><div>The convergence of Software-Defined Networking (SDN) with the Internet of Things (IoT) has introduced powerful programmability but also exposed critical vulnerabilities, particularly to Address Resolution Protocol (ARP) spoofing and distributed denial-of-service (DDoS) attacks. Traditional countermeasures often focus narrowly on either ARP or L3/L4 threats, lack real-time responsiveness, and rely heavily on centralized controllers, making them unsuitable for dynamic and large-scale Software-Defined IoT (SD-IoT) deployments. This paper introduces a Distributed Multi-Contextual Architecture (DiMCA) that integrates machine learning (ML) techniques to enhance detection and mitigation capabilities. DiMCA addresses the limitations of existing methods through a holistic, scalable, and adaptive security framework. DiMCA integrates four novel components: Data Plane Stateful Inspection (DPSI), a P4-based module for line-rate detection of ARP anomalies and traffic irregularities; Multi-Controller Plane Architecture (MCPA), which enhances scalability and availability through distributed control; Control Plane Intrusion Analysis (CPIA), an ensemble ML classification engine that distinguishes between benign, ARP, DDoS, and hybrid attacks; and Coordinated Multi-Layer Mitigation (CMLM), a synchronized mitigation strategy that coordinates local and global responses in real time. Results show that DiMCA achieves up to 99.22% accuracy in binary classification and 94.77–98.92% in multi-class detection under realistic adversarial conditions. Ablation experiments confirm the contribution of each module (DPSI, MCPA, CPIA, CMLM) to overall performance, while sensitivity tests clarify trade-offs in latency and false-positive rates. Compared to baselines including OpenFlow-centric monitoring, ARP inspection, and DHCP-snooping policies, DiMCA reduces detection latency from 4.3 s to 0.21 s and lowers controller CPU and bandwidth usage by 31% and 36% without compromising accuracy. By combining real-time monitoring, distributed control, and adaptive ML-driven mitigation, DiMCA offers a practical and resilient solution for securing modern SD-IoT networks against complex and evolving threats.</div></div>","PeriodicalId":50630,"journal":{"name":"Computers & Electrical Engineering","volume":"132 ","pages":"Article 110929"},"PeriodicalIF":4.9,"publicationDate":"2026-01-28","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"146080165","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":3,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2026-01-28DOI: 10.1016/j.compeleceng.2026.110963
Simon R. Davies, Richard Macfarlane
Ransomware remains one of the most pervasive and disruptive cyber threats, with modern variants employing advanced techniques such as high-speed multithreaded encryption, obfuscation, and intermittent encryption to reduce detection opportunities and accelerate impact. Despite extensive research into detection and mitigation, few studies have systematically quantified the execution performance and behavioural characteristics of contemporary ransomware families. This paper fills this critical gap through a comprehensive, rigorous analysis of 29 active crypto-ransomware strains executed under controlled, isolated conditions.
Two purpose-built datasets were developed: one, a verified ransomware corpus of the most active families, and the other, a structured target dataset emulating enterprise file systems. Controlled executions of each ransomware sample provided robust measurements of total execution time, pre-encryption delay, and encryption performance. Key findings include wide variation in encryption speeds (33 MB/s to 2.79 GB/s), distinct preparatory and encryption sequences, and frequent use of intermittent encryption to maximise throughput and evade detection.
This research presents the first contemporary academic reproducible benchmark of ransomware execution performance. Through the release of these curated datasets and detailed empirical measurements, it addresses a critical gap in understanding ransomware behaviour. The study contributes a publicly accessible ransomware sample dataset, a structured benchmarking dataset, and a comparative performance analysis across major ransomware families. These results reveal how modern ransomware balances speed, stealth, and efficiency, highlighting the rapidly shrinking window for detection and response. The work establishes a rigorous benchmark for advancing research and practical defence development.
{"title":"Comprehensive performance benchmarking and comparative analysis of active ransomware threats","authors":"Simon R. Davies, Richard Macfarlane","doi":"10.1016/j.compeleceng.2026.110963","DOIUrl":"10.1016/j.compeleceng.2026.110963","url":null,"abstract":"<div><div>Ransomware remains one of the most pervasive and disruptive cyber threats, with modern variants employing advanced techniques such as high-speed multithreaded encryption, obfuscation, and intermittent encryption to reduce detection opportunities and accelerate impact. Despite extensive research into detection and mitigation, few studies have systematically quantified the execution performance and behavioural characteristics of contemporary ransomware families. This paper fills this critical gap through a comprehensive, rigorous analysis of 29 active crypto-ransomware strains executed under controlled, isolated conditions.</div><div>Two purpose-built datasets were developed: one, a verified ransomware corpus of the most active families, and the other, a structured target dataset emulating enterprise file systems. Controlled executions of each ransomware sample provided robust measurements of total execution time, pre-encryption delay, and encryption performance. Key findings include wide variation in encryption speeds (33 MB/s to 2.79 GB/s), distinct preparatory and encryption sequences, and frequent use of intermittent encryption to maximise throughput and evade detection.</div><div>This research presents the first contemporary academic reproducible benchmark of ransomware execution performance. Through the release of these curated datasets and detailed empirical measurements, it addresses a critical gap in understanding ransomware behaviour. The study contributes a publicly accessible ransomware sample dataset, a structured benchmarking dataset, and a comparative performance analysis across major ransomware families. These results reveal how modern ransomware balances speed, stealth, and efficiency, highlighting the rapidly shrinking window for detection and response. The work establishes a rigorous benchmark for advancing research and practical defence development.</div></div>","PeriodicalId":50630,"journal":{"name":"Computers & Electrical Engineering","volume":"132 ","pages":"Article 110963"},"PeriodicalIF":4.9,"publicationDate":"2026-01-28","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"146080159","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":3,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Aging transportation infrastructure worldwide demands innovative artificial intelligence (AI) solutions for maintenance and monitoring. In this paper, we introduce SUD-ROAD, a new high-resolution dataset and methodology aimed at modernizing road infrastructure management through AI-driven inspection. SUD-ROAD is a specialized subset of the Santiago Urban Dataset, spanning 1635 meters of urban roadway and containing 57 million 3D LiDAR points labeled into seven semantic classes (road pavement, lane lines, other road markings, manhole covers, drains, cracks, and patching). Exploiting the near-planarity of road surfaces, we project the 3D point cloud onto 2D grids, allowing state-of-the-art image-based models to replace more complex 3D networks. A ConvNeXt segmentation model trained on these 2D representations attains a mean Intersection-over-Union of 0.74 and overall accuracy of 0.97, accurately detecting both large-scale assets and fine-grained defects critical for early intervention. We also analyzed the impact of intensity and geometric properties on segmentation effectiveness across different categories. By enabling real-time, AI-driven condition assessment, our approach supports proactive repairs, extends asset life, and reduces life-cycle costs—advancing the broader goal of safer and more sustainable transportation infrastructure. The dataset can be accessed at the following repository: https://github.com/msqiu/SUD-Road.
{"title":"AI-driven road inspection with SUD-ROAD: High-resolution LiDAR benchmark and a novel cross-dimensional semantic segmentation pipeline","authors":"Zhouyan Qiu , Arshia Ghasemlou , Joaquín Martínez-Sánchez , Pedro Arias","doi":"10.1016/j.compeleceng.2026.110993","DOIUrl":"10.1016/j.compeleceng.2026.110993","url":null,"abstract":"<div><div>Aging transportation infrastructure worldwide demands innovative artificial intelligence (AI) solutions for maintenance and monitoring. In this paper, we introduce SUD-ROAD, a new high-resolution dataset and methodology aimed at modernizing road infrastructure management through AI-driven inspection. SUD-ROAD is a specialized subset of the Santiago Urban Dataset, spanning 1635 meters of urban roadway and containing 57 million 3D LiDAR points labeled into seven semantic classes (road pavement, lane lines, other road markings, manhole covers, drains, cracks, and patching). Exploiting the near-planarity of road surfaces, we project the 3D point cloud onto 2D grids, allowing state-of-the-art image-based models to replace more complex 3D networks. A ConvNeXt segmentation model trained on these 2D representations attains a mean Intersection-over-Union of 0.74 and overall accuracy of 0.97, accurately detecting both large-scale assets and fine-grained defects critical for early intervention. We also analyzed the impact of intensity and geometric properties on segmentation effectiveness across different categories. By enabling real-time, AI-driven condition assessment, our approach supports proactive repairs, extends asset life, and reduces life-cycle costs—advancing the broader goal of safer and more sustainable transportation infrastructure. The dataset can be accessed at the following repository: <span><span>https://github.com/msqiu/SUD-Road</span><svg><path></path></svg></span>.</div></div>","PeriodicalId":50630,"journal":{"name":"Computers & Electrical Engineering","volume":"132 ","pages":"Article 110993"},"PeriodicalIF":4.9,"publicationDate":"2026-01-28","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"146080162","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":3,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2026-01-27DOI: 10.1016/j.compeleceng.2026.110995
Deepak Sahu, Shubham Gupta
Precise estimation of parameters is crucial for solar photovoltaic models and analysis of characteristics of associated photovoltaic systems, as the non-linear and implicit behavior of the current–voltage relationship makes this problem significantly challenging. This objective has emerged as a key area of interest for researchers. The rapid advancement of evolutionary algorithms and computer technology has resulted in the development of various metaheuristic algorithms to accelerate this trend further. This study aims to design a robust evolutionary algorithm named FDC-DE by modifying the conventional differential evolution algorithm using different search strategies to enrich the algorithm with effective explorative and exploitative search mechanisms. The FDC-DE comprises fitness-based diversified cluster division and multi-mutation learning strategies to guide the search by the representative member of the population and to provide diverse learning strategies at different stages of the search procedure. These strategies will provide reasonable balancing ability to the algorithm in accelerating convergence and avoiding issues of stagnation and premature convergence at local optimal solutions. To evaluate the proposed FDC-DE algorithm, it is tested on the 23 classical benchmark problems and the IEEE CEC2022 benchmark suite, followed by six experimental sets of single, double, and triple-diode models and three photovoltaic module models. Extensive experiments are performed, and a comparison of the FDC-DE is performed with advanced state-of-the-art metaheuristic algorithms based on accuracy comparison, statistical analysis of the results, and convergence characteristics. The results verify the outperforming search efficiency of the FDC-DE.
{"title":"Parameter estimation of solar photovoltaic models using fitness-based diversified cluster division and multi-mutation learned differential evolution","authors":"Deepak Sahu, Shubham Gupta","doi":"10.1016/j.compeleceng.2026.110995","DOIUrl":"10.1016/j.compeleceng.2026.110995","url":null,"abstract":"<div><div>Precise estimation of parameters is crucial for solar photovoltaic models and analysis of characteristics of associated photovoltaic systems, as the non-linear and implicit behavior of the current–voltage relationship makes this problem significantly challenging. This objective has emerged as a key area of interest for researchers. The rapid advancement of evolutionary algorithms and computer technology has resulted in the development of various metaheuristic algorithms to accelerate this trend further. This study aims to design a robust evolutionary algorithm named FDC-DE by modifying the conventional differential evolution algorithm using different search strategies to enrich the algorithm with effective explorative and exploitative search mechanisms. The FDC-DE comprises fitness-based diversified cluster division and multi-mutation learning strategies to guide the search by the representative member of the population and to provide diverse learning strategies at different stages of the search procedure. These strategies will provide reasonable balancing ability to the algorithm in accelerating convergence and avoiding issues of stagnation and premature convergence at local optimal solutions. To evaluate the proposed FDC-DE algorithm, it is tested on the 23 classical benchmark problems and the IEEE CEC2022 benchmark suite, followed by six experimental sets of single, double, and triple-diode models and three photovoltaic module models. Extensive experiments are performed, and a comparison of the FDC-DE is performed with advanced state-of-the-art metaheuristic algorithms based on accuracy comparison, statistical analysis of the results, and convergence characteristics. The results verify the outperforming search efficiency of the FDC-DE.</div></div>","PeriodicalId":50630,"journal":{"name":"Computers & Electrical Engineering","volume":"132 ","pages":"Article 110995"},"PeriodicalIF":4.9,"publicationDate":"2026-01-27","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"146080169","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":3,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
扫码关注我们
求助内容:
应助结果提醒方式:
京公网安备 11010802042870号