Computer Standards & Interfaces最新文献

Application of retrieval-augmented generation for interactive industrial knowledge management via a large language model

IF 4.1 2区计算机科学 Q1 COMPUTER SCIENCE, HARDWARE & ARCHITECTURE

Computer Standards & Interfaces

Pub Date : 2025-03-06 DOI: 10.1016/j.csi.2025.103995

Lun-Chi Chen , Mayuresh Sunil Pardeshi , Yi-Xiang Liao , Kai-Chih Pai

Industrial data processing and retrieval are necessary for adoption in Industry 5.0. Large Language Model (LLMs) revolutionize natural language process (NLP) but face challenges in domain-specific applications due to specialized terminology and context. Artificial Intelligence (AI) assistants for industrial-related work enquiry and customer support services are necessary for increasing demand and quality of service (QoS). Our research aims to design a novel customized model with a retrieval-augmented generation (RAG)-based LLM as a sustainable solution for industrial integration with AI. The goal is to provide an interactive industrial knowledge management (IIKM) system that can be applied to technical services: assisting technicians in the search for precise technical repair details and company internal regulation searches: personnel can easily inquire about regulations, such as business trips and leave requirements. The IIKM model architecture consists of BM25 and embedding sequence processing in the chroma database, where the top k-chunks are selected by the BAAI ranker to respond effectively to the queries. A group of documents of 234 MB size and pdf, pptx, docx, csv and txt formats are used for the experimental analysis. The designed interactive knowledge management system has a mean reciprocal rank (MRR) of 88 %, a recall of 85 % and a mean average precision (mAP) of 75 % in technical service. The internal regulatory documents have a generation-based retrieval evaluation prediction of recall of 91.62 %, MRR of 97.97 % and mAP of 91.12 %. We conclude with insights gained and experiences shared from IIKM deployment with Sakura incorporation, highlighting the importance of the hybrid approach integrating RAG-based generative pretrained transformer (GPT) models for customized solutions.

{"title":"Application of retrieval-augmented generation for interactive industrial knowledge management via a large language model","authors":"Lun-Chi Chen , Mayuresh Sunil Pardeshi , Yi-Xiang Liao , Kai-Chih Pai","doi":"10.1016/j.csi.2025.103995","DOIUrl":"10.1016/j.csi.2025.103995","url":null,"abstract":"<div><div>Industrial data processing and retrieval are necessary for adoption in Industry 5.0. Large Language Model (LLMs) revolutionize natural language process (NLP) but face challenges in domain-specific applications due to specialized terminology and context. Artificial Intelligence (AI) assistants for industrial-related work enquiry and customer support services are necessary for increasing demand and quality of service (QoS). Our research aims to design a novel customized model with a retrieval-augmented generation (RAG)-based LLM as a sustainable solution for industrial integration with AI. The goal is to provide an interactive industrial knowledge management (IIKM) system that can be applied to technical services: assisting technicians in the search for precise technical repair details and company internal regulation searches: personnel can easily inquire about regulations, such as business trips and leave requirements. The IIKM model architecture consists of BM25 and embedding sequence processing in the chroma database, where the top k-chunks are selected by the BAAI ranker to respond effectively to the queries. A group of documents of 234 MB size and pdf, pptx, docx, csv and txt formats are used for the experimental analysis. The designed interactive knowledge management system has a mean reciprocal rank (MRR) of 88 %, a recall of 85 % and a mean average precision (mAP) of 75 % in technical service. The internal regulatory documents have a generation-based retrieval evaluation prediction of recall of 91.62 %, MRR of 97.97 % and mAP of 91.12 %. We conclude with insights gained and experiences shared from IIKM deployment with Sakura incorporation, highlighting the importance of the hybrid approach integrating RAG-based generative pretrained transformer (GPT) models for customized solutions.</div></div>","PeriodicalId":50635,"journal":{"name":"Computer Standards & Interfaces","volume":"94 ","pages":"Article 103995"},"PeriodicalIF":4.1,"publicationDate":"2025-03-06","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"143549225","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"OA","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

引用次数: 0

Can LLMs revolutionize text mining in chemistry? A comparative study with domain-specific tools

IF 4.1 2区计算机科学 Q1 COMPUTER SCIENCE, HARDWARE & ARCHITECTURE

Computer Standards & Interfaces

Pub Date : 2025-03-02 DOI: 10.1016/j.csi.2025.103997

Madhavi Kumari , Rohit Chauhan , Prabha Garg

The exponential growth of chemical literature necessitates advanced tools for efficient data extraction and utilization. This study investigates the performance of Large Language Models (LLMs) in Chemical Named Entity Recognition (CNER), comparing them against traditional domain-specific tools. We fine-tuned the LLaMA-2 model using the NLM-Chem corpus and integrated a Retrieval-Augmented Generation (RAG) pipeline to enhance performance. The results revealed that fine-tuned LLaMA-2 models, particularly those incorporating RAG, achieved an F1 score of 0.82, surpassing the score of traditional CNER tools. Furthermore, LLMs demonstrated superior generalizability across different datasets. The study also explores the dependency of LLMs size for CNER tasks. A practical case study highlighting the application of these models in chemical entity extraction from pharmaceutical literature, achieving high accuracy in identifying drug and their interactions. These findings establish LLMs as a robust and adaptable alternative to traditional CNER tools, paving the way for transformative applications in chemoinformatics.

{"title":"Can LLMs revolutionize text mining in chemistry? A comparative study with domain-specific tools","authors":"Madhavi Kumari , Rohit Chauhan , Prabha Garg","doi":"10.1016/j.csi.2025.103997","DOIUrl":"10.1016/j.csi.2025.103997","url":null,"abstract":"<div><div>The exponential growth of chemical literature necessitates advanced tools for efficient data extraction and utilization. This study investigates the performance of Large Language Models (LLMs) in Chemical Named Entity Recognition (CNER), comparing them against traditional domain-specific tools. We fine-tuned the LLaMA-2 model using the NLM-Chem corpus and integrated a Retrieval-Augmented Generation (RAG) pipeline to enhance performance. The results revealed that fine-tuned LLaMA-2 models, particularly those incorporating RAG, achieved an F1 score of 0.82, surpassing the score of traditional CNER tools. Furthermore, LLMs demonstrated superior generalizability across different datasets. The study also explores the dependency of LLMs size for CNER tasks. A practical case study highlighting the application of these models in chemical entity extraction from pharmaceutical literature, achieving high accuracy in identifying drug and their interactions. These findings establish LLMs as a robust and adaptable alternative to traditional CNER tools, paving the way for transformative applications in chemoinformatics.</div></div>","PeriodicalId":50635,"journal":{"name":"Computer Standards & Interfaces","volume":"94 ","pages":"Article 103997"},"PeriodicalIF":4.1,"publicationDate":"2025-03-02","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"143549224","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

引用次数: 0

Periodic watermarking for copyright protection of large language models in cloud computing security

IF 4.1 2区计算机科学 Q1 COMPUTER SCIENCE, HARDWARE & ARCHITECTURE

Computer Standards & Interfaces

Pub Date : 2025-02-17 DOI: 10.1016/j.csi.2025.103983

Pei-Gen Ye , Zhengdao Li , Zuopeng Yang , Pengyu Chen , Zhenxin Zhang , Ning Li , Jun Zheng

Large Language Models (LLMs) have become integral in advancing content understanding and generation, leading to the proliferation of Embedding as a Service (EaaS) within cloud computing platforms. EaaS leverages LLMs to offer scalable, on-demand linguistic embeddings, enhancing various cloud-based applications. However, the proprietary nature of EaaS makes it a target for model extraction attacks, where the timing of such infringements often remains elusive. This paper introduces TimeMarker, a novel framework that enhances temporal traceability in cloud computing environments by embedding distinct watermarks at different sub-periods, marking the first attempt to identify the timing of model extraction attacks. TimeMarker employs an adaptive watermark strength method based on information entropy and frequency domain transformations to refine the detection accuracy of model extraction attacks within cloud infrastructures. The granularity of time frame identification for theft improves as more sub-periods are used. Furthermore, our approach investigates single sub-period theft and extends to multi-sub-period theft scenarios where attackers steal data across many sub-periods to train their models in cloud settings. Validated across five widely used datasets, TimeMarker is capable of detecting model extraction over various sub-periods and assessing its impact on the accuracy and robustness of large models deployed in the cloud. The results demonstrate that TimeMarker effectively identifies different periods of extraction attacks, enhancing EaaS security within cloud computing and extending traditional watermarking to offer copyright protection for LLMs.

{"title":"Periodic watermarking for copyright protection of large language models in cloud computing security","authors":"Pei-Gen Ye , Zhengdao Li , Zuopeng Yang , Pengyu Chen , Zhenxin Zhang , Ning Li , Jun Zheng","doi":"10.1016/j.csi.2025.103983","DOIUrl":"10.1016/j.csi.2025.103983","url":null,"abstract":"<div><div>Large Language Models (LLMs) have become integral in advancing content understanding and generation, leading to the proliferation of Embedding as a Service (EaaS) within cloud computing platforms. EaaS leverages LLMs to offer scalable, on-demand linguistic embeddings, enhancing various cloud-based applications. However, the proprietary nature of EaaS makes it a target for model extraction attacks, where the timing of such infringements often remains elusive. This paper introduces TimeMarker, a novel framework that enhances temporal traceability in cloud computing environments by embedding distinct watermarks at different sub-periods, marking the first attempt to identify the timing of model extraction attacks. TimeMarker employs an adaptive watermark strength method based on information entropy and frequency domain transformations to refine the detection accuracy of model extraction attacks within cloud infrastructures. The granularity of time frame identification for theft improves as more sub-periods are used. Furthermore, our approach investigates single sub-period theft and extends to multi-sub-period theft scenarios where attackers steal data across many sub-periods to train their models in cloud settings. Validated across five widely used datasets, TimeMarker is capable of detecting model extraction over various sub-periods and assessing its impact on the accuracy and robustness of large models deployed in the cloud. The results demonstrate that TimeMarker effectively identifies different periods of extraction attacks, enhancing EaaS security within cloud computing and extending traditional watermarking to offer copyright protection for LLMs.</div></div>","PeriodicalId":50635,"journal":{"name":"Computer Standards & Interfaces","volume":"94 ","pages":"Article 103983"},"PeriodicalIF":4.1,"publicationDate":"2025-02-17","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"143452760","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

引用次数: 0

Blockchain-based secure data sharing with overlapping clustering and searchable encryption

IF 4.1 2区计算机科学 Q1 COMPUTER SCIENCE, HARDWARE & ARCHITECTURE

Computer Standards & Interfaces

Pub Date : 2025-02-11 DOI: 10.1016/j.csi.2025.103979

Shujiang Xu , Shishi Dong , Lianhai Wang , Miodrag J. Mihaljevié , Shuhui Zhang , Wei Shao , Qizheng Wang

In the digital age, the importance of data sharing has significantly increased as it accelerates the release of value from data elements. Nevertheless, data confronts substantial security threats, including potential leakage during outsourcing and sharing procedures. To ensure the security of shared data, plaintext data is often replaced by encrypted data for sharing, and searchable encryption algorithms are used to improve the efficiency of sharing. However, due to the inherent limitations of searchable encryption schemes, existing secure data-sharing approaches frequently encounter inefficient search capabilities and privacy violations. This paper proposes a secure data-sharing scheme for encrypted data that integrates blockchain with an overlapping clustering technique to tackle these challenges. The proposed scheme combines blockchain with an attribute-based searchable encryption method to guarantee data transparency, trustworthiness, and confidentiality. Furthermore, the scheme significantly enhances search efficiency and accuracy by incorporating overlapping clustering and keyword relevance-based ranking strategies. Experimental results show that this scheme effectively enhances search efficiency and provides robust privacy protection.

{"title":"Blockchain-based secure data sharing with overlapping clustering and searchable encryption","authors":"Shujiang Xu , Shishi Dong , Lianhai Wang , Miodrag J. Mihaljevié , Shuhui Zhang , Wei Shao , Qizheng Wang","doi":"10.1016/j.csi.2025.103979","DOIUrl":"10.1016/j.csi.2025.103979","url":null,"abstract":"<div><div>In the digital age, the importance of data sharing has significantly increased as it accelerates the release of value from data elements. Nevertheless, data confronts substantial security threats, including potential leakage during outsourcing and sharing procedures. To ensure the security of shared data, plaintext data is often replaced by encrypted data for sharing, and searchable encryption algorithms are used to improve the efficiency of sharing. However, due to the inherent limitations of searchable encryption schemes, existing secure data-sharing approaches frequently encounter inefficient search capabilities and privacy violations. This paper proposes a secure data-sharing scheme for encrypted data that integrates blockchain with an overlapping clustering technique to tackle these challenges. The proposed scheme combines blockchain with an attribute-based searchable encryption method to guarantee data transparency, trustworthiness, and confidentiality. Furthermore, the scheme significantly enhances search efficiency and accuracy by incorporating overlapping clustering and keyword relevance-based ranking strategies. Experimental results show that this scheme effectively enhances search efficiency and provides robust privacy protection.</div></div>","PeriodicalId":50635,"journal":{"name":"Computer Standards & Interfaces","volume":"93 ","pages":"Article 103979"},"PeriodicalIF":4.1,"publicationDate":"2025-02-11","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"143387204","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

引用次数: 0

Blockchain based lightweight authentication scheme for internet of things using lattice encryption algorithm

IF 4.1 2区计算机科学 Q1 COMPUTER SCIENCE, HARDWARE & ARCHITECTURE

Computer Standards & Interfaces

Pub Date : 2025-02-08 DOI: 10.1016/j.csi.2025.103981

Yingpan Kuang, Qiwen Wu, Riqing Chen, Xiaolong Liu

With the rapid development of the Internet of Things (IoT), robust and secure authentication among interconnected devices has become increasingly significant. Existing cryptographic methods, despite their effectiveness, face challenges in scalability, quantum vulnerability, and high computational demands, which are particularly problematic for resource-constrained IoT devices. This paper proposes a novel and lightweight authentication scheme for IoT devices that combines the decentralization of blockchain with the efficiency of lattice-based cryptography to address these security concerns. The proposed scheme employs a decentralized identity management model built on blockchain, eliminating vulnerable central points and enhancing system resilience. For user and device authentication, an efficient lattice-based protocol is introduced, utilizing simplified hash operations and matrix–vector multiplication for key negotiation and authentication. This approach significantly reduces both computational complexity and communication overhead compared to traditional methods such as ECC-based schemes. Specifically, at a 100-bit security level, our scheme achieves authentication and key agreement in approximately

257.401 μ s

and maintains a communication cost of 1052 bits per authentication session. Comprehensive performance analyses demonstrate that the proposed scheme can withstand typical cryptographic attacks and offers advantages in quantum computing resistance. Additionally, the blockchain-based design ensures high scalability, making the scheme ideal for large-scale IoT deployments without performance degradation. Experimental results further validate the scheme’s practical applicability in resource-constrained IoT environments, highlighting its superior computational response times and lower communication costs compared to existing IoT authentication solutions.

{"title":"Blockchain based lightweight authentication scheme for internet of things using lattice encryption algorithm","authors":"Yingpan Kuang, Qiwen Wu, Riqing Chen, Xiaolong Liu","doi":"10.1016/j.csi.2025.103981","DOIUrl":"10.1016/j.csi.2025.103981","url":null,"abstract":"<div><div>With the rapid development of the Internet of Things (IoT), robust and secure authentication among interconnected devices has become increasingly significant. Existing cryptographic methods, despite their effectiveness, face challenges in scalability, quantum vulnerability, and high computational demands, which are particularly problematic for resource-constrained IoT devices. This paper proposes a novel and lightweight authentication scheme for IoT devices that combines the decentralization of blockchain with the efficiency of lattice-based cryptography to address these security concerns. The proposed scheme employs a decentralized identity management model built on blockchain, eliminating vulnerable central points and enhancing system resilience. For user and device authentication, an efficient lattice-based protocol is introduced, utilizing simplified hash operations and matrix–vector multiplication for key negotiation and authentication. This approach significantly reduces both computational complexity and communication overhead compared to traditional methods such as ECC-based schemes. Specifically, at a 100-bit security level, our scheme achieves authentication and key agreement in approximately <span><math><mrow><mn>257</mn><mo>.</mo><mn>401</mn><mspace></mspace><mi>μ</mi><mi>s</mi></mrow></math></span> and maintains a communication cost of 1052 bits per authentication session. Comprehensive performance analyses demonstrate that the proposed scheme can withstand typical cryptographic attacks and offers advantages in quantum computing resistance. Additionally, the blockchain-based design ensures high scalability, making the scheme ideal for large-scale IoT deployments without performance degradation. Experimental results further validate the scheme’s practical applicability in resource-constrained IoT environments, highlighting its superior computational response times and lower communication costs compared to existing IoT authentication solutions.</div></div>","PeriodicalId":50635,"journal":{"name":"Computer Standards & Interfaces","volume":"93 ","pages":"Article 103981"},"PeriodicalIF":4.1,"publicationDate":"2025-02-08","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"143377470","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

引用次数: 0

Finetune and Label Reversal: Privacy-preserving unlearning strategies for GAN models in cloud computing

IF 4.1 2区计算机科学 Q1 COMPUTER SCIENCE, HARDWARE & ARCHITECTURE

Computer Standards & Interfaces

Pub Date : 2025-02-06 DOI: 10.1016/j.csi.2025.103976

Lang Li , Pei-gen Ye , Zhengdao Li , Zuopeng Yang , Zhenxin Zhang

With the increasing emphasis on data protection by governments, machine unlearning has become a highly researched and prominent topic of interest. Machine unlearning is the process of eliminating the influence of specific samples from a machine learning model. Currently, most work on machine unlearning focuses on supervised learning, with limited research on unsupervised learning models such as GANs (Generative Adversarial Networks). GANs, as generative models, are widely applied in cloud computing platforms to generate high-quality synthetic data for various applications, including image synthesis, data augmentation, and anomaly detection. However, these models are often trained on large datasets that may contain personal or sensitive information, raising concerns about data privacy in cloud environments. Given the structural differences between GANs and traditional supervised learning models, transferring classical supervised unlearning algorithms to GANs poses significant challenges. Furthermore, the evaluation metrics for supervised learning unlearning algorithms are not directly applicable to GANs. To address these challenges, we propose two novel methods for unlearning in GANs: Finetune and Label Reversal. The Finetune methodology extends supervised learning unlearning by channeling residual data back into a pretrained GAN model for further refinement. Label Reversal involves reversing the labels of unlearning samples and performing iterative training to neutralize their influence on the model. To meet the needs of cloud-based GAN applications, we also introduce an evaluation metric tailored to GAN unlearning based on prediction loss. This metric ensures the reliability of unlearning methods while maintaining the quality of synthetic data generated in cloud environments. Extensive experiments conducted on the SVHN, CIFAR10, and CIFAR100 datasets demonstrate the efficiency of our methods. Our approach effectively removes specific samples from GAN models while preserving their generative capabilities, making it highly suitable for privacy-preserving GAN applications in cloud computing.

{"title":"Finetune and Label Reversal: Privacy-preserving unlearning strategies for GAN models in cloud computing","authors":"Lang Li , Pei-gen Ye , Zhengdao Li , Zuopeng Yang , Zhenxin Zhang","doi":"10.1016/j.csi.2025.103976","DOIUrl":"10.1016/j.csi.2025.103976","url":null,"abstract":"<div><div>With the increasing emphasis on data protection by governments, machine unlearning has become a highly researched and prominent topic of interest. Machine unlearning is the process of eliminating the influence of specific samples from a machine learning model. Currently, most work on machine unlearning focuses on supervised learning, with limited research on unsupervised learning models such as GANs (Generative Adversarial Networks). GANs, as generative models, are widely applied in cloud computing platforms to generate high-quality synthetic data for various applications, including image synthesis, data augmentation, and anomaly detection. However, these models are often trained on large datasets that may contain personal or sensitive information, raising concerns about data privacy in cloud environments. Given the structural differences between GANs and traditional supervised learning models, transferring classical supervised unlearning algorithms to GANs poses significant challenges. Furthermore, the evaluation metrics for supervised learning unlearning algorithms are not directly applicable to GANs. To address these challenges, we propose two novel methods for unlearning in GANs: Finetune and Label Reversal. The Finetune methodology extends supervised learning unlearning by channeling residual data back into a pretrained GAN model for further refinement. Label Reversal involves reversing the labels of unlearning samples and performing iterative training to neutralize their influence on the model. To meet the needs of cloud-based GAN applications, we also introduce an evaluation metric tailored to GAN unlearning based on prediction loss. This metric ensures the reliability of unlearning methods while maintaining the quality of synthetic data generated in cloud environments. Extensive experiments conducted on the SVHN, CIFAR10, and CIFAR100 datasets demonstrate the efficiency of our methods. Our approach effectively removes specific samples from GAN models while preserving their generative capabilities, making it highly suitable for privacy-preserving GAN applications in cloud computing.</div></div>","PeriodicalId":50635,"journal":{"name":"Computer Standards & Interfaces","volume":"93 ","pages":"Article 103976"},"PeriodicalIF":4.1,"publicationDate":"2025-02-06","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"143349350","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

引用次数: 0

Enhancing cloud-native DevSecOps: A Zero Trust approach for the financial sector

IF 4.1 2区计算机科学 Q1 COMPUTER SCIENCE, HARDWARE & ARCHITECTURE

Computer Standards & Interfaces

Pub Date : 2025-02-06 DOI: 10.1016/j.csi.2025.103975

Daemin Shin , Jiyoon Kim , I Wayan Adi Juliawan Pawana , Ilsun You

Financial institutions increasingly adopt cloud-native environments and microservices architectures in response to digital transformation and application modernization, leading to a growing demand for cloud-native services. This transition accelerates the development of sophisticated Continuous Integration/Continuous Deployment (CI/CD) pipelines while simultaneously increasing the complexity of DevSecOps environments and expanding the attack surface. As a result, the financial sector is paying greater attention to the Zero Trust security model to overcome traditional perimeter-based security’s limitations and achieve automated, advanced cybersecurity capabilities. However, financial institutions need more concrete examples and foundational material to adopt Zero Trust. This study provides a foundational framework for financial institutions to evaluate and implement Zero Trust policies and technologies independently. It analyzes the relationship between cloud-native initiatives, microservices-based DevSecOps environments, and Zero Trust and identifies key considerations for implementing Zero Trust through a stage-by-stage analysis of the Software Development Life Cycle (SDLC). Furthermore, the study proposes a Zero Trust framework to enhance security and evaluates its applicability based on nine assessment criteria.

{"title":"Enhancing cloud-native DevSecOps: A Zero Trust approach for the financial sector","authors":"Daemin Shin , Jiyoon Kim , I Wayan Adi Juliawan Pawana , Ilsun You","doi":"10.1016/j.csi.2025.103975","DOIUrl":"10.1016/j.csi.2025.103975","url":null,"abstract":"<div><div>Financial institutions increasingly adopt cloud-native environments and microservices architectures in response to digital transformation and application modernization, leading to a growing demand for cloud-native services. This transition accelerates the development of sophisticated Continuous Integration/Continuous Deployment (CI/CD) pipelines while simultaneously increasing the complexity of DevSecOps environments and expanding the attack surface. As a result, the financial sector is paying greater attention to the Zero Trust security model to overcome traditional perimeter-based security’s limitations and achieve automated, advanced cybersecurity capabilities. However, financial institutions need more concrete examples and foundational material to adopt Zero Trust. This study provides a foundational framework for financial institutions to evaluate and implement Zero Trust policies and technologies independently. It analyzes the relationship between cloud-native initiatives, microservices-based DevSecOps environments, and Zero Trust and identifies key considerations for implementing Zero Trust through a stage-by-stage analysis of the Software Development Life Cycle (SDLC). Furthermore, the study proposes a Zero Trust framework to enhance security and evaluates its applicability based on nine assessment criteria.</div></div>","PeriodicalId":50635,"journal":{"name":"Computer Standards & Interfaces","volume":"93 ","pages":"Article 103975"},"PeriodicalIF":4.1,"publicationDate":"2025-02-06","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"143396228","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

引用次数: 0

Enhancing Phishing Defenses: The Impact of Timing and Explanations in Warnings for Email Clients

IF 4.1 2区计算机科学 Q1 COMPUTER SCIENCE, HARDWARE & ARCHITECTURE

Computer Standards & Interfaces

Pub Date : 2025-02-06 DOI: 10.1016/j.csi.2025.103982

Francesco Greco, Giuseppe Desolda, Paolo Buono, Antonio Piccinno

Phishing attacks continue to represent a significant risk to digital security due to their reliance on exploiting human vulnerabilities before those of computer systems. To try to limit the effectiveness of this threat, this paper explores new strategies to design warnings shown to users in the presence of suspicious phishing emails. A controlled experiment was conducted with 900 participants to investigate the impact of two factors on warning effectiveness: the warning activation timing (before or after the opening of an email) and the presence of explanation messages in the warning. The study results indicate that warnings displayed after users have read the content of the email significantly reduce click-through rates, demonstrating greater effectiveness in preventing phishing. Furthermore, the presence of explanations also determined a lower click-through rate. Nevertheless, displaying warnings without explanation and simpler warnings for false positive emails may be necessary. The details of these findings were presented as lessons learned that can drive the design of more effective warning systems.

{"title":"Enhancing Phishing Defenses: The Impact of Timing and Explanations in Warnings for Email Clients","authors":"Francesco Greco, Giuseppe Desolda, Paolo Buono, Antonio Piccinno","doi":"10.1016/j.csi.2025.103982","DOIUrl":"10.1016/j.csi.2025.103982","url":null,"abstract":"<div><div>Phishing attacks continue to represent a significant risk to digital security due to their reliance on exploiting human vulnerabilities before those of computer systems. To try to limit the effectiveness of this threat, this paper explores new strategies to design warnings shown to users in the presence of suspicious phishing emails. A controlled experiment was conducted with 900 participants to investigate the impact of two factors on warning effectiveness: the warning activation timing (before or after the opening of an email) and the presence of explanation messages in the warning. The study results indicate that warnings displayed after users have read the content of the email significantly reduce click-through rates, demonstrating greater effectiveness in preventing phishing. Furthermore, the presence of explanations also determined a lower click-through rate. Nevertheless, displaying warnings without explanation and simpler warnings for false positive emails may be necessary. The details of these findings were presented as lessons learned that can drive the design of more effective warning systems.</div></div>","PeriodicalId":50635,"journal":{"name":"Computer Standards & Interfaces","volume":"93 ","pages":"Article 103982"},"PeriodicalIF":4.1,"publicationDate":"2025-02-06","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"143377472","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"OA","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

引用次数: 0

Append-only Authenticated Data Sets based on RSA accumulators for transparent log system

IF 4.1 2区计算机科学 Q1 COMPUTER SCIENCE, HARDWARE & ARCHITECTURE

Computer Standards & Interfaces

Pub Date : 2025-02-06 DOI: 10.1016/j.csi.2025.103978

Qiang Tong, Long Yin, Yulong Liu, Jian Xu

Authenticated Data Structures (ADS) play a vital role in ensuring data authenticity in cloud computing environments, particularly in Public Key Infrastructure (PKI). Despite their importance, significant concerns remain about cloud computing security, such as the risk of hijacking certification authorities to issue fraudulent certificates or tampering with log entries. While Certificate Transparency (CT) improves server certificate credibility, CT log servers remain vulnerable, risking data integrity and trust. This paper proposes the Append-only Authenticated Data Sets (AADS) model, which enhances cloud computing security by supporting append-only properties and fork consistency in transparent logs, preventing malicious modifications and preserving divergent log views. Formally defined using RSA accumulators, the model includes efficient algorithms for initialization, data addition, search, and evidence verification, ensuring security under strong RSA and adaptive root assumptions while reducing space complexity. Additionally, Append-only Authenticated Dictionaries (AAD) offer better space and communication efficiency. A prototype transparent log system demonstrates how these structures mitigate identity authentication risks caused by missing append-only features and fork consistency. Key challenges remain, including scalability, cryptographic weaknesses, and coordinated attacks by compromised log servers and malicious entities.

{"title":"Append-only Authenticated Data Sets based on RSA accumulators for transparent log system","authors":"Qiang Tong, Long Yin, Yulong Liu, Jian Xu","doi":"10.1016/j.csi.2025.103978","DOIUrl":"10.1016/j.csi.2025.103978","url":null,"abstract":"<div><div>Authenticated Data Structures (ADS) play a vital role in ensuring data authenticity in cloud computing environments, particularly in Public Key Infrastructure (PKI). Despite their importance, significant concerns remain about cloud computing security, such as the risk of hijacking certification authorities to issue fraudulent certificates or tampering with log entries. While Certificate Transparency (CT) improves server certificate credibility, CT log servers remain vulnerable, risking data integrity and trust. This paper proposes the Append-only Authenticated Data Sets (AADS) model, which enhances cloud computing security by supporting append-only properties and fork consistency in transparent logs, preventing malicious modifications and preserving divergent log views. Formally defined using RSA accumulators, the model includes efficient algorithms for initialization, data addition, search, and evidence verification, ensuring security under strong RSA and adaptive root assumptions while reducing space complexity. Additionally, Append-only Authenticated Dictionaries (AAD) offer better space and communication efficiency. A prototype transparent log system demonstrates how these structures mitigate identity authentication risks caused by missing append-only features and fork consistency. Key challenges remain, including scalability, cryptographic weaknesses, and coordinated attacks by compromised log servers and malicious entities.</div></div>","PeriodicalId":50635,"journal":{"name":"Computer Standards & Interfaces","volume":"93 ","pages":"Article 103978"},"PeriodicalIF":4.1,"publicationDate":"2025-02-06","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"143377471","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

引用次数: 0

S-box using fractional-order 4D hyperchaotic system and its application to RSA cryptosystem-based color image encryption

IF 4.1 2区计算机科学 Q1 COMPUTER SCIENCE, HARDWARE & ARCHITECTURE

Computer Standards & Interfaces

Pub Date : 2025-02-06 DOI: 10.1016/j.csi.2025.103980

Saeed Ullah , Xinge Liu , Adil Waheed , Shuailei Zhang

An algorithm for substitution box (S-box) construction is proposed by using fractional-order (FO) 4D hyperchaotic system in this paper. Based on hyperchaotic sequences generated by the FO 4D hyperchaotic system, exclusive-or (XOR) operations, and permutation the S-box is constructed. A comprehensive evaluation based on various algebraic criteria demonstrates that the proposed S-box exhibits favorable performance in terms of strict avalanche criterion (SAC), differential approximation probability (DP), nonlinearity (NL), bit independence criterion (BIC), linear approximation probability (LP), fixed point (FP), reverse fixed point (FPr), and correlation immunity (CI). The proposed S-box exhibits excellent NL of 112, comparable to that of the Advanced Encryption Standard (AES) S-box. Furthermore, a novel color image encryption technique is developed to ensure the privacy of color images. The proposed color image encryption algorithm combines Arnold Cat map (ACM), a high-performance generated S-box, Rivest–Shamir–Adleman (RSA) algorithm with 2D Henon chaotic map (HCM). Through rigorous testing, analysis, and comparison with recently reported image encryption algorithms, the suggested algorithm demonstrates its security, efficiency, and resistance to different standard attacks. Notably, the suggested algorithm for color image encryption offers a substantial key space and achieves an approximate correlation of 0 between adjacent pixels. Additionally, the entropy approaches the ideal value of 8.

{"title":"S-box using fractional-order 4D hyperchaotic system and its application to RSA cryptosystem-based color image encryption","authors":"Saeed Ullah , Xinge Liu , Adil Waheed , Shuailei Zhang","doi":"10.1016/j.csi.2025.103980","DOIUrl":"10.1016/j.csi.2025.103980","url":null,"abstract":"<div><div>An algorithm for substitution box (S-box) construction is proposed by using fractional-order (FO) 4D hyperchaotic system in this paper. Based on hyperchaotic sequences generated by the FO 4D hyperchaotic system, exclusive-or (XOR) operations, and permutation the S-box is constructed. A comprehensive evaluation based on various algebraic criteria demonstrates that the proposed S-box exhibits favorable performance in terms of strict avalanche criterion (SAC), differential approximation probability (DP), nonlinearity (NL), bit independence criterion (BIC), linear approximation probability (LP), fixed point (FP), reverse fixed point (FPr), and correlation immunity (CI). The proposed S-box exhibits excellent NL of 112, comparable to that of the Advanced Encryption Standard (AES) S-box. Furthermore, a novel color image encryption technique is developed to ensure the privacy of color images. The proposed color image encryption algorithm combines Arnold Cat map (ACM), a high-performance generated S-box, Rivest–Shamir–Adleman (RSA) algorithm with 2D Henon chaotic map (HCM). Through rigorous testing, analysis, and comparison with recently reported image encryption algorithms, the suggested algorithm demonstrates its security, efficiency, and resistance to different standard attacks. Notably, the suggested algorithm for color image encryption offers a substantial key space and achieves an approximate correlation of 0 between adjacent pixels. Additionally, the entropy approaches the ideal value of 8.</div></div>","PeriodicalId":50635,"journal":{"name":"Computer Standards & Interfaces","volume":"93 ","pages":"Article 103980"},"PeriodicalIF":4.1,"publicationDate":"2025-02-06","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"143387205","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

引用次数: 0