Computer Standards & Interfaces最新文献

Research on optimizing network intrusion detection using deep learning and big data in intelligent elderly care 基于深度学习和大数据的智能养老网络入侵检测优化研究

IF 3.1 2区计算机科学 Q1 COMPUTER SCIENCE, HARDWARE & ARCHITECTURE

Computer Standards & Interfaces

Pub Date : 2026-04-01 Epub Date: 2026-01-24 DOI: 10.1016/j.csi.2026.104136

Dai Huiying

Internet of Things devices are increasingly embedded in elderly care services, expanding exposure to network intrusions that can disrupt remote monitoring and compromise sensitive data. This study develops a stacked deep-learning intrusion detection meta-model for elderly care network settings and evaluates it using the Network Security Laboratory–Knowledge Discovery and Data Mining (NSL-KDD) and Canadian Institute for Cybersecurity Intrusion Detection System 2018 (CICIDS2018) datasets. The approach integrates deep neural networks, convolutional neural networks, recurrent neural networks with long short-term memory and gated recurrent units, and autoencoders by fusing their calibrated decision outputs in a second-stage learner. Data preprocessing included encoding of categorical attributes, normalization, and class-imbalance handling, with model comparison performed using five-fold cross-validation and one-way analysis of variance with Tukey’s post hoc contrasts. The proposed meta-model achieved 99.85% accuracy, 99.2% precision, 99.1% recall, and a 99.15% F1 score, exceeding individual base learners and comparator ensembles, and showed strong detection for frequent service-disruption and reconnaissance attacks while remaining less sensitive to rare exploit categories (approximately 0.85 precision/recall for low-support classes). These results indicate that decision-level fusion can improve robustness under class imbalance and supports low-latency deployment in resource-constrained care facilities when implemented in an edge–cloud monitoring workflow.

物联网设备越来越多地嵌入到老年护理服务中，这增加了网络入侵的风险，可能会破坏远程监控并泄露敏感数据。本研究开发了一种用于老年护理网络设置的堆叠深度学习入侵检测元模型，并使用网络安全实验室-知识发现和数据挖掘（NSL-KDD）和加拿大网络安全入侵检测系统研究所2018 （CICIDS2018）数据集对其进行评估。该方法集成了深度神经网络、卷积神经网络、具有长短期记忆和门控循环单元的循环神经网络，以及通过在第二阶段学习器中融合其校准决策输出的自编码器。数据预处理包括分类属性编码、归一化和类别不平衡处理，模型比较使用五倍交叉验证和Tukey事后对比的单向方差分析。所提出的元模型达到了99.85%的准确率、99.2%的精度、99.1%的召回率和99.15%的F1分数，超过了单个基础学习器和比较器集合，并且对频繁的服务中断和侦察攻击表现出很强的检测能力，同时对罕见的漏洞类别保持较低的敏感性（低支持类的精度/召回率约为0.85）。这些结果表明，决策级融合可以提高类不平衡下的鲁棒性，并支持在资源受限的医疗机构中实现低延迟部署。

{"title":"Research on optimizing network intrusion detection using deep learning and big data in intelligent elderly care","authors":"Dai Huiying","doi":"10.1016/j.csi.2026.104136","DOIUrl":"10.1016/j.csi.2026.104136","url":null,"abstract":"<div><div>Internet of Things devices are increasingly embedded in elderly care services, expanding exposure to network intrusions that can disrupt remote monitoring and compromise sensitive data. This study develops a stacked deep-learning intrusion detection meta-model for elderly care network settings and evaluates it using the Network Security Laboratory–Knowledge Discovery and Data Mining (NSL-KDD) and Canadian Institute for Cybersecurity Intrusion Detection System 2018 (CICIDS2018) datasets. The approach integrates deep neural networks, convolutional neural networks, recurrent neural networks with long short-term memory and gated recurrent units, and autoencoders by fusing their calibrated decision outputs in a second-stage learner. Data preprocessing included encoding of categorical attributes, normalization, and class-imbalance handling, with model comparison performed using five-fold cross-validation and one-way analysis of variance with Tukey’s post hoc contrasts. The proposed meta-model achieved 99.85% accuracy, 99.2% precision, 99.1% recall, and a 99.15% F1 score, exceeding individual base learners and comparator ensembles, and showed strong detection for frequent service-disruption and reconnaissance attacks while remaining less sensitive to rare exploit categories (approximately 0.85 precision/recall for low-support classes). These results indicate that decision-level fusion can improve robustness under class imbalance and supports low-latency deployment in resource-constrained care facilities when implemented in an edge–cloud monitoring workflow.</div></div>","PeriodicalId":50635,"journal":{"name":"Computer Standards & Interfaces","volume":"97 ","pages":"Article 104136"},"PeriodicalIF":3.1,"publicationDate":"2026-04-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"146077331","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

引用次数: 0

Fuzzy-based security requirements quality assessing: Comparison of security experts and generative AI 基于模糊的安全需求质量评估：安全专家与生成式人工智能的比较

IF 3.1 2区计算机科学 Q1 COMPUTER SCIENCE, HARDWARE & ARCHITECTURE

Computer Standards & Interfaces

Pub Date : 2026-04-01 Epub Date: 2026-01-28 DOI: 10.1016/j.csi.2026.104137

Asta Slotkienė, Jolanta Miliauskaitė, Rasa Karbauskaitė

Software systems that store and process large volumes of data are prime targets for increasingly sophisticated cyberattacks. Software engineers recognise that developing software completely free of defects or vulnerabilities is practically impossible, which makes security a critical quality characteristic of software products that must be addressed from the earliest stages of requirements engineering to avoid data loss, software failure, and ensure effective maintenance. Today, secure software engineering promotes proactive risk analysis, systematically identifying potential threats and integrating appropriate countermeasures into the requirements and development process. This paper presents an empirical investigation of security requirements engineering methodologies that integrate the experience of security experts and generative AI capabilities into the security requirements engineering (SRE) process. The empirical investigation results show that SRE based on Generative Artificial Intelligence (GenAI) capabilities still does not achieve the security expert's experience in specifying security requirements, while ensuring the quality of requirement specification based on security risks. We hope that our results will inspire researchers and practitioners to further explore the improvement of security requirements specifications using generative AI and fuzzy logic for SRE.

存储和处理大量数据的软件系统是日益复杂的网络攻击的主要目标。软件工程师认识到，开发完全没有缺陷或漏洞的软件实际上是不可能的，这使得安全性成为软件产品的一个关键质量特征，必须从需求工程的早期阶段开始解决，以避免数据丢失、软件故障，并确保有效的维护。今天，安全软件工程促进了前瞻性的风险分析，系统地识别潜在的威胁，并将适当的对策集成到需求和开发过程中。本文提出了安全需求工程方法的实证研究，该方法将安全专家的经验和生成人工智能能力集成到安全需求工程（SRE）过程中。实证调查结果表明，基于生成式人工智能（GenAI）能力的SRE在保证基于安全风险的需求规范质量的同时，仍不能达到安全专家在指定安全需求方面的经验。我们希望我们的研究结果能够激励研究人员和实践者进一步探索使用生成式人工智能和模糊逻辑来改进SRE的安全需求规范。

{"title":"Fuzzy-based security requirements quality assessing: Comparison of security experts and generative AI","authors":"Asta Slotkienė, Jolanta Miliauskaitė, Rasa Karbauskaitė","doi":"10.1016/j.csi.2026.104137","DOIUrl":"10.1016/j.csi.2026.104137","url":null,"abstract":"<div><div>Software systems that store and process large volumes of data are prime targets for increasingly sophisticated cyberattacks. Software engineers recognise that developing software completely free of defects or vulnerabilities is practically impossible, which makes security a critical quality characteristic of software products that must be addressed from the earliest stages of requirements engineering to avoid data loss, software failure, and ensure effective maintenance. Today, secure software engineering promotes proactive risk analysis, systematically identifying potential threats and integrating appropriate countermeasures into the requirements and development process. This paper presents an empirical investigation of security requirements engineering methodologies that integrate the experience of security experts and generative AI capabilities into the security requirements engineering (SRE) process. The empirical investigation results show that SRE based on Generative Artificial Intelligence (GenAI) capabilities still does not achieve the security expert's experience in specifying security requirements, while ensuring the quality of requirement specification based on security risks. We hope that our results will inspire researchers and practitioners to further explore the improvement of security requirements specifications using generative AI and fuzzy logic for SRE.</div></div>","PeriodicalId":50635,"journal":{"name":"Computer Standards & Interfaces","volume":"97 ","pages":"Article 104137"},"PeriodicalIF":3.1,"publicationDate":"2026-04-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"146077329","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

引用次数: 0

Highway to Hack — Security gaps in ETSI ITS standards 高速公路黑客-安全漏洞在ETSI ITS标准

IF 3.1 2区计算机科学 Q1 COMPUTER SCIENCE, HARDWARE & ARCHITECTURE

Computer Standards & Interfaces

Pub Date : 2026-04-01 Epub Date: 2026-01-21 DOI: 10.1016/j.csi.2026.104133

Roberto Gesteira-Miñarro , Takahito Yoshizawa , Rafael Palacios , Gregorio López

Vehicle-to-Everything (V2X) communication technologies are revolutionizing transportation by enabling real-time information exchange among vehicles, infrastructure, pedestrians, and networks. While these technologies offer significant benefits in terms of road safety, traffic efficiency, and support for autonomous driving, they also introduce critical security and privacy risks due to their decentralized and dynamic nature. In this paper, we perform an analysis of the ETSI Intelligent Transport System (ITS) standards, specifications and reports to identify vulnerabilities that could be exploited to cause cyber–physical damages. We focus particularly on Cooperative Awareness Messages (CAM) and Decentralized Environmental Notification Messages (DENM) in the ETSI ITS standard, and pseudonym ID mechanisms. We identified several security issues, including vulnerabilities that lead to replay attacks, identity-based attacks such as spoofing and Sybil attacks, as well as grayhole attacks. We present attack scenarios where the issues found can be leveraged to compromise road safety, and quantify their potential impact through simulations using Eclipse SUMO. These scenarios might be relevant during a transition period where V2X-enabled vehicles coexist with legacy vehicles. Furthermore, we propose mitigations to address the identified issues. Our findings highlight the need for stronger security measures in V2X systems to ensure both safety and security in future intelligent transportation systems.

车辆到一切（V2X）通信技术通过实现车辆、基础设施、行人和网络之间的实时信息交换，正在彻底改变交通运输。虽然这些技术在道路安全、交通效率和对自动驾驶的支持方面提供了显著的好处，但由于它们的分散性和动态性，它们也带来了关键的安全和隐私风险。在本文中，我们对ETSI智能交通系统（ITS）标准、规范和报告进行了分析，以确定可能被利用来造成网络物理损害的漏洞。我们特别关注ETSI ITS标准中的协作意识消息（CAM）和分散环境通知消息（DENM），以及假名ID机制。我们发现了几个安全问题，包括导致重放攻击、基于身份的攻击（如欺骗和Sybil攻击）以及灰洞攻击的漏洞。我们给出了攻击场景，其中发现的问题可以被用来危害道路安全，并通过使用Eclipse SUMO进行模拟来量化它们的潜在影响。在支持v2x的车辆与传统车辆共存的过渡时期，这些场景可能是相关的。此外，我们提出了缓解措施，以解决已确定的问题。我们的研究结果强调了在V2X系统中需要更强大的安全措施，以确保未来智能交通系统的安全性。

{"title":"Highway to Hack — Security gaps in ETSI ITS standards","authors":"Roberto Gesteira-Miñarro , Takahito Yoshizawa , Rafael Palacios , Gregorio López","doi":"10.1016/j.csi.2026.104133","DOIUrl":"10.1016/j.csi.2026.104133","url":null,"abstract":"<div><div>Vehicle-to-Everything (V2X) communication technologies are revolutionizing transportation by enabling real-time information exchange among vehicles, infrastructure, pedestrians, and networks. While these technologies offer significant benefits in terms of road safety, traffic efficiency, and support for autonomous driving, they also introduce critical security and privacy risks due to their decentralized and dynamic nature. In this paper, we perform an analysis of the ETSI Intelligent Transport System (ITS) standards, specifications and reports to identify vulnerabilities that could be exploited to cause cyber–physical damages. We focus particularly on Cooperative Awareness Messages (CAM) and Decentralized Environmental Notification Messages (DENM) in the ETSI ITS standard, and pseudonym ID mechanisms. We identified several security issues, including vulnerabilities that lead to replay attacks, identity-based attacks such as spoofing and Sybil attacks, as well as grayhole attacks. We present attack scenarios where the issues found can be leveraged to compromise road safety, and quantify their potential impact through simulations using Eclipse SUMO. These scenarios might be relevant during a transition period where V2X-enabled vehicles coexist with legacy vehicles. Furthermore, we propose mitigations to address the identified issues. Our findings highlight the need for stronger security measures in V2X systems to ensure both safety and security in future intelligent transportation systems.</div></div>","PeriodicalId":50635,"journal":{"name":"Computer Standards & Interfaces","volume":"97 ","pages":"Article 104133"},"PeriodicalIF":3.1,"publicationDate":"2026-04-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"146037247","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

引用次数: 0

Efficient encrypted conjunctive search with volume and result pattern leakage resistance 有效的加密联合搜索，具有体积和结果模式抗泄漏性

IF 3.1 2区计算机科学 Q1 COMPUTER SCIENCE, HARDWARE & ARCHITECTURE

Computer Standards & Interfaces

Pub Date : 2026-04-01 Epub Date: 2026-01-20 DOI: 10.1016/j.csi.2026.104135

Xinru Zheng, Jinguo Li, Kai Zhang, Chuanlong Zhao, Xiangluan Hou

The Oblivious Cross-Tags (OXT) protocol inevitably incurs partial information leakage about the underlying database. Typical leakage includes volume leakage, keyword-pair result pattern (KPRP) leakage, and cross-query intersection pattern (IP) leakage. Such leakages can be exploited by adversaries to infer query contents, thereby compromising data privacy. However, existing security solutions suffer from two major limitations: (i) they fail to simultaneously conceal volume patterns, KPRP, and IP; and (ii) they require multiple rounds of interaction between the client and the server. To address these challenges, we propose VKP-OXT, a non-interactive encrypted conjunctive search scheme based on OXT. Specifically, we introduce a volume-hiding encryption mechanism built upon an Oblivious Key-Value Store (OKVS) and design a tailored encryption scheme for conjunctive keyword search. Furthermore, we develop a novel data structure that enables the direct generation of encrypted key–value pairs in a non-interactive manner. To eliminate KPRP leakage, we incorporate a symmetric subset predicate encryption primitive that supports set containment checks without revealing additional information. Security analysis demonstrates that VKP-OXT achieves its intended security guarantees under a well-defined leakage model, and both theoretical analysis and experimental results confirm its practical efficiency.

遗忘交叉标签（OXT）协议不可避免地会导致有关底层数据库的部分信息泄漏。典型的泄漏包括体积泄漏、关键字对结果模式（KPRP）泄漏和交叉查询交叉模式（IP）泄漏。攻击者可以利用这种泄漏来推断查询内容，从而损害数据隐私。然而，现有的安全解决方案有两个主要的局限性：(i)它们不能同时隐藏卷模式、KPRP和IP；（ii）它们需要在客户端和服务器之间进行多轮交互。为了解决这些问题，我们提出了一种基于OXT的非交互式加密联合搜索方案VKP-OXT。具体来说，我们引入了一种基于遗忘键值存储（OKVS）的卷隐藏加密机制，并为连接关键字搜索设计了定制的加密方案。此外，我们开发了一种新的数据结构，可以以非交互的方式直接生成加密的键值对。为了消除KPRP泄漏，我们合并了一个对称子集谓词加密原语，该原语支持集合包含检查，而不会泄露额外的信息。安全性分析表明，在良好定义的泄漏模型下，VKP-OXT达到了预期的安全性保证，理论分析和实验结果均证实了其实际有效性。

{"title":"Efficient encrypted conjunctive search with volume and result pattern leakage resistance","authors":"Xinru Zheng, Jinguo Li, Kai Zhang, Chuanlong Zhao, Xiangluan Hou","doi":"10.1016/j.csi.2026.104135","DOIUrl":"10.1016/j.csi.2026.104135","url":null,"abstract":"<div><div>The Oblivious Cross-Tags (OXT) protocol inevitably incurs partial information leakage about the underlying database. Typical leakage includes volume leakage, keyword-pair result pattern (KPRP) leakage, and cross-query intersection pattern (IP) leakage. Such leakages can be exploited by adversaries to infer query contents, thereby compromising data privacy. However, existing security solutions suffer from two major limitations: (i) they fail to simultaneously conceal volume patterns, KPRP, and IP; and (ii) they require multiple rounds of interaction between the client and the server. To address these challenges, we propose <strong>VKP-OXT</strong>, a non-interactive encrypted conjunctive search scheme based on OXT. Specifically, we introduce a volume-hiding encryption mechanism built upon an Oblivious Key-Value Store (OKVS) and design a tailored encryption scheme for conjunctive keyword search. Furthermore, we develop a novel data structure that enables the direct generation of encrypted key–value pairs in a non-interactive manner. To eliminate KPRP leakage, we incorporate a symmetric subset predicate encryption primitive that supports set containment checks without revealing additional information. Security analysis demonstrates that VKP-OXT achieves its intended security guarantees under a well-defined leakage model, and both theoretical analysis and experimental results confirm its practical efficiency.</div></div>","PeriodicalId":50635,"journal":{"name":"Computer Standards & Interfaces","volume":"97 ","pages":"Article 104135"},"PeriodicalIF":3.1,"publicationDate":"2026-04-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"146187315","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

引用次数: 0

Co-distillation-based defense framework for federated knowledge graph embedding against poisoning attacks 基于协同蒸馏的联邦知识图嵌入中毒攻击防御框架

IF 3.1 2区计算机科学 Q1 COMPUTER SCIENCE, HARDWARE & ARCHITECTURE

Computer Standards & Interfaces

Pub Date : 2026-04-01 Epub Date: 2025-12-09 DOI: 10.1016/j.csi.2025.104113

Yiqin Lu, Jiarui Chen, Jiancheng Qin

Federated knowledge graph embedding (FKGE) enables collaborative knowledge sharing without data exchange, but it also introduces risks of poisoning attacks that degrade model accuracy or force incorrect outputs. Protecting FKGE from poisoning attacks becomes a critical research problem. This paper reveals the malicious strategy of untargeted FKGE poisoning attacks and proposes CoDFKGE, a co-distillation-based FKGE framework for defending against poisoning attacks. CoDFKGE deploys two collaborative knowledge graph embedding models on clients, decoupling prediction parameters from shared parameters as a model-agnostic solution. By designing distinct distillation loss functions, CoDFKGE transfers clean knowledge from potentially poisoned shared parameters while compressing dimensions to reduce communication overhead. Experiments show CoDFKGE preserves link prediction performance with lower communication costs, eliminates malicious manipulations under targeted poisoning attacks, and significantly mitigates accuracy degradation under untargeted poisoning attacks.

联邦知识图嵌入（FKGE）可以在没有数据交换的情况下实现协作知识共享，但它也引入了中毒攻击的风险，这种攻击会降低模型的准确性或强制输出错误。保护FKGE免受投毒攻击成为关键的研究问题。本文揭示了非目标FKGE投毒攻击的恶意策略，提出了基于共蒸馏的FKGE框架CoDFKGE来防御投毒攻击。CoDFKGE在客户端部署了两个协作知识图嵌入模型，将预测参数与共享参数解耦，作为模型不可知的解决方案。通过设计不同的蒸馏损失函数，CoDFKGE从潜在的有毒共享参数中转移干净的知识，同时压缩维度以减少通信开销。实验表明，CoDFKGE在保持链路预测性能的同时降低了通信成本，消除了针对性投毒攻击下的恶意操作，并显著减轻了非针对性投毒攻击下的精度下降。

引用次数: 0

Decentralized multi-client boolean keyword search for encrypted cloud storage 分布式多客户端布尔关键字搜索加密云存储

IF 3.1 2区计算机科学 Q1 COMPUTER SCIENCE, HARDWARE & ARCHITECTURE

Computer Standards & Interfaces

Pub Date : 2026-04-01 Epub Date: 2026-01-14 DOI: 10.1016/j.csi.2026.104127

Xiwen Wang , Junqing Gong , Kai Zhang , Haifeng Qian

In multi-client searchable symmetric encryption (MC-SSE), multiple clients have the capability to conduct keyword searches on encrypted data hosted in cloud, where the outsourced data is contributed by a data owner. Unfortunately, all known MC-SSE addressing key escrow problem required establishing a secure channel between data owner and user, and might suffer from significant key storage overhead. Therefore, we present an effective decentralized MC-SSE (DMC-SSE) system without the key escrow problem for secure cloud storage, eliminating the secure channel between data owner and data user. In DMC-SSE, each client independently picks its public/secret key, while a bulletin board of user public keys takes the place of the central authority. Technically, we introduce a semi-generic construction framework of DMC-SSE, building upon Cash et al.’s OXT structure (CRYPTO 2013), which roughly combines Kolonelos, Malavolta and Wee’s distributed broadcast encryption scheme (ASIACRYPT 2023) and additionally introduces a distributed keyed pseudorandom function module for securely aggregating each client’s secret key.

在多客户端可搜索对称加密（MC-SSE）中，多个客户端能够对托管在云中的加密数据进行关键字搜索，其中外包数据由数据所有者提供。不幸的是，所有已知的MC-SSE解决密钥托管问题都需要在数据所有者和用户之间建立一个安全通道，并且可能会遭受重大的密钥存储开销。因此，我们提出了一种有效的分散式MC-SSE （DMC-SSE）系统，该系统不存在安全云存储的密钥托管问题，消除了数据所有者和数据用户之间的安全通道。在DMC-SSE中，每个客户端独立地选择其公钥/密钥，而用户公钥公告板取代了中央权威。从技术上讲，我们在Cash等人的OXT结构（CRYPTO 2013）的基础上引入了DMC-SSE的半通用构造框架，该框架大致结合了Kolonelos， Malavolta和Wee的分布式广播加密方案（ASIACRYPT 2023），并引入了分布式密钥伪随机功能模块，用于安全地聚合每个客户端的密钥。

{"title":"Decentralized multi-client boolean keyword search for encrypted cloud storage","authors":"Xiwen Wang , Junqing Gong , Kai Zhang , Haifeng Qian","doi":"10.1016/j.csi.2026.104127","DOIUrl":"10.1016/j.csi.2026.104127","url":null,"abstract":"<div><div>In multi-client searchable symmetric encryption (MC-SSE), multiple clients have the capability to conduct keyword searches on encrypted data hosted in cloud, where the outsourced data is contributed by a data owner. Unfortunately, all known MC-SSE addressing key escrow problem required establishing a secure channel between data owner and user, and might suffer from significant key storage overhead. Therefore, we present an effective decentralized MC-SSE (DMC-SSE) system without the key escrow problem for secure cloud storage, eliminating the secure channel between data owner and data user. In DMC-SSE, each client independently picks its public/secret key, while a bulletin board of user public keys takes the place of the central authority. Technically, we introduce a semi-generic construction framework of DMC-SSE, building upon Cash et al.’s OXT structure (CRYPTO 2013), which roughly combines Kolonelos, Malavolta and Wee’s distributed broadcast encryption scheme (ASIACRYPT 2023) and additionally introduces a distributed keyed pseudorandom function module for securely aggregating each client’s secret key.</div></div>","PeriodicalId":50635,"journal":{"name":"Computer Standards & Interfaces","volume":"97 ","pages":"Article 104127"},"PeriodicalIF":3.1,"publicationDate":"2026-04-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"145977135","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

引用次数: 0

AdaTraj-DP: An adaptive privacy framework for context-aware trajectory data publishing AdaTraj-DP：用于上下文感知轨迹数据发布的自适应隐私框架

IF 3.1 2区计算机科学 Q1 COMPUTER SCIENCE, HARDWARE & ARCHITECTURE

Computer Standards & Interfaces

Pub Date : 2026-04-01 Epub Date: 2025-12-30 DOI: 10.1016/j.csi.2025.104125

Yongxin Zhao , Chundong Wang , Hao Lin , Xumeng Wang , Yixuan Song , Qiuyu Du

Trajectory data are widely used in AI-based spatiotemporal analysis but raise privacy concerns due to their fine-grained nature and the potential for individual re-identification. Existing differential privacy (DP) approaches often apply uniform perturbation, which compromises spatial continuity, or adopt personalized mechanisms that overlook structural utility. This study introduces AdaTraj-DP, an adaptive differential privacy framework designed to balance trajectory-level protection and analytical utility. The framework combines context-aware sensitivity detection with hierarchical aggregation. Specifically, a dynamic sensitivity model evaluates privacy risks according to spatial density and semantic context, enabling adaptive allocation of privacy budgets. An adaptive perturbation mechanism then injects noise proportionally to the estimated sensitivity and represents trajectories through Hilbert-based encoding for prefix-oriented hierarchical aggregation with layer-wise budget distribution. Experiments conducted on the T-Drive and GeoLife datasets indicate that AdaTraj-DP maintains stable query accuracy, spatial consistency, and downstream analytical utility across varying privacy budgets while satisfying formal differential privacy guarantees.

轨迹数据广泛用于基于人工智能的时空分析，但由于其细粒度性质和个体重新识别的潜力，引起了隐私问题。现有的差分隐私（DP）方法通常采用均匀摄动，这会损害空间连续性，或者采用忽视结构效用的个性化机制。本研究介绍了AdaTraj-DP，一种自适应差分隐私框架，旨在平衡轨迹级保护和分析效用。该框架结合了上下文感知灵敏度检测和分层聚合。具体而言，动态敏感性模型根据空间密度和语义上下文评估隐私风险，实现隐私预算的自适应分配。然后，自适应扰动机制注入与估计灵敏度成比例的噪声，并通过基于hilbert的编码表示具有分层预算分布的面向前缀的分层聚合的轨迹。在T-Drive和GeoLife数据集上进行的实验表明，AdaTraj-DP在满足形式差分隐私保证的同时，在不同隐私预算下保持了稳定的查询精度、空间一致性和下游分析效用。

{"title":"AdaTraj-DP: An adaptive privacy framework for context-aware trajectory data publishing","authors":"Yongxin Zhao , Chundong Wang , Hao Lin , Xumeng Wang , Yixuan Song , Qiuyu Du","doi":"10.1016/j.csi.2025.104125","DOIUrl":"10.1016/j.csi.2025.104125","url":null,"abstract":"<div><div>Trajectory data are widely used in AI-based spatiotemporal analysis but raise privacy concerns due to their fine-grained nature and the potential for individual re-identification. Existing differential privacy (DP) approaches often apply uniform perturbation, which compromises spatial continuity, or adopt personalized mechanisms that overlook structural utility. This study introduces AdaTraj-DP, an adaptive differential privacy framework designed to balance trajectory-level protection and analytical utility. The framework combines context-aware sensitivity detection with hierarchical aggregation. Specifically, a dynamic sensitivity model evaluates privacy risks according to spatial density and semantic context, enabling adaptive allocation of privacy budgets. An adaptive perturbation mechanism then injects noise proportionally to the estimated sensitivity and represents trajectories through Hilbert-based encoding for prefix-oriented hierarchical aggregation with layer-wise budget distribution. Experiments conducted on the T-Drive and GeoLife datasets indicate that AdaTraj-DP maintains stable query accuracy, spatial consistency, and downstream analytical utility across varying privacy budgets while satisfying formal differential privacy guarantees.</div></div>","PeriodicalId":50635,"journal":{"name":"Computer Standards & Interfaces","volume":"97 ","pages":"Article 104125"},"PeriodicalIF":3.1,"publicationDate":"2026-04-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"145883438","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

引用次数: 0

Chaos experiments in microservice architectures: A systematic literature review 微服务架构中的混沌实验：系统的文献综述

IF 3.1 2区计算机科学 Q1 COMPUTER SCIENCE, HARDWARE & ARCHITECTURE

Computer Standards & Interfaces

Pub Date : 2026-04-01 Epub Date: 2025-12-15 DOI: 10.1016/j.csi.2025.104116

Emrah Esen , Akhan Akbulut , Cagatay Catal

This study analyzes the implementation of Chaos Engineering in modern microservice systems. It identifies key methods, tools, and practices used to effectively enhance the resilience of software systems in production environments. In this context, our Systematic Literature Review (SLR) of 31 research articles has uncovered 38 tools crucial for carrying out fault injection methods, including several tools such as Chaos Toolkit, Gremlin, and Chaos Machine. The study also explores the platforms used for chaos experiments and how centralized management of chaos engineering can facilitate the coordination of these experiments across complex systems. The evaluated literature reveals the efficacy of chaos engineering in improving fault tolerance and robustness of software systems, particularly those based on microservice architectures. The paper underlines the importance of careful planning and execution in implementing chaos engineering and encourages further research in this field to uncover more effective practices for the resilience improvement of microservice systems.

本研究分析了混沌工程在现代微服务系统中的应用。它确定了用于有效增强生产环境中软件系统弹性的关键方法、工具和实践。在此背景下，我们对31篇研究文章进行了系统文献综述（SLR），发现了38个工具对于执行故障注入方法至关重要，包括一些工具，如混沌工具箱、Gremlin和混沌机器。该研究还探讨了用于混沌实验的平台，以及混沌工程的集中管理如何促进跨复杂系统的这些实验的协调。评估的文献揭示了混沌工程在提高软件系统容错性和鲁棒性方面的有效性，特别是基于微服务架构的软件系统。本文强调了在实施混沌工程时仔细规划和执行的重要性，并鼓励在该领域进一步研究，以发现更有效的微服务系统弹性改进实践。

引用次数: 0

SiamIDS: A novel cloud-centric Siamese Bi-LSTM framework for interpretable intrusion detection in large-scale IoT networks SiamIDS：一种新的以云为中心的Siamese Bi-LSTM框架，用于大规模物联网网络中的可解释入侵检测

IF 3.1 2区计算机科学 Q1 COMPUTER SCIENCE, HARDWARE & ARCHITECTURE

Computer Standards & Interfaces

Pub Date : 2026-04-01 Epub Date: 2025-12-15 DOI: 10.1016/j.csi.2025.104119

Prabu Kaliyaperumal , Palani Latha , Selvaraj Palanisamy , Sridhar Pushpanathan , Anand Nayyar , Balamurugan Balusamy , Ahmad Alkhayyat

The rapid proliferation of Internet of Things (IoT) devices has heightened the need for scalable and interpretable intrusion detection systems (IDS) capable of operating efficiently in cloud-centric environments. Existing IDS approaches often struggle with real-time processing, zero-day attack detection, and model transparency. To address these challenges, this paper proposes SiamIDS, a novel cloud-native framework that integrates contrastive Siamese Bi-directional LSTM (Bi-LSTM) modeling, autoencoder-based dimensionality reduction, SHapley Additive exPlanations (SHAP) for interpretability, and Ordering Points To Identify the Clustering Structure (OPTICS) clustering for unsupervised threat categorization. The framework aims to enhance the detection of both known and previously unseen threats in large-scale IoT networks by learning behavioral similarity across network flows. Trained on the CIC IoT-DIAD 2024 dataset, SiamIDS achieves superior detection performance with an F1-score of 99.45%, recall of 98.96%, and precision of 99.94%. Post-detection OPTICS clustering yields a Silhouette Score of 0.901, DBI of 0.092, and ARI of 0.889, supporting accurate threat grouping. The system processes over 220,000 samples/sec with a RAM usage under 1.5 GB, demonstrating real-time readiness. Compared to state-of-the-art methods, SiamIDS improves F1-score by 2.8% and reduces resource overhead by up to 25%, establishing itself as an accurate, efficient, and explainable IDS for next-generation IoT ecosystems.

物联网（IoT）设备的快速扩散，提高了对可扩展和可解释的入侵检测系统（IDS）的需求，这些系统能够在以云为中心的环境中高效运行。现有的IDS方法经常与实时处理、零日攻击检测和模型透明性作斗争。为了解决这些挑战，本文提出了SiamIDS，这是一种新的云原生框架，它集成了对比Siamese双向LSTM （Bi-LSTM）建模、基于自编码器的降维、SHapley加性解释（SHAP）的可解释性，以及用于无监督威胁分类的排序点识别聚类结构（OPTICS）聚类。该框架旨在通过学习跨网络流的行为相似性来增强对大规模物联网网络中已知和以前未见过的威胁的检测。在CIC IoT-DIAD 2024数据集上训练后，SiamIDS达到了优异的检测性能，f1得分为99.45%，召回率为98.96%，准确率为99.94%。检测后的OPTICS聚类得到的Silhouette Score为0.901，DBI为0.092，ARI为0.889，支持准确的威胁分组。系统每秒处理超过220,000个样本，RAM使用率低于1.5 GB，显示了实时准备。与最先进的方法相比，SiamIDS将f1分数提高了2.8%，并将资源开销降低了25%，使其成为下一代物联网生态系统中准确、高效、可解释的IDS。

{"title":"SiamIDS: A novel cloud-centric Siamese Bi-LSTM framework for interpretable intrusion detection in large-scale IoT networks","authors":"Prabu Kaliyaperumal , Palani Latha , Selvaraj Palanisamy , Sridhar Pushpanathan , Anand Nayyar , Balamurugan Balusamy , Ahmad Alkhayyat","doi":"10.1016/j.csi.2025.104119","DOIUrl":"10.1016/j.csi.2025.104119","url":null,"abstract":"<div><div>The rapid proliferation of Internet of Things (IoT) devices has heightened the need for scalable and interpretable intrusion detection systems (IDS) capable of operating efficiently in cloud-centric environments. Existing IDS approaches often struggle with real-time processing, zero-day attack detection, and model transparency. To address these challenges, this paper proposes SiamIDS, a novel cloud-native framework that integrates contrastive Siamese Bi-directional LSTM (Bi-LSTM) modeling, autoencoder-based dimensionality reduction, SHapley Additive exPlanations (SHAP) for interpretability, and Ordering Points To Identify the Clustering Structure (OPTICS) clustering for unsupervised threat categorization. The framework aims to enhance the detection of both known and previously unseen threats in large-scale IoT networks by learning behavioral similarity across network flows. Trained on the CIC IoT-DIAD 2024 dataset, SiamIDS achieves superior detection performance with an F1-score of 99.45%, recall of 98.96%, and precision of 99.94%. Post-detection OPTICS clustering yields a Silhouette Score of 0.901, DBI of 0.092, and ARI of 0.889, supporting accurate threat grouping. The system processes over 220,000 samples/sec with a RAM usage under 1.5 GB, demonstrating real-time readiness. Compared to state-of-the-art methods, SiamIDS improves F1-score by 2.8% and reduces resource overhead by up to 25%, establishing itself as an accurate, efficient, and explainable IDS for next-generation IoT ecosystems.</div></div>","PeriodicalId":50635,"journal":{"name":"Computer Standards & Interfaces","volume":"97 ","pages":"Article 104119"},"PeriodicalIF":3.1,"publicationDate":"2026-04-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"145839849","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

引用次数: 0

Post-quantum PAKE over lattices revised: Smaug-T.PAKE for mobile devices 后量子PAKE在晶格上的修正：smaugt。移动设备的PAKE

IF 3.1 2区计算机科学 Q1 COMPUTER SCIENCE, HARDWARE & ARCHITECTURE

Computer Standards & Interfaces

Pub Date : 2026-04-01 Epub Date: 2025-12-15 DOI: 10.1016/j.csi.2025.104118

Kübra Seyhan , Sedat Akleylek , Ahmet Faruk Dursun

In this paper, an efficient post-quantum secure password-authenticated key exchange (PAKE) scheme from a well-structured lattice-based key encapsulation mechanism (KEM) is proposed. The generic KEM to PAKE idea, OCAKE, is modified by considering hybrid module learning with errors (MLWE) + module learning with rounding (MLWR) assumptions to obtain explicit password-based authentication from SMAUG-T.KEM procedures. As a KEM primitive, SMAUG-T.KEM is chosen due to its performance against the National Institute of Standards and Technology (NIST) standard Crystals-Kyber (Kyber) to obtain an efficient and post-quantum secure PAKE scheme. Firstly, the anonymity and fuzziness properties of SMAUG-T.KEM are proven to fit the OCAKE approach in constructing the PAKE version of Smaug.KEM. Then, the post-quantum security of the proposed SMAUG-T.PAKE is analyzed in the universal composability (UC) model based on the hybrid security assumptions and proved properties. The reference C and JAVA codes are written to evaluate whether the targeted efficiency is achieved in different platforms. Based on the central processing unit (CPU) and memory usage, run time, and energy consumption metrics, the proposed solution is compared with current PAKE proposals. The performance results showed that SMAUG-T.PAKE, with two optional encryption modes, Advanced Encryption Standard (AES) or Ascon, presents better performance than the other module-based PAKE solutions from lattices in terms of both reference and mobile results.

本文提出了一种基于结构良好的格子密钥封装机制的后量子安全密码认证密钥交换方案。通过考虑混合误差模块学习(MLWE) +舍入模块学习（MLWR）假设，对通用的KEM到PAKE思想OCAKE进行了改进，从而从smaugt获得显式的基于密码的身份验证。克姆程序。作为KEM原语smaugt。选择KEM是由于它与美国国家标准与技术研究所（NIST）标准晶体-Kyber （Kyber）的性能相比较，以获得有效的后量子安全PAKE方案。首先，SMAUG-T的匿名性和模糊性。在构建Smaug.KEM的PAKE版本时，KEM已被证明适合OCAKE方法。然后，讨论了SMAUG-T的后量子安全性。基于混合安全假设和证明的性质，在通用可组合性（UC）模型下对PAKE进行了分析。编写了参考C和JAVA代码来评估在不同的平台上是否实现了目标效率。基于中央处理器（CPU）和内存使用、运行时间和能耗指标，将所提出的解决方案与当前的PAKE方案进行比较。性能结果表明，smaugt。PAKE具有高级加密标准（AES）或Ascon两种可选加密模式，在参考和移动结果方面都比其他基于模块的PAKE解决方案具有更好的性能。

{"title":"Post-quantum PAKE over lattices revised: Smaug-T.PAKE for mobile devices","authors":"Kübra Seyhan , Sedat Akleylek , Ahmet Faruk Dursun","doi":"10.1016/j.csi.2025.104118","DOIUrl":"10.1016/j.csi.2025.104118","url":null,"abstract":"<div><div>In this paper, an efficient post-quantum secure password-authenticated key exchange (PAKE) scheme from a well-structured lattice-based key encapsulation mechanism (KEM) is proposed. The generic KEM to PAKE idea, OCAKE, is modified by considering hybrid module learning with errors (MLWE) + module learning with rounding (MLWR) assumptions to obtain explicit password-based authentication from SMAUG-T.KEM procedures. As a KEM primitive, SMAUG-T.KEM is chosen due to its performance against the National Institute of Standards and Technology (NIST) standard Crystals-Kyber (Kyber) to obtain an efficient and post-quantum secure PAKE scheme. Firstly, the anonymity and fuzziness properties of SMAUG-T.KEM are proven to fit the OCAKE approach in constructing the PAKE version of Smaug.KEM. Then, the post-quantum security of the proposed SMAUG-T.PAKE is analyzed in the universal composability (UC) model based on the hybrid security assumptions and proved properties. The reference C and JAVA codes are written to evaluate whether the targeted efficiency is achieved in different platforms. Based on the central processing unit (CPU) and memory usage, run time, and energy consumption metrics, the proposed solution is compared with current PAKE proposals. The performance results showed that SMAUG-T.PAKE, with two optional encryption modes, Advanced Encryption Standard (AES) or Ascon, presents better performance than the other module-based PAKE solutions from lattices in terms of both reference and mobile results.</div></div>","PeriodicalId":50635,"journal":{"name":"Computer Standards & Interfaces","volume":"97 ","pages":"Article 104118"},"PeriodicalIF":3.1,"publicationDate":"2026-04-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"145839846","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

引用次数: 0