Computer Standards & Interfaces最新文献_第4页

DEA-GAO: A two-stage approach optimal controller placement in software-defined networks using data envelopment analysis DEA-GAO：一种采用数据包络分析的两阶段方法在软件定义网络中优化控制器配置

IF 3.1 2区计算机科学 Q1 COMPUTER SCIENCE, HARDWARE & ARCHITECTURE

Computer Standards & Interfaces

Pub Date : 2026-04-01 Epub Date: 2025-12-02 DOI: 10.1016/j.csi.2025.104109

Fatemeh Dashti, Ali Ghaffari, Nahideh Derakhshanfard, Shiva Taghipoureivazi

Software-defined networks (SDN) have demonstrated considerable benefits in various practical domains by decoupling the control plane from the data plane, thus facilitating programmable network management. This paper presents a two-stage approach for solving the problem of controller placement called DEA-GAO. In the first stage, this strategy assumes the SDN network as a graph and using Data Envelopment Analysis (DEA) and relying on graph centrality metrics such as closeness centrality, betweenness centrality, and eigenvector centrality, calculates the efficiency of nodes to determine the optimal locations for deploying controllers. In the second stage, to allocate switches to controllers, the proposed strategy employs the Green Anaconda Optimization algorithm (GAO) to achieve an optimal allocation while considering network parameters such as average delay, load balancing, and reliability. Finally, to assess the efficacy of the proposed methodology, it is juxtaposed with three extant methods utilizing diverse datasets from the Internet Topology Zoo. The experimental findings indicate that the proposed approach significantly surpasses the existing methods, specifically the hybrid RDMCP-PSO algorithm, heuristic CPP algorithm and PSO algorithm in terms of both average delay (8.8 %, 28.8 % and 22.2 % respectively) and controller utilization (1.5 %, 7.3 % and 32 % respectively).

软件定义网络（SDN）通过将控制平面与数据平面解耦，从而促进可编程网络管理，在各种实际领域中显示出相当大的优势。本文提出了一种两阶段的方法来解决被称为DEA-GAO的控制器放置问题。在第一阶段，该策略将SDN网络假设为一个图，并使用数据包络分析（DEA），依靠图中心性指标（如接近中心性、中间中心性和特征向量中心性）计算节点的效率，以确定部署控制器的最佳位置。第二阶段，在考虑平均时延、负载均衡、可靠性等网络参数的情况下，采用绿色蟒蛇优化算法（Green Anaconda Optimization algorithm， GAO）实现交换机到控制器的最优分配。最后，为了评估所提出方法的有效性，将其与利用互联网拓扑动物园不同数据集的三种现有方法并置。实验结果表明，该方法在平均时延（分别为8.8%、28.8%和22.2%）和控制器利用率（分别为1.5%、7.3%和32%）方面均明显优于现有方法，特别是混合RDMCP-PSO算法、启发式CPP算法和PSO算法。

{"title":"DEA-GAO: A two-stage approach optimal controller placement in software-defined networks using data envelopment analysis","authors":"Fatemeh Dashti, Ali Ghaffari, Nahideh Derakhshanfard, Shiva Taghipoureivazi","doi":"10.1016/j.csi.2025.104109","DOIUrl":"10.1016/j.csi.2025.104109","url":null,"abstract":"<div><div>Software-defined networks (SDN) have demonstrated considerable benefits in various practical domains by decoupling the control plane from the data plane, thus facilitating programmable network management. This paper presents a two-stage approach for solving the problem of controller placement called DEA-GAO. In the first stage, this strategy assumes the SDN network as a graph and using Data Envelopment Analysis (DEA) and relying on graph centrality metrics such as closeness centrality, betweenness centrality, and eigenvector centrality, calculates the efficiency of nodes to determine the optimal locations for deploying controllers. In the second stage, to allocate switches to controllers, the proposed strategy employs the Green Anaconda Optimization algorithm (GAO) to achieve an optimal allocation while considering network parameters such as average delay, load balancing, and reliability. Finally, to assess the efficacy of the proposed methodology, it is juxtaposed with three extant methods utilizing diverse datasets from the Internet Topology Zoo. The experimental findings indicate that the proposed approach significantly surpasses the existing methods, specifically the hybrid RDMCP-PSO algorithm, heuristic CPP algorithm and PSO algorithm in terms of both average delay (8.8 %, 28.8 % and 22.2 % respectively) and controller utilization (1.5 %, 7.3 % and 32 % respectively).</div></div>","PeriodicalId":50635,"journal":{"name":"Computer Standards & Interfaces","volume":"97 ","pages":"Article 104109"},"PeriodicalIF":3.1,"publicationDate":"2026-04-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"145737264","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

引用次数: 0

Robust zero-watermarking method for multi-medical images based on Chebyshev–Fourier moments and Contourlet-FFT 基于chebyhev - fourier矩和Contourlet-FFT的多医学图像鲁棒零水印方法

IF 3.1 2区计算机科学 Q1 COMPUTER SCIENCE, HARDWARE & ARCHITECTURE

Computer Standards & Interfaces

Pub Date : 2026-04-01 Epub Date: 2025-12-08 DOI: 10.1016/j.csi.2025.104115

Xinhui Lu , Guangyun Yang , Yu Lu , Xiangguang Xiong

Classical robust watermarking methods embed secret data into a cover image designed to protect its copyright. However, they suffer from the problem of balancing imperceptibility and robustness. To address this issue, the impact of conventional attacks on the stability of feature vectors extracted from the cover image is examined. Accordingly, we proposed a zero-watermarking method with high attack resistance for multi-medical images by employing Contourlet transform (CT), Chebyshev–Fourier moments (CHFMs), and fast Fourier transform (FFT). First, each medical image is normalized separately, and the normalized images are fused using a dual-tree complex wavelet transform-based method. Second, the effective region is extracted and subjected to the CT. The CHFMs of the low-frequency sub-bands are calculated, and the FFT is performed on the generated amplitude sequence to construct a feature matrix. A feature image is generated by combining the magnitude of each feature value with the overall mean. Finally, the copyrighted image is encrypted using the Lorenz chaotic system and Fibonacci Q-matrix, after which an exclusive-OR operation is applied between the generated feature image and the encrypted copyrighted image to produce a zero-watermarking signal. The results show that the proposed method exhibits excellent resistance to attack with a normalized correlation coefficient of up to 0.994 between the extracted image and the original copyrighted one. Furthermore, the average anti-attack performance of our proposed method is approximately 2% higher compared to similar existing methods, indicating that our proposed method is highly resistant to conventional, geometric, and combinatorial attacks.

经典的鲁棒水印方法将秘密数据嵌入封面图像中，以保护其版权。然而，它们面临着平衡不可感知性和鲁棒性的问题。为了解决这个问题，研究了传统攻击对从封面图像中提取的特征向量稳定性的影响。据此，我们提出了一种基于Contourlet变换（CT）、chebyshef - Fourier矩（CHFMs）和快速傅里叶变换（FFT）的抗攻击多医学图像零水印方法。首先，对每张医学图像分别进行归一化处理，并采用基于双树复小波变换的方法对归一化后的图像进行融合。其次，提取有效区域并进行CT处理；计算低频子带的CHFMs，对生成的幅值序列进行FFT，构造特征矩阵。将每个特征值的大小与整体均值相结合，生成特征图像。最后，利用Lorenz混沌系统和Fibonacci q矩阵对版权图像进行加密，然后在生成的特征图像与加密后的版权图像之间进行异或运算，产生零水印信号。结果表明，该方法具有良好的抗攻击性能，提取的图像与原始版权图像的归一化相关系数高达0.994。此外，与现有的类似方法相比，我们提出的方法的平均抗攻击性能提高了约2%，这表明我们提出的方法对传统攻击、几何攻击和组合攻击具有很高的抵抗力。

{"title":"Robust zero-watermarking method for multi-medical images based on Chebyshev–Fourier moments and Contourlet-FFT","authors":"Xinhui Lu , Guangyun Yang , Yu Lu , Xiangguang Xiong","doi":"10.1016/j.csi.2025.104115","DOIUrl":"10.1016/j.csi.2025.104115","url":null,"abstract":"<div><div>Classical robust watermarking methods embed secret data into a cover image designed to protect its copyright. However, they suffer from the problem of balancing imperceptibility and robustness. To address this issue, the impact of conventional attacks on the stability of feature vectors extracted from the cover image is examined. Accordingly, we proposed a zero-watermarking method with high attack resistance for multi-medical images by employing Contourlet transform (CT), Chebyshev–Fourier moments (CHFMs), and fast Fourier transform (FFT). First, each medical image is normalized separately, and the normalized images are fused using a dual-tree complex wavelet transform-based method. Second, the effective region is extracted and subjected to the CT. The CHFMs of the low-frequency sub-bands are calculated, and the FFT is performed on the generated amplitude sequence to construct a feature matrix. A feature image is generated by combining the magnitude of each feature value with the overall mean. Finally, the copyrighted image is encrypted using the Lorenz chaotic system and Fibonacci Q-matrix, after which an exclusive-OR operation is applied between the generated feature image and the encrypted copyrighted image to produce a zero-watermarking signal. The results show that the proposed method exhibits excellent resistance to attack with a normalized correlation coefficient of up to 0.994 between the extracted image and the original copyrighted one. Furthermore, the average anti-attack performance of our proposed method is approximately 2% higher compared to similar existing methods, indicating that our proposed method is highly resistant to conventional, geometric, and combinatorial attacks.</div></div>","PeriodicalId":50635,"journal":{"name":"Computer Standards & Interfaces","volume":"97 ","pages":"Article 104115"},"PeriodicalIF":3.1,"publicationDate":"2026-04-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"145737266","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

引用次数: 0

Securing hashed timelock cross-chain protocol with trusted middleman in blockchain networks 区块链网络中基于可信中间人的散列时间锁跨链协议安全保护

IF 3.1 2区计算机科学 Q1 COMPUTER SCIENCE, HARDWARE & ARCHITECTURE

Computer Standards & Interfaces

Pub Date : 2026-04-01 Epub Date: 2026-01-09 DOI: 10.1016/j.csi.2026.104129

Wenhua Huang, Yuwei Deng, Jingyu Feng, Gang Han, Wenbo Zhang

Cross-chain interoperability has emerged as a pivotal factor in enabling seamless data interaction and value circulation across diverse blockchain networks. Nevertheless, current cross-chain technologies necessitate advancements to satisfy the escalating need for efficient bidirectional data exchange. Addressing this, our work focuses on refining cross-chain protocols, with a core emphasis on elevating transaction efficiency, reliability, and security. Our innovation centers around a strengthened hashed timelock cross-chain protocol grounded in trusted middlemen. To safeguard the security and confidentiality of middlemen engaged in cross-chain transactions, we introduce an ingenious anonymous identity authentication mechanism. This mechanism empowers middlemen to execute auxiliary cross-chain transactions while concealing their actual identities. Additionally, we propose a behavior-based assessment of middlemen, utilizing distinct indicators to gauge their trustworthiness in each cross-chain transaction. We introduce both current and historical trust values, providing insights into middlemen's real-time reliability and long-term stability. This approach effectively thwarts attempts by malicious middlemen to manipulate trust values, mitigating security vulnerabilities in cross-chain transactions. Furthermore, by clearing redundant blocks, we not only decrease storage consumption but also facilitate the storage of a substantial amount of identity data and trust data of middlemen. Rigorous security analysis demonstrates our scheme's alignment with foundational security requirements and resilience against common attacks. Furthermore, our simulation results underscore the potency of our trust evaluation scheme, substantiating its efficacy in ensuring middlemen credibility and detecting malicious actors.

跨链互操作性已经成为在不同bb0网络中实现无缝数据交互和价值循环的关键因素。然而，当前的跨链技术需要进步，以满足对高效双向数据交换不断增长的需求。为了解决这个问题，我们的工作重点是改进跨链协议，核心重点是提高交易效率、可靠性和安全性。我们的创新围绕着一个基于可信中间商的强化散列时间锁跨链协议。为了保障从事跨链交易的中间商的安全和机密性，我们引入了一种巧妙的匿名身份认证机制。这种机制使中间商能够执行辅助的跨链交易，同时隐藏其实际身份。此外，我们建议对中间商进行基于行为的评估，利用不同的指标来衡量他们在每个跨链交易中的可信度。我们介绍了当前和历史的信任值，为中间商的实时可靠性和长期稳定性提供了见解。这种方法有效地阻止了恶意中间商操纵信任值的企图，减轻了跨链交易中的安全漏洞。此外，通过清除冗余块，不仅可以减少存储消耗，还可以方便存储大量中间商的身份数据和信任数据。严格的安全分析证明了我们的方案符合基本的安全需求和抵御常见攻击的弹性。此外，我们的模拟结果强调了我们的信任评估方案的效力，证实了它在确保中间商可信度和检测恶意行为者方面的有效性。

{"title":"Securing hashed timelock cross-chain protocol with trusted middleman in blockchain networks","authors":"Wenhua Huang, Yuwei Deng, Jingyu Feng, Gang Han, Wenbo Zhang","doi":"10.1016/j.csi.2026.104129","DOIUrl":"10.1016/j.csi.2026.104129","url":null,"abstract":"<div><div>Cross-chain interoperability has emerged as a pivotal factor in enabling seamless data interaction and value circulation across diverse blockchain networks. Nevertheless, current cross-chain technologies necessitate advancements to satisfy the escalating need for efficient bidirectional data exchange. Addressing this, our work focuses on refining cross-chain protocols, with a core emphasis on elevating transaction efficiency, reliability, and security. Our innovation centers around a strengthened hashed timelock cross-chain protocol grounded in trusted middlemen. To safeguard the security and confidentiality of middlemen engaged in cross-chain transactions, we introduce an ingenious anonymous identity authentication mechanism. This mechanism empowers middlemen to execute auxiliary cross-chain transactions while concealing their actual identities. Additionally, we propose a behavior-based assessment of middlemen, utilizing distinct indicators to gauge their trustworthiness in each cross-chain transaction. We introduce both current and historical trust values, providing insights into middlemen's real-time reliability and long-term stability. This approach effectively thwarts attempts by malicious middlemen to manipulate trust values, mitigating security vulnerabilities in cross-chain transactions. Furthermore, by clearing redundant blocks, we not only decrease storage consumption but also facilitate the storage of a substantial amount of identity data and trust data of middlemen. Rigorous security analysis demonstrates our scheme's alignment with foundational security requirements and resilience against common attacks. Furthermore, our simulation results underscore the potency of our trust evaluation scheme, substantiating its efficacy in ensuring middlemen credibility and detecting malicious actors.</div></div>","PeriodicalId":50635,"journal":{"name":"Computer Standards & Interfaces","volume":"97 ","pages":"Article 104129"},"PeriodicalIF":3.1,"publicationDate":"2026-04-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"145977134","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

引用次数: 0

Energy consumption assessment in embedded AI: Metrological improvements of benchmarks for edge devices 嵌入式人工智能中的能耗评估：边缘设备基准的计量改进

IF 3.1 2区计算机科学 Q1 COMPUTER SCIENCE, HARDWARE & ARCHITECTURE

Computer Standards & Interfaces

Pub Date : 2026-04-01 Epub Date: 2025-12-22 DOI: 10.1016/j.csi.2025.104120

Andrea Apicella , Pasquale Arpaia , Luigi Capobianco , Francesco Caputo , Antonella Cioffi , Antonio Esposito , Francesco Isgrò , Rosanna Manzo , Nicola Moccaldi , Danilo Pau , Ettore Toscano

This manuscript proposes a new method to improve the MLCommons protocol for measuring power consumption on Microcontroller Units (MCUs) when running edge Artificial Intelligence (AI). In particular, the proposed approach (i) selectively measures the power consumption attributable to the inferences (namely, the predictions performed by Artificial Neural Networks — ANN), preventing the impact of other operations, (ii) accurately identifies the time window for acquiring the sample of the current thanks to the simultaneous measurement of power consumption and inference duration, and (iii) precisely synchronize the measurement windows and the inferences. The method is validated on three use cases: (i) Rockchip RV1106, a neural MCU that implements ANN via hardware neural processing unit through a dedicated accelerator, (ii) STM32 H7, and (iii) STM32 U5, high-performance and ultra-low-power general-purpose microcontroller, respectively. The proposed method returns higher power consumption for the two devices with respect to the MLCommons approach. This result is compatible with an improvement of selectivity and accuracy. Furthermore, the method reduces measurement uncertainty on the Rockchip RV1106 and STM32 boards by factors of 6 and 12, respectively.

本文提出了一种改进MLCommons协议的新方法，用于在运行边缘人工智能（AI）时测量微控制器（mcu）上的功耗。特别是，所提出的方法(i)有选择地测量可归因于推断（即由人工神经网络- ANN执行的预测）的功耗，防止其他操作的影响，（ii）由于同时测量功耗和推断持续时间，准确识别获取电流样本的时间窗口，以及（iii）精确同步测量窗口和推断。该方法在三个用例上进行了验证：(i)瑞芯微RV1106，一种通过专用加速器通过硬件神经处理单元实现人工神经网络的神经MCU，（ii） STM32 H7, (iii) STM32 U5，高性能和超低功耗通用微控制器。与MLCommons方法相比，所提出的方法为两个设备返回更高的功耗。这一结果与选择性和准确性的提高是一致的。此外，该方法将瑞芯芯片RV1106和STM32上的测量不确定度分别降低了6倍和12倍。

{"title":"Energy consumption assessment in embedded AI: Metrological improvements of benchmarks for edge devices","authors":"Andrea Apicella , Pasquale Arpaia , Luigi Capobianco , Francesco Caputo , Antonella Cioffi , Antonio Esposito , Francesco Isgrò , Rosanna Manzo , Nicola Moccaldi , Danilo Pau , Ettore Toscano","doi":"10.1016/j.csi.2025.104120","DOIUrl":"10.1016/j.csi.2025.104120","url":null,"abstract":"<div><div>This manuscript proposes a new method to improve the MLCommons protocol for measuring power consumption on Microcontroller Units (MCUs) when running edge Artificial Intelligence (AI). In particular, the proposed approach (i) selectively measures the power consumption attributable to the inferences (namely, the predictions performed by Artificial Neural Networks — ANN), preventing the impact of other operations, (ii) accurately identifies the time window for acquiring the sample of the current thanks to the simultaneous measurement of power consumption and inference duration, and (iii) precisely synchronize the measurement windows and the inferences. The method is validated on three use cases: (i) Rockchip RV1106, a neural MCU that implements ANN via hardware neural processing unit through a dedicated accelerator, (ii) STM32 H7, and (iii) STM32 U5, high-performance and ultra-low-power general-purpose microcontroller, respectively. The proposed method returns higher power consumption for the two devices with respect to the MLCommons approach. This result is compatible with an improvement of selectivity and accuracy. Furthermore, the method reduces measurement uncertainty on the Rockchip RV1106 and STM32 boards by factors of 6 and 12, respectively.</div></div>","PeriodicalId":50635,"journal":{"name":"Computer Standards & Interfaces","volume":"97 ","pages":"Article 104120"},"PeriodicalIF":3.1,"publicationDate":"2026-04-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"145839847","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

引用次数: 0

Efficient and secure multi-user kNN queries with dynamic POIs updating 具有动态poi更新的高效安全的多用户kNN查询

IF 3.1 2区计算机科学 Q1 COMPUTER SCIENCE, HARDWARE & ARCHITECTURE

Computer Standards & Interfaces

Pub Date : 2026-04-01 Epub Date: 2025-12-11 DOI: 10.1016/j.csi.2025.104112

Yining Jia , Yali Liu , Congai Zeng , Xujie Ding , Jianting Ning

The

k

-nearest neighbors (

k

NN) query is a key operation in spatial and multimedia databases, which is widely applied in fields such as electronic healthcare and Location-Based Services (LBS). With the rapid development of cloud computing, uploading private data of Data Owner (DO) to Cloud Servers (CS) has become a trend. However, existing

k

NN queries schemes are not designed for multi-user environments, cannot timely update the points of interest (POIs) stored in CS, and suffer from low query efficiency. Therefore, this paper proposes efficient and secure multi-user

k

NN queries with dynamic POIs updating, named DESM

k

NN, which achieves secure multi-user

k

NN queries. To improve query efficiency, DESM

k

NN adopts a two-stage search framework, which consists of an initial filtering stage based on hierarchical clustering to effectively constrain the search range, followed by a more efficient precise search stage. Based on this framework, DESM

k

NN designs a set of security protocols for efficient query processing and enables dynamic POIs updates. Meanwhile, DESM

k

NN not only utilizes Distributed Two Trapdoors Public-Key Cryptosystem (DT-PKC) to enable multi-user queries but also ensures data privacy, query privacy, result privacy and access pattern privacy. Moreover, DESM

k

NN can verify the correctness and completeness of queries results. Finally, security analysis proves that DESM

k

NN meets the formal security definition of multiparty computation, and experimental evaluation shows that DESM

k

NN improves query efficiency by up to 45.5% compared with existing

k

NN queries scheme.

kNN查询是空间和多媒体数据库中的一项关键操作，广泛应用于电子医疗保健和基于位置的服务（LBS）等领域。随着云计算的快速发展，将数据所有者（data Owner， DO）的私有数据上传到云服务器（cloud Servers， CS）已成为一种趋势。然而，现有的kNN查询方案不是针对多用户环境设计的，不能及时更新存储在CS中的兴趣点（poi），并且查询效率较低。为此，本文提出了一种高效、安全且具有动态poi更新的多用户kNN查询方法DESMkNN，实现了安全的多用户kNN查询。为了提高查询效率，DESMkNN采用了两阶段搜索框架，即基于分层聚类的初始过滤阶段有效约束搜索范围，然后是更高效的精确搜索阶段。基于这个框架，DESMkNN设计了一组安全协议，用于高效的查询处理，并支持动态poi更新。同时，DESMkNN不仅利用Distributed Two Trapdoors Public-Key Cryptosystem （DT-PKC）实现多用户查询，还保证了数据隐私、查询隐私、结果隐私和访问模式隐私。此外，DESMkNN可以验证查询结果的正确性和完整性。最后，安全性分析证明DESMkNN符合多方计算的正式安全定义，实验评估表明，与现有的kNN查询方案相比，DESMkNN查询效率提高了45.5%。

{"title":"Efficient and secure multi-user kNN queries with dynamic POIs updating","authors":"Yining Jia , Yali Liu , Congai Zeng , Xujie Ding , Jianting Ning","doi":"10.1016/j.csi.2025.104112","DOIUrl":"10.1016/j.csi.2025.104112","url":null,"abstract":"<div><div>The <span><math><mi>k</mi></math></span>-nearest neighbors (<span><math><mi>k</mi></math></span>NN) query is a key operation in spatial and multimedia databases, which is widely applied in fields such as electronic healthcare and Location-Based Services (LBS). With the rapid development of cloud computing, uploading private data of Data Owner (DO) to Cloud Servers (CS) has become a trend. However, existing <span><math><mi>k</mi></math></span>NN queries schemes are not designed for multi-user environments, cannot timely update the points of interest (POIs) stored in CS, and suffer from low query efficiency. Therefore, this paper proposes efficient and secure multi-user <span><math><mi>k</mi></math></span>NN queries with dynamic POIs updating, named DESM<span><math><mi>k</mi></math></span>NN, which achieves secure multi-user <span><math><mi>k</mi></math></span>NN queries. To improve query efficiency, DESM<span><math><mi>k</mi></math></span>NN adopts a two-stage search framework, which consists of an initial filtering stage based on hierarchical clustering to effectively constrain the search range, followed by a more efficient precise search stage. Based on this framework, DESM<span><math><mi>k</mi></math></span>NN designs a set of security protocols for efficient query processing and enables dynamic POIs updates. Meanwhile, DESM<span><math><mi>k</mi></math></span>NN not only utilizes Distributed Two Trapdoors Public-Key Cryptosystem (DT-PKC) to enable multi-user queries but also ensures data privacy, query privacy, result privacy and access pattern privacy. Moreover, DESM<span><math><mi>k</mi></math></span>NN can verify the correctness and completeness of queries results. Finally, security analysis proves that DESM<span><math><mi>k</mi></math></span>NN meets the formal security definition of multiparty computation, and experimental evaluation shows that DESM<span><math><mi>k</mi></math></span>NN improves query efficiency by up to 45.5% compared with existing <span><math><mi>k</mi></math></span>NN queries scheme.</div></div>","PeriodicalId":50635,"journal":{"name":"Computer Standards & Interfaces","volume":"97 ","pages":"Article 104112"},"PeriodicalIF":3.1,"publicationDate":"2026-04-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"145790409","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

引用次数: 0

Refining decision boundaries via dynamic label adversarial training for robust traffic classification 基于动态标签对抗训练的鲁棒流量分类决策边界优化

IF 3.1 2区计算机科学 Q1 COMPUTER SCIENCE, HARDWARE & ARCHITECTURE

Computer Standards & Interfaces

Pub Date : 2026-04-01 Epub Date: 2025-12-13 DOI: 10.1016/j.csi.2025.104111

Haoyu Tong , Meixia Miao , Yundong Liu , Xiaoyu Zhang , Xiangyang Luo , Willy Susilo

Network traffic classification plays a critical role in securing modern communication systems, as it enables the identification of malicious or abnormal patterns within traffic data. With the growing complexity of network environments, deep learning models have emerged as a compelling solution due to their ability to automatically learn discriminative representations from raw traffic. However, these models are highly vulnerable to adversarial examples, which can significantly degrade their performance by introducing imperceptible perturbations. While adversarial training (AT) has emerged as a primary defense, it often suffers from label noise, particularly when hard labels are forcibly assigned to adversarial examples whose true class may be ambiguous. In this work, we first analyze the detrimental effect of label noise on adversarial training, revealing that forcing hard labels onto adversarial examples can cause excessive shifts of the decision boundary away from the adversarial examples, which in turn degrades the model’s generalization. Motivated by the theoretical analysis, we propose Dynamic Label Adversarial Training (DLAT), a novel AT framework that mitigates label noise via dynamically mixed soft labels. DLAT interpolates the logits of clean and adversarial examples to estimate the labels of boundary-adjacent examples, which are then used as soft labels for adversarial examples. By adaptively aligning the decision boundary toward the vicinity of adversarial examples, the framework constrains unnecessary boundary shifts and alleviates generalization degradation caused by label noise. Extensive evaluations on network traffic classification benchmarks validate the effectiveness of DLAT in outperforming standard adversarial training and its variants in both robustness and generalization.

网络流分类在确保现代通信系统的安全方面起着至关重要的作用，因为它可以识别流量数据中的恶意或异常模式。随着网络环境的日益复杂，深度学习模型已经成为一个令人信服的解决方案，因为它们能够从原始流量中自动学习判别表示。然而，这些模型非常容易受到对抗性示例的影响，对抗性示例可以通过引入难以察觉的扰动来显着降低其性能。虽然对抗性训练（AT）已经成为一种主要的防御手段，但它经常受到标签噪音的影响，特别是当硬标签被强制分配给真实类别可能不明确的对抗性示例时。在这项工作中，我们首先分析了标签噪声对对抗训练的有害影响，揭示了将硬标签强加到对抗样本上可能会导致决策边界过度偏离对抗样本，从而降低模型的泛化能力。在理论分析的启发下，我们提出了动态标签对抗训练（Dynamic Label Adversarial Training， DLAT），这是一种通过动态混合软标签来减轻标签噪声的新型标签对抗训练框架。DLAT插值干净和对抗示例的逻辑来估计边界相邻示例的标签，然后将其用作对抗示例的软标签。通过自适应地将决策边界对齐到对抗样本附近，该框架限制了不必要的边界移动，减轻了由标签噪声引起的泛化退化。对网络流量分类基准的广泛评估验证了DLAT在鲁棒性和泛化方面优于标准对抗性训练及其变体的有效性。

{"title":"Refining decision boundaries via dynamic label adversarial training for robust traffic classification","authors":"Haoyu Tong , Meixia Miao , Yundong Liu , Xiaoyu Zhang , Xiangyang Luo , Willy Susilo","doi":"10.1016/j.csi.2025.104111","DOIUrl":"10.1016/j.csi.2025.104111","url":null,"abstract":"<div><div>Network traffic classification plays a critical role in securing modern communication systems, as it enables the identification of malicious or abnormal patterns within traffic data. With the growing complexity of network environments, deep learning models have emerged as a compelling solution due to their ability to automatically learn discriminative representations from raw traffic. However, these models are highly vulnerable to adversarial examples, which can significantly degrade their performance by introducing imperceptible perturbations. While adversarial training (AT) has emerged as a primary defense, it often suffers from label noise, particularly when hard labels are forcibly assigned to adversarial examples whose true class may be ambiguous. In this work, we first analyze the detrimental effect of label noise on adversarial training, revealing that forcing hard labels onto adversarial examples can cause excessive shifts of the decision boundary away from the adversarial examples, which in turn degrades the model’s generalization. Motivated by the theoretical analysis, we propose Dynamic Label Adversarial Training (DLAT), a novel AT framework that mitigates label noise via dynamically mixed soft labels. DLAT interpolates the logits of clean and adversarial examples to estimate the labels of boundary-adjacent examples, which are then used as soft labels for adversarial examples. By adaptively aligning the decision boundary toward the vicinity of adversarial examples, the framework constrains unnecessary boundary shifts and alleviates generalization degradation caused by label noise. Extensive evaluations on network traffic classification benchmarks validate the effectiveness of DLAT in outperforming standard adversarial training and its variants in both robustness and generalization.</div></div>","PeriodicalId":50635,"journal":{"name":"Computer Standards & Interfaces","volume":"97 ","pages":"Article 104111"},"PeriodicalIF":3.1,"publicationDate":"2026-04-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"145790411","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

引用次数: 0

Publicly verifiable covert two-party computation with punitive blame 带有惩罚性责备的可公开验证的隐蔽两方计算

IF 3.1 2区计算机科学 Q1 COMPUTER SCIENCE, HARDWARE & ARCHITECTURE

Computer Standards & Interfaces

Pub Date : 2026-04-01 Epub Date: 2026-01-17 DOI: 10.1016/j.csi.2026.104132

Chuan Zhao , Jun Xu , Shengnan Zhao , Song Han , Chunpeng Ge , Qiuliang Xu

Publicly verifiable covert (PVC) security model allows honest parties in secure multi-party computation (MPC) to generate a public proof that can be verified by an external party to check misbehavior. PVC first takes into account the deterrent effects of publicly damaging the reputation of dishonest parties. However, the dishonest party may still choose to cheat if the potential gains outweigh the minor reputational consequences. Moreover, using proxies like shell companies can insulate the actual party from direct reputational harm in case of detected cheating. Therefore, a more realistic deterrent in PVC is required to improve its practicality. Inspired by the financial restriction mechanism (Faust et al. PKC 2022), we propose a PVC security model incorporating punitive blame to enhance the deterrent effects of the dishonest party. Our security model achieves strong defamation resistance by allowing participants to carry out a series of algorithms, including Blame, PreJudge, Appeal, and Judge. Furthermore, based on a new compatible extension technique for Signed-OT, we propose a secure two-party protocol in the new PVC model. The experiment shows approximate improvements in computational and communication costs of

1.5 - 2.6 \times

and

2.3 - 2.9 \times

over the PVC protocol, respectively.

公开可验证的隐蔽（PVC）安全模型允许安全多方计算（MPC）中的诚实各方生成可由外部方验证以检查不当行为的公开证明。PVC首先考虑到公开损害不诚实当事人声誉的威慑作用。然而，如果潜在的收益超过了轻微的声誉后果，不诚实的一方仍然可能选择欺骗。此外，使用像空壳公司这样的代理可以使实际的一方在被发现作弊的情况下免受直接的声誉损害。因此，在PVC中需要更现实的威慑，以提高其实用性。受金融约束机制的启发（Faust等）。PKC 2022)，我们提出了一个包含惩罚性责任的PVC安全模型，以增强对不诚实一方的威慑作用。我们的安全模型通过允许参与者执行一系列算法，包括Blame、PreJudge、Appeal和Judge，实现了强大的抗诽谤能力。在此基础上，基于一种新的可兼容的Signed-OT扩展技术，在新的PVC模型中提出了一种安全的双方协议。实验表明，与PVC协议相比，计算和通信成本分别提高了1.5 ~ 2.6倍和2.3 ~ 2.9倍。

{"title":"Publicly verifiable covert two-party computation with punitive blame","authors":"Chuan Zhao , Jun Xu , Shengnan Zhao , Song Han , Chunpeng Ge , Qiuliang Xu","doi":"10.1016/j.csi.2026.104132","DOIUrl":"10.1016/j.csi.2026.104132","url":null,"abstract":"<div><div>Publicly verifiable covert (PVC) security model allows honest parties in secure multi-party computation (MPC) to generate a public proof that can be verified by an external party to check misbehavior. PVC first takes into account the deterrent effects of publicly damaging the reputation of dishonest parties. However, the dishonest party may still choose to cheat if the potential gains outweigh the minor reputational consequences. Moreover, using proxies like shell companies can insulate the actual party from direct reputational harm in case of detected cheating. Therefore, a more realistic deterrent in PVC is required to improve its practicality. Inspired by the financial restriction mechanism (Faust et al. PKC 2022), we propose a PVC security model incorporating punitive blame to enhance the deterrent effects of the dishonest party. Our security model achieves strong defamation resistance by allowing participants to carry out a series of algorithms, including Blame, PreJudge, Appeal, and Judge. Furthermore, based on a new compatible extension technique for Signed-OT, we propose a secure two-party protocol in the new PVC model. The experiment shows approximate improvements in computational and communication costs of <span><math><mrow><mn>1</mn><mo>.</mo><mn>5</mn><mo>−</mo><mn>2</mn><mo>.</mo><mn>6</mn><mo>×</mo></mrow></math></span> and <span><math><mrow><mn>2</mn><mo>.</mo><mn>3</mn><mo>−</mo><mn>2</mn><mo>.</mo><mn>9</mn><mo>×</mo></mrow></math></span> over the PVC protocol, respectively.</div></div>","PeriodicalId":50635,"journal":{"name":"Computer Standards & Interfaces","volume":"97 ","pages":"Article 104132"},"PeriodicalIF":3.1,"publicationDate":"2026-04-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"146037169","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

引用次数: 0

ARMOR: A multi-layered adaptive defense framework for robust deep learning systems against evolving adversarial threats ARMOR：一个多层自适应防御框架，用于鲁棒深度学习系统抵御不断发展的敌对威胁

IF 3.1 2区计算机科学 Q1 COMPUTER SCIENCE, HARDWARE & ARCHITECTURE

Computer Standards & Interfaces

Pub Date : 2026-04-01 Epub Date: 2025-12-17 DOI: 10.1016/j.csi.2025.104117

Mahmoud Mohamed, Fayaz AlJuaid

Introduction:

Adversarial attacks represent a major challenge to deep learning models deployed in critical fields such as healthcare diagnostics and financial fraud detection. This paper addresses the limitations of single-strategy defenses by introducing ARMOR (Adaptive Resilient Multi-layer Orchestrated Response), a novel multi-layered architecture that seamlessly integrates multiple defense mechanisms.

Methodology:

We evaluate ARMOR against seven state-of-the-art defense methods through extensive experiments across multiple datasets and five attack methodologies. Our approach combines adversarial detection, input transformation, model hardening, and adaptive response layers that operate with intentional dependencies and feedback mechanisms.

Results:

Quantitative results demonstrate that ARMOR significantly outperforms individual defense methods, achieving a 91.7% attack mitigation rate (18.3% improvement over ensemble averaging), 87.5% clean accuracy preservation (8.9% improvement over adversarial training alone), and 76.4% robustness against adaptive attacks (23.2% increase over the strongest baseline).

Discussion:

The modular framework design enables flexibility against emerging threats while requiring only 1.42

\times

computational overhead compared to unprotected models, making it suitable for resource-constrained environments. Our findings demonstrate that activating and integrating complementary defense mechanisms represents a significant advance in adversarial resilience.

导读：对抗性攻击对部署在医疗诊断和金融欺诈检测等关键领域的深度学习模型构成了重大挑战。本文通过引入自适应弹性多层协调响应（ARMOR）来解决单策略防御的局限性，这是一种无缝集成多种防御机制的新型多层体系结构。方法：我们通过跨多个数据集和五种攻击方法的广泛实验，对七种最先进的防御方法进行评估。我们的方法结合了对抗检测、输入转换、模型强化和自适应响应层，这些层与有意的依赖关系和反馈机制一起运作。结果：定量结果表明，ARMOR显著优于单个防御方法，实现了91.7%的攻击缓解率（比集合平均提高18.3%），87.5%的干净准确性保持（比单独的对抗性训练提高8.9%），以及76.4%的自适应攻击鲁棒性（比最强基线提高23.2%）。讨论：模块化框架设计能够灵活地应对新出现的威胁，而与未受保护的模型相比，只需要1.42倍的计算开销，使其适合资源受限的环境。我们的研究结果表明，激活和整合互补防御机制代表了对抗弹性的重大进步。

{"title":"ARMOR: A multi-layered adaptive defense framework for robust deep learning systems against evolving adversarial threats","authors":"Mahmoud Mohamed, Fayaz AlJuaid","doi":"10.1016/j.csi.2025.104117","DOIUrl":"10.1016/j.csi.2025.104117","url":null,"abstract":"<div><h3>Introduction:</h3><div>Adversarial attacks represent a major challenge to deep learning models deployed in critical fields such as healthcare diagnostics and financial fraud detection. This paper addresses the limitations of single-strategy defenses by introducing ARMOR (Adaptive Resilient Multi-layer Orchestrated Response), a novel multi-layered architecture that seamlessly integrates multiple defense mechanisms.</div></div><div><h3>Methodology:</h3><div>We evaluate ARMOR against seven state-of-the-art defense methods through extensive experiments across multiple datasets and five attack methodologies. Our approach combines adversarial detection, input transformation, model hardening, and adaptive response layers that operate with intentional dependencies and feedback mechanisms.</div></div><div><h3>Results:</h3><div>Quantitative results demonstrate that ARMOR significantly outperforms individual defense methods, achieving a 91.7% attack mitigation rate (18.3% improvement over ensemble averaging), 87.5% clean accuracy preservation (8.9% improvement over adversarial training alone), and 76.4% robustness against adaptive attacks (23.2% increase over the strongest baseline).</div></div><div><h3>Discussion:</h3><div>The modular framework design enables flexibility against emerging threats while requiring only 1.42<span><math><mo>×</mo></math></span> computational overhead compared to unprotected models, making it suitable for resource-constrained environments. Our findings demonstrate that activating and integrating complementary defense mechanisms represents a significant advance in adversarial resilience.</div></div>","PeriodicalId":50635,"journal":{"name":"Computer Standards & Interfaces","volume":"97 ","pages":"Article 104117"},"PeriodicalIF":3.1,"publicationDate":"2026-04-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"145790412","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

引用次数: 0

LHSC-SGC: A lightweight hybrid signcryption scheme for smart grid communications in heterogeneous cryptographic public-key systems LHSC-SGC：一种用于异构加密公钥系统中智能电网通信的轻量级混合签名加密方案

IF 3.1 2区计算机科学 Q1 COMPUTER SCIENCE, HARDWARE & ARCHITECTURE

Computer Standards & Interfaces

Pub Date : 2026-03-01 Epub Date: 2025-09-23 DOI: 10.1016/j.csi.2025.104078

Ting-Chieh Ho, Yuh-Min Tseng, Sen-Shan Huang

For smart grid communications (SGC), ensuring the transmission security of power consumption data is crucial to prevent unauthorized access and achieve the undeniability (unforgeability) of the data. In this context, signcryption is particularly important for SGC because it combines signature and encryption in a scheme to provide both unforgeability and confidentiality for data transmission while reducing computational complexity. Nowadays, based on different cryptographic public-key systems (CPKSs), many signcryption schemes have been proposed, but they are applied to a single CPKS. When an original CPKS is upgraded to another new CPKS, all associated cryptographic mechanisms must be rewritten to ensure that all users (i.e., original, upgraded and new users) can operate all functionalities normally in such heterogeneous CPKSs. However, the existing signcryption schemes lack the heterogeneously compatible property that makes them unsuitable for heterogeneous CPKSs. In this paper, we propose the first lightweight hybrid signcryption scheme for SGC in heterogeneous CPKSs, named as the LHSC-SGC scheme. Security theorems are formally proven that the LHSC-SGC scheme possesses both unforgeability and confidentiality for data transmission. When compared to the existing lightweight signcryption schemes, the LHSC-SGC scheme has better performance and possesses heterogeneously compatible property. By performance simulation experiences, the LHSC-SGC scheme is well-suitable for SGC with IoT devices (i.e., smart meters).

对于智能电网通信（SGC）来说，确保功耗数据的传输安全是防止未经授权访问和实现数据不可否认（不可伪造）的关键。在这种情况下，签名加密对SGC尤为重要，因为它在方案中结合了签名和加密，为数据传输提供了不可伪造性和机密性，同时降低了计算复杂性。目前，基于不同的加密公钥系统（CPKS），提出了许多签名加密方案，但它们都适用于单个CPKS。当一个原始CPKS升级到另一个新的CPKS时，必须重写所有相关的加密机制，以确保所有用户（即原始用户、升级用户和新用户）可以在这种异构CPKS中正常操作所有功能。然而，现有的签名加密方案缺乏异构兼容的特性，使得它们不适合异构cpks。本文提出了异构cpks中SGC的第一个轻量级混合签名加密方案，称为LHSC-SGC方案。对安全性定理进行了形式化证明，证明了LHSC-SGC方案具有数据传输的不可伪造性和保密性。与现有的轻量级签名加密方案相比，LHSC-SGC方案具有更好的性能和异构兼容特性。通过性能仿真经验，LHSC-SGC方案非常适合物联网设备（即智能电表）的SGC。

{"title":"LHSC-SGC: A lightweight hybrid signcryption scheme for smart grid communications in heterogeneous cryptographic public-key systems","authors":"Ting-Chieh Ho, Yuh-Min Tseng, Sen-Shan Huang","doi":"10.1016/j.csi.2025.104078","DOIUrl":"10.1016/j.csi.2025.104078","url":null,"abstract":"<div><div>For smart grid communications (SGC), ensuring the transmission security of power consumption data is crucial to prevent unauthorized access and achieve the undeniability (unforgeability) of the data. In this context, signcryption is particularly important for SGC because it combines signature and encryption in a scheme to provide both unforgeability and confidentiality for data transmission while reducing computational complexity. Nowadays, based on different cryptographic public-key systems (CPKSs), many signcryption schemes have been proposed, but they are applied to a single CPKS. When an original CPKS is upgraded to another new CPKS, all associated cryptographic mechanisms must be rewritten to ensure that all users (i.e., original, upgraded and new users) can operate all functionalities normally in such heterogeneous CPKSs. However, the existing signcryption schemes lack the heterogeneously compatible property that makes them unsuitable for heterogeneous CPKSs. In this paper, we propose the <em>first</em> lightweight hybrid signcryption scheme for SGC in heterogeneous CPKSs, named as the LHSC-SGC scheme. Security theorems are formally proven that the LHSC-SGC scheme possesses both unforgeability and confidentiality for data transmission. When compared to the existing lightweight signcryption schemes, the LHSC-SGC scheme has better performance and possesses heterogeneously compatible property. By performance simulation experiences, the LHSC-SGC scheme is well-suitable for SGC with IoT devices (i.e., smart meters).</div></div>","PeriodicalId":50635,"journal":{"name":"Computer Standards & Interfaces","volume":"96 ","pages":"Article 104078"},"PeriodicalIF":3.1,"publicationDate":"2026-03-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"145158128","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

引用次数: 0

A survey study on meta-heuristic-based feature selection approaches of intrusion detection systems in distributed networks 分布式网络中基于元启发式的入侵检测系统特征选择方法研究

IF 3.1 2区计算机科学 Q1 COMPUTER SCIENCE, HARDWARE & ARCHITECTURE

Computer Standards & Interfaces

Pub Date : 2026-03-01 Epub Date: 2025-09-17 DOI: 10.1016/j.csi.2025.104074

Yashar Pourardebil khah , Mirsaeid Hosseini Shirvani , Javid Taheri

With the emergence of IoT and expanding the coverage of distributed networks such as cloud and fog, security attacks and breaches are becoming distributed and expanded too. Cybersecurity attacks can disrupt business continuity or expose critical data, leading to significant failures. The Intrusion Detection Systems (IDSs) as a remedy in such networks play a critical role in this ecosystem to find an attack at the earliest time and the countermeasure is performed if necessary. Artificial intelligence techniques such as machine learning-based and meta-heuristic-based approaches are being pervasively applied to prepare smarter IDS components from logged network traffic. The network traffic is recorded in the form of data sets for further analysis to detect traffic behavior from past treatments. Feature selection is a prominent approach in creating the prediction model to recognize feature network connection is normal or not. Since the feature selection problem in large datasets is NP-Hard and utilizing only heuristic-based approaches is not as efficient as desired, meta-heuristic-based approaches attract research attention to prepare highly accurate prediction models. To address the issue, this paper presents a subjective classification of published literature. Then, this presents a survey study on meta-heuristic-based feature selection approaches in preparing efficient IDSs. It investigates several kinds of literature from different angles and compares them in terms of used metrics in the literature to give broad insights into readers for advantages, challenges, and limitations. It can pave the way by highlighting research gaps for further processing and improvement in the future by interested researchers in the field.

随着物联网的出现和云、雾等分布式网络覆盖范围的扩大，安全攻击和漏洞也变得分布式和扩展。网络安全攻击可能会破坏业务连续性或暴露关键数据，导致重大故障。入侵检测系统（ids）作为一种补救措施，在这一生态系统中发挥着至关重要的作用，可以尽早发现攻击并在必要时执行对策。人工智能技术，如基于机器学习和基于元启发式的方法，正被广泛应用于从记录的网络流量中准备更智能的IDS组件。网络流量以数据集的形式记录下来，以便进一步分析从过去的处理中检测流量行为。特征选择是建立预测模型以识别特征网络连接是否正常的重要方法。由于大型数据集的特征选择问题是NP-Hard问题，仅使用基于启发式的方法效率不高，因此基于元启发式的方法引起了研究的关注，以制备高精度的预测模型。为了解决这一问题，本文提出了对已发表文献的主观分类。然后，本文对基于元启发式的特征选择方法在制备高效ids中的应用进行了调查研究。它从不同的角度调查了几种文献，并根据文献中使用的指标对它们进行了比较，从而为读者提供了广泛的见解，了解其优势、挑战和局限性。它可以通过突出研究差距，为未来感兴趣的研究人员在该领域的进一步处理和改进铺平道路。

{"title":"A survey study on meta-heuristic-based feature selection approaches of intrusion detection systems in distributed networks","authors":"Yashar Pourardebil khah , Mirsaeid Hosseini Shirvani , Javid Taheri","doi":"10.1016/j.csi.2025.104074","DOIUrl":"10.1016/j.csi.2025.104074","url":null,"abstract":"<div><div>With the emergence of IoT and expanding the coverage of distributed networks such as cloud and fog, security attacks and breaches are becoming distributed and expanded too. Cybersecurity attacks can disrupt business continuity or expose critical data, leading to significant failures. The Intrusion Detection Systems (IDSs) as a remedy in such networks play a critical role in this ecosystem to find an attack at the earliest time and the countermeasure is performed if necessary. Artificial intelligence techniques such as machine learning-based and meta-heuristic-based approaches are being pervasively applied to prepare smarter IDS components from logged network traffic. The network traffic is recorded in the form of data sets for further analysis to detect traffic behavior from past treatments. Feature selection is a prominent approach in creating the prediction model to recognize feature network connection is normal or not. Since the feature selection problem in large datasets is NP-Hard and utilizing only heuristic-based approaches is not as efficient as desired, meta-heuristic-based approaches attract research attention to prepare highly accurate prediction models. To address the issue, this paper presents a subjective classification of published literature. Then, this presents a survey study on meta-heuristic-based feature selection approaches in preparing efficient IDSs. It investigates several kinds of literature from different angles and compares them in terms of used metrics in the literature to give broad insights into readers for advantages, challenges, and limitations. It can pave the way by highlighting research gaps for further processing and improvement in the future by interested researchers in the field.</div></div>","PeriodicalId":50635,"journal":{"name":"Computer Standards & Interfaces","volume":"96 ","pages":"Article 104074"},"PeriodicalIF":3.1,"publicationDate":"2026-03-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"145220783","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

引用次数: 0