Pub Date : 2025-11-12DOI: 10.1016/j.csi.2025.104093
Israr Ahmad , Fengjun Shang , Muhammad Faheem
Current remote sensing image object detection algorithms often struggle with false positives, missed targets, and suboptimal accuracy. To address these issues, we propose an improved YOLOv8 network (PIYN) solution achieved through targeted modifications to the YOLOv8 architecture. The backbone of YOLOv8 utilizes a Cross-Stage Partial (CSP) structure that includes two convolutions, called a faster C2f module. Firstly, we infuse the C2f module integrating an Efficient Multi-Scale Attention (EMA) mechanism, which enhances the module's ability to process information across various scales. Secondly, we introduce a Compact Path Aggregation Network (Compact-PAN) structure within the neck of the network, which reduces the computational complexity of the model. Finally, replacing the Complete Intersection over Union (CIoU) loss function with the Weighted Intersection over Union (WIoU) loss refines the model's detection accuracy. Additionally, we applied K-fold cross-validation on the dataset to mitigate overfitting. Experiments using the extensive Dataset for Object Detection in Aerial images (DOTA) and the Dataset for Object Recognition in Optical Remote Sensing Imagery (DIOR) reveal PIYN's effectiveness: there is a 2.43 % and 2.56 % increase in Mean Average Precision (mAP) over YOLOv8, respectively, alongside a 4.49 % reduction in GFLOPs. These results demonstrate PIYN's capability to enhance accuracy while maintaining efficiency and solidify its progressive and practical impact, particularly for smart city applications.
{"title":"Enhanced YOLOv8 model for accurate and real-time remote sensing target detection","authors":"Israr Ahmad , Fengjun Shang , Muhammad Faheem","doi":"10.1016/j.csi.2025.104093","DOIUrl":"10.1016/j.csi.2025.104093","url":null,"abstract":"<div><div>Current remote sensing image object detection algorithms often struggle with false positives, missed targets, and suboptimal accuracy. To address these issues, we propose an improved YOLOv8 network (PIYN) solution achieved through targeted modifications to the YOLOv8 architecture. The backbone of YOLOv8 utilizes a Cross-Stage Partial (CSP) structure that includes two convolutions, called a faster C2f module. Firstly, we infuse the C2f module integrating an Efficient Multi-Scale Attention (EMA) mechanism, which enhances the module's ability to process information across various scales. Secondly, we introduce a Compact Path Aggregation Network (Compact-PAN) structure within the neck of the network, which reduces the computational complexity of the model. Finally, replacing the Complete Intersection over Union (CIoU) loss function with the Weighted Intersection over Union (WIoU) loss refines the model's detection accuracy. Additionally, we applied K-fold cross-validation on the dataset to mitigate overfitting. Experiments using the extensive Dataset for Object Detection in Aerial images (DOTA) and the Dataset for Object Recognition in Optical Remote Sensing Imagery (DIOR) reveal PIYN's effectiveness: there is a 2.43 % and 2.56 % increase in Mean Average Precision (mAP) over YOLOv8, respectively, alongside a 4.49 % reduction in GFLOPs. These results demonstrate PIYN's capability to enhance accuracy while maintaining efficiency and solidify its progressive and practical impact, particularly for smart city applications.</div></div>","PeriodicalId":50635,"journal":{"name":"Computer Standards & Interfaces","volume":"96 ","pages":"Article 104093"},"PeriodicalIF":3.1,"publicationDate":"2025-11-12","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"145578670","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2025-11-12DOI: 10.1016/j.csi.2025.104095
Muruvvet Kalkan , Murat Karakus
Real estate appraisal plays a pivotal role in various financial transactions and regulatory processes, necessitating the assurance of unalterable and transparent Real Estate Appraisal rePorts (REA_Ps). Authorized appraisal experts employ diverse methodologies to ascertain the market value of real estate properties, contributing to critical decisions in property transactions, loans, taxation, insurance, financial reporting, and lease calculations. The standardized format and jurisdiction-compliant methodologies used in official REA_Ps emphasize the need for their preservation in an unaltered state. Despite the importance of official REA_Ps, the potential for unauthorized alterations poses a significant challenge when stored in centralized databases. With its inherent tamper-proof nature, Blockchain (BC) technology emerges as an ideal solution to safeguard integrity of the REA_Ps. This study proposes a Blockchain-Enhanced Real Estate appraisal management framework, BERE, to ensure the immutability of REA_Ps and enhance appraisal process transparency. The proposed BERE framework fosters trust among stakeholders in the real estate appraisal sector. By securely storing REA_Ps authored by on-field appraisal experts on the BC, the method prevents unauthorized modifications and ensures the confidentiality of private data. Simulations employ a variety of measures, such as BC size, transaction verification time, CPU usage, and message overhead on transaction generation, to assess system performance. The results indicate that the BERE framework successfully maintains the accuracy and reliability of REA_Ps. To the best of our knowledge, this is the first comprehensive study showcasing a practical application of BC technology to demonstrate its ability to transform the appraisal process and inspire trust in the accuracy of REA_Ps.
{"title":"BERE: Ensuring immutability and transparency with blockchain in real estate appraisal industry","authors":"Muruvvet Kalkan , Murat Karakus","doi":"10.1016/j.csi.2025.104095","DOIUrl":"10.1016/j.csi.2025.104095","url":null,"abstract":"<div><div>Real estate appraisal plays a pivotal role in various financial transactions and regulatory processes, necessitating the assurance of unalterable and transparent Real Estate Appraisal rePorts (REA_Ps). Authorized appraisal experts employ diverse methodologies to ascertain the market value of real estate properties, contributing to critical decisions in property transactions, loans, taxation, insurance, financial reporting, and lease calculations. The standardized format and jurisdiction-compliant methodologies used in official REA_Ps emphasize the need for their preservation in an unaltered state. Despite the importance of official REA_Ps, the potential for unauthorized alterations poses a significant challenge when stored in centralized databases. With its inherent tamper-proof nature, Blockchain (BC) technology emerges as an ideal solution to safeguard integrity of the REA_Ps. This study proposes a Blockchain-Enhanced Real Estate appraisal management framework, <em>BERE</em>, to ensure the immutability of REA_Ps and enhance appraisal process transparency. The proposed <em>BERE</em> framework fosters trust among stakeholders in the real estate appraisal sector. By securely storing REA_Ps authored by on-field appraisal experts on the BC, the method prevents unauthorized modifications and ensures the confidentiality of private data. Simulations employ a variety of measures, such as BC size, transaction verification time, CPU usage, and message overhead on transaction generation, to assess system performance. The results indicate that the <em>BERE</em> framework successfully maintains the accuracy and reliability of REA_Ps. To the best of our knowledge, this is the first comprehensive study showcasing a practical application of BC technology to demonstrate its ability to transform the appraisal process and inspire trust in the accuracy of REA_Ps.</div></div>","PeriodicalId":50635,"journal":{"name":"Computer Standards & Interfaces","volume":"96 ","pages":"Article 104095"},"PeriodicalIF":3.1,"publicationDate":"2025-11-12","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"145578672","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2025-11-11DOI: 10.1016/j.csi.2025.104094
Yumin Zheng , Fengjiao Tu , Fengfang Shu , Chaowang Shang , Lulu Chen , Jiang Meng
High-quality reflection has been a challenging barrier in the socially shared regulation of learning (SSRL). Especially with the emergence of generative artificial intelligence (GAI), traditional methods such as reflection reports may increase the students' risk of superficial reflection. This study uses an artificial intelligence agent (AI agent) to design a reflection assistant, which aims to enhance students' reflection ability through continuous questioning and real-time, content-specific feedback based on their written reflections. Through a comparative experiment conducted over three semesters, this study demonstrates the different impacts of three reflection methods, reflection reports, reflection short-answer questions, and AI agents, on the quality of university students' reflections. The results indicate that there is a significant difference in the quality of reflection among the three reflection methods. Students using AI agents show the highest levels of reflection, characterized primarily by connective reflection and critical reflection. Epistemic network analysis further reveals that the AI agent reflection method is more effective in improving the reflection quality of low-performance teams than that of high-performance teams. This expands AI agents' use in SSRL reflection, introduces new methods for the GAI era, and provides practical experience and reflection intervention strategies for teachers and instructional designers in SSRL.
{"title":"How AI agents transform reflective practices: A three-semester comparative study in socially shared regulation of learning","authors":"Yumin Zheng , Fengjiao Tu , Fengfang Shu , Chaowang Shang , Lulu Chen , Jiang Meng","doi":"10.1016/j.csi.2025.104094","DOIUrl":"10.1016/j.csi.2025.104094","url":null,"abstract":"<div><div>High-quality reflection has been a challenging barrier in the socially shared regulation of learning (SSRL). Especially with the emergence of generative artificial intelligence (GAI), traditional methods such as reflection reports may increase the students' risk of superficial reflection. This study uses an artificial intelligence agent (AI agent) to design a reflection assistant, which aims to enhance students' reflection ability through continuous questioning and real-time, content-specific feedback based on their written reflections. Through a comparative experiment conducted over three semesters, this study demonstrates the different impacts of three reflection methods, reflection reports, reflection short-answer questions, and AI agents, on the quality of university students' reflections. The results indicate that there is a significant difference in the quality of reflection among the three reflection methods. Students using AI agents show the highest levels of reflection, characterized primarily by connective reflection and critical reflection. Epistemic network analysis further reveals that the AI agent reflection method is more effective in improving the reflection quality of low-performance teams than that of high-performance teams. This expands AI agents' use in SSRL reflection, introduces new methods for the GAI era, and provides practical experience and reflection intervention strategies for teachers and instructional designers in SSRL.</div></div>","PeriodicalId":50635,"journal":{"name":"Computer Standards & Interfaces","volume":"97 ","pages":"Article 104094"},"PeriodicalIF":3.1,"publicationDate":"2025-11-11","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"145580387","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Publicly verifiable secret sharing (PVSS) allows a dealer to share a secret among a set of shareholders so that the secret can be reconstructed later from any set of qualified participants. In addition, any public verifier should be able to check the correctness of the sharing and reconstruction process. PVSS has been demonstrated to yield various applications, such as e-voting, decentralized random number generation protocols, and secure computation on distributed networks. Although many concrete PVSS protocols have been proposed, their security is either proven in the random oracle model or relies on quantum-vulnerable assumptions such as factoring or discrete logarithm. In this work, we propose a generic construction of a PVSS from any public key encryption scheme and non-interactive zero-knowledge arguments for suitable gap languages. We then provide lattice-based instantiations of the underlying components, which can be proven in the standard model. As a result, we construct the first post-quantum PVSS in the standard model, with a reasonable level of asymptotic efficiency.
{"title":"Publicly verifiable secret sharing: Generic constructions and lattice-based instantiations in the standard model","authors":"Nhat-Minh Pham , Khoa Nguyen , Willy Susilo , Khuong Nguyen-An","doi":"10.1016/j.csi.2025.104090","DOIUrl":"10.1016/j.csi.2025.104090","url":null,"abstract":"<div><div>Publicly verifiable secret sharing (PVSS) allows a dealer to share a secret among a set of shareholders so that the secret can be reconstructed later from any set of qualified participants. In addition, any public verifier should be able to check the correctness of the sharing and reconstruction process. PVSS has been demonstrated to yield various applications, such as e-voting, decentralized random number generation protocols, and secure computation on distributed networks. Although many concrete PVSS protocols have been proposed, their security is either proven in the random oracle model or relies on quantum-vulnerable assumptions such as factoring or discrete logarithm. In this work, we propose a generic construction of a PVSS from any public key encryption scheme and non-interactive zero-knowledge arguments for suitable gap languages. We then provide lattice-based instantiations of the underlying components, which can be proven in the standard model. As a result, we construct the first post-quantum PVSS in the standard model, with a reasonable level of asymptotic efficiency.</div></div>","PeriodicalId":50635,"journal":{"name":"Computer Standards & Interfaces","volume":"96 ","pages":"Article 104090"},"PeriodicalIF":3.1,"publicationDate":"2025-10-31","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"145465193","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2025-10-22DOI: 10.1016/j.csi.2025.104089
Wei Liang , Yang Yang , Sisi Zhou , Zhishun Zhang , Yuxiang Chen , Kai Jin , Xiong Li , Kuanching Li , Jiannong Cao
Electronic Medical Records are instrumental in advancing smart healthcare within the landscape of the Internet of Things, delivering highly personalized and prompt medical services to patients. However, existing healthcare data management systems are commonly characterized by provider centralization and over-regulation, posing significant threats to data security and integrity. Blockchain-based EMR secure sharing provides an effective scheme but still suffers from challenges such as insufficiently fine-grained data access control, susceptibility to user privacy leakage, high storage costs, and key management risks. Therefore, we propose FGPB-EMR, a user-centric blockchain for EMR sharing scheme with fine-grained access and privacy. We introduce the ciphertext policy of entirely hidden and updated attribute encryption, design an EMR sharing method with fine-grained access control, and guarantee its execution through a secure key distribution mechanism. In addition, based on the Paillier algorithm, we construct a co-sharing mechanism that supports privacy computation to achieve neutrality and interoperability of health insurance claims. To enhance the storage efficiency of blockchain data, we also design an on-chain and off-chain co-sharing protocol. Through comparative analysis and test validation, the FGPB-EMR scheme reduces the processing time by about half compared to other methods when sharing EMR; the interaction time is also reduced by about 20% when processing medical claims. In addition, the test results demonstrate the scheme’s scalability.
{"title":"FGPB-EMR: Fine-grained privacy blockchain for electronic medical record sharing","authors":"Wei Liang , Yang Yang , Sisi Zhou , Zhishun Zhang , Yuxiang Chen , Kai Jin , Xiong Li , Kuanching Li , Jiannong Cao","doi":"10.1016/j.csi.2025.104089","DOIUrl":"10.1016/j.csi.2025.104089","url":null,"abstract":"<div><div>Electronic Medical Records are instrumental in advancing smart healthcare within the landscape of the Internet of Things, delivering highly personalized and prompt medical services to patients. However, existing healthcare data management systems are commonly characterized by provider centralization and over-regulation, posing significant threats to data security and integrity. Blockchain-based EMR secure sharing provides an effective scheme but still suffers from challenges such as insufficiently fine-grained data access control, susceptibility to user privacy leakage, high storage costs, and key management risks. Therefore, we propose FGPB-EMR, a user-centric blockchain for EMR sharing scheme with fine-grained access and privacy. We introduce the ciphertext policy of entirely hidden and updated attribute encryption, design an EMR sharing method with fine-grained access control, and guarantee its execution through a secure key distribution mechanism. In addition, based on the Paillier algorithm, we construct a co-sharing mechanism that supports privacy computation to achieve neutrality and interoperability of health insurance claims. To enhance the storage efficiency of blockchain data, we also design an on-chain and off-chain co-sharing protocol. Through comparative analysis and test validation, the FGPB-EMR scheme reduces the processing time by about half compared to other methods when sharing EMR; the interaction time is also reduced by about 20% when processing medical claims. In addition, the test results demonstrate the scheme’s scalability.</div></div>","PeriodicalId":50635,"journal":{"name":"Computer Standards & Interfaces","volume":"96 ","pages":"Article 104089"},"PeriodicalIF":3.1,"publicationDate":"2025-10-22","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"145361677","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2025-10-22DOI: 10.1016/j.csi.2025.104087
Parisa Khoshvaght , Musaed Alhussein , Khursheed Aurangzeb , Efat Yousefpoor , Jan Lansky , Mehdi Hosseinzadeh
Underwater acoustic sensor networks (UASNs) have diverse applications in military and civilian domains but are vulnerable to various security threats due to their broadcast nature and challenging underwater environment. Trust mechanisms have emerged as effective solutions to enhance security and reliability in UASNs. However, existing trust models often lack efficient trust update mechanisms that can manage inevitable dynamic fluctuations in the underwater environment and various potential attacks. In this paper, an environment-aware Q-learning-based trust evaluation (EAQTE) scheme is presented in UASNs. EAQTE incorporates environmental features such as communication channel quality and node stability into the trust computation. Communication quality is assessed based on the variance in successful packet transmission probability, while node stability is measured through movement similarity. Each node collects three types of trust evidence — energy-based, data-based, and communication-based — by interacting with neighboring nodes. Energy-based evidence includes residual energy, current energy change rate, and the similarity of energy change sequences to normal patterns. Data-based evidence evaluates the consistency of collected data, and communication-based evidence considers successful and unsuccessful interactions. EAQTE uses a Q-learning algorithm with three trust states (belief, disbelief, uncertainty) to dynamically adapt trust levels. Simulation results demonstrate that EAQTE improves detection accuracy by 7.01% compared to TUMRL, ARTMM, and TMC based on simulation time. However, under attack mode switching scenarios, EAQTE’s detection accuracy is approximately 2.86% lower than TUMRL. Additionally, EAQTE reduces the false alarm rate by 19.65% relative to TUMRL when node speed varies, and by 11.8% compared to TUMRL under different node densities. Furthermore, EAQTE achieves higher energy efficiency and improves it by 5.19% over TUMRL when the percentage of compromised nodes increases, and by approximately 5.66% across varying node densities. These results indicate that EAQTE effectively balances adaptability, accuracy, and energy consumption in challenging underwater environments.
{"title":"An environment-aware Q-learning-based trust evaluation scheme in Underwater Acoustic Sensor Networks (UASNs)","authors":"Parisa Khoshvaght , Musaed Alhussein , Khursheed Aurangzeb , Efat Yousefpoor , Jan Lansky , Mehdi Hosseinzadeh","doi":"10.1016/j.csi.2025.104087","DOIUrl":"10.1016/j.csi.2025.104087","url":null,"abstract":"<div><div>Underwater acoustic sensor networks (UASNs) have diverse applications in military and civilian domains but are vulnerable to various security threats due to their broadcast nature and challenging underwater environment. Trust mechanisms have emerged as effective solutions to enhance security and reliability in UASNs. However, existing trust models often lack efficient trust update mechanisms that can manage inevitable dynamic fluctuations in the underwater environment and various potential attacks. In this paper, an environment-aware Q-learning-based trust evaluation (EAQTE) scheme is presented in UASNs. EAQTE incorporates environmental features such as communication channel quality and node stability into the trust computation. Communication quality is assessed based on the variance in successful packet transmission probability, while node stability is measured through movement similarity. Each node collects three types of trust evidence — energy-based, data-based, and communication-based — by interacting with neighboring nodes. Energy-based evidence includes residual energy, current energy change rate, and the similarity of energy change sequences to normal patterns. Data-based evidence evaluates the consistency of collected data, and communication-based evidence considers successful and unsuccessful interactions. EAQTE uses a Q-learning algorithm with three trust states (belief, disbelief, uncertainty) to dynamically adapt trust levels. Simulation results demonstrate that EAQTE improves detection accuracy by 7.01% compared to TUMRL, ARTMM, and TMC based on simulation time. However, under attack mode switching scenarios, EAQTE’s detection accuracy is approximately 2.86% lower than TUMRL. Additionally, EAQTE reduces the false alarm rate by 19.65% relative to TUMRL when node speed varies, and by 11.8% compared to TUMRL under different node densities. Furthermore, EAQTE achieves higher energy efficiency and improves it by 5.19% over TUMRL when the percentage of compromised nodes increases, and by approximately 5.66% across varying node densities. These results indicate that EAQTE effectively balances adaptability, accuracy, and energy consumption in challenging underwater environments.</div></div>","PeriodicalId":50635,"journal":{"name":"Computer Standards & Interfaces","volume":"96 ","pages":"Article 104087"},"PeriodicalIF":3.1,"publicationDate":"2025-10-22","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"145415861","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2025-10-22DOI: 10.1016/j.csi.2025.104084
Ruiteng Zhang , Pingbin Luo , Qiong Huang
Traditional constructions of compact ring signatures often rely on cryptographic tools like accumulators and zero-knowledge proofs, which usually depend on specific proof systems. In this work, we propose a more flexible and efficient construction of ring signatures based on module lattices, following the sign-then-prove structure and we name it SPRING, which is derived from the extraction of core commonalities in SMILE (CRYPTO 2021). Our construction achieves two key advantages: first, it is no longer tied to any specific ZK proof system, and its modular architecture enhances both scalability and adaptability to diverse practical scenarios. For example, we explicitly demonstrate how to extend our base scheme to support accountable ring signatures—all without modifying the underlying core signature structure. Second, by combining these distilled core commonalities with optimized Gaussian sampling techniques, our construction achieves smaller signature sizes than prior works.
{"title":"SPRING: Sign-then-prove ring signatures from lattices with compactness, extensibility, and efficiency","authors":"Ruiteng Zhang , Pingbin Luo , Qiong Huang","doi":"10.1016/j.csi.2025.104084","DOIUrl":"10.1016/j.csi.2025.104084","url":null,"abstract":"<div><div>Traditional constructions of compact ring signatures often rely on cryptographic tools like accumulators and zero-knowledge proofs, which usually depend on specific proof systems. In this work, we propose a more flexible and efficient construction of <u>ring</u> signatures based on module lattices, following the <em><u>s</u>ign-then-<u>p</u>rove</em> structure and we name it SPRING, which is derived from the extraction of core commonalities in SMILE (CRYPTO 2021). Our construction achieves two key advantages: first, it is no longer tied to any specific ZK proof system, and its modular architecture enhances both scalability and adaptability to diverse practical scenarios. For example, we explicitly demonstrate how to extend our base scheme to support accountable ring signatures—all without modifying the underlying core signature structure. Second, by combining these distilled core commonalities with optimized Gaussian sampling techniques, our construction achieves smaller signature sizes than prior works.</div></div>","PeriodicalId":50635,"journal":{"name":"Computer Standards & Interfaces","volume":"96 ","pages":"Article 104084"},"PeriodicalIF":3.1,"publicationDate":"2025-10-22","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"145415862","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2025-10-17DOI: 10.1016/j.csi.2025.104088
Vita Santa Barletta, Danilo Caivano, Christian Catalano, Mirko De Vincentiis, Michele Scalera
The automotive industry is designing increasingly sophisticated electronic components in order to make modern vehicles safer and more connected. This means not only more functionality available but also an increased risk to vehicle security and driver safety. Over the years, academia and industry have identified security issues in Electronic Control Units (ECUs) software and the protocols they use to communicate. Many of the attacks proposed in the literature exploit weaknesses in the Controller Area Network (CAN), one of the most widely used protocols for internal network communication. Researchers have proposed techniques focused on using Machine Learning (ML) models to identify attacks that exploit vulnerabilities in the CAN protocol. However, these techniques are not enough, as it is necessary to introduce the knowledge of how these attacks occurred and propose remediations to counter them to design more secure components. So, it is necessary to use ML models that use a multi-class classification to obtain the attack typology to obtain information that aims to resolve or understand the threat. To this end, this paper proposes a Pachamama methodology that identifies CAN attacks by proposing a simulation environment in which an ML algorithm is deployed. Then, a Vehicle-Security Operation Center (Vehicle-SOC) allows the classification of the received message from the Intrusion Detection System (IDS) to propose remediations for security analysts or developers working in the automotive world.
{"title":"Automotive Intelligence for supporting Vehicle-SOC analysts","authors":"Vita Santa Barletta, Danilo Caivano, Christian Catalano, Mirko De Vincentiis, Michele Scalera","doi":"10.1016/j.csi.2025.104088","DOIUrl":"10.1016/j.csi.2025.104088","url":null,"abstract":"<div><div>The automotive industry is designing increasingly sophisticated electronic components in order to make modern vehicles safer and more connected. This means not only more functionality available but also an increased risk to vehicle security and driver safety. Over the years, academia and industry have identified security issues in Electronic Control Units (ECUs) software and the protocols they use to communicate. Many of the attacks proposed in the literature exploit weaknesses in the Controller Area Network (CAN), one of the most widely used protocols for internal network communication. Researchers have proposed techniques focused on using Machine Learning (ML) models to identify attacks that exploit vulnerabilities in the CAN protocol. However, these techniques are not enough, as it is necessary to introduce the knowledge of how these attacks occurred and propose remediations to counter them to design more secure components. So, it is necessary to use ML models that use a multi-class classification to obtain the attack typology to obtain information that aims to resolve or understand the threat. To this end, this paper proposes a Pachamama methodology that identifies CAN attacks by proposing a simulation environment in which an ML algorithm is deployed. Then, a Vehicle-Security Operation Center (Vehicle-SOC) allows the classification of the received message from the Intrusion Detection System (IDS) to propose remediations for security analysts or developers working in the automotive world.</div></div>","PeriodicalId":50635,"journal":{"name":"Computer Standards & Interfaces","volume":"96 ","pages":"Article 104088"},"PeriodicalIF":3.1,"publicationDate":"2025-10-17","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"145361676","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2025-10-17DOI: 10.1016/j.csi.2025.104085
Mingrui Zhang , Ru Meng , Tao Wang , Yanwei Zhou , Yi Zhao , Bo Yang , Lei Zhang
Self-Sovereign Identity (SSI) is a novel identity management paradigm that empowers entities to control their own identities through agents, without relying on centralized authorities. However, the widely adopted DIDComm framework for secure communication between agents in SSI still faces several critical challenges, such as the lack of perfect forward secrecy, insufficient message loss resilience, and the absence of continuous key updates. To address these issues, we propose a blockchain-based Fair and Continuous Key Agreement (BcFCKA) primitive, which enables agents to perform fair and continuous session key updates, even in the presence of message loss and without relying on any centralized trusted entity. We further present a concrete scheme instantiation, namely BcFCX3DH, and provide both formal and informal analyses to demonstrate that our scheme achieves several security properties (e.g., known-key security and perfect forward secrecy) as well as several design goals (e.g., key pre-storage freedom and message loss resilience). In addition, simulation results show that the proposed scheme establishes the initial session key and performs key updates within only a few milliseconds, demonstrating its practicality.
{"title":"BcFCKA:Blockchain-based Fair and continuous key agreement for DIDComm in Self-Sovereign Identity","authors":"Mingrui Zhang , Ru Meng , Tao Wang , Yanwei Zhou , Yi Zhao , Bo Yang , Lei Zhang","doi":"10.1016/j.csi.2025.104085","DOIUrl":"10.1016/j.csi.2025.104085","url":null,"abstract":"<div><div>Self-Sovereign Identity (SSI) is a novel identity management paradigm that empowers entities to control their own identities through agents, without relying on centralized authorities. However, the widely adopted DIDComm framework for secure communication between agents in SSI still faces several critical challenges, such as the lack of perfect forward secrecy, insufficient message loss resilience, and the absence of continuous key updates. To address these issues, we propose a blockchain-based Fair and Continuous Key Agreement (BcFCKA) primitive, which enables agents to perform fair and continuous session key updates, even in the presence of message loss and without relying on any centralized trusted entity. We further present a concrete scheme instantiation, namely BcFCX3DH, and provide both formal and informal analyses to demonstrate that our scheme achieves several security properties (e.g., known-key security and perfect forward secrecy) as well as several design goals (e.g., key pre-storage freedom and message loss resilience). In addition, simulation results show that the proposed scheme establishes the initial session key and performs key updates within only a few milliseconds, demonstrating its practicality.</div></div>","PeriodicalId":50635,"journal":{"name":"Computer Standards & Interfaces","volume":"96 ","pages":"Article 104085"},"PeriodicalIF":3.1,"publicationDate":"2025-10-17","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"145361675","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
The rapid growth of internet data and stringent privacy regulations have posed significant challenges to traditional machine learning methods in multi-party collaborative environments due to data silos. In this context, Vertical Federated Learning (VFL) has emerged as a promising solution. Gradient boosting tree-based VFL schemes, in particular, have gained prominence due to their widespread applicability. However, conventional gradient boosting tree models in VFL settings suffer from notable shortcomings, including high communication overhead from frequent interactions, inefficient utilization of computational resources, limited model interpretability, and privacy leakage risks arising from joint modeling. To address these issues, we propose EIVBoost, a novel gradient boosting tree framework. EIVBoost leverages Function Secret Sharing (FSS) to implement a secure comparison protocol, enabling passive parties without labels to generate pseudo-labels through shared functions and train independently, thereby significantly reducing communication overhead and training time while ensuring privacy. Furthermore, through model simplification and rule extraction, EIVBoost aggregates rules from independent models into a globally interpretable decision tree, enhancing model transparency and inference efficiency. Comprehensive security analyses demonstrate that EIVBoost effectively safeguards data privacy. Extensive experiments on real-world datasets confirm that the framework substantially improves training efficiency without compromising model accuracy, offering a robust, secure, and interpretable solution for VFL.
{"title":"EIVBoost: An efficient and interpretable gradient boosting framework for Vertical Federated Learning","authors":"Lianhai Wang, Xiangyan Kong, Shujiang Xu, Shuhui Zhang, Wei Shao, Qizheng Wang","doi":"10.1016/j.csi.2025.104082","DOIUrl":"10.1016/j.csi.2025.104082","url":null,"abstract":"<div><div>The rapid growth of internet data and stringent privacy regulations have posed significant challenges to traditional machine learning methods in multi-party collaborative environments due to data silos. In this context, Vertical Federated Learning (VFL) has emerged as a promising solution. Gradient boosting tree-based VFL schemes, in particular, have gained prominence due to their widespread applicability. However, conventional gradient boosting tree models in VFL settings suffer from notable shortcomings, including high communication overhead from frequent interactions, inefficient utilization of computational resources, limited model interpretability, and privacy leakage risks arising from joint modeling. To address these issues, we propose EIVBoost, a novel gradient boosting tree framework. EIVBoost leverages Function Secret Sharing (FSS) to implement a secure comparison protocol, enabling passive parties without labels to generate pseudo-labels through shared functions and train independently, thereby significantly reducing communication overhead and training time while ensuring privacy. Furthermore, through model simplification and rule extraction, EIVBoost aggregates rules from independent models into a globally interpretable decision tree, enhancing model transparency and inference efficiency. Comprehensive security analyses demonstrate that EIVBoost effectively safeguards data privacy. Extensive experiments on real-world datasets confirm that the framework substantially improves training efficiency without compromising model accuracy, offering a robust, secure, and interpretable solution for VFL.</div></div>","PeriodicalId":50635,"journal":{"name":"Computer Standards & Interfaces","volume":"96 ","pages":"Article 104082"},"PeriodicalIF":3.1,"publicationDate":"2025-10-16","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"145324419","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
扫码关注我们
求助内容:
应助结果提醒方式:
京公网安备 11010802042870号