Computers & Security最新文献

英文中文

Developing ethical principle awareness and reasoning in a cybersecurity context: Enhancing user understanding using ripple down rules 在网络安全环境中发展道德原则意识和推理：使用涟漪规则增强用户理解

IF 5.4 2区计算机科学 Q1 COMPUTER SCIENCE, INFORMATION SYSTEMS

Computers & Security

Pub Date : 2026-02-01 Epub Date: 2025-11-13 DOI: 10.1016/j.cose.2025.104761

Amal Abdulrahman , Deborah Richards , Ayse Aysin Bilgin , Paul Formosa

Cybersecurity breaches are often attributed to human behaviour, where individuals fail to integrate ethical principles in their decision-making. This empirical study investigates the effectiveness of the Ripple Down Rules (RDR) method, a knowledge acquisition and representation method, in enhancing ethical awareness and reasoning in cybersecurity contexts. The proposed approach combines rule-based reasoning, case-based learning, reflection, and situated cognition to bridge the gap between ethical knowledge and action by systematically connecting scenario elements to ethical principles. Participants, recruited from a cohort of first-year psychology students, were exposed to training incorporating five ethical principles—Beneficence, Non-Maleficence, Justice, Autonomy, and Explicability—applied to realistic cybersecurity scenarios. The study employed a randomised controlled design with two treatment and one control groups, using pre- and post-study assessments to evaluate improvements in ethical principle identification and reasoning. Participants rated RDR as a clear and helpful tool for understanding ethical reasoning, with sensibility and helpfulness scores ranging from moderate to high. Results demonstrate that RDR training significantly improved participants' ability to identify ethical principles compared to learning without RDR, particularly for principles like autonomy and explicability. However, challenges persisted in distinguishing overlapping principles, such as beneficence and non-maleficence. Implications and guidance for use of RDR for ethics training are discussed.

网络安全漏洞通常被归咎于人类行为，即个人未能将道德原则纳入决策。本实证研究探讨了涟漪规则（RDR）方法（一种知识获取和表示方法）在增强网络安全背景下的道德意识和推理方面的有效性。该方法结合了基于规则的推理、基于案例的学习、反思和情境认知，通过系统地将情景元素与伦理原则联系起来，弥合了伦理知识与行动之间的差距。参与者是从一群一年级心理学学生中招募的，他们接受了五项道德原则的培训，这五项道德原则是“善”、“无害”、“公正”、“自主”和“可解释性”，这些原则应用于现实的网络安全场景。该研究采用随机对照设计，有两个治疗组和一个对照组，使用研究前和研究后评估来评估伦理原则识别和推理的改进。参与者认为RDR是理解道德推理的一个清晰而有用的工具，其敏感性和帮助性得分从中等到高不等。结果表明，与没有进行RDR的学习相比，RDR训练显著提高了参与者识别道德原则的能力，特别是在自主性和可解释性等原则方面。然而，在区分重叠原则（如行善和无害）方面仍然存在挑战。讨论了在道德培训中使用RDR的含义和指导。

{"title":"Developing ethical principle awareness and reasoning in a cybersecurity context: Enhancing user understanding using ripple down rules","authors":"Amal Abdulrahman , Deborah Richards , Ayse Aysin Bilgin , Paul Formosa","doi":"10.1016/j.cose.2025.104761","DOIUrl":"10.1016/j.cose.2025.104761","url":null,"abstract":"<div><div>Cybersecurity breaches are often attributed to human behaviour, where individuals fail to integrate ethical principles in their decision-making. This empirical study investigates the effectiveness of the Ripple Down Rules (RDR) method, a knowledge acquisition and representation method, in enhancing ethical awareness and reasoning in cybersecurity contexts. The proposed approach combines rule-based reasoning, case-based learning, reflection, and situated cognition to bridge the gap between ethical knowledge and action by systematically connecting scenario elements to ethical principles. Participants, recruited from a cohort of first-year psychology students, were exposed to training incorporating five ethical principles—Beneficence, Non-Maleficence, Justice, Autonomy, and Explicability—applied to realistic cybersecurity scenarios. The study employed a randomised controlled design with two treatment and one control groups, using pre- and post-study assessments to evaluate improvements in ethical principle identification and reasoning. Participants rated RDR as a clear and helpful tool for understanding ethical reasoning, with sensibility and helpfulness scores ranging from moderate to high. Results demonstrate that RDR training significantly improved participants' ability to identify ethical principles compared to learning without RDR, particularly for principles like autonomy and explicability. However, challenges persisted in distinguishing overlapping principles, such as beneficence and non-maleficence. Implications and guidance for use of RDR for ethics training are discussed.</div></div>","PeriodicalId":51004,"journal":{"name":"Computers & Security","volume":"161 ","pages":"Article 104761"},"PeriodicalIF":5.4,"publicationDate":"2026-02-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"145579997","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

引用次数: 0

Temporal-spatial feature fusion based intrusion detection system for in-vehicle networks 基于时空特征融合的车载网络入侵检测系统

IF 5.4 2区计算机科学 Q1 COMPUTER SCIENCE, INFORMATION SYSTEMS

Computers & Security

Pub Date : 2026-02-01 Epub Date: 2025-11-21 DOI: 10.1016/j.cose.2025.104781

Zhihua Yin , Zixuan Li , Youtong Zhang , Jianxi Li , Dong Liu , Hongqian Wei

As a typical cyber-physical system, the in-vehicle network is evolving from an information silo into a mobile interconnection terminal. The controller area networks (CAN), serving as the real-time communication medium between automotive electronic control units (ECUs), encounter significant security challenges due to the absence of essential identity authentication and encryption mechanisms. The intrusion detection systems (IDSs) for CAN provide threat alerts but struggles to effectively identifying same origin method execution (SOME) attacks due to their frame homology and high concealment characteristics. To this end, a temporal-spatial feature fusion based IDS (TSFF-IDS) is developed. First, a comprehensive analysis is conducted on the temporal and spatial characteristics of CAN bus traffic. On this basis, a hybrid model integrating bidirectional long short-term memory (BiLSTM) networks and convolutional neural networks (CNN) is proposed to automatically extract the temporal and spatial features in parallel. A two-layer attention network is introduced to measure the distinct contributions of temporal-spatial features and recognize crucial features. Finally, the features are weighted fused to detect potential anomalies. To validate the effectiveness of the proposed method, comprehensive experiments have been conducted and the results show that the proposed TSFF-IDS exhibits superior identification capability and high adaptability compared to state-of-the-art schemes.

车载网络作为一种典型的信息物理系统，正从信息孤岛向移动互联终端发展。控制器局域网（CAN）作为汽车电子控制单元（ecu）之间的实时通信媒介，由于缺乏必要的身份认证和加密机制，面临着重大的安全挑战。CAN的入侵检测系统提供威胁警报，但由于其帧同源性和高隐蔽性的特点，难以有效识别同源方法执行（same origin method execution， SOME）攻击。为此，提出了一种基于时空特征融合的入侵检测系统（TSFF-IDS）。首先，对CAN总线流量的时空特征进行了全面分析。在此基础上，提出了一种双向长短期记忆（BiLSTM）网络与卷积神经网络（CNN）相结合的混合模型，用于自动并行提取时空特征。引入两层注意力网络来衡量时空特征的不同贡献，识别关键特征。最后，对特征进行加权融合，检测潜在异常。为了验证该方法的有效性，进行了全面的实验，结果表明，与现有方案相比，所提出的TSFF-IDS具有更好的识别能力和较高的适应性。

{"title":"Temporal-spatial feature fusion based intrusion detection system for in-vehicle networks","authors":"Zhihua Yin , Zixuan Li , Youtong Zhang , Jianxi Li , Dong Liu , Hongqian Wei","doi":"10.1016/j.cose.2025.104781","DOIUrl":"10.1016/j.cose.2025.104781","url":null,"abstract":"<div><div>As a typical cyber-physical system, the in-vehicle network is evolving from an information silo into a mobile interconnection terminal. The controller area networks (CAN), serving as the real-time communication medium between automotive electronic control units (ECUs), encounter significant security challenges due to the absence of essential identity authentication and encryption mechanisms. The intrusion detection systems (IDSs) for CAN provide threat alerts but struggles to effectively identifying same origin method execution (SOME) attacks due to their frame homology and high concealment characteristics. To this end, a temporal-spatial feature fusion based IDS (TSFF-IDS) is developed. First, a comprehensive analysis is conducted on the temporal and spatial characteristics of CAN bus traffic. On this basis, a hybrid model integrating bidirectional long short-term memory (BiLSTM) networks and convolutional neural networks (CNN) is proposed to automatically extract the temporal and spatial features in parallel. A two-layer attention network is introduced to measure the distinct contributions of temporal-spatial features and recognize crucial features. Finally, the features are weighted fused to detect potential anomalies. To validate the effectiveness of the proposed method, comprehensive experiments have been conducted and the results show that the proposed TSFF-IDS exhibits superior identification capability and high adaptability compared to state-of-the-art schemes.</div></div>","PeriodicalId":51004,"journal":{"name":"Computers & Security","volume":"161 ","pages":"Article 104781"},"PeriodicalIF":5.4,"publicationDate":"2026-02-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"145693747","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

引用次数: 0

Control-Flow Integrity for Resource-Constrained Devices 资源受限设备的控制流完整性

IF 5.4 2区计算机科学 Q1 COMPUTER SCIENCE, INFORMATION SYSTEMS

Computers & Security

Pub Date : 2026-02-01 Epub Date: 2025-10-26 DOI: 10.1016/j.cose.2025.104730

Gianluca Roascio , Nicolò Maunero , Gabriele Costa

Control-Flow Integrity (CFI) ensures that an attacker cannot tamper with the execution logic of a program, e.g., by reusing its code to implement malicious operations. In the past, several attacks have actively exploited CFI failures for hijacking the control logic of programs. Although enforcing the CFI of programs is a significant concern, implementing effective control mechanisms is highly complex. Although often control-flow properties are regarded as practically enforceable, as most languages include data-driven branch operators, CFI is, in fact, also a data-flow property. Furthermore, when the execution platform supports any sort of non-determinism, e.g., think of program interrupts, static models for CFI analysis, such as control-flow graphs (CFG), cannot be accurately computed. Thus, it is not surprising that CFI is often only partially guaranteed by means of weaker security models.

In this paper, we present a novel CFI enforcement framework for dealing with the aforementioned issues. Like other proposals, our method relies on code instrumentation for deploying CFI checks among the instructions of a target program. However, our policy enforcement framework also monitors interrupt routines to ensure that the attacker cannot exploit them. Finally, we provide our proposal with formal semantics that we use to provide the correctness of our solution.

控制流完整性（CFI）确保攻击者不能篡改程序的执行逻辑，例如，通过重用其代码来实现恶意操作。在过去，一些攻击已经积极地利用CFI故障来劫持程序的控制逻辑。虽然执行项目的CFI是一个重要的问题，但实施有效的控制机制是非常复杂的。尽管通常认为控制流属性实际上是可执行的，因为大多数语言都包含数据驱动的分支操作符，但CFI实际上也是一个数据流属性。此外，当执行平台支持任何类型的非确定性时，例如，考虑程序中断，用于CFI分析的静态模型，如控制流图（CFG），无法精确计算。因此，CFI通常仅通过较弱的安全模型得到部分保证也就不足为奇了。在本文中，我们提出了一个新的CFI执行框架来处理上述问题。与其他建议一样，我们的方法依赖于在目标程序的指令之间部署CFI检查的代码插装。然而，我们的策略实施框架还监视中断例程，以确保攻击者无法利用它们。最后，我们为我们的建议提供形式化语义，我们使用形式化语义来提供解决方案的正确性。

{"title":"Control-Flow Integrity for Resource-Constrained Devices","authors":"Gianluca Roascio , Nicolò Maunero , Gabriele Costa","doi":"10.1016/j.cose.2025.104730","DOIUrl":"10.1016/j.cose.2025.104730","url":null,"abstract":"<div><div>Control-Flow Integrity (CFI) ensures that an attacker cannot tamper with the execution logic of a program, e.g., by reusing its code to implement malicious operations. In the past, several attacks have actively exploited CFI failures for hijacking the control logic of programs. Although enforcing the CFI of programs is a significant concern, implementing effective control mechanisms is highly complex. Although often control-flow properties are regarded as practically enforceable, as most languages include data-driven branch operators, CFI is, in fact, also a data-flow property. Furthermore, when the execution platform supports any sort of non-determinism, e.g., think of program interrupts, static models for CFI analysis, such as control-flow graphs (CFG), cannot be accurately computed. Thus, it is not surprising that CFI is often only partially guaranteed by means of weaker security models.</div><div>In this paper, we present a novel CFI enforcement framework for dealing with the aforementioned issues. Like other proposals, our method relies on code instrumentation for deploying CFI checks among the instructions of a target program. However, our policy enforcement framework also monitors interrupt routines to ensure that the attacker cannot exploit them. Finally, we provide our proposal with formal semantics that we use to provide the correctness of our solution.</div></div>","PeriodicalId":51004,"journal":{"name":"Computers & Security","volume":"161 ","pages":"Article 104730"},"PeriodicalIF":5.4,"publicationDate":"2026-02-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"145694033","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

引用次数: 0

Dynamic soft isolation and restricted eviction for cache side channel attack defense 缓存侧信道攻击防御的动态软隔离和限制驱逐

IF 5.4 2区计算机科学 Q1 COMPUTER SCIENCE, INFORMATION SYSTEMS

Computers & Security

Pub Date : 2026-02-01 Epub Date: 2025-11-07 DOI: 10.1016/j.cose.2025.104753

Chuan Lu, Senlin Luo, Limin Pan

Cache side channel attack seriously threatens microarchitectural security. A key challenge in mitigating such attack lies in analyzing behavioral characteristics and intentions at different stages. Existing methods utilize static isolation domains to prevent data eviction between attackers and victims. The number of isolation domains is constrained by cache size, making protection insufficient processes when the number of protected processes exceeds this limit. Moreover, the capacity and location of isolation domains cannot be dynamically adjusted according to the process demand, leading to either underutilized cache lines or excessive evictions, both of which degrade performance. Therefore, a Dynamic Soft Isolation and Restricted Eviction for Cache Side Channel Attack Defense (DSI-RE) is proposed. DSI-RE introduces a dynamic soft isolation method with flexible isolation boundaries, which dynamically adjusts the number, capacity and location of isolation domains based on process demands by domain labels, enhancing cache utilization and operational efficiency. Additionally, a restricted eviction with intent-aware is proposed, which detects the attack behavior across different attack stage, and imposes different restrictions on the replacement algorithm to prevent sensitive evictions. Extensive experimental results show that DSI-RE outperforms the state-of-the-art methods. The proposed method novelly identifies the key behavioral intent during an attack and blocks the attack by introducing minor restrictions in attack process.

缓存侧通道攻击严重威胁微架构安全。减轻此类攻击的一个关键挑战在于分析不同阶段的行为特征和意图。现有方法利用静态隔离域来防止攻击者和受害者之间的数据驱逐。隔离域的数量受缓存大小的限制，当受保护的进程数量超过此限制时，将导致保护进程不足。此外，隔离域的容量和位置不能根据进程需求动态调整，导致缓存线利用率不足或过多的驱逐，这两种情况都会降低性能。为此，提出了一种用于缓存侧信道攻击防御（DSI-RE）的动态软隔离和受限驱逐方法。DSI-RE引入了具有灵活隔离边界的动态软隔离方法，通过域标签根据进程需求动态调整隔离域的数量、容量和位置，提高了缓存利用率和运行效率。此外，提出了一种具有意图感知的受限驱逐算法，该算法在不同的攻击阶段检测攻击行为，并对替换算法施加不同的限制以防止敏感驱逐。大量的实验结果表明，DSI-RE优于最先进的方法。该方法新颖地识别攻击过程中的关键行为意图，并通过在攻击过程中引入次要限制来阻止攻击。

{"title":"Dynamic soft isolation and restricted eviction for cache side channel attack defense","authors":"Chuan Lu, Senlin Luo, Limin Pan","doi":"10.1016/j.cose.2025.104753","DOIUrl":"10.1016/j.cose.2025.104753","url":null,"abstract":"<div><div>Cache side channel attack seriously threatens microarchitectural security. A key challenge in mitigating such attack lies in analyzing behavioral characteristics and intentions at different stages. Existing methods utilize static isolation domains to prevent data eviction between attackers and victims. The number of isolation domains is constrained by cache size, making protection insufficient processes when the number of protected processes exceeds this limit. Moreover, the capacity and location of isolation domains cannot be dynamically adjusted according to the process demand, leading to either underutilized cache lines or excessive evictions, both of which degrade performance. Therefore, a <strong><u>D</u></strong>ynamic <strong><u>S</u></strong>oft <strong><u>I</u></strong>solation and <strong><u>R</u></strong>estricted <strong><u>E</u></strong>viction for Cache Side Channel Attack Defense (DSI-RE) is proposed. DSI-RE introduces a dynamic soft isolation method with flexible isolation boundaries, which dynamically adjusts the number, capacity and location of isolation domains based on process demands by domain labels, enhancing cache utilization and operational efficiency. Additionally, a restricted eviction with intent-aware is proposed, which detects the attack behavior across different attack stage, and imposes different restrictions on the replacement algorithm to prevent sensitive evictions. Extensive experimental results show that DSI-RE outperforms the state-of-the-art methods. The proposed method novelly identifies the key behavioral intent during an attack and blocks the attack by introducing minor restrictions in attack process.</div></div>","PeriodicalId":51004,"journal":{"name":"Computers & Security","volume":"161 ","pages":"Article 104753"},"PeriodicalIF":5.4,"publicationDate":"2026-02-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"145529096","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

引用次数: 0

Cost observability as a security control in multi-cloud environments based on SOC 2 security standard 基于SOC 2安全标准的多云环境下的成本可观察性安全控制

IF 5.4 2区计算机科学 Q1 COMPUTER SCIENCE, INFORMATION SYSTEMS

Computers & Security

Pub Date : 2026-02-01 Epub Date: 2025-11-14 DOI: 10.1016/j.cose.2025.104771

Yevhenii Martseniuk, Andrii Partyka, Ivan Opirskyy, Oleh Harasymchuk

The problem of ensuring cost transparency and proactive budget control in multi-cloud environments is becoming increasingly relevant for modern IT infrastructures. As organizations scale their use of heterogeneous cloud services, they face challenges related to fragmented billing systems, inconsistent cost metrics, and delayed anomaly detection. This study frames cost observability not merely as a financial function, but as an integral component of the organization’s security posture, aligned with the SOC 2 framework. The novelty of this research lies in the integration of cost monitoring tools — specifically Splunk, Cherwell, and JSON-based cloud Application Programming Interfaces (APIs) — with operational and security processes, enabling real-time detection of budget deviations, automated incident escalation, and cost-based policy enforcement. This study presents a proposed future architecture that implements a unified cost observability layer across heterogeneous billing systems in multi-cloud environments. The architecture transforms provider-specific formats — including AWS Cost Explorer JSON exports, Azure Cost Management APIs, and GCP Billing BigQuery exports — into standardized cost events. These normalized streams create a single temporal view of expenditures against unified budget thresholds, while generating consolidated financial telemetry that enables cross-provider anomaly detection and correlation. By reframing cost data as actionable observability signals, the approach advances beyond fragmented dashboards toward a centralized, audit-ready control layer that supports compliance, incident response, and financial governance. The system further incorporates role-based access logic, escalation thresholds, and forecasting models, creating a cost governance layer with direct implications for FinOps, DevSecOps, and compliance teams.

在多云环境中确保成本透明度和主动预算控制的问题与现代IT基础设施的关系越来越密切。随着组织扩展其异构云服务的使用，他们面临着与分散的计费系统、不一致的成本指标和延迟的异常检测相关的挑战。本研究不仅将成本可观察性作为财务功能，而且将其作为组织安全态势的一个组成部分，与SOC 2框架保持一致。这项研究的新颖之处在于将成本监控工具（特别是Splunk、Cherwell和基于json的云应用程序编程接口（api））与运营和安全流程集成在一起，从而能够实时检测预算偏差、自动事件升级和基于成本的策略执行。本研究提出了一种未来架构，该架构在多云环境中跨异构计费系统实现统一的成本可观察层。该架构将特定于提供商的格式（包括AWS成本资源管理器JSON导出、Azure成本管理api和GCP Billing BigQuery导出）转换为标准化的成本事件。这些规范化流创建了针对统一预算阈值的单一时间支出视图，同时生成统一的财务遥测，支持跨提供商异常检测和关联。通过将成本数据重新构建为可操作的可观察性信号，该方法从分散的仪表板发展到支持合规性、事件响应和财务治理的集中的、审计就绪的控制层。该系统进一步整合了基于角色的访问逻辑、升级阈值和预测模型，创建了一个成本治理层，对FinOps、DevSecOps和合规团队有直接影响。

{"title":"Cost observability as a security control in multi-cloud environments based on SOC 2 security standard","authors":"Yevhenii Martseniuk, Andrii Partyka, Ivan Opirskyy, Oleh Harasymchuk","doi":"10.1016/j.cose.2025.104771","DOIUrl":"10.1016/j.cose.2025.104771","url":null,"abstract":"<div><div>The problem of ensuring cost transparency and proactive budget control in multi-cloud environments is becoming increasingly relevant for modern IT infrastructures. As organizations scale their use of heterogeneous cloud services, they face challenges related to fragmented billing systems, inconsistent cost metrics, and delayed anomaly detection. This study frames cost observability not merely as a financial function, but as an integral component of the organization’s security posture, aligned with the SOC 2 framework. The novelty of this research lies in the integration of cost monitoring tools — specifically Splunk, Cherwell, and JSON-based cloud Application Programming Interfaces (APIs) — with operational and security processes, enabling real-time detection of budget deviations, automated incident escalation, and cost-based policy enforcement. This study presents a proposed future architecture that implements a unified cost observability layer across heterogeneous billing systems in multi-cloud environments. The architecture transforms provider-specific formats — including AWS Cost Explorer JSON exports, Azure Cost Management APIs, and GCP Billing BigQuery exports — into standardized cost events. These normalized streams create a single temporal view of expenditures against unified budget thresholds, while generating consolidated financial telemetry that enables cross-provider anomaly detection and correlation. By reframing cost data as actionable observability signals, the approach advances beyond fragmented dashboards toward a centralized, audit-ready control layer that supports compliance, incident response, and financial governance. The system further incorporates role-based access logic, escalation thresholds, and forecasting models, creating a cost governance layer with direct implications for FinOps, DevSecOps, and compliance teams.</div></div>","PeriodicalId":51004,"journal":{"name":"Computers & Security","volume":"161 ","pages":"Article 104771"},"PeriodicalIF":5.4,"publicationDate":"2026-02-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"145579993","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

引用次数: 0

FedGNNLDP: Federated graph neural network with locally differential privacy FedGNNLDP：具有局部差分隐私的联邦图神经网络

IF 5.4 2区计算机科学 Q1 COMPUTER SCIENCE, INFORMATION SYSTEMS

Computers & Security

Pub Date : 2026-02-01 Epub Date: 2025-11-10 DOI: 10.1016/j.cose.2025.104757

Yaqi Liu, Yue Zhang, Pinzhen He, Shuzhen Fang

In recent years, Graph Neural Networks (GNNs) have demonstrated remarkable performance due to their excellent graph-structure-based approach and have been widely applied in various industries. GNNs can access node features or link information as a result of their unique graph structure, enabling them to achieve more accurate machine learning model prediction. However, most graph-structure data varies across individual users or consumers in different industries, and it is inevitable that private data will be accessed during the GNN training process, which will cause serious leakage of private information. To address this problem, the author propose a privacy-preserving federal learning model for GNN with local differential privacy, named FedGNNLDP, which distributes a subgraph of a larger global graph to different clients for training to avoid the direct exchange of subgraph data. At the same time, the author apply the local differential privacy mechanism to the local client for GNN-subgraphs, thereby effectively avoiding the parameters being compromised by attacks during transmission. The author go on to demonstrate the solid experimental performance of our method compared to several baselines. Extensive experiments demonstrate that our model achieves a high accuracy rate even with privacy protection.

近年来，图神经网络（Graph Neural Networks, gnn）由于其基于图结构的优良方法而表现出显著的性能，并在各个行业得到了广泛的应用。由于其独特的图结构，gnn可以访问节点特征或链接信息，使其能够实现更准确的机器学习模型预测。然而，大多数图结构数据在不同行业的个人用户或消费者之间是不同的，在GNN训练过程中不可避免地会有私人数据被访问，这将造成严重的私人信息泄露。为了解决这一问题，作者提出了一种具有局部差分隐私的GNN保护隐私的联邦学习模型FedGNNLDP，该模型将一个较大的全局图的一个子图分发给不同的客户端进行训练，以避免子图数据的直接交换。同时，作者对gnn子图的本地客户端应用了本地差分隐私机制，从而有效避免了参数在传输过程中被攻击者泄露。作者继续证明了我们的方法与几个基线相比较的坚实的实验性能。大量的实验表明，即使在隐私保护的情况下，我们的模型也能达到很高的准确率。

{"title":"FedGNNLDP: Federated graph neural network with locally differential privacy","authors":"Yaqi Liu, Yue Zhang, Pinzhen He, Shuzhen Fang","doi":"10.1016/j.cose.2025.104757","DOIUrl":"10.1016/j.cose.2025.104757","url":null,"abstract":"<div><div>In recent years, Graph Neural Networks (GNNs) have demonstrated remarkable performance due to their excellent graph-structure-based approach and have been widely applied in various industries. GNNs can access node features or link information as a result of their unique graph structure, enabling them to achieve more accurate machine learning model prediction. However, most graph-structure data varies across individual users or consumers in different industries, and it is inevitable that private data will be accessed during the GNN training process, which will cause serious leakage of private information. To address this problem, the author propose a privacy-preserving federal learning model for GNN with local differential privacy, named <em>FedGNNLDP,</em> which distributes a subgraph of a larger global graph to different clients for training to avoid the direct exchange of subgraph data. At the same time, the author apply the local differential privacy mechanism to the local client for GNN-subgraphs, thereby effectively avoiding the parameters being compromised by attacks during transmission. The author go on to demonstrate the solid experimental performance of our method compared to several baselines. Extensive experiments demonstrate that our model achieves a high accuracy rate even with privacy protection.</div></div>","PeriodicalId":51004,"journal":{"name":"Computers & Security","volume":"161 ","pages":"Article 104757"},"PeriodicalIF":5.4,"publicationDate":"2026-02-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"145529098","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

引用次数: 0

Plug and prey: Exploiting design flaws to hijack EV charging stations 即插即用：利用设计缺陷劫持电动汽车充电站

IF 5.4 2区计算机科学 Q1 COMPUTER SCIENCE, INFORMATION SYSTEMS

Computers & Security

Pub Date : 2026-02-01 Epub Date: 2025-11-13 DOI: 10.1016/j.cose.2025.104759

Mohammad Ali Sayed , Khaled Sarieddine , Rinith Reghunath , Chadi Assi, Mourad Debbabi

Electric Vehicles (EVs) have become a major element in the global push to combat climate change, given their ability to reduce the transportation sector’s emissions. To support the increasing number of EVs on the road, EV Charging Stations (EVCSs) are being deployed and have become a core element of the transportation infrastructure. EVCSs with individual web portals have been widely studied and proven to be vulnerable to network-based attacks. On the other hand, EVCSs that do not host web portals and cannot be accessed remotely are considered more secure. These EVCSs are generally considered to be more secure and have been overlooked in previous studies. Consequently, in this work, we present the first attack framework that exploits design flaws in this type of EVCS to hijack their operation. Our tests were performed on six actual EVCSs that follow the deployment strategy commonly preferred in North America by most operators and a few operators in Europe. We demonstrate how adversaries can successfully exploit the discussed vulnerabilities to gain unauthorized access to the EVCS configuration and acquire administrator privileges. We then proceed to craft multiple attacks to affect the power grid, steal money, or deteriorate EVCS availability.

电动汽车（ev）已经成为全球应对气候变化的主要因素，因为它们能够减少交通部门的排放。为了支持道路上越来越多的电动汽车，电动汽车充电站（evcs）正在部署，并已成为交通基础设施的核心要素。具有单个web门户的evcs已被广泛研究，并被证明容易受到基于网络的攻击。另一方面，不承载web门户并且不能远程访问的evcs被认为更安全。这些evcs通常被认为更安全，但在以前的研究中被忽视了。因此，在这项工作中，我们提出了第一个攻击框架，利用这种类型的EVCS的设计缺陷来劫持它们的操作。我们在六个实际的evcs上进行了测试，这些evcs遵循北美大多数运营商和欧洲少数运营商普遍采用的部署策略。我们演示了攻击者如何成功利用所讨论的漏洞来获得对EVCS配置的未经授权访问并获得管理员权限。然后我们继续制造多个攻击来影响电网，窃取资金，或者破坏EVCS的可用性。

{"title":"Plug and prey: Exploiting design flaws to hijack EV charging stations","authors":"Mohammad Ali Sayed , Khaled Sarieddine , Rinith Reghunath , Chadi Assi, Mourad Debbabi","doi":"10.1016/j.cose.2025.104759","DOIUrl":"10.1016/j.cose.2025.104759","url":null,"abstract":"<div><div>Electric Vehicles (EVs) have become a major element in the global push to combat climate change, given their ability to reduce the transportation sector’s emissions. To support the increasing number of EVs on the road, EV Charging Stations (EVCSs) are being deployed and have become a core element of the transportation infrastructure. EVCSs with individual web portals have been widely studied and proven to be vulnerable to network-based attacks. On the other hand, EVCSs that do not host web portals and cannot be accessed remotely are considered more secure. These EVCSs are generally considered to be more secure and have been overlooked in previous studies. Consequently, in this work, we present the first attack framework that exploits design flaws in this type of EVCS to hijack their operation. Our tests were performed on six actual EVCSs that follow the deployment strategy commonly preferred in North America by most operators and a few operators in Europe. We demonstrate how adversaries can successfully exploit the discussed vulnerabilities to gain unauthorized access to the EVCS configuration and acquire administrator privileges. We then proceed to craft multiple attacks to affect the power grid, steal money, or deteriorate EVCS availability.</div></div>","PeriodicalId":51004,"journal":{"name":"Computers & Security","volume":"161 ","pages":"Article 104759"},"PeriodicalIF":5.4,"publicationDate":"2026-02-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"145624652","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

引用次数: 0

SETPA: Structural evasion techniques for PDF malware detection systems PDF恶意软件检测系统的结构规避技术

IF 5.4 2区计算机科学 Q1 COMPUTER SCIENCE, INFORMATION SYSTEMS

Computers & Security

Pub Date : 2026-02-01 Epub Date: 2025-11-22 DOI: 10.1016/j.cose.2025.104775

Nasir Iqbal , Faisal Bashir Hussain , Hassan Jalil Hadi , Naveed Ahmad , Ali Shoker

Portable Document Format (PDF) is widely used because of its cross-platform compatibility, document integrity, and security features. However, their structural vulnerabilities make them a prime target for malware attacks. Machine-learning-based detection systems often struggle with feature engineering, dataset diversity, and robustness against adversarial attacks. These limitations result in high false positives, disruption of benign processes, and false negatives, enabling adversarial malware to evade detection. To address these challenges, this study introduces Structural Evasion Techniques for PDF Augmentation (SETPA), a novel evasion framework designed to bypass PDF malware detection systems. SETPA employs eight structural techniques, such as empty object streams, fake XREF table entries, and benign metadata, to obfuscate malicious content while preserving file functionality.Comprehensive experiments conducted on two leading detection models, PDFRate v2.0 and Hidost, demonstrate that SETPA consistently outperforms a Deep Reinforcement Learning (DRL)-based evasion framework. SETPA achieves evasion success rates that are 6 % to 10 % higher, and reduces average detection accuracy by 58 % to 80 %. These results confirm SETPA’s robust and reliable evasion performance across various detection systems. The findings highlight SETPA’s capability to exploit structural vulnerabilities in PDF detectors and underscore the need for adaptive, behavior-aware defense mechanisms that can counter entropy-driven structural evasions in emerging cyber threats.

可移植文档格式（Portable Document Format， PDF）因其跨平台兼容性、文档完整性和安全特性而被广泛使用。然而，它们的结构漏洞使它们成为恶意软件攻击的主要目标。基于机器学习的检测系统经常在特征工程、数据集多样性和对对抗性攻击的鲁棒性方面挣扎。这些限制导致高假阳性、良性进程中断和假阴性，使对抗性恶意软件逃避检测。为了解决这些挑战，本研究引入了PDF增强的结构规避技术（SETPA），这是一种新的规避框架，旨在绕过PDF恶意软件检测系统。SETPA采用八种结构技术，例如空对象流、假XREF表项和良性元数据，在保留文件功能的同时混淆恶意内容。在两种领先的检测模型PDFRate v2.0和Hidost上进行的综合实验表明，SETPA始终优于基于深度强化学习（DRL）的逃避框架。SETPA的规避成功率提高了6%到10%，平均检测准确率降低了58%到80%。这些结果证实了SETPA在各种探测系统中的稳健和可靠的规避性能。研究结果强调了SETPA利用PDF探测器结构漏洞的能力，并强调了对自适应、行为感知防御机制的需求，该机制可以对抗新兴网络威胁中熵驱动的结构逃避。

{"title":"SETPA: Structural evasion techniques for PDF malware detection systems","authors":"Nasir Iqbal , Faisal Bashir Hussain , Hassan Jalil Hadi , Naveed Ahmad , Ali Shoker","doi":"10.1016/j.cose.2025.104775","DOIUrl":"10.1016/j.cose.2025.104775","url":null,"abstract":"<div><div>Portable Document Format (PDF) is widely used because of its cross-platform compatibility, document integrity, and security features. However, their structural vulnerabilities make them a prime target for malware attacks. Machine-learning-based detection systems often struggle with feature engineering, dataset diversity, and robustness against adversarial attacks. These limitations result in high false positives, disruption of benign processes, and false negatives, enabling adversarial malware to evade detection. To address these challenges, this study introduces Structural Evasion Techniques for PDF Augmentation (SETPA), a novel evasion framework designed to bypass PDF malware detection systems. SETPA employs eight structural techniques, such as empty object streams, fake XREF table entries, and benign metadata, to obfuscate malicious content while preserving file functionality.Comprehensive experiments conducted on two leading detection models, PDFRate v2.0 and Hidost, demonstrate that SETPA consistently outperforms a Deep Reinforcement Learning (DRL)-based evasion framework. SETPA achieves evasion success rates that are 6 % to 10 % higher, and reduces average detection accuracy by 58 % to 80 %. These results confirm SETPA’s robust and reliable evasion performance across various detection systems. The findings highlight SETPA’s capability to exploit structural vulnerabilities in PDF detectors and underscore the need for adaptive, behavior-aware defense mechanisms that can counter entropy-driven structural evasions in emerging cyber threats.</div></div>","PeriodicalId":51004,"journal":{"name":"Computers & Security","volume":"161 ","pages":"Article 104775"},"PeriodicalIF":5.4,"publicationDate":"2026-02-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"145624654","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

引用次数: 0

Integration of emerging technologies in cybersecurity for healthcare: A systematic review 医疗网络安全新兴技术的整合：系统综述

IF 5.4 2区计算机科学 Q1 COMPUTER SCIENCE, INFORMATION SYSTEMS

Computers & Security

Pub Date : 2026-02-01 Epub Date: 2025-11-15 DOI: 10.1016/j.cose.2025.104763

Dwibik Patra, Narendran Rajagopalan

The integration of Internet of Medical Things (IoMT) devices into healthcare has enhanced clinical services but also widened the attack surface, exposing systems to ransomware, data exfiltration, and protocol spoofing. Conventional security mechanisms often fall short in addressing such diverse and evolving threats. This review examines the role of hybrid approaches that combine machine learning (ML) and deep learning (DL) models with metaheuristic optimization techniques in strengthening healthcare cybersecurity. Techniques such as Genetic Algorithms, Particle Swarm Optimization, and Ant Colony Optimization are assessed for their capacity to fine-tune learning models, improve detection accuracy, and enhance adaptability against complex attack patterns. Evidence from recent studies demonstrates that these hybrid solutions achieve higher resilience and better handling of imbalanced or dynamic datasets compared with traditional methods. However, challenges persist in achieving interpretability, ensuring real-time processing, and maintaining compliance with regulatory frameworks, including HIPAA and GDPR. The review highlights how explainable AI methods such as SHAP and LIME, alongside multi-objective optimization frameworks such as NSGA-II, contribute to balancing accuracy, latency, and privacy requirements. Applications discussed include intrusion detection in hospital networks, protection of IoMT infrastructures, and safeguarding of electronic health records. The paper concludes by identifying open research challenges and proposing a roadmap for developing lightweight, interpretable, and regulation-aware AI solutions tailored to the specific needs of healthcare cybersecurity.

医疗物联网（IoMT）设备与医疗保健的集成增强了临床服务，但也扩大了攻击面，使系统暴露于勒索软件、数据泄露和协议欺骗之下。传统的安全机制在应对这些多样化和不断演变的威胁方面往往存在不足。本文综述了结合机器学习（ML）和深度学习（DL）模型与元启发式优化技术的混合方法在加强医疗保健网络安全中的作用。遗传算法、粒子群优化和蚁群优化等技术被评估为微调学习模型、提高检测准确性和增强对复杂攻击模式的适应性的能力。最近的研究表明，与传统方法相比，这些混合解决方案具有更高的弹性和更好的处理不平衡或动态数据集的能力。然而，在实现可解释性、确保实时处理和维护法规框架（包括HIPAA和GDPR）的合规性方面仍然存在挑战。该综述强调了可解释的AI方法（如SHAP和LIME）以及多目标优化框架（如NSGA-II）如何有助于平衡准确性、延迟和隐私要求。讨论的应用包括医院网络中的入侵检测、IoMT基础设施的保护以及电子健康记录的保护。本文最后确定了开放的研究挑战，并提出了针对医疗保健网络安全的特定需求开发轻量级、可解释和监管意识的人工智能解决方案的路线图。

{"title":"Integration of emerging technologies in cybersecurity for healthcare: A systematic review","authors":"Dwibik Patra, Narendran Rajagopalan","doi":"10.1016/j.cose.2025.104763","DOIUrl":"10.1016/j.cose.2025.104763","url":null,"abstract":"<div><div>The integration of Internet of Medical Things (IoMT) devices into healthcare has enhanced clinical services but also widened the attack surface, exposing systems to ransomware, data exfiltration, and protocol spoofing. Conventional security mechanisms often fall short in addressing such diverse and evolving threats. This review examines the role of hybrid approaches that combine machine learning (ML) and deep learning (DL) models with metaheuristic optimization techniques in strengthening healthcare cybersecurity. Techniques such as Genetic Algorithms, Particle Swarm Optimization, and Ant Colony Optimization are assessed for their capacity to fine-tune learning models, improve detection accuracy, and enhance adaptability against complex attack patterns. Evidence from recent studies demonstrates that these hybrid solutions achieve higher resilience and better handling of imbalanced or dynamic datasets compared with traditional methods. However, challenges persist in achieving interpretability, ensuring real-time processing, and maintaining compliance with regulatory frameworks, including HIPAA and GDPR. The review highlights how explainable AI methods such as SHAP and LIME, alongside multi-objective optimization frameworks such as NSGA-II, contribute to balancing accuracy, latency, and privacy requirements. Applications discussed include intrusion detection in hospital networks, protection of IoMT infrastructures, and safeguarding of electronic health records. The paper concludes by identifying open research challenges and proposing a roadmap for developing lightweight, interpretable, and regulation-aware AI solutions tailored to the specific needs of healthcare cybersecurity.</div></div>","PeriodicalId":51004,"journal":{"name":"Computers & Security","volume":"161 ","pages":"Article 104763"},"PeriodicalIF":5.4,"publicationDate":"2026-02-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"145624653","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

引用次数: 0

Internet of cybersecurity things in the third decade of the 21st century: A forward vision 21世纪第三个十年的网络安全物联网：前瞻

IF 5.4 2区计算机科学 Q1 COMPUTER SCIENCE, INFORMATION SYSTEMS

Computers & Security

Pub Date : 2026-02-01 Epub Date: 2025-11-13 DOI: 10.1016/j.cose.2025.104747

Marianna Rezk , Hassan Harb , Ismail Bennis , Sebastien Bindel , Abdelhafid Abouaissa

Recently, integrating Artificial Intelligence (AI) into the Internet of Things (IoT) networks had led to a revolution in cybersecurity-based applications. It secures the interconnected devices in such networks and detecting various types of attacks. Thus, we are witnessing the rise of a new network generation called the Internet of Cybersecurity Things (IoCT). Particularly, this study explores the evolution of IoCT networks in the last century, while examining their pivotal role in securing smart cities applications. Firstly, this study focuses various IoCT applications and provides a comprehensive review of recent AI-based techniques and approaches proposed to overcome challenges raised in IoCTs. Then, we propose a multi-layer architecture for safeguarding IoT devices and networks from unauthorized access, intrusions and data breaches. The architecture is mainly based on AI, edge/fog computing and knowledge distillation, and consists of five layers: perception, network, edge/fog, detection, and decision. Then, we provide an overview of various benchmark datasets used in the validation process to help realize the new architecture. For efficiency validation, we provide a performance analysis of nowadays IoCT systems; some existing techniques have been selected for testing and comparison according to a set of criteria. Finally, the results of the comparative study are anticipated to direct future research paths and assist in developing secure mechanisms tailored for the evolving landscape of the Internet of Cloud Things (IoCT).

最近，将人工智能（AI）集成到物联网（IoT）网络中导致了基于网络安全的应用的革命。保护网络中互联设备的安全，检测各种类型的攻击。因此，我们正在见证被称为网络安全物联网（icoct）的新一代网络的兴起。特别地，本研究探讨了icc网络在上个世纪的演变，同时研究了它们在保护智慧城市应用中的关键作用。首先，本研究关注了各种人工智能技术的应用，并全面回顾了最近提出的基于人工智能的技术和方法，以克服人工智能技术中提出的挑战。然后，我们提出了一个多层架构，以保护物联网设备和网络免受未经授权的访问，入侵和数据泄露。该体系结构主要基于人工智能、边缘/雾计算和知识蒸馏，由感知、网络、边缘/雾、检测和决策五层组成。然后，我们概述了验证过程中使用的各种基准数据集，以帮助实现新架构。为了验证效率，我们提供了当今IoCT系统的性能分析；根据一套标准，选择了一些现有的技术进行测试和比较。最后，比较研究的结果有望指导未来的研究路径，并协助开发适合云物联网（icoct）不断发展的安全机制。

{"title":"Internet of cybersecurity things in the third decade of the 21st century: A forward vision","authors":"Marianna Rezk , Hassan Harb , Ismail Bennis , Sebastien Bindel , Abdelhafid Abouaissa","doi":"10.1016/j.cose.2025.104747","DOIUrl":"10.1016/j.cose.2025.104747","url":null,"abstract":"<div><div>Recently, integrating Artificial Intelligence (AI) into the Internet of Things (IoT) networks had led to a revolution in cybersecurity-based applications. It secures the interconnected devices in such networks and detecting various types of attacks. Thus, we are witnessing the rise of a new network generation called the Internet of Cybersecurity Things (IoCT). Particularly, this study explores the evolution of IoCT networks in the last century, while examining their pivotal role in securing smart cities applications. Firstly, this study focuses various IoCT applications and provides a comprehensive review of recent AI-based techniques and approaches proposed to overcome challenges raised in IoCTs. Then, we propose a multi-layer architecture for safeguarding IoT devices and networks from unauthorized access, intrusions and data breaches. The architecture is mainly based on AI, edge/fog computing and knowledge distillation, and consists of five layers: perception, network, edge/fog, detection, and decision. Then, we provide an overview of various benchmark datasets used in the validation process to help realize the new architecture. For efficiency validation, we provide a performance analysis of nowadays IoCT systems; some existing techniques have been selected for testing and comparison according to a set of criteria. Finally, the results of the comparative study are anticipated to direct future research paths and assist in developing secure mechanisms tailored for the evolving landscape of the Internet of Cloud Things (IoCT).</div></div>","PeriodicalId":51004,"journal":{"name":"Computers & Security","volume":"161 ","pages":"Article 104747"},"PeriodicalIF":5.4,"publicationDate":"2026-02-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"145624655","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

引用次数: 0

首页上一页

下一页尾页

类型

全部化学•材料生命科学医学物理工程技术环境•农林材料科学地球科学法学管理学化学环境科学与生态学计算机科学教育学经济学农林科学人文科学生物学数学物理与天体物理心理学综合性期刊其他工业工程理学历史学农学文学信息工程

数据库

全部 ACS Publications Elsevier ieeexplore Springer The Royal Society of Chemistry Wiley

期刊

Computers & Security

全部 Int. J. Biometeorol. Ann. Glaciol. ECOSYSTEMS ARCHAEOMETRY Environ. Chem. Commun. Theor. Phys. "Laboratorio;" analisis clinicos, bacteriologia, inmunologia, parasitologia, hematologia, anatomia patologica, quimica clinica Environ. Educ. Res, 2011 IEEE 2nd International Conference on Computing, Control and Industrial Engineering Geochem. Int. J. Appl. Phys. ACTA ORTHOP Biomed Instrum Technol J. Electron. Spectrosc. Relat. Phenom. Memai Heiko Igaku J APPL METEOROL CLIM 2013 IEEE International Symposium on Hardware-Oriented Security and Trust (HOST) Environmental Sustainability Gulhane Medical Journal Aquat. Geochem. Can. J. Phys. J. Acoust. Soc. Am. ACTA NEUROBIOL EXP J. Atmos. Sol. Terr. Phys. Perinatology Environ. Prot. Eng. Nucl. Sci. Tech. BIOGEOSCIENCES ACTA NEUROL BELG Org. Geochem. PALAEOGEOGR PALAEOCL 2013 Abstracts IEEE International Conference on Plasma Science (ICOPS) Engineering Science and Technology, an International Journal Energy Systems Appl. Clay Sci. Focus on Autism and Other Developmental Disabilities Conserv. Genet. Resour. Acta Trop. Clim. Change Chin. Phys. Lett. Space Weather Classical Quantum Gravity Geol. Ore Deposits npj Quantum Inf. Jpn. J. Appl. Phys. Journal of Equine Science Environmental Epigenetics TERR ATMOS OCEAN SCI Biomedicine (India) Toxicology International 电力系统及其自动化学报 Sudebno-Meditsinskaya Ekspertisa J. Adv. Model. Earth Syst. Geochem. J. Phys. Scr. 2012 IEEE/RSJ International Conference on Intelligent Robots and Systems 2007 IEEE Ultrasonics Symposium Proceedings 2009 International Workshop on Intelligent Systems and Applications Environmental Science: an Indian journal 2013 International Conference on Optical MEMS and Nanophotonics (OMN) Entomologisk tidskrift ACTA METEOROL SIN ARCT ANTARCT ALP RES Exp. Hematol. J PHYS G NUCL PARTIC J. Hydrol. J. Space Weather Space Clim. ACTA ORTHOP BELG Chem. Ecol. American Journal of Men's Health Geostand. Geoanal. Res. 航空科学与技术(英文) Environmental Claims Journal AAPG Bull. Carbon Balance Manage. Revista Chilena de Obstetricia y Ginecologia Contrib. Mineral. Petrol. Astrophys. Space Sci. Ecol. Monogr. Archaeol. Anthropol. Sci. Earth Syst. Dyn. Conserv. Biol. Am. J. Phys. Anthropol. ACTA GEOL SIN-ENGL ASTROBIOLOGY Clean-Soil Air Water Ann. Phys. Chin. Phys. C ARCH ACOUST Astrophys. J. Suppl. Ser. Adv. Atmos. Sci. Appl. Phys. Rev. Atmos. Res. IZV-PHYS SOLID EART+ Appl. Geochem. Big Earth Data Geobiology Annu. Rev. Earth Planet. Sci. ASTRON ASTROPHYS Environ. Eng. Manage. J.

﹀