Computer Standards & Interfaces最新文献

Research on optimizing network intrusion detection using deep learning and big data in intelligent elderly care 基于深度学习和大数据的智能养老网络入侵检测优化研究

IF 3.1 2区计算机科学

Computer Standards & Interfaces Pub Date : 2026-04-01 Epub Date: 2026-01-24 DOI: 10.1016/j.csi.2026.104136

Dai Huiying

{"title":"Research on optimizing network intrusion detection using deep learning and big data in intelligent elderly care","authors":"Dai Huiying","doi":"10.1016/j.csi.2026.104136","DOIUrl":"10.1016/j.csi.2026.104136","url":null,"abstract":"<div><div>Internet of Things devices are increasingly embedded in elderly care services, expanding exposure to network intrusions that can disrupt remote monitoring and compromise sensitive data. This study develops a stacked deep-learning intrusion detection meta-model for elderly care network settings and evaluates it using the Network Security Laboratory–Knowledge Discovery and Data Mining (NSL-KDD) and Canadian Institute for Cybersecurity Intrusion Detection System 2018 (CICIDS2018) datasets. The approach integrates deep neural networks, convolutional neural networks, recurrent neural networks with long short-term memory and gated recurrent units, and autoencoders by fusing their calibrated decision outputs in a second-stage learner. Data preprocessing included encoding of categorical attributes, normalization, and class-imbalance handling, with model comparison performed using five-fold cross-validation and one-way analysis of variance with Tukey’s post hoc contrasts. The proposed meta-model achieved 99.85% accuracy, 99.2% precision, 99.1% recall, and a 99.15% F1 score, exceeding individual base learners and comparator ensembles, and showed strong detection for frequent service-disruption and reconnaissance attacks while remaining less sensitive to rare exploit categories (approximately 0.85 precision/recall for low-support classes). These results indicate that decision-level fusion can improve robustness under class imbalance and supports low-latency deployment in resource-constrained care facilities when implemented in an edge–cloud monitoring workflow.</div></div>","PeriodicalId":50635,"journal":{"name":"Computer Standards & Interfaces","volume":"97 ","pages":"Article 104136"},"PeriodicalIF":3.1,"publicationDate":"2026-04-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"146077331","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

引用次数: 0

Fuzzy-based security requirements quality assessing: Comparison of security experts and generative AI 基于模糊的安全需求质量评估：安全专家与生成式人工智能的比较

IF 3.1 2区计算机科学

Computer Standards & Interfaces Pub Date : 2026-04-01 Epub Date: 2026-01-28 DOI: 10.1016/j.csi.2026.104137

Asta Slotkienė, Jolanta Miliauskaitė, Rasa Karbauskaitė

{"title":"Fuzzy-based security requirements quality assessing: Comparison of security experts and generative AI","authors":"Asta Slotkienė, Jolanta Miliauskaitė, Rasa Karbauskaitė","doi":"10.1016/j.csi.2026.104137","DOIUrl":"10.1016/j.csi.2026.104137","url":null,"abstract":"<div><div>Software systems that store and process large volumes of data are prime targets for increasingly sophisticated cyberattacks. Software engineers recognise that developing software completely free of defects or vulnerabilities is practically impossible, which makes security a critical quality characteristic of software products that must be addressed from the earliest stages of requirements engineering to avoid data loss, software failure, and ensure effective maintenance. Today, secure software engineering promotes proactive risk analysis, systematically identifying potential threats and integrating appropriate countermeasures into the requirements and development process. This paper presents an empirical investigation of security requirements engineering methodologies that integrate the experience of security experts and generative AI capabilities into the security requirements engineering (SRE) process. The empirical investigation results show that SRE based on Generative Artificial Intelligence (GenAI) capabilities still does not achieve the security expert's experience in specifying security requirements, while ensuring the quality of requirement specification based on security risks. We hope that our results will inspire researchers and practitioners to further explore the improvement of security requirements specifications using generative AI and fuzzy logic for SRE.</div></div>","PeriodicalId":50635,"journal":{"name":"Computer Standards & Interfaces","volume":"97 ","pages":"Article 104137"},"PeriodicalIF":3.1,"publicationDate":"2026-04-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"146077329","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

引用次数: 0

Highway to Hack — Security gaps in ETSI ITS standards 高速公路黑客-安全漏洞在ETSI ITS标准

IF 3.1 2区计算机科学

Computer Standards & Interfaces Pub Date : 2026-04-01 Epub Date: 2026-01-21 DOI: 10.1016/j.csi.2026.104133

Roberto Gesteira-Miñarro , Takahito Yoshizawa , Rafael Palacios , Gregorio López

{"title":"Highway to Hack — Security gaps in ETSI ITS standards","authors":"Roberto Gesteira-Miñarro , Takahito Yoshizawa , Rafael Palacios , Gregorio López","doi":"10.1016/j.csi.2026.104133","DOIUrl":"10.1016/j.csi.2026.104133","url":null,"abstract":"<div><div>Vehicle-to-Everything (V2X) communication technologies are revolutionizing transportation by enabling real-time information exchange among vehicles, infrastructure, pedestrians, and networks. While these technologies offer significant benefits in terms of road safety, traffic efficiency, and support for autonomous driving, they also introduce critical security and privacy risks due to their decentralized and dynamic nature. In this paper, we perform an analysis of the ETSI Intelligent Transport System (ITS) standards, specifications and reports to identify vulnerabilities that could be exploited to cause cyber–physical damages. We focus particularly on Cooperative Awareness Messages (CAM) and Decentralized Environmental Notification Messages (DENM) in the ETSI ITS standard, and pseudonym ID mechanisms. We identified several security issues, including vulnerabilities that lead to replay attacks, identity-based attacks such as spoofing and Sybil attacks, as well as grayhole attacks. We present attack scenarios where the issues found can be leveraged to compromise road safety, and quantify their potential impact through simulations using Eclipse SUMO. These scenarios might be relevant during a transition period where V2X-enabled vehicles coexist with legacy vehicles. Furthermore, we propose mitigations to address the identified issues. Our findings highlight the need for stronger security measures in V2X systems to ensure both safety and security in future intelligent transportation systems.</div></div>","PeriodicalId":50635,"journal":{"name":"Computer Standards & Interfaces","volume":"97 ","pages":"Article 104133"},"PeriodicalIF":3.1,"publicationDate":"2026-04-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"146037247","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

引用次数: 0

Efficient encrypted conjunctive search with volume and result pattern leakage resistance 有效的加密联合搜索，具有体积和结果模式抗泄漏性

IF 3.1 2区计算机科学

Computer Standards & Interfaces Pub Date : 2026-04-01 Epub Date: 2026-01-20 DOI: 10.1016/j.csi.2026.104135

Xinru Zheng, Jinguo Li, Kai Zhang, Chuanlong Zhao, Xiangluan Hou

{"title":"Efficient encrypted conjunctive search with volume and result pattern leakage resistance","authors":"Xinru Zheng, Jinguo Li, Kai Zhang, Chuanlong Zhao, Xiangluan Hou","doi":"10.1016/j.csi.2026.104135","DOIUrl":"10.1016/j.csi.2026.104135","url":null,"abstract":"<div><div>The Oblivious Cross-Tags (OXT) protocol inevitably incurs partial information leakage about the underlying database. Typical leakage includes volume leakage, keyword-pair result pattern (KPRP) leakage, and cross-query intersection pattern (IP) leakage. Such leakages can be exploited by adversaries to infer query contents, thereby compromising data privacy. However, existing security solutions suffer from two major limitations: (i) they fail to simultaneously conceal volume patterns, KPRP, and IP; and (ii) they require multiple rounds of interaction between the client and the server. To address these challenges, we propose <strong>VKP-OXT</strong>, a non-interactive encrypted conjunctive search scheme based on OXT. Specifically, we introduce a volume-hiding encryption mechanism built upon an Oblivious Key-Value Store (OKVS) and design a tailored encryption scheme for conjunctive keyword search. Furthermore, we develop a novel data structure that enables the direct generation of encrypted key–value pairs in a non-interactive manner. To eliminate KPRP leakage, we incorporate a symmetric subset predicate encryption primitive that supports set containment checks without revealing additional information. Security analysis demonstrates that VKP-OXT achieves its intended security guarantees under a well-defined leakage model, and both theoretical analysis and experimental results confirm its practical efficiency.</div></div>","PeriodicalId":50635,"journal":{"name":"Computer Standards & Interfaces","volume":"97 ","pages":"Article 104135"},"PeriodicalIF":3.1,"publicationDate":"2026-04-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"146187315","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

引用次数: 0

Co-distillation-based defense framework for federated knowledge graph embedding against poisoning attacks 基于协同蒸馏的联邦知识图嵌入中毒攻击防御框架

IF 3.1 2区计算机科学

Computer Standards & Interfaces Pub Date : 2026-04-01 Epub Date: 2025-12-09 DOI: 10.1016/j.csi.2025.104113

Yiqin Lu, Jiarui Chen, Jiancheng Qin

引用次数: 0

Decentralized multi-client boolean keyword search for encrypted cloud storage 分布式多客户端布尔关键字搜索加密云存储

IF 3.1 2区计算机科学

Computer Standards & Interfaces Pub Date : 2026-04-01 Epub Date: 2026-01-14 DOI: 10.1016/j.csi.2026.104127

Xiwen Wang , Junqing Gong , Kai Zhang , Haifeng Qian

{"title":"Decentralized multi-client boolean keyword search for encrypted cloud storage","authors":"Xiwen Wang , Junqing Gong , Kai Zhang , Haifeng Qian","doi":"10.1016/j.csi.2026.104127","DOIUrl":"10.1016/j.csi.2026.104127","url":null,"abstract":"<div><div>In multi-client searchable symmetric encryption (MC-SSE), multiple clients have the capability to conduct keyword searches on encrypted data hosted in cloud, where the outsourced data is contributed by a data owner. Unfortunately, all known MC-SSE addressing key escrow problem required establishing a secure channel between data owner and user, and might suffer from significant key storage overhead. Therefore, we present an effective decentralized MC-SSE (DMC-SSE) system without the key escrow problem for secure cloud storage, eliminating the secure channel between data owner and data user. In DMC-SSE, each client independently picks its public/secret key, while a bulletin board of user public keys takes the place of the central authority. Technically, we introduce a semi-generic construction framework of DMC-SSE, building upon Cash et al.’s OXT structure (CRYPTO 2013), which roughly combines Kolonelos, Malavolta and Wee’s distributed broadcast encryption scheme (ASIACRYPT 2023) and additionally introduces a distributed keyed pseudorandom function module for securely aggregating each client’s secret key.</div></div>","PeriodicalId":50635,"journal":{"name":"Computer Standards & Interfaces","volume":"97 ","pages":"Article 104127"},"PeriodicalIF":3.1,"publicationDate":"2026-04-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"145977135","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

引用次数: 0

AdaTraj-DP: An adaptive privacy framework for context-aware trajectory data publishing AdaTraj-DP：用于上下文感知轨迹数据发布的自适应隐私框架

IF 3.1 2区计算机科学

Computer Standards & Interfaces Pub Date : 2026-04-01 Epub Date: 2025-12-30 DOI: 10.1016/j.csi.2025.104125

Yongxin Zhao , Chundong Wang , Hao Lin , Xumeng Wang , Yixuan Song , Qiuyu Du

{"title":"AdaTraj-DP: An adaptive privacy framework for context-aware trajectory data publishing","authors":"Yongxin Zhao , Chundong Wang , Hao Lin , Xumeng Wang , Yixuan Song , Qiuyu Du","doi":"10.1016/j.csi.2025.104125","DOIUrl":"10.1016/j.csi.2025.104125","url":null,"abstract":"<div><div>Trajectory data are widely used in AI-based spatiotemporal analysis but raise privacy concerns due to their fine-grained nature and the potential for individual re-identification. Existing differential privacy (DP) approaches often apply uniform perturbation, which compromises spatial continuity, or adopt personalized mechanisms that overlook structural utility. This study introduces AdaTraj-DP, an adaptive differential privacy framework designed to balance trajectory-level protection and analytical utility. The framework combines context-aware sensitivity detection with hierarchical aggregation. Specifically, a dynamic sensitivity model evaluates privacy risks according to spatial density and semantic context, enabling adaptive allocation of privacy budgets. An adaptive perturbation mechanism then injects noise proportionally to the estimated sensitivity and represents trajectories through Hilbert-based encoding for prefix-oriented hierarchical aggregation with layer-wise budget distribution. Experiments conducted on the T-Drive and GeoLife datasets indicate that AdaTraj-DP maintains stable query accuracy, spatial consistency, and downstream analytical utility across varying privacy budgets while satisfying formal differential privacy guarantees.</div></div>","PeriodicalId":50635,"journal":{"name":"Computer Standards & Interfaces","volume":"97 ","pages":"Article 104125"},"PeriodicalIF":3.1,"publicationDate":"2026-04-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"145883438","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

引用次数: 0

Chaos experiments in microservice architectures: A systematic literature review 微服务架构中的混沌实验：系统的文献综述

IF 3.1 2区计算机科学

Computer Standards & Interfaces Pub Date : 2026-04-01 Epub Date: 2025-12-15 DOI: 10.1016/j.csi.2025.104116

Emrah Esen , Akhan Akbulut , Cagatay Catal

引用次数: 0

SiamIDS: A novel cloud-centric Siamese Bi-LSTM framework for interpretable intrusion detection in large-scale IoT networks SiamIDS：一种新的以云为中心的Siamese Bi-LSTM框架，用于大规模物联网网络中的可解释入侵检测

IF 3.1 2区计算机科学

Computer Standards & Interfaces Pub Date : 2026-04-01 Epub Date: 2025-12-15 DOI: 10.1016/j.csi.2025.104119

Prabu Kaliyaperumal , Palani Latha , Selvaraj Palanisamy , Sridhar Pushpanathan , Anand Nayyar , Balamurugan Balusamy , Ahmad Alkhayyat

{"title":"SiamIDS: A novel cloud-centric Siamese Bi-LSTM framework for interpretable intrusion detection in large-scale IoT networks","authors":"Prabu Kaliyaperumal , Palani Latha , Selvaraj Palanisamy , Sridhar Pushpanathan , Anand Nayyar , Balamurugan Balusamy , Ahmad Alkhayyat","doi":"10.1016/j.csi.2025.104119","DOIUrl":"10.1016/j.csi.2025.104119","url":null,"abstract":"<div><div>The rapid proliferation of Internet of Things (IoT) devices has heightened the need for scalable and interpretable intrusion detection systems (IDS) capable of operating efficiently in cloud-centric environments. Existing IDS approaches often struggle with real-time processing, zero-day attack detection, and model transparency. To address these challenges, this paper proposes SiamIDS, a novel cloud-native framework that integrates contrastive Siamese Bi-directional LSTM (Bi-LSTM) modeling, autoencoder-based dimensionality reduction, SHapley Additive exPlanations (SHAP) for interpretability, and Ordering Points To Identify the Clustering Structure (OPTICS) clustering for unsupervised threat categorization. The framework aims to enhance the detection of both known and previously unseen threats in large-scale IoT networks by learning behavioral similarity across network flows. Trained on the CIC IoT-DIAD 2024 dataset, SiamIDS achieves superior detection performance with an F1-score of 99.45%, recall of 98.96%, and precision of 99.94%. Post-detection OPTICS clustering yields a Silhouette Score of 0.901, DBI of 0.092, and ARI of 0.889, supporting accurate threat grouping. The system processes over 220,000 samples/sec with a RAM usage under 1.5 GB, demonstrating real-time readiness. Compared to state-of-the-art methods, SiamIDS improves F1-score by 2.8% and reduces resource overhead by up to 25%, establishing itself as an accurate, efficient, and explainable IDS for next-generation IoT ecosystems.</div></div>","PeriodicalId":50635,"journal":{"name":"Computer Standards & Interfaces","volume":"97 ","pages":"Article 104119"},"PeriodicalIF":3.1,"publicationDate":"2026-04-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"145839849","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

引用次数: 0

Post-quantum PAKE over lattices revised: Smaug-T.PAKE for mobile devices 后量子PAKE在晶格上的修正：smaugt。移动设备的PAKE

IF 3.1 2区计算机科学

Computer Standards & Interfaces Pub Date : 2026-04-01 Epub Date: 2025-12-15 DOI: 10.1016/j.csi.2025.104118

Kübra Seyhan , Sedat Akleylek , Ahmet Faruk Dursun

{"title":"Post-quantum PAKE over lattices revised: Smaug-T.PAKE for mobile devices","authors":"Kübra Seyhan , Sedat Akleylek , Ahmet Faruk Dursun","doi":"10.1016/j.csi.2025.104118","DOIUrl":"10.1016/j.csi.2025.104118","url":null,"abstract":"<div><div>In this paper, an efficient post-quantum secure password-authenticated key exchange (PAKE) scheme from a well-structured lattice-based key encapsulation mechanism (KEM) is proposed. The generic KEM to PAKE idea, OCAKE, is modified by considering hybrid module learning with errors (MLWE) + module learning with rounding (MLWR) assumptions to obtain explicit password-based authentication from SMAUG-T.KEM procedures. As a KEM primitive, SMAUG-T.KEM is chosen due to its performance against the National Institute of Standards and Technology (NIST) standard Crystals-Kyber (Kyber) to obtain an efficient and post-quantum secure PAKE scheme. Firstly, the anonymity and fuzziness properties of SMAUG-T.KEM are proven to fit the OCAKE approach in constructing the PAKE version of Smaug.KEM. Then, the post-quantum security of the proposed SMAUG-T.PAKE is analyzed in the universal composability (UC) model based on the hybrid security assumptions and proved properties. The reference C and JAVA codes are written to evaluate whether the targeted efficiency is achieved in different platforms. Based on the central processing unit (CPU) and memory usage, run time, and energy consumption metrics, the proposed solution is compared with current PAKE proposals. The performance results showed that SMAUG-T.PAKE, with two optional encryption modes, Advanced Encryption Standard (AES) or Ascon, presents better performance than the other module-based PAKE solutions from lattices in terms of both reference and mobile results.</div></div>","PeriodicalId":50635,"journal":{"name":"Computer Standards & Interfaces","volume":"97 ","pages":"Article 104118"},"PeriodicalIF":3.1,"publicationDate":"2026-04-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"145839846","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

引用次数: 0