Computer Standards & Interfaces最新文献

{"title":"Leveraging activation and optimisation layers as dynamic strategies in the multi-task fuzzing scheme","authors":"Sadegh Bamohabbat Chafjiri,&nbsp;Phil Legg,&nbsp;Michail-Antisthenis Tsompanas,&nbsp;Jun Hong","doi":"10.1016/j.csi.2025.104011","DOIUrl":"10.1016/j.csi.2025.104011","url":null,"abstract":"<div><div>Fuzzing is a common technique for identifying vulnerabilities in software. Recent approaches, like She et al.’s Multi-Task Fuzzing (MTFuzz), use neural networks to improve fuzzing efficiency. However, key elements like network architecture and hyperparameter tuning are still not well-explored. Factors like activation layers, optimisation function design, and vanishing gradient strategies can significantly impact fuzzing results by improving test case selection. This paper delves into these aspects to improve neural network-driven fuzz testing.</div><div>We focus on three key neural network parameters to improve fuzz testing: the Leaky Rectified Linear Unit (LReLU) activation, Nesterov-accelerated Adaptive Moment Estimation (Nadam) optimisation, and sensitivity analysis. LReLU adds non-linearity, aiding feature extraction, while Nadam helps to improve weight updates by considering both current and future gradient directions. Sensitivity analysis optimises layer selection for gradient calculation, enhancing fuzzing efficiency.</div><div>Based on these insights, we propose LMTFuzz, a novel fuzzing scheme optimised for these Machine Learning (ML) strategies. We explore the individual and combined effects of LReLU, Nadam, and sensitivity analysis, as well as their hybrid configurations, across six different software targets. Experimental results demonstrate that LReLU, individually or when paired with sensitivity analysis, significantly enhances fuzz testing performance. However, when combined with Nadam, LReLU shows improvement on some targets, though less pronounced than its combination with sensitivity analysis. This combination improves accuracy, reduces loss, and increases edge coverage, with improvements of up to 23.8%. Furthermore, it leads to a significant increase in unique bug detection, with some targets detecting up to 2.66 times more bugs than baseline methods.</div></div>","PeriodicalId":50635,"journal":{"name":"Computer Standards & Interfaces","volume":"94 ","pages":"Article 104011"},"PeriodicalIF":4.1,"publicationDate":"2025-04-12","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"143828761","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"Validation of inter-parameter dependencies in API gateways","authors":"Saman Barakat,&nbsp;Sergio Segura","doi":"10.1016/j.csi.2025.104010","DOIUrl":"10.1016/j.csi.2025.104010","url":null,"abstract":"<div><div>Web APIs usually include inter-parameter dependencies that constrain how input parameters can be combined to form valid calls to the services. API calls often violate these dependencies, resulting in unnecessary message exchanges, wasted time, and quota usage. Additionally, services may fail to adequately validate whether input requests meet these dependencies, causing critical failures or generating uninformative error messages. In this article, we propose extending API gateways to detect and explain inter-parameter dependency violations. We leverage the Inter-parameter Dependency Language (IDL) for specifying dependencies between input parameters in web APIs, and IDLReasoner, a constraint-based IDL analysis engine. We implemented our approach into a prototype tool, IDLFilter, on top of Spring Cloud Gateway. Evaluation results with 12 industrial API operations and about 30K automatically and manually generated API calls show that our approach effectively blocks invalid calls due to dependency violations, providing informative error messages and minimizing potential input validation failures. IDLFilter introduces a small 7% overhead when processing valid API calls, while reducing the response time of requests violating dependencies by 59%.</div></div>","PeriodicalId":50635,"journal":{"name":"Computer Standards & Interfaces","volume":"94 ","pages":"Article 104010"},"PeriodicalIF":4.1,"publicationDate":"2025-04-12","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"143848113","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"Privacy-preserving authentication protocol for user personal device security in Brain–Computer Interface","authors":"Sunil Prajapat ,&nbsp;Aryan Rana ,&nbsp;Pankaj Kumar ,&nbsp;Ashok Kumar Das ,&nbsp;Willy Susilo","doi":"10.1016/j.csi.2025.104009","DOIUrl":"10.1016/j.csi.2025.104009","url":null,"abstract":"<div><div>Brain–Computer Interface (BCI) technology has emerged as a transformative tool, particularly for individuals with severe motor disabilities. Non-invasive BCI systems, leveraging Electroencephalography (EEG), offer a direct interface between users and external devices, bypassing the need for muscular control. However, ensuring the security and privacy of users’ neural data remains a critical challenge. In this paper, we propose a novel privacy-preserving authentication scheme for EEG-based BCI systems, utilizing elliptic curve cryptography (ECC). Our scheme balances robust security with computational efficiency, making it suitable for resource-constrained environments. Since we are addressing security in a resource-constrained environment, such as EEG in BCI, we have constructed a lightweight authentication algorithm to meet the stringent requirements of minimal computational resources and energy consumption. The security analysis and performance evaluation of the authentication protocol show that our scheme is resistant to various attacks, such as replay, offline password guessing, privilege insider, user impersonation, and smart card stolen attacks. It offers mutual authentication and key agreement, requiring only 1632 bits of communication cost and 15.67139 ms of computational cost for the entire login authentication and key agreement phase. Our study lays a solid foundation for future investigation of innovative solutions for BCI security.</div></div>","PeriodicalId":50635,"journal":{"name":"Computer Standards & Interfaces","volume":"94 ","pages":"Article 104009"},"PeriodicalIF":4.1,"publicationDate":"2025-04-10","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"143816344","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"An efficient rejection-free threshold ring signature from lattices and its application in receipt-free cloud e-voting","authors":"Chunhui Wu ,&nbsp;Youkang Zhou ,&nbsp;Fangguo Zhang ,&nbsp;Yusong Du ,&nbsp;Qiping Lin","doi":"10.1016/j.csi.2025.104008","DOIUrl":"10.1016/j.csi.2025.104008","url":null,"abstract":"<div><div>The threshold ring signature is a generalization of the ring signature. It confirms that <span><math><mi>t</mi></math></span>-out-of-<span><math><mi>N</mi></math></span> members are signing anonymously in a set of <span><math><mi>N</mi></math></span> users, and thus it can be well applied to e-voting. In this paper, we present a more efficient lattice-based threshold ring signature, using Lagrange polynomial interpolation to express the threshold. The scheme eliminates the dependence on Stern-like identification protocols with large soundness error, and achieves much shorter signature sizes. It also uses the technique of Gaussian convolution (<span>G</span>+<span>G</span>) proposed by Devevey et al.<!--> <!-->in Asiacrypt 2023 to remove the rejection sampling in BLISS signature. Compared with previous distributed FSwA (Fiat-Shamir with Aborts) signatures where the number of repetitions increases exponentially with that of signers, our scheme has much higher computation efficiency. We prove the unforgeability and strong anonymity, i.e., fellow-signer anonymity, unclaimability and anonymity against the untrusted leader of our proposed threshold ring signature scheme. Leveraging the security and efficiency advantages of our signature scheme, we propose a post-quantum receipt-free and verifiable e-voting protocol for large-scale elections with untrusted cloud servers.</div></div>","PeriodicalId":50635,"journal":{"name":"Computer Standards & Interfaces","volume":"94 ","pages":"Article 104008"},"PeriodicalIF":4.1,"publicationDate":"2025-04-05","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"143806843","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"A new deep learning based electricity theft detection framework for smart grids in cloud computing","authors":"Zhen Si ,&nbsp;Zhaoqing Liu ,&nbsp;Changchun Mu ,&nbsp;Meng Wang ,&nbsp;Tongxin Gong ,&nbsp;Xiaofang Xia ,&nbsp;Qing Hu ,&nbsp;Yang Xiao","doi":"10.1016/j.csi.2025.104007","DOIUrl":"10.1016/j.csi.2025.104007","url":null,"abstract":"<div><div>Electricity theft is a widespread problem in smart grids with significant economic and security implications. Although users’ electricity consumption patterns usually show obvious periodicity, they also exhibit considerable stochasticity and uncertainty. Existing mainstream electricity theft detection methods are the deep learning-based ones, which struggle to capture reliable long-term dependencies from the complex consumption data, leading to suboptimal identification of abnormal patterns. Moreover, the massive data generated by smart grids demands a scalable and robust computational infrastructure that traditional systems cannot provide. To solve these limitations, we propose a new deep learning-based electricity theft detection framework in cloud computing. At the cloud server, we deploy an electricity theft detector based on the auto-correlation mechanism, called the ETD-SAC detector, which progressively decomposes intricate consumption patterns throughout the detection process and aggregates the dependencies at the subsequence level to effectively discover reliable long-term dependencies from users’ electricity consumption data. Experimental results show that the proposed ETD-SAC detector outperforms state-of-the-art detectors in terms of accuracy, false negative rate, and false positive rate.</div></div>","PeriodicalId":50635,"journal":{"name":"Computer Standards & Interfaces","volume":"94 ","pages":"Article 104007"},"PeriodicalIF":4.1,"publicationDate":"2025-03-31","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"143746803","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"Fields of the future: Digital transformation in smart agriculture with large language models and generative AI","authors":"Tawseef Ayoub Shaikh ,&nbsp;Tabasum Rasool ,&nbsp;Waseem Ahmad Mir","doi":"10.1016/j.csi.2025.104005","DOIUrl":"10.1016/j.csi.2025.104005","url":null,"abstract":"<div><div>Language models (LLMs) have shown to be very useful in many fields like healthcare and finance, as natural language comprehension and generation have advanced. The capacity of LLM to participate in textual discussion has been the subject of much research, and the findings have proved encouraging across several domains. The inability of conventional image classification networks to comprehend the causes of crop diseases and etiology further impedes precise diagnosis. Agricultural diagnostic models on a grand scale will be based on generative pre-trained transformers (GPT) assisted with agrarian settings. By examining the efficacy of text corpora linked to agriculture for pretraining transformer-based language (TBL) models, this research delves into agricultural natural language processing (ANLP). To make the most of it, we looked at several important aspects, including prompt building, response parsing, and several ChatGPT versions. Despite the proven effectiveness and huge potential, there has been little exploration of LLM and Generative AI to agriculture artificial intelligence (AI). Therefore, this study aims to explore the possibility of LLM and Generative AI in smart agriculture. In particular, we present conceptual tools and technical background to facilitate understanding the problem space and uncover new research directions in this field. The paper presents an overview of the evolution of generative adversarial network (GAN) architectures followed by a first systematic review of various applications in smart agriculture and precision farming systems, involving a diversity of visual recognition tasks for smart farming and livestock, precision agriculture, agricultural language processing (ALP), agricultural robots (AR), plant phenotyping (PP), and postharvest quality assessment. We outline the possibilities, difficulties, constraints, and shortcomings. The study lays forth a road map of accessible areas in agriculture where LLM integration is likely to happen shortly. The research suggests exciting directions for further study in this area, which could lead to better agricultural NLP applications.</div></div>","PeriodicalId":50635,"journal":{"name":"Computer Standards & Interfaces","volume":"94 ","pages":"Article 104005"},"PeriodicalIF":4.1,"publicationDate":"2025-03-28","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"143786282","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"WeAIR: Wearable Swarm Sensors for Air Quality Monitoring to Foster Citizens’ Awareness of Climate Change","authors":"Giovanna Maria Dimitri ,&nbsp;Lorenzo Parri ,&nbsp;Eleonora Vitanza ,&nbsp;Alessandro Pozzebon ,&nbsp;Ada Fort ,&nbsp;Chiara Mocenni","doi":"10.1016/j.csi.2025.104004","DOIUrl":"10.1016/j.csi.2025.104004","url":null,"abstract":"<div><div>The present study proposes the implementation of an air quality measurement tool through the use of wearable devices, named WeAIR, consisting of wearable sensors for measuring NO<span><math><msub><mrow></mrow><mrow><mi>x</mi></mrow></msub></math></span>, CO<span><math><msub><mrow></mrow><mrow><mn>2</mn></mrow></msub></math></span>, CO, temperature, humidity, barometric pressure and PM10. In particular through the use of our novel sensor prototype, we performed a measurement collection campaign, acquiring an extensive set of geo-localized air quality data in the city of Siena (Italy). We further implemented and applied an AI neural network based model, capable of predicting the localization of an observation, having as input the air monitoring parameters and using the new spatio-temporal collected datasets. The promising performances obtained with the AI prediction approach enhanced the importance and possibilities of using such spatio-temporal air quality monitoring datasets, suggesting their crucial role both for raising citizen awareness on climate change and supporting policymakers’ decisions, as for instance the ones related to the positioning of new fixed monitoring stations.</div></div>","PeriodicalId":50635,"journal":{"name":"Computer Standards & Interfaces","volume":"94 ","pages":"Article 104004"},"PeriodicalIF":4.1,"publicationDate":"2025-03-28","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"143746802","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"OA","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"Survey of reversible data hiding: Statistics, current trends, and future outlook","authors":"Sonal Gandhi,&nbsp;Rajeev Kumar","doi":"10.1016/j.csi.2025.104003","DOIUrl":"10.1016/j.csi.2025.104003","url":null,"abstract":"<div><div>In the era of increasing digital media storage and transmission over networks, reversible data hiding (RDH) has evolved as a prominent area of research mitigating information security risk. To study the evolution of research, highlight its achievements over the years, and provide future prospects, this paper presents an extensive review of RDH utilizing the dataset extracted from one of the most popular and exhaustive databases, Web of Science. The study aims to first perform quantitative analysis that includes trend analysis, citation analysis, prominent authors and organizations, and geographical coverage, along with qualitative analysis focusing on key research areas and future prospects within RDH. The study further provides a structured view of sub-technologies within RDH, along with the key contributors and their proposed techniques that have led to the evolution of RDH over the years. Next, we provide a comprehensive review of some of the prominent works in each of the sub-technologies of RDH. Finally, several key research directions, identified based on current research trends and early-stage problems and motivations, are discussed. Overall, the proposed study provides valuable insights into the evolution, key milestones, current state, and future prospects of RDH, serving as a guide for the research community.</div></div>","PeriodicalId":50635,"journal":{"name":"Computer Standards & Interfaces","volume":"94 ","pages":"Article 104003"},"PeriodicalIF":4.1,"publicationDate":"2025-03-25","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"143725098","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"PP-MAD: Privacy-preserving multi-task data aggregation in mobile crowdsensing via blockchain","authors":"Xingfu Yan ,&nbsp;Jiaju Ding ,&nbsp;Fucai Luo ,&nbsp;Zheng Gong ,&nbsp;Wing W.Y. Ng ,&nbsp;Yiyuan Luo","doi":"10.1016/j.csi.2025.104002","DOIUrl":"10.1016/j.csi.2025.104002","url":null,"abstract":"<div><div>In smart city, multi-task data aggregation has become a key method for extracting useful information from massive sensing data generated by concurrent mobile crowdsensing tasks from multiple task requesters. In such multi-requester and multi-task scenario, each task requester wants to protect the privacy of their own aggregation results. Thus, protecting privacies of both workers and task requesters pose a significant challenge for multi-task data aggregation. Most existing privacy-preserving data aggregation methods focus on single-requester scenarios. When applied to multi-task and multi-requester aggregation, existing methods are inefficient due to completing repeatedly each task and fail to safeguard the privacy of each task requester. Additionally, existing multi-task data aggregation schemes do not support multiple types of aggregation. To tackle these challenges, we propose PP-MAD, a multi-type and privacy-preserving multi-task data aggregation scheme based on blockchain for mobile crowdsensing. PP-MAD is able to aggregate multiple concurrent tasks from multiple task requesters, and it supports many types of data aggregation, including sum, mean, variance, weighted sum, weighted mean. Moreover, PP-MAD ensures privacies of workers’ data and aggregation results of each task requester, even under collusion attacks. A detailed security analysis verifies that PP-MAD is both secure and privacy-preserving. Furthermore, experimental results and theoretical analyses of both computation and communication costs demonstrate our scheme is efficient.</div></div>","PeriodicalId":50635,"journal":{"name":"Computer Standards & Interfaces","volume":"94 ","pages":"Article 104002"},"PeriodicalIF":4.1,"publicationDate":"2025-03-25","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"143704075","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"PQHealthcare: An efficient cloud data sharing system via Functional Encryption from lattices","authors":"Qiqi Lai ,&nbsp;Chongshen Chen ,&nbsp;Momeng Liu ,&nbsp;Yang Yang ,&nbsp;Yong Yu","doi":"10.1016/j.csi.2025.103993","DOIUrl":"10.1016/j.csi.2025.103993","url":null,"abstract":"<div><div>With the rapid development of the large language models (<span><math><mi>LLM</mi></math></span>) service on the cloud, especially in the healthcare sector, the usage of large models is becoming increasingly popular. However, training these models always involves sensitive information containing lots of personal medical data. And thus, such training processes might result in the exposure of privacy information. In order to help the users eliminate their concerns and share their data in a secure way, we need to find a privacy-preserving method for data sharing in the public cloud service environment.</div><div>While traditional public-key encryption (<span><math><mi>PKE</mi></math></span>) schemes can effectively encrypt healthcare data, they typically offer protection in an “all-or-nothing” manner, lacking flexibility and imposing a significant computational burden on public cloud servers. In contrast, Functional Encryption (<span><math><mi>FE</mi></math></span>) offers a more flexible way of encryption with access control, making it ideal for the cloud data sharing environment. Furthermore, we observe that the majority of computations involved in training large models can be represented by inner product functions. To establish a secure public cloud data sharing system, we propose an efficient <span><math><mi>FE</mi></math></span> scheme for inner product function class, making it well-suited for various real-world applications. We will demonstrate that our scheme achieves post-quantum security based on lattice assumptions.</div></div>","PeriodicalId":50635,"journal":{"name":"Computer Standards & Interfaces","volume":"94 ","pages":"Article 103993"},"PeriodicalIF":4.1,"publicationDate":"2025-03-19","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"143684751","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}