Computer Standards & Interfaces最新文献

{"title":"Blockchain-based cross-domain query integrity verification mechanism for outsourced database","authors":"Yongjun Ren ,&nbsp;Long Chen ,&nbsp;Yongmei Bai ,&nbsp;Jiale Ye ,&nbsp;Yekang Zhao","doi":"10.1016/j.csi.2024.103926","DOIUrl":"10.1016/j.csi.2024.103926","url":null,"abstract":"<div><div>With the growth of cloud computing, more and more organizations are outsourcing data to cloud platforms for flexibility and cost-effectiveness. However, this also poses the risk of data tampering or forgery, especially in the case of cross-domain queries, where the integrity of the query results needs to be ensured and cross-domain authentication is performed at the same time. Traditional approaches rely on centralized third-party authentication authorities, which increases complexity and potential security risks. To address these issues, we propose a blockchain-based Cross-domain Query Integrity Verification (CQIV) mechanism for outsourced databases. The mechanism leverages the decentralization and non-tamperability of the blockchain to achieve efficient cross-domain authentication and query integrity verification without the need for a third-party certification authority. By constructing a cuckoo filter on the blockchain, the authentication efficiency is improved and the storage cost is reduced. In addition, Dynamically Adjustable Capacity Cuckoo Filter (DACF) is designed to optimize query efficiency. Finally, the effectiveness and practicality of the mechanism are verified by comprehensive security analysis and performance evaluation.</div></div>","PeriodicalId":50635,"journal":{"name":"Computer Standards & Interfaces","volume":"92 ","pages":"Article 103926"},"PeriodicalIF":4.1,"publicationDate":"2024-09-17","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"142314787","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"Evaluating and validating the Serious Slow Game Jam methodology as a mechanism for co-designing serious games to improve understanding of cybersecurity for different demographics","authors":"Shenando Stals ,&nbsp;Lynne Baillie ,&nbsp;Ryan Shah ,&nbsp;Jamie Iona Ferguson ,&nbsp;Manuel Maarek","doi":"10.1016/j.csi.2024.103924","DOIUrl":"10.1016/j.csi.2024.103924","url":null,"abstract":"<div><div>We present an evaluation of a Serious Slow Game Jam (SSGJ) methodology as a mechanism for co-designing serious games in the application domain of cybersecurity, to evaluate how the SSGJ methodology contributed to improving the understanding of cybersecurity for different demographics. The aim of this study was to evaluate how the SSGJ contributed to improving the understanding of cybersecurity for young persons between the ages of 11 and 16 years old who had no formal training or education in cybersecurity, and to validate and compare these results to previous work where the same SSGJ methodology was used with a different target demographic (i.e.,M.Sc. students with no formal training or education in secure coding). To this end, we engaged 23 participants between the ages of 11 and 16 years old for 5 consecutive days over a one-week period, in a multidisciplinary SSGJ involving domain-specific, pedagogical, and game design knowledge, and encouraged engagement in-between scheduled events of the SSGJ. Findings show improved confidence of participants in their knowledge of cybersecurity, for both demographics, after undertaking the Serious Slow Game Jam (from 41.2% to 76.5% for young persons, and from 12.5% to 62.5% for M.Sc. students). Free-text answers specifically indicate an improved understanding of cybersecurity in general, and one specific security vulnerability, attack or defence for a quarter of young persons, and the trichotomy of security vulnerabilities, attacks, and defences for three quarters of the M.Sc. students. Also, confidence in knowledge of game design improved for both demographics (from 47.1% to 82.4% for young persons and from 12.5% to 75% for M.Sc. students). The SSGJ methodology also successfully engaged both demographics of participants in-between scheduled days. Finally, two serious games in the application domain of cybersecurity are presented that were co-designed during the SSGJ with participants and produced as an output of the SSGJs.</div></div>","PeriodicalId":50635,"journal":{"name":"Computer Standards & Interfaces","volume":"92 ","pages":"Article 103924"},"PeriodicalIF":4.1,"publicationDate":"2024-09-11","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"142532401","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"OA","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"Delta GUI change detection using inferred models","authors":"Fernando Pastor Ricós ,&nbsp;Beatriz Marín ,&nbsp;Tanja E.J. Vos ,&nbsp;Rick Neeft ,&nbsp;Pekka Aho","doi":"10.1016/j.csi.2024.103925","DOIUrl":"10.1016/j.csi.2024.103925","url":null,"abstract":"<div><p>Recent software development methodologies emphasize iterative and incremental evolution to align with stakeholders’ needs. This perpetual and rapid software evolution demands ongoing research into verification practices and technologies that ensure swift responsiveness and effective management of software delta increments. Strategies such as code review have been widely adopted for development and verification, ensuring readability and consistency in the delta increments of software projects. However, the integration of techniques to detect and visually report delta changes within the Graphical User Interface (GUI) software applications remains an underutilized process. In this paper, we set out to achieve two objectives. First, we aim to conduct a comprehensive review of existing studies concerning GUI change detection in desktop, web, and mobile applications to recognize common practices. Second, we introduce a novel change detection tool capable of highlighting delta GUI changes for this diverse range of applications. To accomplish our first objective, we performed a systematic mapping of the literature using the Scopus database. To address the second objective, we designed and developed a GUI change detection tool. This tool simultaneously transits and compares state models inferred by a scriptless testing tool, enabling the detection and highlighting of GUI changes to detect the widgets or functionalities that have been added, removed, or modified. Our study reveals the existence of a multitude of techniques for change detection in specific GUI systems with different objectives. However, there is no widely adopted technique suitable for the diverse range of existing desktop, web, and mobile applications. Our tool and findings demonstrate the effectiveness of using inferred state models to highlight between 8 and 20 GUI changes in software delta increments containing a large number of changes over months and between 4 and 6 GUI changes in delta increments of small iterations performed over multiple weeks. Moreover, some of these changes were recognized by the software developers as GUI failures that required a fix. Finally, we expose the motivation for using this technique to help developers and testers analyze GUI changes to validate delta increments and detect potential GUI failures, thereby fostering knowledge dissemination and paving the way to standard practices.</p></div>","PeriodicalId":50635,"journal":{"name":"Computer Standards & Interfaces","volume":"92 ","pages":"Article 103925"},"PeriodicalIF":4.1,"publicationDate":"2024-09-03","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"https://www.sciencedirect.com/science/article/pii/S0920548924000941/pdfft?md5=27a9fbf4beea136b7a89fef0ed16bc0d&pid=1-s2.0-S0920548924000941-main.pdf","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"142151245","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"OA","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"Web accessibility barriers and their cross-disability impact in eSystems: A scoping review","authors":"Nikolaos Droutsas,&nbsp;Fotios Spyridonis,&nbsp;Damon Daylamani-Zad,&nbsp;Gheorghita Ghinea","doi":"10.1016/j.csi.2024.103923","DOIUrl":"10.1016/j.csi.2024.103923","url":null,"abstract":"<div><p>Accessibility is an important component in the implementation of Web systems to ensure that these are usable, engaging, and enjoyable by all regardless of the level of ability, condition, or circumstances. Despite manifold efforts, the Web is still largely inaccessible for a plurality of reasons (<em>e.g.</em> poor navigation, lack of/unsuitable alternative text, complex Web forms) with significant impact on disabled users. The impact of Web accessibility barriers varies per disability, but current measures for the impact of barriers treat disabilities as a homogeneous group. In this work, we present a scoping review of the Web accessibility research landscape. Following a structured approach, 112 studies were reviewed, and findings are reported on common Web accessibility barriers and practices within the Web Accessibility Lifecycle. An assessment framework is further proposed to measure the impact of such barriers across disabled groups. Finally, the need for extensive qualitative research into organizational change and multinational studies on Web activity and disturbance by barriers per disabled user group are discussed as future avenues for accessibility research.</p></div>","PeriodicalId":50635,"journal":{"name":"Computer Standards & Interfaces","volume":"92 ","pages":"Article 103923"},"PeriodicalIF":4.1,"publicationDate":"2024-09-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"https://www.sciencedirect.com/science/article/pii/S0920548924000928/pdfft?md5=f921d53ae3864451cd5b1e92e1a7c0f1&pid=1-s2.0-S0920548924000928-main.pdf","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"142229628","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"OA","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"GSParLib: A multi-level programming interface unifying OpenCL and CUDA for expressing stream and data parallelism","authors":"Dinei A. Rockenbach ,&nbsp;Gabriell Araujo ,&nbsp;Dalvan Griebler,&nbsp;Luiz Gustavo Fernandes","doi":"10.1016/j.csi.2024.103922","DOIUrl":"10.1016/j.csi.2024.103922","url":null,"abstract":"<div><p>The evolution of Graphics Processing Units (GPUs) has allowed the industry to overcome long-lasting problems and challenges. Many belong to the stream processing domain, whose central aspect is continuously receiving and processing data from streaming data producers such as cameras and sensors. Nonetheless, programming GPUs is challenging because it requires deep knowledge of many-core programming, mechanisms and optimizations for GPUs. Current GPU programming standards do not target stream processing and present programmability and code portability limitations. Among our main scientific contributions resides <span><span>GSParLib</span></span>, a C++ multi-level programming interface unifying <span>CUDA</span> and <span>OpenCL</span> for GPU processing on stream and data parallelism with negligible performance losses compared to manual implementations; <span><span>GSParLib</span></span> is organized in two layers: one for general-purpose computing and another for high-level structured programming based on parallel patterns; a methodology to provide unified and driver agnostic interfaces minimizing performance losses; a set of parallelism strategies and optimizations for GPU processing targeting stream and data parallelism; and new experiments covering GPU performance on applications exposing stream and data parallelism.</p></div>","PeriodicalId":50635,"journal":{"name":"Computer Standards & Interfaces","volume":"92 ","pages":"Article 103922"},"PeriodicalIF":4.1,"publicationDate":"2024-08-30","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"142122719","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"TDBAMLA: Temporal and dynamic behavior analysis in Android malware using LSTM and attention mechanisms","authors":"Harshal Devidas Misalkar ,&nbsp;Pon Harshavardhanan","doi":"10.1016/j.csi.2024.103920","DOIUrl":"10.1016/j.csi.2024.103920","url":null,"abstract":"<div><p>The increasing ubiquity of Android devices has precipitated a concomitant surge in sophisticated malware attacks, posing critical challenges to cybersecurity infrastructures worldwide. Existing models have achieved significant strides in malware detection but often suffer from high false-positive rates, lower recall, and computational delays, thus demanding a more efficient and accurate system. Current techniques primarily rely on static features and simplistic learning models, leading to inadequate handling of temporal aspects and dynamic behaviors exhibited by advanced malware. These limitations compromise the detection of modern, evasive malware, and impede real-time analysis. This paper introduces a novel framework for Android malware detection that incorporates Temporal and Dynamic Behavior Analysis using Long Short-Term Memory (LSTM) networks and Attention Mechanisms. We further propose development of an efficient Grey Wolf Optimized (GWO) Decision Trees to find the most salient API call patterns associated with malwares. An Iterative Fuzzy Logic (IFL) layer is also deployed before classification to assess the \"trustworthiness\" of app metadata samples. For Ongoing Learning, we propose use of Deep Q-Networks (DQNs), which helps the reinforcement learning model to adapt more quickly to changes in the threat landscapes. By focusing on crucial system calls and behavioral characteristics in real-time, our model captures the nuanced temporal patterns often exhibited by advanced malwares. Empirical evaluations demonstrate remarkable improvements across multiple performance metrics. Compared to existing models, our approach enhances the precision of malware identification by 8.5 %, accuracy by 5.5 %, and recall by 4.9 %, while also achieving an 8.3 % improvement in the Area Under the Receiver Operating Characteristic Curve (AUC), with higher specificity and a 4.5 % reduction in identification delay. In malware pre-emption tasks, our model outperforms by improving precision by 4.3 %, accuracy by 3.9 %, recall by 4.9 %, AUC by 3.5 %, and increasing specificity by 2.9 %. These gains make our framework highly applicable for real-time detection systems, cloud-based security solutions, and threat intelligence services, thereby contributing to a safer Android ecosystem.</p></div>","PeriodicalId":50635,"journal":{"name":"Computer Standards & Interfaces","volume":"92 ","pages":"Article 103920"},"PeriodicalIF":4.1,"publicationDate":"2024-08-30","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"142151842","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"Who are the best contributors? Designing a multimodal science communication interface based on the ECM, TAM and the Taguchi methods","authors":"Mengjun Huang ,&nbsp;Yue Luo ,&nbsp;Jiwei He ,&nbsp;Ling Zhen ,&nbsp;Lianfan Wu ,&nbsp;Yang Zhang","doi":"10.1016/j.csi.2024.103921","DOIUrl":"10.1016/j.csi.2024.103921","url":null,"abstract":"<div><p>Science communication conducted through mobile devices and mobile applications is an efficient and widespread phenomenon that requires communicators and design practitioners to further develop suitable design elements and strategies for such platforms. The effective application of multimodal or multisensory design in interfaces provides users with rich experiences. However, there is a lack of guiding recommendations for user interface design in the citizen science community. This study investigated factors affecting users’ perceptions and behavioral intentions toward multimodal scientific communication interface designs and identified the optimal combinations of such factors for such designs. Through a focus group, we defined three design dimensions of a science communication interface: visual, auditory, and haptic. An online experiment involving 916 participants was then conducted and integrated the technology acceptance model, expectation–confirmation model, and Taguchi method to examine the hierarchical combinations with the greatest influence in each dimension. The results indicated that interface design combinations primarily focusing on visual elements, with auditory and haptic as secondary elements, can serve as effective tools for science communication. Moreover, layout, color tones, vibration intensity, and sound volume significantly affected users’ perceptions and behavioral intentions. As one of the few studies using the Taguchi method to explore the design of science communication interfaces, the present findings enrich the multimodal theory from the perspectives of design and communication, highlighting its value in science communication. This paper simultaneously provides insights into how to select and combine multimodal design elements in science communication interfaces, demonstrating the potential of such designs to affect a user perception, satisfaction, confirmation, and continued usage intention.</p></div>","PeriodicalId":50635,"journal":{"name":"Computer Standards & Interfaces","volume":"92 ","pages":"Article 103921"},"PeriodicalIF":4.1,"publicationDate":"2024-08-29","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"142151244","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"A cellular automata based secured reversible data hiding scheme for dual images using bit-reversal permutation technique","authors":"Kankana Datta ,&nbsp;Biswapati Jana ,&nbsp;Mamata Dalui Chakraborty","doi":"10.1016/j.csi.2024.103919","DOIUrl":"10.1016/j.csi.2024.103919","url":null,"abstract":"<div><p>With the rapid development of advanced communication technology, protection of confidential data during transmission through public channel has become a challenging issue. In this context, the design of a data hiding scheme needs to ensure reversibility, robustness against various malicious attacks, and unaltered visual quality even after embedding high amount of secret data. To meet the above requirements, Cellular Automata along with Bit-Reversal Permutation technique have been utilized on dual-image with the target to enhance the robustness of suggested scheme due to distribution of secret information within two stego images which is hard to extract without both stego simultaneously. The proposed scheme makes a trade-off among visual quality, security and embedding capacity as essential for ensuring innocuous communication. The experimental results and comparison with the state-of-art methods establishes that the proposed scheme ensures high degree of robustness against different venomous attacks. This approach may be beneficial to private and public sector practitioners and government agencies to protect valuable multimedia secret data from adversarial cyber attacks.</p></div>","PeriodicalId":50635,"journal":{"name":"Computer Standards & Interfaces","volume":"92 ","pages":"Article 103919"},"PeriodicalIF":4.1,"publicationDate":"2024-08-26","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"142087777","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"Authentication communication by using visualization cryptography for UAV networks","authors":"Aqeel Thamer Jawad ,&nbsp;Rihab Maaloul ,&nbsp;Lamia Chaari","doi":"10.1016/j.csi.2024.103918","DOIUrl":"10.1016/j.csi.2024.103918","url":null,"abstract":"<div><p>Utilizing unmanned aerial vehicles (UAVs) to support V2X requirements leverages their versatility and line-of-sight communication. Our prior work explored a multi-agent learning approach for resource optimization, maximizing task offloading while maintaining QoS. This paper focuses on securing UAV communication, particularly authentication. Traditional methods are often unsuitable due to UAV limitations. We propose a novel authentication mechanism for a single ground control station (GCS) interacting with multiple UAVs across flight sessions. The system utilizes a key generation method based on chaotic maps to create unique flight session keys for each pre-defined flight plan. These keys, along with flight plans, are registered in a secure database. During flight, the GCS verifies UAV identity by employing the flight session key and corresponding flight plan for message authentication. This approach reduces computational and communication overhead compared to traditional certificate exchanges and asymmetric cryptography, which are energy-intensive for UAVs. While not a comprehensive security solution, this method provides an initial layer of protection for the UAV network.</p></div>","PeriodicalId":50635,"journal":{"name":"Computer Standards & Interfaces","volume":"92 ","pages":"Article 103918"},"PeriodicalIF":4.1,"publicationDate":"2024-08-18","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"142002235","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"Large language models for code completion: A systematic literature review","authors":"Rasha Ahmad Husein ,&nbsp;Hala Aburajouh ,&nbsp;Cagatay Catal","doi":"10.1016/j.csi.2024.103917","DOIUrl":"10.1016/j.csi.2024.103917","url":null,"abstract":"<div><p>Code completion serves as a fundamental aspect of modern software development, improving developers' coding processes. Integrating code completion tools into an Integrated Development Environment (IDE) or code editor enhances the coding process and boosts productivity by reducing errors and speeding up code writing while reducing cognitive load. This is achieved by predicting subsequent tokens, such as keywords, variable names, types, function names, operators, and more. Different techniques can achieve code completion, and recent research has focused on Deep Learning methods, particularly Large Language Models (LLMs) utilizing Transformer algorithms. While several research papers have focused on the use of LLMs for code completion, these studies are fragmented, and there is no systematic overview of the use of LLMs for code completion. Therefore, we aimed to perform a Systematic Literature Review (SLR) study to investigate how LLMs have been applied for code completion so far. We have formulated several research questions to address how LLMs have been integrated for code completion-related tasks and to assess the efficacy of these LLMs in the context of code completion. To achieve this, we retrieved 244 papers from scientific databases using auto-search and specific keywords, finally selecting 23 primary studies based on an SLR methodology for in-depth analysis. This SLR study categorizes the granularity levels of code completion achieved by utilizing LLMs in IDEs, explores the existing issues in current code completion systems, how LLMs address these challenges, and the pre-training and fine-tuning methods employed. Additionally, this study identifies open research problems and outlines future research directions. Our analysis reveals that LLMs significantly enhance code completion performance across several programming languages and contexts, and their capability to predict relevant code snippets based on context and partial input boosts developer productivity substantially.</p></div>","PeriodicalId":50635,"journal":{"name":"Computer Standards & Interfaces","volume":"92 ","pages":"Article 103917"},"PeriodicalIF":4.1,"publicationDate":"2024-08-18","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"https://www.sciencedirect.com/science/article/pii/S0920548924000862/pdfft?md5=8314175bcf57b70427dd5c869ea42978&pid=1-s2.0-S0920548924000862-main.pdf","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"142076551","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"OA","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}