Concurrency and Computation-Practice & Experience最新文献

{"title":"Detecting Network Security Bypass Threats Using Machine Learning Methods: Detecting Intruders on the Network","authors":"Seyed Ebrahim Dashti,&nbsp;Wassan Sajit Nasser Al-Jabri,&nbsp;Ali Farzanehmehr","doi":"10.1002/cpe.70062","DOIUrl":"https://doi.org/10.1002/cpe.70062","url":null,"abstract":"<div>\u0000 \u0000 <p>The problem of cybersecurity has grown in importance. Machine learning (ML) systems can detect network penetration. Imbalanced data sets have a detrimental impact on typical network intrusion detection. To be more precise, seven traditional ML algorithms were tested against two versions of a fully connected neural network, one with and one without an autoencoder. Additionally, an electing classifier is suggested as a means to integrate the outcomes of these nine ML algorithms. The majority electing classifier allows for the combination of several weak classifiers into a strong classifier. The number and type of weak classifiers used will have an impact on the final ensemble classifier's performance Three distinct resampling methods oversampling, undersampling, and hybrid sampling are used to evaluate each model. Next, we will go over the specifics of the trials and how we analyzed the data. The comparison results show that the performance of the classifiers on balanced data outperforms those on (\u0000https://www.sciencedirect.com/topics/computer-science/imbalanced-data) imbalanced data, and the electing classifier outperforms the nine algorithms. A weighted <i>F</i>1 score is a good performance metric to evaluate solutions in intrusion detection systems. Due to the importance of the <i>F</i>1 score parameter, the proposed method has reached a predict of 80%, which is a significant improvement compared to related works.</p>\u0000 </div>","PeriodicalId":55214,"journal":{"name":"Concurrency and Computation-Practice & Experience","volume":"37 9-11","pages":""},"PeriodicalIF":1.5,"publicationDate":"2025-04-09","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"143809819","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":4,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"An Alternative Mechanism for Multiresource Fair Allocation in Heterogeneous Cloud Computing Systems","authors":"Bin Deng,&nbsp;Hao Guo,&nbsp;Weidong Li","doi":"10.1002/cpe.70091","DOIUrl":"https://doi.org/10.1002/cpe.70091","url":null,"abstract":"<div>\u0000 \u0000 <p>Finding a fair allocation is an important issue in many application areas. In a heterogeneous cloud computing system, users may have different requirements, and servers may also have different configurations. The first proposed fair allocation mechanism for heterogeneous cloud computing systems, called DRFH, is based on dominant resource fairness. However, the DRFH mechanism does not satisfy the properties of strong shared incentives and independence of dummy servers. In this article, we propose a simple mechanism, called the maximin share-based mechanism in a heterogeneous cloud computing system (MMSH), which maximizes the minimum ratio of the user's utility to the maximin share. Because the MMSH mechanism can be formulated as a linear program, a MMSH allocation can be found in polynomial time. Moreover, we prove that MMSH satisfies all the desirable properties including Pareto efficiency, strong sharing incentives, envy-freeness, group strategy-proofness, and independence of dummy servers. Using the Alibaba trace to conduct data simulations, the experimental results indicate that in most cases, the allocation generated by the MMSH mechanism has a higher resource utilization rate.</p>\u0000 </div>","PeriodicalId":55214,"journal":{"name":"Concurrency and Computation-Practice & Experience","volume":"37 9-11","pages":""},"PeriodicalIF":1.5,"publicationDate":"2025-04-09","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"143809389","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":4,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"Revocable and Privacy-Preserving CP-ABE Scheme for Secure mHealth Data Access in Blockchain","authors":"Anita Thakur,&nbsp;Virender Ranga,&nbsp;Ritu Agarwal","doi":"10.1002/cpe.70064","DOIUrl":"https://doi.org/10.1002/cpe.70064","url":null,"abstract":"<div>\u0000 \u0000 <p>Innovations in technology are revolutionizing healthcare, driving a shift toward patient-centric smart healthcare systems. Mobile health (mHealth) leverages innovations in wearable sensors, telecommunications, and IoT to establish a novel healthcare model that prioritizes the patient, enabling real-time monitoring, personalized interventions, and improved access to care, ultimately fostering a proactive approach to health management and enhancing overall patient outcomes. However, safeguarding patient data transparency, security, and privacy within mHealth systems presents significant challenges, particularly concerning personal health records (PHR). Ciphertext-Policy Attribute-Based Encryption (CP-ABE) offers a competent answer to facilitating one-to-many data sharing in healthcare environments. Nevertheless, several issues must be addressed before CP-ABE can be widely deployed. These include the need for timely and effective attribute revocation when user attributes change, resistance to collusion attacks, and ensuring data integrity. This paper proposes a revocable and secure fine-grained access scheme using blockchain and CP-ABE. We compare four prominent state-of-the-art schemes through comprehensive experimentation with our proposed approach. Our results demonstrate the relative performance of our scheme, showing a significant reduction in computational costs. Specifically, the key generation cost is reduced by <span></span><math>\u0000 <semantics>\u0000 <mrow>\u0000 <mo>≈</mo>\u0000 </mrow>\u0000 <annotation>$$ approx $$</annotation>\u0000 </semantics></math>35% to 67%, and the encryption cost is reduced by <span></span><math>\u0000 <semantics>\u0000 <mrow>\u0000 <mo>≈</mo>\u0000 </mrow>\u0000 <annotation>$$ approx $$</annotation>\u0000 </semantics></math>26% to 39%. A detailed analysis of communication, computational, and storage overhead reveals that our suggested solution offers a distinct advantage in terms of efficiency. The Scyther tool is employed to verify the security measures and assess the accuracy of proposed methodologies, subsequently conducting experiments to showcase its efficacy.</p>\u0000 </div>","PeriodicalId":55214,"journal":{"name":"Concurrency and Computation-Practice & Experience","volume":"37 9-11","pages":""},"PeriodicalIF":1.5,"publicationDate":"2025-04-09","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"143801888","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":4,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"Intelligent Network Security Optimization Algorithm Based on Cnns","authors":"Meirong Zheng,&nbsp;Ruchun Jia,&nbsp;Jing Zhu,&nbsp;Shaorong Zhang,&nbsp;Wenlong Yao,&nbsp;Yuanbin Li","doi":"10.1002/cpe.70069","DOIUrl":"https://doi.org/10.1002/cpe.70069","url":null,"abstract":"<div>\u0000 \u0000 <p>To enhance the precision of security risk assessment and real-time control in edge-based intelligent networks, this article presents a novel risk assessment and control approach leveraging convolutional neural networks (CNNs). This method significantly improves on traditional intelligent network security risk assessment techniques, integrating CNN-based models to achieve higher accuracy and robustness. By incorporating genetic algorithms and proportional integral derivative control optimization, the proposed approach further ensures stability across intelligent network operations. Using the KDDCup99 network security attack database for evaluation, results demonstrate that this approach achieves a high accuracy rate and low false alarm rate. Additionally, the output signal amplitude closely aligns with the expected amplitude, showing only a 0.02 deviation, while maintaining low evaluation and control times. This ensures comprehensive security across edge intelligent systems, addressing key latency and precision requirements and achieving optimal control effects.</p>\u0000 </div>","PeriodicalId":55214,"journal":{"name":"Concurrency and Computation-Practice & Experience","volume":"37 9-11","pages":""},"PeriodicalIF":1.5,"publicationDate":"2025-04-09","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"143801880","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":4,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"Secure Attestation and Dynamic Load Balancing (SALB) for Optimized Container Management: Ensuring Integrity and Enhancing Resource Efficiency","authors":"K. Aruna","doi":"10.1002/cpe.70067","DOIUrl":"https://doi.org/10.1002/cpe.70067","url":null,"abstract":"<div>\u0000 \u0000 <p>Container technology has revolutionized the deployment and management of applications by providing isolated, lightweight environments that simplify scaling and enhance flexibility. In this context, the secure attestation-based load balancing (SALB) algorithm is proposed to further enhance containerized environments by integrating secure deployment practices with dynamic load balancing. This algorithm addresses two pivotal aspects of modern computing systems: security and resource management. It employs remote attestation to ensure the integrity and trustworthiness of both container images and host environments, thereby safeguarding against potential threats from compromised or malicious components. Concurrently, it manages and allocates resources across containers based on real-time workload assessments, optimizing performance, and resource utilization. The algorithm follows a structured approach: initializing containers, generating application packages, and defining operational thresholds for CPU and memory. It then performs remote attestation to verify host and container image integrity before deploying the containers. Resource allocation and task assignment are dynamically adjusted based on container usage, with provisions for handling overloaded or failed containers through reassignment and the creation of new containers. The implementation of the SALB algorithm results in a more secure and efficient container management system. It balances workloads effectively while maintaining high levels of security through rigorous attestation processes. The dynamic resource allocation and fault-tolerance features enhance system performance and reliability, demonstrating the algorithm's capability to optimize containerized environments and ensure robust, reliable operations.</p>\u0000 </div>","PeriodicalId":55214,"journal":{"name":"Concurrency and Computation-Practice & Experience","volume":"37 9-11","pages":""},"PeriodicalIF":1.5,"publicationDate":"2025-04-09","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"143801919","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":4,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"A Genetic Algorithm-Based Approach for Collision Avoidance in a Multi-UAV Disaster Mitigation Deployment","authors":"Anuradha Banerjee,&nbsp;Sachin Kumar Gupta,&nbsp;Vinod Kumar","doi":"10.1002/cpe.70061","DOIUrl":"https://doi.org/10.1002/cpe.70061","url":null,"abstract":"<div>\u0000 \u0000 <p>This research delves into the intricacies of designing trajectories for unmanned aerial vehicles (UAVs) within a multi-UAV system, specifically addressing the challenges presented during simultaneous rescue operations in neighboring states. The unique scenario introduces a potential risk of UAVs from one state intersecting with those from others, leading to communication issues and the looming threat of collisions. These collisions not only cause delays in emergency operations but also result in additional costs for repairing damaged UAV components. In response to this critical challenge, the study proposes an innovative approach utilizing Genetic Algorithms to facilitate collision avoidance in a multi-UAV environment, tailored explicitly for disaster mitigation scenarios. This technique is an efficient solution to enhance the safety and effectiveness of UAV operations during disaster response and relief efforts. The proposed trajectory planning method uses a genetic algorithm, with the fitness function strategically designed to optimize two pivotal objectives: utility (maximizing the number of people saved postdisaster) and collision avoidance (minimizing conflicts between multiple UAVs as they navigate predetermined paths). The overarching goal of this approach is to strike a balance, aiming to maximize utility while concurrently minimizing the risk of collisions. By adopting this approach, the research significantly contributes to advancing the field of disaster response strategies, enhancing the overall efficiency of multi-UAV systems in complex and dynamic environments. The proposed solution not only addresses the immediate challenges posed by potential collisions but also underscores the importance of optimizing UAV trajectories to achieve maximum utility in postdisaster scenarios.</p>\u0000 </div>","PeriodicalId":55214,"journal":{"name":"Concurrency and Computation-Practice & Experience","volume":"37 9-11","pages":""},"PeriodicalIF":1.5,"publicationDate":"2025-04-09","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"143809387","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":4,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"Multiuser Hierarchical Authorization Using Sparsity Polarization Pruning for Model Active Protection","authors":"Yujia Zhu,&nbsp;Jia Luo,&nbsp;Ruoxi Wang,&nbsp;Xiaojie Du,&nbsp;Daoxun Xia","doi":"10.1002/cpe.70076","DOIUrl":"https://doi.org/10.1002/cpe.70076","url":null,"abstract":"<div>\u0000 \u0000 <p>Currently, artificial intelligence technology is rapidly penetrating into various fields of socioeconomic development with increasing depth and breadth, becoming an important force driving innovation and development, empowering thousands of industries, while also bringing challenges such as security governance. The application of deep neural network models must implement hierarchical access based on user permissions to prevent unauthorized users from accessing and abusing the model, and to prevent malicious attackers from tampering or damaging the model, thereby reducing its vulnerabilities and security risks. To address this issue, the model provider must implement a hierarchical authorization policy for the model, which can grant users access to the model based on their specific needs, while ensuring that unauthorized users cannot use the model. Common methods for implementing hierarchical authorization of models include pruning and encryption, but existing technologies require high computational complexity and have unclear hierarchical effects. In this article, we propose a sparsity polarization pruning approach for layered authorization, which combines sparsity regularization to filter insignificant channels and a polarization technique to cluster critical channels into distinct intervals. By pruning channels based on polarized scaling factors from the batch normalization (BN) layer, our method dynamically adjusts model precision to match user authorization levels. Initially, we extract the scaling factor of the BN layer to assess the importance of each channel. A sparsity regularizer is then applied to filter out irrelevant scaling factors. To enhance the clarity and rationality of pruning intervals, we use a polarization technique to induce clustering of scaling factors. So we proposed multiuser hierarchical authorization using sparsity polarization pruning for model active protection. Based on the grading requirements, we prune channels corresponding to varying numbers of significant scaling factors. Access is granted at different levels depending on the precision key provided by the user, thereby ensuring a secure and efficient means of accessing the model's resources. Experimental results demonstrate that our approach achieves superior grading performance across three datasets and two different neural networks, showcasing its broad applicability. Moreover, our method achieves effective grading just by pruning a small portion of the channels, offering a high level of efficiency.</p>\u0000 </div>","PeriodicalId":55214,"journal":{"name":"Concurrency and Computation-Practice & Experience","volume":"37 9-11","pages":""},"PeriodicalIF":1.5,"publicationDate":"2025-04-09","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"143801882","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":4,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"A Traceable and Anonymous Mutual Authentication Scheme for Smart Healthcare on Elliptic Curves","authors":"Yujia Xie,&nbsp;Dongmei Li,&nbsp;Xiaomei Zhang,&nbsp;Wenjing Lv","doi":"10.1002/cpe.70063","DOIUrl":"https://doi.org/10.1002/cpe.70063","url":null,"abstract":"<div>\u0000 \u0000 <p>The rapid development of big data technologies has exacerbated the challenge of maintaining patient privacy in smart healthcare environments. Although previous mutual patient–physician authentication systems achieve basic anonymization, patients' communication addresses are still exposed, and attackers can analyze transaction records to establish correlations between users' addresses and even obtain their real identities. To address this problem, we propose a user anonymization scheme based on the elliptic curve discrete logarithmic problem assumption, which aims to prevent malicious interception and theft of patients' personal data by obfuscating the identity of registered users. By combining identity-based encryption with advanced anonymization techniques and reconstructing signatures of knowledge, traceability is achieved while ensuring that only the intended recipient with the corresponding private key can decrypt the data. The validation shows that our system guarantees unlinkability and anonymity while resisting hijacking attacks and man-in-the-middle attacks, and it is simulated using JPBC 2.0.0 (Jdk version 14.0.1), which shows that the communication overhead needs 808 bytes and that the computation overhead for system initialization, signature, and validation are 102, 167, and 70 ms, respectively.</p>\u0000 </div>","PeriodicalId":55214,"journal":{"name":"Concurrency and Computation-Practice & Experience","volume":"37 9-11","pages":""},"PeriodicalIF":1.5,"publicationDate":"2025-04-09","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"143809388","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":4,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"Multi-Criteria Optimization of Scientific Workflow Schedules for Improved Energy Efficiency in Cloud Infrastructures","authors":"Nadia Dahmani,&nbsp;Hatem Aziza,&nbsp;Hajer Ben Romdhane,&nbsp;Saoussen Krichen","doi":"10.1002/cpe.70065","DOIUrl":"https://doi.org/10.1002/cpe.70065","url":null,"abstract":"<div>\u0000 \u0000 <p>Rising global dependence on cloud services has become crucial for enterprises, aiming to guarantee continuous data accessibility while pursuing enhanced energy efficiency and minimized carbon emissions from data centers. However, the persistent challenge of high-energy consumption in these facilities necessitates a concentrated approach toward energy reduction. This paper introduces an innovative multi-objective scheduling strategy for scientific workflows, tailored for heterogeneous computing environments. Our method employs a hybrid genetic algorithm, incorporating Hill Climbing to generate an initial population of chromosomes. Subsequently, a genetic algorithm optimizes task assignments to the most suitable virtual machines, utilizing a meticulously designed fitness function to evaluate each chromosome's suitability for solving the scheduling problem. Through extensive experimentation, we demonstrate that our proposed algorithm outperforms other scheduling techniques in terms of solution quality, contributing to reduced energy consumption, processing duration, and cost. We contend that this innovative approach holds substantial potential in mitigating the energy consumption and carbon footprint associated with cloud data centers, offering a sustainable and environmentally conscious solution for scientific workflow scheduling.</p>\u0000 </div>","PeriodicalId":55214,"journal":{"name":"Concurrency and Computation-Practice & Experience","volume":"37 9-11","pages":""},"PeriodicalIF":1.5,"publicationDate":"2025-04-09","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"143801881","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":4,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"Privacy Protection During the Issuance and Revocation of Verifiable Credentials in Self-Sovereign Identity","authors":"Tiantian Zhang,&nbsp;Ying Wang,&nbsp;Bo Gong,&nbsp;Jianbo Xu,&nbsp;Junjie Wu,&nbsp;Changxu Wan","doi":"10.1002/cpe.70084","DOIUrl":"https://doi.org/10.1002/cpe.70084","url":null,"abstract":"<div>\u0000 \u0000 <p>Self-sovereign identity management systems operate in open network environments and face security threats from semi-trusted or malicious adversary models. In such environments, verifiable credentials are susceptible to attacks such as theft and forgery. In response to the privacy risks associated with verifiable credentials during issuance and revocation, this article proposes a privacy protection scheme for user information during the issuance and revocation processes of verifiable credentials in self-sovereign identity management based on blockchain technology. First, a privacy-preserving method that does not rely on a single identity provider and resists Sybil attacks has been designed using secure multi-party computation cryptographic techniques. Second, the consortium blockchain committee nodes act as the issuer of verifiable credentials. By combining attribute commitments and zero-knowledge proof techniques, the user's identity information is hidden, achieving the privacy protection goal during the issuance of verifiable credentials. Furthermore, in order to protect user privacy during the revocation of verifiable credentials (VCs), we employ a cryptographic accumulator technique to implement the revocation operation. This approach ensures the security of user privacy while effectively managing the revocation of credentials. Finally, this paper conducts a security analysis and performance evaluation of the proposed scheme. The results show that our scheme strikes a balance between security needs and time efficiency.</p>\u0000 </div>","PeriodicalId":55214,"journal":{"name":"Concurrency and Computation-Practice & Experience","volume":"37 9-11","pages":""},"PeriodicalIF":1.5,"publicationDate":"2025-04-09","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"143809386","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":4,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}