Forthcoming and Online First Articles

International Journal of Information and Computer Security

International Journal of Information and Computer Security (IJICS)

Forthcoming articles have been peer-reviewed and accepted for publication but are pending final changes, are not yet published and may not appear here in their final order of publication until they are assigned to issues. Therefore, the content conforms to our standards but the presentation (e.g. typesetting and proof-reading) is not necessarily up to the Inderscience standard. Additionally, titles, authors, abstracts and keywords may change before publication. Articles will not be published until the final proofs are validated by their authors.

Forthcoming articles must be purchased for the purposes of research, teaching and private study only. These articles can be cited using the expression "in press". For example: Smith, J. (in press). Article Title. Journal Title.

Articles marked with this shopping trolley icon are available for purchase - click on the icon to send an email request to purchase.

Online First articles are published online here, before they appear in a journal issue. Online First articles are fully citeable, complete with a DOI. They can be cited, read, and downloaded. Online First articles are published as Open Access (OA) articles to make the latest research available as early as possible.

Open AccessArticles marked with this Open Access icon are Online First articles. They are freely available and openly accessible to all without any restriction except the ones stated in their respective CC licenses.

Register for our alerting service, which notifies you by email when new issues are published online.

International Journal of Information and Computer Security (20 papers in press)

Regular Issues

  • A Novel Mutual Quantum Identity Authentication of two-party Protocol with Chaotic Systems   Order a copy of this article
    by Lu Zhang, Chaonan Wang, Yan Sun, Hongfeng Zhu 
    Abstract: In order to ensure the security of communications, it is often necessary to legally verify the identity of the user before formal communications can take place. Given the growing and dramatic interest in quantum computing, it will be necessary to design mutual quantum authentication schemes implemented using quantum resources. In this paper, we design a two-party mutual authentication quantum identity authentication protocol based on GHZ-like state quantum resources and chaotic map theory. On the one hand, we ensure the true randomness of the authentication parameters, and on the other hand, we ensure the true randomness with fast propagation, so as to achieve the nature of fast true randomness. The scheme is able to make the authentication process complete the authentication in a shorter time while ensuring the security.
    Keywords: Quantum identity authentication; GHZ-like state; Chaotic system.
    DOI: 10.1504/IJICS.2025.10068828
     
  • A Blockchain-Aided Privacy Preservation using Lattice Homomorphic Encryption for Digital Forensic Investigation   Order a copy of this article
    by Suvarna Chaure, Vanita Mane 
    Abstract: This paper proposes a novel Secrecy-Preserving Optimized Machine Learning-based Digital Forensic Model (SOMLDFM) designed to address the computational complexities of existing forensic models. The model utilizes a Pelican Optimization-based Hybrid Support Vector Machine-Extreme Learning Machine (SVM-ELM) for feature extraction and classification. This hybrid approach classifies files into Forensically Related Files (FRFs) and Forensically Unrelated Files (FNRFs) while effectively removing noise and irrelevant data. The Pelican Optimization technique reduces potential losses in the hybrid SVM-ELM, resulting in enhanced overall performance. To protect confidential information, the model employs lattice-based homomorphic encryption (LHE), which offers superior security compared to elliptic curve and Diffie-Hellman methods. The discovered files are prioritized based on a calculated relevance score, arranged from highest to lowest by the investigator. The proposed model demonstrates high performance, achieving an accuracy of 98.69%, an F1 score of 97.79%, a recall score of 97.15%, and a precision score of 98.44%.
    Keywords: Support vector machine; interplanetary file storage system; pelican optimization; Digital Forensic Investigation Data; homomorphic encryption.
    DOI: 10.1504/IJICS.2025.10069311
     
  • A Novel Secure Key Generation and SPN-Based Transformation Algorithm for Grayscale Image Encryption   Order a copy of this article
    by Pramil Kesarwani, Ketan Puyad, Bharathi Chidirala, Bibhudendra Acharya 
    Abstract: In this paper, we introduce a novel gray-scale image encryption algorithm that leverages key generation through a secure message-based approach and employs a Substitution-Permutation Network (SPN) for enhanced security The algorithm takes an input image, a user-specified parameter N, and a secret message, from which a SHA-256 string is derived to generate cryptographic parameters for a Henon map The Henon map produces two arrays, 'x' and 'y', with lengths matching the dimensions of the input image A mask is created by performing XOR operations at specific positions in the image using 'x' and 'y' Prior to mask application, the image undergoes an P-round SPN transformation The SPN consists of substitution and permutation operations, where the substitution array is generated using the logistic map to ensure unique and random placement of values from 0 to 255 for gray-scale images Rows and columns of the image are rotated and substituted
    Keywords: Secure Key Generation; Henon Map; Logistic Map; SHA-256; Substitution-Permutation Network (SPN).
    DOI: 10.1504/IJICS.2025.10069312
     
  • DDoS Attack Detection in Blockchain Network Layer using Dual Attention based Dense Convolutional Gated Recurrent Unit   Order a copy of this article
    by Rohidas Balu Sangore, Manoj Eknath Patil 
    Abstract: This paper aims to design a novel hybrid deep learning model along with a new feature extraction technique. This paper collects the input data from publicly available datasets and is pre-processed by using min-max normalization and missing value imputation to eliminate unnecessary information. After, a new Squeeze Excited Deep ResNet-152 (SE-DRes152) model is introduced to extract the essential traffic attributes from pre-processed data. Finally, the DDoS attack from the provided inputs is identified by presenting a novel Dual Attention based Dense Convolutional Gated Recurrent Unit (DA_DCGRU) approach based on the extracted features. The ability of the proposed classifier is further enhanced by fine-tuning its parameters using by Modified Fire Hawks (MFH) approach. The simulation results and comparison analysis prove that the proposed model outperforms the other existing methods in terms of accuracy (98.83%), precision (97.54%), recall (97.81%), F-score (97.67%), specificity (98.51%), MAE (0.192%), MSE (0.01%) and RMSE (0.1082%).
    Keywords: Distributed denial of service attack (DDoS); Internet of Things (IoT); Deep learning (DL); Convolutional Neural Network (CNN).
    DOI: 10.1504/IJICS.2025.10069314
     
  • A Context-based Password Change Enforcement Model   Order a copy of this article
    by Adesina S. Sodiya, Akinkunmi A. Owolabi, Saidat A. Onashoga, ENOCH OLUWUMI 
    Abstract: Password-based authentication systems remain vulnerable to various cyber threats, highlighting the need for innovative approaches to enhance security. In this paper, we propose a Context-based Password Change Enforcement (PCE) model aimed at fortifying password-based authentication systems by dynamically evaluating password reliability through contextual parameters. Leveraging password frequency, uniqueness, attempt, environment, and age, these parameters were used to assess password security and enforce timely changes, thereby enhancing overall system resilience. The implementation of the PCE model led to a significant reduction in password compromise, with only 2 out of 450 user passwords compromised, representing a notable decrease of 96% compared to the initial 50 compromised passwords. Comparative analysis revealed a 99.99% performance rate of the proposed PCE model, outperforming other authentication methods. The PCE model therefore offers a systematic and effective approach to strengthen text-based password authentication systems, mitigating common password attacks and enhancing overall security posture.
    Keywords: Password Security; Contextual Authentication; Password Change Enforcement; Cybersecurity; Authentication Resilience.
    DOI: 10.1504/IJICS.2025.10069886
     
  • A Novel Hybrid Approach for Intrusion Detection System using Deep Learning Technique   Order a copy of this article
    by Sudhir Pandey, Ditipriya Sinha 
    Abstract: Intelligent cyber-attacks importantly threaten data security, prompting extensive research and investment in network security by researchers and businesses. Standard security measures like secrecy, firewalls, authentication, and antivirus programs may be insufficient, necessitating additional protection layers. One advanced technology is the intrusion detection system, capable of dynamically identifying intruders. In this paper we focus on network intrusion detection using a neural network and introduces a filter-based hybrid technique with three modules. The first module involves segmenting and selecting features from accessible data. The second module trains the deep neural network using the filtered features. The final module tests the trained neural network. Feature selection uses the Shuffled Frog Leaping Algorithm, and the Error Back Propagation Neural Network is trained to identify the most effective feature subset for classification. This hybrid technique aims to optimize feature selection for training and evaluation by deep learning methods.
    Keywords: Intrusion Detection System; Deep neural Network; Segmentation; Feature Selection; Shuffled Frog Leaping Algorithm; NSL-KDD and Accuracy.
    DOI: 10.1504/IJICS.2025.10069887
     
  • Integrating Geolocation Intelligence with Ensemble Machine Learning Models for Enhanced Darknet Traffic Classification   Order a copy of this article
    by Ngaira Mandela, Nilay Mistry 
    Abstract: This study presents an innovative approach to darknet traffic classification, combining advanced machine learning techniques with Hybrid LASSO-Random Forest) (HLRF) feature selection and IP geolocation mapping. We propose a new ensemble model that significantly outperforms traditional classifiers, achieving an accuracy of 96.86% and an F1-score of 96.12%. Our research utilizes an enhanced version of the CIC-Darknet2020 dataset, augmented with additional darknet traffic collected over a six-month period. The HLRF selector is employed to identify the most relevant features, improving the model's efficiency and interpretability. Furthermore, we incorporate IP geolocation mapping to provide insights into the global distribution of darknet activities. Our findings demonstrate the effectiveness of our ensemble method with HLRF feature selection in capturing complex darknet traffic patterns and highlight the challenges in geographical attribution due to sophisticated anonymization techniques. This work contributes to the field of cybersecurity by offering an improved method for darknet traffic classification.
    Keywords: Darknet Traffic Classification; Darknet; Machine Learning; XGBoost; Neural Networks; darkweb.
    DOI: 10.1504/IJICS.2025.10070416
     
  • Unveiling the Digital Fingerprints: Analysis of Internet attacks based on website fingerprints   Order a copy of this article
    by Blerim Rexha, Arbena Musa, Kamer Vishi, Edlira Martiri 
    Abstract: Anonymity networks are widely used to safeguard user privacy by concealing identifying metadata. However, these networks remain vulnerable to traffic analysis techniques such as website fingerprinting attacks, which can compromise user anonymity. In this study, we explore the effectiveness of several machine learning algorithms in performing such attacks. Using a controlled experimental framework, we analyze a publicly available dataset capturing user network traffic across 11 days. The dataset, recorded in .pcapng format, includes detailed traffic flows from specific web pages. Through comprehensive evaluations, we establish that the Gradient Boosting Machine algorithm achieves the highest accuracy (83.63%) for binary classification, while Random Forest demonstrates superior performance (62.97% accuracy) for multi-class classification. Our analysis highlights the impact of feature engineering and algorithmic selection on classification outcomes. This work advances the understanding of privacy vulnerabilities within anonymity networks and provides insights into development of more resilient defenses.
    Keywords: Digital Fingerprints; Website Fingerprints; Machine Learning; User Profiling; Traffic Analysis; Web Browsing.
    DOI: 10.1504/IJICS.2025.10070417
     
  • Performance comparison of feature selection algorithms in context of P2P botnet detection   Order a copy of this article
    by Sangita Baruah, Vaskar Deka 
    Abstract: Over the years, the use of internet has grown exponentially. As a result, crime on the internet has also grown. Botnets serve as the main technological backbone for a wide array of cyberattacks. As evident from various literatures, machine learning algorithms has a lot of potential in the detection of botnets. However, dimensionality of real-world datasets creates bottleneck in analysis. In this context, feature selection techniques have come up as a great tool in reducing the dimensionality without losing the physical interpretation of the original data. In this paper, we compare three different approaches of feature selection. We explore and compare three feature selection techniques categorised under filter, wrapper, and embedded methods. After conducting feature selection, we have employed six supervised machine learning classifiers for classification and detection of P2P botnet flows. Additionally, we have employed majority voting ensemble learning algorithm to improve the classification results.
    Keywords: P2P botnet detection; feature selection; filter method; wrapper method; embedded method; variance threshold; recursive feature elimination; RFE; decision tree.
    DOI: 10.1504/IJICS.2025.10071239
     
  • SDS-GS: a short group signature scheme enabling controlled traceability in secure medical data sharing   Order a copy of this article
    by Xiaohui Yang, Xu Zhang 
    Abstract: With the digitisation of information, the sharing of patient data in healthcare has increased dramatically, raising significant privacy concerns. We introduce a reliable dynamic group signature scheme for secure medical data sharing, ensuring secure and efficient data exchange and the identification of dishonest users. Our scheme also limits data managers retrospective rights to prevent abuse. Security analysis demonstrates robust security and anonymity, while performance evaluations show high efficiency in healthcare data-sharing scenarios. Compared to other schemes, our scheme provides additional features such as privacy protection and secret sharing verification, and has higher scalability.
    Keywords: group signatures; medical data sharing; controlled traceability; privacy protection.
    DOI: 10.1504/IJICS.2025.10071419
     
  • Application of game model in dynamic network defence   Order a copy of this article
    by Jialu Lv 
    Abstract: To enhance dynamic network defence and maintain security, we propose an evolutionary game model to select multi-combination strategies for deploying dynamic defence elements. Additionally, a cycle-switching strategy based on an improved FlipIt game model is introduced, which selects the optimal transition period under different attack strengths. Defenders adopt a flip strategy to deal with attackers intrusion behaviour, while attackers gain profits by breaking through defence strategies and occupying resources. A spatiotemporal switching strategy, leveraging the Stackelberg game model, is proposed for joint spatial and temporal decision-making. In terms of performance, the genetic algorithm-based multi-combination strategy selection took 3,793 s, while the evolutionary game model required only 3,265 s. The simulation results show that under six defence configurations, the defence effectiveness of the spatiotemporal switching strategy is close to 0.98, which can avoid 98% of attacks and potential losses, indicating that the defence effect is close to optimal. The proposed models effectively improve dynamic defence system configuration and defence benefits, contributing to a stronger defence posture in network security confrontations.
    Keywords: game model; dynamic network defence; multi-element combination; cycle switching; spatiotemporal integration.
    DOI: 10.1504/IJICS.2025.10071420
     
  • Optimal-round semi-honest-quantum PAKE protocol with chaotic maps   Order a copy of this article
    by Chaonan Wang, Lu Zhang, Hongfeng Zhu 
    Abstract: There is an intuitive connection between quantum technology and chaos theory which may lead to a novel way to construct password-authenticated key exchange (PAKE) protocols to resist quantum attacks efficiently. This paper designs an optimal-round semi-honest-quantum PAKE protocol with chaotic maps. In which the clients act as classical users while the server acts as a quantum user with the ability to prepare entangled quantum, this semi-quantum environment makes the application process more efficient and convenient, and reduces the cost of deploying the environment. In addition, the protocol takes full advantage of the true randomness of multiple GHZ-like states, as well as the ergodicity of chaotic maps and the sensitivity of initial conditions to realise the key exchange and the session key generation process, and guarantees the security, randomness and unpredictability of the session keys. Our protocol is an optimal-round design, i.e., only one communication is needed to complete the key exchange process, which greatly reduces the number of communications and the possibility of key information being intercepted. Finally, the content of security proof and efficiency analysis also demonstrate our protocol is suitable for efficiently protecting authentication keys and feasible to implement.
    Keywords: password-authenticated key exchange; GHZ-like states; chaotic maps; semi-honest-quantum.
    DOI: 10.1504/IJICS.2025.10071421
     
  • Self-sovereign identity scheme for decentralised vehicular named data networking   Order a copy of this article
    by Xian Guo, Jianhua Ding 
    Abstract: To address the reliance on traditional PKI for establishing trust between entities in vehicular named data networking (VNDN), we propose a hierarchical blockchain-based self-sovereign identity (SSI) scheme for decentralised vehicular named data networking (DVNDN). In our scheme, RSUs and vehicles are registered under supervision of a trusted authority (TA). Then, a committee consisted of RSUs selected is used to manage decentralised identifiers (DIDs) and verifiable credentials (VCs) for vehicle. This approach enables VC-based trust establishment without third-party anchors as in PKI. The proposed solution adopts signature of knowledge (SoK) and non-interactive zero-knowledge proofs (NIZKs) to protect privacy during issuance, presentation, and verification of VC, with the ZoKrates toolkit employed for generating NIZK proofs and enabling on-chain verification. Our security analysis demonstrates that the proposed scheme meets security requirements. Experimental results show feasibility, reliability, and effectiveness of our scheme by applying the Ethereum-based platform on NDN into the vehicular network.
    Keywords: vehicular named data networking; VNDN; blockchain; self-sovereign identity; SSI; privacy-preserving.
    DOI: 10.1504/IJICS.2025.10071520
     
  • Enhanced iris recognition using an optimised gated recurrent unit with informative feature selection   Order a copy of this article
    by K.R. Radhika, S.V. Sheela, P. Abhinand 
    Abstract: Iris recognition technologies are used in many applications nowadays because of the always-growing demand for identity authentication. This paper presents a strong deep learning-based system for exact iris localisation and recognition. The proposed framework consists of three steps: region segmentation, feature extraction, and recognition. The iris images were first obtained from three benchmark datasets. The multimedia university (MMU)-iris dataset, the IITD-iris dataset, and the UB-iris dataset. The interesting iris areas are then split using DIDO method in the second dimension. Thirdly, three techniques the Harris detector, ResNet-18, and speeded up robust features (SURF) are aggregated to extract features from the segmented iris sections. Feature extraction helps to emphasise the discriminative characteristics of Iris images clearly, therefore enabling classification models to differentiate between different patterns. These resulting discriminative features are subsequently put into the upgraded GRU model to detect matching and non-matching iris patterns. The empirical analysis revealed using the IITD-iris, MMU-iris, and UB-iris datasets that the enhanced GRU model acquired maximum recognition accuracy of 99.67%, 99.43%, and 98.78%. These achieved results surpass those of comparative models, including GRU, RNN, LSTM.
    Keywords: Daugman’s algorithm; University of Beira; UB; informative features security; iris recognition; Indian Institute of Technology Delhi; IITD; Daugman’s Integro differential operator; DIDO; gated recurrent unit; GRU; recurrent neural network; RNN; sparse autoencoder; and long short-term memory; LSTM.
    DOI: 10.1504/IJICS.2025.10071783
     
  • Enhancing network security using FLAT for classifying intrusion attacks   Order a copy of this article
    by Priyanka Hanumanthappa, Ananya Menon, Manjula Gururaj Rao 
    Abstract: Concerns over the security of sensitive data handled by internet of things (IoT) devices are being raised by their rising presence in many facets of our everyday life. Network security becomes critical when smart homes and industrial settings are used. This research presents a novel method for intrusion detection in network communication that combines federated learning approaches with conventional machine learning and deep learning algorithms. Federated learning with adversarial training (FLAT), the suggested approach, mixes decentralised (post-FLAT) and centralised (pre-FLAT) methods in a novel way to improve security measures. Adversarial training is incorporated into the model to provide an extra line of defence against possible attacks. With roughly 92% accuracy, precision, recall, and F1-score for the man-in-the-middle attack dataset, the FLAT method performs competitively. Additionally, for the active wiretap attack dataset, FLAT exhibits a commendable accuracy (93%), precision (95%), recall (87%), and F1-score (91%). This research contributes to advancing security measures in IoT environments by introducing FLAT as a powerful tool for intrusion detection.
    Keywords: FLAT; intrusion attacks; network security.
    DOI: 10.1504/IJICS.2025.10071904
     
  • LBCDA: lightweight blockchain-assisted cross-domain authentication scheme with privacy protection for SWIM   Order a copy of this article
    by Lizhe Zhang, Jiahao Li, Yiao Ma, Zhijun Wu, Ruiqi Li 
    Abstract: As a global civil aviation information-sharing service platform, cross-domain authentication of system wide information management (SWIM) has attracted much attention. Due to the inability of existing authentication schemes to meet the needs of lightweight users such as aircraft for secure cross-domain access to SWIM in the aircraft access to SWIM application, we propose a lightweight blockchain-assisted cross-domain authentication scheme for SWIM. The scheme uses certificateless cryptography to generate user private keys and achieves mutual authentication and key agreement for cross-domain users based on the elliptic curve Diffie-Hellman. Additionally, cross-domain users share authentication public parameters and anonymous identity through a consortium blockchain, thereby protecting identity privacy and establishing trust among them. We use SVO logic to prove that the authentication protocol realises its design goals and utilise the formal verification tool Scyther to demonstrate the schemes security. Compared to the four existing schemes, our scheme has lower computational and communication overhead.
    Keywords: system wide information management; SWIM; blockchain; cross-domain authentication; lightweight.
    DOI: 10.1504/IJICS.2025.10071966
     
  • A novel deviation-based detection mechanism for DDoS attacks in the cloud environment   Order a copy of this article
    by A. Somasundaram, S. Devaraju 
    Abstract: Distributed denial-of-service attacks are prevalent vulnerabilities in cloud computing, causing disruption to legitimate users. Despite existing detection methods, reliability and accuracy need improvement. A systematic approach is urgently needed for both spoofing and non-spoofing attacks. To distinguish attacks from legitimate network traffic, this paper proposes a deviation-based detection mechanism based on software-defined networks. The model has two significant phases such as knowledge acquisition and deviation based detection. The model makes use of the variance of a discrete probability distribution on the network features that are used to collect the knowledge base. For the known flow, the deviation between the traffic and the knowledge base is evaluated to determine the attack traffic. The rule-based detection mechanism is proposed for detecting attacks in the unknown flow. The proposed model, analyzed through experimental analysis, demonstrated an average detection rate of 98% and an execution time of 0.72 seconds, outperforming its competitors.
    Keywords: DDoS attack; cloud environment; attack detection; variance; discrete probability distribution; traffic representatives.
    DOI: 10.1504/IJICS.2025.10071967
     
  • Deep learning prediction model for DoS and SQL injection attack in SDN   Order a copy of this article
    by Rejo Rajan Mathew, Amarsinh Vidhate 
    Abstract: The overdependence on data in the digital ecosystem has introduced significant cybersecurity challenges, making traditional intrusion detection systems (IDS) increasingly inadequate, particularly against novel or evolving threats. This paper studies the effectiveness of deep learning (DL) techniques specifically gated recurring units (GRU), long-short-term memory (LSTM) networks and their hybrid configurations in detecting distributed denial of service (DDoS) and SQL injection attacks without relying on predefined intrusion signatures. Through extensive experimentation with individual and combined DL models, hybrid approaches demonstrated superior performance compared to conventional IDS across key evaluation metrics, including accuracy, precision, recall, and F1-score. Notably, the RNN+LSTM model achieved an accuracy of 95.14% for DDoS detection and 99.20% for SQL injection detection, outperforming traditional IDS in both cases. These results underscore the potential of advanced DL-based approaches in addressing the limitations of conventional systems and enhancing the real-time detection of advanced threats.
    Keywords: intrusion detection system; IDS; deep learning; neural networks; denial of service attack; SQL injection attack.
    DOI: 10.1504/IJICS.2025.10071968
     
  • Magnitude-based nonlinear steganography approach with image using assisted prediction from artificial neural networks   Order a copy of this article
    by Sabyasachi Samanta, Sudipta Roy, Dipak Kumar Jana 
    Abstract: A unique magnitude-based nonlinear image steganography technique is presented in this study, tackling the crucial trade-off between payload capacity and imperceptibility. Our method, in contrast to conventional methods, uses a secret key to start a pseudo-random pixel selection procedure that is dynamically directed by the payload. In order to maximise capacity and control distortion, this payload-adaptive technique produces a complicated, unpredictable embedding pattern. Crucially, information is only extracted from these specific pixel/bit positions, increasing efficiency and reducing vulnerability to steganalysis based on local statistical abnormalities. Through the prediction of the payload from the stego-image, we use an artificial neural network (ANN) to verify embedding accuracy. A thorough statistical analysis that contrasts our approach with existing methods shows that it performs better in terms of payload capacity, imperceptibility (PSNR/SSIM), and resistance to steganalysis. This special steganographic framework, which advances the state-of-the-art and provides a promising path for secure communication, is established by the combination of magnitude-based nonlinear embedding, payload-driven pixel selection, secret key initialisation, and ANN-based validation.
    Keywords: information security; payload; bits per pixel; BPP; magnitude-based nonlinear pixel position; MNPP; steganography; artificial neural network; ANN; statistical measure.
    DOI: 10.1504/IJICS.2025.10072099
     
  • EATIS: an environmentally adaptive traffic identification system for open world networks   Order a copy of this article
    by Yulong Liang, Fei Wang, Shuhui Chen, Yunjiao Bo, Na Wang 
    Abstract: Traffic identification, as a crucial measure in network management and security, has garnered significant attention from the public for an extended period. Machine learning methods have emerged as promising and effective solutions for identification of encrypted traffic. However, the intricate and ever-changing nature of the network environment often leads to subpar performance of conventional machine learning approaches. In this paper, we conduct a meticulous analysis of the characteristics of network traffic identification tasks, along with a examination of the limitations of previous methods based on experimental evidence. Moreover, we present EACIS, a highly adaptable and comprehensive system that aims to perform traffic identification in open world network scenarios. EACIS incorporates semi-supervised learning and innovative novelty detection techniques for online identification and differentiation of known traffic, unrelated traffic, and zero-day traffic. Experimental assessments performed on NUDT MobileTraffic dataset, which comprises actual traffic data, illustrate the benefits of our proposed approaches.
    Keywords: traffic identification; network monitoring; semi-supervised learning; novelty detection; random forest.
    DOI: 10.1504/IJICS.2025.10072122