Forthcoming Articles

International Journal of Information and Computer Security

International Journal of Information and Computer Security (IJICS)

Forthcoming articles have been peer-reviewed and accepted for publication but are pending final changes, are not yet published and may not appear here in their final order of publication until they are assigned to issues. Therefore, the content conforms to our standards but the presentation (e.g. typesetting and proof-reading) is not necessarily up to the Inderscience standard. Additionally, titles, authors, abstracts and keywords may change before publication. Articles will not be published until the final proofs are validated by their authors.

Forthcoming articles must be purchased for the purposes of research, teaching and private study only. These articles can be cited using the expression "in press". For example: Smith, J. (in press). Article Title. Journal Title.

Articles marked with this shopping trolley icon are available for purchase - click on the icon to send an email request to purchase.

Online First articles are also listed here. Online First articles are fully citeable, complete with a DOI. They can be cited, read, and downloaded. Online First articles are published as Open Access (OA) articles to make the latest research available as early as possible.

Open AccessArticles marked with this Open Access icon are Online First articles. They are freely available and openly accessible to all without any restriction except the ones stated in their respective CC licenses.

Register for our alerting service, which notifies you by email when new issues are published online.

International Journal of Information and Computer Security (12 papers in press)

Regular Issues

  • Enhanced iris recognition using an optimised gated recurrent unit with informative feature selection   Order a copy of this article
    by K.R. Radhika, S.V. Sheela, P. Abhinand 
    Abstract: Iris recognition technologies are used in many applications nowadays because of the always-growing demand for identity authentication. This paper presents a strong deep learning-based system for exact iris localisation and recognition. The proposed framework consists of three steps: region segmentation, feature extraction, and recognition. The iris images were first obtained from three benchmark datasets. The multimedia university (MMU)-iris dataset, the IITD-iris dataset, and the UB-iris dataset. The interesting iris areas are then split using DIDO method in the second dimension. Thirdly, three techniques the Harris detector, ResNet-18, and speeded up robust features (SURF) are aggregated to extract features from the segmented iris sections. Feature extraction helps to emphasise the discriminative characteristics of Iris images clearly, therefore enabling classification models to differentiate between different patterns. These resulting discriminative features are subsequently put into the upgraded GRU model to detect matching and non-matching iris patterns. The empirical analysis revealed using the IITD-iris, MMU-iris, and UB-iris datasets that the enhanced GRU model acquired maximum recognition accuracy of 99.67%, 99.43%, and 98.78%. These achieved results surpass those of comparative models, including GRU, RNN, LSTM.
    Keywords: Daugman’s algorithm; University of Beira; UB; informative features security; iris recognition; Indian Institute of Technology Delhi; IITD; Daugman’s Integro differential operator; DIDO; gated recurrent unit; GRU; recurrent neural network; RNN; sparse autoencoder; and long short-term memory; LSTM.
    DOI: 10.1504/IJICS.2025.10071783
     
  • A novel worm propagation model based on SDN dynamic honeypots   Order a copy of this article
    by Yafei Bie, Fengjiao Li, Jianguo Ren 
    Abstract: Addressing the issue of existing worm propagation models lacking proactive defense mechanisms against novel worm viruses within network attack environments, this paper establishes a propagation model based on dynamic honeypots, considering the proactive defense capabilities of honeypots and the network control flexibility offered by software-defined networking (SDN). To accurately predict worm behaviour, considering that actual worm attacks are not one-step, a new state named threatened state is introduced into the classical susceptible-infectious-recovered (SIR) model. Subsequently, to analyse the influence of SDN dynamic honeypots on worm propagation, a game state corresponding to the threatened state in real networks is incorporated, and the STIR-HB model is proposed. The equilibrium point and basic reproduction number of the model are calculated, and the stability of the equilibrium point is proved. This model provides a theoretical foundation for future applications in scenarios such as enterprise networks, cloud computing environments, and critical infrastructure systems.
    Keywords: worm virus; propagation model; honeypot; equilibrium point; software-defined networking; SDN; local stability; global stability; state transition.
    DOI: 10.1504/IJICS.2025.10073162
     
  • Enhancing the data security of digital records in archives through homomorphic encryption protocol   Order a copy of this article
    by Hua Cui 
    Abstract: In the digital era, archive records face risks of data leakage and unauthorised access. This study proposes a data security method based on homomorphic encryption, allowing computations without decryption. The approach trains models locally, sharing only updates instead of raw data. To enhance efficiency and privacy, it integrates a stepwise strategy, trust reward mechanism, and multi-key aggregation. Experimental results show that the method achieves a data access time of 0.5 s, encryption time of 1.2 s, privacy protection strength of 98.44 points, model accuracy of 99.5%, and communication time of 0.3 s. By preserving data privacy while optimising processing accuracy and efficiency, this approach significantly reduces data leakage risks in digital archives.
    Keywords: archives; data security; homomorphic encryption; data sharing; trust reward mechanism; distribution strategy; multi-key aggregation.
    DOI: 10.1504/IJICS.2025.10073172
     
  • Designing secure image retrieval with SKDTree and security protocols   Order a copy of this article
    by Dawei Yin, Lihong Zhang, Kai Yan 
    Abstract: With the rise of cloud computing, traditional image retrieval techniques struggle to handle the explosive growth of image data. This study proposes a secure image retrieval method based on the secure KD-tree, integrating scale invariant feature transform for feature extraction and secure interaction protocols for encryption. Experimental results show that the improved SKDTree algorithm achieves a retrieval time of 48 ms for file 1, outperforming the spectral encoding-based subgraph indexing (62 ms) and graph isomorphism (59 ms) algorithms. Additionally, processing 40 images takes 48.63 s, significantly faster than the 68.36 s required by the spectral encoding-based approach. These findings demonstrate that the proposed method ensures efficient and accurate image retrieval. The study contributes to secure multi-server collaboration, enhancing retrieval performance in large-scale cloud environments.
    Keywords: secure KD-tree; SKDTree; secure interaction protocol; image retrieval; access control strategy; scale invariant feature transform.
    DOI: 10.1504/IJICS.2025.10073202
     
  • Information privacy protection in malicious node detection in wireless sensor networks   Order a copy of this article
    by Tao Chen 
    Abstract: Wireless sensor networks are widely used due to their self-organisation and low power consumption but are vulnerable to malicious attacks and privacy leaks. This study proposes a security solution combining trust management mechanisms, extreme gradient boosting, and differential privacy. Suspicious nodes are identified using trust values, classified with extreme gradient boosting, and protected through differential privacy. In a network of 8,000 nodes, the model achieves a computation time of 512 ms, reducing by 412 ms compared to traditional deep learning models, with CPU utilisation below 48%. Against selective forwarding attacks, it attains 93.2% detection accuracy with a 4.8% false positive rate. This approach enhances WSN security by providing efficient attack detection and robust privacy protection, significantly improving network resilience against cyber threats.
    Keywords: wireless sensor networks; WSNs; malicious node detection; privacy protection; extreme gradient boosting; extreme gradient boosting; XGBoost; differential privacy.
    DOI: 10.1504/IJICS.2025.10073203
     
  • Secure logistic regression training based on fully homomorphic encryption   Order a copy of this article
    by Shiwen Wei, Zhili Chen, Xin Chen, Benchang Dong, Yizheng Ren, Jie Fu 
    Abstract: With the advancement of AI, many fields increasingly rely on AI to process data, which raises concerns about privacy breaches. Homomorphic encryption allows computations on encrypted data, offering strong privacy protection. This paper proposes a secure logistic regression model based on the CKKS, achieving an optimal trade-off between computational efficiency and model performance. We improve training efficiency and convergence speed by approximating the Sigmoid activation function with a first-order polynomial and incorporating a momentum-based stochastic gradient descent algorithm. Experimental results show that our secure model strikes an excellent balance between model performance and computational efficiency. Compared to previous studies, our model achieves shorter training times per iteration and consistently outperforms prior work on multiple datasets. Even on the most challenging dataset, the accuracy of our model is only 0.73% lower than that of previous methods. Furthermore, we validate the outstanding performance of the model on large-scale datasets containing real-world data.
    Keywords: CKKS homomorphic encryption; privacy-preserving computation; machine learning; logistic regression.
    DOI: 10.1504/IJICS.2025.10073370
     
  • Weighted chi-squared and LightGBM-based bagging for enhanced intrusion detection in edge IoMT networks   Order a copy of this article
    by Abdelkarim Ait Temghart, Hmad Zennou, Marwan Mbarek, Mohamed Baslam 
    Abstract: With the rapid growth of internet of medical things (IoMT) devices, edge computing providers must proactively address cybersecurity threats. This study leverages artificial intelligence (AI) for detecting malicious activities by utilising the synthetic minority oversampling technique (SMOTE) to balance class distributions in the imbalanced dataset. It employs a weighted hybrid feature selection method combining chi-squared and light gradient boosting machine (LightGBM). The proposed solution introduces a new ensemble model using bagging with multiple base classifiers like random forest, extra trees, XGBoost, and others. Using benchmark simulated data from the Washington University St. Louis Enhanced Healthcare Monitoring System (WUSTL-EHMS), the results demonstrate that the bagging of XGBoost achieves a high accuracy of 99.04%, showcasing its effectiveness in detecting cyber threats compared to other baseline models.
    Keywords: edge computing; security; ensemble learning; feature selection; machine learning; bagging; network attacks; intrusion detection system; IDS; internet of medical things; IoMT.
    DOI: 10.1504/IJICS.2025.10073704
     
  • Federated learning: frameworks, optimisation algorithms, security threats and defences   Order a copy of this article
    by HongYun Cai, Yu Zhang, ShiYun Wang, MeiLing Zhang, Ao Zhao 
    Abstract: Federated learning (FL) integrates dispersed data across various locations and performs modelling and analysis directly on edge devices. However, as an emerging field, it faces significant security and privacy challenges. This paper provides a comprehensive review of the security threats and defences in FL. We present an in-depth overview of the FL framework, optimisation algorithms, current security threats, and corresponding defence mechanisms, along with a discussion of the difficulties and challenges encountered. Our findings indicate that the primary security threats compromise the privacy and robustness of FL, which are the critical issues that defences must address. We conclude by proposing important future research directions to enhance FL's adaptability to diverse environmental requirements.
    Keywords: federated learning; security threat; security defence; privacy; robustness.
    DOI: 10.1504/IJICS.2025.10073505
     
  • Magnitude-based nonlinear steganography approach with image using assisted prediction from artificial neural networks   Order a copy of this article
    by Sabyasachi Samanta, Sudipta Roy, Dipak Kumar Jana 
    Abstract: A unique magnitude-based nonlinear image steganography technique is presented in this study, tackling the crucial trade-off between payload capacity and imperceptibility. Our method, in contrast to conventional methods, uses a secret key to start a pseudo-random pixel selection procedure that is dynamically directed by the payload. In order to maximise capacity and control distortion, this payload-adaptive technique produces a complicated, unpredictable embedding pattern. Crucially, information is only extracted from these specific pixel/bit positions, increasing efficiency and reducing vulnerability to steganalysis based on local statistical abnormalities. Through the prediction of the payload from the stego-image, we use an artificial neural network (ANN) to verify embedding accuracy. A thorough statistical analysis that contrasts our approach with existing methods shows that it performs better in terms of payload capacity, imperceptibility (PSNR/SSIM), and resistance to steganalysis. This special steganographic framework, which advances the state-of-the-art and provides a promising path for secure communication, is established by the combination of magnitude-based nonlinear embedding, payload-driven pixel selection, secret key initialisation, and ANN-based validation.
    Keywords: information security; payload; bits per pixel; BPP; magnitude-based nonlinear pixel position; MNPP; steganography; artificial neural network; ANN; statistical measure.
    DOI: 10.1504/IJICS.2025.10072099
     
  • Deep learning prediction model for DoS and SQL injection attack in SDN   Order a copy of this article
    by Rejo Rajan Mathew, Amarsinh Vidhate 
    Abstract: The overdependence on data in the digital ecosystem has introduced significant cybersecurity challenges, making traditional intrusion detection systems (IDS) increasingly inadequate, particularly against novel or evolving threats. This paper studies the effectiveness of deep learning (DL) techniques - specifically gated recurring units (GRU), long-short-term memory (LSTM) networks and their hybrid configurations - in detecting distributed denial of service (DDoS) and SQL injection attacks without relying on predefined intrusion signatures. Through extensive experimentation with individual and combined DL models, hybrid approaches demonstrated superior performance compared to conventional IDS across key evaluation metrics, including accuracy, precision, recall, and F1-score. Notably, the RNN+LSTM model achieved an accuracy of 95.14% for DDoS detection and 99.20% for SQL injection detection, outperforming traditional IDS in both cases. These results underscore the potential of advanced DL-based approaches in addressing the limitations of conventional systems and enhancing the real-time detection of advanced threats.
    Keywords: intrusion detection system; IDS; deep learning; neural networks; denial of service attack; SQL injection attack.
    DOI: 10.1504/IJICS.2025.10071968
     
  • Explainable C/C++ vulnerability detection   Order a copy of this article
    by Zhen Huang, Amy Aumpansub, Sameer Shaik 
    Abstract: Detecting software vulnerabilities in C/C++ code is critical for ensuring software security. In this paper, we explore the use of neural networks to detect vulnerabilities using program slices that capture syntactic and semantic information. Our approach involves extracting vulnerability-related constructs such as API function calls, array usage, pointer usage, and arithmetic expressions, and converting them into numerical vectors. We experiment with two approaches: one where we randomly sample and downsample non-vulnerable data to balance the dataset, and another where we include all vulnerable data points and match them with an equal number of non-vulnerable points. Our model achieves high precision (90.7%), F1-score (93.5%), and Matthews correlation coefficient (MCC 86.8%), outperforming prior work in these metrics. We also use local interpretable model-agnostic explanations (LIME) to provide clear insights into why code segments are flagged as vulnerable. This approach improves both the accuracy and interpretability of vulnerability detection for developers.
    Keywords: software vulnerabilities; vulnerability detection; explainable AI; deep learning; neural networks; program analysis.
    DOI: 10.1504/IJICS.2025.10072216
     
  • EATIS: an environmentally adaptive traffic identification system for open world networks   Order a copy of this article
    by Yulong Liang, Fei Wang, Shuhui Chen, Yunjiao Bo, Na Wang 
    Abstract: Traffic identification, as a crucial measure in network management and security, has garnered significant attention from the public for an extended period. Machine learning methods have emerged as promising and effective solutions for identification of encrypted traffic. However, the intricate and ever-changing nature of the network environment often leads to subpar performance of conventional machine learning approaches. In this paper, we conduct a meticulous analysis of the characteristics of network traffic identification tasks, along with a examination of the limitations of previous methods based on experimental evidence. Moreover, we present EACIS, a highly adaptable and comprehensive system that aims to perform traffic identification in open world network scenarios. EACIS incorporates semi-supervised learning and innovative novelty detection techniques for online identification and differentiation of known traffic, unrelated traffic, and zero-day traffic. Experimental assessments performed on NUDT MobileTraffic dataset, which comprises actual traffic data, illustrate the benefits of our proposed approaches.
    Keywords: traffic identification; network monitoring; semi-supervised learning; novelty detection; random forest.
    DOI: 10.1504/IJICS.2025.10072122
     

 

Return to top