Forthcoming and Online First Articles

International Journal of Security and Networks

International Journal of Security and Networks (IJSN)

Forthcoming articles have been peer-reviewed and accepted for publication but are pending final changes, are not yet published and may not appear here in their final order of publication until they are assigned to issues. Therefore, the content conforms to our standards but the presentation (e.g. typesetting and proof-reading) is not necessarily up to the Inderscience standard. Additionally, titles, authors, abstracts and keywords may change before publication. Articles will not be published until the final proofs are validated by their authors.

Forthcoming articles must be purchased for the purposes of research, teaching and private study only. These articles can be cited using the expression "in press". For example: Smith, J. (in press). Article Title. Journal Title.

Articles marked with this shopping trolley icon are available for purchase - click on the icon to send an email request to purchase.

Online First articles are published online here, before they appear in a journal issue. Online First articles are fully citeable, complete with a DOI. They can be cited, read, and downloaded. Online First articles are published as Open Access (OA) articles to make the latest research available as early as possible.

Open AccessArticles marked with this Open Access icon are Online First articles. They are freely available and openly accessible to all without any restriction except the ones stated in their respective CC licenses.

Register for our alerting service, which notifies you by email when new issues are published online.

We also offer which provide timely updates of tables of contents, newly published articles and calls for papers.

International Journal of Security and Networks (6 papers in press)

Regular Issues

  • A Hybrid Malware Analysis Approach for Identifying Process-Injection Malware Based on Machine Learning   Order a copy of this article
    by Chia-Mei Chen, Ze-Yu Lin, Ya-Hui Ou 
    Abstract: Advanced Persistent Threat (APT) attacks take place every day, utilizing stealthy and customized malware to disrupt the service or sabotage the network. Such advanced malware may subvert the defense mechanism by abusing process injection techniques provided by operating system and injecting malicious code into a benign process. Some process injection techniques may be identified by static analysis, but some can only be discovered at run time execution. This study adopts deep learning models and two malware analysis approaches to detect process injection malware. By applying transfer learning, this study proposes a CNN-based detection model with the features selected from static and dynamic analysis to identify process-injection malware. The experimental results demonstrate that the proposed method could detect process-injection malware efficiently as well as unknown malware.
    Keywords: malware detection; process injection; machine learning.

  • Enabling Secure Modern Web Browsers against Cache-Based Timing Attacks   Order a copy of this article
    by Sangeetha Ganesan  
    Abstract: Web applications have grown to be the foundation of any kind of system, ranging from cloud services to the internet of things (IoT) systems. As a huge amount of sensitive data is processed in web applications, user privacy shows as the most important concern in web security. In the virtualisation system, cache side channel (CSC) attack techniques have become popular to retrieve the secret information of other users. This paper presents a run-time detection and prevention mechanism, called browser watcher (BW), for time-driven CSC attacks. The computation overhead of the proposed BW java script engine is monitored and tabulated for the different domains. The average cache miss rate is measured from 23% to 89%. Once the BW system identifies the attacker, then it prevents stealing the secret information of the victim. This makes it very hard for the attacker to find the memory access pattern of the victim.
    Keywords: cache side channel; CSC attack; timing attack; BW system; cache attack prevention; internet of things; IoT.
    DOI: 10.1504/IJSN.2023.10058114
     
  • A New Edge Weight-Based Measure for K-Shell Influential Node Identification in Complex Networks   Order a copy of this article
    by Yang Xiong, Yang Cheng 
    Abstract: There are mainly two problems with traditional k-shell centrality in complex networks. First, the traditional k-shell centrality divides many nodes into the same shell layer, which cannot accurately distinguish the propagation ability of nodes. Secondly, the networks' local attributes and global perspective cannot be effectively combined into the k-shell centrality, and most of the methods ignore the role of edge weight. Because of these problems, a new edge weight is introduced based on traditional k-shell centrality. The edge weight between any two nodes is defined from the local degree centrality and the global k-shell centrality. From the dynamics of information propagation, a new edge weight-based measure for k-shell centrality is put forward. The simulation results indicate that this improved centrality based on edge weight is good at ranking the key nodes in a complex network, and the influential spreaders identified by this method can obtain better performance in the susceptible-infected (SI) model and susceptible-infected-recovered (SIR) model of infectious diseases.
    Keywords: influential spreaders; edge weight; centrality; k-shell decomposition.
    DOI: 10.1504/IJSN.2023.10059505
     
  • A social network security user recommendation algorithm based on community user emotions   Order a copy of this article
    by Huajin Liu, Chunhua Ju, Houyuan Zhang 
    Abstract: Social networks play a vital role in people’s lives and work, but there are also have problems with sparse data and cold start. This study establishes a social network model and innovatively improves the classic user interest point recommendation algorithm based on community information and user emotion. A sequential learning ranking algorithm is designed to simulate user preferences from a sequence of recommended objects and convert user ratings into ranking scores, combined with a network security dictionary, Node2vec method, and hot coding to capture network security vocabulary. This study also uses the heuristic firefly optimisation algorithm to solve the problem and confirms that community CU-SNR has good experimental results. The improved LDA algorithm is used to adjust the social media emotion data, and three real social network data sets verify the algorithm’s performance. Numerical experiment results show that the algorithm simulation has a certain effect when facing social networks.
    Keywords: community information; user characteristics; social networks; firefly algorithm; recommendation algorithm; linear discriminant analysis; LDA.
    DOI: 10.1504/IJSN.2023.10060574
     
  • Secure Identity-Based Encryption: Overcoming the Key Escrow Challenge   Order a copy of this article
    by Khaleda Afroaz, Subba Rao Y.V., Rukma Rekha N 
    Abstract: Identity-based encryption (IBE) simplifies public key encryption overhead by eliminating the need for certificate authorities (CAs) to issue public keys. However, IBE suffers from the key escrow problem, where the private key generator (PKG) can access private keys. Existing solutions require additional trusted authorities or certificates. This paper presents a novel scheme that overcomes key escrow without certificates or extra trusted authorities. The scheme incorporates the receiver's public parameter during encryption, along with identity and public parameters from the PKG. To decrypt, the receiver needs the private key generated by the PKG and their private parameter, which is unknown to the PKG. This approach prevents PKG from decrypting messages. The proposed scheme is secure in the selective identity model and applicable in healthcare, MANETS, IoT, and M2M communications.
    Keywords: identity-based encryption; IBE; key escrow problem; private key generator; PKG.
    DOI: 10.1504/IJSN.2023.10060961
     
  • OneR-DQN: A botnet traffic detection model based on Deep Q Network algorithm in deep reinforcement learning   Order a copy of this article
    by Yutao Hu, Yuntao Zhao, Yongxin Feng, Xiangyu Ma 
    Abstract: With the continuous progress of network technology, the rapid growth of botnets poses a significant challenge to network security. A universal detection model needs to be improved to cope with various datasets with variable feature states. This article constructs a detection model based on deep reinforcement learning (DRL) deep Q network (DQN). It uses an OneR classifier to select features from the dataset and hand them to the model for training. The unique experience pool mechanism of DQN is used to extract independent experience and training samples for cross-training continuously. The trained model compares with the other detection models in a new dataset for experimental comparison. The experiment shows that: Compared with the existing detection model, the improved DQN botnet detection model has higher accuracy rate and precision rate, which indicates that the detection model equipped with the DQN algorithm has more robust adaptability in the new dataset.
    Keywords: botnet detection; deep reinforcement learning; DRL; DQN model; feature classification; OneR classifier.
    DOI: 10.1504/IJSN.2023.10062404