Forthcoming Articles

International Journal of Information and Computer Security

International Journal of Information and Computer Security (IJICS)

Forthcoming articles have been peer-reviewed and accepted for publication but are pending final changes, are not yet published and may not appear here in their final order of publication until they are assigned to issues. Therefore, the content conforms to our standards but the presentation (e.g. typesetting and proof-reading) is not necessarily up to the Inderscience standard. Additionally, titles, authors, abstracts and keywords may change before publication. Articles will not be published until the final proofs are validated by their authors.

Forthcoming articles must be purchased for the purposes of research, teaching and private study only. These articles can be cited using the expression "in press". For example: Smith, J. (in press). Article Title. Journal Title.

Articles marked with this shopping trolley icon are available for purchase - click on the icon to send an email request to purchase.

Online First articles are also listed here. Online First articles are fully citeable, complete with a DOI. They can be cited, read, and downloaded. Online First articles are published as Open Access (OA) articles to make the latest research available as early as possible.

Open AccessArticles marked with this Open Access icon are Online First articles. They are freely available and openly accessible to all without any restriction except the ones stated in their respective CC licenses.

Register for our alerting service, which notifies you by email when new issues are published online.

International Journal of Information and Computer Security (9 papers in press)

Regular Issues

  • Context-aware sensitive information detection in unstructured text using BERT   Order a copy of this article
    by Longjam Velentina Devi, Navanath Saharia 
    Abstract: This paper proposes a BERT-based token classification model specifically designed for detecting sensitive information inside unstructured text data. Unlike existing sentence level or context level classification methods, our methodology allows for finer granularity by examining individual words as well as their impact on one another. Previously available methods often misclassify non-sensitive information such as customer care or toll-free numbers as sensitive data, but our methodology effectively distinguish between genuinely sensitive information and non-sensitive public contact numbers, improving precision and reducing false positives. Our model surpasses previous techniques on key criteria, with an accuracy of 98%, precision of 0.98 and F1-score of 0.99 performing better than the existing model by a considerable margin. This study highlights the effectiveness of classification for sensitive data detection and establishes a new benchmark for token-level analysis contributing to more secure and effective sensitive content management.
    Keywords: bidirectional encoder representations from transformers; BERT; privacy; machine learning; security; privacy; deep learning; CRF; sensitive information; personally identifiable information; PII.
    DOI: 10.1504/IJICS.2026.10078195
     
  • Cross-year cyber-attack detection and temporal generalisation: an explainable machine learning approach   Order a copy of this article
    by Archana R. Laddhad, Gurveen Vaseer 
    Abstract: The rapid evolution of cyber threats presents significant challenges for intrusion detection systems (IDS), particularly when it comes to adapting to new and unseen attack patterns. This study investigates the effectiveness of cross-year cyber-attack classification, with a focus on explainable machine learning (ML) to diagnose and understand the evolving nature of cyber threats. Specifically, we leverage decision trees as an interpretable model to identify critical features that contribute to the classification of network traffic, allowing for a transparent understanding of the decision-making process. By analysing and comparing the attack patterns across two years, we explore the changes in feature importance and the shifting characteristics of emerging threats. The findings highlight the challenges posed by evolving attacks and demonstrate how explainable ML methods can enhance the interpretability of IDS models, improving their ability to adapt to new threats. This work contributes valuable insights into the dynamic nature of cyber threats and emphasises the need for IDS systems that are both adaptive and transparent in their operation.
    Keywords: cybersecurity; intrusion detection systems; IDS; explainable machine learning; decision trees; cross-year analysis.
    DOI: 10.1504/IJICS.2026.10078770
     
  • Blockchain-based public examination management platform   Order a copy of this article
    by Dhruti Sharma, Kuldeep Kevat, Dhvani Maktuporia, Meet Oza, Dev Sadisatsowala 
    Abstract: The public examinations can be considered as a critical pathway for academic admission, employment selection, skill certification, etc. Such examinations are typically conducted by public examination management (PEM) platforms. Though the current PEM in India offers operational efficiency, they are still vulnerable to various malpractices including leakage of question paper, unauthorised access of confidential information, candidate impersonation as well as insider threat. Over the past decade, several hardware, software, and cryptography-based solutions have been proposed for secure exam conduction; however, none of them address all key vulnerabilities within a unified framework. In response, we propose a blockchain-based PEM (BPEM) platform integrating the cryptographic techniques, blockchain technology, and decentralised storage, i.e., interplanetary file system (IPFS). The proposed platform ensures tamper proof question paper collection and distribution, secure registration and authentication of candidates, and immutable result declaration effectively promoting fairness, trust, and accountability in public examination systems.
    Keywords: blockchain; smart contracts; interplanetary file system; IPFS; public examination management; cryptography; biometric authentication; question paper leakage; candidate impersonation.
    DOI: 10.1504/IJICS.2026.10078845
     
  • A comparative performance analysis of automated cloud security remediation architectures for AWS cloud environments   Order a copy of this article
    by Vitalii Molnar, Dmytro Sabodashko, Ivan Opirskyy 
    Abstract: This research evaluates the performance of three remediation strategies for addressing critical cloudsecurity misconfigurations: manual intervention, pollingbased automation, and eventdriven automation. Experiments were conducted within a single AWS account and region under controlled load, simulating two highimpact yet relatively simple scenarios: publicdata exposure through storagepolicy modification and unrestricted remote access due to securitygroup misconfiguration. Each approach was assessed using key metrics time to detect (TTD), time to remediate (TTR), and total automated response time (T_ART) across repeated trials to ensure statistical validity, assuming remediation functions remained in a warm state. Within this constrained experimental setting, eventdriven remediation achieved the lowest response times, consistently below ten seconds, whereas pollingbased and manual methods exhibited substantially higher latency. These findings suggest that, for similar classes of misconfigurations and deployment conditions, eventdriven workflows can provide faster and more consistent remediation, potentially reducing the dwell time of misconfigurations, although generalisation to multiregion and largescale environments requires further investigation.
    Keywords: cloud security; cloud misconfiguration; automated remediation; event-driven architecture; AWS Config; Amazon EventBridge; response latency; security automation; performance benchmarking.
    DOI: 10.1504/IJICS.2026.10078942
     
  • Code vulnerability detection based on improved GNN and attention mechanism   Order a copy of this article
    by Cheng Yang, Mingsheng Yang 
    Abstract: This study proposes an improved graph convolutional network (GCN) model that integrates a dynamic inter-layer attention mechanism. The core of this model is as follows: firstly, a dynamic inter-layer attention mechanism is designed. Through a learnable weight allocation unit, it can adaptively integrate the graph features at different depths of the model. Secondly, a lightweight method based on node importance scoring and dynamic parameter pruning is introduced to improve the efficiency of the model. Finally, a graph transformation encoder is combined to enhance the interpretability of the models decision-making process. The comprehensive detection accuracy of the proposed model reaches 97%, and its performance is significantly superior to the mainstream benchmark models. The model was evaluated on a mixed dataset containing a standard vulnerability dataset (including a list of five common defects) and real project code. This provides an efficient and reliable solution for automated code security auditing.
    Keywords: graph neural network; GNN; self-attention mechanism; SAM; code vulnerabilities; vulnerability detection; interpretability; graph structure.
    DOI: 10.1504/IJICS.2026.10079451
     
  • Generation of believable fake combinational logic circuits for cyber deception   Order a copy of this article
    by Nilin Prabhaker, Ghanshyam S. Bopche, Michael Arock 
    Abstract: The exponential increase in intellectual property (IP) theft has raised concern for organisations and government entities. Existing research suggests the use of fake document for protection against IP theft. To protect the logic circuit present in the IP document, we propose believable fake combinational logic circuits generation engine (BFCLCGE), which is an extension of our previous work (FBLCGE). We addressed the exhaustive search problem by modifying the original Boolean equation and introducing replacement constraints, thereby reducing overall time complexity. Additionally, we overcame the limitation of FBLCGE by incorporating ESPRESSO algorithm for efficient minimisation of Boolean equations with a large number of input variables. To test the believability of generated fake Boolean circuits, we implemented a virtual display (16-segment) and simulated the outputs. The proposed approach is efficient and generates indistinguishable fake circuits, which can be used to create believable fake documents for cyber deception against potential IP theft.
    Keywords: intellectual property; data ex-filtration; combinational logic circuits; hardware security; cyber security; cyber deception; decoy logic circuits; decoy documents.
    DOI: 10.1504/IJICS.2026.10079452
     
  • Differentially private influence maximisation in social networks   Order a copy of this article
    by Sri Satya Monica Bandaru, Nagesh Bhattu Sristy, Karthick Seshdri 
    Abstract: Influence maximisation (IM) aims to identify influential individuals or nodes in a social network for information transmission. IM finds key applications in targeted advertising, public health initiatives, and viral marketing. Widely used diffusion-based methods for IM lack generalisation. Recent research incorporates node embeddings for improving seed user identification. However, network embedding methodologies often reveal sensitive information about individuals. This work proposes a task-aware influence maximisation approach that integrates formal differential privacy guarantees with adversarial graph representation learning. By jointly learning source and destination node embeddings, we create a direction-aware generative adversarial network (GAN) that effectively captures asymmetric influence interactions in directed social networks. Noise-perturbed optimisation is used to guarantee differential privacy during the embedding learning step, protecting sensitive information regarding relationships. A CELF-based greedy IM algorithm allows influence spread to be optimised directly from differentially private representations, allowing for the efficient identification of influential nodes while maintaining privacy. Experimental evaluation on real-world networks demonstrates a 30% increase in privacy protection against link inference attacks, along with comparisons to traditional IM techniques.
    Keywords: social network analysis; SNA; influence maximisation; differential privacy; diffusion probabilities; node embeddings; moment accountant.
    DOI: 10.1504/IJICS.2026.10079453
     
  • Secured sharing of patients electronic health records with modified proxy blind signature scheme enabled hybrid authentication   Order a copy of this article
    by Ankita Vasant Pande, Sheetal S. Dhande 
    Abstract: Consent management in electronic health record systems (EHRS) plays a crucial role in ensuring the privacy and security of patient data sharing. Existing research has primarily focused on various consent models but often faces drawbacks such as complexity in implementation, lack of robustness in authentication mechanisms, and issues with scalability and efficiency. The research proposes a novel approach named Modified Proxy Blind Signature Verification with Hybrid Authentication for Consent Management (mPBS-HA CM) in EHRS that overcomes the existing limitations and provides an efficient outcome. The proposed model integrates hybrid authentication mechanisms to achieve hybrid authentication by enhancing both security and efficiency. The involved hybrid authentication mechanisms ensure secure key exchange and digital signature generation along with providing robust encryption of sensitive data. The research model provides the advantages of enhanced security through mPBS that improved scalability due to efficient techniques, and simplified implementation compared to traditional approaches. The research model with improved performance is evaluated with encryption time, decryption time, transaction time, genuine user rate (GUR), gas usage, memory usage, and responsiveness that achieved 3.475 s, 3.453 s, 1.017 s, 174.872 KB, 326.072 KB, 0.72, and 10.122 ms respectively.
    Keywords: consent management; electronic health records; hybrid encryption; hybrid verification; proxy blind signature scheme; health record security.
    DOI: 10.1504/IJICS.2026.10079470
     
  • Privacy-preserving cloud-agent pub-sub system with decentralised authorisation and bilateral fine-grained access control   Order a copy of this article
    by Weihu Cao, Linming Gong, Runmeng Du, Hui Hao 
    Abstract: With the growth of publish/subscribe systems (PSS), service providers increasingly outsource their computation and storage to cloud servers, but meanwhile incur some privacy risks such as data leakage, identity exposure, and subscription inference. Existing privacy-preserving PSS solutions rely on centralised authorisation and lack bilateral access control, leading to single points of failure and limited subscriber-side data governance. To address these gaps, this paper proposes a decentralised matching attribute-based encryption (DC-MABE) scheme. Building upon this, we construct a privacy-preserving PSS that supports distributed key management and enables fine-grained bilateral access control for both publishers and subscribers. Formal security analysis demonstrates that the scheme achieves indistinguishability under chosen-plaintext attacks (IND-CPA). Experimental results show that our solution offers a favourable balance between efficiency and security compared with state-of-the-art schemes.
    Keywords: privacy preservation; publish-subscribe systems; decentralised authorisation; attribute-based encryption; ABE.
    DOI: 10.1504/IJICS.2026.10079597