Forthcoming Articles

International Journal of Information and Computer Security

International Journal of Information and Computer Security (IJICS)

Forthcoming articles have been peer-reviewed and accepted for publication but are pending final changes, are not yet published and may not appear here in their final order of publication until they are assigned to issues. Therefore, the content conforms to our standards but the presentation (e.g. typesetting and proof-reading) is not necessarily up to the Inderscience standard. Additionally, titles, authors, abstracts and keywords may change before publication. Articles will not be published until the final proofs are validated by their authors.

Forthcoming articles must be purchased for the purposes of research, teaching and private study only. These articles can be cited using the expression "in press". For example: Smith, J. (in press). Article Title. Journal Title.

Articles marked with this shopping trolley icon are available for purchase - click on the icon to send an email request to purchase.

Online First articles are also listed here. Online First articles are fully citeable, complete with a DOI. They can be cited, read, and downloaded. Online First articles are published as Open Access (OA) articles to make the latest research available as early as possible.

Open AccessArticles marked with this Open Access icon are Online First articles. They are freely available and openly accessible to all without any restriction except the ones stated in their respective CC licenses.

Register for our alerting service, which notifies you by email when new issues are published online.

International Journal of Information and Computer Security (16 papers in press)

Regular Issues

  • Enhanced iris recognition using an optimised gated recurrent unit with informative feature selection   Order a copy of this article
    by K.R. Radhika, S.V. Sheela, P. Abhinand 
    Abstract: Iris recognition technologies are used in many applications nowadays because of the always-growing demand for identity authentication. This paper presents a strong deep learning-based system for exact iris localisation and recognition. The proposed framework consists of three steps: region segmentation, feature extraction, and recognition. The iris images were first obtained from three benchmark datasets. The multimedia university (MMU)-iris dataset, the IITD-iris dataset, and the UB-iris dataset. The interesting iris areas are then split using DIDO method in the second dimension. Thirdly, three techniques the Harris detector, ResNet-18, and speeded up robust features (SURF) are aggregated to extract features from the segmented iris sections. Feature extraction helps to emphasise the discriminative characteristics of Iris images clearly, therefore enabling classification models to differentiate between different patterns. These resulting discriminative features are subsequently put into the upgraded GRU model to detect matching and non-matching iris patterns. The empirical analysis revealed using the IITD-iris, MMU-iris, and UB-iris datasets that the enhanced GRU model acquired maximum recognition accuracy of 99.67%, 99.43%, and 98.78%. These achieved results surpass those of comparative models, including GRU, RNN, LSTM.
    Keywords: Daugman’s algorithm; University of Beira; UB; informative features security; iris recognition; Indian Institute of Technology Delhi; IITD; Daugman’s Integro differential operator; DIDO; gated recurrent unit; GRU; recurrent neural network; RNN; sparse autoencoder; and long short-term memory; LSTM.
    DOI: 10.1504/IJICS.2025.10071783
     
  • Deep learning prediction model for DoS and SQL injection attack in SDN   Order a copy of this article
    by Rejo Rajan Mathew, Amarsinh Vidhate 
    Abstract: The overdependence on data in the digital ecosystem has introduced significant cybersecurity challenges, making traditional intrusion detection systems (IDS) increasingly inadequate, particularly against novel or evolving threats. This paper studies the effectiveness of deep learning (DL) techniques specifically gated recurring units (GRU), long-short-term memory (LSTM) networks and their hybrid configurations in detecting distributed denial of service (DDoS) and SQL injection attacks without relying on predefined intrusion signatures. Through extensive experimentation with individual and combined DL models, hybrid approaches demonstrated superior performance compared to conventional IDS across key evaluation metrics, including accuracy, precision, recall, and F1-score. Notably, the RNN+LSTM model achieved an accuracy of 95.14% for DDoS detection and 99.20% for SQL injection detection, outperforming traditional IDS in both cases. These results underscore the potential of advanced DL-based approaches in addressing the limitations of conventional systems and enhancing the real-time detection of advanced threats.
    Keywords: intrusion detection system; IDS; deep learning; neural networks; denial of service attack; SQL injection attack.
    DOI: 10.1504/IJICS.2025.10071968
     
  • Magnitude-based nonlinear steganography approach with image using assisted prediction from artificial neural networks   Order a copy of this article
    by Sabyasachi Samanta, Sudipta Roy, Dipak Kumar Jana 
    Abstract: A unique magnitude-based nonlinear image steganography technique is presented in this study, tackling the crucial trade-off between payload capacity and imperceptibility. Our method, in contrast to conventional methods, uses a secret key to start a pseudo-random pixel selection procedure that is dynamically directed by the payload. In order to maximise capacity and control distortion, this payload-adaptive technique produces a complicated, unpredictable embedding pattern. Crucially, information is only extracted from these specific pixel/bit positions, increasing efficiency and reducing vulnerability to steganalysis based on local statistical abnormalities. Through the prediction of the payload from the stego-image, we use an artificial neural network (ANN) to verify embedding accuracy. A thorough statistical analysis that contrasts our approach with existing methods shows that it performs better in terms of payload capacity, imperceptibility (PSNR/SSIM), and resistance to steganalysis. This special steganographic framework, which advances the state-of-the-art and provides a promising path for secure communication, is established by the combination of magnitude-based nonlinear embedding, payload-driven pixel selection, secret key initialisation, and ANN-based validation.
    Keywords: information security; payload; bits per pixel; BPP; magnitude-based nonlinear pixel position; MNPP; steganography; artificial neural network; ANN; statistical measure.
    DOI: 10.1504/IJICS.2025.10072099
     
  • EATIS: an environmentally adaptive traffic identification system for open world networks   Order a copy of this article
    by Yulong Liang, Fei Wang, Shuhui Chen, Yunjiao Bo, Na Wang 
    Abstract: Traffic identification, as a crucial measure in network management and security, has garnered significant attention from the public for an extended period. Machine learning methods have emerged as promising and effective solutions for identification of encrypted traffic. However, the intricate and ever-changing nature of the network environment often leads to subpar performance of conventional machine learning approaches. In this paper, we conduct a meticulous analysis of the characteristics of network traffic identification tasks, along with a examination of the limitations of previous methods based on experimental evidence. Moreover, we present EACIS, a highly adaptable and comprehensive system that aims to perform traffic identification in open world network scenarios. EACIS incorporates semi-supervised learning and innovative novelty detection techniques for online identification and differentiation of known traffic, unrelated traffic, and zero-day traffic. Experimental assessments performed on NUDT MobileTraffic dataset, which comprises actual traffic data, illustrate the benefits of our proposed approaches.
    Keywords: traffic identification; network monitoring; semi-supervised learning; novelty detection; random forest.
    DOI: 10.1504/IJICS.2025.10072122
     
  • Explainable C/C++ vulnerability detection   Order a copy of this article
    by Zhen Huang, Amy Aumpansub, Sameer Shaik 
    Abstract: Detecting software vulnerabilities in C/C++ code is critical for ensuring software security. In this paper, we explore the use of neural networks to detect vulnerabilities using program slices that capture syntactic and semantic information. Our approach involves extracting vulnerability-related constructs such as API function calls, array usage, pointer usage, and arithmetic expressions, and converting them into numerical vectors. We experiment with two approaches: one where we randomly sample and downsample non-vulnerable data to balance the dataset, and another where we include all vulnerable data points and match them with an equal number of non-vulnerable points. Our model achieves high precision (90.7%), F1-score (93.5%), and Matthews correlation coefficient (MCC 86.8%), outperforming prior work in these metrics. We also use local interpretable model-agnostic explanations (LIME) to provide clear insights into why code segments are flagged as vulnerable. This approach improves both the accuracy and interpretability of vulnerability detection for developers.
    Keywords: software vulnerabilities; vulnerability detection; explainable AI; deep learning; neural networks; program analysis.
    DOI: 10.1504/IJICS.2025.10072216
     
  • A novel worm propagation model based on SDN dynamic honeypots   Order a copy of this article
    by Yafei Bie, Fengjiao Li, Jianguo Ren 
    Abstract: Addressing the issue of existing worm propagation models lacking proactive defense mechanisms against novel worm viruses within network attack environments, this paper establishes a propagation model based on dynamic honeypots, considering the proactive defense capabilities of honeypots and the network control flexibility offered by software-defined networking (SDN). To accurately predict worm behaviour, considering that actual worm attacks are not one-step, a new state named threatened state is introduced into the classical susceptible-infectious-recovered (SIR) model. Subsequently, to analyse the influence of SDN dynamic honeypots on worm propagation, a game state corresponding to the threatened state in real networks is incorporated, and the STIR-HB model is proposed. The equilibrium point and basic reproduction number of the model are calculated, and the stability of the equilibrium point is proved. This model provides a theoretical foundation for future applications in scenarios such as enterprise networks, cloud computing environments, and critical infrastructure systems.
    Keywords: worm virus; propagation model; honeypot; equilibrium point; software-defined networking; SDN; local stability; global stability; state transition.
    DOI: 10.1504/IJICS.2025.10073162
     
  • Enhancing the data security of digital records in archives through homomorphic encryption protocol   Order a copy of this article
    by Hua Cui 
    Abstract: In the digital era, archive records face risks of data leakage and unauthorised access. This study proposes a data security method based on homomorphic encryption, allowing computations without decryption. The approach trains models locally, sharing only updates instead of raw data. To enhance efficiency and privacy, it integrates a stepwise strategy, trust reward mechanism, and multi-key aggregation. Experimental results show that the method achieves a data access time of 0.5 s, encryption time of 1.2 s, privacy protection strength of 98.44 points, model accuracy of 99.5%, and communication time of 0.3 s. By preserving data privacy while optimising processing accuracy and efficiency, this approach significantly reduces data leakage risks in digital archives.
    Keywords: archives; data security; homomorphic encryption; data sharing; trust reward mechanism; distribution strategy; multi-key aggregation.
    DOI: 10.1504/IJICS.2025.10073172
     
  • Designing secure image retrieval with SKDTree and security protocols   Order a copy of this article
    by Dawei Yin, Lihong Zhang, Kai Yan 
    Abstract: With the rise of cloud computing, traditional image retrieval techniques struggle to handle the explosive growth of image data. This study proposes a secure image retrieval method based on the secure KD-tree, integrating scale invariant feature transform for feature extraction and secure interaction protocols for encryption. Experimental results show that the improved SKDTree algorithm achieves a retrieval time of 48 ms for file 1, outperforming the spectral encoding-based subgraph indexing (62 ms) and graph isomorphism (59 ms) algorithms. Additionally, processing 40 images takes 48.63 s, significantly faster than the 68.36 s required by the spectral encoding-based approach. These findings demonstrate that the proposed method ensures efficient and accurate image retrieval. The study contributes to secure multi-server collaboration, enhancing retrieval performance in large-scale cloud environments.
    Keywords: secure KD-tree; SKDTree; secure interaction protocol; image retrieval; access control strategy; scale invariant feature transform.
    DOI: 10.1504/IJICS.2025.10073202
     
  • Information privacy protection in malicious node detection in wireless sensor networks   Order a copy of this article
    by Tao Chen 
    Abstract: Wireless sensor networks are widely used due to their self-organisation and low power consumption but are vulnerable to malicious attacks and privacy leaks. This study proposes a security solution combining trust management mechanisms, extreme gradient boosting, and differential privacy. Suspicious nodes are identified using trust values, classified with extreme gradient boosting, and protected through differential privacy. In a network of 8,000 nodes, the model achieves a computation time of 512 ms, reducing by 412 ms compared to traditional deep learning models, with CPU utilisation below 48%. Against selective forwarding attacks, it attains 93.2% detection accuracy with a 4.8% false positive rate. This approach enhances WSN security by providing efficient attack detection and robust privacy protection, significantly improving network resilience against cyber threats.
    Keywords: wireless sensor networks; WSNs; malicious node detection; privacy protection; extreme gradient boosting; extreme gradient boosting; XGBoost; differential privacy.
    DOI: 10.1504/IJICS.2025.10073203
     
  • Secure logistic regression training based on fully homomorphic encryption   Order a copy of this article
    by Shiwen Wei, Zhili Chen, Xin Chen, Benchang Dong, Yizheng Ren, Jie Fu 
    Abstract: With the advancement of AI, many fields increasingly rely on AI to process data, which raises concerns about privacy breaches. Homomorphic encryption allows computations on encrypted data, offering strong privacy protection. This paper proposes a secure logistic regression model based on the CKKS, achieving an optimal trade-off between computational efficiency and model performance. We improve training efficiency and convergence speed by approximating the Sigmoid activation function with a first-order polynomial and incorporating a momentum-based stochastic gradient descent algorithm. Experimental results show that our secure model strikes an excellent balance between model performance and computational efficiency. Compared to previous studies, our model achieves shorter training times per iteration and consistently outperforms prior work on multiple datasets. Even on the most challenging dataset, the accuracy of our model is only 0.73% lower than that of previous methods. Furthermore, we validate the outstanding performance of the model on large-scale datasets containing real-world data.
    Keywords: CKKS homomorphic encryption; privacy-preserving computation; machine learning; logistic regression.
    DOI: 10.1504/IJICS.2025.10073370
     
  • Leveraging AI for enhanced deepfake detection! Developing framework for designing safe ecosystem to safeguard digital authenticity   Order a copy of this article
    by Pooja Gupta, Vijay Kumar Jain, Shrish Singh, Srabanti Maji, Shipra Agarwal 
    Abstract: The deepfake problem, defined as the creation and spread of modified movies or images that appear legitimate but are actually fake, has far-reaching effects. Deepfakes threaten to destroy the basic fabric of truth and confidence in society, needing immediate and extensive efforts to counteract their development and distribution. Addressing the deepfake issue is critical to maintaining information integrity, defending privacy rights, and restoring trust in our digital environment, therefore, the current study is a modest attempt to develop a framework for deepfake detection using AI. The variables having high impact and relationships with deepfake detection have been identified. Total 15 variables were identified based on literature and experts' opinion. The fuzzy DEMATLE-AHP has been applied on select variables to prioritise them in order of their effectiveness and find causality among them. Seven drivers were classified as effect whereas as eight drivers were identified as causes for deepfake detection. The analysis shows that blockchain technology (DF12), penalties (DF14) and watermarking and digital signature were ranked as the most significant drivers for deepfake detection.
    Keywords: digital forensics; blockchain; synthetic media; machine learning; voice cloning; DEMATLE.
    DOI: 10.1504/IJICS.2025.10073201
     
  • GESKI: a gas efficient structure for processing spatial keyword queries with hybrid storage architecture   Order a copy of this article
    by Muhammad Kashif Azhar, Bin Yao, Muhammad Imran, Waqas Ali 
    Abstract: Spatial keyword queries are ubiquitous, and they play an essential role in a myriad of location-based services (LBS) and geographic information systems (GIS). In recent years, blockchain is shifting trends towards decentralised LBS and GIS applications due to its immutability and traceability by making these applications more secure and trustworthy. However, the integration of spatial keyword data in blockchain poses different challenges like storage limitations and performance bottlenecks. To overcome these challenges, this paper proposes a Gas Efficient Spatial Keyword Index (GESKI), which is a smart contract-based implementation of Merkle Patricia Trie, and quad tree. The GESKI provides a gas efficient cost model for storing and processing of spatial keyword data. To enhance storage capacity, we also implemented a smart contract enabled hybrid storage solution by combining on-chain and off-chain paradigms. We performed multiple experiments for comprehensive evaluation over spatial keyword queries, and the results show that GESKI is able to achieve a 7-10× improvement in terms of gas efficiency in different settings, which demonstrates the efficiency and effectiveness of our proposed method.
    Keywords: blockchain; smart contract; spatial keyword queries; hybrid storage.
    DOI: 10.1504/IJICS.2025.10073200
     
  • Self-sovereign identity scheme for decentralised vehicular named data networking   Order a copy of this article
    by Xian Guo, Jianhua Ding 
    Abstract: To address the reliance on traditional PKI for establishing trust between entities in vehicular named data networking (VNDN), we propose a hierarchical blockchain-based self-sovereign identity (SSI) scheme for decentralised vehicular named data networking (DVNDN). In our scheme, RSUs and vehicles are registered under supervision of a trusted authority (TA). Then, a committee consisted of RSUs selected is used to manage decentralised identifiers (DIDs) and verifiable credentials (VCs) for vehicle. This approach enables VC-based trust establishment without third-party anchors as in PKI. The proposed solution adopts signature of knowledge (SoK) and non-interactive zero-knowledge proofs (NIZKs) to protect privacy during issuance, presentation, and verification of VC, with the ZoKrates toolkit employed for generating NIZK proofs and enabling on-chain verification. Our security analysis demonstrates that the proposed scheme meets security requirements. Experimental results show feasibility, reliability, and effectiveness of our scheme by applying the Ethereum-based platform on NDN into the vehicular network.
    Keywords: vehicular named data networking; VNDN; blockchain; self-sovereign identity; SSI; privacy-preserving.
    DOI: 10.1504/IJICS.2025.10071520
     
  • EBBSMWN: design of an energy-aware blockchain-based bioinspired security model of wireless networks   Order a copy of this article
    by Bhupesh B. Lonkar, Swapnili Karmore 
    Abstract: Energy-aware wireless networks require low-complexity data communication computations for operational longevity and real-time traffic demands. However, these networks face security and scalability challenges when node numbers exceed a threshold, leading to proposed models. This abstract presents a new approach to improve energy-aware wireless networks' security using blockchain technology and bioinspired techniques. It uses the ant lion optimisation method to select optimal encryption and hashing models for energy-aware blockchains, and the elephant herding optimisation model to enhance energy efficiency. The model's feasibility was tested using various performance indicators, including Sybil, DDoS, Finney, and man-in-the-middle attacks. The proposed model, combining blockchain technology, bioinspired techniques, and optimisation algorithms, results in a 4.5% reduction in energy consumption, a 5.9% decrease in communication delay, and a 2.5% reduction in jitter in wireless networks, offering a promising solution for energy-aware wireless networks.
    Keywords: blockchain; encryption; hashing; sharding; attacks; delay; energy; jitter; scenarios.
    DOI: 10.1504/IJICS.2025.10073199
     
  • Optimal-round semi-honest-quantum PAKE protocol with chaotic maps   Order a copy of this article
    by Chaonan Wang, Lu Zhang, Hongfeng Zhu 
    Abstract: There is an intuitive connection between quantum technology and chaos theory which may lead to a novel way to construct password-authenticated key exchange (PAKE) protocols to resist quantum attacks efficiently. This paper designs an optimal-round semi-honest-quantum PAKE protocol with chaotic maps. In which the clients act as classical users while the server acts as a quantum user with the ability to prepare entangled quantum, this semi-quantum environment makes the application process more efficient and convenient and reduces the cost of deploying the environment. In addition, the protocol takes full advantage of the true randomness of multiple GHZ-like states, as well as the ergodicity of chaotic maps and the sensitivity of initial conditions to realise the key exchange and the session key generation process, and guarantees the security, randomness and unpredictability of the session keys. Our protocol is an optimal-round design, i.e., only one communication is needed to complete the key exchange process, which greatly reduces the number of communications and the possibility of key information being intercepted. Finally, the content of security proof and efficiency analysis also demonstrate our protocol is suitable for efficiently protecting authentication keys and feasible to implement.
    Keywords: password-authenticated key exchange; GHZ-like states; chaotic maps; semi-honest-quantum.
    DOI: 10.1504/IJICS.2025.10071421
     
  • Federated learning: frameworks, optimisation algorithms, security threats and defences   Order a copy of this article
    by HongYun Cai, Yu Zhang, ShiYun Wang, MeiLing Zhang, Ao Zhao 
    Abstract: Federated learning (FL) integrates dispersed data across various locations and performs modelling and analysis directly on edge devices. However, as an emerging field, it faces significant security and privacy challenges. This paper provides a comprehensive review of the security threats and defenses in FL. We present an in-depth overview of the FL framework, optimisation algorithms, current security threats, and corresponding defense mechanisms, along with a discussion of the difficulties and challenges encountered. Our findings indicate that the primary security threats compromise the privacy and robustness of FL, which are the critical issues that defenses must address. We conclude by proposing important future research directions to enhance FLs adaptability to diverse environmental requirements.
    Keywords: federated learning; security threat; security defence; privacy; robustness.
    DOI: 10.1504/IJICS.2025.10073505
     

 

Return to top