Abdelhadi Zineddine^1,#, Yousra Belfaik^2,#, Abdeslam Rehaimi¹, Yassine Sadqi^3,*, Said Safi¹

CMC-Computers, Materials & Continua, Vol.84, No.3, pp. 4019-4054, 2025, DOI:10.32604/cmc.2025.066139 - 30 July 2025

Abstract With the proliferation of online services and applications, adopting Single Sign-On (SSO) mechanisms has become increasingly prevalent. SSO enables users to authenticate once and gain access to multiple services, eliminating the need to provide their credentials repeatedly. However, this convenience raises concerns about user security and privacy. The increasing reliance on SSO and its potential risks make it imperative to comprehensively review the various SSO security and privacy threats, identify gaps in existing systems, and explore effective mitigation solutions. This need motivated the first systematic literature review (SLR) of SSO security and privacy, conducted in… More >

Hossana Maghiri Sufficient^*, Abdulazeez Murtala Mohammed, Bashir Danjuma

Journal of Cyber Security, Vol.7, pp. 239-253, 2025, DOI:10.32604/jcs.2025.066312 - 14 July 2025

Abstract The rapid integration of artificial intelligence (AI) into ethical hacking practices has transformed vulnerability discovery and threat mitigation; however, it raises pressing ethical questions regarding responsibility, justice, and privacy. This paper presents a PRISMA-guided systematic review of twelve peer-reviewed studies published between 2015 and March 2024, supplemented by Braun and Clarke’s thematic analysis, to map four core challenges: (1) autonomy and human oversight, (2) algorithmic bias and mitigation strategies, (3) data privacy preservation mechanisms, and (4) limitations of General Data Protection Regulation (GDPR) and the European Union’s AI Act in addressing AI-specific risks, alongside the… More >

Fatima Asiri¹, Wajdan Al Malwi¹, Fahad Masood², Mohammed S. Alshehri³, Tamara Zhukabayeva⁴, Syed Aziz Shah⁵, Jawad Ahmad^6,*

CMC-Computers, Materials & Continua, Vol.84, No.2, pp. 3943-3960, 2025, DOI:10.32604/cmc.2025.066498 - 03 July 2025

Abstract Edge computing (EC) combined with the Internet of Things (IoT) provides a scalable and efficient solution for smart homes. The rapid proliferation of IoT devices poses real-time data processing and security challenges. EC has become a transformative paradigm for addressing these challenges, particularly in intrusion detection and anomaly mitigation. The widespread connectivity of IoT edge networks has exposed them to various security threats, necessitating robust strategies to detect malicious activities. This research presents a privacy-preserving federated anomaly detection framework combined with Bayesian game theory (BGT) and double deep Q-learning (DDQL). The proposed framework integrates BGT… More >

Tatsuhito Hasegawa^#,*, Kyosuke Fujino^#

CMC-Computers, Materials & Continua, Vol.84, No.2, pp. 2429-2454, 2025, DOI:10.32604/cmc.2025.066270 - 03 July 2025

Abstract Recent advances in wearable devices have enabled large-scale collection of sensor data across healthcare, sports, and other domains but this has also raised critical privacy concerns, especially under tightening regulations such as the General Data Protection Regulation (GDPR), which explicitly restrict the processing of data that can re-identify individuals. Although existing anonymization approaches such as the Anonymizing AutoEncoder (AAE) can reduce the risk of re-identification, they often introduce substantial waveform distortions and fail to preserve information beyond a single classification task (e.g., human activity recognition). This study proposes a novel sensor data anonymization method based… More >

Peizheng Lai¹, Minqing Zhang^1,2,*, Yixin Tang¹, Ya Yue¹, Fuqiang Di^1,2

CMC-Computers, Materials & Continua, Vol.84, No.2, pp. 2935-2957, 2025, DOI:10.32604/cmc.2025.065887 - 03 July 2025

Abstract Federated Learning (FL) has emerged as a promising distributed machine learning paradigm that enables multi-party collaborative training while eliminating the need for raw data sharing. However, its reliance on a server introduces critical security vulnerabilities: malicious servers can infer private information from received local model updates or deliberately manipulate aggregation results. Consequently, achieving verifiable aggregation without compromising client privacy remains a critical challenge. To address these problem, we propose a reversible data hiding in encrypted domains (RDHED) scheme, which designs joint secret message embedding and extraction mechanism. This approach enables clients to embed secret messages… More >

Dain Lee^1,#, Hojune Shin^1,#, Jihyeon Choi¹, Younho Lee^1,2,*

CMC-Computers, Materials & Continua, Vol.84, No.2, pp. 3673-3705, 2025, DOI:10.32604/cmc.2025.064161 - 03 July 2025

Abstract In this study, we investigated privacy-preserving ID3 Decision Tree (PPID3) training and inference based on fully homomorphic encryption (FHE), which has not been actively explored due to the high computational cost associated with managing numerous child nodes in an ID3 tree. We propose HEaaN-ID3, a novel approach to realize PPID3 using the Cheon-Kim-Kim-Song (CKKS) scheme. HEaaN-ID3 is the first FHE-based ID3 framework that completes both training and inference without any intermediate decryption, which is especially valuable when decryption keys are inaccessible or a single-cloud security domain is assumed. To enhance computational efficiency, we adopt a… More >

Jiacheng Xiong¹, Xingshu Chen^1,2,3,*, Xiao Lan^2,3, Liangguo Chen^1,2

CMC-Computers, Materials & Continua, Vol.84, No.2, pp. 2273-2303, 2025, DOI:10.32604/cmc.2025.063984 - 03 July 2025

Abstract In the era of big data, the growing number of real-time data streams often contains a lot of sensitive privacy information. Releasing or sharing this data directly without processing will lead to serious privacy information leakage. This poses a great challenge to conventional privacy protection mechanisms (CPPM). The existing data partitioning methods ignore the number of data replications and information exchanges, resulting in complex distance calculations and inefficient indexing for high-dimensional data. Therefore, CPPM often fails to meet the stringent requirements of efficiency and reliability, especially in dynamic spatiotemporal environments. Addressing this concern, we proposed… More >

Yu-Bin Kim, Dong-Hyuk Shin, Ieck-Chae Euom^*

CMC-Computers, Materials & Continua, Vol.84, No.2, pp. 2217-2243, 2025, DOI:10.32604/cmc.2025.063289 - 03 July 2025

Abstract The global surge in electric vehicle (EV) adoption is proportionally expanding the EV charging station (EVCS) infrastructure, thereby increasing the attack surface and potential impact of security breaches within this critical ecosystem. While ISO 15118 standardizes EV-EVCS communication, its underspecified security guidelines and the variability in manufacturers’ implementations frequently result in vulnerabilities that can disrupt charging services, compromise user data, or affect power grid stability. This research introduces a systematic black-box fuzzing methodology, accompanied by an open-source tool, to proactively identify and mitigate such security flaws in EVCS firmware operating under ISO 15118. The proposed… More >

Jitendra Kumar Samriya¹, Virendra Singh², Gourav Bathla³, Meena Malik⁴, Varsha Arya^5,6, Wadee Alhalabi⁷, Brij B. Gupta^8,9,10,11,*

CMC-Computers, Materials & Continua, Vol.84, No.2, pp. 3893-3910, 2025, DOI:10.32604/cmc.2025.063242 - 03 July 2025

Abstract The integration of the Internet of Things (IoT) into healthcare systems improves patient care, boosts operational efficiency, and contributes to cost-effective healthcare delivery. However, overcoming several associated challenges, such as data security, interoperability, and ethical concerns, is crucial to realizing the full potential of IoT in healthcare. Real-time anomaly detection plays a key role in protecting patient data and maintaining device integrity amidst the additional security risks posed by interconnected systems. In this context, this paper presents a novel method for healthcare data privacy analysis. The technique is based on the identification of anomalies in… More >

Qingyu Tan, Yan Li, Byeong-Seok Shin^*

CMES-Computer Modeling in Engineering & Sciences, Vol.143, No.2, pp. 2417-2428, 2025, DOI:10.32604/cmes.2025.063811 - 30 May 2025

Abstract Federated Learning (FL), a practical solution that leverages distributed data across devices without the need for centralized data storage, which enables multiple participants to jointly train models while preserving data privacy and avoiding direct data sharing. Despite its privacy-preserving advantages, FL remains vulnerable to backdoor attacks, where malicious participants introduce backdoors into local models that are then propagated to the global model through the aggregation process. While existing differential privacy defenses have demonstrated effectiveness against backdoor attacks in FL, they often incur a significant degradation in the performance of the aggregated models on benign tasks.… More >