Sushil Kumar Singh¹, Yi Pan², Jong Hyuk Park^1,*

CMC-Computers, Materials & Continua, Vol.66, No.3, pp. 2905-2922, 2021, DOI:10.32604/cmc.2021.014151

Abstract For the past few decades, the Internet of Things (IoT) has been one of the main pillars wielding significant impact on various advanced industrial applications, including smart energy, smart manufacturing, and others. These applications are related to industrial plants, automation, and e-healthcare fields. IoT applications have several issues related to developing, planning, and managing the system. Therefore, IoT is transforming into G-IoT (Green Internet of Things), which realizes energy efficiency. It provides high power efficiency, enhances communication and networking. Nonetheless, this paradigm did not resolve all smart applications’ challenges in edge infrastructure, such as communication bandwidth, centralization, security, and privacy.… More >

Majdi K. Qabalin¹, Zaid A. Arida², Omar A. Saraereh³, Falin Wu^4,*, Imran Khan⁵, Peerapong Uthansakul⁶, Moath Alsafasfeh⁷

CMC-Computers, Materials & Continua, Vol.66, No.3, pp. 2957-2972, 2021, DOI:10.32604/cmc.2021.013951

Abstract The Internet has penetrated all aspects of human society and has promoted social progress. Cyber-crimes in many forms are commonplace and are dangerous to society and national security. Cybersecurity has become a major concern for citizens and governments. The Internet functions and software applications play a vital role in cybersecurity research and practice. Most of the cyber-attacks are based on exploits in system or application software. It is of utmost urgency to investigate software security problems. The demand for Wi-Fi applications is proliferating but the security problem is growing, requiring an optimal solution from researchers. To overcome the shortcomings of… More >

Mamdouh Alenezi¹, Abhishek Kumar Pandey², Richa Verma³, Mohd Faizan², Shalini Chandra³, Alka Agrawal², Rajeev Kumar^2,4,*, Raees Ahmad Khan²

CMC-Computers, Materials & Continua, Vol.66, No.3, pp. 2283-2299, 2021, DOI:10.32604/cmc.2021.013579

Abstract Design architecture is the edifice that strengthens the functionalities as well as the security of web applications. In order to facilitate architectural security from the web application’s design phase itself, practitioners are now adopting the novel mechanism of security tactics. With the intent to conduct a research from the perspective of security tactics, the present study employs a hybrid multi-criteria decision-making approach named fuzzy analytic hierarchy process-technique for order preference by similarity ideal solution (AHP-TOPSIS) method for selecting and assessing multi-criteria decisions. The adopted methodology is a blend of fuzzy analytic hierarchy process (fuzzy AHP) and fuzzy technique for order… More >

Fahad A. Alzahrani^*

CMC-Computers, Materials & Continua, Vol.66, No.3, pp. 2599-2625, 2021, DOI:10.32604/cmc.2021.013124

Abstract Usability and security are often considered contradictory in nature. One has a negative impact on the other. In order to satisfy the needs of users with the security perspective, the relationship and trade-offs among security and usability must be distinguished. Security practitioners are working on developing new approaches that would help to secure healthcare web applications as well increase usability of the web applications. In the same league, the present research endeavour is premised on the usable-security of healthcare web applications. For a compatible blend of usability and security that would fulfill the users’ requirments, this research proposes an integration… More >

Yuhua Sun¹, Lili Yan^1,*, Zhibin Sun², Shibin Zhang¹, Jiazhong Lu¹

CMC-Computers, Materials & Continua, Vol.66, No.3, pp. 2385-2395, 2021, DOI:10.32604/cmc.2021.012696

Abstract

Private comparison is the basis of many encryption technologies, and several related Quantum Private Comparison (QPC) protocols have been published in recent years. In these existing protocols, secret information is encoded by using conjugate coding or orthogonal states, and all users are quantum participants. In this paper, a novel semi-quantum private comparison scheme is proposed, which employs Bell entangled states as quantum resources. Two semi-quantum participants compare the equivalence of their private information with the help of a semi-honest third party (TP). Compared with the previous classical protocols, these two semi-quantum users can only make some particular action, such as… More >

Yichao Zang^1,*, Tairan Hu², Tianyang Zhou², Wanjiang Deng³

CMC-Computers, Materials & Continua, Vol.66, No.3, pp. 2573-2585, 2021, DOI:10.32604/cmc.2021.012220

Abstract Mining penetration testing semantic knowledge hidden in vast amounts of raw penetration testing data is of vital importance for automated penetration testing. Associative rule mining, a data mining technique, has been studied and explored for a long time. However, few studies have focused on knowledge discovery in the penetration testing area. The experimental result reveals that the long-tail distribution of penetration testing data nullifies the effectiveness of associative rule mining algorithms that are based on frequent pattern. To address this problem, a Bayesian inference based penetration semantic knowledge mining algorithm is proposed. First, a directed bipartite graph model, a kind… More >

Waiel M. Eid^1,2, Samer Atawneh¹, Mousa Al-Akhras^1,3,*

Intelligent Automation & Soft Computing, Vol.26, No.6, pp. 1319-1334, 2020, DOI:10.32604/iasc.2020.013678

Abstract The huge number of devices available in cyberspace and the increasing number of security vulnerabilities discovered daily have added many difficulties in keeping track of security vulnerabilities, especially when not using special security tools and software. Mass scanning of the Internet has opened a broad range of possibilities for security tools that help cybersecurity centers detect weaknesses and vulnerabilities in cyberspace. However, one critical issue faced by national cybersecurity centers is the collection of information about IP addresses and subnet ranges. To develop a data collection mechanism for such information and maintain this information with continuous updates, a scanning system… More >

Fuxiang Yuan, Fenlin Liu, Chong Liu, Xiangyang Luo^*

Intelligent Automation & Soft Computing, Vol.26, No.6, pp. 1403-1417, 2020, DOI:10.32604/iasc.2020.011902

Abstract IPs in homogeneous blocks are tightly connected and close to each other in topology and geography, which can help geolocate sensitive target IPs and maintain network security. Therefore, this manuscript proposes a city-level homogeneous blocks identification algorithm for IP geolocation. Firstly, IPs with consistent geographic location information in multiple databases and some landmarks in a specific area are obtained as targets; the /31 containing each target is used as a candidate block; vantage points are deployed to probe IPs in the candidate blocks to obtain delays and paths, and alias resolution is performed. Then, based on the analysis of paths… More >

Pingshui Wang^1,2,*, Willy Susilo²

Computer Systems Science and Engineering, Vol.36, No.1, pp. 213-224, 2021, DOI:10.32604/csse.2021.014541

Abstract With the development of information technology, the Internet of Things (IoT) has gradually become the third wave of the worldwide information industry revolution after the computer and the Internet. The application of the IoT has brought great convenience to people’s production and life. However, the potential information security problems in various IoT applications are gradually exposed and people pay more attention to them. The traditional centralized data storage and management model of the IoT is easy to cause transmission delay, single point of failure, privacy disclosure and other problems, and eventually leads to unpredictable behavior of the system. Blockchain technology… More >

Roddy A. Correa¹, Juan Ramón Bermejo Higuera², Javier Bermejo Higuera², Juan Antonio Sicilia Montalvo², Manuel Sánchez Rubio², Á. Alberto Magreñán^3,*

CMES-Computer Modeling in Engineering & Sciences, Vol.126, No.1, pp. 89-124, 2021, DOI:10.32604/cmes.2021.010700

Abstract This study presents a methodology to evaluate and prevent security vulnerabilities issues for web applications. The analysis process is based on the use of techniques and tools that allow to perform security assessments of white box and black box, to carry out the security validation of a web application in an agile and precise way. The objective of the methodology is to take advantage of the synergies of semi-automatic static and dynamic security analysis tools and manual checks. Each one of the phases contemplated in the methodology is supported by security analysis tools of different degrees of coverage, so that… More >