Table of contents for issues of International Journal of Information Security

Last update: Wed Mar 27 06:17:25 MDT 2024                Valid HTML 3.2!

Volume 1, Number 1, August, 2001
Volume 1, Number 2, February, 2002
Volume 1, Number 3, November, 2002
Volume 1, Number 4, July, 2003
Volume 2, Number 1, November, 2003
Volume 2, Number 2, January, 2004
Volume 2, Number 3--4, August, 2004
Volume 3, Number 1, October, 2004
Volume 3, Number 2, November, 2004
Volume 4, Number 1--2, February, 2005
Volume 4, Number 3, June, 2005
Volume 4, Number 4, October, 2005
Volume 5, Number 1, January, 2006
Volume 5, Number 2, April, 2006
Volume 5, Number 3, July, 2006
Volume 5, Number 4, October, 2006
Volume 6, Number 1, January, 2007
Volume 6, Number 2--3, March, 2007
Volume 6, Number 4, July, 2007
Volume 6, Number 5, September, 2007
Volume 6, Number 6, October, 2007
Volume 7, Number 1, January, 2008
Volume 7, Number 2, April, 2008
Volume 7, Number 3, June, 2008
Volume 7, Number 4, August, 2008
Volume 7, Number 5, October, 2008
Volume 7, Number 6, November, 2008
Volume 8, Number 1, February, 2009
Volume 8, Number 2, April, 2009
Volume 8, Number 3, June, 2009
Volume 8, Number 4, August, 2009
Volume 8, Number 5, October, 2009
Volume 8, Number 6, December, 2009
Volume 9, Number 1, February, 2010
Volume 9, Number 2, April, 2010
Volume 9, Number 3, June, 2010
Volume 9, Number 4, August, 2010
Volume 9, Number 5, October, 2010
Volume 9, Number 6, December, 2010
Volume 10, Number 1, February, 2011
Volume 10, Number 2, June, 2011
Volume 10, Number 3, June, 2011
Volume 10, Number 4, August, 2011
Volume 10, Number 5, October, 2011
Volume 10, Number 6, November, 2011
Volume 11, Number 1, February, 2012
Volume 11, Number 2, April, 2012
Volume 11, Number 3, June, 2012
Volume 11, Number 4, August, 2012
Volume 11, Number 5, October, 2012
Volume 11, Number 6, November, 2012
Volume 12, Number 1, February, 2013
Volume 12, Number 2, April, 2013
Volume 12, Number 3, June, 2013
Volume 12, Number 4, August, 2013
Volume 12, Number 5, October, 2013
Volume 12, Number 6, November, 2013
Volume 13, Number 1, February, 2014
Volume 13, Number 2, April, 2014
Volume 13, Number 3, June, 2014
Volume 13, Number 4, August, 2014
Volume 13, Number 5, October, 2014
Volume 13, Number 6, November, 2014
Volume 14, Number 1, February, 2015
Volume 14, Number 2, April, 2015
Volume 14, Number 3, June, 2015
Volume 14, Number 4, August, 2015
Volume 14, Number 5, October, 2015
Volume 14, Number 6, November, 2015
Volume 15, Number 1, February, 2016
Volume 15, Number 2, April, 2016
Volume 15, Number 3, June, 2016
Volume 15, Number 4, August, 2016
Volume 15, Number 5, October, 2016
Volume 15, Number 6, November, 2016
Volume 16, Number 1, February, 2017
Volume 16, Number 2, April, 2017
Volume 16, Number 3, June, 2017
Volume 16, Number 4, August, 2017
Volume 16, Number 5, October, 2017
Volume 16, Number 6, November, 2017
Volume 17, Number 1, February, 2018
Volume 17, Number 2, April, 2018
Volume 17, Number 3, June, 2018
Volume 17, Number 4, August, 2018
Volume 17, Number 5, October, 2018
Volume 17, Number 6, November, 2018
Volume 18, Number 1, February, 2019
Volume 18, Number 2, April, 2019
Volume 18, Number 3, June, 2019
Volume 18, Number 4, August, 2019
Volume 18, Number 5, October, 2019
Volume 18, Number 6, December, 2019
Volume 19, Number 1, February, 2020
Volume 19, Number 2, April, 2020
Volume 19, Number 3, June, 2020
Volume 19, Number 4, August, 2020
Volume 19, Number 5, October, 2020
Volume 19, Number 6, December, 2020
Volume 20, Number 1, February, 2021
Volume 20, Number 2, April, 2021
Volume 20, Number 3, June, 2021
Volume 20, Number 4, August, 2021
Volume 20, Number 5, October, 2021
Volume 20, Number 6, December, 2021
Volume 21, Number 1, February, 2022
Volume 21, Number 2, April, 2022
Volume 21, Number 3, June, 2022
Volume 21, Number 4, August, 2022
Volume 21, Number 5, October, 2022
Volume 21, Number 6, December, 2022
Volume 22, Number 1, February, 2023
Volume 22, Number 2, April, 2023
Volume 22, Number 3, June, 2023
Volume 22, Number 4, August, 2023
Volume 22, Number 5, October, 2023
Volume 22, Number 6, December, 2023
Volume 23, Number 1, February, 2024
Volume 23, Number 2, April, 2024


International Journal of Information Security
Volume 1, Number 1, August, 2001

             Dieter Gollman and   
       Catherine A. Meadows and   
                   Eiji Okamoto   Editorial  . . . . . . . . . . . . . . . 1--2
               Carl E. Landwehr   Computer security  . . . . . . . . . . . 3--13
                    John McHugh   Intrusion and intrusion detection  . . . 14--35
                Don Johnson and   
             Alfred Menezes and   
                 Scott Vanstone   The Elliptic Curve Digital Signature
                                  Algorithm (ECDSA)  . . . . . . . . . . . 36--63
               Carlo Blundo and   
               Paolo D'Arco and   
              Alfredo De Santis   A $t$-private $k$-database information
                                  retrieval scheme . . . . . . . . . . . . 64--68

International Journal of Information Security
Volume 1, Number 2, February, 2002

             Fabian Monrose and   
          Michael K. Reiter and   
                 Susanne Wetzel   Password hardening based on keystroke
                                  dynamics . . . . . . . . . . . . . . . . 69--83
                 Ohad Rodeh and   
          Kenneth P. Birman and   
                    Danny Dolev   Using AVL trees for fault-tolerant group
                                  key management . . . . . . . . . . . . . 84--99
                 E. Damiani and   
S. De Capitani di Vimercati and   
              S. Paraboschi and   
                    P. Samarati   Securing SOAP e-services . . . . . . . . 100--115
                 Michiharu Kudo   PBAC: Provision-based access control
                                  model  . . . . . . . . . . . . . . . . . 116--130
             Takaaki Mizuki and   
             Hiroki Shizuya and   
                Takao Nishizeki   A complete characterization of a family
                                  of key exchange protocols  . . . . . . . 131--142

International Journal of Information Security
Volume 1, Number 3, November, 2002

          Rainer Steinwandt and   
           Willi Geiselmann and   
               Regine Endsuleit   Attacking a polynomial-based
                                  cryptosystem: Polly Cracker  . . . . . . 143--148
              Yukio Itakura and   
           Masaki Hashiyada and   
           Toshio Nagashima and   
                  Shigeo Tsujii   Proposal on personal identifiers
                                  generated from the STR information of
                                  DNA  . . . . . . . . . . . . . . . . . . 149--160
J. M. Gonzáles Nieto and   
             K. Viswanathan and   
                    C. Boyd and   
                   A. Clark and   
                      E. Dawson   Key recovery for the commercial
                                  environment  . . . . . . . . . . . . . . 161--174
                     S. Kim and   
                          H. Oh   A new electronic check system with
                                  reusable refunds . . . . . . . . . . . . 175--188
                  Ed Dawson and   
         Kapali Viswanathan and   
                     Colin Boyd   Compliant cryptologic protocols  . . . . 189--202

International Journal of Information Security
Volume 1, Number 4, July, 2003

             Valery Korzhik and   
         Guillermo Morales-Luna   Hybrid authentication based on noisy
                                  channels . . . . . . . . . . . . . . . . 203--210
                  Chun Ruan and   
             Vijay Varadharajan   A formal graph based framework for
                                  supporting authorization delegations and
                                  conflict resolutions . . . . . . . . . . 211--222
               Steve Kremer and   
             Olivier Markowitch   Fair multi-party non-repudiation
                                  protocols  . . . . . . . . . . . . . . . 223--235
          Barbara Carminati and   
                  Elena Ferrari   Management of access control policies
                                  for XML document sources . . . . . . . . 236--260


International Journal of Information Security
Volume 2, Number 1, November, 2003

           Philip MacKenzie and   
              Michael K. Reiter   Networked cryptographic devices
                                  resilient to capture . . . . . . . . . . 1--20
        Sigrid Gürgens and   
               Javier Lopez and   
            René Peralta   Analysis of e-commerce protocols:
                                  Adapting a traditional technique . . . . 21--36
              Joonsang Baek and   
                  Yuliang Zheng   Zheng and Seberry's public key
                                  encryption scheme revisited  . . . . . . 37--44
              Elisa Bertino and   
              Elena Ferrari and   
                  Andrea Perego   Content-based filtering of Web
                                  documents: the MaX system and the
                                  EUFORBIA project . . . . . . . . . . . . 45--58
           Willi Geiselmann and   
                Willi Meier and   
              Rainer Steinwandt   An attack on the isomorphisms of
                                  polynomials problem with one secret  . . 59--64

International Journal of Information Security
Volume 2, Number 2, January, 2004

                      E. Dawson   Preface to the special issue on PKI  . . 65--65
                 B. Blakley and   
                  G. R. Blakley   All sail, no anchor II: Acceptable
                                  high-end PKI . . . . . . . . . . . . . . 66--77
                 Selwyn Russell   Theory and benefits of recursive
                                  certificate structures . . . . . . . . . 78--90
               Javier Lopez and   
        Antonio Maña and   
         Jose A. Montenegro and   
                 Juan J. Ortega   PKI design based on the use of on-line
                                  certification authorities  . . . . . . . 91--102
                 C. S. Laih and   
                     K. Y. Chen   Generating visible RSA public keys for
                                  PKI  . . . . . . . . . . . . . . . . . . 103--109
       Jose L. Muñoz and   
                Jordi Forne and   
              Oscar Esparza and   
                 Miguel Soriano   Certificate revocation system
                                  implementation based on the Merkle hash
                                  tree . . . . . . . . . . . . . . . . . . 110--124

International Journal of Information Security
Volume 2, Number 3--4, August, 2004

                 Corrado Priami   Preface to the special issue on Security
                                  in Global Computing  . . . . . . . . . . 125--125
               David Teller and   
              Pascal Zimmer and   
              Daniel Hirschkoff   Using ambients to control resources  . . 126--144
           Mikael Buchholtz and   
         Hanne Riis Nielson and   
               Flemming Nielson   A calculus for control flow analysis of
                                  security protocols . . . . . . . . . . . 145--167
           Roberto Gorrieri and   
            Ruggero Lanotte and   
  Andrea Maggiolo-Schettini and   
           Fabio Martinelli and   
                Simone Tini and   
                  Enrico Tronci   Automated analysis of timed security: a
                                  case study on web privacy  . . . . . . . 168--186
         Massimo Bartoletti and   
           Pierpaolo Degano and   
             Gian Luigi Ferrari   Stack inspection and secure program
                                  transformations  . . . . . . . . . . . . 187--217
           Philip MacKenzie and   
              Michael K. Reiter   Two-party generation of DSA signatures   218--239


International Journal of Information Security
Volume 3, Number 1, October, 2004

                Michael Waidner   Preface  . . . . . . . . . . . . . . . . 1--1
          Philippa Hopcroft and   
                     Gavin Lowe   Analysing a stream authentication
                                  protocol using model checking  . . . . . 2--13
             Joachim Biskup and   
                  Piero Bonatti   Controlled query evaluation for
                                  enforcing confidentiality in complete
                                  information systems  . . . . . . . . . . 14--27
                  Sean W. Smith   Outbound authentication for programmable
                                  secure coprocessors  . . . . . . . . . . 28--41
             Michael Backes and   
               Birgit Pfitzmann   Computational probabilistic
                                  noninterference  . . . . . . . . . . . . 42--60

International Journal of Information Security
Volume 3, Number 2, November, 2004

                Vanesa Daza and   
             Javier Herranz and   
      Germán Sáez   Protocols useful on the Internet from
                                  distributed signature schemes  . . . . . 61--69
               Mark Burgess and   
          Geoffrey Canright and   
       Kenth Engò-Monsen   A graph-theoretical model of computer
                                  security . . . . . . . . . . . . . . . . 70--85
           Yvonne Hitchcock and   
              Paul Montague and   
                Gary Carter and   
                      Ed Dawson   The efficiency of solving multiple
                                  discrete logarithm problems and the
                                  implications for the security of fixed
                                  elliptic curves  . . . . . . . . . . . . 86--98
        Antonio Maña and   
               Javier Lopez and   
             Juan J. Ortega and   
           Ernesto Pimentel and   
                  Jose M. Troya   A framework for secure execution of
                                  software . . . . . . . . . . . . . . . . 99--112
               Habtamu Abie and   
         Pål Spilling and   
                      Bent Foyn   A distributed digital rights management
                                  model for secure
                                  information-distribution systems . . . . 113--128


International Journal of Information Security
Volume 4, Number 1--2, February, 2005

             Serge Autexier and   
           Iliano Cervesato and   
                   Heiko Mantel   Preface to the special issue of selected
                                  papers from FCS/VERIFY 2002  . . . . . . 1--1
                Jay Ligatti and   
                 Lujo Bauer and   
                   David Walker   Edit automata: enforcement mechanisms
                                  for run-time security policies . . . . . 2--16
            Giampaolo Bella and   
             Fabio Massacci and   
            Lawrence C. Paulson   An overview of the verification of SET   17--28
          Joshua D. Guttman and   
                  Amy L. Herzog   Rigorous automated network security
                                  management . . . . . . . . . . . . . . . 29--48
              Ralf Küsters   On the decidability of cryptographic
                                  protocols with open-ended data
                                  structures . . . . . . . . . . . . . . . 49--70
               Kong-wei Lye and   
              Jeannette M. Wing   Game strategies in network security  . . 71--86
           Christian Skalka and   
                    Scott Smith   Static use-based object confinement  . . 87--104
             Kyung-suk Lhee and   
                Steve J. Chapin   Detection of file-based race conditions  105--119
                    Yun Bai and   
                  Yan Zhang and   
             Vijay Varadharajan   On the sequence of authorization policy
                                  transformations  . . . . . . . . . . . . 120--131

International Journal of Information Security
Volume 4, Number 3, June, 2005

                Einar Snekkenes   Preface to the special issue on ESORICS
                                  2003 . . . . . . . . . . . . . . . . . . 133--134
             Michael Backes and   
           Birgit Pfitzmann and   
                Michael Waidner   Symmetric authentication in a
                                  simulatable Dolev--Yao-style
                                  cryptographic library  . . . . . . . . . 135--154
           David von Oheimb and   
               Volkmar Lotz and   
                   Georg Walter   Analyzing SLE 88 memory management
                                  security using Interacting State
                                  Machines . . . . . . . . . . . . . . . . 155--171
           Andrei Serjantov and   
                   Peter Sewell   Passive-attack analysis for
                                  connection-based anonymity systems . . . 172--180
                David Basin and   
  Sebastian Mödersheim and   
                  Luca Vigan\`o   OFMC: a symbolic model checker for
                                  security protocols . . . . . . . . . . . 181--208
           Jonathan Trostle and   
                   Bill Gossman   Techniques for improving the security
                                  and manageability of IPsec policy  . . . 209--226

International Journal of Information Security
Volume 4, Number 4, October, 2005

                 Colin Boyd and   
                      Wenbo Mao   Preface to the special issue on ISC 2003 227--227
              David Galindo and   
   Sebasti\`a Martín and   
                Paz Morillo and   
                Jorge L. Villar   Fujisaki--Okamoto hybrid encryption
                                  revisited  . . . . . . . . . . . . . . . 228--241
             Michael Backes and   
           Birgit Pfitzmann and   
                Michael Waidner   Reactively secure signature schemes  . . 242--252
        Sigrid Gürgens and   
            Carsten Rudolph and   
                    Holger Vogt   On the security of fair non-repudiation
                                  protocols  . . . . . . . . . . . . . . . 253--262
             Adrian Baldwin and   
                     Simon Shiu   Enabling shared audit data . . . . . . . 263--276
         Mikhail J. Atallah and   
                    Jiangtao Li   Secure outsourcing of sequence
                                  comparisons  . . . . . . . . . . . . . . 277--287
              Yukio Itakura and   
                  Shigeo Tsujii   Proposal on a multifactor biometric
                                  authentication method based on
                                  cryptosystem keys containing biometric
                                  signatures . . . . . . . . . . . . . . . 288--296


International Journal of Information Security
Volume 5, Number 1, January, 2006

             Stefanos Gritzalis   Public Key Infrastructure: Research and
                                  Applications . . . . . . . . . . . . . . 1--2
           Gabriel Vanrenen and   
                 Sean Smith and   
                John Marchesini   Distributing security-mediated PKI . . . 3--17
               Antonio Lioy and   
              Marius Marian and   
        Natalia Moltchanova and   
              Massimiliano Pala   PKI past, present and future . . . . . . 18--29
        Jens-Matthias Bohli and   
        Stefan Röhrich and   
              Rainer Steinwandt   Key substitution attacks revisited:
                                  Taking into account malicious signers    30--36
              Jianying Zhou and   
                   Feng Bao and   
                    Robert Deng   Minimizing TTP's involvement in
                                  signature validation . . . . . . . . . . 37--47
                 Ninghui Li and   
               John C. Mitchell   Understanding SPKI/SDSI using
                                  first-order logic  . . . . . . . . . . . 48--64

International Journal of Information Security
Volume 5, Number 2, April, 2006

              Jianying Zhou and   
                   Javier Lopez   Preface  . . . . . . . . . . . . . . . . 65--66
                  Adam L. Young   Cryptoviral extortion using Microsoft's
                                  Crypto API . . . . . . . . . . . . . . . 67--76
         Stelios Sidiroglou and   
           Angelos D. Keromytis   Execution transactions for defending
                                  against software failures: use and
                                  evaluation . . . . . . . . . . . . . . . 77--91
                Deholo Nali and   
             Carlisle Adams and   
                       Ali Miri   Hierarchical time-based information
                                  release  . . . . . . . . . . . . . . . . 92--104
       Dibyendu Chakrabarti and   
            Subhamoy Maitra and   
                      Bimal Roy   A key pre-distribution scheme for
                                  wireless sensor networks: merging blocks
                                  in combinatorial design  . . . . . . . . 105--114
             Gary S.-W. Yeo and   
             Raphael C.-W. Phan   On the security of the WinRAR encryption
                                  feature  . . . . . . . . . . . . . . . . 115--123

International Journal of Information Security
Volume 5, Number 3, July, 2006

                Alain Mayer and   
               Avishai Wool and   
                 Elisha Ziskind   Offline firewall analysis  . . . . . . . 125--144
     Vino Fernando Crescini and   
                      Yan Zhang   PolicyUpdater: a system for dynamic
                                  access control . . . . . . . . . . . . . 145--165
            Yukiyasu Tsunoo and   
           Etsuko Tsujihara and   
               Maki Shigeri and   
              Hiroyasu Kubo and   
             Kazuhiko Minematsu   Improving cache attacks by considering
                                  cipher structure . . . . . . . . . . . . 166--176
            Katsuyuki Okeya and   
                Tsuyoshi Takagi   Security analysis of CRT-based
                                  cryptosystems  . . . . . . . . . . . . . 177--185
       Paul C. van Oorschot and   
           Jean-Marc Robert and   
           Miguel Vargas Martin   A monitoring system for detecting
                                  repeated packets with applications to
                                  computer worms . . . . . . . . . . . . . 186--199

International Journal of Information Security
Volume 5, Number 4, October, 2006

                   Felix Brandt   How to obtain full privacy in auctions   201--216
            S. S. Al-Riyami and   
              J. Malone-Lee and   
                    N. P. Smart   Escrow-free encryption supporting
                                  cryptographic workflow . . . . . . . . . 217--229
                Jintai Ding and   
             Dieter Schmidt and   
                     Zhijun Yin   Cryptanalysis of the new TTS scheme in
                                  CHES 2004  . . . . . . . . . . . . . . . 231--240
                 Lan Nguyen and   
           Rei Safavi-Naini and   
                 Kaoru Kurosawa   Verifiable shuffles: a formal model and
                                  a Paillier-based three-round
                                  construction with provable security  . . 241--255
             Paolo Giorgini and   
             Fabio Massacci and   
            John Mylopoulos and   
                 Nicola Zannone   Requirements engineering for trust
                                  management: model, methodology, and
                                  reasoning  . . . . . . . . . . . . . . . 257--274


International Journal of Information Security
Volume 6, Number 1, January, 2007

               N. L. Clarke and   
                  S. M. Furnell   Authenticating mobile phone users using
                                  keystroke analysis . . . . . . . . . . . 1--14
               Carlo Blundo and   
             Clemente Galdi and   
              Giuseppe Persiano   Low-randomness constant-round private
                                  XOR computations . . . . . . . . . . . . 15--26
               Shujing Wang and   
                      Yan Zhang   Handling distributed authorization with
                                  delegation through answer set
                                  programming  . . . . . . . . . . . . . . 27--46
      Elisavet Konstantinou and   
        Yannis C. Stamatiou and   
            Christos Zaroliagis   Efficient generation of secure elliptic
                                  curves . . . . . . . . . . . . . . . . . 47--63

International Journal of Information Security
Volume 6, Number 2--3, March, 2007

            Theo Dimitrakos and   
           Fabio Martinelli and   
           Peter Y. A. Ryan and   
                Steve Schneider   Guest Editors' Preface . . . . . . . . . 65--66
              Lantian Zheng and   
                Andrew C. Myers   Dynamic security labels and static
                                  information flow control . . . . . . . . 67--84
     Nicoletta De Francesco and   
                   Luca Martini   Instruction-level security typing by
                                  abstract interpretation  . . . . . . . . 85--106
            Boris Köpf and   
                   Heiko Mantel   Transformational typing and unification
                                  for automatically correcting insecure
                                  programs . . . . . . . . . . . . . . . . 107--131
           J. G. Cederquist and   
                   R. Corin and   
            M. A. C. Dekker and   
                  S. Etalle and   
           J. I. den Hartog and   
                     G. Lenzini   Audit-based compliance control . . . . . 133--151
                Karl Krukow and   
                 Mogens Nielsen   Trust structures . . . . . . . . . . . . 153--181
               Rob Delicata and   
                Steve Schneider   An algebraic approach to the
                                  verification of a class of
                                  Diffie--Hellman protocols  . . . . . . . 183--196

International Journal of Information Security
Volume 6, Number 4, July, 2007

               S. Gritzalis and   
        A. N. Yannacopoulos and   
          C. Lambrinoudakis and   
             P. Hatzopoulos and   
                 S. K. Katsikas   A probabilistic model for optimal
                                  insurance contracts against security
                                  risks and privacy violation in IT
                                  outsourcing environments . . . . . . . . 197--211
                    L. Chen and   
                   Z. Cheng and   
                    N. P. Smart   Identity-based key agreement protocols
                                  from pairings  . . . . . . . . . . . . . 213--241
        Jens-Matthias Bohli and   
María Isabel González Vasco and   
              Rainer Steinwandt   Secure group key establishment revisited 243--254
              Elisa Bertino and   
              Elena Ferrari and   
              Federica Paci and   
   Loredana Parasiliti Provenza   A system for securing push-based
                                  distribution of XML documents  . . . . . 255--284

International Journal of Information Security
Volume 6, Number 5, September, 2007

               Scott Knight and   
              Scott Buffett and   
             Patrick C. K. Hung   The \booktitleInternational Journal of
                                  Information Security Special Issue on
                                  privacy, security and trust technologies
                                  and E-business services  . . . . . . . . 285--286
               Zhengping Wu and   
               Alfred C. Weaver   Requirements of federated trust
                                  management for service-oriented
                                  architectures  . . . . . . . . . . . . . 287--296
                Jinshan Liu and   
         Valérie Issarny   An incentive compatible reputation
                                  mechanism for ubiquitous computing
                                  environments . . . . . . . . . . . . . . 297--311
                    Avner Levin   Is workplace surveillance legal in
                                  Canada?  . . . . . . . . . . . . . . . . 313--321
            Thomas W. Lauer and   
                  Xiaodong Deng   Building online trust through privacy
                                  practices  . . . . . . . . . . . . . . . 323--331
                  Jie Zhang and   
            Ali A. Ghorbani and   
                    Robin Cohen   A familiarity-based trust model for
                                  effective selection of sellers in
                                  multiagent e-commerce systems  . . . . . 333--344
        Mohammad Zulkernine and   
             Mathews Graves and   
      Muhammad Umair Ahmed Khan   Integrating software specifications into
                                  intrusion detection  . . . . . . . . . . 345--357

International Journal of Information Security
Volume 6, Number 6, October, 2007

             Michael Backes and   
         Stefanos Gritzalis and   
                   Bart Preneel   Preface  . . . . . . . . . . . . . . . . 359--360
     Kostas G. Anagnostakis and   
       Michael B. Greenwald and   
          Sotiris Ioannidis and   
           Angelos D. Keromytis   COVERAGE: detecting and reacting to worm
                                  epidemics using cooperation and
                                  validation . . . . . . . . . . . . . . . 361--378
             Luciano Bononi and   
                  Carlo Tacconi   Intrusion detection for secure
                                  clustering and routing in Mobile
                                  Multi-hop Wireless Networks  . . . . . . 379--392
                 George Danezis   Breaking four mix-related schemes based
                                  on Universal Re-encryption . . . . . . . 393--402
           Fernando Esponda and   
            Elena S. Ackley and   
                Paul Helman and   
                 Haixia Jia and   
              Stephanie Forrest   Protecting data privacy through
                                  hard-to-reverse negative databases . . . 403--415
           Patrick Klinkoff and   
                Engin Kirda and   
        Christopher Kruegel and   
                 Giovanni Vigna   Extending .NET security to unmanaged
                                  code . . . . . . . . . . . . . . . . . . 417--428


International Journal of Information Security
Volume 7, Number 1, January, 2008

           Pierpaolo Degano and   
                  Luca Vigan\`o   Preface  . . . . . . . . . . . . . . . . 1--1
         Alessandro Armando and   
                  Luca Compagna   SAT-based model-checking for security
                                  protocols analysis . . . . . . . . . . . 3--32
             Michael Backes and   
               Birgit Pfitzmann   Limits of the BRSIM/UC soundness of
                                  Dolev--Yao-style XOR . . . . . . . . . . 33--54
           Andrea Bracciali and   
          Gianluigi Ferrari and   
                  Emilio Tuosto   A symbolic framework for multi-faceted
                                  security protocol analysis . . . . . . . 55--84
   Juan M. Estevez-Tapiador and   
           Almudena Alcaide and   
  Julio C. Hernandez-Castro and   
               Arturo Ribagorda   Bayesian rational exchange . . . . . . . 85--100

International Journal of Information Security
Volume 7, Number 2, April, 2008

                Dieter Gollmann   Editorial  . . . . . . . . . . . . . . . 101--101
               J. G. Alfaro and   
        N. Boulahia-Cuppens and   
                     F. Cuppens   Complete analysis of configuration rules
                                  to guarantee reliable network security
                                  policies . . . . . . . . . . . . . . . . 103--122
             Jason Crampton and   
          Hemanth Khambhammettu   Delegation in role-based access control  123--136
              Philip W. L. Fong   Discretionary capability confinement . . 137--154
             Michael Backes and   
        Markus Dürmuth and   
            Dennis Hofheinz and   
              Ralf Küsters   Conditional reactive simulatability  . . 155--169

International Journal of Information Security
Volume 7, Number 3, June, 2008

                Xinyi Huang and   
               Willy Susilo and   
                      Yi Mu and   
                         Wei Wu   Secure universal designated verifier
                                  signature without random oracles . . . . 171--183
                Pei-Te Chen and   
                  Chi-Sung Laih   IDSIC: an intrusion detection system
                                  with identification capability . . . . . 185--197
             Joachim Biskup and   
                 Torben Weibert   Keeping secrets in incomplete databases  199--217
          Alessandro Aldini and   
           Alessandra Di Pierro   Estimating the maximum information
                                  leakage  . . . . . . . . . . . . . . . . 219--242

International Journal of Information Security
Volume 7, Number 4, August, 2008

              XiaoFeng Wang and   
              Michael K. Reiter   A multi-layer framework for puzzle-based
                                  denial-of-service defense  . . . . . . . 243--263
         Christophe Tartary and   
              Huaxiong Wang and   
                 Josef Pieprzyk   A coding approach to the multicast
                                  stream authentication problem  . . . . . 265--283
Frédéric Cuppens and   
          Nora Cuppens-Boulahia   Modeling contextual security policies    285--305

International Journal of Information Security
Volume 7, Number 5, October, 2008

             Esma A\"\imeur and   
            Gilles Brassard and   
   José M. Fernandez and   
       Flavien Serge Mani Onana   \sc Alambic: a privacy-preserving
                                  recommender system for electronic
                                  commerce . . . . . . . . . . . . . . . . 307--334
         Cherita L. Corbett and   
            Raheem A. Beyah and   
               John A. Copeland   Passive classification of wireless NICs
                                  during active scanning . . . . . . . . . 335--348
              Alexander W. Dent   A survey of certificateless encryption
                                  schemes and security models  . . . . . . 349--377

International Journal of Information Security
Volume 7, Number 6, November, 2008

              Chang-An Zhao and   
              Fangguo Zhang and   
                     Jiwu Huang   A note on the Ate pairing  . . . . . . . 379--382
              Kenji Imamoto and   
              Jianying Zhou and   
                Kouichi Sakurai   Achieving evenhandedness in certified
                                  email system for contract signing  . . . 383--394
       Theodoros Balopoulos and   
         Stefanos Gritzalis and   
           Sokratis K. Katsikas   Specifying and implementing
                                  privacy-preserving cryptographic
                                  protocols  . . . . . . . . . . . . . . . 395--420
           Jeremy W. Bryans and   
              Maciej Koutny and   
      Laurent Mazaré and   
               Peter Y. A. Ryan   Opacity generalised to transition
                                  systems  . . . . . . . . . . . . . . . . 421--435


International Journal of Information Security
Volume 8, Number 1, February, 2009

                     Jiqiang Lu   Related-key rectangle attack on 36
                                  rounds of the XTEA block cipher  . . . . 1--11
           Masayuki Yoshino and   
            Katsuyuki Okeya and   
              Camille Vuillaume   Bipartite modular multiplication with
                                  twice the bit-length of multipliers  . . 13--23
                 Daxin Tian and   
                Yanheng Liu and   
                     Yang Xiang   Large-scale network intrusion detection
                                  based on distributed learning algorithm  25--35
           Jiin-Chiou Cheng and   
                  Chi-Sung Laih   Conference key agreement protocol with
                                  non-interactive fault-tolerance over
                                  broadcast network  . . . . . . . . . . . 37--48
            Atefeh Mashatan and   
             Douglas R. Stinson   Interactive two-channel message
                                  authentication based on
                                  Interactive--Collision Resistant hash
                                  functions  . . . . . . . . . . . . . . . 49--60
               M. Narasimha and   
                   J. Solis and   
                      G. Tsudik   Privacy-preserving revocation checking   61--75

International Journal of Information Security
Volume 8, Number 2, April, 2009

              Kalid Elmufti and   
          Dasun Weerasinghe and   
               M. Rajarajan and   
          Veselin Rakocevic and   
               Sanowar Khan and   
              John A. MacDonald   Mobile Web services authentication using
                                  SAML and 3GPP generic bootstrapping
                                  architecture . . . . . . . . . . . . . . 77--87
                Jiangtao Li and   
                 Ninghui Li and   
              XiaoFeng Wang and   
                        Ting Yu   Denial of service attacks and defenses
                                  in decentralized trust management  . . . 89--101
                 Karl Quinn and   
                David Lewis and   
          Declan O'Sullivan and   
                Vincent P. Wade   An analysis of accuracy experiments
                                  carried out over of a multi-faceted
                                  model of trust . . . . . . . . . . . . . 103--119
        Eugene Y. Vasserman and   
            Nicholas Hopper and   
                     James Tyra   \sc SilentKnock: practical, provably
                                  undetectable authentication  . . . . . . 121--135
          David W. Chadwick and   
               Sassa Otenko and   
                Tuan Anh Nguyen   Adding support to XACML for multi-domain
                                  user to user dynamic delegation of
                                  authority  . . . . . . . . . . . . . . . 137--152

International Journal of Information Security
Volume 8, Number 3, June, 2009

                 Yu-Sung Wu and   
                Vinita Apte and   
             Saurabh Bagchi and   
                Sachin Garg and   
                   Navjot Singh   Intrusion detection in voice over IP
                                  environments . . . . . . . . . . . . . . 153--172
              Gabriel Kuper and   
             Fabio Massacci and   
              Nataliya Rassadko   Generalized XML security views . . . . . 173--203
                  Lein Harn and   
                   Jian Ren and   
                    Changlu Lin   Efficient identity-based GQ
                                  multisignatures  . . . . . . . . . . . . 205--210
              Debra L. Cook and   
                  Moti Yung and   
           Angelos D. Keromytis   Elastic block ciphers: method, security
                                  and instantiations . . . . . . . . . . . 211--231

International Journal of Information Security
Volume 8, Number 4, August, 2009

         Meharouech Sourour and   
              Bouhoula Adel and   
                    Abbes Tarek   Ensuring security in depth based on
                                  heterogeneous network security
                                  technologies . . . . . . . . . . . . . . 233--246
             Abdelrahman Desoky   Listega: list-based steganography
                                  methodology  . . . . . . . . . . . . . . 247--261
                 Sangho Lee and   
                   Jong Kim and   
                   Sung Je Hong   Redistributing time-based rights between
                                  consumer devices for content sharing in
                                  DRM system . . . . . . . . . . . . . . . 263--273
               Richard Shay and   
                  Elisa Bertino   A comprehensive simulation tool for the
                                  analysis of password policies  . . . . . 275--289
         Hristo Koshutanski and   
        Aliaksandr Lazouski and   
           Fabio Martinelli and   
                     Paolo Mori   Enhancing grid security by fine-grained
                                  behavioral control and negotiation-based
                                  authorization  . . . . . . . . . . . . . 291--314

International Journal of Information Security
Volume 8, Number 5, October, 2009

             Ernie Brickell and   
                 Liqun Chen and   
                    Jiangtao Li   Simplified security notions of direct
                                  anonymous attestation and a concrete
                                  scheme from pairings . . . . . . . . . . 315--330
           Fernando Esponda and   
          Stephanie Forrest and   
                    Paul Helman   Negative representations of information  331--345
            Shingo Hasegawa and   
                Shuji Isobe and   
             Hiroki Shizuya and   
              Katsuhiro Tashiro   On the pseudo-freeness and the CDH
                                  assumption . . . . . . . . . . . . . . . 347--355
                 Erel Geron and   
                   Avishai Wool   CRUST: cryptographic remote untrusted
                                  storage without public keys  . . . . . . 357--377
                Huawang Qin and   
                 Yuewei Dai and   
                   Zhiquan Wang   A secret sharing scheme based on $ (t,
                                  n) $ threshold and adversary structure   379--385

International Journal of Information Security
Volume 8, Number 6, December, 2009

             Sonia Chiasson and   
               Alain Forget and   
              Robert Biddle and   
             P. C. van Oorschot   User interface design affects security:
                                  patterns in click-based graphical
                                  passwords  . . . . . . . . . . . . . . . 387--398
           Christian Hammer and   
                Gregor Snelting   Flow-sensitive, context-sensitive, and
                                  object-sensitive information flow
                                  control based on program dependence
                                  graphs . . . . . . . . . . . . . . . . . 399--422
               Xiangdong An and   
                 Dawn Jutla and   
               Nick Cercone and   
Charnyote Pluempitiwiriyawej and   
                       Hai Wang   Uncertain inference control in privacy
                                  protection . . . . . . . . . . . . . . . 423--431
              Hedieh Sajedi and   
                 Mansour Jamzad   Secure steganography based on embedding
                                  capacity . . . . . . . . . . . . . . . . 433--445
                   Rainer Plaga   Biometric keys: suitable use cases and
                                  achievable information content . . . . . 447--454
               Mario Kozina and   
                Marin Golub and   
                   Stjepan Gros   A method for identifying Web
                                  applications . . . . . . . . . . . . . . 455--467


International Journal of Information Security
Volume 9, Number 1, February, 2010

              Ruijuan Zheng and   
            Mingchuan Zhang and   
                 Qingtao Wu and   
                 Shibao Sun and   
                      Jiexin Pu   Analysis and application of Bio-Inspired
                                  Multi-Net Security Model . . . . . . . . 1--17
               Shui-Hua Han and   
                 Chao-Hsien Chu   Content-based image authentication:
                                  current status, issues, and challenges   19--32
        David M. Goldschlag and   
      Stuart G. Stubblebine and   
               Paul F. Syverson   Temporarily hidden bit commitment and
                                  lottery applications . . . . . . . . . . 33--50
        Anindya Chakraborty and   
           Arun K. Majumdar and   
                   Shamik Sural   A column dependency-based approach for
                                  static and dynamic recovery of databases
                                  from malicious transactions  . . . . . . 51--67
               Duncan Bayly and   
             Maurice Castro and   
             Arathi Arakala and   
              Jason Jeffers and   
                  Kathy Horadam   Fractional biometrics: safeguarding
                                  privacy in biometric applications  . . . 69--82

International Journal of Information Security
Volume 9, Number 2, April, 2010

                Giampaolo Bella   The principle of guarantee availability
                                  for security protocol analysis . . . . . 83--97
João Porto de Albuquerque and   
                Heiko Krumm and   
     Paulo Lício de Geus   Formal validation of automated policy
                                  refinement in the management of network
                                  security systems . . . . . . . . . . . . 99--125
            Lars R. Knudsen and   
           Charlotte V. Miolane   Counting equations in algebraic attacks
                                  on block ciphers . . . . . . . . . . . . 127--135
         Praveen Gauravaram and   
                John Kelsey and   
            Lars R. Knudsen and   
        Sòren S. Thomsen   On hash functions using checksums  . . . 137--151

International Journal of Information Security
Volume 9, Number 3, June, 2010

                  Ching Lin and   
             Vijay Varadharajan   MobileTrust: a trust enhanced security
                                  architecture for mobile agent systems    153--178
                Amlan Kundu and   
               Shamik Sural and   
                 A. K. Majumdar   Database intrusion detection using
                                  sequence alignment . . . . . . . . . . . 179--191
               Ileana Buhan and   
              Jeroen Doumen and   
              Pieter Hartel and   
                  Qian Tang and   
               Raymond Veldhuis   Embedding renewable cryptographic keys
                                  into noisy data  . . . . . . . . . . . . 193--208
   Meriam Ben-Ghorbel-Talbi and   
Frédéric Cuppens and   
      Nora Cuppens-Boulahia and   
                  Adel Bouhoula   A delegation model for extended RBAC . . 209--236

International Journal of Information Security
Volume 9, Number 4, August, 2010

                 Xuhua Ding and   
              Yanjiang Yang and   
             Robert H. Deng and   
                   Shuhong Wang   A new hardware-assisted PIR with $ O(n)
                                  $ shuffle cost . . . . . . . . . . . . . 237--252
                    Dan Lin and   
               Prathima Rao and   
              Elisa Bertino and   
                 Ninghui Li and   
                     Jorge Lobo   EXAM: a comprehensive environment for
                                  the analysis of access control policies  253--273
              Alwyn R. Pais and   
                  Shankar Joshi   A new probabilistic rekeying method for
                                  secure multicast groups  . . . . . . . . 275--286
              Joseph K. Liu and   
              Joonsang Baek and   
              Jianying Zhou and   
              Yanjiang Yang and   
                   Jun Wen Wong   Efficient online/offline identity-based
                                  signature for wireless sensor network    287--296
               Tsz Hon Yuen and   
               Willy Susilo and   
                          Yi Mu   How to construct identity-based
                                  signatures without the key escrow
                                  problem  . . . . . . . . . . . . . . . . 297--311

International Journal of Information Security
Volume 9, Number 5, October, 2010

       Beno\^\it Dupasquier and   
            Stefan Burschka and   
          Kieran McLaughlin and   
                    Sakir Sezer   Analysis of information leakage from
                                  encrypted Skype conversations  . . . . . 313--325
             Boris Skori\'c and   
                 Marc X. Makkes   Flowchart description of security
                                  primitives for controlled physical
                                  unclonable functions . . . . . . . . . . 327--335
              Hedieh Sajedi and   
                 Mansour Jamzad   Using contourlet transform and cover
                                  selection for secure steganography . . . 337--352
               Haiyong Chen and   
                  Hailiang Chen   A hybrid scheme for securing fingerprint
                                  templates  . . . . . . . . . . . . . . . 353--361
                   Yoo-Jin Baek   Regular $ 2^w$-ary right-to-left
                                  exponentiation algorithm with very
                                  efficient DPA and FA countermeasures . . 363--370

International Journal of Information Security
Volume 9, Number 6, December, 2010

         Ivan Damgård and   
                 Mads Jurik and   
            Jesper Buus Nielsen   A generalization of Paillier's
                                  public-key system with applications to
                                  electronic voting  . . . . . . . . . . . 371--385
           Philip MacKenzie and   
               Sarvar Patel and   
                Ram Swaminathan   Password-authenticated key exchange
                                  based on RSA . . . . . . . . . . . . . . 387--410
                  Moni Naor and   
                   Benny Pinkas   Efficient trace and revoke schemes . . . 411--424


International Journal of Information Security
Volume 10, Number 1, February, 2011

            Alex Baumgarten and   
            Michael Steffen and   
           Matthew Clausman and   
                Joseph Zambreno   A case study in hardware Trojan design
                                  and implementation . . . . . . . . . . . 1--14
               Hoon Wei Lim and   
            Kenneth G. Paterson   Identity-based cryptography for grid
                                  security . . . . . . . . . . . . . . . . 15--32
                   Kun Peng and   
                  Ed Dawson and   
                       Feng Bao   Modification and optimisation of a
                                  shuffling scheme: stronger security,
                                  formal analysis and higher efficiency    33--47
                       Kun Peng   A general and efficient countermeasure
                                  to relation attacks in mix-based
                                  e-voting . . . . . . . . . . . . . . . . 49--60

International Journal of Information Security
Volume 10, Number 2, June, 2011

                      Anonymous   Preface  . . . . . . . . . . . . . . . . 61--61
               George Coker and   
             Joshua Guttman and   
             Peter Loscocco and   
                 Amy Herzog and   
            Jonathan Millen and   
             Brian O'Hanlon and   
              John Ramsdell and   
               Ariel Segall and   
              Justin Sheehy and   
                  Brian Sniffen   Principles of remote attestation . . . . 63--81
       Alessandra Di Pierro and   
               Chris Hankin and   
               Herbert Wiklicky   Probabilistic timing covert channels: to
                                  close or not to close? . . . . . . . . . 83--106
             Michael Backes and   
           Iliano Cervesato and   
           Aaron D. Jaggard and   
              Andre Scedrov and   
                   Joe-Kai Tsay   Cryptographically sound security proofs
                                  for basic and public-key Kerberos  . . . 107--134
                      Anonymous   Special issue on ``SCADA and control
                                  system security''  . . . . . . . . . . . 135--136

International Journal of Information Security
Volume 10, Number 3, June, 2011

             Jason Crampton and   
               Hoon Wei Lim and   
        Kenneth G. Paterson and   
                  Geraint Price   User-friendly and certificate-free grid
                                  security infrastructure  . . . . . . . . 137--153
                Wen Tao Zhu and   
                 Yang Xiang and   
              Jianying Zhou and   
             Robert H. Deng and   
                       Feng Bao   Secure localization with attack
                                  detection in wireless sensor networks    155--171
                   Peter Roelse   Dynamic subtree tracing and its
                                  application in pay-TV systems  . . . . . 173--187
                Aniket Kate and   
                   Ian Goldberg   Generalizing cryptosystems based on the
                                  subset sum problem . . . . . . . . . . . 189--199

International Journal of Information Security
Volume 10, Number 4, August, 2011

             Berkant Ustao\uglu   Integrating identity-based and
                                  certificate-based authenticated key
                                  exchange protocols . . . . . . . . . . . 201--212
              Nitesh Saxena and   
                 Jonathan Voris   Data remanence effects on memory-based
                                  entropy collection for RFID systems  . . 213--222
             Yacine Bouzida and   
             Luigi Logrippo and   
                Serge Mankovski   Concrete- and abstract-based access
                                  control  . . . . . . . . . . . . . . . . 223--238
           Nataliia Bielova and   
                 Fabio Massacci   Do you really mean what you actually
                                  enforced?  . . . . . . . . . . . . . . . 239--254
                Neil Hanley and   
           Michael Tunstall and   
             William P. Marnane   Using templates to distinguish
                                  multiplications from squaring operations 255--266

International Journal of Information Security
Volume 10, Number 5, October, 2011

             Sushil Jajodia and   
                  Jianying Zhou   Message from the Guest Editors . . . . . 267--268
               Deguang Kong and   
              Yoon-Chan Jhi and   
                   Tao Gong and   
                 Sencun Zhu and   
                   Peng Liu and   
                   Hongsheng Xi   SAS: semantics aware signature
                                  generation for polymorphic worm
                                  detection  . . . . . . . . . . . . . . . 269--283
             Ee-Chien Chang and   
                  Liming Lu and   
               Yongzheng Wu and   
           Roland H. C. Yap and   
                         Jie Yu   Enhancing host security using external
                                  environment sensors  . . . . . . . . . . 285--299
            Luciana Marconi and   
                Mauro Conti and   
              Roberto Di Pietro   CASSANDRA: a probabilistic, efficient,
                                  and privacy-preserving solution to
                                  compute set intersection . . . . . . . . 301--319

International Journal of Information Security
Volume 10, Number 6, November, 2011

       John Charles Gyorffy and   
        Andrew F. Tappenden and   
                   James Miller   Token-based graphical password
                                  authentication . . . . . . . . . . . . . 321--336
    William Bradley Glisson and   
                 Tim Storer and   
               Gavin Mayall and   
                  Iain Moug and   
                 George Grispos   Electronic retention: what does your
                                  mobile phone reveal about you? . . . . . 337--349
Sergio Sánchez García and   
     Ana Gómez Oliva and   
Emilia Pérez Belleboni and   
     Iván Pau de la Cruz   Solving identity delegation problem in
                                  the e-government environment . . . . . . 351--372
                Qiong Huang and   
                Guomin Yang and   
             Duncan S. Wong and   
                   Willy Susilo   Efficient strong designated verifier
                                  signature schemes without random oracle
                                  or with non-delegatability . . . . . . . 373--385
             Josep M. Miret and   
           Francesc Sebé   Cryptanalysis of an ad-hoc cryptosystem
                                  for mix-based e-voting robust against
                                  relation attacks . . . . . . . . . . . . 387--389
                   Peter Roelse   Erratum to: Dynamic subtree tracing and
                                  its application in pay-TV systems  . . . 391--391


International Journal of Information Security
Volume 11, Number 1, February, 2012

                   D. Fiore and   
                 R. Gennaro and   
                    N. P. Smart   Relations between the security models
                                  for certificateless encryption and
                                  ID-based key agreement . . . . . . . . . 1--22
                       Kun Peng   Threshold distributed access control
                                  with public verification: a practical
                                  application of PVSS  . . . . . . . . . . 23--31
           Mikaël Ates and   
       Francesco Buccafurri and   
            Jacques Fayolle and   
                   Gianluca Lax   A warning on how to implement anonymous
                                  credential protocols into the
                                  information card framework . . . . . . . 33--40
              Yuanzhuo Wang and   
                     Min Yu and   
                Jingyuan Li and   
                   Kun Meng and   
                 Chuang Lin and   
                    Xueqi Cheng   Stochastic game net and applications in
                                  security analysis for enterprise network 41--52
                Qiong Huang and   
                Guomin Yang and   
             Duncan S. Wong and   
                   Willy Susilo   A new efficient optimistic fair exchange
                                  protocol without random oracles  . . . . 53--63

International Journal of Information Security
Volume 11, Number 2, April, 2012

         J. Guerra-Casanova and   
C. Sánchez-Ávila and   
                G. Bailador and   
            A. de Santos Sierra   Authentication in mobile devices through
                                  hand gesture recognition . . . . . . . . 65--83
                     Koji Nuida   Short collusion-secure fingerprint codes
                                  against three pirates  . . . . . . . . . 85--102
             Elena Andreeva and   
            Andrey Bogdanov and   
               Bart Mennink and   
               Bart Preneel and   
           Christian Rechberger   On security arguments of the second
                                  round SHA-3 candidates . . . . . . . . . 103--120
         Dimitris Gritzalis and   
        Panagiotis Katsaros and   
      Stylianos Basagiannis and   
               Yannis Soupionis   Formal analysis for robust anti-SPIT
                                  protection using model checking  . . . . 121--135

International Journal of Information Security
Volume 11, Number 3, June, 2012

             Robert Niebuhr and   
           Mohammed Meziani and   
          Stanislav Bulygin and   
              Johannes Buchmann   Selecting parameters for secure
                                  McEliece-based cryptosystems . . . . . . 137--147
             Elena Andreeva and   
               Bart Mennink and   
                   Bart Preneel   The parazoa family: generalizing the
                                  sponge hash functions  . . . . . . . . . 149--165
                Rinku Dewri and   
               Indrajit Ray and   
         Nayot Poolsappasit and   
                Darrell Whitley   Optimal security hardening on attack
                                  tree models of networks: a cost-benefit
                                  analysis . . . . . . . . . . . . . . . . 167--188
                Ashok Kumar Das   A random key establishment scheme for
                                  multi-phase deployment in large-scale
                                  distributed sensor networks  . . . . . . 189--211

International Journal of Information Security
Volume 11, Number 4, August, 2012

                Irfan Ahmed and   
             Martin Naedele and   
             Bradley Schatz and   
             Ryoichi Sasaki and   
                    Andrew West   Message from the guest editors . . . . . 213--213
             Bradley Reaves and   
                  Thomas Morris   An open virtual testbed for industrial
                                  control system security research . . . . 215--229
      Dina Hadziosmanovi\'c and   
            Damiano Bolzoni and   
               Pieter H. Hartel   A log mining approach for process
                                  monitoring in SCADA  . . . . . . . . . . 231--251
           Marc Solé and   
Victor Muntés-Mulero and   
                      Jordi Nin   Efficient microaggregation techniques
                                  for large numerical data volumes . . . . 253--267
              Qussai Yaseen and   
                Brajendra Panda   Insider threat mitigation: preventing
                                  unauthorized knowledge acquisition . . . 269--280
                  Michael Huber   Perfect secrecy systems immune to
                                  spoofing attacks . . . . . . . . . . . . 281--289

International Journal of Information Security
Volume 11, Number 5, October, 2012

              Jianying Zhou and   
                 Xuejia Lai and   
                         Hui Li   Message from the Guest Editors . . . . . 291--292
                    Zhi Xin and   
                 Huiyu Chen and   
                Xinche Wang and   
                   Peng Liu and   
                 Sencun Zhu and   
                   Bing Mao and   
                         Li Xie   Replacement attacks: automatically
                                  evading behavior-based software
                                  birthmark  . . . . . . . . . . . . . . . 293--304
                 Liqun Chen and   
                        Yu Chen   The $n$-Diffie--Hellman problem and
                                  multiple-key encryption  . . . . . . . . 305--320
          Georgios Kontaxis and   
     Michalis Polychronakis and   
          Evangelos P. Markatos   Minimizing information disclosure to
                                  third parties in social login platforms  321--332
              Jovan Dj. Goli\'c   A new authentication model for ad hoc
                                  networks . . . . . . . . . . . . . . . . 333--347
           Philippe Camacho and   
            Alejandro Hevia and   
                Marcos Kiwi and   
                  Roberto Opazo   Strong accumulators from
                                  collision-resistant hashing  . . . . . . 349--363

International Journal of Information Security
Volume 11, Number 6, November, 2012

Alejandro Pérez-Méndez and   
Fernando Pereñíguez-García and   
Rafael Marín-López and   
Gabriel López-Millán   A cross-layer SSO solution for
                                  federating access to kerberized services
                                  in the eduroam/DAMe network  . . . . . . 365--388
               Jinguang Han and   
               Willy Susilo and   
                      Yi Mu and   
                        Jun Yan   New constructions of OSBE schemes and
                                  their applications in oblivious access
                                  control  . . . . . . . . . . . . . . . . 389--401
               Dan Bogdanov and   
             Margus Niitsoo and   
                 Tomas Toft and   
                  Jan Willemson   High-performance secure multi-party
                                  computation for data mining applications 403--418
             Nasour Bagheri and   
         Praveen Gauravaram and   
            Lars R. Knudsen and   
                    Erik Zenner   The suffix-free-prefix-free hash
                                  function construction and its
                                  indifferentiability security analysis    419--434


International Journal of Information Security
Volume 12, Number 1, February, 2013

               Paolo D'Arco and   
           Angel Perez del Pozo   Toward tracing and revoking schemes
                                  secure against collusion and any form of
                                  secret information leakage . . . . . . . 1--17
               Masayuki Abe and   
         Sherman S. M. Chow and   
      Kristiyan Haralambiev and   
                  Miyako Ohkubo   Double-trapdoor anonymous tags for
                                  traceable signatures . . . . . . . . . . 19--31
             Dario Catalano and   
          Mario Di Raimondo and   
                Dario Fiore and   
            Rosario Gennaro and   
                 Orazio Puglisi   Fully non-interactive onion routing with
                                  forward secrecy  . . . . . . . . . . . . 33--47
     Emiliano De Cristofaro and   
               Mark Manulis and   
             Bertram Poettering   Private discovery of common social
                                  contacts . . . . . . . . . . . . . . . . 49--65

International Journal of Information Security
Volume 12, Number 2, April, 2013

Félix Gómez Mármol and   
            Christoph Sorge and   
             Ronald Petrlic and   
                 Osman Ugus and   
              Dirk Westhoff and   
Gregorio Martínez Pérez   Privacy-enhanced architecture for smart
                                  metering . . . . . . . . . . . . . . . . 67--82
       Hassan Jameel Asghar and   
                  Shujun Li and   
             Josef Pieprzyk and   
                  Huaxiong Wang   Cryptanalysis of the convex hull click
                                  human identification protocol  . . . . . 83--96
            Mansour Alsaleh and   
             P. C. van Oorschot   Evaluation in the absence of absolute
                                  ground truth: toward reliable evaluation
                                  methodology for scan detectors . . . . . 97--110
                 Imad M. Abbadi   A framework for establishing trust in
                                  Cloud provenance . . . . . . . . . . . . 111--128
     David Rebollo-Monedero and   
         Javier Parra-Arnau and   
               Claudia Diaz and   
             Jordi Forné   On the measurement of privacy as an
                                  attacker's estimation error  . . . . . . 129--149
    Panagiotis Rizomiliotis and   
             Stefanos Gritzalis   On the security of AUTH, a provably
                                  secure authentication protocol based on
                                  the subspace LPN problem . . . . . . . . 151--154

International Journal of Information Security
Volume 12, Number 3, June, 2013

                 Wenjuan Xu and   
             Mohamed Shehab and   
                  Gail-Joon Ahn   Visualization-based policy analysis for
                                  SELinux: framework and user study  . . . 155--171
Ginés Dólera Tormo and   
Gabriel López Millán and   
Gregorio Martínez Pérez   Definition of an advanced identity
                                  management infrastructure  . . . . . . . 173--200
               Nikos Vrakas and   
          Costas Lambrinoudakis   An intrusion detection and prevention
                                  system for IMS and VoIP services . . . . 201--217
                D. Bernhard and   
              G. Fuchsbauer and   
                 E. Ghadafi and   
                N. P. Smart and   
                   B. Warinschi   Anonymous attestation with
                                  user-controlled linkability  . . . . . . 219--249

International Journal of Information Security
Volume 12, Number 4, August, 2013

            Duong-Hieu Phan and   
          David Pointcheval and   
     Siamak F. Shahandashti and   
                 Mario Strefler   Adaptive CCA broadcast encryption with
                                  constant-size secret keys and
                                  ciphertexts  . . . . . . . . . . . . . . 251--265
                 C. Brzuska and   
                M. Fischlin and   
                N. P. Smart and   
               B. Warinschi and   
                 S. C. Williams   Less is more: relaxed yet composable
                                  security notions for key exchange  . . . 267--297
              G. Draper-Gil and   
                    J. Zhou and   
        J. L. Ferrer-Gomila and   
                M. F. Hinarejos   An optimistic fair exchange protocol
                                  with active intermediaries . . . . . . . 299--318
        Dani\`ele Beauquier and   
          Joëlle Cohen and   
                Ruggero Lanotte   Security policies enforcement using
                                  finite and pushdown edit automata  . . . 319--336
                       Kun Peng   A shuffle to achieve high efficiency
                                  through pre-computation and batch
                                  verification . . . . . . . . . . . . . . 337--345

International Journal of Information Security
Volume 12, Number 5, October, 2013

             Daniel Boteanu and   
       José M. Fernandez   A comprehensive study of queue
                                  management as a DoS counter-measure  . . 347--382
                    Pu Wang and   
   Marta C. González and   
            Ronaldo Menezes and   
Albert-László Barabási   Understanding the spread of malicious
                                  mobile-phone programs and their damage
                                  potential  . . . . . . . . . . . . . . . 383--392
       Z. Cliffe Schreuders and   
            Christian Payne and   
                   Tanya McGill   The functionality-based application
                                  confinement model  . . . . . . . . . . . 393--422
          Hessam Zakerzadeh and   
               Sylvia L. Osborn   Delay-sensitive approaches for
                                  anonymizing numerical streaming data . . 423--437

International Journal of Information Security
Volume 12, Number 6, November, 2013

           Emmanuel Bresson and   
             Dario Catalano and   
          Mario Di Raimondo and   
                Dario Fiore and   
                Rosario Gennaro   Off-line/on-line signatures revisited: a
                                  general unifying paradigm, efficient
                                  threshold variants and experimental
                                  results  . . . . . . . . . . . . . . . . 439--465
               Ashish Kundu and   
                  Elisa Bertino   Privacy-preserving authentication of
                                  trees and graphs . . . . . . . . . . . . 467--494
              Yu-Shian Chen and   
                 Chin-Laung Lei   Aggregate message authentication codes
                                  (AMACs) with on-the-fly verification . . 495--504
F. Pereñíguez-García and   
R. Marín-López and   
             G. Kambourakis and   
    A. Ruiz-Martínez and   
               S. Gritzalis and   
    A. F. Skarmeta-Gómez   KAMU: providing advanced user privacy in
                                  Kerberos multi-domain scenarios  . . . . 505--525


International Journal of Information Security
Volume 13, Number 1, February, 2014

                    Qi Liao and   
                        Zhen Li   Portfolio optimization of computer and
                                  mobile botnets . . . . . . . . . . . . . 1--14
             Takaaki Mizuki and   
                 Hiroki Shizuya   A formalization of card-based
                                  cryptographic protocols via abstract
                                  machine  . . . . . . . . . . . . . . . . 15--23
               Mark Manulis and   
         Bertram Poettering and   
                Douglas Stebila   Plaintext awareness in identity-based
                                  key encapsulation  . . . . . . . . . . . 25--49
                Keita Emura and   
           Goichiro Hanaoka and   
               Yusuke Sakai and   
            Jacob C. N. Schuldt   Group signature implies public-key
                                  encryption with non-interactive opening  51--62
Gustavo Gonzalez Granadillo and   
           Malek Belhaouane and   
         Hervé Debar and   
          Grégoire Jacob   RORI-based countermeasure selection
                                  using the OrBAC formalism  . . . . . . . 63--79
             Navajit Saikia and   
                 Prabin K. Bora   Perceptual hash function for scalable
                                  video  . . . . . . . . . . . . . . . . . 81--93

International Journal of Information Security
Volume 13, Number 2, April, 2014

                      Anonymous   Security in cloud computing  . . . . . . 95--96
         Antonios Gouglidis and   
           Ioannis Mavridis and   
                  Vincent C. Hu   Security policy verification for
                                  multi-domains in cloud systems . . . . . 97--111
      Diogo A. B. Fernandes and   
       Liliana F. B. Soares and   
       João V. Gomes and   
     Mário M. Freire and   
      Pedro R. M. Inácio   Security issues in cloud environments: a
                                  survey . . . . . . . . . . . . . . . . . 113--170
                 Adam Bates and   
              Benjamin Mood and   
               Joe Pletcher and   
               Hannah Pruse and   
             Masoud Valafar and   
                   Kevin Butler   On detecting co-resident cloud instances
                                  using network flow watermarking
                                  techniques . . . . . . . . . . . . . . . 171--189
             Aiiad Albeshri and   
                 Colin Boyd and   
     Juan González Nieto   Enhanced GeoProof: improved geographic
                                  assurance for data in the cloud  . . . . 191--198
         David Nuñez and   
                    Isaac Agudo   BlindIdM: a privacy-preserving approach
                                  for identity management as a service . . 199--215

International Journal of Information Security
Volume 13, Number 3, June, 2014

    Nikos Mavrogiannopoulos and   
         Andreas Pashalidis and   
                   Bart Preneel   Toward a secure Kerberos key exchange
                                  with smart cards . . . . . . . . . . . . 217--228
                  Fudong Li and   
              Nathan Clarke and   
             Maria Papadaki and   
                   Paul Dowland   Active authentication for mobile devices
                                  utilising behaviour profiling  . . . . . 229--244
               Tzong-Sun Wu and   
               Ming-Lun Lee and   
                 Han-Yu Lin and   
                 Chao-Yuan Wang   Shoulder-surfing-proof graphical
                                  password authentication scheme . . . . . 245--254
                 Chengpo Mu and   
                    Meng Yu and   
                 Yingjiu Li and   
                     Wanyu Zang   Risk balance defense approach against
                                  intrusions for network server  . . . . . 255--269
                   Bin Lian and   
             Gongliang Chen and   
                     Jianhua Li   Provably secure E-cash system with
                                  practical and efficient complete tracing 271--289
           Robert P. McEvoy and   
           Michael Tunstall and   
              Claire Whelan and   
            Colin C. Murphy and   
             William P. Marnane   All-or-Nothing Transforms as a
                                  countermeasure to differential
                                  side-channel analysis  . . . . . . . . . 291--304

International Journal of Information Security
Volume 13, Number 4, August, 2014

               Kee Sung Kim and   
                   Ik Rae Jeong   Efficient verifiably encrypted
                                  signatures from lattices . . . . . . . . 305--314
                Reza Sepahi and   
              Ron Steinfeld and   
                 Josef Pieprzyk   Lattice-based certificateless public-key
                                  encryption in the standard model . . . . 315--333
              Guido Bertoni and   
                Joan Daemen and   
       Michaël Peeters and   
              Gilles Van Assche   Sufficient conditions for sound tree and
                                  sequential hashing modes . . . . . . . . 335--353
             Amerah Alabrah and   
            Jeffrey Cashion and   
              Mostafa Bassiouni   Enhancing security of cookie-based
                                  sessions in mobile networks using sparse
                                  caching  . . . . . . . . . . . . . . . . 355--366
      Alireza Shameli-Sendi and   
                Michel Dagenais   ARITO: Cyber-attack response system
                                  using accurate risk impact tolerance . . 367--390
           Mousa Mousazadeh and   
            Behrouz Tork Ladani   Randomized gossip algorithms under
                                  attack . . . . . . . . . . . . . . . . . 391--402

International Journal of Information Security
Volume 13, Number 5, October, 2014

           Flavio D. Garcia and   
     Gerhard de Koning Gans and   
                   Roel Verdult   Wirelessly lockpicking a smart card
                                  reader . . . . . . . . . . . . . . . . . 403--420
             Luigi Catuogno and   
                 Clemente Galdi   Analysis of a two-factor graphical
                                  password scheme  . . . . . . . . . . . . 421--437
                 Meng Zhang and   
          Anand Raghunathan and   
                   Niraj K. Jha   A defense framework against malware and
                                  vulnerability exploits . . . . . . . . . 439--452
              Rehana Yasmin and   
                Eike Ritter and   
                    Guilin Wang   Provable security of a pairing-free
                                  one-pass authenticated key establishment
                                  protocol for wireless sensor networks    453--465
               Weizheng Gao and   
              Kashi Neupane and   
              Rainer Steinwandt   Tuning a two-round group key agreement   467--476
               Sooyeon Shin and   
                 Taekyoung Kwon   AAnA: Anonymous authentication and
                                  authorization based on short traceable
                                  signatures . . . . . . . . . . . . . . . 477--495

International Journal of Information Security
Volume 13, Number 6, November, 2014

             Javier Herranz and   
                      Jordi Nin   Secure and efficient anonymization of
                                  distributed confidential databases . . . 497--512
              Ming-Feng Lee and   
             Nigel P. Smart and   
           Bogdan Warinschi and   
                Gaven J. Watson   Anonymity guarantees of the UMTS/LTE
                                  authentication and connection protocol   513--527
           Meilof Veeningen and   
             Benne de Weger and   
                 Nicola Zannone   Data minimisation in communication
                                  protocols: a formal analysis framework
                                  and application to identity management   529--569
        Vladimir Jovanovikj and   
          Dusan Gabrijelcic and   
                 Tomaz Klobucar   A conceptual model of security context   571--581
                      Sevil Sen   Using instance-weighted naive Bayes for
                                  adapting concept drift in masquerade
                                  detection  . . . . . . . . . . . . . . . 583--590


International Journal of Information Security
Volume 14, Number 1, February, 2015

             Kyoung Soo Han and   
               Jae Hyun Lim and   
              Boojoong Kang and   
                     Eul Gyu Im   Malware analysis using visualized images
                                  and entropy graphs . . . . . . . . . . . 1--14
              Antonio Nappa and   
          M. Zubair Rafique and   
                 Juan Caballero   The MALICIA dataset: identification and
                                  analysis of drive-by download operations 15--33
               Helber Silva and   
               Aldri Santos and   
               Michele Nogueira   Routing management for performance and
                                  security tradeoff in wireless mesh
                                  networks . . . . . . . . . . . . . . . . 35--46
             Egor Dolzhenko and   
                Jay Ligatti and   
                   Srikar Reddy   Modeling runtime enforcement with
                                  mandatory results automata . . . . . . . 47--60
         Michael Valenzuela and   
        Ferenc Szidarovszky and   
                Jerzy Rozenblit   A multiresolution approach for optimal
                                  defense against random attacks . . . . . 61--72
           Rafael Tonicelli and   
  Anderson C. A. Nascimento and   
             Rafael Dowsley and   
Jörn Müller-Quade and   
                Hideki Imai and   
           Goichiro Hanaoka and   
                   Akira Otsuka   Information-theoretically secure
                                  oblivious polynomial evaluation in the
                                  commodity-based model  . . . . . . . . . 73--84
                 Alex Arbit and   
                 Yoel Livne and   
                Yossef Oren and   
                   Avishai Wool   Implementing public-key cryptography on
                                  passive RFID tags is practical . . . . . 85--99

International Journal of Information Security
Volume 14, Number 2, April, 2015

            Giampaolo Bella and   
                  Helge Janicke   Special issue on the Security Track at
                                  the ACM Symposium on Applied Computing
                                  2013 . . . . . . . . . . . . . . . . . . 101--102
       Jean Everson Martina and   
         Eduardo dos Santos and   
  Marcelo Carlomagno Carlos and   
              Geraint Price and   
 Ricardo Felipe Custódio   An adaptive threat model for security
                                  ceremonies . . . . . . . . . . . . . . . 103--121
         Alessandro Armando and   
             Gabriele Costa and   
              Alessio Merlo and   
                 Luca Verderame   Formal modeling and automatic
                                  enforcement of Bring Your Own Device
                                  policies . . . . . . . . . . . . . . . . 123--140
     Michael Spreitzenbarth and   
             Thomas Schreck and   
            Florian Echtler and   
                 Daniel Arp and   
              Johannes Hoffmann   Mobile-Sandbox: combining static and
                                  dynamic analysis with machine-learning
                                  techniques . . . . . . . . . . . . . . . 141--153
            Michael Riecker and   
       Sebastian Biedermann and   
      Rachid El Bansarkhani and   
               Matthias Hollick   Lightweight energy consumption-based
                                  intrusion detection system for wireless
                                  sensor networks  . . . . . . . . . . . . 155--167
        André Egners and   
           Patrick Herrmann and   
                   Ulrike Meyer   Multi-operator wireless mesh networks
                                  secured by an all-encompassing security
                                  architecture . . . . . . . . . . . . . . 169--186
       Jean Everson Martina and   
       Lawrence Charles Paulson   Verifying multicast-based security
                                  protocols using the inductive method . . 187--204

International Journal of Information Security
Volume 14, Number 3, June, 2015

      Sambuddho Chakravarty and   
      Georgios Portokalidis and   
     Michalis Polychronakis and   
           Angelos D. Keromytis   Detection and analysis of eavesdropping
                                  in anonymous communication networks  . . 205--220
               Younes Seifi and   
            Suriadi Suriadi and   
                 Ernest Foo and   
                     Colin Boyd   Analysis of two authorization protocols
                                  using Colored Petri Nets . . . . . . . . 221--247
            Joshua I. James and   
                Pavel Gladyshev   Automated inference of past action
                                  instances in digital investigations  . . 249--261
            Dennis Giffhorn and   
                Gregor Snelting   A new algorithm for low-deterministic
                                  security . . . . . . . . . . . . . . . . 263--287
         Giorgos Vasiliadis and   
     Michalis Polychronakis and   
              Sotiris Ioannidis   GPU-assisted malware . . . . . . . . . . 289--297

International Journal of Information Security
Volume 14, Number 4, August, 2015

        Nikolaos Pitropakis and   
           Aggelos Pikrakis and   
          Costas Lambrinoudakis   Behaviour reflects personality:
                                  detecting co-residence attacks on
                                  Xen-based cloud environments . . . . . . 299--305
                    Yong Yu and   
                  Man Ho Au and   
                      Yi Mu and   
               Shaohua Tang and   
                   Jian Ren and   
               Willy Susilo and   
                      Liju Dong   Enhanced privacy of a remote data
                                  integrity-checking protocol for secure
                                  cloud storage  . . . . . . . . . . . . . 307--318
         Marco Casassa-Mont and   
           Ilaria Matteucci and   
        Marinella Petrocchi and   
              Marco Luca Sbodio   Towards safer information sharing in the
                                  cloud  . . . . . . . . . . . . . . . . . 319--334
   Andreu Pere Isern-Dey\`a and   
Llorenç Huguet-Rotger and   
M. Magdalena Payeras-Capell\`a and   
         Maci\`a Mut-Puigserver   On the practicability of using group
                                  signatures on mobile devices:
                                  implementation and performance analysis
                                  on the Android platform  . . . . . . . . 335--345
            Tanveer Mustafa and   
                   Karsten Sohr   Understanding the implemented access
                                  control policy of Android system
                                  services with slicing and extended
                                  static checking  . . . . . . . . . . . . 347--366
Abdeljebar Ameziane El Hassani and   
         Anas Abou El Kalam and   
              Adel Bouhoula and   
                Ryma Abassi and   
           Abdellah Ait Ouahman   Integrity-OrBAC: a new model to preserve
                                  Critical Infrastructures integrity . . . 367--385
       Mohammed I. Al-Saleh and   
        Fatima M. AbuHjeela and   
              Ziad A. Al-Sharif   Investigating the detection capabilities
                                  of antiviruses under concurrent attacks  387--396

International Journal of Information Security
Volume 14, Number 5, October, 2015

                    Lei Wei and   
              Michael K. Reiter   Toward practical encrypted email that
                                  supports private, regular-expression
                                  searches . . . . . . . . . . . . . . . . 397--416
                   Lan Zhou and   
         Vijay Varadharajan and   
               Michael Hitchens   Generic constructions for role-based
                                  encryption . . . . . . . . . . . . . . . 417--430
                     Han-Yu Lin   RPCAE: a novel revocable proxy
                                  convertible authenticated encryption
                                  scheme . . . . . . . . . . . . . . . . . 431--441
             Tzipora Halevi and   
                  Nitesh Saxena   Keyboard acoustic side channel attacks:
                                  exploring realistic and
                                  security-sensitive scenarios . . . . . . 443--456
                     Tao Li and   
                       Aiqun Hu   Trusted mobile model based on DTE
                                  technology . . . . . . . . . . . . . . . 457--469
               Hanieh Azkia and   
      Nora Cuppens-Boulahia and   
Frédéric Cuppens and   
          Gouenou Coatrieux and   
              Said Oulmakhzoune   Deployment of a posteriori access
                                  control using IHE ATNA . . . . . . . . . 471--483

International Journal of Information Security
Volume 14, Number 6, November, 2015

              Elisa Bertino and   
             Robert H. Deng and   
                Xinyi Huang and   
                  Jianying Zhou   Security and privacy of electronic
                                  health information systems . . . . . . . 485--486
               Huiling Qian and   
                   Jiguo Li and   
               Yichen Zhang and   
                   Jinguang Han   Privacy-preserving personal health
                                  record using multi-authority
                                  attribute-based encryption with
                                  revocation . . . . . . . . . . . . . . . 487--497
                     Bo Qin and   
                   Hua Deng and   
                Qianhong Wu and   
       Josep Domingo-Ferrer and   
             David Naccache and   
                     Yunya Zhou   Flexible attribute-based encryption
                                  applicable to secure e-healthcare
                                  records  . . . . . . . . . . . . . . . . 499--511
        Mohammad Ali Hadavi and   
              Rasool Jalili and   
            Ernesto Damiani and   
                 Stelvio Cimato   Security and searchability in secret
                                  sharing-based data outsourcing . . . . . 513--529
                 Liina Kamm and   
                  Jan Willemson   Secure floating point arithmetic and
                                  private satellite collision analysis . . 531--548
                Thang Hoang and   
               Deokjai Choi and   
                    Thuc Nguyen   Gait authentication on mobile phone
                                  using biometric cryptosystem and fuzzy
                                  commitment scheme  . . . . . . . . . . . 549--560
         Alice Kozakevicius and   
             Cristian Cappo and   
       Bruno A. Mozzaquatro and   
         Raul Ceretta Nunes and   
          Christian E. Schaerer   URL query string anomaly sensor designed
                                  with the bidimensional Haar wavelet
                                  transform  . . . . . . . . . . . . . . . 561--581


International Journal of Information Security
Volume 15, Number 1, February, 2016

                  Liang Liu and   
              Xiaofeng Chen and   
                    Wenjing Lou   Secure three-party computational
                                  protocols for triangle area  . . . . . . 1--13
                    Yu Chen and   
                Qiong Huang and   
                 Zongyang Zhang   Sakai--Ohgishi--Kasahara identity-based
                                  non-interactive key exchange revisited
                                  and more . . . . . . . . . . . . . . . . 15--33
                 Weiran Liu and   
                Jianwei Liu and   
                Qianhong Wu and   
                     Bo Qin and   
                         Yan Li   Practical chosen-ciphertext secure
                                  Hierarchical Identity-Based Broadcast
                                  Encryption . . . . . . . . . . . . . . . 35--50
                 Petr Susil and   
           Pouyan Sepehrdad and   
             Serge Vaudenay and   
               Nicolas Courtois   On selection of samples in algebraic
                                  attacks and a new technique to find
                                  hidden low degree equations  . . . . . . 51--65
                  Yuyu Wang and   
                 Keisuke Tanaka   Strongly simulation-extractable
                                  leakage-resilient NIZK . . . . . . . . . 67--79
          Y. Sreenivasa Rao and   
                    Ratna Dutta   Efficient attribute-based signature and
                                  signcryption realizing expressive access
                                  structures . . . . . . . . . . . . . . . 81--109

International Journal of Information Security
Volume 15, Number 2, April, 2016

        Ronald De Keulenaer and   
                Jonas Maebe and   
          Koen De Bosschere and   
                Bjorn De Sutter   Link-time smart card code hardening  . . 111--130
    Randa Jabeur Ben Chikha and   
                Tarek Abbes and   
          Wassim Ben Chikha and   
                  Adel Bouhoula   Behavior-based approach to detect spam
                                  over IP telephony attacks  . . . . . . . 131--143
            Vahid R. Karimi and   
        Paulo S. C. Alencar and   
                Donald D. Cowan   A uniform approach for access control
                                  and business models with explicit rule
                                  realization  . . . . . . . . . . . . . . 145--171
                  Elie Raad and   
           Bechara Al Bouna and   
                 Richard Chbeir   Preventing sensitive relationships
                                  disclosure for better social media
                                  preservation . . . . . . . . . . . . . . 173--194
Alberto Huertas Celdrán and   
Ginés Dólera Tormo and   
Félix Gómez Mármol and   
    Manuel Gil Pérez and   
Gregorio Martínez Pérez   Resolving privacy-preserving
                                  relationships over outsourced encrypted
                                  data storages  . . . . . . . . . . . . . 195--209
        Víctor Mateu and   
             Josep M. Miret and   
           Francesc Sebé   A hybrid approach to vector-based
                                  homomorphic tallying remote voting . . . 211--221
                Guomin Yang and   
               Willy Susilo and   
                          Yi Mu   Message from the Guest Editors . . . . . 223--224

International Journal of Information Security
Volume 15, Number 3, June, 2016

           Hatem A. Rashwan and   
             Agusti Solanas and   
             Dom\`enec Puig and   
Antoni Martínez-Ballesté   Understanding trust in privacy-aware
                                  video surveillance systems . . . . . . . 225--234
                Tytus Kurek and   
             Marcin Niemiec and   
                    Artur Lason   Taking back control of privacy: a novel
                                  framework for preserving cloud-based
                                  firewall policy confidentiality  . . . . 235--250
             Cengiz Orencik and   
                Ayse Selcuk and   
                Erkay Savas and   
           Murat Kantarcio\uglu   Multi-keyword search over encrypted data
                                  with scoring and search pattern
                                  obfuscation  . . . . . . . . . . . . . . 251--269
   Clémentine Gritti and   
               Willy Susilo and   
            Thomas Plantard and   
               Kaitai Liang and   
                 Duncan S. Wong   Broadcast encryption with dealership . . 271--283
               Bart Mennink and   
                   Bart Preneel   Efficient parallelizable hashing using
                                  small non-compressing primitives . . . . 285--300
                Tarek Abbes and   
              Adel Bouhoula and   
       Michaël Rusinowitch   Detection of firewall configuration
                                  errors with updatable tree . . . . . . . 301--317
                  P. Salini and   
                     S. Kanmani   Effectiveness and performance analysis
                                  of model-oriented security requirements
                                  engineering to elicit security
                                  requirements: a systematic solution for
                                  developing secure software systems . . . 319--334

International Journal of Information Security
Volume 15, Number 4, August, 2016

        Leyli Javid Khayati and   
             Cengiz Orencik and   
                Erkay Savas and   
             Berkant Ustao\uglu   A practical privacy-preserving targeted
                                  advertising scheme for IPTV users  . . . 335--360
               Qiguang Miao and   
                Jiachen Liu and   
                   Ying Cao and   
                  Jianfeng Song   Malware detection using bilayer behavior
                                  abstraction and improved one-class
                                  support vector machines  . . . . . . . . 361--379
             Boris Skori\'c and   
  Sebastiaan J. A. de Hoogh and   
                 Nicola Zannone   Flow-based reputation with uncertainty:
                                  evidence-based subjective logic  . . . . 381--402
            István Vajda   On the analysis of time-aware protocols
                                  in universal composability framework . . 403--412
Sandra Díaz-Santiago and   
Lil María Rodríguez-Henríquez and   
             Debrup Chakraborty   A cryptographic study of tokenization
                                  systems  . . . . . . . . . . . . . . . . 413--432
               Avleen Malhi and   
                  Shalini Batra   Privacy-preserving authentication
                                  framework using Bloom filter for secure
                                  vehicular communications . . . . . . . . 433--453

International Journal of Information Security
Volume 15, Number 5, October, 2016

     Marios Anagnostopoulos and   
       Georgios Kambourakis and   
             Stefanos Gritzalis   New facets of mobile botnet:
                                  architecture and evaluation  . . . . . . 455--473
         Abdullah Almaatouq and   
               Erez Shmueli and   
                Mariam Nouh and   
        Ahmad Alabdulkareem and   
             Vivek K. Singh and   
            Mansour Alsaleh and   
        Abdulrahman Alarifi and   
               Anas Alfaris and   
          Alex `Sandy' Pentland   If it looks like a spammer and behaves
                                  like a spammer, it must be a spammer:
                                  analysis and detection of microblogging
                                  spam accounts  . . . . . . . . . . . . . 475--491
             Marina Blanton and   
                Everaldo Aguiar   Private and oblivious set and multiset
                                  operations . . . . . . . . . . . . . . . 493--518
         Mehmet Sabir Kiraz and   
               Osmanbey Uzunkol   Efficient and verifiable algorithms for
                                  secure outsourcing of cryptographic
                                  computations . . . . . . . . . . . . . . 519--537
                Changhui Hu and   
                     Lidong Han   Efficient wildcard search over encrypted
                                  data . . . . . . . . . . . . . . . . . . 539--547
            Kohei Kasamatsu and   
           Takahiro Matsuda and   
                Keita Emura and   
      Nuttapong Attrapadung and   
           Goichiro Hanaoka and   
                    Hideki Imai   Time-specific encryption from
                                  forward-secure encryption: generic and
                                  direct constructions . . . . . . . . . . 549--571

International Journal of Information Security
Volume 15, Number 6, November, 2016

                 Liqun Chen and   
                 Chris Mitchell   Message from the guest editors . . . . . 573--574
               Paul D. Rowe and   
          Joshua D. Guttman and   
                Moses D. Liskov   Measuring protocol strength with
                                  security goals . . . . . . . . . . . . . 575--596
               Mark Manulis and   
            Douglas Stebila and   
          Franziskus Kiefer and   
                    Nick Denham   Secure modular password authentication
                                  for the web using channel bindings . . . 597--620
       Christopher W. Brown and   
                Michael Jenkins   Analyzing proposals for improving
                                  authentication on the TLS-/SSL-protected
                                  Web  . . . . . . . . . . . . . . . . . . 621--635
       Jean Paul Degabriele and   
              Victoria Fehr and   
              Marc Fischlin and   
        Tommaso Gagliardoni and   
         Felix Günther and   
     Giorgia Azzurra Marson and   
            Arno Mittelbach and   
            Kenneth G. Paterson   Unpicking PLAID: a cryptographic
                                  analysis of an ISO-standards-track
                                  authentication protocol  . . . . . . . . 637--657
                Cas Cremers and   
                   Marko Horvat   Improving the ISO/IEC 11770 standard for
                                  key management techniques  . . . . . . . 659--673


International Journal of Information Security
Volume 16, Number 1, February, 2017

         Bertram Poettering and   
                Douglas Stebila   Double-authentication-preventing
                                  signatures . . . . . . . . . . . . . . . 1--22
                  Lichun Li and   
                Anwitaman Datta   Write-only oblivious RAM-based
                                  privacy-preserved access of outsourced
                                  data . . . . . . . . . . . . . . . . . . 23--42
            Vahid R. Karimi and   
        Paulo S. C. Alencar and   
                Donald D. Cowan   A formal modeling and analysis approach
                                  for access control rules, policies, and
                                  their combinations . . . . . . . . . . . 43--74
   Davide Alberto Albertini and   
          Barbara Carminati and   
                  Elena Ferrari   An extended access control mechanism
                                  exploiting data dependencies . . . . . . 75--89
          Riaz Ahmed Shaikh and   
                  Kamel Adi and   
                 Luigi Logrippo   A Data Classification Method for
                                  Inconsistency and Incompleteness
                                  Detection in Access Control Policy Sets  91--113

International Journal of Information Security
Volume 16, Number 2, April, 2017

          Matija Stevanovic and   
        Jens Myrup Pedersen and   
       Alessandro D'Alconzo and   
                 Stefan Ruehrup   A method for identifying compromised
                                  clients based on DNS traffic analysis    115--132
          Maryam Mehrnezhad and   
        Abbas Ghaemi Bafghi and   
                Ahad Harati and   
                  Ehsan Toreini   PiSHi: click the images and I tell if
                                  you are a human  . . . . . . . . . . . . 133--149
                 Colin Boyd and   
                Cas Cremers and   
            Mich\`ele Feltz and   
        Kenneth G. Paterson and   
         Bertram Poettering and   
                Douglas Stebila   ASICS: authenticated key exchange
                                  security incorporating certification
                                  systems  . . . . . . . . . . . . . . . . 151--171
               Marco Tiloca and   
         Christian Gehrmann and   
                   Ludwig Seitz   On improving resistance to Denial of
                                  Service and key provisioning scalability
                                  of the DTLS handshake  . . . . . . . . . 173--193
                Ankit Singh and   
           Hervais C. Simo Fhom   Restricted usage of anonymous
                                  credentials in vehicular ad hoc networks
                                  for misbehavior detection  . . . . . . . 195--211
           Christopher Mann and   
            Daniel Loebenberger   Two-factor authentication for the
                                  Bitcoin protocol . . . . . . . . . . . . 213--226

International Journal of Information Security
Volume 16, Number 3, June, 2017

      Munkhbayar Bat-Erdene and   
                Hyundo Park and   
                 Hongzhe Li and   
                  Heejo Lee and   
                  Mahn-Soo Choi   Entropy analysis to classify unknown
                                  packing algorithms for malware detection 227--248
        Riccardo Bernardini and   
                Roberto Rinaldo   Making random permutations from
                                  physically unclonable constants  . . . . 249--261
                Minchul Kim and   
             Younghoon Jung and   
                  Junghwan Song   A modified exhaustive search on a
                                  password system using SHA-1  . . . . . . 263--269
          Hani Ragab-Hassen and   
                    Esma Lounes   A key management scheme evaluation using
                                  Markov processes . . . . . . . . . . . . 271--280
         Felix Günther and   
             Bertram Poettering   Linkable message tagging: solving the
                                  key distribution problem of signature
                                  schemes  . . . . . . . . . . . . . . . . 281--297
              Jianchang Lai and   
                      Yi Mu and   
                     Fuchun Guo   Efficient identity-based online/offline
                                  encryption and signcryption with short
                                  ciphertext . . . . . . . . . . . . . . . 299--311
   Panayiotis Kotzanikolaou and   
     George Chatzisofroniou and   
                 Mike Burmester   Broadcast anonymous routing (BAR):
                                  scalable real-time anonymous
                                  communication  . . . . . . . . . . . . . 313--326
             Dario Catalano and   
                Dario Fiore and   
                Rosario Gennaro   A certificateless approach to onion
                                  routing  . . . . . . . . . . . . . . . . 327--343

International Journal of Information Security
Volume 16, Number 4, August, 2017

        Aliaksandr Lazouski and   
           Fabio Martinelli and   
                 Paolo Mori and   
                Andrea Saracino   Stateful Data Usage Control for Android
                                  Mobile Devices . . . . . . . . . . . . . 345--369
              A. Ruiz-Heras and   
   P. García-Teodoro and   
       L. Sánchez-Casado   ADroid: anomaly-based detection of
                                  malicious events in Android platforms    371--384
                 Shree Garg and   
         Sateesh K. Peddoju and   
                  Anil K. Sarje   Network-based detection of Android
                                  malicious apps . . . . . . . . . . . . . 385--400
        Constantinos Kolias and   
             Vasilis Kolias and   
           Georgios Kambourakis   TermID: a distributed swarm
                                  intelligence-based approach for wireless
                                  intrusion detection  . . . . . . . . . . 401--416
         Raghav V. Sampangi and   
              Srinivas Sampalli   HiveSec: security in
                                  resource-constrained wireless networks
                                  inspired by beehives and bee swarms  . . 417--433
               Nuno Antunes and   
                   Marco Vieira   Designing vulnerability testing tools
                                  for web services: approach, components,
                                  and tools  . . . . . . . . . . . . . . . 435--457

International Journal of Information Security
Volume 16, Number 5, October, 2017

            Khamphao Sisaat and   
         Surin Kittitornkun and   
            Hiroaki Kikuchi and   
       Chaxiong Yukonhiatou and   
              Masato Terada and   
                  Hiroshi Ishii   A spatio-temporal malware and country
                                  clustering algorithm: 2012 IIJ MITF case
                                  study  . . . . . . . . . . . . . . . . . 459--473
            Patrick Duessel and   
             Christian Gehl and   
              Ulrich Flegel and   
              Sven Dietrich and   
                  Michael Meier   Detecting zero-day attacks using
                                  context-aware anomaly detection at the
                                  application-layer  . . . . . . . . . . . 475--490
             Myrto Arapinis and   
     Loretta Ilaria Mancini and   
                Eike Ritter and   
               Mark Dermot Ryan   Analysis of privacy in mobile telephony
                                  systems  . . . . . . . . . . . . . . . . 491--523
             Cheng-Ta Huang and   
              Yu-Hong Zhang and   
               Li-Chiun Lin and   
               Wei-Jen Wang and   
                Shiuh-Jeng Wang   Mutual authentications to parties with
                                  QR-code applications in mobile systems   525--540
             Janaka Alawatugoda   Generic construction of an eCK-secure
                                  key exchange protocol in the standard
                                  model  . . . . . . . . . . . . . . . . . 541--557
                  Lei Zhang and   
                Qianhong Wu and   
                     Bo Qin and   
                   Hua Deng and   
                Jiangtao Li and   
                Jianwei Liu and   
                   Wenchang Shi   Certificateless and identity-based
                                  authenticated asymmetric group key
                                  agreement  . . . . . . . . . . . . . . . 559--576

International Journal of Information Security
Volume 16, Number 6, November, 2017

          Mehrdad Aliasgari and   
             Marina Blanton and   
       Fattaneh Bayatbabolghani   Secure computation of hidden Markov
                                  models and secure floating-point
                                  arithmetic in the malicious model  . . . 577--601
                  Lichun Li and   
           Michael Militzer and   
                Anwitaman Datta   rPIR: ramp secret sharing-based
                                  communication-efficient private
                                  information retrieval  . . . . . . . . . 603--625
           Alireza Esfahani and   
            Georgios Mantas and   
         Jonathan Rodriguez and   
       José Carlos Neves   An efficient homomorphic MAC-based
                                  scheme against data and tag pollution
                                  attacks in network coding-enabled
                                  wireless networks  . . . . . . . . . . . 627--639
       Shahrzad Kananizadeh and   
               Kirill Kononenko   Development of dynamic protection
                                  against timing channels  . . . . . . . . 641--651
         Apostolos Malatras and   
       Dimitris Geneiatakis and   
                Ioannis Vakalis   On the efficiency of user
                                  identification: a system-based approach  653--671
               HyunChul Joh and   
            Yashwant K. Malaiya   Periodicity in software vulnerability
                                  discovery, patching and exploitation . . 673--690


International Journal of Information Security
Volume 17, Number 1, February, 2018

               Alfredo Rial and   
             George Danezis and   
              Markulf Kohlweiss   Privacy-preserving smart metering
                                  revisited  . . . . . . . . . . . . . . . 1--31
                   Hua Deng and   
                 Yunya Zhou and   
                Qianhong Wu and   
                     Bo Qin and   
                    Jianwei Liu   Secure pay-TV for chained hotels . . . . 33--42
                Kazuki Yoneyama   Formal modeling of random oracle
                                  programmability and verification of
                                  signature unforgeability using
                                  task-PIOAs . . . . . . . . . . . . . . . 43--66
        Riccardo Bernardini and   
                Roberto Rinaldo   Generalized Elias schemes for efficient
                                  harvesting of truly random bits  . . . . 67--81
                Samiha Ayed and   
      Muhammad Sabir Idrees and   
               Nora Cuppens and   
               Frederic Cuppens   Achieving dynamicity in security
                                  policies enforcement using aspects . . . 83--103
                   G. Deepa and   
         P. Santhi Thilagam and   
          Furqan Ahmed Khan and   
               Amit Praseed and   
              Alwyn R. Pais and   
            Nushafreen Palsetia   Black-box detection of XQuery injection
                                  and parameter tampering vulnerabilities
                                  in web applications  . . . . . . . . . . 105--120

International Journal of Information Security
Volume 17, Number 2, April, 2018

                 Ankit Shah and   
             Rajesh Ganesan and   
             Sushil Jajodia and   
                      Hasan Cam   A methodology to measure and monitor
                                  level of operational effectiveness of a
                                  CSOC . . . . . . . . . . . . . . . . . . 121--134
           Mitsuaki Akiyama and   
               Takeshi Yagi and   
                Takeo Hariu and   
              Youki Kadobayashi   HoneyCirculator: distributing credential
                                  honeytoken for introspection of
                                  web-based attack cycle . . . . . . . . . 135--151
             G. Kirubavathi and   
                      R. Anitha   Structural analysis and detection of
                                  Android botnets using machine learning
                                  techniques . . . . . . . . . . . . . . . 153--167
                  A. Gruber and   
                     I. Ben-Gal   Using targeted Bayesian network learning
                                  for suspect identification in
                                  communication networks . . . . . . . . . 169--181
              Tsung-Min Kuo and   
              Sung-Ming Yen and   
                   Meng-Che Han   Dynamic reversed accumulator . . . . . . 183--191
               Jae Hong Seo and   
                Keita Emura and   
               Keita Xagawa and   
                Kazuki Yoneyama   Accumulable optimistic fair exchange
                                  from verifiably encrypted homomorphic
                                  signatures . . . . . . . . . . . . . . . 193--220
                Aron Laszka and   
       Yevgeniy Vorobeychik and   
             Xenofon Koutsoukos   A game-theoretic approach for integrity
                                  assurance in resource-bounded systems    221--242

International Journal of Information Security
Volume 17, Number 3, June, 2018

       Josep Domingo-Ferrer and   
    Alberto Blanco-Justicia and   
                 Carla R\`afols   Dynamic group size accreditation and
                                  group discounts preserving anonymity . . 243--260
                   Ying Luo and   
        Sen-ching S. Cheung and   
        Riccardo Lazzeretti and   
            Tommaso Pignata and   
                    Mauro Barni   Anonymous subject identification and
                                  privacy information management in video
                                  surveillance . . . . . . . . . . . . . . 261--278
Antoni Martínez-Ballesté and   
              Hatem Rashwan and   
               Domenec Puig and   
                 Agusti Solanas   Design and implementation of a secure
                                  and trustworthy platform for
                                  privacy-aware video surveillance . . . . 279--290
          Maryam Mehrnezhad and   
              Ehsan Toreini and   
     Siamak F. Shahandashti and   
                       Feng Hao   Stealing PINs via mobile sensors: actual
                                  risk versus user perception  . . . . . . 291--313
                Sangita Roy and   
             Ashok Singh Sairam   Distributed star coloring of network for
                                  IP traceback . . . . . . . . . . . . . . 315--326
            Sebastian Faust and   
               Carmit Hazay and   
                Daniele Venturi   Outsourced pattern matching  . . . . . . 327--346
                 Yujue Wang and   
               HweeHwa Pang and   
                 Robert H. Deng   Verifiably encrypted
                                  cascade-instantiable blank signatures to
                                  secure progressive decision management   347--363

International Journal of Information Security
Volume 17, Number 4, August, 2018

Francisco-Javier González-Serrano and   
Adrián Amor-Martín and   
Jorge Casamayón-Antón   Supervised machine learning using
                                  encrypted training data  . . . . . . . . 365--377
              HyoungMin Ham and   
               JongHyup Lee and   
                   JooSeok Song   Improved yoking proof protocols for
                                  preserving anonymity . . . . . . . . . . 379--393
           Jean-Louis Lanet and   
  Hél\`ene Le Bouder and   
          Mohammed Benattou and   
                     Axel Legay   When time meets test . . . . . . . . . . 395--409
              Syed Taha Ali and   
            Patrick McCorry and   
        Peter Hyun-Jeen Lee and   
                       Feng Hao   ZombieCoin 2.0: managing next-generation
                                  botnets using Bitcoin  . . . . . . . . . 411--422
                 Zheng Yang and   
                   Chao Liu and   
                Wanping Liu and   
                Daigu Zhang and   
                       Song Luo   A new strong security model for stateful
                                  authenticated group key exchange . . . . 423--440
    Miguel Morales-Sandoval and   
 Jose Luis Gonzalez-Compean and   
          Arturo Diaz-Perez and   
            Victor J. Sosa-Sosa   A pairing-based cryptographic approach
                                  for data security in the cloud . . . . . 441--461
               Yinhao Jiang and   
               Willy Susilo and   
                      Yi Mu and   
                     Fuchun Guo   Flexible ciphertext-policy
                                  attribute-based encryption supporting
                                  AND-gate and threshold with short
                                  ciphertexts  . . . . . . . . . . . . . . 463--475
               Hongyong Jia and   
                   Yue Chen and   
                 Julong Lan and   
             Kaixiang Huang and   
                       Jun Wang   Efficient revocable hierarchical
                                  identity-based encryption using
                                  cryptographic accumulators . . . . . . . 477--490

International Journal of Information Security
Volume 17, Number 5, October, 2018

                 Liqun Chen and   
               Jinguang Han and   
                 Chris Mitchell   Message from the Guest Editors . . . . . 491--492
             Kazuya Imamura and   
         Kazuhiko Minematsu and   
                    Tetsu Iwata   Integrity analysis of authenticated
                                  encryption based on stream ciphers . . . 493--511
            Kazuki Yoneyama and   
                Reo Yoshida and   
              Yuto Kawahara and   
        Tetsutaro Kobayashi and   
               Hitoshi Fuji and   
              Tomohide Yamamoto   Multi-cast key distribution: scalable,
                                  dynamic and provably secure construction 513--532
               Yinhao Jiang and   
               Willy Susilo and   
                      Yi Mu and   
                     Fuchun Guo   Ciphertext-policy attribute-based
                                  encryption supporting access policy
                                  update and its extension with preserved
                                  attributes . . . . . . . . . . . . . . . 533--548
                    Yuxi Li and   
                 Fucai Zhou and   
                  Yuhai Qin and   
                 Muqing Lin and   
                      Zifeng Xu   Integrity-verifiable conjunctive keyword
                                  searchable encryption in cloud storage   549--568
             Carlos Ribeiro and   
            Herbert Leitold and   
             Simon Esposito and   
                   David Mitzam   STORK: a real, heterogeneous,
                                  large-scale eID management system  . . . 569--585
             Franco Frattolillo   Watermarking protocols: an excursus to
                                  motivate a new approach  . . . . . . . . 587--601
             Lanfranco Lopriore   Access right management by extended
                                  password capabilities  . . . . . . . . . 603--612

International Journal of Information Security
Volume 17, Number 6, November, 2018

           Ehab ElSalamouny and   
         Sébastien Gambs   Optimal noise functions for location
                                  privacy on continuous regions  . . . . . 613--630
           Keisuke Murakami and   
                    Takeaki Uno   Optimization algorithm for
                                  $k$-anonymization of datasets with low
                                  information loss . . . . . . . . . . . . 631--644
               Nolen Scaife and   
               Henry Carter and   
             Lyrissa Lidsky and   
           Rachael L. Jones and   
                Patrick Traynor   OnionDNS: a seizure-resistant top-level
                                  domain . . . . . . . . . . . . . . . . . 645--660
                Daiki Chiba and   
               Takeshi Yagi and   
           Mitsuaki Akiyama and   
          Toshiki Shibahara and   
               Tatsuya Mori and   
                   Shigeki Goto   DomainProfiler: toward accurate and
                                  early discovery of domain names abused
                                  in future  . . . . . . . . . . . . . . . 661--680
               Gaute Wangen and   
    Christoffer Hallstensen and   
                Einar Snekkenes   A framework for estimating information
                                  security risk assessment method
                                  completeness . . . . . . . . . . . . . . 681--699
                Nina Bindel and   
          Johannes Buchmann and   
             Susanne Rieß   Comparing apples with apples:
                                  performance analysis of lattice-based
                                  authenticated key exchange protocols . . 701--718
           Aniello Cimitile and   
         Francesco Mercaldo and   
           Vittoria Nardone and   
          Antonella Santone and   
         Corrado Aaron Visaggio   Talos: no more ransomware victims with
                                  formal methods . . . . . . . . . . . . . 719--738


International Journal of Information Security
Volume 18, Number 1, February, 2019

               Debasish Das and   
               Utpal Sharma and   
            D. K. Bhattacharyya   Defeating SQL injection attack in
                                  authentication security: an experimental
                                  study  . . . . . . . . . . . . . . . . . 1--22
          Dipankar Dasgupta and   
          Abhijit Kumar Nag and   
             Denise Ferebee and   
          Sanjib Kumar Saha and   
          Kul Prasad Subedi and   
                Arunava Roy and   
              Alvaro Madero and   
               Abel Sanchez and   
               John R. Williams   Design and implementation of Negative
                                  Authentication System  . . . . . . . . . 23--48
   Anastasios Stasinopoulos and   
    Christoforos Ntantogian and   
               Christos Xenakis   Commix: automating evaluation and
                                  exploitation of command injection
                                  vulnerabilities in Web applications  . . 49--72
      Gerson de Souza Faria and   
                   Hae Yong Kim   Differential audio analysis: a new
                                  side-channel attack on PIN pads  . . . . 73--84
            Abdelhak Mesbah and   
           Jean-Louis Lanet and   
              Mohamed Mezghiche   Reverse engineering Java Card and
                                  vulnerability exploitation: a shortcut
                                  to ROM . . . . . . . . . . . . . . . . . 85--100
     M. Francisca Hinarejos and   
   Andreu-Pere Isern-Dey\`a and   
Josep-Lluís Ferrer-Gomila and   
   Llorenç Huguet-Rotger   Deployment and performance evaluation of
                                  mobile multicoupon solutions . . . . . . 101--124

International Journal of Information Security
Volume 18, Number 2, April, 2019

Gábor György Gulyás and   
             Sándor Imre   Hiding information against structural
                                  re-identification  . . . . . . . . . . . 125--139
              Jian-Wu Zheng and   
                  Jing Zhao and   
                  Xin-Ping Guan   Identifier discrimination: realizing
                                  selective-ID HIBE with authorized
                                  delegation and dedicated encryption
                                  privacy  . . . . . . . . . . . . . . . . 141--162
             Donghoon Chang and   
                 Arpan Jati and   
               Sweta Mishra and   
         Somitra Kumar Sanadhya   Cryptanalytic time-memory trade-off for
                                  password hashing schemes . . . . . . . . 163--180
            Kamil Kluczniak and   
              Jianfeng Wang and   
              Xiaofeng Chen and   
            Miroslaw Kutylowski   Multi-device anonymous authentication    181--197
                 Ankit Shah and   
             Rajesh Ganesan and   
                 Sushil Jajodia   A methodology for ensuring fair
                                  allocation of CSOC effort for alert
                                  investigation  . . . . . . . . . . . . . 199--218
   Miguel Ros-Martín and   
        Julián Salas and   
               Jordi Casas-Roma   Scalable non-deterministic
                                  clustering-based $k$-anonymization for
                                  rich networks  . . . . . . . . . . . . . 219--238
             Zeinab Joudaki and   
               Julie Thorpe and   
           Miguel Vargas Martin   Enhanced Tacit Secrets: System-assigned
                                  passwords you can't write down, but
                                  don't need to  . . . . . . . . . . . . . 239--255

International Journal of Information Security
Volume 18, Number 3, June, 2019

        Mario Luca Bernardi and   
Marta Cimitile Damiano Distante and   
           Fabio Martinelli and   
             Francesco Mercaldo   Dynamic malware detection and phylogeny
                                  analysis using process mining  . . . . . 257--284
          Krzysztof Grining and   
            Marek Klonowski and   
                     Piotr Syga   On practical privacy-preserving
                                  fault-tolerant data aggregation  . . . . 285--304
       Aishwarya Vipul Vora and   
                   Saumya Hegde   Keyword-based private searching on cloud
                                  data along with keyword association and
                                  dissociation using cuckoo filter . . . . 305--319
                      Ge Wu and   
                      Yi Mu and   
               Willy Susilo and   
                 Fuchun Guo and   
                    Futai Zhang   Threshold privacy-preserving cloud
                                  auditing with multiple uploaders . . . . 321--331
           Benedikt Hiemenz and   
             Michel Krämer   Dynamic searchable symmetric encryption
                                  for storing geospatial data in the cloud 333--354
                    Wen Gao and   
                 Liqun Chen and   
                    Yupu Hu and   
   Christopher J. P. Newton and   
               Baocang Wang and   
                 Jiangshan Chen   Lattice-based deniable ring signatures   355--370
    Mohammad Hasan Samadani and   
           Mehdi Berenjkoob and   
                 Marina Blanton   Secure pattern matching based on bit
                                  parallelism  . . . . . . . . . . . . . . 371--391

International Journal of Information Security
Volume 18, Number 4, August, 2019

                Yusuf Kulah and   
              Berkay Dincer and   
               Cemal Yilmaz and   
                    Erkay Savas   SpyDetector: an approach for detecting
                                  side-channel attacks at runtime  . . . . 393--422
        Mohammad R. Faghani and   
                 Uyen T. Nguyen   Mobile botnets meet social networks:
                                  design and analysis of a new type of
                                  botnet . . . . . . . . . . . . . . . . . 423--449
Cristina Pérez-Sol\`a and   
       Sergi Delgado-Segura and   
  Guillermo Navarro-Arribas and   
Jordi Herrera-Joancomartí   Double-spending prevention for Bitcoin
                                  zero-confirmation transactions . . . . . 451--463
             Mohsen Rezvani and   
           David Rajaratnam and   
      Aleksandar Ignjatovic and   
           Maurice Pagnucco and   
                     Sanjay Jha   Analyzing XACML policies using answer
                                  set programming  . . . . . . . . . . . . 465--479
                 Anil Saini and   
           Manoj Singh Gaur and   
                Vijay Laxmi and   
                    Mauro Conti   You click, I steal: analyzing and
                                  detecting click hijacking attacks in web
                                  pages  . . . . . . . . . . . . . . . . . 481--504
     João S. Resende and   
   Patrícia R. Sousa and   
            Rolando Martins and   
            Luís Antunes   Breaking MPC implementations through
                                  compression  . . . . . . . . . . . . . . 505--518
Héctor Marco-Gisbert and   
           Ismael Ripoll-Ripoll   SSPFA: effective stack smashing
                                  protection for Android OS  . . . . . . . 519--532

International Journal of Information Security
Volume 18, Number 5, October, 2019

             Oriol Farr\`as and   
    Jordi Ribes-González   Provably secure public-key encryption
                                  with conjunctive and subset keyword
                                  search . . . . . . . . . . . . . . . . . 533--548
                 James Dyer and   
                Martin Dyer and   
                         Jie Xu   Practical homomorphic encryption over
                                  the integers for secure computation in
                                  the cloud  . . . . . . . . . . . . . . . 549--579
            Kenta Takahashi and   
           Takahiro Matsuda and   
             Takao Murakami and   
           Goichiro Hanaoka and   
            Masakatsu Nishigaki   Signature schemes with a fuzzy private
                                  key  . . . . . . . . . . . . . . . . . . 581--617
           Parvin Rastegari and   
               Willy Susilo and   
           Mohammad Dakhilalian   Certificateless designated verifier
                                  signature revisited: achieving a
                                  concrete scheme in the standard model    619--635
               Ricard Garra and   
          Dominik Leibenger and   
             Josep M. Miret and   
           Francesc Sebé   Repairing an aggregation-based smart
                                  metering system  . . . . . . . . . . . . 637--646
                Xiaoying Yu and   
                        Qi Liao   Understanding user passwords through
                                  password prefix and postfix (P3) graph
                                  analysis and visualization . . . . . . . 647--663
       Amel Meddeb Makhlouf and   
                 Mohsen Guizani   SE-AOMDV: secure and efficient AOMDV
                                  routing protocol for vehicular
                                  communications . . . . . . . . . . . . . 665--676

International Journal of Information Security
Volume 18, Number 6, December, 2019

                 Yixian Cai and   
          George Karakostas and   
                   Alan Wassyng   Secure and trusted partial grey-box
                                  verification . . . . . . . . . . . . . . 677--700
                  Tao Zhang and   
               Wang Hao Lee and   
               Mingyuan Gao and   
                  Jianying Zhou   File Guard: automatic format-based media
                                  file sanitization  . . . . . . . . . . . 701--713
                  R. Riesco and   
          V. A. Villagrá   Leveraging cyber threat intelligence for
                                  a dynamic risk framework . . . . . . . . 715--739
                M. Yildirim and   
                      I. Mackie   Encouraging users to improve password
                                  security and memorability  . . . . . . . 741--759
             Muhammad Aamir and   
         Syed Mustafa Ali Zaidi   DDoS attack detection with feature
                                  engineering and machine learning: the
                                  framework and performance evaluation . . 761--785
      Constantinos Patsakis and   
                    Fran Casino   Hydras and IPFS: a decentralised
                                  playground for malware . . . . . . . . . 787--799
              Ehsan Toreini and   
     Siamak F. Shahandashti and   
          Maryam Mehrnezhad and   
                       Feng Hao   DOMtegrity: ensuring web page integrity
                                  against malicious browser extensions . . 801--814


International Journal of Information Security
Volume 19, Number 1, February, 2020

          Takeshi Takahashi and   
       Rodrigo Roman Castro and   
        Bilhanan Silverajan and   
              Ryan K. L. Ko and   
                     Said Tabet   Message from the guest editors . . . . . 1--2
                   Peter Aufner   The IoT security gap: a look down into
                                  the valley between threat models and
                                  their implementation . . . . . . . . . . 3--14
              Hiroaki Anada and   
              Akira Kanaoka and   
          Natsume Matsuzaki and   
                 Yohei Watanabe   Key-updatable public-key encryption with
                                  keyword search (Or: How to realize PEKS
                                  with efficient key updates for IoT
                                  environments)  . . . . . . . . . . . . . 15--38
             Raz Ben Yehuda and   
         Nezer Jacob Zaidenberg   Protection against reverse engineering
                                  in ARM . . . . . . . . . . . . . . . . . 39--51
                     Ili Ko and   
           Desmond Chambers and   
                   Enda Barrett   Feature dynamic deep learning approach
                                  for DDoS mitigation within the ISP
                                  domain . . . . . . . . . . . . . . . . . 53--70
              Hayate Takase and   
          Ryotaro Kobayashi and   
              Masahiko Kato and   
                     Ren Ohmura   A prototype implementation and
                                  evaluation of the malware detection
                                  mechanism for IoT devices using the
                                  processor information  . . . . . . . . . 71--81
              Seiichi Ozawa and   
                    Tao Ban and   
            Naoki Hashimoto and   
             Junji Nakazato and   
               Jumpei Shimamura   A study of IoT malware activities using
                                  association rule learning for darknet
                                  sensor data  . . . . . . . . . . . . . . 83--92
          Behshid Shayesteh and   
               Vesal Hakami and   
                   Ahmad Akbari   A trust management scheme for
                                  IoT-enabled environmental
                                  health/accessibility monitoring services 93--110
            Davide Ferraris and   
          Carmen Fernandez-Gago   TrUStAPIS: a trust requirements
                                  elicitation method for IoT . . . . . . . 111--127
                K. Sowjanya and   
               Mou Dasgupta and   
                    Sangram Ray   An elliptic curve cryptography based
                                  enhanced anonymous authentication
                                  protocol for wearable health monitoring
                                  systems  . . . . . . . . . . . . . . . . 129--146

International Journal of Information Security
Volume 19, Number 2, April, 2020

             Rajendra Patil and   
              Harsha Dudeja and   
                    Chirag Modi   Designing in-VM-assisted lightweight
                                  agent-based malware detection framework
                                  for securing virtual machines in cloud
                                  computing  . . . . . . . . . . . . . . . 147--162
           Hasiba Ben Attia and   
Laid Kahloul Saber Benharzallah and   
              Samir Bourekkache   Using Hierarchical Timed Coloured Petri
                                  Nets in the formal study of TRBAC
                                  security policies  . . . . . . . . . . . 163--187
              Sridhar Adepu and   
     Nandha Kumar Kandasamy and   
              Jianying Zhou and   
                  Aditya Mathur   Attacks on smart grid: power supply
                                  interruption and malicious power
                                  generation . . . . . . . . . . . . . . . 189--211
                 Peng Cheng and   
        Ibrahim Ethem Bagci and   
                 Utz Roedig and   
                       Jeff Yan   SonarSnoop: active acoustic side-channel
                                  attacks  . . . . . . . . . . . . . . . . 213--228
        Sanjeet Kumar Nayak and   
              Somanath Tripathy   SEDS: secure and efficient server-aided
                                  data deduplication scheme for cloud
                                  storage  . . . . . . . . . . . . . . . . 229--240
           Hasiba Ben Attia and   
               Laid Kahloul and   
         Saber Benharzallah and   
              Samir Bourekkache   Correction to: Using Hierarchical Timed
                                  Coloured Petri Nets in the formal study
                                  of TRBAC security policies . . . . . . . 241--241

International Journal of Information Security
Volume 19, Number 3, June, 2020

                Kuo-Hui Yeh and   
                 Chunhua Su and   
             Robert H. Deng and   
                  Moti Yung and   
            Miroslaw Kutylowski   Special issue on security and privacy of
                                  blockchain technologies  . . . . . . . . 243--244
                 Chun-I Fan and   
               Yi-Fan Tseng and   
                  Hui-Po Su and   
               Ruei-Hau Hsu and   
                Hiroaki Kikuchi   Secure hierarchical Bitcoin wallet
                                  scheme against privilege escalation
                                  attacks  . . . . . . . . . . . . . . . . 245--255
            Alexander Yohan and   
                     Nai-Wei Lo   FOTB: a secure blockchain-based firmware
                                  update framework for IoT environment . . 257--278
                Weizhi Meng and   
                 Wenjuan Li and   
           Laurence T. Yang and   
                        Peng Li   Enhancing challenge-based collaborative
                                  intrusion detection networks against
                                  insider attacks using blockchain . . . . 279--290
                     Or Sattath   On the insecurity of quantum Bitcoin
                                  mining . . . . . . . . . . . . . . . . . 291--302
              Yuanjian Zhou and   
                 Yining Liu and   
            Chengshun Jiang and   
                    Shulan Wang   An improved FOO voting scheme using
                                  blockchain . . . . . . . . . . . . . . . 303--310
                 Zijian Bao and   
                  Wenbo Shi and   
                Saru Kumari and   
               Zhi-yin Kong and   
                Chien-Ming Chen   Lockmix: a secure and privacy-preserving
                                  mix service for Bitcoin anonymity  . . . 311--321
               Shufan Zhang and   
                  Lili Wang and   
                       Hu Xiong   Chaintegrity: blockchain-enabled
                                  large-scale e-voting system with
                                  robustness and universal verifiability   323--341

International Journal of Information Security
Volume 19, Number 4, August, 2020

               Marco Tiloca and   
              Gianluca Dini and   
                 Kiki Rizki and   
                    Shahid Raza   Group rekeying based on member join
                                  history  . . . . . . . . . . . . . . . . 343--381
                 Minhye Seo and   
                  Suhri Kim and   
              Dong Hoon Lee and   
                 Jong Hwan Park   EMBLEM: (R)LWE-based key encapsulation
                                  with a new multi-bit encoding method . . 383--399
         Michael Hölzl and   
             Michael Roland and   
                   Omid Mir and   
          René Mayrhofer   Disposable dynamic accumulators: toward
                                  practical privacy-preserving mobile eIDs
                                  with scalable revocation . . . . . . . . 401--417
               Wakaha Ogata and   
                Takaaki Otemori   Security analysis of secure kNN and
                                  ranked keyword search over encrypted
                                  data . . . . . . . . . . . . . . . . . . 419--425
                    M. Pilz and   
          F. Baghaei Naeini and   
                K. Grammont and   
                 C. Smagghe and   
                   M. Davis and   
                J.-C. Nebel and   
                L. Al-Fagih and   
                    E. Pfluegel   Security attacks on smart grid
                                  scheduling and their defences: a
                                  game-theoretic approach  . . . . . . . . 427--443
                 Itaru Ueda and   
             Daiki Miyahara and   
          Akihiro Nishimura and   
            Yu-ichi Hayashi and   
             Takaaki Mizuki and   
                   Hideaki Sone   Secure implementations of a random
                                  bisection cut  . . . . . . . . . . . . . 445--452
                 Chunhui Wu and   
              Xiaofeng Chen and   
                   Willy Susilo   Concise ID-based mercurial functional
                                  commitments and applications to
                                  zero-knowledge sets  . . . . . . . . . . 453--464
               Jordi Casas-Roma   DUEF-GA: data utility and privacy
                                  evaluation framework for graph
                                  anonymization  . . . . . . . . . . . . . 465--478
       Dimitris Mitropoulos and   
      Thodoris Sotiropoulos and   
        Nikos Koutsovasilis and   
             Diomidis Spinellis   PDGuard: an architecture for the control
                                  and secure processing of personal data   479--498

International Journal of Information Security
Volume 19, Number 5, October, 2020

        Mina Sheikhalishahi and   
            Andrea Saracino and   
           Fabio Martinelli and   
           Antonio La Marra and   
             Mohammed Mejri and   
                    Nadia Tawbi   Digital Waste Disposal: an automated
                                  framework for analysis of spam emails    499--522
              Areej Alzaidi and   
            Suhair Alshehri and   
                Seyed M. Buhari   DroidRista: a highly precise static data
                                  flow analysis framework for Android
                                  applications . . . . . . . . . . . . . . 523--536
            Vicenç Torra   Random dictatorship for
                                  privacy-preserving social choice . . . . 537--545
        Riccardo Bernardini and   
                Roberto Rinaldo   Analysis of some simple stabilizers for
                                  physically obfuscated keys . . . . . . . 547--565
           Huy-Trung Nguyen and   
              Quoc-Dung Ngo and   
                   Van-Hoang Le   A novel graph-based approach for IoT
                                  botnet detection . . . . . . . . . . . . 567--577
          Ahmed M. Manasrah and   
         Areej R. AL-Rabadi and   
                Najib A. Kofahi   Key pre-distribution approach using
                                  block $ L U $ decomposition in wireless
                                  sensor network . . . . . . . . . . . . . 579--596
                Sona Taheri and   
            Adil M. Bagirov and   
               Iqbal Gondal and   
                    Simon Brown   Cyberattack triage using incremental
                                  clustering for intrusion detection
                                  systems  . . . . . . . . . . . . . . . . 597--607

International Journal of Information Security
Volume 19, Number 6, December, 2020

                    Britta Hale   User-mediated authentication protocols
                                  and unforgeability in key collision  . . 609--621
       Pablo Picazo-Sanchez and   
              Juan Tapiador and   
              Gerardo Schneider   After you, please: browser extensions
                                  order attacks and countermeasures  . . . 623--638
              Yanting Zhang and   
                Jianwei Liu and   
             Zongyang Zhang and   
                     Weiran Liu   FDCO: attribute-based fast data
                                  cloud-outsourcing scheme for mobile
                                  devices  . . . . . . . . . . . . . . . . 639--656
          Kamalakanta Sethi and   
              E. Sai Rupesh and   
                Rahul Kumar and   
           Padmalochan Bera and   
                 Y. Venu Madhav   A context-aware robust intrusion
                                  detection system: a reinforcement
                                  learning-based approach  . . . . . . . . 657--678
                 Reem Melki and   
            Hassan N. Noura and   
                     Ali Chehab   Lightweight multi-factor mutual
                                  authentication protocol for IoT devices  679--694
                Tina Tavizi and   
                  Mehdi Shajari   A language and a pattern system for
                                  temporal property specification:
                                  advanced metering infrastructure case
                                  study  . . . . . . . . . . . . . . . . . 695--710
                  Lixue Sun and   
               Chunxiang Xu and   
                 Yuan Zhang and   
                     Kefei Chen   Public data integrity auditing without
                                  homomorphic authenticators from
                                  indistinguishability obfuscation . . . . 711--720


International Journal of Information Security
Volume 20, Number 1, February, 2021

         Iraklis Leontiadis and   
                        Ming Li   Secure and collusion-resistant data
                                  aggregation from convertible tags  . . . 1--20
            Daniel Schlette and   
           Fabian Böhm and   
              Marco Caselli and   
            Günther Pernul   Measuring and visualizing cyber threat
                                  intelligence quality . . . . . . . . . . 21--38
       Mohamed A. El-Zawawy and   
           Eleonora Losiouk and   
                    Mauro Conti   Do not let Next-Intent Vulnerability be
                                  your next nightmare: type system-based
                                  approach to detect it in Android apps    39--58
                Pengfei Liu and   
               Weiping Wang and   
                     Xi Luo and   
               Haodong Wang and   
                     Chushu Liu   NSDroid: efficient multi-classification
                                  of Android malware using neighborhood
                                  signature in local function call graphs  59--71
        Jens Van den Broeck and   
               Bart Coppens and   
                Bjorn De Sutter   Obfuscated integration of software
                                  protections  . . . . . . . . . . . . . . 73--101
                 Huiwen Jia and   
                  Chunming Tang   Cryptanalysis of a non-interactive
                                  deniable ring signature scheme . . . . . 103--112
  Prajna Deshanta Ibnugraha and   
         Lukito Edi Nugroho and   
           Paulus Insap Santosa   Risk model development for information
                                  security in organization environment
                                  based on business perspectives . . . . . 113--126

International Journal of Information Security
Volume 20, Number 2, April, 2021

                 Wenjuan Li and   
                    Yu Wang and   
                      Man Ho Au   Toward a blockchain-based framework for
                                  challenge-based collaborative intrusion
                                  detection  . . . . . . . . . . . . . . . 127--139
                     Jia Xu and   
                  Jianying Zhou   Strong leakage-resilient encryption:
                                  enhancing data confidentiality by hiding
                                  partial ciphertext . . . . . . . . . . . 141--159
                 Abu Faisal and   
            Mohammad Zulkernine   A secure architecture for TCP/UDP-based
                                  cloud communications . . . . . . . . . . 161--179
               Jesus Solano and   
               Luis Camacho and   
            Martín Ochoa   Combining behavioral biometrics and
                                  session context analytics to enhance
                                  risk-based static authentication in web
                                  applications . . . . . . . . . . . . . . 181--197
          Sanjit Chatterjee and   
           Manish Kesarwani and   
                     Akash Shah   Secure and efficient wildcard search
                                  over encrypted data  . . . . . . . . . . 199--244
Cristóbal Medina-López and   
               L. G. Casado and   
                  Yuansong Qiao   An SDN approach to detect targeted
                                  attacks in P2P fully connected overlays  245--255
                Yuntao Wang and   
                Tsuyoshi Takagi   Studying lattice reduction algorithms
                                  improved by quick reordering technique   257--268

International Journal of Information Security
Volume 20, Number 3, June, 2021

        Abdelmadjid Benarfa and   
            Muhammad Hassan and   
           Eleonora Losiouk and   
           Alberto Compagno and   
     Mohamed Bachir Yagoubi and   
                    Mauro Conti   ChoKIFA+: an early detection and
                                  mitigation approach against interest
                                  flooding attacks in NDN  . . . . . . . . 269--285
                 M. Manulis and   
              C. P. Bridges and   
                R. Harrison and   
                   V. Sekar and   
                       A. Davis   Cyber security in New Space  . . . . . . 287--311
               Harel Berger and   
               Amit Z. Dvir and   
                      Moti Geva   A wrinkle in time: a case study in DNS
                                  poisoning  . . . . . . . . . . . . . . . 313--329
                Soo-Yeon Ji and   
            Bong-Keun Jeong and   
                Dong Hyun Jeong   Evaluating visualization approaches to
                                  detect abnormal activities in network
                                  traffic data . . . . . . . . . . . . . . 331--345
        Georgios Spathoulas and   
       Georgios Theodoridis and   
    Georgios-Paraskevas Damiris   Using homomorphic encryption for
                                  privacy-preserving clustering of
                                  intrusion detection alerts . . . . . . . 347--370
           Gregorio Pitolli and   
          Giuseppe Laurenza and   
           Leonardo Aniello and   
          Leonardo Querzoni and   
                Roberto Baldoni   MalFamAware: automatic family
                                  identification and malware
                                  classification through online clustering 371--386
       Soosan Naderi Mighan and   
                  Mohsen Kahani   A novel scalable intrusion detection
                                  system based on deep learning  . . . . . 387--403
                Mriganka Mandal   Anonymity in traceable cloud data
                                  broadcast system with simultaneous
                                  individual messaging . . . . . . . . . . 405--430
                 Fawad Khan and   
                     Hui Li and   
              Yinghui Zhang and   
               Haider Abbas and   
                 Tahreem Yaqoob   Efficient attribute-based encryption
                                  with repeated attributes optimization    431--444
           Leonardo Aniello and   
                Basel Halak and   
                 Peter Chai and   
               Riddhi Dhall and   
             Mircea Mihalea and   
              Adrian Wilczynski   Anti-BlUFf: towards counterfeit
                                  mitigation in IC supply chains using
                                  blockchain and PUF . . . . . . . . . . . 445--460

International Journal of Information Security
Volume 20, Number 4, August, 2021

         Toshihiro Yamauchi and   
                 Yohei Akao and   
            Ryota Yoshitani and   
            Yuichi Nakamura and   
               Masaki Hashimoto   Additional kernel observer: privilege
                                  escalation attack prevention mechanism
                                  focusing on system call privilege
                                  changes  . . . . . . . . . . . . . . . . 461--473
               Hyoseung Kim and   
                Kwangsu Lee and   
             Jong Hwan Park and   
                  Dong Hoon Lee   Improving the security of direct
                                  anonymous attestation under host
                                  corruptions  . . . . . . . . . . . . . . 475--492
               Mouna Jouini and   
      Latifa Ben Arfa Rabai and   
                   Ridha Khedri   A quantitative assessment of security
                                  risks based on a multifaceted
                                  classification approach  . . . . . . . . 493--510
             Fatemeh Deldar and   
                    Mahdi Abadi   Enhancing spatial and temporal utilities
                                  in differentially private moving objects
                                  database release . . . . . . . . . . . . 511--533
                     Kun Bi and   
                  Dezhi Han and   
              Guichen Zhang and   
              Kuan-Ching Li and   
            Aniello Castiglione   $K$ maximum probability attack paths
                                  generation algorithm for target nodes in
                                  networked systems  . . . . . . . . . . . 535--551
           Thomas Sermpinis and   
            George Vlahavas and   
    Konstantinos Karasavvas and   
                  Athena Vakali   DeTRACT: a decentralized, transparent,
                                  immutable and open PKI certificate
                                  framework  . . . . . . . . . . . . . . . 553--570
            Davide Ferraris and   
              Daniel Bastos and   
      Carmen Fernandez-Gago and   
                 Fadi El-Moussa   A trust model for popular smart home
                                  devices  . . . . . . . . . . . . . . . . 571--587
                Tian-Fu Lee and   
                 Hong-Ze Li and   
                   Yi-Pei Hsieh   A blockchain-based medical data
                                  preservation scheme for telecare medical
                                  information systems  . . . . . . . . . . 589--601
             Trushna Parida and   
                   Suvrojit Das   PageDumper: a mechanism to collect page
                                  table manipulation information at
                                  run-time . . . . . . . . . . . . . . . . 603--619
Mikaëla Ngamboé and   
              Paul Berthier and   
               Nader Ammari and   
                Katia Dyrda and   
       José M. Fernandez   Risk assessment of cyber-attacks on
                                  telemetry-enabled cardiac implantable
                                  electronic devices (CIED)  . . . . . . . 621--645

International Journal of Information Security
Volume 20, Number 5, October, 2021

Juan Manuel Castelo Gómez and   
Javier Carrillo Mondéjar and   
José Roldán Gómez and   
José Luis Martínez Martínez   A context-centered methodology for IoT
                                  forensic investigations  . . . . . . . . 647--673
                 Liqun Chen and   
               Kaibin Huang and   
               Mark Manulis and   
               Venkkatesh Sekar   Password-authenticated searchable
                                  encryption . . . . . . . . . . . . . . . 675--693
             Sabrina Sicari and   
        Alessandra Rizzardi and   
              Gianluca Dini and   
            Pericle Perazzo and   
           Michele La Manna and   
          Alberto Coen-Porisini   Attribute-based encryption and sticky
                                  policies for data access control in a
                                  smart home scenario: a comparison on
                                  networked smart object middleware  . . . 695--713
              Ricard Borges and   
           Francesc Sebé   An efficient privacy-preserving
                                  pay-by-phone system for regulated
                                  parking areas  . . . . . . . . . . . . . 715--727
             Daiki Miyahara and   
                 Itaru Ueda and   
            Yu-ichi Hayashi and   
             Takaaki Mizuki and   
                   Hideaki Sone   Evaluating card-based protocols in terms
                                  of execution time  . . . . . . . . . . . 729--740
             Florian Menges and   
              Benedikt Putz and   
            Günther Pernul   DEALER: decentralized incentives for
                                  threat intelligence reporting and
                                  exchange . . . . . . . . . . . . . . . . 741--761
           Federica Granese and   
              Daniele Gorla and   
           Catuscia Palamidessi   Enhanced models for privacy and utility
                                  in continuous-time diffusion networks    763--782

International Journal of Information Security
Volume 20, Number 6, December, 2021

Edwin Franco Myloth Josephlal and   
              Sridhar Adepu and   
                 Zheng Yang and   
                  Jianying Zhou   Enabling isolation and recovery in PLC
                                  redundancy framework of metro train
                                  systems  . . . . . . . . . . . . . . . . 783--795
           Huseyin Alecakir and   
                  Burcu Can and   
                      Sevil Sen   Attention: there is an inconsistency
                                  between Android permissions and
                                  application metadata!  . . . . . . . . . 797--815
          Pal-Stefan Murvay and   
                Lucian Popa and   
                   Bogdan Groza   Securing the controller area network
                                  with covert voltage channels . . . . . . 817--831
               Yuta Imamura and   
              Rintaro Orito and   
            Hiroyuki Uekawa and   
          Kritsana Chaikaew and   
         Pattara Leelaprute and   
                Masaya Sato and   
             Toshihiro Yamauchi   Web access monitoring mechanism via
                                  Android WebView for threat analysis  . . 833--847
               Benjamin Yankson   Continuous improvement process
                                  (CIP)-based privacy-preserving framework
                                  for smart connected toys . . . . . . . . 849--869
           Louis Cianciullo and   
                Hossein Ghodosi   Outsourced cheating detection for secret
                                  sharing  . . . . . . . . . . . . . . . . 871--878
            Charlotte Bonte and   
             Nigel P. Smart and   
                 Titouan Tanguy   Thresholdizing HashEdDSA: MPC to the
                                  Rescue . . . . . . . . . . . . . . . . . 879--894


International Journal of Information Security
Volume 21, Number 1, February, 2022

               Hee Yeon Kim and   
                Ji Hoon Kim and   
                  Kyounggon Kim   DAPP: automatic detection and analysis
                                  of prototype pollution vulnerability in
                                  \pkgNode.js modules  . . . . . . . . . . 1--23
                Hansub Shin and   
               Sungyong Sim and   
                     Younho Lee   A new smart smudge attack using CNN  . . 25--36
       George Stergiopoulos and   
        Panagiotis Dedousis and   
             Dimitris Gritzalis   Automatic analysis of attack graphs for
                                  risk mitigation and prioritization on
                                  large-scale and complex networks in
                                  Industry 4.0 . . . . . . . . . . . . . . 37--59
             Christos Lyvas and   
    Christoforos Ntantogian and   
               Christos Xenakis   \pkg[m]allotROPism: a metamorphic engine
                                  for malicious software variation
                                  development  . . . . . . . . . . . . . . 61--78
        Mina Sheikhalishahi and   
            Andrea Saracino and   
               Antonio La Marra   Privacy preserving data sharing and
                                  analysis for edge-based architectures    79--101
                     An Braeken   Public key versus symmetric key
                                  cryptography in client--server
                                  authentication protocols . . . . . . . . 103--114
       Jean-Paul A. Yaacoub and   
            Hassan N. Noura and   
                     Ali Chehab   Robotics cyber security:
                                  vulnerabilities, attacks,
                                  countermeasures, and recommendations . . 115--158
                      Anonymous   Track for surveys  . . . . . . . . . . . 159--159

International Journal of Information Security
Volume 21, Number 2, April, 2022

                Aun Yichiet and   
       Yen-Min Jasmina Khaw and   
               Vasaki Ponnusamy   A semantic-aware log generation method
                                  for network activities . . . . . . . . . 161--177
             Franco Tommasi and   
         Christian Catalano and   
                   Ivan Taurino   Browser-in-the-Middle (BitM) attack  . . 179--189
   Roberto Vasconcelos Melo and   
    Douglas D. J. de Macedo and   
   Mauricio Martinuzzi Fiorenza   ISM-AC: an immune security model based
                                  on alert correlation and
                                  software-defined networking  . . . . . . 191--205
         Hector B. Hougaard and   
                  Atsuko Miyaji   Authenticated logarithmic-order
                                  supersingular isogeny group key exchange 207--221
            Kindson Munonye and   
          Martinek Péter   Machine learning approach to
                                  vulnerability detection in OAuth 2.0
                                  authentication and authorization flow    223--237
           Metehan Yildirim and   
                    Emin Anarim   Mitigating insider threat by profiling
                                  users based on mouse usage pattern:
                                  ensemble learning and frequency domain
                                  analysis . . . . . . . . . . . . . . . . 239--251
            Alexander Bajic and   
                Georg T. Becker   Automated benchmark network
                                  diversification for realistic attack
                                  simulation with application to moving
                                  target defense . . . . . . . . . . . . . 253--278
              Mamoru Mimura and   
                        Ryo Ito   Applying NLP techniques to malware
                                  detection in a practical environment . . 279--291
László Erd\Hodi and   
          Fabio Massimo Zennaro   The Agent Web Model: modeling web
                                  hacking for reinforcement learning . . . 293--309
                 Junwon Lee and   
                      Heejo Lee   An SSH predictive model using machine
                                  learning with web proxy session logs . . 311--322
       Taha Elamine Hadjadj and   
              Adel Bouhoula and   
                 Riadh Ksantini   Optimization of parallel firewalls
                                  filtering rules  . . . . . . . . . . . . 323--340
                Zheng Zhang and   
                Shaohao Xie and   
                  Fangguo Zhang   Topology-hiding garbled circuits without
                                  universal circuits . . . . . . . . . . . 341--356
           Ioannis Kazoleas and   
          Panagiotis Karampelas   A novel malicious remote administration
                                  tool using stealth and self-defense
                                  techniques . . . . . . . . . . . . . . . 357--378
                Tahir Ahmad and   
            Umberto Morelli and   
                 Nicola Zannone   Extending access control in AWS IoT
                                  through event-driven functions: an
                                  experimental evaluation using a smart
                                  lock system  . . . . . . . . . . . . . . 379--408
                Zach Parish and   
             Connor Cushing and   
                   Julie Thorpe   Password guessers under a microscope: an
                                  in-depth analysis to inform deployments  409--425

International Journal of Information Security
Volume 21, Number 3, June, 2022

      Sairath Bhattacharjya and   
               Hossein Saiedian   Establishing and validating secured keys
                                  for IoT devices: using P3 connection
                                  model on a cloud-based architecture  . . 427--436
               Aaron Spence and   
                   Shaun Bangay   Security beyond cybersecurity:
                                  side-channel attacks against non-cyber
                                  systems and their countermeasures  . . . 437--453
              Cheolhee Park and   
                 Dowon Hong and   
                    Changho Seo   Evaluating differentially private
                                  decision tree model over model inversion
                                  attack . . . . . . . . . . . . . . . . . 1--14
              Saleh A. Alghamdi   Novel trust-aware intrusion detection
                                  and prevention system for 5G MANET-Cloud 469--488
               Amal Ghorbel and   
            Mahmoud Ghorbel and   
                 Mohamed Jmaiel   Accountable privacy preserving
                                  attribute-based access control for cloud
                                  services enforced using blockchain . . . 489--508
                   Lu Zhang and   
                  Arie Taal and   
                   Paola Grosso   A risk-level assessment system based on
                                  the STRIDE/DREAD model for digital data
                                  marketplaces . . . . . . . . . . . . . . 509--525
                 Jaya Singh and   
                Ayush Sinha and   
                Om Prakash Vyas   Insider attack mitigation in a smart
                                  metering infrastructure using reputation
                                  score and blockchain technology  . . . . 527--546
              Mahdi Soltani and   
    Mahdi Jafari Siavoshani and   
          Amir Hossein Jahangir   A content-based deep intrusion detection
                                  system . . . . . . . . . . . . . . . . . 547--562
       Ferucio Laurentiu Tiplea   Narrow privacy and desynchronization in
                                  Vaudenay's RFID model  . . . . . . . . . 563--575
                Haibat Khan and   
           Benjamin Dowling and   
                Keith M. Martin   Pragmatic authenticated key agreement
                                  for IEEE Std 802.15.6  . . . . . . . . . 577--595
          Bradley Potteiger and   
                Feiyang Cai and   
             Xenofon Koutsoukos   Data space randomization for securing
                                  cyber-physical systems . . . . . . . . . 597--610
         Noureddine Amraoui and   
               Belhassen Zouari   Anomalous behavior detection-based
                                  approach for authenticating smart home
                                  system users . . . . . . . . . . . . . . 611--636
                 Ankit Shah and   
             Rajesh Ganesan and   
                      Hasan Cam   Maintaining the level of operational
                                  effectiveness of a CSOC under adverse
                                  conditions . . . . . . . . . . . . . . . 637--651
            Maryam Zulfiqar and   
       Muhammad Umar Janjua and   
                 Jack W. Stokes   Tracking adoption of revocation and
                                  cryptographic features in X.509
                                  certificates . . . . . . . . . . . . . . 653--668
                  P. D'Arco and   
               R. De Prisco and   
                  R. Zaccagnino   Gossamer: weaknesses and performance . . 669--687
             Xiaokuan Zhang and   
                 Jihun Hamm and   
                  Yinqian Zhang   Defeating traffic analysis via
                                  differential privacy: a case study on
                                  streaming traffic  . . . . . . . . . . . 689--706

International Journal of Information Security
Volume 21, Number 4, August, 2022

              Andrea Huszti and   
     Szabolcs Kovács and   
            Norbert Oláh   Scalable, password-based and threshold
                                  authentication for smart homes . . . . . 707--723
                Jinsung Kim and   
              Younghoon Ban and   
                  Jeong Hyun Yi   MAPAS: a practical deep learning-based
                                  Android malware detection system . . . . 725--738
       Mahdieh Zabihimayvan and   
                    Derek Doran   A first look at references from the dark
                                  to the surface web world: a case study
                                  in Tor . . . . . . . . . . . . . . . . . 739--755
               Kazuki Koike and   
          Ryotaro Kobayashi and   
                 Masahiko Katoh   IoT-oriented high-efficient anti-malware
                                  hardware focusing on time series
                                  metadata extractable from inside a
                                  processor core . . . . . . . . . . . . . 1--19
                  Ryan Karl and   
          Hannah Burchfield and   
                     Taeho Jung   Developing non-interactive MPC with
                                  trusted hardware for enhanced security   777--797
                  Qian Gong and   
                 Phil DeMar and   
                   Mine Altunay   ThunderSecure: deploying real-time
                                  intrusion detection for 100G research
                                  networks by leveraging stream-based
                                  features and one-class classification
                                  network  . . . . . . . . . . . . . . . . 799--812
                 Kengo Zenitani   A multi-objective cost-benefit
                                  optimization algorithm for network
                                  hardening  . . . . . . . . . . . . . . . 813--832
              Yuichi Komano and   
                 Takaaki Mizuki   Coin-based Secure Computations . . . . . 833--846
         Munshi Saifuzzaman and   
         Tajkia Nuri Ananna and   
               Farida Chowdhury   A systematic literature review on
                                  wearable health data publishing under
                                  differential privacy . . . . . . . . . . 847--872
              Ankit Agrawal and   
            Ashutosh Bhatia and   
                  Rekha Kaushik   A survey on analyzing encrypted network
                                  traffic of mobile devices  . . . . . . . 873--915
                  Unsub Zia and   
             Mark McCartney and   
                     Ali Sajjad   Survey on image encryption techniques
                                  using chaotic maps in spatial, transform
                                  and spatiotemporal domains . . . . . . . 917--935
              Teik Guan Tan and   
         Pawel Szalachowski and   
                  Jianying Zhou   Challenges of post-quantum digital
                                  signing in real-world applications: a
                                  survey . . . . . . . . . . . . . . . . . 937--952

International Journal of Information Security
Volume 21, Number 5, October, 2022

              Jai Hyun Park and   
             Jung Hee Cheon and   
                    Dongwoo Kim   Efficient verifiable computation over
                                  quotient polynomial rings  . . . . . . . 953--971
             Christos Lyvas and   
      Costas Lambrinoudakis and   
           Dimitris Geneiatakis   \pkgIntentAuth: Securing Android's
                                  intent-based inter-process communication 973--982
           Ram Govind Singh and   
         Ananya Shrivastava and   
                   Sushmita Ruj   A Digital Asset Inheritance Model to
                                  Convey Online Persona Posthumously . . . 983--1003
                E. Agostini and   
                   M. Bernaschi   BitCracker: BitLocker meets GPUs . . . . 1005--1018
                Ilyes Ahmim and   
       Nacira Ghoualmi-Zine and   
                    Marwa Ahmim   Security analysis on ``Three-factor
                                  authentication protocol using physical
                                  unclonable function for IoV''  . . . . . 1019--1026
              Marcel Armour and   
             Bertram Poettering   Algorithm substitution attacks against
                                  receivers  . . . . . . . . . . . . . . . 1027--1050
              Seyit Camtepe and   
                 Jarek Duda and   
                 Josef Pieprzyk   ANS-based compression and encryption
                                  with 128-bit security  . . . . . . . . . 1051--1067
     Rosa Peric\`as-Gornals and   
     Maci\`a Mut-Puigserver and   
 M. Magdalena Payeras-Capell\`a   Highly private blockchain-based
                                  management system for digital COVID-19
                                  certificates . . . . . . . . . . . . . . 1069--1090
          Vasileios Vlachos and   
        Yannis C. Stamatiou and   
            Sotiris Nikoletseas   The SAINT observatory subsystem: an
                                  open-source intelligence tool for
                                  uncovering cybersecurity threats . . . . 1091--1106
                Beyza Cevik and   
             Nur Altiparmak and   
                      Sevil Sen   Lib2Desc: automatic generation of
                                  security-centric Android app
                                  descriptions using third-party libraries 1107--1125
            Hiroki Inayoshi and   
               Shohei Kakei and   
                  Shoichi Saito   Value-utilized taint propagation: toward
                                  precise detection of apps' information
                                  flows across Android API calls . . . . . 1127--1149
              Ricard Borges and   
       Francesc Sebé and   
                    Magda Valls   An anonymous and unlinkable electronic
                                  toll collection system . . . . . . . . . 1151--1162
                Rabari Jeet and   
              P. Arun Raj Kumar   A survey on interest packet flooding
                                  attacks and its countermeasures in named
                                  data networking  . . . . . . . . . . . . 1163--1187
       Andrew D. Syrmakesis and   
           Cristina Alcaraz and   
         Nikos D. Hatziargyriou   Classifying resilience approaches for
                                  protecting smart grids against cyber
                                  threats  . . . . . . . . . . . . . . . . 1189--1210

International Journal of Information Security
Volume 21, Number 6, December, 2022

              Irini Lygerou and   
          Shreyas Srinivasa and   
             Dimitris Gritzalis   A decentralized honeypot for IoT
                                  Protocols based on Android devices . . . 1211--1222
                 Bingxue Fu and   
                    Xing Yu and   
                       Tao Feng   CT-GCN: a phishing identification model
                                  for blockchain cryptocurrency
                                  transactions . . . . . . . . . . . . . . 1223--1232
             Matthias Templ and   
                  Murat Sariyar   A systematic overview on methods to
                                  protect sensitive data provided for
                                  various analyses . . . . . . . . . . . . 1233--1246
          Abdenour Kifouche and   
        Mohamed Salah Azzaz and   
                     Remy Kocik   Design and implementation of a new
                                  lightweight chaos-based cryptosystem to
                                  secure IoT communications  . . . . . . . 1247--1262
                C. Prajisha and   
                A. R. Vasudevan   An efficient intrusion detection system
                                  for MQTT-IoT using enhanced chaotic salp
                                  swarm algorithm and LightGBM . . . . . . 1263--1282
       Pablo Picazo-Sanchez and   
          Lara Ortiz-Martin and   
               Andrei Sabelfeld   Are chrome extensions compliant with the
                                  spirit of least privilege? . . . . . . . 1283--1297
          Kayode S. Adewole and   
            Vicenç Torra   DFTMicroagg: a dual-level anonymization
                                  algorithm for smart grid data  . . . . . 1299--1321
             Florian Skopik and   
               Arndt Bonitz and   
        Günter Göhler   From scattered data to actionable
                                  knowledge: flexible cyber security
                                  reporting in the military domain . . . . 1323--1347
        Vicenç Torra and   
        Edgar Galván and   
      Guillermo Navarro-Arribas   PSO + FL = PAASO: particle swarm
                                  optimization + federated learning =
                                  privacy-aware agent swarm optimization   1349--1359
              Xiaodong Yang and   
                Wenjia Wang and   
                    Caifen Wang   Security analysis and improvement of a
                                  privacy-preserving authentication scheme
                                  in VANET . . . . . . . . . . . . . . . . 1361--1371
         Mohammad Abdussami and   
                 Ruhul Amin and   
          Satyanarayana Vollala   LASSI: a lightweight authenticated key
                                  agreement protocol for fog-enabled IoT
                                  deployment . . . . . . . . . . . . . . . 1373--1387
                 R. Kishore and   
                 I. Ioannou and   
                 A. Pitsillides   A security protocol for D2D
                                  communications in 5G networks using
                                  elliptic curve cryptography  . . . . . . 1389--1408
                 Raju Kumar and   
                     Aruna Bhat   A study of machine learning-based models
                                  for detection, control, and mitigation
                                  of cyberbullying in online social media  1409--1431


International Journal of Information Security
Volume 22, Number 1, February, 2023

                  Gulab Sah and   
         Subhasish Banerjee and   
                   Sweety Singh   Intrusion detection system over
                                  real-time data traffic using machine
                                  learning methods with feature selection
                                  approaches . . . . . . . . . . . . . . . 1--27
       Pablo Picazo-Sanchez and   
                 Magnus Almgren   Gridchain: an investigation of privacy
                                  for the future local distribution grid   29--46
       Abdelhakim Hannousse and   
 Mohamed Cherif Nait-Hamoud and   
               Salima Yahiouche   A deep learner model for multi-language
                                  webshell detection . . . . . . . . . . . 47--61
              Seema Sangari and   
                Eric Dallal and   
                Michael Whitman   Modeling reporting delays in cyber
                                  incidents: an industry-level comparison  63--76
          Branislav Raji\'c and   
     Zarko Stanisavljevi\'c and   
                Pavle Vuleti\'c   Early web application attack detection
                                  using network traffic analysis . . . . . 77--91
       Nemi Chandra Rathore and   
              Somanath Tripathy   Restricting data-leakage using
                                  fine-grained access control on OSN
                                  objects  . . . . . . . . . . . . . . . . 93--106
       Pinar G. Balikcioglu and   
             Melih Sirlanci and   
              Ozge A. Kucuk and   
              Bulut Ulukapi and   
         Ramazan K. Turkmen and   
                Cengiz Acarturk   Malicious code detection in Android: the
                                  role of sequence characteristics and
                                  disassembling methods  . . . . . . . . . 107--118
                Amit Sharma and   
              Brij B. Gupta and   
       Awadhesh Kumar Singh and   
                 V. K. Saraswat   A novel approach for detection of APT
                                  malware using multi-dimensional hybrid
                                  Bayesian belief network  . . . . . . . . 119--135
          Sajad Hamzenejadi and   
           Mahdieh Ghazvini and   
       Seyedamiryousef Hosseini   Mobile botnet detection: a comprehensive
                                  survey . . . . . . . . . . . . . . . . . 137--175
          Shubhangi Rastogi and   
                   Divya Bansal   A review on fake news detection 3T's:
                                  typology, time of detection, taxonomies  177--212
            Emre Süren and   
            Fredrik Heiding and   
     Johannes Olegård and   
         Robert Lagerström   PatrIoT: practical and agile threat
                                  research for IoT . . . . . . . . . . . . 213--233
               Safa Mohamed and   
                   Ridha Ejbali   Deep SARSA-based reinforcement learning
                                  approach for anomaly network intrusion
                                  detection system . . . . . . . . . . . . 235--247
                 Ahmed Amro and   
             Vasileios Gkioulos   Cyber risk management for autonomous
                                  passenger ships using threat-informed
                                  defense-in-depth . . . . . . . . . . . . 249--288
               Luay Alawneh and   
         Mohammad Al-Zinati and   
              Mahmoud Al-Ayyoub   User identification using deep learning
                                  and human activity mobile sensor data    289--301
              Irini Lygerou and   
          Shreyas Srinivasa and   
  Emmanouil Vasilomanolakis and   
       George Stergiopoulos and   
             Dimitris Gritzalis   Correction to: A decentralized honeypot
                                  for IoT Protocols based on Android
                                  devices  . . . . . . . . . . . . . . . . 303--303

International Journal of Information Security
Volume 22, Number 2, April, 2023

                     Qin An and   
     Wilson Cheong Hin Hong and   
                 XiaoShu Xu and   
              Yunfeng Zhang and   
          Kimberly Kolletar-Zhu   How education level influences Internet
                                  security knowledge, behaviour, and
                                  attitude: a comparison among
                                  undergraduates, postgraduates and
                                  working graduates  . . . . . . . . . . . 305--317
                Murat Kuzlu and   
         Ferhat Ozgur Catak and   
                  Umit Cali and   
                Evren Catak and   
                    Ozgur Guler   Adversarial security mitigations of
                                  mmWave beamforming prediction models
                                  using defensive distillation and
                                  adversarial retraining . . . . . . . . . 319--332
                      Swati and   
                Sangita Roy and   
                Jawar Singh and   
                  Jimson Mathew   Design and analysis of DDoS mitigating
                                  network architecture . . . . . . . . . . 333--345
      Efstratios Chatzoglou and   
      Vasileios Kouliaridis and   
        Georgios Karopoulos and   
           Georgios Kambourakis   Revisiting QUIC attacks: a comprehensive
                                  review on QUIC security and a hands-on
                                  study  . . . . . . . . . . . . . . . . . 347--365
             Reza Mohammadi and   
                Chhagan Lal and   
                    Mauro Conti   HTTPScout: a Machine Learning based
                                  Countermeasure for HTTP Flood Attacks in
                                  SDN  . . . . . . . . . . . . . . . . . . 367--379
       Panagiotis Andriotis and   
                Myles Kirby and   
                Atsuhiro Takasu   \pkgBu-Dash: a universal and dynamic
                                  graphical password scheme (extended
                                  version) . . . . . . . . . . . . . . . . 381--401
     Kailash Chandra Mishra and   
                  Subrata Dutta   A simple and secure user authentication
                                  scheme using Map Street View with
                                  usability analysis based on ISO/IEC
                                  25022  . . . . . . . . . . . . . . . . . 403--415
Kapilan Kulayan Arumugam Gandhi and   
         Chamundeswari Arumugam   Toward a unified and secure approach for
                                  extraction of forensic digital evidence
                                  from an IoT device . . . . . . . . . . . 417--431
                Hanxun Zhou and   
                Longyu Kang and   
                   Hong Pan and   
                    Guo Wei and   
                      Yong Feng   An intrusion detection approach based on
                                  incremental long short-term memory . . . 433--446
Gorka Guardiola-Múzquiz and   
       Enrique Soriano-Salvador   SealFSv2: combining storage-based and
                                  ratcheting for tamper-evident logging    447--466
           Bander Alzahrani and   
               Nikos Fotiou and   
             Aiiad Albeshri and   
       Abdullah Almuhaimeed and   
                 Khalid Alsubhi   Distributed access control for
                                  information-centric networking
                                  architectures using verifiable
                                  credentials  . . . . . . . . . . . . . . 467--478
    Melike Burakgazi Bilgen and   
                 Osman Abul and   
                  Kemal Bicakci   Authentication-enabled attribute-based
                                  access control for smart homes . . . . . 479--495
                   Kai Wang and   
                  Jinxia Wu and   
               Tianqing Zhu and   
                    Wei Ren and   
                      Ying Hong   Defense against membership inference
                                  attack in graph neural networks through
                                  graph perturbation . . . . . . . . . . . 497--509
                 Hira Ahmad and   
     Muhammad Ahtazaz Ahsan and   
                Adnan Noor Mian   Trends in publishing blockchain surveys:
                                  a bibliometric perspective . . . . . . . 511--523
                 Haya Brama and   
                  Lihi Dery and   
                 Tal Grinshpoun   Evaluation of neural networks defenses
                                  and attacks using NDCG and reciprocal
                                  rank metrics . . . . . . . . . . . . . . 525--540

International Journal of Information Security
Volume 22, Number 3, June, 2023

Alberto Huertas Celdrán and   
Pedro Miguel Sánchez Sánchez and   
Miguel Azor\'ìn Castillo and   
  Gérôme Bovet and   
Gregorio Mart\'ìnez Pérez and   
               Burkhard Stiller   Intelligent and behavioral-based
                                  detection of malware in IoT spectrum
                                  sensors  . . . . . . . . . . . . . . . . 541--561
            Aida Akbarzadeh and   
           Sokratis K. Katsikas   Dependency-based security risk
                                  assessment for cyber-physical systems    563--578
             Martin Higgins and   
                 Wangkun Xu and   
                   Fei Teng and   
                Thomas Parisini   Cyber-physical risk assessment for false
                                  data injection attacks considering
                                  moving target defences . . . . . . . . . 579--589
             Eranga Bandara and   
              Xueping Liang and   
              Sachin Shetty and   
             Ravi Mukkamala and   
               Peter Foytik and   
           Nalin Ranasinghe and   
                 Kasun De Zoysa   Octopus: privacy preserving peer-to-peer
                                  transactions system with InterPlanetary
                                  file system (IPFS) . . . . . . . . . . . 591--609
           Taher Al-Shehari and   
              Rakan A. Alsowail   Random resampling algorithms for
                                  addressing the imbalanced dataset
                                  classes in insider threat detection  . . 611--629
              Marmar Orooji and   
Seyedeh Shaghayegh Rabbanian and   
                Gerald M. Knapp   Flexible adversary disclosure risk
                                  measure for identity and attribute
                                  disclosure attacks . . . . . . . . . . . 631--645
                Imdad Ullah and   
             Roksana Boreli and   
               Salil S. Kanhere   Privacy in targeted advertising on
                                  mobile devices: a survey . . . . . . . . 647--678
              Yingchun Chen and   
                  Jinguo Li and   
                    Naiwang Guo   Efficient and interpretable SRU combined
                                  with TabNet for network intrusion
                                  detection in the big data environment    679--689
Juan Miguel López Velásquez and   
Sergio Mauricio Mart\'ìnez Monterrubio and   
Luis Enrique Sánchez Crespo and   
            David Garcia Rosado   Systematic review of SIEM technology:
                                  SIEM--SC birth . . . . . . . . . . . . . 691--711
         Rudolf Lovrenci\'c and   
                   Dejan Skvorc   Multi-cloud applications: data and code
                                  fragmentation for improved security  . . 713--721
              Guangjia Song and   
                 Jianhua Hu and   
                       Hui Wang   A novel frame switching model based on
                                  virtual MAC in SDN . . . . . . . . . . . 723--736
            Aggeliki Tsohou and   
    Vasiliki Diamantopoulou and   
         Stefanos Gritzalis and   
          Costas Lambrinoudakis   Cyber insurance: state of the art,
                                  trends and future directions . . . . . . 737--748

International Journal of Information Security
Volume 22, Number 4, August, 2023

               Jasleen Kaur and   
               Alka Agrawal and   
               Raees Ahmad Khan   P2ADF: a privacy-preserving attack
                                  detection framework in fog-IoT
                                  environment  . . . . . . . . . . . . . . 749--762
             Ruqayah Al-ani and   
                 Thar Baker and   
                    Bo Zhou and   
                         Qi Shi   Privacy and safety improvement of VANET
                                  data via a safety-related privacy scheme 763--783
               Eirini Molla and   
    Panagiotis Rizomiliotis and   
             Stefanos Gritzalis   Efficient searchable symmetric
                                  encryption supporting range queries  . . 785--798
              Shweta Mittal and   
                   Mohona Ghosh   A novel two-level secure access control
                                  approach for blockchain platform in
                                  healthcare . . . . . . . . . . . . . . . 799--817
         Panagiotis Grontas and   
                Aris Pagourtzis   Anonymity and everlasting privacy in
                                  electronic voting  . . . . . . . . . . . 819--832
       Francisco T. Chimuco and   
João B. F. Sequeiros and   
Carolina Galvão Lopes and   
  Tiago M. C. Simões and   
     Mário M. Freire and   
      Pedro R. M. Inácio   Secure cloud-based mobile apps: attack
                                  taxonomy, requirements, mechanisms,
                                  tests and automation . . . . . . . . . . 833--867
      Leonardo Dias Menezes and   
Luciano Vieira de Araújo and   
             Marislei Nishijima   Blockchain and smart contract
                                  architecture for notaries services under
                                  civil law: a Brazilian experience  . . . 869--880
              Pankaj Pandey and   
                Nishchol Mishra   Phish-Sight: a new approach for phishing
                                  detection using dominant colors on web
                                  pages and machine learning . . . . . . . 881--891
              Brandon Bowen and   
        Anitha Chennamaneni and   
                Ana Goulart and   
                      Daisy Lin   BLoCNet: a hybrid, dataset-independent
                                  intrusion detection system using deep
                                  learning . . . . . . . . . . . . . . . . 893--917
                  Zhen Yang and   
               Shisong Yang and   
                Yunbo Huang and   
José-Fernán Mart\'ìnez and   
       Lourdes López and   
                     Yuwen Chen   AAIA: an efficient aggregation scheme
                                  against inverting attack for federated
                                  learning . . . . . . . . . . . . . . . . 919--930
          Srividya Bhaskara and   
          Santosh Singh Rathore   Causal effect analysis-based intrusion
                                  detection system for IoT applications    931--946
             Mohanad Sarhan and   
             Siamak Layeghy and   
           Marcus Gallagher and   
                Marius Portmann   From zero-shot machine learning to
                                  zero-day attack detection  . . . . . . . 947--959
            Abhay Deep Seth and   
             Santosh Biswas and   
                Amit Kumar Dhar   LDES: detector design for version number
                                  attack detection using linear temporal
                                  logic based on discrete event system . . 961--985
            Omer Faruk Tuna and   
         Ferhat Ozgur Catak and   
                 M. Taner Eskil   TENET: a new hybrid network architecture
                                  for adversarial defense  . . . . . . . . 987--1004
          M. N. Katsantonis and   
                 A. Manikas and   
                I. Mavridis and   
                   D. Gritzalis   Cyber range design framework for cyber
                                  security education and training  . . . . 1005--1027
            Mitra Alidoosti and   
           Alireza Nowroozi and   
                Ahmad Nickabadi   Business-layer client-side racer:
                                  dynamic security testing of the web
                                  application against client-side race
                                  condition in the business layer  . . . . 1029--1054
                Nizamud Din and   
               Abdul Waheed and   
             Shamsher Ullah and   
               Noor Ul Amin and   
          Gautam Srivastava and   
               Farhan Ullah and   
             Jerry Chun-Wei Lin   A typology of secure multicast
                                  communication over 5 G/6 G networks  . . 1055--1073
            Hayette Zeghida and   
            Mehdi Boulaiche and   
                  Ramdane Chikh   Securing MQTT protocol for IoT
                                  environment using IDS based on ensemble
                                  learning . . . . . . . . . . . . . . . . 1075--1086

International Journal of Information Security
Volume 22, Number 5, October, 2023

              Moon-Seok Kim and   
                 Sungho Kim and   
             Sang-Kyung Yoo and   
               Bong-Soo Lee and   
                  Ji-Man Yu and   
              Il-Woong Tcho and   
                  Yang-Kyu Choi   Error reduction of SRAM-based physically
                                  unclonable function for chip
                                  authentication . . . . . . . . . . . . . 1087--1098
                Feiyang Cai and   
             Xenofon Koutsoukos   Real-time detection of deception attacks
                                  in cyber-physical systems  . . . . . . . 1099--1114
                   Sibo Shi and   
              Shengwei Tian and   
                    Bo Wang and   
                Tiejun Zhou and   
                   Guanxin Chen   SFCGDroid: Android malware detection
                                  based on sensitive function call graph   1115--1124
Oluwadamilare Harazeem Abdulganiyu and   
        Taha Ait Tchakoucht and   
            Yakub Kayode Saheed   A systematic literature review for
                                  network intrusion detection system (IDS) 1125--1162
                 Reza Mohammadi   A comprehensive Blockchain-oriented
                                  secure framework for SDN/Fog-based IoUT  1163--1175
         Shahriar Mohammadi and   
                 Mehdi Babagoli   A novel hybrid hunger games algorithm
                                  for intrusion detection systems based on
                                  nonlinear regression modeling  . . . . . 1177--1195
               Suhail Ahmad and   
               Ajaz Hussain Mir   Protection of centralized SDN control
                                  plane from high-rate Packet--In messages 1197--1206
                    Or Naim and   
                Doron Cohen and   
                   Irad Ben-Gal   Malicious website identification using
                                  design attribute learning  . . . . . . . 1207--1217
                 Wenjuan Li and   
                    Yu Wang and   
                         Jin Li   A blockchain-enabled collaborative
                                  intrusion detection framework for
                                  SDN-assisted cyber-physical systems  . . 1219--1230
        Andreas Grüner and   
       Alexander Mühle and   
            Niko Lockenvitz and   
               Christoph Meinel   Analyzing and comparing the security of
                                  self-sovereign identity management
                                  systems through threat modeling  . . . . 1231--1248
              Denghui Zhang and   
                Zhaoquan Gu and   
                 Lijing Ren and   
                Muhammad Shafiq   An interpretability security framework
                                  for intelligent decision support systems
                                  based on saliency map  . . . . . . . . . 1249--1260
           Suryakanta Panda and   
              Samrat Mondal and   
            Ashok Kumar Das and   
                   Willy Susilo   Secure access privilege delegation using
                                  attribute-based encryption . . . . . . . 1261--1276
             Sara Baradaran and   
              Mahdi Heidari and   
                 Ali Kamali and   
               Maryam Mouzarani   A unit-based symbolic execution method
                                  for detecting memory corruption
                                  vulnerabilities in executable codes  . . 1277--1290
              Thomas Prantl and   
         André Bauer and   
       Lukas Iffländer and   
        Christian Krupitzer and   
                  Samuel Kounev   Recommendation of secure group
                                  communication schemes using
                                  multi-objective optimization . . . . . . 1291--1332
        Alexandros Zacharis and   
          Constantinos Patsakis   AiCEF: an AI-assisted cyber exercise
                                  content generation framework using named
                                  entity recognition . . . . . . . . . . . 1333--1354
Md. Mumtahin Habib Ullah Mazumder and   
            Md. Eusha Kadir and   
              Sadia Sharmin and   
         Md. Shariful Islam and   
           Muhammad Mahbub Alam   cFEM: a cluster based feature extraction
                                  method for network intrusion detection   1355--1369
                    S. Asha and   
                   P. Vinod and   
                 Varun G. Menon   A defensive framework for deepfake
                                  detection under adversarial settings
                                  using temporal and spatial features  . . 1371--1382
                Feiyang Cai and   
             Xenofon Koutsoukos   Correction: Real-time detection of
                                  deception attacks in cyber-physical
                                  systems  . . . . . . . . . . . . . . . . 1383--1383
              Hamed Sepehrzadeh   A method for insider threat assessment
                                  by modeling the internal employee
                                  interactions . . . . . . . . . . . . . . 1385--1393
           Cristina Alcaraz and   
             Jesus Cumplido and   
          Alicia Triviño   OCPP in the spotlight: threats and
                                  countermeasures for electric vehicle
                                  charging infrastructures 4.0 . . . . . . 1395--1421
              Runzheng Wang and   
                   Jian Gao and   
                   Shuhua Huang   AIHGAT: a novel method of malware
                                  detection and homology analysis using
                                  assembly instruction heterogeneous graph 1423--1443
        Mar Gimenez-Aguilar and   
      Jose Maria de Fuentes and   
        Lorena Gonzalez-Manzano   Malicious uses of blockchains by
                                  malware: from the analysis to
                                  Smart--Zephyrus  . . . . . . . . . . . . 1445--1480
          Taqwa Ahmed Alhaj and   
          Maheyzah Md Siraj and   
             Anazida Zainal and   
             Inshirah Idris and   
                Anjum Nazir and   
                Fatin Elhaj and   
                Tasneem Darwish   An effective attack scenario
                                  construction model based on
                                  identification of attack steps and
                                  stages . . . . . . . . . . . . . . . . . 1481--1496
                Yin Sheng Zhang   Analysis of OSPU security effect and
                                  data assembly verification under
                                  semi-network OS architecture . . . . . . 1497--1509
    Alexandros Papanikolaou and   
      Aggelos Alevizopoulos and   
          Christos Ilioudis and   
     Konstantinos Demertzis and   
            Konstantinos Rantos   An autoML network traffic analyzer for
                                  cyber threat detection . . . . . . . . . 1511--1530

International Journal of Information Security
Volume 22, Number 6, December, 2023

            Nabin Chowdhury and   
             Vasileios Gkioulos   A personalized learning theory-based
                                  cyber-security training exercise . . . . 1531--1546
              Ngoc T. Luong and   
                     Doan Hoang   BAPRP: a machine learning approach to
                                  blackhole attacks prevention routing
                                  protocol in vehicular Ad Hoc networks    1547--1566
Lorena González-Manzano and   
  José M. de Fuentes and   
            Flavio Lombardi and   
                 Cristina Ramos   A technical characterization of APTs by
                                  leveraging public resources  . . . . . . 1567--1584
              Rabie Barhoun and   
             Maryam Ed-daibouni   Trust modeling in a distributed
                                  collaborative environment: application
                                  to a collaborative healthcare system . . 1585--1604
                 Lorenzo Rovida   Fast but approximate homomorphic
                                  $k$-means based on masking technique . . 1605--1619
               Ankur Shukla and   
                 Basel Katt and   
        Muhammad Mudassar Yamin   A quantitative framework for security
                                  assurance evaluation and selection of
                                  cloud services: a case study . . . . . . 1621--1650
    Taiwo Blessing Ogunseyi and   
   Cossi Blaise Avoussoukpo and   
                  Yiqiang Jiang   A systematic review of privacy
                                  techniques in recommendation systems . . 1651--1664
     Christian López and   
        Jesús Solano and   
             Esteban Rivera and   
              Lizzy Tengana and   
       Johana Florez-Lozano and   
     Alejandra Castelblanco and   
          Mart\'ìn Ochoa   Adversarial attacks against mouse- and
                                  keyboard-based biometric authentication:
                                  black-box versus domain-specific
                                  techniques . . . . . . . . . . . . . . . 1665--1685
               Mo'ath Zyout and   
              Raed Shatnawi and   
                 Hassan Najadat   Malware classification approaches
                                  utilizing binary and text encoding of
                                  permissions  . . . . . . . . . . . . . . 1687--1712
            Mathias Ekstedt and   
              Zeeshan Afzal and   
          Preetam Mukherjee and   
                Simon Hacks and   
         Robert Lagerström   Yet another cybersecurity risk
                                  assessment framework . . . . . . . . . . 1713--1729
            K. S. Kuppusamy and   
                    G. Balayogi   Accessible password strength assessment
                                  method for visually challenged users . . 1731--1741
             Saurabh Pandey and   
               Nitesh Kumar and   
                Anand Handa and   
           Sandeep Kumar Shukla   Evading malware classifiers using RL
                                  agent with action-mask . . . . . . . . . 1743--1763
                Zhenyu Guan and   
                Lixin Zhang and   
                Bohan Huang and   
                  Bihe Zhao and   
                      Song Bian   Adaptive hyperparameter optimization for
                                  black-box adversarial attack . . . . . . 1765--1779
               Muhammad Ali and   
          Mansoor-ul- Haque and   
       Muhammad Hanif Durad and   
                Anila Usman and   
       Syed Muhammad Mohsin and   
                Hana Mujlid and   
                  Carsten Maple   Effective network intrusion detection
                                  using stacking-based ensemble approach   1781--1798
        Srinidhi Madabhushi and   
                    Rinku Dewri   A survey of anomaly detection methods
                                  for power grids  . . . . . . . . . . . . 1799--1832
            Ahmed Fraz Baig and   
            Sigurd Eskeland and   
                      Bian Yang   Privacy-preserving continuous
                                  authentication using behavioral
                                  biometrics . . . . . . . . . . . . . . . 1833--1847
              Nasir Ibrahim and   
                Harin Sellahewa   A cross-setting study of user unlocking
                                  behaviour in a graphical authentication
                                  scheme: a case study on Android Pattern
                                  Unlock . . . . . . . . . . . . . . . . . 1849--1863
             Kristijan Ziza and   
            Predrag Tadi\'c and   
                Pavle Vuleti\'c   DNS exfiltration detection in the
                                  presence of adversarial attacks and
                                  modified exfiltrator behaviour . . . . . 1865--1880
                   M. Sneha and   
          A. Keerthan Kumar and   
            Nikhil V. Hegde and   
                A. S. Anish and   
                      G. Shobha   RADS: a real-time anomaly detection
                                  model for software-defined networks
                                  using machine learning . . . . . . . . . 1881--1891
    Christos Smiliotopoulos and   
       Georgios Kambourakis and   
         Konstantia Barbatsalou   On the detection of lateral movement
                                  through supervised machine learning and
                                  an open-source tool to create turnkey
                                  datasets from Sysmon logs  . . . . . . . 1893--1919
             Dmitry Levshun and   
            Olga Tushkanova and   
               Andrey Chechulin   Two-model active learning approach for
                                  inappropriate information classification
                                  in social networks . . . . . . . . . . . 1921--1936
                    Najet Hamdi   Federated learning-based intrusion
                                  detection system for Internet of Things  1937--1948
             Sarabjeet Kaur and   
      Amanpreet Kaur Sandhu and   
               Abhinav Bhandari   Investigation of application layer DDoS
                                  attacks in legacy and software-defined
                                  networks: a comprehensive review . . . . 1949--1988
               Saida Farhat and   
           Manel Abdelkader and   
       Amel Meddeb-Makhlouf and   
                   Faouzi Zarai   CADS-ML/DL: efficient cloud-based
                                  multi-attack detection system  . . . . . 1989--2013
        Vicenç Torra and   
      Guillermo Navarro-Arribas   Attribute disclosure risk for
                                  $k$-anonymity: the case of numerical
                                  data . . . . . . . . . . . . . . . . . . 2015--2024


International Journal of Information Security
Volume 23, Number 1, February, 2024

     Arun Sekar Rajasekaran and   
                       M. Azees   A fog-based anonymous authentication
                                  scheme with location privacy for
                                  wireless body area network with FPGA
                                  implementation . . . . . . . . . . . . . 1--13
           Hakima Rym Rahal and   
              Sihem Slatnia and   
                 Okba Kazar and   
               Ezedin Barka and   
                    Saad Harous   Blockchain-based multi-diagnosis deep
                                  learning application for various
                                  diseases classification  . . . . . . . . 15--30
          Stefano Silvestri and   
             Shareful Islam and   
              Dmitry Amelin and   
            Gabriele Weiler and   
      Spyridon Papastergiou and   
                   Mario Ciampi   Cyber threat assessment and management
                                  for securing healthcare ecosystems using
                                  natural language processing  . . . . . . 31--50
      Osama Bassam J. Rabie and   
       Shitharth Selvarajan and   
             Tawfiq Hasanin and   
        Gouse Baig Mohammed and   
   Abddulrhman M. Alshareef and   
                    Mueen Uddin   A full privacy-preserving distributed
                                  batch-based certificate-less aggregate
                                  signature authentication scheme for
                                  healthcare wearable wireless medical
                                  sensor networks (HWMSNs) . . . . . . . . 51--80
               Afnan A. Alharbi   Federated transfer learning for attack
                                  detection for Internet of Medical Things 81--100
         Alexandre Rekeraho and   
        Daniel Tudor Cotfas and   
        Petru Adrian Cotfas and   
   Titus Constantin B\ualan and   
         Emmanuel Tuyishime and   
             Rebecca Acheampong   Cybersecurity challenges in IoT-based
                                  smart renewable energy . . . . . . . . . 101--117
             Sofiane Lagraa and   
        Martin Husák and   
                Hamida Seba and   
      Satyanarayana Vuppala and   
                 Radu State and   
               Moussa Ouedraogo   A review on graph-based approaches for
                                  network security monitoring and botnet
                                  detection  . . . . . . . . . . . . . . . 119--140
            Believe Ayodele and   
               Victor Buttigieg   SDN as a defence mechanism: a
                                  comprehensive survey . . . . . . . . . . 141--185
        Konstantinos Adamos and   
       George Stergiopoulos and   
    Michalis Karamousadakis and   
             Dimitris Gritzalis   Enhancing attack resilience of
                                  cyber-physical systems through state
                                  dependency graph models  . . . . . . . . 187--198
                  K. Dinesh and   
        S. V. N. Santhosh Kumar   Energy-efficient trust-aware secured
                                  neuro-fuzzy clustering with sparrow
                                  search optimization in wireless sensor
                                  network  . . . . . . . . . . . . . . . . 199--223
Åvald Åslaugson Sommervoll and   
László Erd\Hodi and   
          Fabio Massimo Zennaro   Simulating all archetypes of SQL
                                  injection vulnerability exploitation
                                  using reinforcement learning agents  . . 225--246
           Hakan Kekül and   
               Burhan Ergen and   
                   Halil Arslan   Estimating vulnerability metrics with
                                  word embedding and multiclass
                                  classification methods . . . . . . . . . 247--270
             Silviu Vi\ctel and   
         Marilena Lupa\cscu and   
 Drago\cs Teodor Gavrilu\ct and   
                  Henri Luchian   Short- versus long-term performance of
                                  detection models for obfuscated
                                  MSOffice-embedded malware  . . . . . . . 271--297
               Gwonsang Ryu and   
                   Daeseon Choi   Detection of adversarial attacks based
                                  on differences in image entropy  . . . . 299--314
             Bhavya Dhingra and   
                 Vidhi Jain and   
        Deepak Kumar Sharma and   
          Koyel Datta Gupta and   
                Deepika Kukreja   RLET: a lightweight model for ubiquitous
                                  multi-class intrusion detection in
                                  sustainable and secured smart
                                  environment  . . . . . . . . . . . . . . 315--330
               Philgeun Jin and   
                 Namjun Kim and   
                Sangjin Lee and   
                   Doowon Jeong   Forensic investigation of the dark web
                                  on the Tor network: pathway toward the
                                  surface web  . . . . . . . . . . . . . . 331--346
           Aristeidis Farao and   
           Georgios Paparis and   
             Sakshyam Panda and   
        Emmanouil Panaousis and   
           Apostolis Zarras and   
               Christos Xenakis   INCHAIN: a cyber insurance architecture
                                  with smart contracts and self-sovereign
                                  identity on top of blockchain  . . . . . 347--371
               Fabrice Mvah and   
    Vianney Kengne Tchendji and   
Clémentin Tayou Djamegni and   
             Ahmed H. Anwar and   
             Deepak K. Tosh and   
                Charles Kamhoua   GaTeBaSep: game theory-based security
                                  protocol against ARP spoofing attacks in
                                  software-defined networks  . . . . . . . 373--387
                 Jun Narita and   
             Takao Murakami and   
              Hideitsu Hino and   
        Masakatsu Nishigaki and   
                  Tetsushi Ohki   Synthesizing differentially private
                                  location traces including co-locations   389--410
                   Tao Feng and   
                 Wentao Jin and   
               Minghu Zhang and   
                       Lu Zheng   Security assessment and improvement of
                                  smart grid NIKE protocol . . . . . . . . 411--429
              Oussama Amine and   
              Karim Baghery and   
              Zaira Pindado and   
                 Carla R\`afols   Simulation extractable versions of
                                  Groth's zk-SNARK revisited . . . . . . . 431--445
     Easwar Vivek Mangipudi and   
               Krutarth Rao and   
               Jeremy Clark and   
                    Aniket Kate   Pepal: Penalizing multimedia breaches
                                  and partial leakages . . . . . . . . . . 447--465
             Marius Elmiger and   
            Mouad Lemoudden and   
        Nikolaos Pitropakis and   
            William J. Buchanan   Start thinking in graphs: using graphs
                                  to address critical attack paths in a
                                  Microsoft cloud tenant . . . . . . . . . 467--485
 Partha Sarathi Chakraborty and   
          Somanath Tripathy and   
            Sanjeet Kumar Nayak   BASPED: Blockchain assisted searchable
                                  public key encryption over outsourced
                                  data . . . . . . . . . . . . . . . . . . 487--503
             Muhammad Adnan and   
        Muhammad Osama Imam and   
      Muhammad Furqan Javed and   
                   Iqbal Murtza   Improving spam email classification
                                  accuracy using ensemble techniques: a
                                  stacking approach  . . . . . . . . . . . 505--517
         Poornima M. Chanal and   
   Mahabaleshwar S. Kakkasageri   Blockchain-based data integrity
                                  framework for Internet of Things . . . . 519--532
             Md. Ahsan Ayub and   
             Ambareen Siraj and   
                Bobby Filar and   
                   Maanak Gupta   RWArmor: a static-informed dynamic
                                  analysis approach for early detection of
                                  cryptographic windows ransomware . . . . 533--556
           Vikas Kumar Jain and   
             Meenakshi Tripathi   An integrated deep learning model for
                                  Ethereum smart contract vulnerability
                                  detection  . . . . . . . . . . . . . . . 557--575
                      Anjum and   
                  Rahul Katarya   Hate speech, toxicity detection in
                                  online social media: a recent survey of
                                  state of the art and opportunities . . . 577--608
       Aikaterini Triakosia and   
    Panagiotis Rizomiliotis and   
            Cecilia Tonelli and   
             Fabio Federici and   
                  Valerio Senni   Secure outsourcing of manufacturing
                                  compliance checks  . . . . . . . . . . . 609--627
           Junichiro Hayata and   
        Jacob C. N. Schuldt and   
           Goichiro Hanaoka and   
                 Kanta Matsuura   On private information retrieval
                                  supporting range queries . . . . . . . . 629--647
               Vidhi Bansal and   
             Niyati Baliyan and   
                   Mohona Ghosh   MLChain: a privacy-preserving model
                                  learning framework using blockchain  . . 649--677
    Muralidhara Rao Patruni and   
           Abdul Gaffar Humayun   PPAM-mIoMT: a privacy-preserving
                                  authentication with device verification
                                  for securing healthcare systems in 5G
                                  networks . . . . . . . . . . . . . . . . 679--698

International Journal of Information Security
Volume 23, Number 2, April, 2024

      Constantinos Patsakis and   
            Eugenia Politou and   
           Efthimios Alepis and   
         Julio Hernandez-Castro   Cashing out crypto: state of practice in
                                  ransom payments  . . . . . . . . . . . . 699--712
                Ahlem Hamdi and   
              Lamia Fourati and   
                    Samiha Ayed   Vulnerabilities and attacks assessments
                                  in blockchain 1.0, 2.0 and 3.0: tools,
                                  analysis and countermeasures . . . . . . 713--757
             Houssam Zouhri and   
                   Ali Idri and   
                  Ahmed Ratnani   Evaluating the impact of filter-based
                                  feature selection in intrusion detection
                                  systems  . . . . . . . . . . . . . . . . 759--785
       Miguel Angel Olivero and   
          Antonia Bertolino and   
Francisco José Dominguez-Mayo and   
María José Escalona and   
               Ilaria Matteucci   A systematic mapping study on security
                                  for systems of systems . . . . . . . . . 787--817
               Richa Goenka and   
               Meenu Chawla and   
                  Namita Tiwari   A comprehensive survey of phishing:
                                  mediums, intended targets, attack and
                                  defence techniques and a novel taxonomy  819--848
              Mamatha Maddu and   
         Yamarthi Narasimha Rao   Network intrusion detection and
                                  mitigation in SDN using deep learning
                                  models . . . . . . . . . . . . . . . . . 849--862
            Auwal Shehu Ali and   
          Zarul Fitri Zaaba and   
      Manmeet Mahinderjit Singh   The rise of ``security and privacy'':
                                  bibliometric analysis of computer
                                  privacy research . . . . . . . . . . . . 863--885
             Ehab Alkhateeb and   
               Ali Ghorbani and   
          Arash Habibi Lashkari   A survey on run-time packers and
                                  mitigation techniques  . . . . . . . . . 887--913
         Pradeepkumar Bhale and   
             Santosh Biswas and   
                  Sukumar Nandi   A hybrid IDS for detection and
                                  mitigation of sinkhole attack in 6LoWPAN
                                  networks . . . . . . . . . . . . . . . . 915--934
               Gaurav Tyagi and   
                    Rahul Kumar   An efficient user authentication and key
                                  agreement scheme for wireless sensor
                                  networks using physically unclonable
                                  function . . . . . . . . . . . . . . . . 935--962
Antonio Villalón-Huerta and   
       Ismael Ripoll-Ripoll and   
           Hector Marco-Gisbert   A survey and characterization of Close
                                  Access Cyberspace Operations . . . . . . 963--980
              Ehsan Toreini and   
          Maryam Mehrnezhad and   
                Aad van Moorsel   Fairness as a Service (FaaS): verifiable
                                  and privacy-preserving fairness auditing
                                  of machine learning systems  . . . . . . 981--997
                   Peng Xun and   
                  Ziyu Yang and   
                Haoyang Zhu and   
                       Zhu Tang   Locating collaborative attack targets
                                  based on physical invariants toward
                                  cyber-physical systems . . . . . . . . . 999--1017
    Muralidhara Rao Patruni and   
           Abdul Gaffar Humayun   Publisher Correction: PPAM-mIoMT: a
                                  privacy-preserving authentication with
                                  device verification for securing
                                  healthcare systems in 5G networks  . . . 1019--1019
Ricardo Martins Gonçalves and   
       Miguel Mira da Silva and   
          Paulo Rupino da Cunha   Olympus: a GDPR compliant blockchain
                                  system . . . . . . . . . . . . . . . . . 1021--1036
             Jalaiah Saikam and   
                Koteswararao Ch   An ensemble approach-based intrusion
                                  detection system utilizing ISHO--HBA and
                                  SE--ResNet152  . . . . . . . . . . . . . 1037--1054
          Subhash Ariyadasa and   
           Shantha Fernando and   
                 Subha Fernando   SmartiPhish: a reinforcement
                                  learning-based intelligent anti-phishing
                                  solution to detect spoofed website
                                  attacks  . . . . . . . . . . . . . . . . 1055--1076
                     Lei Xu and   
                    Junhai Zhai   Generating adversarial examples with
                                  collaborative generative models  . . . . 1077--1091
Juan Manuel Castelo Gómez and   
        Sergio Ruiz-Villafranca   Integrating the edge computing paradigm
                                  into the development of IoT forensic
                                  methodologies  . . . . . . . . . . . . . 1093--1116
                     Kenan Ince   Exploring the potential of deep learning
                                  and machine learning techniques for
                                  randomness analysis to enhance security
                                  on IoT . . . . . . . . . . . . . . . . . 1117--1130
               Firas Hamila and   
             Mohammad Hamad and   
       Daniel Costa Salgado and   
           Sebastian Steinhorst   Enhancing security in Fiat--Shamir
                                  transformation-based non-interactive
                                  zero-knowledge protocols for IoT
                                  authentication . . . . . . . . . . . . . 1131--1148
              Thomas Prantl and   
                 Lukas Horn and   
                Simon Engel and   
       Lukas Iffländer and   
            Lukas Beierlieb and   
        Christian Krupitzer and   
         André Bauer and   
           Mansi Sakarvadia and   
                 Ian Foster and   
                  Samuel Kounev   De Bello Homomorphico: Investigation of
                                  the extensibility of the OpenFHE library
                                  with basic mathematical functions by
                                  means of common approaches using the
                                  example of the CKKS cryptosystem . . . . 1149--1169
         Jessica B. Heluany and   
             Vasileios Gkioulos   A review on digital twins for power
                                  generation and distribution  . . . . . . 1171--1195
             Rao Faizan Ali and   
           P. D. D. Dominic and   
                 Sadaf Hina and   
                  Sheraz Naseer   Fostering information security policies
                                  compliance with ISA-95-based framework:
                                  an empirical study of oil and gas
                                  employees  . . . . . . . . . . . . . . . 1197--1213
                Philip Empl and   
            Daniel Schlette and   
          Lukas Stöger and   
            Günther Pernul   Generating ICS vulnerability playbooks
                                  with open standards  . . . . . . . . . . 1215--1230
              Habib El Amin and   
               Lina Oueidat and   
             Maroun Chamoun and   
        Abed Ellatif Samhat and   
                Antoine Feghali   Blockchain-based multi-organizational
                                  cyber risk management framework for
                                  collaborative environments . . . . . . . 1231--1249
         Himanshu Nandanwar and   
                  Rahul Katarya   TL-BILSTM IoT: transfer learning model
                                  for prediction of intrusion detection
                                  system in IoT environment  . . . . . . . 1251--1277
      Dimmiti Srinivasa Rao and   
         Ajith Jubilson Emerson   Cyberattack defense mechanism using deep
                                  learning techniques in software-defined
                                  networks . . . . . . . . . . . . . . . . 1279--1291
            Sepideh Niktabe and   
      Arash Habibi Lashkari and   
            Dilli Prasad Sharma   Detection, characterization, and
                                  profiling DoH Malicious traffic using
                                  statistical pattern recognition  . . . . 1293--1316
          Rupshali Dasgupta and   
        Meghabriti Pramanik and   
              Pabitra Mitra and   
        Dipanwita Roy Chowdhury   Intrusion detection for power grid: a
                                  review . . . . . . . . . . . . . . . . . 1317--1329
                    H. Asad and   
                S. Adhikari and   
                     Ilir Gashi   A perspective-retrospective analysis of
                                  diversity in signature-based open-source
                                  network intrusion detection systems  . . 1331--1346
            Sultan S. Alqahtani   Security bug reports classification
                                  using fasttext . . . . . . . . . . . . . 1347--1358
           Fatna El Mendili and   
            Mohammed Fattah and   
             Nisrine Berros and   
             Youness Filaly and   
Youn\`es El Bouzekri El Idrissi   Enhancing detection of malicious
                                  profiles and spam tweets with an
                                  automated honeypot framework powered by
                                  deep learning  . . . . . . . . . . . . . 1359--1388
               Sohail Abbas and   
            Manar Abu Talib and   
               Qassim Nasir and   
                Sally Idhis and   
            Mariam Alaboudi and   
                    Ali Mohamed   Radio frequency fingerprinting
                                  techniques for device identification: a
                                  survey . . . . . . . . . . . . . . . . . 1389--1427
     Ferney Martínez and   
     Luis Enrique S\`anchez and   
        Antonio Santos-Olmo and   
            David G. Rosado and   
     Eduardo Fern\`andez-Medina   Maritime cybersecurity: protecting
                                  digital seas . . . . . . . . . . . . . . 1429--1457
               Ndukwe Ukeje and   
            Jairo Gutierrez and   
                Krassie Petrova   Information security and privacy
                                  challenges of cloud computing for
                                  government adoption: a systematic review 1459--1475
                Aybars Oruc and   
            Nabin Chowdhury and   
             Vasileios Gkioulos   A modular cyber security training
                                  programme for the maritime domain  . . . 1477--1512
                    Fei Zuo and   
                  Junghwan Rhee   Vulnerability discovery based on source
                                  code patch commit mining: a systematic
                                  literature review  . . . . . . . . . . . 1513--1526
               Fulvio Frati and   
            Georgiana Darau and   
            Nikos Salamanos and   
        Pantelitsa Leonidou and   
            Costas Iordanou and   
        Dimitris Plachouris and   
          Efstratios Syrmas and   
           Evangelos Floros and   
           George Nikitakis and   
         George Spanoudakis and   
        Konstantinos Kalais and   
           Stella Tsichlaki and   
            Ernesto Damiani and   
          George C. Kagadis and   
               Jihane Najar and   
             Michael Sirivianos   Cybersecurity training and healthcare:
                                  the AERAS approach . . . . . . . . . . . 1527--1539
           Arzu Gorgulu Kakisim   A deep learning approach based on
                                  multi-view consensus for SQL injection
                                  detection  . . . . . . . . . . . . . . . 1541--1556