Eight databases worth knowing for computer science and digital forensics research, why an arXiv preprint is not the same as a peer-reviewed paper, and how to handle grey literature like CERT-In advisories honestly.
Sign in to mark this article as read and track your progress.
| Database | Coverage and typical use |
|---|---|
| IEEE Xplore | IEEE and IET journals, conferences, and standards; the core source for networking and security research. |
| ACM Digital Library | Computing-specific proceedings, including SIGSAC and SIGKDD; the core source for security and systems research. |
| SpringerLink | Multidisciplinary, strong in computer science lecture notes and applied ML. |
| ScienceDirect | Elsevier's multidisciplinary platform, strong in journals such as Computers & Security. |
| Scopus | Multidisciplinary citation database, used for citation counts and tracing influential papers. |
| Google Scholar | Broad and less curated, including preprints and theses; useful for a first pass. |
| arXiv | Preprint server; the usual first-release venue for ML and, increasingly, security research, ahead of peer review. |
| DBLP | A curated bibliography specific to computer science. |
A preprint on arXiv has not been peer-reviewed. There's nothing wrong with citing one, since a large share of current security and ML research appears there first — but the review should say so plainly, instead of treating a preprint with the same weight as a published, reviewed paper.
Grey literature is material published outside the peer-reviewed academic system: a CERT-In advisory, a CVE or NVD entry, a MITRE ATT&CK technique page, or a vendor's incident write-up. In cybersecurity, ignoring grey literature would mean ignoring most of the field's fastest-moving, practically grounded knowledge, since a new campaign is usually written up by a vendor's threat-intelligence team long before any peer-reviewed paper about it appears. The discipline isn't to avoid these sources, but to label them accurately in the review as grey literature, distinct from peer-reviewed findings, and to note that they haven't been through independent review — exactly as the arXiv preprint rule above already recommends.
For a review on ransomware detection using machine learning, which two databases from the table above would you start with, and why? A paper you want to cite exists only as an arXiv preprint, with no conference or journal publication attached — should you cite it? If yes, what should your review say about its status?