EpochZero Learn
EpochZero LearnMulti-Domain Tech Learning Hub
Courses
LeaderboardAbout
Dashboard
EpochZero
EpochZero Learn
Multi-Domain Tech Learning Hub

Structured learning for Reverse Engineering, Cloud Security, Cryptography, and Web Development. Articles, videos, tests, and peer discussion.

Learn

  • Learning Path
  • All Articles
  • Video Lessons
  • Podcast
  • eBooks & PDFs
  • Question Banks
  • Cheatsheets
  • MCQ Banks

Tests & Forum

  • All Tests
  • REMA Tests
  • Cloud Tests
  • Forum
  • REMA Forum
  • Cloud Forum
  • Crypto Forum
  • Web Dev Forum

Campus

  • REMA Club
  • Full Stack Dev Club
  • Extension Activity
  • Events
  • CTF Competitions
  • Workshops
  • Industrial Visits

Platform

  • Dashboard
  • Leaderboard
  • About
  • Verify Certificate

© 2026 EpochZero Learn. Educational content for learning purposes.

Course Instructor: Ashish Revar

All articles
research-methodologyliterature-reviewdatabasesgrey-literature

Standard Academic Databases

Eight databases worth knowing for computer science and digital forensics research, why an arXiv preprint is not the same as a peer-reviewed paper, and how to handle grey literature like CERT-In advisories honestly.

Ashish Revar6 July 20267 min read2 views

Sign in to mark this article as read and track your progress.

More articlesTest your knowledge

Where to Actually Search

DatabaseCoverage and typical use
IEEE XploreIEEE and IET journals, conferences, and standards; the core source for networking and security research.
ACM Digital LibraryComputing-specific proceedings, including SIGSAC and SIGKDD; the core source for security and systems research.
SpringerLinkMultidisciplinary, strong in computer science lecture notes and applied ML.
ScienceDirectElsevier's multidisciplinary platform, strong in journals such as Computers & Security.
ScopusMultidisciplinary citation database, used for citation counts and tracing influential papers.
Google ScholarBroad and less curated, including preprints and theses; useful for a first pass.
arXivPreprint server; the usual first-release venue for ML and, increasingly, security research, ahead of peer review.
DBLPA curated bibliography specific to computer science.

A preprint on arXiv has not been peer-reviewed. There's nothing wrong with citing one, since a large share of current security and ML research appears there first — but the review should say so plainly, instead of treating a preprint with the same weight as a published, reviewed paper.

Grey Literature in Security Research

Grey literature is material published outside the peer-reviewed academic system: a CERT-In advisory, a CVE or NVD entry, a MITRE ATT&CK technique page, or a vendor's incident write-up. In cybersecurity, ignoring grey literature would mean ignoring most of the field's fastest-moving, practically grounded knowledge, since a new campaign is usually written up by a vendor's threat-intelligence team long before any peer-reviewed paper about it appears. The discipline isn't to avoid these sources, but to label them accurately in the review as grey literature, distinct from peer-reviewed findings, and to note that they haven't been through independent review — exactly as the arXiv preprint rule above already recommends.

Check Your Understanding

For a review on ransomware detection using machine learning, which two databases from the table above would you start with, and why? A paper you want to cite exists only as an arXiv preprint, with no conference or journal publication attached — should you cite it? If yes, what should your review say about its status?