Next Article in Journal
An Intelligent Ensemble-Based Detection of In-Vehicle Network Intrusion
Previous Article in Journal
Crop Flow Control in a Longitudinal Axial Threshing Unit Using Fully Adjustable Guide Vanes: A Field Study in Winter Wheat Harvesting
 
 
Search for Articles:
Title / Keyword
Author / Affiliation / Email
Journal
Article Type
 
 
Advanced Search
 
Section
Special Issue
Volume
Issue
Number
Page
 
Journals
Applied Sciences
Volume 15
Issue 12
10.3390/app15126865
applsci-logo
Submit to this Journal Review for this Journal Propose a Special Issue
Article Menu

Article Menu

share Share announcement Help format_quote Cite question_answer Discuss in SciProfiles
first_page
settings
Order Article Reprints
Font Type:
Arial Georgia Verdana
Font Size:
Aa Aa Aa
Line Spacing:
Column Width:
Background:
Article

Research on the Evolutionary Pathway of Science–Technology Topic Associations: Discovering Collaborative and Symmetrical Effects

by
Yin Feng
1,
Zheng Li
2 and
Tao Zhang
2,*
1
School of Marxism, Harbin University, Harbin 150086, China
2
School of Information Management, Heilongjiang University, Harbin 150080, China
*
Author to whom correspondence should be addressed.
Appl. Sci. 2025, 15(12), 6865; https://doi.org/10.3390/app15126865
Submission received: 13 April 2025 / Revised: 10 June 2025 / Accepted: 15 June 2025 / Published: 18 June 2025
Browse Figures
Versions Notes

Abstract

This study employs text mining techniques to conduct a systematic quantitative analysis of cybersecurity-related scientific publications and technological research. It aims to break through the limitations of traditional unidirectional evolutionary research, reveal the knowledge evolution rules between scientific theories and technical practices in this field, and provide valuable references and decision-making support for optimizing the collaborative innovation ecosystem. Firstly, we took academic papers and patent research on cybersecurity from 2005 to 2024 as the research objects and divided them into ten stages according to the time series. Subsequently, we identified scientific and technological topics and formed science–technology topics to assess their similarity. Then, we selected 3040 pairs of collaborative topic pairs and categorized them into three distinct groups: weak, moderate, and strong correlation. Finally, we constructed a science–technology topic association evolution atlas and analyzed the types of evolutionary pathways of topic associations and their mechanisms of action accordingly. The results demonstrate five evolutionary patterns in science–technology topic associations: division, merging, inheritance, co-occurrence, and independent development. Additionally, the science–technology topics demonstrate a high degree of collaboration, exhibiting a collaborative effect of “initial accumulation–fluctuating differentiation–deep collaboration”. Meanwhile, the correlation evolution of strongly related science–technology topics presents a symmetrical effect of “technology–science–technology” and “science–technology/technology–science”.

1. Introduction

Measuring the knowledge connections between science and technology is crucial for revealing their interaction mechanisms and providing strategic decision-making for managers [1]. With the rapid development of human science and technology, science and technology are becoming increasingly tightly integrated. The two interact, spread, and diffuse continuously, giving birth to important technologies driven by scientific principles or generated through cross-integration [2]. The scientific literature presents the groundbreaking cognition of basic research at the theoretical level, whereas patents represent the practical trajectory of technology transformation at the application level. As the two leading forces driving innovation and progress, the combination of science and technology promotes the vigorous development of related fields [3].
With the acceleration of the digitization process, cyberspace has been deeply integrated into the social operation system and has become an important component of critical infrastructure. Meanwhile, the demand for cybersecurity also shows a continuous growth trend. According to the report “2025–2031 Global and China Cybersecurity Market Status and Forecast” released by the research team of QYResearch, the Compound Annual Growth Rate (CAGR) of the global cybersecurity market is expected to reach 9.7% from 2025 to 2031. As a non-traditional security element, cybersecurity not only concerns individual safety but also has strategic value for national sovereignty, economic operation, and social stability.
Against this background, there is a high degree of interaction between basic research and technological applications in the field of cybersecurity. Exploring this field from the perspective of science–technology associations is of great significance. Through quantitative analysis of their association and evolution rules, it can not only provide an empirical basis for the knowledge flow mechanism of disciplines and lay the foundation for R&D decision-making, but also offer an important reference for the study of knowledge association in other applied disciplines. Specifically, this study introduces an LDA2vec literature topic evolution analysis method that integrates the LDA and Word2vec models [4]. Firstly, based on the Web of Science and Derwent Innovations Index databases, we selected relevant literature data in the field of cybersecurity from 2005 to 2024 and divided them into ten stages. Subsequently, we employed the LDA model for topic mining, and then utilized the Word2vec model to generate topic vectors to compute similarity, eventually constructing the science–technology topic association evolutionary pathway.

2. Related Work

2.1. The Interaction of Science–Technology

Science is the theoretical basis for technological development, and technology, in turn, promotes the in-depth development of science [5]. As early as the 1860s, researchers discovered that with the shortening of innovation cycles, the connection between technology and science was becoming increasingly closer. Carpenter et al. [6] pointed out that the generation of technological knowledge stems from the development of scientific knowledge and its migration to the technical field. The correlation between the two is reflected in the dependence of technological activities on science. Narin et al. [7] compared technology and science to a pair of dancers, believing that they are closely related. In 1997, Stokes [8] proposed Pasteur’s Quadrant innovation theory based on organizing science and technology as well as basic research and applied research. This innovation theory more accurately reflects the actual situation of scientific research and holds that there is a dynamic association and interweaving between basic research and applied research [9]. On the one hand, the change in scientific knowledge or scientific paradigms can play a significant role in guiding technological innovation and breaking through technological bottlenecks [10]. On the other hand, technology is also the main means with which to verify whether scientific theories are correct, which provides better conditions and more comprehensive perspectives for scientific research [11,12]. Sorenson et al. [13], through empirical research, found that patents citing published materials would gain more citation influence. Meanwhile, they believed that basic science has important value in stimulating technological innovation. Bassecoulard et al. [14] elaborated on the correlation between science and technology through system theory. They found that the two can restrict and link with each other, and then form a new overall collaborative effect. In addition, scholars have also found that there are diverse interaction modes between science and technology. Li [15] deeply analyzed the correlation relationship between science and technology with the help of the multidimensional analysis method. It was found that there is a nonlinear and non-univocal interaction between the two. Gardner [16] classified the interaction between science and technology into four types according to the direction of their effects. They are that science precedes technology, science and technology are relatively independent, technology precedes science, and there is a two-way interaction between science and technology. Liu et al. [12] summarized four interaction modes between science and technology according to the intensity of their effects. They are the integration between science and technology, the interactive collaboration between science and technology, the knowledge transfer between science and technology, and the dependence of technology on science. In summary, the relationship between science and technology is not a simple one-way derivation, but a complex and dynamic interactive process. Identifying and understanding the correlation relationship between science and technology is of great significance for promoting scientific and technological innovation in relevant fields.

2.2. The Science–Technology Association Detection Method

At present, scholars mainly explore the connection between science and technology by quantifying the relationship between scientific papers and technological patents [17]. Common research methods include four types of detection methods: based on citation relationships, based on author–inventor relationships, based on category mapping, and based on subject terms [18].
The first type is the science–technology association detection method based on citation relationships. This method measures and evaluates the contribution degree of the interactions between science and technology by tracking the flow and diffusion of knowledge between them. Teng et al. [19] conducted a detailed analysis of the utility patents granted by the United States Patent and Trademark Office from 1976 to 2020 and their citations in Chinese scientific publications. The purpose was to explore the evolutionary process of the influence of China’s scientific output on global and domestic technologies. Xu et al. [20] constructed a citation network based on scientific publications and patents. It was found that science and technology can not only interact with each other, but also promote the progress of industry. The second type is the association detection method based on author–inventor relationships. This method analyzes the relevant situation of academic papers and invention patents published by researchers with double identities of academic paper authors and patent inventors (i.e., academic inventors) to reveal the interactive relationship between science and technology. Li et al. [21] conducted an exploratory study on the authors and inventors involved in patents in the field of gene editing from 2000 to 2019. They found that authors–inventors, who are the gatekeepers of the technological frontier, are crucial for knowledge transfer. Zhao et al. [22] conducted an in-depth analysis of the continuous research topics of papers and patents of highly influential academic inventors. On this basis, they identified and compared the differences and connections of frontier topics between science and technology in high-tech fields. The third type is the association detection method based on category mapping. This method usually constructs the category mapping relationship between scientific papers and patent data based on specific categories. Song et al. [23] proposed a co-occurrence mapping method based on category similarity calculation. This method is utilized to help identify the characteristics of scientific and technological development between papers and patents in different academic disciplines. Xu et al. [24] explored the interactive characteristics and patterns between science and technology in the field of biopharmaceuticals from the perspective of bidirectional mapping of classification systems. The fourth approach is science–technology association detection based on subject terms. Scholars usually employ methods such as machine learning and data mining to reveal the association between science and technology from the perspective of text subjects. Chen et al. [25] combined knowledge structure information with text semantics to reveal the connections between science and technology from the perspective of research topics. Liu [26] analyzed the characteristics and differences in the knowledge association patterns between scientific papers and patent research using natural language processing techniques.
The above-mentioned research methods, based on scientific papers and patent research, explore the inherent relationship between science and technology from multiple dimensions based on ensuring the reliability and authority of research. However, the first three types of research methods usually have a high dependence on subjective participation or manual classification, which may lead to the filtering of some potential knowledge and then affect the objectivity of the research conclusions. In comparison, the association detection method driven by topics can achieve deep semantic analysis of texts through algorithmic models, thereby effectively avoiding the interpretation bias caused by human intervention. The LDA2vec symmetry model, which combines the advantages of the Latent Dirichlet Allocation Model [27] and the Word2vec word embedding model, is an unsupervised learning approach capable of transforming unstructured textual information into semantically relevant word vector representations. This model combines the topic mining capability of the LDA model and the semantic embedding advantage of the Word2vec model, overcoming the issue of semantic relationship loss between words that arises from the lack of deep semantic representation in traditional LDA models [28]. Consequently, it achieves fine-grained topic mining while significantly enhancing both the depth of semantic information extraction and the accuracy of topic recognition. This study uses the LDA2vec model to extract the scientific and technological research topics in the field of network security from 2005 to 2024, forming science–technology topics and assessing their similarities. Subsequently, the collaborative topic pairs are classified into three categories: weakly correlated, moderately correlated, and strongly correlated. Finally, the strongly correlated topic pairs are selected to construct a topic collaborative evolution atlas in the form of a Sankey diagram to help researchers clearly understand the association between science and technology in this field. The key focus of this study is to address the following three core issues:
Question 1: How to break through the one-way perspective of traditional topic evolution research and construct an identification method for science–technology topic association evolution in the field of cybersecurity?
Question 2: What evolutionary types will be presented by science–technology topic association evolution in the field of cybersecurity?
Question 3: What interactive effects will exist in the process of science–technology topic association evolution in the field of cybersecurity?

3. Research Process

3.1. Research Framework

This study uses scientific papers and patent research in the field of cybersecurity to represent two types of research work: scientific research and technological innovation [29]. Specifically, this study selects scientific papers from the Web of Science Core Collection database and patent research from the Derwent Innovation Index database as the basic data sources. The research period is set from 2005 to 2024. Since the start of 21st century, mobile devices have been widely prevalent, technology has advanced rapidly, network attacks have become increasingly stealthy and complex, and cybersecurity has faced new challenges and threats. To cover the majority of this period, 20 years is selected. It can fully capture the long-term trends in the cybersecurity field, from the accumulation of basic technologies to innovative breakthroughs. Moreover, this time series will not result in incomplete data and the mixing of different technological generations due to an excessive length of time. The specific steps are as follows.
Firstly, in this paper, we obtain relevant scientific papers from the Web of Science Core Collection database and relevant patent research from the Derwent Innovation Index database. Subsequently, we conduct preprocessing operations on the acquired scientific papers and patent research. Second, in this paper, we apply the LDA model for topic modeling and use perplexity as the measurement standard to determine the optimal number of topics, thereby extracting scientific and technological topics. Third, we multiply the LDA probability values corresponding to the topic words at each stage by the word vectors obtained from Word2vec training to calculate the weighted sum values, thereby obtaining the vectorized representation of the topics. Subsequently, science–technology topics are formed. Meanwhile, their similarities are calculated based on the weighted vectors, and a similarity threshold is set to distinguish different types of evolutionary paths of the topic pairs. Finally, in this paper, we select the strongly correlated science–technology topics for visual analysis to reveal the association between them. The overall research framework is shown in Figure 1.

3.2. Data Acquisition and Preprocessing

3.2.1. Data Acquisition

(1)
Paper data. As the core embodiment of scientific research achievements, scientific papers can reflect the latest progress in current research [30]. In this paper, we select the scientific research papers in the field of cybersecurity from the Web of Science database between 2005 and 2024 as the source of paper data. The data samples for this study were collected in January 2025. Using the search formula “TS = (‘network security’ OR ‘cybersecurity’ OR ‘cyber security’ OR ‘cyber-security’)”, a total of 59,328 articles were ultimately obtained.
(2)
Patent data. Technological patents are important carriers of technological innovation and can indicate the potential direction of future development in the field [31]. In this paper, we select the Derwent Innovation Index database as the source of patent data. The search keywords are based on the paper data search keywords and include the Derwent manual classification numbers T01-N02B3 (Network security, Anti-Malware) and W05-D05B5E (Security based on preventing or detecting unauthorized network access) [32]. A total of 32,819 patent documents were obtained.
The statistical chart of paper and patent data quantities is shown in Figure 2.

3.2.2. Data Preprocessing

In this paper, we take the titles, abstracts, and keywords of the paper dataset, as well as the titles and abstracts of the patent dataset, as the text analysis corpus for the LDA topic model [33]. After removing the literature with incomplete information, we obtained 56,715 valid scientific papers and 32,807 patents. Subsequently, we extract the text analysis corpus required for the LDA topic model to construct the initial corpus. To enhance the accuracy and reliability of the topic analysis and improve data quality, it is necessary to perform data preprocessing on the text corpus. The specific steps are as follows:
(1)
Preprocessing: Remove numbers, punctuation marks, and symbols, etc., from the text. The purpose is to eliminate noise and reduce computational burden. At the same time, convert the words in the text into singular and lowercase forms, and conduct preprocessing operations such as word segmentation and part-of-speech restoration to enhance the accuracy and efficiency of text processing.
(2)
Construct the feature word list: Use natural language processing toolkits to perform feature word extraction and other operations on the initial corpus. Subsequently, perform deduplication and filtering operations to obtain the final feature word list and use it as the input for the LDA topic model.
(3)
Constructing the invalid word list: To reduce the interference of high-frequency invalid words and improve the accuracy of topic recognition, construct an invalid word list for the target domain based on a general stopword list. Specifically, examine the results after initial LDA topic model clustering, select words with a high frequency but no practical significance, and incorporate them into the general word list. Subsequently, repeatedly iterate the above process to form the final invalid word list.
(4)
Stage division: Considering the large time span of literature data, global data analysis may lead to the submergence of important topics, making it difficult to deeply analyze the association between science and technology in the field of cybersecurity. Therefore, following a time series, divide the literature data from 2005 to 2024 into ten stages, with each stage lasting two years.

3.3. Research Methodology

The recognition method for the evolutionary pathway of the association between science–technology topics is divided into four parts: topic recognition, similarity calculation based on weighted vectors, recognition of the evolutionary types of science–technology topic associations, and research on the evolutionary pathway of science–technology topic associations.

3.3.1. Topic Recognition

The purpose of topic recognition is to lay the foundation for the subsequent mining of association relationships based on topics. However, traditional text topic extraction methods such as TF-IDF and Text Rank have certain limitations. They cannot effectively distinguish the strength of the relationships between topics, resulting in difficulties in accurately revealing the associations between topics. Therefore, this paper adopts the Latent Dirichlet Allocation (LDA) model [27] to conduct topic extraction on the text corpus.
The accuracy of LDA topic extraction is largely dependent on the number of topics [10]. Consequently, it is essential to determine an appropriate number of topic clusters prior to training the LDA model, as this can enhance the accuracy of the LDA topic model. To find the optimal number of topics, this paper adopts the perplexity evaluation method to determine the model parameters. Perplexity is a measure of the ability of a topic model to predict samples, representing the uncertainty of the topics to which a specific document belongs in the trained model [34]. Generally, when the changing trend of perplexity no longer decreases or reaches an inflection point, the current perplexity value is the optimal number of topics.

3.3.2. Similarity Calculation Based on Weighted Vectors

Although there are certain semantic deviations between academic papers and patent research in the representation of scientific concepts and the system of technical terms, the basic concepts and context within specific fields remain unchanged. Contextual semantic modeling can effectively compensate for the differences in expression between papers and patents. Word2vec [35,36] is a deep learning algorithm launched by Google in 2013. It learns the semantic information of words from a large amount of text data in an unsupervised manner and transforms words into real-valued vectors through training, which can capture the semantic connections between words without clear labels. Word2vec provides two language training models, CBOW and Skip-gram. The CBOW model can use context words to predict the central word, while the Skip-gram model can predict context words based on the central word. In this part, we aim to conduct a similarity calculation of the central words (i.e., topic words) based on weighted vectors, which is similar in principle to the Skip-gram model. Therefore, this paper selects Skip-gram in Word2vec to generate keyword vectors.
This paper first takes the preprocessed global stage dataset of science and technology as word vectors to train the data. Then, Python (python 3.8.0) language is used to train word vectors and construct a word vector model based on them. Secondly, we use the trained word vector model to represent the scientific and technological topic words obtained from clustering in a vectorized form, generating corresponding word vectors for each topic word. Subsequently, we take the probability of the topic words extracted by LDA as weights, multiply them with the corresponding word vectors of the Word2vec model, and then perform a weighted sum to obtain the vectorized representation of scientific topics and technological topics. The specific calculation process is shown in Equation (1).
W z = P w 1 z × w i 1 + P w 2 z × w i 2 + + P w k z × w i k
In Equation (1), W z represents the vectorized representation of topics, z denotes a topic, i k represents a topic word, and W k i indicates the corresponding word vector of the topic word. P w k z is the weight value of the word vector and the probability value of the topic w k .
This paper calculates the similarity of science–technology topics through cosine similarity. Specifically, the first scientific topic is calculated for cosine similarity with all patent topics. Then, the second scientific topic is calculated in the same way as all patent topics successively, and so on, until all scientific topics have been included in the calculation with all patent topics. The calculation formula is shown as follows.
S i m i l a r ( W z 1 , W z 2 ) = Cos i n e ( W z 1 , W z 2 )
Equation (2) measures the similarity between two vectors by calculating the cosine of the angle between them. The cosine value of the angle between two vectors ranges from 0 to 1. When the cosine value approaches 1, it means that the two vectors are highly similar. Conversely, when the cosine value is far from 1, it indicates that there are significant differences between the two vectors [37].

3.3.3. Recognition of the Evolutionary Types of Science–Technology Topic Associations

The similarity values of science–technology topics calculated in this paper are compared with the predetermined threshold γ to identify the evolutionary types of science–technology topic associations. This paper classifies the evolutionary types of topic associations into five categories: division, merging, inheritance, co-occurrence, and independent development. The specific judgment criteria are detailed in Table 1.

3.3.4. Construction of the Evolutionary Pathway of Science–Technology Topic Associations

This study utilizes the Sankey chart tool in the pyecharts library of Python language to analyze the evolutionary process of science–technology topics scientifically and intuitively. This tool can present the evolutionary pattern of science–technology topics and then construct a clear topic evolutionary pathway. In the Sankey diagram, each block element represents a different topic, and the lines connecting them indicate the direction of energy flow generated by the topics and the correlations between them [28].

4. Results

4.1. Stage Topic Recognition

This study determines the number of topic clusters for papers and patent data in each stage based on the perplexity of the LDA model. By observing the perplexity curve trend, we selected the perplexity value at the inflection point or where the trend ceases to decline as the optimal number of topics. Upon calculation, the optimal number of topic clusters for the paper data across ten stages are sequentially 9, 8, 8, 9, 8, 7, 8, 7, 7, and 7; for the patent data, the optimal number of topic clusters across the same ten stages are sequentially 8, 8, 8, 8, 7, 8, 7, 5, 5, and 5. The perplexity curves of paper data and patent data in each stage are shown in Figure 3 and Figure 4, respectively. Here, “S1–S10” represents the perplexity curve of paper data from stage 1 to stage 10; “T1–T10” corresponds to the perplexity curve of patent data from stage 1 to stage 10.
Within the LDA model, each topic is represented as a probability distribution over words, where the probability of each word reflects its intensity of belonging to that topic. Based on these probability distributions, this study selects the top 10 words with the highest probabilities in each topic as the characteristic vocabulary for that topic. Subsequently, by referring to the research directions in scientific papers and patent research within the field of cybersecurity, and according to the specific content of the selected characteristic vocabulary, we manually identified the scientific and technological topics in each stage. And finally, the distribution of topics in various stages in scientific papers (in Table 2) and patent research (in Table 3) in the field of cybersecurity was obtained. The scientific topic recognition results for 2005–2022 (stage1–stage9 in Table 2) originate from prior research [38].
This study conducts training with the LDA model to obtain the scientific topics and technical topics in the field of cybersecurity from 2005 to 2024. These topics are highly focused on the field of cybersecurity, reflecting their close association. Meanwhile, these topics are based on the two major levels of science and technology, presenting significant differences and diversity. Conducting an in-depth analysis of these two types of topics can not only trace the development process of science and technology in the field of cybersecurity and organize their key technological nodes in different periods, but also allow us to gain insights into the dynamic interactive relationship between science and technology in the development process from a topic perspective, providing a reference for deeply understanding the correlation between science and technology in the field of cybersecurity.

4.1.1. Scientific Topic Recognition

(1)
Stage 1 (2005–2006). During this stage, researchers concentrated on cyber threats and carried out systematic research. Their research covered various aspects, including the construction of basic security architecture (“Key Elements”, “Identity”), protection of communication applications (“Blocking Servlet Communication”, “Authorized Passage of Servlets”, “Listing Information”), threat detection (“Detection of Cyberattack”, “Analysis of Cyberattacks”, “Network Traffic Analysis”), and active defense (“Enhancing Capacities to Defend”), with the aim of building a comprehensive cybersecurity defense system.
(2)
Stage 2 (2007–2008). With the emergence of trends in large-scale network services and increasing attack complexity, researchers in this stage focused their research on three key directions: identity and access control (“Password Rules”, “Identity Verification and Firewall Policies”, “Authentication”), threat detection and response (“Detection Techniques”, “Policies or Strategies Against DoS”, “Cyberattack”), and systematic defense strategies (“Solutions and Services”, “Data Acquisition and Replication Strategies”).
(3)
Stage 3 (2009–2010). Stage 3 continued the research of the previous stage and further advanced in depth. The access control system (“Roles and Access Control”), threat confrontation technologies (“Detection of Cyberattacks”, “Access Control List”, “Cybersecurity Threats”, “Analysis of Attack Graphs”), and defense strategies (“Policy-Based Network Traffic Analysis”) remained the core of the research. It is worth noting that the defense strategies in this stage focused more on the construction of rules (“Establishing Robust Rules”) and methods (“Security Approach”), reflecting the deepening trend from theory to practical application.
(4)
Stage 4 (2011–2012). At this stage, scholars continued to follow the existing research directions, focusing on core issues such as identity authentication (“Cryptographic Applications”, “Authentication”), threat detection and response (“Cyberattack”, “Detection of Network Traffic”, “Policy Measures Against Botnet”, “Intrusion Detection Systems”), and defense frameworks (“Vulnerability Management”, “Strategies to Defend”, “The Role of Rules”).
(5)
Stage 5 (2013–2014). In this stage, with the outbreak of the Prism Gate incident, the academic community’s attention to privacy protection (“Privacy Protection”) and data security (“Cryptographic Measures Against DDoS”, “The Role and Importance of SSL”) significantly increased. Meanwhile, the continuous emergence of new threats also forced a deep reconstruction and innovation among threat confrontation technologies and defense systems. Specifically, it covered topics such as “Detection of Network Traffic”, “Identification of Cyberattacks”, “Intrusion Detection Systems”, “The Role of Vulnerabilities”, and “The Evolution and Impact of Botnets”.
(6)
Stage 6 (2015–2016). In this stage, in the face of severe threats brought about by privacy leaks and the industrialization of ransomware, researchers focused on key topics such as identity and data security (“Authentication Techniques”, “Encryption”, “Identification”) and threat confrontation (“Detection of Botnets”, “Rules for Malware Detection”, “Threat Detection”). Additionally, the emergence of the topic of “Cyberattacks and Defense Strategies” reveals that the cybersecurity defense system gradually started to expand towards proactive defense, highlighting a profound transformation from passive response to tactical prediction.
(7)
Stage 7 (2017–2018). In this stage, security authentication (“Password-Based Authentication”) and threat detection and defense technologies (“Detection of Network Traffic”, “Rule-Based Anomaly Detection”, “DoS Attack Consequences”, “Intrusion Detection Systems”) remained the core of research. In addition, researchers gradually attached importance to risk assessment and vulnerability management work, specifically including topics such as “Key Risks”, “The Role of Evaluation in x”, and “Vulnerability”.
(8)
Stage 8 (2019–2020). In this stage, cybersecurity was driven by the commercial use of 5G and the remote working wave caused by the COVID-19 pandemic, resulting in an explosive expansion of the attack surface. Meanwhile, cybercrime (“Network Traffic & Cybercrime”) began to emerge, and its means became more diverse and complex. The field of cybersecurity has gradually faced new challenges. Under this background, the focus of scientific research was mainly on threat detection technologies (“The Role of Intrusion Detection Systems”, “Detection of Malware”) and identity vulnerability management (“Role of Authentication in DDoS Defense”, “Validated Techniques for Intrusion”, “Key Identification Techniques”, “Identification of Vulnerabilities”), among other topics.
(9)
Stage 9 (2021–2022). In this stage, influenced by acts such as cybercrime (“Role of Cybercrime”), privacy protection and data security (“Private Data Capture and Utilization Precautions”) once again became the focus of researchers. Innovation in intrusion detection and defense technologies, including topics such as “Cyber Defense Strategies”, “Network Traffic Analysis in Intrusion Detection”, “Cyberattack Identification”, and “Firewall Configuration and Secure Network Access Controls”, along with the exploration of emerging technology applications like “Application of Encryption and Cryptographic Policies in Ransomware and Blockchain Technology”, became a research hotspot.
(10)
Stage 10 (2023–2024). In this stage, scholars continued to innovate, focusing on the optimization of attack and defense techniques (“Optimization of Intrusion Detection Technology”, “Network Security Risk Assessment”) and the cross-innovation of emerging technologies with traditional defense techniques (“The Application of Blockchain in Cybersecurity”, “Quantum Computing and Anti-Phishing Framework”). Meanwhile, the security requirements in emerging fields such as new infrastructure (“Network Attack Defense for Critical Infrastructure”), Internet of Vehicles (“The Network Security Integration Challenge of Connected Vehicles”), and healthcare Internet of Things (“Medical IoT Security Protection”) also began to attract the attention of researchers, emerging as new research hotspots.

4.1.2. Technical Topic Recognition

(1)
Stage 1 (2005–2006). This stage coincides with the period of systematic construction of global cybersecurity technology systems, with technological research and development focusing on the exploration of fundamental security architectures and defense mechanisms. Specifically, it included “Communication Link Security and Authentication Technology”, “Vulnerability Detection and Security Policy Management”, “Network Intrusion Detection and Defense System”, and “Malicious Code and Host Log Analysis”. Furthermore, the widespread adoption of 3G networks and the rise in mobile office demands drove the adaptation of cybersecurity technologies to mobile scenarios. Topics such as “Network Address Security and Trusted Computing”, “Mobile Cybersecurity”, “Content Security and Data Protection”, and “Web Services and Portable Storage Security” became research and development hotspots.
(2)
Stage 2 (2007–2008). In this stage, the exploration of defense mechanisms remained the focus of technological research and development. The emergence of topics such as “Message Security and File Management”, “Network Vulnerability Management”, and “Security Operation” reflects the trend of defense mechanisms shifting from passive response to proactive defense. Meanwhile, with the gradual popularization of mobile devices, researchers began to pay attention to terminal security, specifically involving “Mobile Terminal Software and Communication Security”, “Client Security”, and “Memory Protection”. Additionally, with the continuous expansion of enterprise networks and the increase in data volume, the demand for technologies such as packet detection (“Packet Detection”) and communication protocol security (“Communication Protocol Security”) also grew.
(3)
Stage 3 (2009–2010). Cybersecurity technologies evolved towards fine-grained approaches during this stage. Building on the previous stage, developers continued to focus on research and development related to terminal security enhancement (“Terminal Control”, “Node Security”, “Terminal Configuration Management”), dynamic defense against network attacks (“Application Layer Protocol Security”, “Malicious Node Identification”, “Data Packet Detection”), and deep protection at the data layer (“Behavioral Pattern Analysis”, “Database Security”).
(4)
Stage 4 (2011–2012). During this stage, with the widespread popularity of mobile devices, security technologies built for such devices once again became a development focus. Specifically, it covered “Client-Based Virus Detection and File Scanning Technology” and “Mobile Applications and Server-Side Malicious Code Protection”. Identity management technologies also evolved from single-password authentication to the paradigm of identity verification (“Client Authentication”). Furthermore, the emergence of the two topics of “Service Interface” and “Rule-based Electronic Service Security Event Response Technology” marked a new stage in which security operation and maintenance technology moved from manual intervention to automated strategy execution. It also highlighted the urgent need for API security and compliance management in the context of cloud computing. The emergence of advanced persistent threats also drove the development of more sophisticated detection technologies. For example, topics emerged such as “Cybersecurity Detection Based on Packet Analysis”, “Malicious Code Detection”, and “Node Malware Detection”.
(5)
Stage 5 (2013–2014). During this stage, cloud computing and Internet technologies became deeply integrated, resulting in cybersecurity technologies exhibiting characteristics of cloud-based service architecture (“Cybersecurity Service Architecture”, “Web Service Communication Security”). Meanwhile, advanced threat defense (“Malware Detection”, “Malicious Code Addressing”, “Intrusion Detection and Resource Protection”) and mobile terminal device security (“Mobile Device Security”, “Network Content Security Control”) remained the focus of patent technology research and development.
(6)
Stage 6 (2015–2016). During this stage, the rapid development of cloud computing continued to bring new security challenges, and security defense technologies at the server and terminal device levels still received close attention from developers. Specifically, this stage included the topics of “Server Based Malicious Code Detection and File Protection” and “Terminal Device Security”. Meanwhile, with the outbreak of the Prism Gate incident, advanced persistent threats and ransomware attacks became more complex and diverse, leading to frequent data breaches. Developers began to intensify their research efforts on authentication technology, traffic analysis, and response management techniques. Specifically, they included topics such as “Network Security Authentication”, “Network Traffic Strategy”, “Domain Name and Content Security Detection”, “File and Image Security Risk Analysis”, “Security Event Response and Resource Management”, and “Malicious Message Detection”.
(7)
Stage 7 (2017–2018). During this stage, cloud computing and edge computing achieved large-scale deployment, driving the transformation of enterprise networks towards a distributed architecture. Developers focused on the research of distributed collaborative defense and threat intelligence perception technologies. Specifically, they included topics such as “Distributed Cybersecurity Resource Management”, “Remote Control and Dynamic Network Topology Security”, “Real-Time Threat Detection”, and “Multimedia Threat Detection”. Meanwhile, with the rapid development of the Internet of Things and Internet of Vehicles technologies, technological topics such as “Vehicle Networking and Communication Identity Authentication”, “Terminal Device Storage Security”, and “Security Management for IoT Devices” emerged, indicating that a new infrastructure security architecture was gradually being constructed.
(8)
Stage 8 (2019–2020). In this stage, following the development trend of the previous stage, there was an explosive growth in IoT devices, with their security technologies advancing further. This specifically involved topics such as “Embedded System Protection” and “Node Collaborative Defense”. Meanwhile, with the emergence of COVID-19, there was a surge in demand for remote work and cloud services, accelerating the transformation of the zero-trust architecture concept (“Communication Security and Service Authentication”) into technological practice. The application of artificial intelligence technology in the field of cybersecurity became increasingly prevalent and gradually became deeply integrated into the entire process of threat defense. This specifically included topics such as “Malicious Software Detection Technology Based on Multidimensional Feature and Behavior Analysis” and “Terminal Threat Response”.
(9)
Stage 9 (2021–2022). In this stage, the impact of COVID-19 continued, and the application of AI in threat detection (“Network Attack Monitoring”) became more sophisticated. Meanwhile, hardware security (“Hardware Security Module for Network”), and zero-trust architecture (“Security Detection and Defense of Terminal Devices”, “Network Node Vulnerability Management”), and other related technologies continued to attract the attention of developers. Furthermore, as more enterprises migrated to the cloud, “Cloud Storage Security” became a key focus area for researchers.
(10)
Stage 10 (2023–2024). In this stage, with the continuous evolution and generalization of artificial intelligence technology in the field of cybersecurity, network security technology gradually moved towards autonomous threat detection (“Abnormal Behavior Detection and Log Analysis”, “Malware Detection and Defense”) and automated attack and defense (“Automated Attack and Defense of Attack Surface”, “Hardware Blocks Reinforcement”). The paradigm of AI governance gradually became established. Furthermore, the emergence of emerging computing, such as quantum computing, posed new challenges to communication security. The integrated architecture of quantum cryptography and encryption systems (“Secure Transmission of Data Streams”) attracted the attention of developers.

4.2. Similarity Calculation

The topics obtained through the LDA model are further converted into word vector form using the Word2vec model in this paper. In the specific operation, we adopt the skip-gram architecture and set relevant parameters, specifically, vector_size = 150, window = 5, min_count = 3, and epochs = 10. On this basis, we carry out the cosine similarity calculation for science and patent topics. A total of 5382 science–technology topics are finally obtained. Based on the above calculation results, we construct a similarity matrix. We adopt a threshold of 0.6686, representing the average similarity of all science–technology topics [4]. Whenever the similarity between a topic pair exceeds this threshold, it indicates collaboration between science and technology. According to statistics, there are a total of 3040 pairs of topics with similarities greater than 0.6686, accounting for about 56.48% of the total topic pairs. This further illustrates that there is a strong collaborative nature between science and technology in the field of cybersecurity. Drawing on the relevant strong and weak classification methods defined based on topic similarity in the related research [5], this paper divides the range of 0.6686 to 1 into three equal parts and classifies the relevance degree of topic pairs into three categories: weak correlation (from 0.6686 to 0.7791), moderate correlation (from 0.7792 to 0.8896), and strong correlation (from 0.8897 to 1). Among them, there are 1640 pairs of weakly correlated topics, 1337 pairs of moderately correlated topics, and 63 pairs of strongly correlated topics.
To validate the similarity threshold of 0.6686, in this study, we employ the bootstrap resampling method to calculate its 95% confidence interval (CI). The results show that the CI [0.6648, 0.6726] fully contains the threshold, indicating that its statistical estimation as the mean collaboration between science and technology is robust and reliable. Additionally, we conduct an extended analysis of the quantile characteristics in the similarity distribution. The data reveal that the 65th percentile (0.7518) and 95th percentile (0.8648) naturally partition the distribution into three intervals, corresponding to 65%, 30%, and 5% of the sample size, respectively. This distribution characteristic aligns closely with the classification method employed in this study. Initially, the 95th percentile (0.8648) approximates the lower bound of the strong correlation category (0.8897). Secondly, the similarity range of the moderate correlation category (from 0.7792 to 0.8896) exhibits a high overlap with the 30% quantile interval (from 0.7518 to 0.8648). This consistency validates the alignment between the classification method employed in this study and the inherent distribution patterns of the data. The similarity distribution and the intervals of weak, medium, and strong correlation categories are illustrated in Figure 5.
We take 0.8897 as the threshold, select 63 pairs of strongly correlated topics with a similarity degree greater than or equal to 0.8897, and construct a high-similarity topic correlation evolution map in the form of a Sankey diagram, as shown in Figure 6. In the brackets beside each topic, S represents scientific topics and T represents technological topics. In the overall layout, scientific topics are placed in the middle position, while technological topics are arranged on the left and right sides. This arrangement can visually and clearly show the evolutionary process of strongly correlated topic pairs.
To analyze the presented content more accurately and thoroughly, this paper takes scientific data (i.e., the middle column in Figure 6) as the core clue and deeply explores the association and evolution relationship of science–technology topics in the field of cybersecurity. In the following, we select examples for each type of evolution for analysis.
(1)
The evolutionary type of topic associations: division
During the development of a field, the emergence of new scientific theories guides technological updates and iterations. Alternatively, breakthrough innovations in technology may render the original scientific research paradigms unsuitable for new developmental needs. This may lead to the divergence of certain scientific research or technological directions at a specific stage.
For example, “The Evolution and Impact of Botnets (S5_8)” is divided into “Server-Based Malicious Code Detection and File Protection (T6_1)”, “Network Security Authentication (T6_2)”, “Domain Name and Content Security Detection (T6_5)”, “Remote Control and Dynamic Network Topology Security (T7_2)”, and “Malware Detection and Defense (T10_2)”. This association maps out a typical path for the transformation of fundamental research in the field of cybersecurity into applied technologies. As a systematic study on botnets, the scientific topic “The Evolution and Impact of Botnets (S5_8)” mainly discusses the operational mechanisms, propagation methods, and impacts of botnets. This provides a theoretical basis for the subsequent research and development of patented technologies. Specifically, “Server-Based Malicious Code Detection and File Protection (T6_1)” and “Domain Name and Content Security Detection (T6_5)” correspond closely to the malicious code propagation mechanisms and dynamic domain name generation techniques [39] revealed in botnet research. For example, the patent document “US2016255107-A1” proposes a method for detecting domains generated by malware and cites three scientific studies from stage 5. Moreover, Hameed et al. [40] pointed out that most spam originates from botnets with forged sender addresses. This scientific finding further promoted the research on “Network Security Authentication (T6_2)”. With the iterative upgrading of technology, P2P botnets have become a new type of cyberattack method. From 2017 to 2018, research on the topic of “Remote Control and Dynamic Network Topology Security (T7_2)” effectively contained the attacks and threats of botnets by strengthening the security of remote control and topology. From 2023 to 2024, the development of cybersecurity attack and defense technologies integrated cutting-edge methods such as deep learning, forming full-cycle prevention and control capability against new types of botnets (“Malware Detection and Defense (T10_2)”).
(2)
The evolutionary type of topic associations: merging
The topic association evolution of merging can show that different science–technology topics do not develop in isolation, but there is a trend of mutual influence and mutual penetration. Originally independent scientific theories and technological practices gradually intertwine, thereby forming new research directions or innovative achievements.
“Network Address Security and Trusted Computing (T1_5)”, “Content Security and Data Protection (1_7)”, and “Security Operation (2_8)” are merged into “Authentication (S4_9)”. Around 2005, during the critical period of global deployment of the IPv6 protocol, the surge in network address security requirements prompted enterprises to accelerate the deployment of trusted computing technology (T1_5). For example, the patent “WO2006059216-A1” released by NOKIA Corp in 2006 reflects the industry’s technological exploration of network layer security at that stage. Meanwhile, with the implementation of the Data Protection Directive, content encryption and data protection technology (T1_7) have gradually become the focus of enterprises. For instance, the “US2006053334-A1” patent issued by Microsoft Corp allows users to specify data protection levels according to their own needs and achieve reliable data recovery. With the continuous deepening and accumulation of technological practices, “Security Operation (2_8)” has begun to attract the attention of research and development personnel. For instance, the patent “US2008263664-A1” conducts a refined sorting and integration of security operation strategies and incorporates them into the threat management vector. This effectively improves the response efficiency and handling capacity for security incidents. The early construction of a three-dimensional system for patent clusters, consisting of “trusted environment–data protection–process control”, has exposed the limitations of traditional authentication mechanisms at the practical level. These technological bottlenecks have driven the academic community in stage 4 to focus on innovation in authentication theory (S4_9), reflecting the knowledge diffusion pattern where technological demands drive theoretical innovation. It is worth noting that this stage coincided with the establishment of the FIDO Alliance in 2012, which promoted the standardization of identity authentication. This indicates that the scientific topic not only represents a reflection and reconstruction of the existing technological system but also provides a theoretical core for subsequent industry standards such as OAuth and OpenID.
(3)
The evolutionary type of topic associations: inheritance
The evolution of topic associations of inheritance types can describe the cumulative and progressive nature of development in the field of cybersecurity. Technology or research in a later stage is based on that of the previous stage, not only retaining the core technology or theory of the early stage but also introducing new concepts, methods, and techniques. Through optimized innovation, the spiral ascension of technology and science is continuously promoted.
“Malicious Code and Host Log Analysis (T1_4)”, “Network Vulnerability Management (T2_7)”, and “Node Security (T3_2)” are inherited by “Authentication Techniques (S6_1)”. As the core of early security technology, the patented technology under the topic of “Malicious Code and Host Log Analysis (T1_4)” mainly focuses on identifying the invasion of malicious software through the extraction of code behavior characteristics and anomaly detection in logs. This research and development process not only laid a solid foundation for the early cybersecurity defense system but also provided a crucial database for subsequent scientific research on authentication technologies. In 2007, vulnerabilities related to authentication were incorporated into the CVE standard classification system. This inspired researchers to integrate vulnerability management with authentication mechanisms under the topic of “Network Vulnerability Management (T2_7)”. For example, the patent “US2008022397-A1” is applied to an authentication server that can identify the security features of network devices and then implement vulnerability management in the network. During 2009–2010, the construction of the distributed node authentication system (T3_2) also provided an important technical validation scenario for subsequent scientific research. The technical knowledge flow generated by the early patent clusters was integrated into the later scientific research system through knowledge recombination. This integration provided crucial support for the breakthrough and innovation of research on “Authentication Techniques (S6_1)” from 2015 to 2016, achieving a theoretical leap. This correlation reveals the diachronic characteristics of the evolution of cybersecurity technologies from basic defense to intelligent authentication.
(4)
The evolutionary type of topic associations: co-occurrence
The evolution of co-occurrence types of topic associations often reflects a concentrated focus on specific issues or challenges and can describe the close interaction and mutual promotion between scientific research and technological applications.
There exists an evolutionary relationship of co-occurrence among “Server Based Malicious Code Detection and File Protection (T6_1)”, “Network Traffic Strategy (T6_4)”, “Domain Name and Content Security Detection (T6_5)”, “Malicious Message Detection (T6_8)”, and “Authentication Techniques (S6_1)”. As the sophistication of advanced persistent threat (APT) attacks increases, the limitations of traditional defense technologies become more apparent. Under this background, the academic and industrial communities have made a collaborative effort to explore dynamic authentication systems. Among them, the patented technology of “Server Based Malicious Code Detection and File Protection (T6_1)” mainly functions through real-time identity verification and access control mechanisms. In the patents related to the topic of “Network Traffic Strategy (T6_4)”, some patents can provide encryption and authentication methods for routing protocol communication, thereby effectively avoiding cyberattacks. The patent topics of “Domain Name and Content Security Detection (T6_5)” and “Malicious Message Detection (T6_8)” involve domain name detection and malicious information identification technologies, which also need to address the issue of identity correlation verification. Meanwhile, “Authentication Techniques (S6_1)” also aims to further promote the long-term optimized development of authentication technology in both theoretical and practical aspects by abstractly integrating the technical components in the above patents.

5. Discussion

5.1. Discovery of Collaborative Effect

This paper argues that if the similarity value of the science–technology topic is greater than 0.6686, it indicates that there is a collaborative relationship between the two topics. According to statistics (with science topics as the main body of the topic pairs), from stage 1 to stage 10, the number of collaborative topic pairs is 242, 242, 340, 329, 285, 313, 233, 345, 252, and 459 pairs. Among them, the number of topic pairs belonging to the co-occurrence association evolutionary type is 30, 31, 40, 40, 30, 39, 23, 21, 13, and 28 pairs successively. Based on the identification results of science and technology research topics, as well as the statistics and analysis of the number of the two types of topic pairs, this paper finds that in the field of cybersecurity, science and technology present a collaborative evolutionary situation of “initial accumulation–fluctuating differentiation–deep collaboration”.
(1)
Stage 1 to Stage 4 (2005–2012): the intensive emergence of basic collaboration
From the perspective of quantity, the number of collaborative topic pairs increased from 242 pairs in stage 1 and stage 2 to 340 pairs in stage 3, and then to 329 pairs in stage 4. The number of co-occurrence-type topic pairs gradually increased from 30 pairs in stage 1 to 40 pairs in stages 3 and 4, reaching a peak in these two stages. Overall, these two types of topic pairs show a rising trend with high collaborative density, reflecting the close interaction characteristics between science and technology. Based on the topic identification results, 2005–2012 was in the initial stage of the systematic construction of cybersecurity. The research topics of science and technology mainly focused on the construction of basic infrastructure and the preliminary exploration of attack and defense technologies. Among them, scientific research was carried out around several aspects, such as network attack detection (such as S1_2, S2_1, S3_2), attack behavior analysis (such as S1_5), and defense mechanism enhancement (such as S1_8, S4_5). Technical research and development focused on basic security architecture (such as T1_3, T2_7) and the construction of defense mechanisms (such as T3_4). Meanwhile, the popularization of 3G networks and the rise of mobile office requirements also drove the expansion and extension of science and technology research towards communication security, identity management, and other directions (such as S1_4, S2_4, T3_1, T4_5). In this stage of research, a preliminary accumulation of the collaborative relationship between science and technology was achieved. They closely cooperated and made progress together, laying the foundation for subsequent research.
(2)
Stage 5 to Stage 7 (2013–2018): fluctuation and differentiation of scenario-based collaboration
From the perspective of quantity, the number of the two types of topic pairs decreased to 285 and 30, respectively, in stage 5, and then rebounded to 313 and 39 in stage 6. In stage 7, they further declined to 233 and 23, exhibiting a significant trend of collaborative fluctuation. Based on the topic recognition results, with the deep integration of cloud computing and Internet technologies and the in-depth development of attack and defense technologies, scientific research in this period began to shift from basic defense to complex scenarios. In 2013, the Prism Gate incident broke out, and “Privacy Protection (S5_5)” became an emerging scientific focus. However, the lag in technology implementation (such as “File and Image Security Risk Analysis (T6_6)”) led to a short-term decline in the co-occurrence association evolution of topics in stage 5. During stage 6, there was a surge in ransomware and advanced persistent threats, and both the scientific and technological fields began to intensify their research efforts on authentication technologies (such as S6_1, T6_2) and security defense technologies. Meanwhile, S6_1 has strong correlation relationships with T6_1, T6_4, T6_5, and T6_8, and the collaborative effect is evident. During stage 7, distributed architecture (“Distributed Cybersecurity Resource Management (T7_1)”) and technologies such as the Internet of Things and Internet of Vehicles (T7_4, T7_6, T7_7) emerged successively. This led to a diversification of the directions of scientific research and technological research and a weakening of short-term collaborative effects. During this period, the dynamic interaction between technology-driven progress and incident response led to the shift in scientific research from basic defense to complex scenarios, forming a coupling–decoupling cycle of phased technology development and scientific exploration. The overall situation exhibits significant fluctuation–differentiated scene-based collaborative features.
(3)
Stage 8 to Stage 10 (2019–2024): exploration and integration of emerging technologies
From the perspective of quantity, the number of pairs of the two types of topics decreased from 345 pairs and 21 pairs in stage 8 to 252 pairs and 13 pairs in stage 9. Then, they rose again to 459 pairs and 28 pairs in stage 10, showing an overall collaborative trajectory in a “U-shaped” curve. Based on the topic recognition results, the topics during stage 8 and stage 9 showed two trends: The first one is artificial intelligence-driven security collaboration. With the evolution of technology, the application of artificial intelligence technology in the field of cybersecurity became increasingly prevalent, making it a key focus of scientific and technological research (such as S9_2 and T8_1). The second trend is the challenges of emerging technology scenarios. Affected by factors such as the pandemic and cloud computing, the focus of technology research topics began to concentrate on fields such as Internet of Things security (such as T8_3 and T9_4) and cloud storage security (T9_3). Scientific research, however, focused on cybercrime (such as S8_3 and S9_3), blockchain technology (S9_7), and other aspects. During stage 10, the research topics of science and technology continued to be innovative, and the optimization of threat detection and attack–defense game technology became the focus of research. Meanwhile, the security demands in interdisciplinary fields saw an explosion, driving deep integration of science and technology in specific scenarios. Scientific research started to focus on new infrastructure, Internet of Vehicles, medical Internet of Things, and other fields, with a significant increase in the collaborative nature of science and technology.

5.2. Discovery of Symmetrical Effect

The association evolution of strongly related science–technology topics in the field of cybersecurity exhibits a significant symmetrical effect. This is specifically manifested as a bidirectional empowerment and spiral reinforcement mechanism between science and technology topics. This mechanism no longer adheres to the traditional one-way path of “basic research–applied research–technology development”. Instead, it forms a spirally ascending innovation loop through the bidirectional feedback between theoretical exploration and technological practice. This paper will analyze the symmetrical effects of their collaborative evolution from the following two dimensions.
(1)
The inter-stage “technology–science–technology” topic evolution
1.
Technology-driven science (problem identification–theoretical abstraction)
T1_3, T1_4, T1_5, T1_7, T2_1, T2_4, T2_5, T2_7, T2_8, T3_2, T4_3, T5_2, and T5_6 have strong correlations with S6_1. In early technological practices, patented technologies such as T1_3 (Network Intrusion Detection and Defense System), T1_4 (Malicious Code and Host Log Analysis), and T1_5 (Network Address Security and Trusted Computing) mainly focused on topics like the construction of fundamental security architectures at the network layer. These technological practices accumulated a great deal of experience regarding real-world issues such as identity forgery and the abuse of authority, which established an empirical foundation for the subsequent academic construction of the authentication technology theory (S6_1) framework. By 2007–2008, patents such as T2_7 (Network Vulnerability Management) and T2_8 (Security Operation) had explored active defense strategies, driving the academic community to reconstruct the authentication technology theory (S6_1) from a multidimensional and interconnected perspective. With the popularization of mobile Internet, patents such as T4_3 (Malicious Code Detection) and T5_2 (Intrusion Detection and Resource Protection) gradually revealed the limitations of traditional static authentication mechanisms. This also drove the optimization and innovation of the authentication technology theory (S6_1). In summary, technological practices have continuously revealed new attack methods, compelling scientific theories to abstractly integrate discrete technological solutions, and ultimately forming an evolutionary path of “problem identification–theoretical abstraction”.
2.
Science feeds back into technology (theoretical abstraction–technological innovation)
S6_1 has a strong correlation with T7_2, T10_2, and T10_5. The scientific topic “Authentication Techniques” is not the end point of the evolutionary association between scientific and technological research topics. It provides crucial methodological support for the emergence of subsequent technological topics, thereby initiating a new round of technological innovation. On the one hand, the authentication topic put forward by S6_1 drove some patents affiliated with the technological topic “Remote Control and Dynamic Network Topology Security (T7_2)” during 2017–2018 to focus on incorporating remote authentication information. These technologies can reduce the risk of identity forgery initiated by attackers through concealing the details of the network architecture. On the other hand, by 2023–2024, S6_1 had further integrated with artificial intelligence technology. The innovative development of “Malware Detection and Defense (T10_2)” and “Hardware Blocks Reinforcement (T10_5)” also verifies, in reverse, the applicable boundaries of authentication technology theory in new cybersecurity scenarios.
This “practice–theory–re-practice” spiral evolution can verify the mechanism of topic flow and transformation between science and technology in the field of cybersecurity. Specifically, technical pain points drive the paradigm shift of academic research, while theoretical breakthroughs in turn promote technological development through conceptual decoupling and module reorganization, thus forming a symmetrical effect of “technology–science–technology”. Meanwhile, in the process of such topic evolution, technical topics often precede scientific topics in terms of distribution time. This phenomenon also reflects the driving and promoting effect of technological development on scientific research.
(2)
The same-stage “science–technology/technology–science” topic evolution
This paper takes the topics of S10_1 (“Optimization of Intrusion Detection Technology”) and T10_5 (“Hardware Blocks Reinforcement”), which belong to the co-occurrence association evolutionary type, as examples.
Intrusion detection systems are a combination of software applications and hardware devices designed to monitor networks and filter out malicious or unauthorized access attempts [41]. From a technology-driven science perspective, technological innovations in areas such as hardware security modules can provide underlying support for the optimization of intrusion detection technologies. With the rapid development of the Internet of Things and cloud computing, traditional network intrusion detection systems can no longer meet the security requirements of Internet of Things applications [42]. Hardware reinforcement technology (T10_5) can significantly improve the data processing efficiency and anti-tampering capability of intrusion detection systems (S10_1) by designing dedicated security chips and hardware acceleration modules. Meanwhile, this technology has also given rise to the demand for lightweight detection algorithms in the research field. The research of S10_1 began to focus on optimization methods such as deep learning [43] to achieve efficient threat recognition under hardware resource constraints.
In contrast, looking at the path of science feeding back into technology, innovations in intrusion detection theory are also driving the iterative development of hardware architecture. As the complexity of deep learning methods continues to rise, traditional general-purpose computing architectures are increasingly exposed to cyberattack risks. This current situation has prompted the academic community to delve deeply into theoretical innovations, thereby driving the reform and development of hardware architecture. For instance, Diaba et al. [44] proposed an intrusion detection algorithm targeting the SCADA system’s internal architecture, which lacks a security framework and is susceptible to cyberattacks. They integrated the Genetically Seeded Flora (GSF) algorithm with the Transformer Neural Network, aiming to alleviate security bottleneck issues.
This topic of evolutionary relationship can map the characteristics of bidirectional empowerment evolution between technology research and scientific research. Specifically, technical bottlenecks drive academic research to converge towards an engineerable direction. Meanwhile, scientific research forms modular knowledge units through decoupling which are then restructured along technological pathways to create new solutions. This dynamic closed loop of “technology demand–scientific abstraction/scientific abstraction–technological reconstruction” forms a symmetrical mechanism of “science–technology/technology–science”.

6. Conclusions and Future Work

6.1. Conclusions

This paper proposes a method for identifying the science–technology topic association evolutionary pathway, which breaks through the limitations of the unidirectional perspective in traditional topic evolution research and effectively addresses Question 1 in Section 2.2. Specifically, this paper takes the scientific papers and patent research in the field of cybersecurity from 2005 to 2024 as research samples. Combining the LDA topic model and the Word2vec model, we conducted topic recognition and word vector transformation operations on these two types of research samples, respectively, and explored the association evolution between science and technology topics through similarity calculation methods. This method successfully reveals the dynamic and collaborative evolution law of science–technology topics in the field of cybersecurity. It provides a new theoretical perspective for understanding the interaction mechanism between scientific research and technological innovation in this field. The specific research conclusions are as follows: First, by constructing the science–technology topic similarity matrix and the association evolutionary graph, this study answers Question 2: “What evolutionary types will be presented by science–technology topic association evolution in the field of cybersecurity?” It was found that the association of science–technology topics in this field presents five types of evolution, namely, division, merging, inheritance, co-occurrence, and independent development. Second, among the 5382 science–technology topics, 3040 (about 56.48%) topic pairs have a similarity greater than the threshold of 0.6686. This indicates a high degree of collaboration between science and technology topics. Meanwhile, based on the topic recognition results and the association evolution, this paper finds that the science–technology topics show a symmetrical effect of “initial accumulation–fluctuating differentiation–deep collaboration”. Third, according to the method of classifying the strength of association based on topic similarity, this paper divides the science–technology topics with collaboration into three categories: weak correlation, moderate correlation, and strong correlation. Among them, the association evolution of strongly correlated science–technology topics shows a symmetrical effect of “technology–science–technology” and “science–technology/technology–science”. By integrating conclusions two and three, this study provides a comprehensive answer to Question 3, revealing the presence of collaborative and symmetrical effects in the associative evolution process of science–technology topics within the field of cybersecurity.

6.2. Future Work

This study also has some limitations. First, the research data mainly come from the papers and patent data of the Web of Science and Derwent Innovation Index databases. We have not included multiple sources of heterogeneous data, such as policy documents and industry white papers, which may lead to the neglect of the potential impact of the institutional environment and market dynamics on topic evolution. In the future, research will establish a multi-source data fusion framework to capture the impact mechanisms of factors more comprehensively, such as policies and markets, on the evolution of science–technology associations, thereby further enhancing the completeness and accuracy of this study. Second, the results of this study are only applicable to the field of cybersecurity. Whether the association evolution of science–technology topics in other disciplinary fields presents a similar situation remains to be further verified. To this end, subsequent research will select typical fields such as new energy and biotechnology for comparative analysis, systematically testing the transferability of the research findings. Finally, the specific influencing factors of science–technology knowledge associations have not been thoroughly examined. Subsequent research will introduce multidimensional explainable variables to systematically identify and quantify the impact mechanisms of various factors on science–technology knowledge associations.

Author Contributions

Data curation, Y.F. and Z.L.; funding acquisition, T.Z.; methodology, Y.F. and T.Z.; writing—original draft, Z.L.; writing—review and editing, Y.F., Z.L. and T.Z. All authors have read and agreed to the published version of the manuscript.

Funding

This research was funded by the Natural Science Foundation of Heilongjiang Province of China, “Research on the Construction of Interpretable Models for Intelligent Algorithms in Complex Systems under Uncertain Environments” (Number: PL2024G019).

Institutional Review Board Statement

Not applicable.

Informed Consent Statement

Not applicable.

Data Availability Statement

The datasets generated during and/or analyzed during the current study are available from the corresponding author on reasonable request.

Conflicts of Interest

The authors declare no conflicts of interest.

References

  1. Zheng, Z.; Ma, Y.; Ba, Z.; Pei, L. Tree knowledge structure for better insight: Capturing biomedical science-technology knowledge linkage with MeSH. J. Informetr. 2024, 18, 101568. [Google Scholar] [CrossRef]
  2. Cao, K.; Wu, X.N.; Bai, G.Z.; Jin, J.B.; Li, L. Research on Early Identification of Science and Technology Security Risks in Emerging Technologies from the Perspective of “Science-Technology” Linkage. Inf. Stud. Theory Appl. 2025, accepted. [Google Scholar]
  3. Ba, Z.; Liang, Z. A novel approach to measuring science-technology linkage: From the perspective of knowledge network coupling. J. Informetr. 2021, 15, 101167. [Google Scholar] [CrossRef]
  4. Zhang, T.; Cui, W.B.; Liu, X.L.; Jiang, L.; Li, J.L. Research on Topic Evolution Path Recognition Based on LDA2vec Symmetry Model. Symmetry 2023, 15, 820. [Google Scholar] [CrossRef]
  5. Liu, C.L.; Zang, D.Y.; Chen, S. Research on the Correlation Measure and Theme Evolution Law of Science-Technology-Industry: Taking the Field of Biomedicine as an Example. Libr. Inf. Serv. 2024, 68, 95–116. [Google Scholar]
  6. Carpenter, M.P.; Narin, F. Validation study: Patent citations as indicators of science and foreign dependence. World Pat. Inf. 1983, 5, 180–185. [Google Scholar] [CrossRef]
  7. Narin, F.; Noma, E. Is technology becoming science? Scientometrics 1985, 7, 369–381. [Google Scholar] [CrossRef]
  8. Stokes, D.E. Pasteur’s Quadrant: Basic Science and Technological Innovation, 1st ed.; Brookings Institution Press: Washington, WA, USA, 2011. [Google Scholar]
  9. Yu, Y.Z.; Yang, Z. How to Promote the Effective Play of the Leading Enterprise’s Innovation Chain: A Synergy Innovation Perspective Based on the New Pasteur Quadrant. Nankai Bus. Rev. 2020, 23, 4–15. [Google Scholar]
  10. Liu, J.; Zhong, Y.H.; He, X.D.; Li, Z.Z.; Zhao, Z.Y. Research on Scientific-Technological-Industrial Association Patterns Based on Multi-relationships Fusion. J. Mod. Inf. 2024, 44, 67–81. [Google Scholar]
  11. Leung, T.Y.; Sharma, P. Differences in the impact of R&D intensity and R&D internationalization on firm performance–Mediating role of innovation performance. J. Bus. Res. 2021, 131, 81–91. [Google Scholar]
  12. Liu, X.L.; Tan, Z.Y.; Zhang, C.X. Research Review of “Science-technology Relationship” Research Methods: Highlights on Bibliometrics Method. Libr. Inf. Serv. 2015, 59, 142–148. [Google Scholar]
  13. Sorenson, O.; Fleming, L. Science and the diffusion of knowledge. Res. Policy 2004, 33, 1615–1634. [Google Scholar] [CrossRef]
  14. Bassecoulard, E.; Zitt, M. Patents and publications: The lexical connection. In Handbook of Quantitative Science and Technology Research: The Use of Publication and Patent Statistics in Studies of S&T Systems, 1st ed.; Moed, H.F., Wolfgang, G., Ulrich, S., Eds.; Springer: Dordrecht, Netherlands, 2004; pp. 665–694. [Google Scholar]
  15. Li, X. On Similarities and Differences of Science and Technology. J. Dialectics Nat. 2007, 52, 1–9+110. [Google Scholar]
  16. Gardner, P. Representations of the Relationship between Science and Technology in the Curriculum. Stud. Sci. Educ. 1994, 24, 1–28. [Google Scholar] [CrossRef]
  17. Liang, Z.; Mao, J.; Li, G. Integrating Science-Technology Knowledge Linkage to Predict Disruptive Patents. J. China Soc. Sci. Tech. Inf. 2023, 42, 649–662. [Google Scholar]
  18. Dong, K.; Xu, H.Y.; Luo, R.; Wang, C.; Fang, S. Review of the Research on Relationship between Science and Technology. J. China Soc. Sci. Tech. Inf. 2018, 37, 642–652. [Google Scholar]
  19. Teng, Z.; Zhu, X. Measuring the global and domestic technological impact of Chinese scientific output: A patent-to-paper citation analysis of science-technology linkage. Scientometrics 2024, 129, 5181–5210. [Google Scholar] [CrossRef]
  20. Xu, S.; Liu, Z.; An, X.; Wang, H.; Pang, H. Linkages among science, technology, and industry on the basis of main path analysis. J. Informetr. 2025, 19, 101617. [Google Scholar] [CrossRef]
  21. Li, X.; Zhao, D.; Hu, X. Gatekeepers in knowledge transfer between science and technology: An exploratory study in the area of gene editing. Scientometrics 2020, 124, 1261–1277. [Google Scholar] [CrossRef]
  22. Zhao, H.; Leng, F.H. Relationship Between Science and Technology Research Frontiers from the Perspective of Academic Inventors. China Invent. Pat. 2021, 18, 3–12. [Google Scholar]
  23. Song, Y.H.; Chen, X.Q. Co-occurrence Mapping between Chinese Library Classification and International Patent Classification Categories Based on Author’s Research Similarity. J. China Soc. Sci. Tech. Inf. 2024, 43, 927–935. [Google Scholar]
  24. Xu, S.; Sun, T.F.; Luo, G.Y.; Yuan, Z.T.; Lian, J.X. Science-Technology Interactions from the Perspective of Bidirectional Mapping of Classification Systems. China Invent. Pat. 2024, 21, 4–15. [Google Scholar]
  25. Chen, X.; Ye, P.; Huang, L.; Wang, C.; Cai, Y.; Deng, L.; Ren, H. Exploring science-technology linkages: A deep learning-empowered solution. Inf. Process. Manage. 2023, 60, 103255. [Google Scholar] [CrossRef]
  26. Liu, T. Knowledge Correlation and Its Pattern Characteristics: Analysis Based on Fundamental Research and Technological Innovation. Inf. Sci. 2024, 42, 64–71+79. [Google Scholar]
  27. Blei, D.M.; Ng, A.Y.; Jordan, M.I. Latent dirichlet allocation. J. Mach. Learn. Res. 2003, 3, 993–1022. [Google Scholar]
  28. Zhang, T.; Li, Z.; Qi, Y. Research on digital literacy literature: Topic mining and evolutionary analysis. J. Librariansh. Inf. Sci. 2025, 35, 09610006241309645. [Google Scholar] [CrossRef]
  29. Feng, S.; Li, H.; Qi, Y. How to detect the sleeping beauty papers and princes in technology considering indirect citations? J. Informetr. 2023, 17, 101431. [Google Scholar] [CrossRef]
  30. Zhang, T.; Wang, H.; Yu, T.; Ma, H. Research on Data Security Policies and Scientific Topics Collaborative in China Based on Text Computing. J. Mod. Inf. 2024, 44, 99–107. [Google Scholar]
  31. Zhang, Y.J.; Ba, Z.C.; Meng, K.; Liu, L.L.; Wang, L.H. Multidimensional Coupling and Co-evolution of Frontier Science and Technology in Emerging Industries: A “Network-to-Time Series” Equivalence Transformation Perspective. J. Mod. Inf. 2025. accepted. [Google Scholar]
  32. Zhao, R.Y.; Chang, R.R.; Li, D.Y.; Dai, W.B. Research on the Evaluation of Patentee’s Discourse Power Based on Author-Topic Model: Take the Network Security Field as an Example. Inf. Stud. Theory Appl. 2021, 44, 36–43. [Google Scholar]
  33. Li, Z. Cybersecurity_science-technology_data. Figshare. Dataset. Available online: https://doi.org/10.6084/m9.figshare.28788071.v1 (accessed on 14 April 2025).
  34. Ma, Y.H.; Kong, L.K.; Lin, C.R.; Yang, X.M.; Ni, H.L. Research on the Identification of Disruptive Technologies Based on Heterogeneous Data——An Example in the Field of Intelligent Manufacturing Equipment. J. Mod. Inf. 2022, 42, 92–104. [Google Scholar]
  35. Mikolov, T.; Chen, K.; Corrado, G.; Dean, J. Efficient estimation of word representations in vector space. arXiv 2013, arXiv:1301.3781. [Google Scholar]
  36. Mikolov, T.; Sutskever, I.; Chen, K.; Corrado, G.; Dean, J. Distributed representations of words and phrases and their compositionality. Adv. Neural Inf. Process. Syst. 2013, 26, 3111–3119. [Google Scholar]
  37. Yang, H.; Wang, Y.; Zhang, L. Technology prediction based on core patents technology topic recognition and evolution analysis. J. Intell. 2022, 7, 49–56. [Google Scholar]
  38. Zhu, Y.; Li, Z.; Li, T.; Jiang, L. Topic recognition and refined evolution path analysis of literature in the field of cybersecurity. PLoS ONE 2025, 20, e0319201. [Google Scholar] [CrossRef]
  39. Silva, S.; Silva, R.; Pinto, R.; Salles, R. Botnets: A survey. Comput. Netw. 2013, 57, 378–403. [Google Scholar] [CrossRef]
  40. Hameed, S.; Kloht, T.; Fu, X. Identity based email sender authentication for spam mitigation. In Proceedings of the Eighth International Conference on Digital Information Management (ICDIM 2013), Islamabad, Pakistan, 10–12 September 2013; pp. 14–19. [Google Scholar]
  41. Rabash, A.J.; Nazri, M.Z.A.; Shapii, A.; Hasan, M.K. Non-dominated sorting genetic algorithm-based dynamic feature selection for intrusion detection system. IEEE Access 2023, 11, 125080–125093. [Google Scholar] [CrossRef]
  42. Lin, H.; Xue, Q.; Feng, J.; Bai, D. Internet of things intrusion detection model and algorithm based on cloud computing and multi-feature extraction extreme learning machine. Digit. Commun. Netw. 2023, 9, 111–124. [Google Scholar] [CrossRef]
  43. Getman, A.I.; Rybolovlev, D.A.; Nikolskaya, A.G. Deep Learning Applications for Intrusion Detection in Network Traffic. Program. Comput. Softw. 2024, 50, 493–510. [Google Scholar] [CrossRef]
  44. Diaba, S.Y.; Anafo, T.; Tetteh, L.A.; Oyibo, M.A.; Alola, A.A.; Shafie-Khah, M.; Elmusrati, M. SCADA securing system using deep learning to prevent cyber infiltration. Neural Netw. 2023, 165, 321–332. [Google Scholar] [CrossRef]
Applsci 15 06865 g001
Figure 1. Overall research framework.
Figure 1. Overall research framework.
Applsci 15 06865 g001
Applsci 15 06865 g002
Figure 2. Statistical chart of paper and patent data quantities.
Figure 2. Statistical chart of paper and patent data quantities.
Applsci 15 06865 g002
Applsci 15 06865 g003
Figure 3. Perplexity curve of paper data.
Figure 3. Perplexity curve of paper data.
Applsci 15 06865 g003
Applsci 15 06865 g004
Figure 4. Perplexity curve of patent data.
Figure 4. Perplexity curve of patent data.
Applsci 15 06865 g004
Applsci 15 06865 g005
Figure 5. Similarity distribution and weak, moderate, and strong correlation category interval mapping.
Figure 5. Similarity distribution and weak, moderate, and strong correlation category interval mapping.
Applsci 15 06865 g005
Applsci 15 06865 g006
Figure 6. The evolution map of high-similarity topic with science–technology associations.
Figure 6. The evolution map of high-similarity topic with science–technology associations.
Applsci 15 06865 g006
Table 1. The criteria for determining topic evolutionary type.
Table 1. The criteria for determining topic evolutionary type.
Topic TypesDescription of Determination Criteria
DivisionWhen s > γ, a scientific/technological topic in the previous stages can be divided into two or more technological/scientific topics in the current stage.
MergingWhen s > γ, two or more scientific/technological topics in the previous stages can be merged into a single technological/scientific topic in the current stage.
InheritanceWhen s > γ, the scientific/technological topic at the previous stage has a collaborative relationship with the technological/scientific topic in the current stage.
Co-occurrenceWhen s > γ, there is collaboration between the scientific and technological topics in the current stage.
Independent developmentWhen s < γ, the science–technology topic has low similarity.
Table 2. Distribution of scientific topics by stage.
Table 2. Distribution of scientific topics by stage.
StagesTopic Words
Stage 11_1 (Key Elements); 1_2 (Detection of Cyberattack); 1_3 (Blocking Servlet Communication); 1_4 (Authorized Passage of Servlets); 1_5 (Analysis of Cyberattacks); 1_6 (Listing Information); 1_7 (Identity); 1_8 (Enhancing Capacities to Defend); 1_9 (Network Traffic Analysis);
Stage 22_1 (Detection Techniques); 2_2 (Policies or Strategies Against DoS); 2_3 (Password Rules); 2_4 (Identity Verification and Firewall Policies); 2_5 (Solutions and Services); 2_6 (Cyberattack); 2_7 (Authentication); 2_8 (Data Acquisition and Replication Strategies);
Stage 33_1 (Establishing Robust Rules); 3_2 (Detection of Cyberattacks); 3_3 (Roles and Access Control); 3_4 (Access Control List); 3_5 (Cybersecurity Threats); 3_6 (Analysis of Attack Graphs); 3_7 (Security Approach); 3_8 (Policy-Based Network Traffic Analysis);
Stage 44_1 (Cyberattack); 4_2 (Detection of Network Traffic); 4_3 (Vulnerability Management); 4_4 (Policy Measures Against Botnet); 4_5 (Strategies to Defend); 4_6 (Intrusion Detection Systems); 4_7 (The Role of Rules); 4_8 (Cryptographic Applications); 4_9 (Authentication);
Stage 55_1 (Detection of Network Traffic); 5_2 (Identification of Cyberattacks); 5_3 (Cryptographic Measures Against DDoS); 5_4 (Intrusion Detection Systems); 5_5 (Privacy Protection); 5_6 (The Role of Vulnerabilities); 5_7 (The Role and Importance of SSL); 5_8 (The Evolution and Impact of Botnets);
Stage 66_1 (Authentication Techniques); 6_2 (Detection of Botnets); 6_3 (Rules for Malware Detection); 6_4 (Encryption); 6_5 (Identification); 6_6 (Threat Detection); 6_7 (Cyberattacks and Defense Strategies);
Stage 77_1 (Password-Based Authentication); 7_2 (Detection of Network Traffic); 7_3 (Key Risks); 7_4 (The Role of Evaluation in x); 7_5 (Rule-Based Anomaly Detection); 7_6 (DoS Attack Consequences); 7_7 (Vulnerability); 7_8 (Intrusion Detection System);
Stage 88_1 (Role of Authentication in DDoS Defense); 8_2 (The Role of Intrusion Detection Systems); 8_3 (Network Traffic & Cybercrime); 8_4 (Validated Techniques for Intrusion); 8_5 (Key Identification Techniques); 8_6 (Identification of Vulnerabilities); 8_7 (Detection of Malware);
Stage 99_1 (Cyber Defense Strategies); 9_2 (Network Traffic Analysis in Intrusion Detection); 9_3 (Role of Cybercrime); 9_4 (Cyberattack Identification); 9_5 (Firewall Configuration and Secure Network Access Controls); 9_6 (Private Data Capture and Utilization Precautions); 9_7 (Application of Encryption and Cryptographic Policies in Ransomware and Blockchain Technology);
Stage1010_1 (Optimization of Intrusion Detection Technology); 10_2 (Network Security Risk Assessment); 10_3 (The Application of Blockchain in Cybersecurity); 10_4 (Network Attack Defense for Critical Infrastructure); 10_5 (The Network Security Integration Challenge of Connected Vehicles); 10_6 (Medical IoT Security Protection); 10_7 (Quantum Computing and Anti Phishing Framework);
Table 3. Distribution of technical topics by stage.
Table 3. Distribution of technical topics by stage.
StagesTopic Words
Stage 11_1 (Communication Link Security and Authentication Technology); 1_2 (Vulnerability detection and security policy management); 1_3 (Network Intrusion Detection and Defense System); 1_4 (Malicious Code and Host Log Analysis); 1_5 (Network Address Security and Trusted Computing); 1_6 (Mobile Cybersecurity); 1_7 (Content Security and Data Protection); 1_8 (Web Services and Portable Storage Security);
Stage 22_1 (Mobile Terminal Software and Communication Security); 2_2 (Packet Detection); 2_3 (Communication Protocol Security); 2_4 (Client Security); 2_5 (Memory Protection); 2_6 (Message Security and File Management); 2_7 (Network Vulnerability Management); 2_8 (Security Operation);
Stage 33_1 (Terminal Control); 3_2 (Node Security); 3_3 (Application Layer Protocol Security); 3_4 (Malicious Node Identification); 3_5 (Data Packet Detection); 3_6 (Terminal Configuration Management); 3_7 (Behavioral Pattern Analysis); 3_8 (Database Security);
Stage 44_1 (Client Based Virus Detection and File Scanning Technology); 4_2 (Cybersecurity Detection Based on Packet Analysis); 4_3 (Malicious Code Detection); 4_4 (Service Interface); 4_5 (Mobile Applications and Server-Side Malicious Code Protection); 4_6 (Node Malware Detection); 4_7 (Rule based Electronic Service Security Event Response Technology); 4_8 (Client Authentication);
Stage 55_1 (Malware Detection); 5_2 (Intrusion Detection and Resource Protection); 5_3 (Malicious Code Addressing); 5_4 (Mobile Device Security); 5_5 (Cybersecurity Service Architecture); 5_6 (Web Service Communication Security); 5_7 (Network Content Security Control);
Stage 66_1 (Server Based Malicious Code Detection and File Protection); 6_2 (Network Security Authentication); 6_3 (Terminal Device Security); 6_4 (Network Traffic Strategy); 6_5 (Domain Name and Content Security Detection); 6_6 (File and Image Security Risk Analysis); 6_7 (Security Event Response and Resource Management); 6_8 (Malicious Message Detection);
Stage 77_1 (Distributed Cybersecurity Resource Management); 7_2 (Remote Control and Dynamic Network Topology Security); 7_3 (Real Time Threat Detection); 7_4 (Vehicle Networking and Communication Identity Authentication); 7_5 (Multimedia Threat Detection); 7_6 (Terminal Device Storage Security); 7_7 (Security Management for IoT Devices);
Stage 88_1 (Malicious Software Detection Technology Based on Multidimensional Feature and Behavior Analysis); 8_2 (Terminal Threat Response); 8_3 (Embedded System Protection); 8_4 (Node Collaborative Defense); 8_5 (Communication Security and Service Authentication);
Stage 99_1 (Security Detection and Defense of Terminal Devices); 9_2 (Network Attack Monitoring); 9_3 (Cloud Storage Security); 9_4 (Hardware Security Module for Network); 9_5 (Network Node Vulnerability Management);
Stage 1010_1 (Abnormal Behavior Detection and Log Analysis); 10_2 (Malware Detection and Defense); 10_3 (Secure Transmission of Data Streams); 10_4 (Automated Attack and Defense of Attack Surface); 10_5 (Hardware Blocks Reinforcement);
Disclaimer/Publisher’s Note: The statements, opinions and data contained in all publications are solely those of the individual author(s) and contributor(s) and not of MDPI and/or the editor(s). MDPI and/or the editor(s) disclaim responsibility for any injury to people or property resulting from any ideas, methods, instructions or products referred to in the content.

Share and Cite

MDPI and ACS Style

Feng, Y.; Li, Z.; Zhang, T. Research on the Evolutionary Pathway of Science–Technology Topic Associations: Discovering Collaborative and Symmetrical Effects. Appl. Sci. 2025, 15, 6865. https://doi.org/10.3390/app15126865

AMA Style

Feng Y, Li Z, Zhang T. Research on the Evolutionary Pathway of Science–Technology Topic Associations: Discovering Collaborative and Symmetrical Effects. Applied Sciences. 2025; 15(12):6865. https://doi.org/10.3390/app15126865

Chicago/Turabian Style

Feng, Yin, Zheng Li, and Tao Zhang. 2025. "Research on the Evolutionary Pathway of Science–Technology Topic Associations: Discovering Collaborative and Symmetrical Effects" Applied Sciences 15, no. 12: 6865. https://doi.org/10.3390/app15126865

APA Style

Feng, Y., Li, Z., & Zhang, T. (2025). Research on the Evolutionary Pathway of Science–Technology Topic Associations: Discovering Collaborative and Symmetrical Effects. Applied Sciences, 15(12), 6865. https://doi.org/10.3390/app15126865

Note that from the first issue of 2016, this journal uses article numbers instead of page numbers. See further details here.

Article Metrics

Back to TopTop