Table of Content

07 April 2026, Volume 12 Issue 4

Previous Issue   

Research on Domain Adaptive Intrusion Detection Method Based on  Dynamic Feature Fusion

2026, 12(4):  294. 

Asbtract ( )   PDF (1452KB) ( )  

References | Related Articles | Metrics

Aiming at the problems of incomplete feature extraction and limited model generalization ability in intrusion detection research, a domain adaptive intrusion detection method with dynamic feature fusion is proposed. Firstly, a convolutional neural network is used to extract spatial features, while a bidirectional long shortterm memory network is utilized for temporal feature extraction. This approach enables comprehensive extraction of multidimensional feature information from network traffic data. Secondly, the uncertainty is measured by calculating the information entropy of the two features, and different weights are assigned according to the entropy value, and the extracted features are weighted and fused according to the weights. Finally, during the training process, the proposed adaptive domain weight loss algorithm is used to dynamically adjust the contribution of the source domain and target domain data to improve the generalization ability of the model on the target domain data. Experiments are carried out using the NSLKDD and UNSWNB15 datasets. Compared with the existing mainstream methods, this method has higher detection accuracy, which is 0.8563 and 0.916 respectively.

Anomaly Traffic Detection Based on Improved Bidirectional TCN Model  in Software Defined Network

2026, 12(4):  303. 

Asbtract ( )   PDF (2198KB) ( )  

References | Related Articles | Metrics

The centralized control feature of software defined network (SDN) technology enhances the efficiency of network management while also bringing more severe security threats. Accurately detecting abnormal traffic in the SDN network is critical for network security. To address the vulnerabilities of SDN networks to various attacks and the insufficient ability of existing methods in modeling the temporal characteristics of abnormal traffic, this paper proposes an abnormal traffic detection method suitable for the SDN environment. This method takes the fivetuple of the flow (source IP address, destination IP address, source port number, destination port number, transport layer protocol) as the division basis. The length sequence of data packets is extracted as the core temporal features. Based on the improved bidirectional temporal convolutional network (BiTCN), by changing the ELU activation function and adding a residual block in the original TCN structure, and simultaneously integrating the multihead squeeze excitation mechanism (MSE) to enhance the feature modeling ability, the identification of abnormal behaviors is achieved. The experimental results show that the method proposed in this paper achieves good effects on the public SDN dataset, and its accuracy, precision and other indicators are superior to the traditional baseline models.

Research on a Fully Homomorphic Encryption Algorithm Based on  Confused Modulo Projection

2026, 12(4):  311. 

Asbtract ( )   PDF (1123KB) ( )  

References | Related Articles | Metrics

With the rapid proliferation of cloud computing, big data, and InternetofThings technologies, data privacy and security concerns have become increasingly prominent, while traditional dataprocessing methods exhibit inherent limitations in safeguarding sensitive information. Homomorphic encryption (HE) offers a promising privacypreserving approach by enabling computations to be performed directly on encrypted data. However, existing schemes typically suffer from high computational complexity, significant ciphertext expansion, and substantial resource consumption, which impede their practical deployment. To address these challenges, this paper proposes an efficient confused modulo projectionbased fully homomorphic encryption (EffiCMPFHE) algorithm. Leveraging the Chinese Remainder Theorem for multimodular redundant encoding of plaintexts, the scheme introduces streamlined encryption, blindcomputation, and decryption procedures to reduce processing overhead. Moreover, to accommodate largescale data workloads, this paper develops a batching mechanism that aggregates multiple messages into a single large integer for parallel evaluation, thereby significantly reducing overall computation time. To facilitate adoption, this paper also designs and implements a generalpurpose homomorphic encryption library based on EffiCMPFHE and benchmarks it against mainstream FHE frameworks. Experimental results demonstrate that the library achieves a marked improvement in operational speed. This work provides an efficient and practical pathway for applying homomorphic encryption in dataprivacy protection, cloud computing, and secure multiparty computation environments.

Research on Lattice Attack on ECDSA Implemented with wNAF

2026, 12(4):  319. 

Asbtract ( )   PDF (1223KB) ( )  

References | Related Articles | Metrics

To mount an attack on the elliptic curve digital signature algorithm (ECDSA) using the windowed nonadjacent form (wNAF) for scalar multiplication, one first requires sidechannel analysis to gather information, followed by latticebased methods to recover the private key. Since the information collected from sidechannel analysis about secret parameters such as the signing private key is partial, it typically necessitates scores or even hundreds of signatures to fully recover the private key. However, in practical attacks, there are stringent limitations on the number of signatures available, making it challenging for attackers to obtain such a large volume of signature data. To maximize the utilization of information gathered through sidechannel analysis and recover the complete private key using only a few signatures, a lattice attack construction method based on the extended hidden number problem (EHNP) is proposed. Initially, cache sidechannel attacks are employed to collect DoubleAddInvert chains during the actual execution of the ECDSA algorithm. Subsequently, these DoubleAddInvert chains are converted into EHNP instances. Next, EHNP is leveraged to construct a lattice matrix, within which exists a target lattice vector bearing the private key. Finally, the block KorkinZolotarev (BKZ) lattice basis reduction algorithm is applied to locate this target lattice vector, thereby recovering the private key. Experimental results demonstrate that the proposed attack scheme can recover the complete signing private key using only two signatures, achieving the theoretical limit.

A Support Multiuser Revocable Attributebased Lightweight Ciphertext  Retrieval Scheme

2026, 12(4):  330. 

Asbtract ( )   PDF (1851KB) ( )  

References | Related Articles | Metrics

With the rapid development of cloud computing, the demand for ciphertext retrieval on the cloud has been increasing. However, traditional ciphertext retrieval schemes struggle to efficiently implement finegrained access control in multiuser environments and face challenges such as high computational overhead and inflexible management of user attribute permissions. Therefore, this paper proposes a multiuser revocable attributebased lightweight ciphertext retrieval scheme. Firstly, to reduce the computational burden on users, intensive computations are outsourced to a proxy server, enabling lightweight local operations. Secondly, the scheme integrates attributebased encryption and searchable encryption to achieve efficient finegrained access control in multiuser environments. Lastly, the scheme incorporates blockchain technology to ensure a transparent and immutable revocation process, enabling flexible and trustworthy user attribute management. Security analysis demonstrates that both user privacy and cloudstored data are effectively safeguarded. Performance analysis indicates that the proposed ciphertext retrieval scheme is efficient and feasible for practical applications.

Approximate Decision Boundary Approach for Blackbox Adversarial Attacks  Based on Saliency Detection

2026, 12(4):  340. 

Asbtract ( )   PDF (2115KB) ( )  

References | Related Articles | Metrics

Decisionbased blackbox adversarial attacks have become an important research direction in the field of artificial intelligence security. Existing methods primarily approximate the decision boundary through uniform random traversal type search, ignoring the correlation between the semantic structure of the image and the region of interest of the model, and there are problems of blind search direction, insensitive region, and low query efficiency. To this end, this paper proposes a saliencyguided adversarial decision boundary attack (SADBA) method, which is designed for blackbox image classification systems that only provide hardlabel predictions in query budgetconstrained scenarios, and guides the perturbation with saliency mask semanticsto act preferentially on key sensitive regions of the image, thereby reducing redundant queries and improving the efficiency of the attack.Experiments on the ImageNet dataset show that SADBA outperforms the baseline attack methods on several mainstream models, with the number of queries decreasing by 11.5%, 25.3%, 3.6%, 30.4%, and 8.8% respectively on VGG19, InceptionV3, EffcientNetB0, DenseNet161, and ViTB32 respectively, while maintaining or improving the attack success rate, maintaining good robustness and achieving an effective balance between query efficiency and attack stealth.

Adaptive Gaussian Mixturebased Federated Learning Backdoor Defense Approach

2026, 12(4):  348. 

Asbtract ( )   PDF (4458KB) ( )  

References | Related Articles | Metrics

Aiming at the existing federated learning backdoor defense methods, which have the problems of misjudgment of abnormal client detection and are difficult to take into account the privacy protection of the client, we propose a federated learning backdoor defense approach based on adaptive Gaussian mixture model FedAGMM, which introduces Gaussian mixture model clustering at the server side, models the probability of gradient update of the client, and combines with the Bayesian information criterion to adaptively select the optimal number of clusters adaptively, so that the malicious model update is identified more accurately. Constructing a dynamic noise injection mechanism based on risk perception, adaptively adjusting the Gaussian noise intensity according to the client’s risk level.  This approach minimizes interference to normal clients while safeguarding privacy. Comparison experimental results with the latest defense methods show that in the face of three kinds of backdoor attacks, PGD, PGDEDGE, and MR, the success rate of the attack is reduced by 5.80, 3.27, and 1.00 percentage points, respectively, without decreasing the accuracy of the main task, and the theoretical analysis proves that FedAGMM meets the requirements of privacy protection while reducing overall noise injection, and significantly improves the detection accuracy and privacy security.

Research on Adaptive Hierarchical Neural Network Backdoor Defense Method

2026, 12(4):  359. 

Asbtract ( )   PDF (1411KB) ( )  

References | Related Articles | Metrics

Backdoor attacks force the deep learning models to output a preset result at a specific inputs by implanting a covert trigger patterns into the training data, which seriously threatens the security of the model. Traditional defense methods (such as pruning and finetuning) are difficult to balance defense effect and model performance due to the partial overlap between the posterior portal neurons and the normal neurons. To this challenge, an adaptive hierarchical neural network backdoor defense (AHBD) method is proposed, which locates the backdoor through gradient direction consistency analysis, and designs adaptive defense strategies based on the functional characteristics of different levels of neural networks. Experiments show that AHBD significantly reduces the attack success rate (ASR decreases to 2.63% and 1.71%, respectively) on the CIFAR10 and GTSRB datasets, while maintaining the original classification accuracy of the model (ACC decreases by less than 1%), which is better than the existing mainstream defense methods.

Research on the Architecture of Crosschain Transaction System for Data Assets

2026, 12(4):  366. 

Asbtract ( )   PDF (2367KB) ( )  

References | Related Articles | Metrics

In the context of the digital era, data has emerged as a critical production factor, and its trading and management are crucial for promoting socioeconomic growth. This paper aims to address the crosschain transaction challenges faced by data assets on different platforms. The article presents an analysis of the transaction market and value conversion paths of data asset, and proposes a crosschain transaction model that encompasses system architecture, network structure and functional processes. The model distinguishes data providers, establishing a data asset transaction chain and a personal data authorization chain for crosschain data transactions. This improves the efficiency of data transactions and the convenience of regulation, and promotes the digital economy development. This article offers theoretical and practical support for the stable development of the data asset trading market, thereby facilitating the further advancement of the digital economy. Building on this framework, the study constructs a secure and reliable crosschain data asset trading platform that ensures the fairness and transparency of transactions while protecting the privacy and data security of participants.

Certificatebased Designated Verifier Aggregate Authentication Scheme  in the Internet of Vehicles

2026, 12(4):  376. 

Asbtract ( )   PDF (908KB) ( )  

References | Related Articles | Metrics

The Internet of vehicles (IoV) significantly enhances traffic safety and travel efficiency, however, its open network environment and structural features expose it to security threats such as identity forgery, privacy leakage, and malicious attacks. A key challenge is achieving efficient and secure authentication under resourceconstrained scenarios while ensuring controllable verification rights and preserving user privacy. This paper proposes a certificatebased designated verifier aggregate authentication scheme, which enables efficient vehicletovehicle authentication and addresses both verifier authorization control and privacy risks in IoV communications by incorporating designated verifier signatures with conditional privacypreserving mechanisms. Formal security proofs demonstrat that the scheme is reducible to the CDH (computational DiffieHellman) problem in the random oracle model and achieves existential unforgeability under adaptive chosenmessage attacks. Experimental evaluation confirms its efficiency and practicality, making it suitable for resourceconstrained IoV environments.

Research on Log Anomaly Detection Method Integrating Semantic Features

2026, 12(4):  383. 

Asbtract ( )   PDF (5672KB) ( )  

References | Related Articles | Metrics

With the continuous expansion of system functionalities, the volume of system logs has grown exponentially, presenting substantial challenges to conventional anomaly detection approaches. Deep learningbased log anomaly detection techniques have gradually become a research hotspot due to their powerful feature extraction capabilities. This study proposes a semisupervised log anomaly detection model LogSem, which integrates semantic features. By introducing log content vectors that contain semantic information of the main log content and incorporating masked log key prediction tasks and hypersphere volume minimization tasks for semisupervised learning, the model deeply explores the semantic features of logs. Experiments conducted on three mainstream datasets show that the proposed method outperforms the LogBERT baseline model in terms of the F1 score. Furthermore, this study explores and verifies the feasibility of addressing the outofvocabulary problem through semisupervised learning.