In the current era of big data, deep learning is booming and has become a powerful tool for solving realworld problems. However, traditional centralized deep learning systems are at risk of privacy leakage. To address this problem, federated learning, a distributed machine learning approach, has emerged. Federated learning allows multiple organizations or individuals to train models together without sharing raw data, by uploading local model parameters to the server, aggregating each user’s parameters to construct a global model, and returning it to the user. This approach achieves global optimization and avoids private data leakage. However, even with federated learning, attackers may still be able to reconstruct user data by obtaining the model parameters uploaded by users, thus violating  privacy. To address this issue, privacy protection has become the focus of federated learning research. In this paper, we propose a federated learning scheme FLFC (federated learning with confused modulo projection homomorphic encryption) based on confused modulo projection homomorphic encryption to address the above issues. This scheme adopts a selfdeveloped modular fully homomorphic encryption algorithm to encrypt user model parameters. The modular fully homomorphic encryption algorithm has the advantages of high computational efficiency, support for floatingpoint operations, and localization, thus achieving stronger protection of privacy. Experimental results show that the FLFC scheme exhibits a higher average accuracy and good stability compared to the FedAvg scheme in experiments.

Since users participating in federated learning training have high autonomy and their identities are difficult to identify, they are vulnerable to label flip attacks, causing the model to learn wrong rules from wrong labels and reducing the overall performance of the model. In order to effectively resist label flip attacks, a dilutionprotected federated learning method for multistage training models is proposed. This method randomly divides the training data set and uses a dilution protection federated learning algorithm to distribute part of the data to clients participating in the training to limit the amount of data owned by the client and avoid malicious participants with large amounts of data from causing major damage to the model. After each training session, the gradients of all training epochs in that phase are gradient clustered by a dimensionality reduction algorithm in order to identify potentially malicious actors and restrict their training in the next phase. At the same time, the global model parameters are saved after each stage of training to ensure that the training of each stage is based on the model foundation of the previous stage. Experimental results on the data set show that this method reduces the impact of attacks without damaging the model accuracy, and helps improve the convergence speed of the model.

Convolutional neural network (CNN) models have been widely used in image classification tasks and have achieved good results, but these models can also become objects of stealing. This paper proposes a novel method to avoid the stealing of CNN models in image classification tasks, addressing the issues of high dependence on algorithm detection accuracy and post intellectual property verification in existing antistealing measures. It utilizes image data augmentation technology to improve the robustness and generalization ability of private models, and then uses loose suspicious behavior detection rules to detect image query behavior. Suspicious query images are processed using enhanced image technology, and the processed images are input into the enhanced model for prediction. Finally, a vector composed of the predicted category confidence of the model is output to achieve inputoutput inequality. This process will prevent suspicious users from obtaining the model prediction information corresponding to their input images, in order to achieve the goal of model stealing prevention. This paper conducts experiments using three common image datasets and four convolutional neural network (CNN) structures, and finally finds that the method proposed in this paper can achieve the goal of model antistealing and ensure that private models can complete their classification tasks normally.

Currently, cameras equipped with AI object detection technology are widely used. However, AI object detection models in realworld applications are vulnerable to adversarial attacks. Existing adversarial attack methods, primarily designed for earlier models, are ineffective against the latest YOLOv8 object detector. To address this issue, we propose a novel adversarial patch attack method specifically for the YOLOv8 object detector. This method minimizes confidence output while incorporating an exponential moving average (EMA) attention mechanism to enhance feature extraction during patch generation, thereby improving the attack’s effectiveness. Experimental results demonstrate that our method achieves superior attack performance and transferability. Validation tests, in which the adversarial patches were printed on clothing, also demonstrated excellent attack results, indicating the strong practicality of our proposed method.

The fake images generated by deep generative models are becoming increasingly realistic, surpassing the human eye’s ability to detect them. These models have become new tools for illegal activities, such as fabricating lies and creating public opinion. Although current researchers have proposed many detection methods to detect fake images, their generalization ability is typically limited. To address this issue, we proposed a fake face detection method based on ConvNeXt. Firstly, we add a PSA(polarization selfattention) module after the second and third downsampling modules of ConvNeXt, enhancing the network’s spatial and channel attention performance. Secondly, a RIB(rich imformation block) is designed at the end of ConvNeXt to enrich the information learned by the network. The information is processed through this module before final classification. Furthermore, the loss function used in network training is a combination of CrossEntropy loss and KL(KullbackLeibler) divergence. Extensive experiments on the current mainstream fake face datasets demonstrate that our method surpasses all comparative methods in accuracy and generalization on the FF++ C23 dataset.

Aiming at the problems of insufficient attack samples and more categories in unbalanced IoT traffic datasets reducing the classification accuracy and generalization ability of the detection model, an intrusion detection method for the Internet of things by fusing spatiotemporal features (BGAREU) is proposed. The data were first normalized and the SMOTEENN method was used to improve the data distribution of the training samples; then temporal features and global information were extracted by Bidirectional gated recurrent unit (BiGRU) and multihead attention, and combined ResNext network and UNet network to construct a multiscale spatial feature extraction network, and then incorporate efficient channel attention (ECANet) into the residual units to enhance the local characterization capability; finally, the fused features are fed into the Softmax classifier for multiclassification. Experiments show that the proposed model has more than 2% improvement in all the metrics compared with other models on IoT traffic datasets UNSWNB15, NSLKDD, and WSNDS. In addition, this paper verifies that the ECANet has stronger characterization ability by comparing multiple attention mechanisms, and explores the effect of different numbers of attention heads in multihead attention on the model performance.

Different video recognition models possess distinct temporal discrimination patterns. In transfer attacks, the generation of video adversarial examples can lead to overfitting to the whitebox model’s temporal discrimination pattern, resulting in poor transferability of the adversarial examples. In view of this phenomenon, an effective algorithm is proposed to alleviate the overfitting phenomenon. The algorithm generates multiple augmented videos by frame extraction, inputs them into a whitebox model, and obtains augmented gradients through backpropagation. Then, it repositions these gradients and calculates a weighted sum to acquire the final gradient information. Finally, it introduces this gradient information into gradientbased whitebox attack methods, such as FGSM and BIM, to obtain the final adversarial samples. The crossentropy loss function was improved; while guiding the generation of adversarial examples, its primary goal was to quickly find a direction that causes the model to misclassify, without considering the semantic space distance between the classification result and other categories with higher probabilities. In response to this issue, a regularization term based on KL divergence was introduced. When combined with the crossentropy function, the adversarial examples generated based on this loss function have stronger transferability. On the Kinetics400 and UCF101 datasets, six commonly used models in the video recognition domain were trained, specifically NonLocal, SlowFast, and TPN, with ResNet50 and ResNet101 serving as the backbone networks. One of these models was selected as the whitebox model to conduct transfer attacks on the remaining models, and a large number of experiments demonstrated the effectiveness of the method.

The advancement of science and technology for information transmission provides convenience, but it has also led to information leaks. Aim at enhancing the quality and capacity of steganographic images, a threechannel deep fusion technology used in image steganography is designed. Firstly, the main channel of the steganographic model is used to extract features from the carrier image. This network is based on the UNet network structure and introduces residual blocks(ResBlock). Then, the bottom channel and the middle channel are utilized for extracting secret image features. Finally, fusing the features from the first and third layers of the bottom channel network into the corresponding layers of the middle channel network through way of crossfusion. Further, the features extracted from the second and fourth layers of the middle channel network are fused into the corresponding layers of the main channel network. The experimental results demonstrate that the proposed method has good invisibility. When the embedding capacity reaches 24bpp, the PSNR of the hidden image reaches 41.15dB, effectively improving the security of image transmission and steganography capacity.

At the moment, different information security vulnerability databases have different standards, with different focuses on vulnerability data and relatively independent relationships. It is difficult to quickly and comprehensively obtain highvalue vulnerability information, and a unified vulnerability entity standard needs to be established. Therefore, this paper focuses on vulnerability data in entity extraction technology research. The majority of vulnerability data is provided in unstructured natural language form that combines Chinese and English, rulebased methods lack robust generalization, deeplearningbased methods occupy too many resources and rely on a large amount of annotated data. To address these issues, this paper presents a vulnerability entity extraction method with small sample semantic analysis. The method employs BERT pretrained vulnerability data to generate a pretrained model within the cybersecurity vulnerability domain, allowing for a better understanding of cybersecurity vulnerability data and reducing reliance on lager annotated data. Additionally, a selfsupervised incremental learning approach is applied to improve model performance with very limited annotated data (1785 samples). The model in this paper extracts 12 types of vulnerability entities in the field of cybersecurity, and the experimental results show that the method outperforms other models in the recognition and extraction of cybersecurity vulnerability entities, with an F1 value of 0.8643.

A physical layer security scheme for CRNOMA systems based on DC(difference of convex) function planning is proposed to address the communication security issues caused by the openness of CRNOMA systems. In the NOMA(nonorthogonal multiple access) communication scenario, construct a multiuser eavesdropping channel model derive the security and rate expressions for the CRNOMA system; And design a DCbased carrier power allocation algorithm to solve the optimal solution for subchannel power allocation and improve the security of system subcarriers. The simulation results show that without increasing the power of the base station, its SSR is improved by 35% and 10%, respectively, compared to OFDMA and NOMA; Under the same SSR, the maximum number of users can increase by 200%. Verified that the scheme can effectively enhance the physical layer security of the system.

A blockchain oracle scheme base on Schnorr threshold signatures is proposed to address the inefficiency of blockchain interactions with offchain data when using oracles as intermediaries. The scheme aggregates multiple signatures based on the Schnorr threshold signature combined with the linear secret sharing algorithm. Additionally, it employs multiple oracles to obtain data information in the physical world, and achieves efficient and highly reliable data transmission from the oracle to the blockchain. The analyses and experiments demonstrate that the scheme offers good security and performance.

In the context of digital transformation, enterprises are evolving into multibranch conglomerates, adopting cloudbased services, and embracing decentralized models. However, this shift presents new challenges for network security. This article proposes a practical approach, based on the integration of 5G and SASE technologies, for secure access service edge (SASE) implementation. Leveraging 5G as the SDWAN transport network, the proposed solution connects data centers, hybrid clouds, and client endpoints. It deploys security access points of presence (POP) nodes nationwide, equipped with core modules such as Cloud Access Security Broker (CASB), Secure Web Gateway (SWG), Zero Trust Gateway, and FirewallasaService (FWaaS). Additionally, traditional security components can be selectively employed within these modules to enable usercentric security monitoring, access control, interception, and auditing capabilities. Practical implementation of this solution demonstrates its feasibility and effectiveness in various enterprise security protection scenarios.