Most Read articles

    Published in last 1 year |  In last 2 years |  In last 3 years |  All

    All
    Please wait a minute...
    For Selected: Toggle Thumbnails
    Research on Privacy Protection Technology in Federated Learning
    Journal of Information Security Reserach    2024, 10 (3): 194-.  
    Abstract196)      PDF (1252KB)(222)       Save
    In federated learning, multiple models are trained through parameter coordination without sharing raw data. However,  the extensive parameter exchange in this process renders the model vulnerable to threats not only from external users but also from internal participants. Therefore, research on privacy protection techniques in federated learning is crucial. This paper introduces the current research status on privacy protection in federated learning. It classifies the security threats of federated learning into external attacks and internal attacks.Based on this classification,  it summarizes external attack techniques such as model inversion attacks, external reconstruction attacks, and external inference attacks, as well as internal attack techniques such as poisoning attacks, internal reconstruction attacks, and internal inference attacks. From the perspective of attack and defense correspondence, this paper summarizes data perturbation techniques such as central differential privacy, local differential privacy, and distributed differential privacy, as well as process encryption techniques such as homomorphic encryption, secret sharing, and trusted execution environment. Finally, the paper analyzes the difficulties of federated learning privacy protection technology and identifies the key directions for its improvement.
    Reference | Related Articles | Metrics
    Security Risks and Countermeasures to Artificial Intelligence#br#
    #br#
    Journal of Information Security Reserach    2024, 10 (2): 101-.  
    Abstract166)      PDF (469KB)(238)       Save
    Related Articles | Metrics
    Android Malware Multiclassification Model Based on Transformer
    Journal of Information Security Reserach    2023, 9 (12): 1138-.  
    Abstract148)      PDF (2073KB)(163)       Save
    Due to the open source and openness, the Android system has become a popular target for malware attacks, and there are currently a large number of research on Android malware detection, among which machine learning algorithms are widely used. In this paper, the Transformer algorithm is used to classify and detect the grayscale images converted by Android software classes.dex files, and the accuracy rate reaches 86%, which is higher than that of CNN, MLP and other models.
    Reference | Related Articles | Metrics
    Research and Practice on Product Security Governance
    Journal of Information Security Reserach    2023, 9 (12): 1218-.  
    Abstract145)      PDF (2479KB)(95)       Save
    This paper studies how to ensure that suppliers deliver secure and trustworthy products and services from the perspective of product security governance. First, this paper introduces the context of product security, gives the definition and objectives of product security, and proposes that product security is a security governance problem. Then this paper establishes the organizational structure of product security governance based on the threeline model, describes the roles and responsibilities of each organizational unit, and solves the problems of separation of duties and conflicts of interest from the organizational structure. Next this paper introduces the concept, framework, system and implementation approaches of product security policies, and establishes the toplevel requirements of product security system construction. Finally, the contribution of this paper is summarized and the research direction for the next step is pointed out. These research results have been applied in ZTE’s product security practices and have achieved good governance effects.
    Reference | Related Articles | Metrics
    Malicious Client Detection and Defense Method for Federated Learning
    Journal of Information Security Reserach    2024, 10 (2): 163-.  
    Abstract144)      PDF (806KB)(122)       Save
    Federated learning allows participating clients to collaborate in training machine learning models without sharing their private data. Since the central server cannot control the behavior of clients, malicious clients may corrupt the global model by sending manipulated local gradient updates, and there may also be unreliable clients with low data quality but some value. To address the above problems, this paper proposes FedMDD,a defense approach for malicious client detection and defense for federated learning, to process detected malicious and unreliable clients in different ways based on local gradient updates, while defending against symbol flipping, additive noise, single label flipping, multilabel flipping, and backdoor attacks. Four baseline algorithms are compared for two datasets, and the experimental results show that FedMDD can successfully defend against various types of attacks in a training environment containing 50% malicious clients and 10% unreliable clients, with better results in both improving model testing accuracy and reducing backdoor accuracy.
    Related Articles | Metrics
    Malicious TLS Traffic Detection Based on Graph Representation#br#
    #br#
    Journal of Information Security Reserach    2024, 10 (3): 209-.  
    Abstract140)      PDF (1728KB)(115)       Save
    Owing to the need for privacy protection, encryption services online are becoming increasingly popular. However, this also provides an avenue for malicious traffic to hide itself. As a result, the identification of encrypted malicious traffic has become an important task for network management. Currently, some mainstream techniques based on machine learning and deep learning have achieved good results. However, most of these methods ignore the structure of traffic and do not provide indepth analysis of encryption protocols. To address this problem, this paper proposes a graph representation method for SSLTLS traffic, summarizes the key features of TLS traffic and considers traffic correlation from the perspective of multiple attributes such as source IP, destination port and packet count of the flow. Furthermore, this paper establishes a malicious traffic identification framework GCNRF based on graph convolutional neural network and random forest algorithm. This method transforms traffic into graph structure, integrates the structural information and node features of traffic for identification and classification. Experimental results on real public datasets show that the classification accuracy of this method is higher than that of current mainstream models.
    Reference | Related Articles | Metrics
    The Status and Trends of Confidential Computing
    Journal of Information Security Reserach    2024, 10 (1): 2-.  
    Abstract134)      PDF (1466KB)(171)       Save
    Related Articles | Metrics
    Legislative Thinking of Artificial Intelligence Law in the Era of  Generative Artificial Intelligence
    Journal of Information Security Reserach    2024, 10 (2): 103-.  
    Abstract130)      PDF (874KB)(132)       Save
    With the technological advancements and widespread adoption of Generative Artificial Intelligence (GAI), the structure of human society has undergone fundamental changes.The development of artificial intelligence technology has brought new risks and challenges. The “Interim Measures for the Management of Generative Artificial Intelligence Services” represents China’s latest exploration achievement in the field of GAI. It emphasizes the dual importance of development and security, advocates for innovation and governance in accordance with the law, and serves as a reference and inspiration for the ongoing legislative process of the Artificial Intelligence Law. Specifically, the Artificial Intelligence Law should consider the adoption of promoting legislative model, reduce the use of normative references in the legislative content, clarify the legislative approach of classification and grading, enhance  international exchanges and cooperation in artificial intelligence, and promote the positive use of science and technology by establishing a more scientific and reasonable toplevel design scheme.
    Reference | Related Articles | Metrics
    A Network Intrusion Detection Model Integrating CNN-BiGRU and  Attention Mechanism
    Journal of Information Security Reserach    2024, 10 (3): 202-.  
    Abstract130)      PDF (2042KB)(151)       Save
    To enhance the feature extraction capabilities and classification accuracy of the network intrusion detection model, a network intrusion detection model integrating CNNBiGRU (Convolutional Neural NetworkBidirectional Gated Recurrent Unit) and attention mechanism is proposed. CNN is employed to effectively extract nonlinear features from traffic datasets,while BiGRU extracts timeseries features. The attention mechanism is then integrated to differentiate the importance of different types of traffic data through weighted means, thereby improvingthe overall performance of the model in feature extraction and classification. The experimental results indicate that the overall accuracy rate is 2.25% higher than that of the BiLSTM (Bidirectional Long ShortTerm Memory) model. Kfold crossvalidation results demonstrate that the proposed model's good generalization performance, avoiding the occurrence of overfitting phenomenon, and affirming its effectiveness and rationality.
    Reference | Related Articles | Metrics
    Blockchain Security Sharding Scheme Based on Multi-dimensional Reputation
    Journal of Information Security Reserach    2024, 10 (8): 690-.  
    Abstract122)      PDF (2816KB)(115)       Save
    Blockchain faces scalability issues. Sharding improves system performance by dividing the blockchain network into multiple subnetworks that process transactions in parallel. However, sharding can lead to the clustering of malicious nodes, resulting in 51% attacks and affecting system security. The existing singledimensional reputation schemes have the problems of high overhead and insufficient shard consensus in the redistribution process, failing to ensure both performance and security. To address these  problems, a blockchain security sharding scheme based on multidimensional reputation is proposed: Firstly, the scheme integrates multidimensional indicators of nodes to balance shard reputation and computational communication abilities, identifying malicious nodes.  Secondly, a twostage redistribution scheme is proposed to reduce the frequency and cost of redistribution through partial redistribution in first stage and complete redistribution in second stage. Finally, a multidimensional reputation based fast Byzantine faulttolerant consensus (MRFBFT) is designed, which combines voting power and reputation, and introduces consensus among shard leader nodes to prevent malicious behavior. The experimental results show that the shard reputation and computational communication level are more balanced, the consensus delay is reduced by about 20%, and the throughput is increased by about 15%.
    Reference | Related Articles | Metrics
    Research on Identity Authentication Technology Based on Block Chain and PKI
    Journal of Information Security Reserach    2024, 10 (2): 148-.  
    Abstract120)      PDF (1573KB)(188)       Save
    Public key infrastructure (PKI) is a secure system based on asymmetric cryptographic algorithm and digital certificate to realize identity authentication and encrypted communication, operating on the principle of  trust transmission based on trust anchor. However, this technology has the following problems: The CA center is unique and there is a single point of failure; The authentication process involves a large number of operations, such as certificate resolution, signature verification, and certificate chain verification. To solve the above problems, this paper builds an identity authentication model based on Changan Chain, and proposes an identity authentication scheme based on Changan Chain digital certificate and public key infrastructure. Theoretical analysis and experimental data demonstrate  that this scheme reduces certificate parsing, signature verification and other operations, simplifies the authentication process, and improves the authentication efficiency.
    Reference | Related Articles | Metrics
    Data Life Cycle Safety Monitoring Method Driven by Big Data
    Journal of Information Security Reserach    2023, 9 (12): 1226-.  
    Abstract115)      PDF (1859KB)(113)       Save
    Aiming at the problems of small coverage, low monitoring accuracy and low automation of traditional data monitoring methods, a data lifecycle safety monitoring method driven by large data is put forward, which is based on feature analysis recognition model, content segmentation model, realtime data monitoring model, file analysis retrieval model and user abnormal behavior prediction model to monitor data security risk in realtime. It effectively guarantees the safe flow of data assets. After testing, the overall accuracy of sensitive data collection, sensitive page capture, sensitive flow monitoring and sensitive file parsing under this method is higher than 92%, and the accuracy of user’s sensitive behavior prediction is higher than 93%, which effectively improves the monitoring range and accuracy of sensitive data.
    Reference | Related Articles | Metrics
    Intelligent Fuzzy Testing Method Based on Sequence Generative Adversarial Networks
    Journal of Information Security Reserach    2024, 10 (6): 490-.  
    Abstract115)      PDF (2426KB)(158)       Save
    The increase in the number of vulnerabilities and the emergence of a large number of highly dangerous vulnerabilities, such as supercritical and highrisk ones, pose great challenges to the state of network security. As a mainstream security testing method, fuzz testing is widely used. Test case generation, as a core step, directly determines the quality of fuzz testing. However, traditional test case generation methods based on pregeneration, random generation, and mutation strategies face bottlenecks such as low coverage, high labor costs, and low quality. Generating highquality, highly available, and comprehensive test cases is a difficult problem in intelligent fuzz testing. To address this issue, this paper proposes an intelligent fuzz testing method based on the sequence generation adversarial network (SeqGAN) model. By combining the idea of reinforcement learning, the test case generation is abstracted as a learning and approximate generation problem for universally applicable variablelength discrete sequence data. Innovatively, a configurable embedding layer is added to the generator part to standardize the generation, and a reward function is designed from the dimensions of authenticity and diversity through dynamic weight adjustment. This ultimately achieves the goal of automatically and intelligently constructing a comprehensive, complete, and usable test case set for flexible and efficient intelligent fuzz testing. This paper verifies the proposed scheme from two aspects of effectiveness and universality. The average test case pass rate of over 95% and the average target defect detection rate of 10% under four different testing targets fully demonstrate the universality of the scheme. The 98% test case pass rate, 9% target defect detection rate, and the ability to generate 20000 usable test cases per unit time under four different schemes fully demonstrate the effectiveness of the scheme.
    Reference | Related Articles | Metrics
    Generative Fake Speech Security Issue and Solution#br#
    #br#
    Journal of Information Security Reserach    2024, 10 (2): 122-.  
    Abstract111)      PDF (1170KB)(117)       Save
    The development of generative artificial intelligence algorithms has made the generation of fake speech increasingly natural and fluid, making it challening for human listeners  to distinguish the genuine and fake speech. This paper firstly analyzes a series of threats to society posed by the improper abuse of generative fake speech, including an increase in telecommunication fraud, a decline in the security of voiceoperated applications, judicial fairness of forensic identification, and deception to the public through the combination of falsified information across various domains. Subsequently, the paper summarizes and classifies the algorithms of fake speech generation and fake speech detection technology from the perspective of technology development. We explains the procedural aspects of the technologies and their key points, along with an analysis of the challenges encountered in the process of application. Finally, this paper outlines strategies to prevent and address these security issues from four aspects: technical application, institutional regulation, public education and international cooperation.
    Reference | Related Articles | Metrics
    Research on Locally Verifiable Aggregate Signature Algorithm Based on SM2
    Journal of Information Security Reserach    2024, 10 (2): 156-.  
    Abstract110)      PDF (983KB)(122)       Save
    The SM2 algorithm is based on the elliptic curve cryptosystem, which was released by the State Cryptography Administration in 2010. At present, it is widely used in egovernment, medical care, finance and other fields. Among them, digital signature is the main application of SM2 algorithm, and the number of signature and verification operations generated in various security application scenarios has increased exponentially. Aiming at the problem that massive SM2 digital signatures occupy a large storage space and the efficiency of verifying signatures one by one is low. This paper proposes a partially verifiable aggregate signature scheme based on the national secret SM2 algorithm, which uses aggregate signatures to reduce storage overhead and improve verification efficiency. On the other hand, when the verifier only needs to verify the specified message and the aggregated signature, it must also obtain the plaintext of all the messages at the time of aggregation. Using partially verifiable signatures, the verifier only needs to specify the message, aggregate signature and short prompt to complete the verification. Analyze the correctness and security of this scheme. Through experimental data and theoretical analysis, compared with similar schemes, this scheme has higher performance.
    Reference | Related Articles | Metrics
    Analysis of Security Blind Area of Large LAN#br#
    #br#
    Journal of Information Security Reserach    2024, 10 (4): 335-.  
    Abstract109)      PDF (784KB)(93)       Save
    This paper proposes the concepts of network blind area, asset blind area and security blind area  as they pretain to the security of large local area networks (LAN).  It analyzes the reasons behind the emergence of these three blind area, describes their forms, and points out their impacts on the security of large LAN. This paper proposes a new perspective for solving the security issues associated with large LAN.
    Reference | Related Articles | Metrics
    Journal of Information Security Reserach    2023, 9 (E2): 2-.  
    Abstract103)      PDF (361KB)(91)       Save
    Related Articles | Metrics
    Journal of Information Security Reserach    2023, 9 (E2): 13-.  
    Abstract102)      PDF (1022KB)(142)       Save
    Reference | Related Articles | Metrics
    Research on the Security Architecture of Artificial Intelligence  Computing Infrastructure
    Journal of Information Security Reserach    2024, 10 (2): 109-.  
    Abstract101)      PDF (1146KB)(143)       Save
    The artificial intelligence computing infrastructure is a crucial foundation for the development of artificial intelligence. However, due to its diverse attributes, complex nodes, large number of users, and vulnerability of artificial intelligence itself, the construction and operation of artificial intelligence computing infrastructure face severe security challenges. This article analyzes the connotation and security development background of artificial intelligence computing infrastructure, proposes a security architecture for artificial intelligence computing infrastructure from three aspects: strengthening its own security, ensuring operational security, and facilitating security compliance. It puts forward development suggestions aiming to provide methodological ideas for the security construction of artificial intelligence computing infrastructure, offer a basis for selection and use of safe artificial intelligence computing infrastructure, and provide decisionmaking reference for the healthy and sustainable development of the artificial intelligence industry.
    Reference | Related Articles | Metrics
    Research on Malicious Behavior Detection and Identification Model  Based on Deep Learning
    Journal of Information Security Reserach    2023, 9 (12): 1152-.  
    Abstract98)      PDF (1897KB)(82)       Save
    In order to identify and prevent abnormal behavior and malicious intrusion in networks, a detection model based on Convolutional Neural Network (CNN) and Bidirectional Long ShortTerm Memory (BiLSTM) networks was constructed and applied to various types of Intrusion Detection Systems (IDS). Distinguished from traditional detection models, which suffer from reduced performance due to data redundancy, this model initially feeds the features into a CNN to generate feature mappings, effectively reducing the parameters of the recognition network and automatically eliminating redundant and sparse features. Subsequently, the processed features are used as inputs to the BiLSTM network to detect and recognize malicious behavior within the network. Finally, test results on the NSLKDD and KDD CUP99 datasets demonstrate that the proposed model surpasses existing models in terms of both time efficiency and accuracy, confirming its effectiveness in detecting malicious behavior and accurately classifying network anomalies.
    Reference | Related Articles | Metrics
    Survey of Research on Key Technologies of Internet Content Security
    Journal of Information Security Reserach    2024, 10 (3): 248-.  
    Abstract97)      PDF (1234KB)(99)       Save
    The rapid development of the Internet and easy content creation and sharing have made Internet content security a top priority for Internet construction and supervision. The dramatic increase of information content with text, image, audio, and video as carriers has brought great challenges to Internet content security. Internet content security is rich in connotation, and we focused on four key applications including multimedia content filtering, fake information detection, public opinion perception, and data protection. Then, we summarized key technologies and main research work adopted in those applications. Finally, we discussed and prospected key issues of Internet content security in future research.
    Reference | Related Articles | Metrics
    Research on the Practice of DevSecOps in the Construction of  Digital Government
    Journal of Information Security Reserach    2023, 9 (12): 1210-.  
    Abstract96)      PDF (1906KB)(96)       Save
    As an important carrier of data, government business systems are often the most important targets of attack, and government security construction pays more attention to compliance requirements, ensuring business operation through security products and services, while application endogenous security is ignored. In order to adapt to the high security requirements of the current digital government and meet the current scenario of intensive digital government construction, it is necessary to shift security to the left and focus on supply chain and application endogenous security. The government’s information project construction model needs to prioritize development work, and security needs to be closely integrated with the research and development process. DevSecOps, as an emerging security development model, has entered the field of digital government application development. The application development security system enabled by DevSecOps can improve the development process, reduce security repair costs, shorten development cycles, and greatly enhance the level of digital government security.

    Reference | Related Articles | Metrics
    A Review of Algorithmic Risk and Its Governance in China#br#
    #br#
    Journal of Information Security Reserach    2024, 10 (2): 114-.  
    Abstract95)      PDF (1781KB)(95)       Save
    In the era of digital intelligence, algorithms pervade every corner of human society. While algorithms drive the transformation towards digitization and intelligence, they also give rise to a series of issues, necessitating effective governance of increasing algorithmic risks. Firstly, algorithmic risks are categorized into four fields: law and justice, politics and governance, information dissemination and business and economy. Then the formation mechanisms of algorithmic risk are analyzed, encompassing algorithm black box, algorithm discrimination and power alienation. Finally, a governance strategy framework is proposed, consisting of three paths: technology regulation, power and responsibility normative, and ecological optimization. The research systematically presents the progress and development trend of algorithmic risk and its governance in China, providing reference for advancing the theoretical research and system construction inalgorithmic risk governance.
    Reference | Related Articles | Metrics
    Research on Source Code Vulnerability Detection Based on BERT Model
    Journal of Information Security Reserach    2024, 10 (4): 294-.  
    Abstract94)      PDF (3199KB)(127)       Save
    Techniques such as code metrics, machine learning, and deep learning are commonly employed in source code vulnerability detection. However, these techniques have problems, such as their inability to retain the syntactic and semantic information of the source code and the requirement of extensive expert knowledge to define vulnerability features. To cope with the problems of existing techniques, this paper proposed a source code vulnerability detection model based on BERT(bidirectional encoder representations from transformers) model. The model splits the source code to be detected into multiple small samples, converted each small sample into the form of approximate natural language, realized the automatic extraction of vulnerability features in the source code through the BERT model, and then trained a vulnerability classifier with good performance to realize the detection of multiple types of vulnerabilities in Python language. The model achieved an average detection accuracy of 99.2%, precision of 97.2%, recall of 96.2%, and an F1 score of 96.7% across various vulnerability types. This represents a performance improvement of 2% to 14% over existing vulnerability detection methods. The experimental results showed that the model was a general, lightweight and scalable vulnerability detection method.
    Reference | Related Articles | Metrics
    Face Spoofing Detection Model with Fusion of Convolutional  Neural Network and Transformer
    Journal of Information Security Reserach    2024, 10 (1): 25-.  
    Abstract93)      PDF (2122KB)(88)       Save
    In the field of face antispoofing, the methods based on Convolutional Neural Network (CNN) can learn feature representation with fewer parameters, yet their receptive fields remain local. In contrast, Transformerbased methods offer global perception but entail an impractical volume of parameters and computations, hindering widespread deployment on mobile or edge devices. To address these challenges, this paper proposed a face spoofing detection model that integrates CNN and Transformer, aiming to achieve a balance between the amount of parameters and accuracy while maintaining the ability to extract global and local features. Firstly, local face images are cropped and selected  as input to effectively avoid overfitting. Secondly, the feature extraction module based on coordinate attention is designed. Finally, the fusion of CNN and Transformer modules are designed to extract local and global features of images through localgloballocal information exchange. The experimental results show that the model achieved an accuracy of 99.31% and an average error rate of 0.54% on the CASIASURF (Depth modality) dataset; Moreover zero  error rate is achieved on the CASIAFASD and ReplayAttack datasets, and the model parameters are only 0.59MB, much smaller than the Transformer series models.
    Reference | Related Articles | Metrics
    Federated Foundation Model Finetuning Based on Differential Privacy#br#
    #br#
    Journal of Information Security Reserach    2024, 10 (7): 616-.  
    Abstract91)      PDF (1752KB)(73)       Save
    As the availability of private data decreases, large model finetuning based on federated learning has become a research area of great concern. Although federated learning itself has a certain degree of privacy protection, privacy security issues such as gradient leakage attacks and embedding inversion attacks on large models still threaten the sensitive information of participants. In the current context of increasing awareness of privacy protection, these potential privacy risks have significantly hindered the promotion of large model finetuning based on federated learning in practical applications. Therefore, this paper proposes a federated large model embedding differential privacy control algorithm, which adds controllable random noise to the embedded model of the large model during efficient parameter finetuning process through a global and local dual privacy control mechanism to enhance the privacy protection ability of federated learning based large model parameter finetuning. In addition, this paper demonstrates the privacy protection effect of this algorithm in large model finetuning through experimental comparisons of different federation settings, and verifies the feasibility of the algorithm through performance comparison experiments between centralization and federation.
    Reference | Related Articles | Metrics
    Constructing a Secure and Innovative Framework for Digital Financial  Infrastructure Security Based on a Multidimensional Security Perspective
    Journal of Information Security Reserach    2024, 10 (4): 290-.  
    Abstract90)      PDF (865KB)(106)       Save
    Related Articles | Metrics
    Journal of Information Security Reserach    2023, 9 (E2): 37-.  
    Abstract88)      PDF (1790KB)(106)       Save
    Reference | Related Articles | Metrics
    Research on the EU Policy on Cyber Defence
    Journal of Information Security Reserach    2024, 10 (1): 94-.  
    Abstract86)      PDF (569KB)(68)       Save
    The European Union proposed to formulate a cyber defence policy in 2013 and issued a joint communication on the “EU Policy on Cyber Defence” at the end of 2022, continuously to deepen and implement its cyber defence policy. This paper first summarizes the main points of the joint communication from the aspects of the necessity of jointly carrying out cyber defence, the role of situational awareness in cyber defence, and the promotion of cyber defence cooperation at multiple levels. Then, the characteristics of the EU’s network defense policy are analyzed in depth from the aspects of deepening network defense policies, implementing network defense policies, and collaborating to protect key infrastructure security. Finally, three inspirations and suggestions for strengthening the security of our critical infrastructure are given.

    Reference | Related Articles | Metrics
    Research on Location Attack Detection of VANET Based on Incremental Learning
    Journal of Information Security Reserach    2024, 10 (3): 277-.  
    Abstract86)      PDF (1866KB)(85)       Save
    In recent years, deep learning has been widely employed in the detection of malicious position attacks on vehicles. However, deep learning models necessitate extensive training time and possess a large number of parameters. Detection methods based on deep learning lack scalability and cannot accommodate the needs of continuously generated new data in vehicular networks. To address these issues, this paper innovatively introduces incremental learning algorithms into the detection of malicious position attacks on vehicles to solve the above problems.This approach first extracts key features from the collected vehicle information data. Subsequently, a malicious position attack detection system is constructed, utilizing ridge regression to quickly approximate the vehicular network’s malicious position attack detection model. Finally, the incremental learning algorithm is applied to update and optimize the malicious position attack detection model to adapt to newly generated data in the vehicular network.Experimental results demonstrate that this method surpasses other methods such as SVM, KNN, and ANN in terms of performance. It can swiftly and progressively update and optimize the old model, thereby enhancing the system’s detection accuracy for malicious position attack behaviors.
    Reference | Related Articles | Metrics
    Model of Intrusion Detection Based on Federated Learning and Convolutional Neural Network
    Journal of Information Security Reserach    2024, 10 (7): 642-.  
    Abstract85)      PDF (1722KB)(71)       Save
    The cyber intrusion detection model needs to identify the malicious data timely and accurately among the largescale cyber traffic data. However, due to the insufficient label data of a single institution and the unwillingness of various institutions to share data, the performance of the trained cyber intrusion detection model has low performance. In view of the above problems, this paper proposed an intrusion detection model FL1DCNN, which combined federated learning and onedimensional convolutional neural network. While ensuring high detection accuracy, it allowed more participants to protect their data privacy and security, which solved the problem of insufficiency of the labeled data. The FL1DCNN model first carried on a series of preprocessing operations on the original data set, then used the onedimensional convolutional neural network as the general model of each participant to extract features under the federated learning mechanism and finally performs binary classification using a sigmoid classifier. The experimental results show that the accuracy of the FL1DCNN model on the CICIDS2017 dataset is 96.5% and the F1score of the FL1DCNN model is 97.9%. In addition, compared to the traditional centralized training model 1DCNN, the FL1DCNN model reduces training time by 32.7%.
    Reference | Related Articles | Metrics
    Power Sensitive Data Access Control Method Based on Zero Trust Security Model
    Journal of Information Security Reserach    2024, 10 (1): 88-.  
    Abstract84)      PDF (1686KB)(87)       Save
    In order to protect the security of power sensitive data, the access control method of power sensitive data based on zerotrust security model was proposed, aiming at the problem of large amount of leakage of power sensitive data caused by the difficulty of data access control and the increase of data theft in big data environment. Based on the zerotrust security model, this paper collected the trust factors of users’ access behavior, constructed the zerotrust security model, decomposed the trust attributes by using the hierarchical decomposition model, constructed a judgment matrix based on the weight distribution method to calculate the trust value of users’ access behavior, and combined the adaptive mechanism and the time decay algorithm to improve the update and record of the trust value. The hierarchical growth decision tree is used to classify the access of power sensitive data. On the basis of user authentication, signcryption parameters are set, and public and private keys are used to sign the access authentication information. The experimental results showed that this method can effectively suppress the vicious data access behavior, and the data encryption time overhead was low, the average time overhead was less than 1.4s1200, and the access control error rate was less than 5%. The overall control effect reached the ideal standard.
    Reference | Related Articles | Metrics
    Abnormal Traffic Detection Based on Adaptive Integrated Learning
    Journal of Information Security Reserach    2024, 10 (1): 34-.  
    Abstract83)      PDF (1701KB)(64)       Save
    We propose an adaptive integratelearningbased anomalous traffic detection method in this paper that uses the discrete Fourier transform to extract the frequency domain features of traffic, resulting in less information loss during the extraction of traffic features. An evaluation metric based on stability and accuracy fluctuations is used to dynamically assess the reliability of the current traffic features, and the feature data blocks that pass the evaluation are used to generate new subclassifiers. Meanwhile, an integrated adaptive classifier is designed, whose parameters and subclassifiers are adjusted in real time according to the current situation. The experimental results show that the method is effective for solving the concept drift problem in anomalous traffic detection and machine learning against attacks.
    Reference | Related Articles | Metrics
    Multilabel Classification Method of Open Source Threat Intelligence Text Based on BertTextCNN
    Journal of Information Security Reserach    2024, 10 (8): 760-.  
    Abstract83)      PDF (1641KB)(59)       Save
    Open source threat intelligence is very important for network security protection, but it has the characteristics of wide distribution, many forms and loud noise. Therefore, how to organize and analyze the collected massive open source threat intelligence efficiently has become an urgent problem to be solved. Therefore, this paper explores a multilabel classification method based on BertTextCNN model, considering the title, text, and regular judgment. According to the characteristics of the text published by the intelligence source, the article sets regular judgment rules to make up for the deficiency of the model. In order to fully reflect the threat topics involved in the open source threat intelligence text, the paper sets the BertTextCNN multilabel classification model for the title and the text respectively, and then resorts the two labels to get the final threat category of the text. Compared with the BertTextCNN multilabel classification model based on text only, the performance of the proposed model is improved, and the recall rate is significantly improved, which can provide valuable reference for the classification of open source threat intelligence.
    Reference | Related Articles | Metrics
    Privacy Measures for Secure Multiparty Computing Applications
    Journal of Information Security Reserach    2024, 10 (1): 6-.  
    Abstract81)      PDF (790KB)(100)       Save
    The privacy protection ability of secure multiparty computing application to input information depends on the underlying security mechanism on the one hand, and on the other hand depends on the task functions. At present, the research on secure multiparty computing mainly focuses on the security mechanism to prevent information leakage in the process of computing. However, there are few studies on the measure of task functions’ ability to protect the input information of the participants. The problem that each participant of the task function deduces the input information of other participants through the legitimate input and output cannot be prevented by the security mechanism of secure multiparty computing, so the measurements of the privacy protection power of the task function are related to the concrete implementation and application of secure multiparty computing schemes. In this paper, according to the information entropy model, the concepts of average entropy and specific entropy are defined from the point of view of the attacker, and a method to calculate information benefits is proposed. Then, the privacy protection strength of the specific application scheme of secure multiparty computing schemes is measured by calculating the ideal privacy loss of the objective function and the actual privacy loss of the actual secure multiparty computing application.
    Reference | Related Articles | Metrics
    A Review of GPU Acceleration Technology for Deep Learning in Plaintext  and Private Computing Environments
    Journal of Information Security Reserach    2024, 10 (7): 586-.  
    Abstract81)      PDF (1274KB)(99)       Save
    With the continuous development of deep learning technology, the training time of neural network models is getting longer and longer, and using GPU computing to accelerate neural network training has increasingly become a key technology. In addition, the importance of data privacy has also promoted the development of private computing technology. This article first introduces the concepts of deep learning, GPU computing, and two privacy computing technologies, secure multiparty computing and homomorphic encryption, and then discusses the GPU acceleration technology of deep learning in plaintext environment and private computing environment. In the plaintext environment, the two basic deep learning parallel training modes of data parallelism and model parallelism are introduced, two different memory optimization technologies of recalculation and video memory swapping are analyzed, and gradient compression in the training process of distributed neural network is introduced. technology. This paper introduces two deep learning GPU acceleration techniques: Secure multiparty computation and homomorphic encryption in a privacy computing environment. Finally, the similarities and differences of GPUaccelerated deep learning methods in the two environments are briefly analyzed.
    Reference | Related Articles | Metrics
    Prediction of Industrial Control System Vulnerability Exploitation Relationships Based on Knowledge Graphreasoning
    Journal of Information Security Reserach    2024, 10 (6): 498-.  
    Abstract80)      PDF (1255KB)(72)       Save
    With the rapid growth in the number of vulnerabilities in Industrial Control Systems, the time and economic costs required for manual analysis of vulnerability exploitation are constantly increasing, and current reasoning methods have many deficiencies such as insufficient utilization of information and poor interpretability. To address these problems, a prediction method for exploitation relationships of ICS vulnerabilities is proposed, which is based on knowledge graph reasoning. First, a path filtering algorithm is utilized to minimize the vulnerability exploitation paths. Then, path information is obtained by aggregating key relation paths, and neighbor information is acquired by integrating neighbor relation information. Finally, the exploitation relationships of vulnerabilities are predicted. An experiment on predicting exploit relationships was conducted using a knowledge graph for ICS security, which was built based on security knowledge data and ICS scenario data, and consisted of 57333 entities. The results indicate that the proposed method can assist in predicting the exploitability of ICS vulnerabilities with an accuracy rate of 99.0%.
    Reference | Related Articles | Metrics
    Research on Text Classification Model Based on Federated Learning  and Differential Privacy
    Journal of Information Security Reserach    2023, 9 (12): 1145-.  
    Abstract79)      PDF (2101KB)(87)       Save
    As a distributed machine learning framework, federated learning can complete model training without disclosing user data. However, recent attacks have shown that only keeping the locality of data in the training process can not provide sufficient privacy protection. Therefore, in order to address the privacy protection issues during federated learning training, this paper proposes a text classification model based on BERT. This model combines differential privacy (DP) and federated learning (FL) to ensure that the federated model training process is protected from inference attacks during the transfer of federated learning parameters. The final experiment shows that the proposed method can maintain high model accuracy while protecting privacy.
    Related Articles | Metrics
    Security Status Analysis and Countermeasures of Basic Software Supply Cha
    Journal of Information Security Reserach    2024, 10 (8): 780-.  
    Abstract79)      PDF (4217KB)(70)       Save
    Basic software is the cornerstone of supporting the efficient and stable operation of computer systems, which determines the level of development of digital infrastructure. The industrial chain of basic software, represented by operating system, database and middleware, occupies an upstream position in the entire software industry, which directly determines the scale and the efficiency of the downstream output. Due to the characteristics of long R&D cycle and large R&D investment, basic software has gradually attracted attention from various countries and risen to the level of national strategy in the increasingly complex environment of software supply chain. In recent years, while China’s basic software industry has developed rapidly with the help of open source, many security incidents of basic software supply chain have occurred, which brings risks and challenges. This paper reviews the current situation of the basic software supply chain security, analyzes the risks and challenges faced by the basic software supply chain, and puts forward reasonable suggestions from four aspects: policy, industry, user and ecology.

    Reference | Related Articles | Metrics
    A Secure and Efficient Method of Fully Anonymous Vertical Federated Learning
    Journal of Information Security Reserach    2024, 10 (6): 506-.  
    Abstract77)      PDF (888KB)(83)       Save
    As a key technical paradigm to achieve “data availability and invisibility”, the core process of vertical federated learning is sample alignment based on private set intersection. Although the private set intersection protects the privacy of nonintersected information, it can’t meet the privacy protection requirements of user IDs in the intersected set. This paper proposes a fully anonymous vertical federated learning framework based on anonymous alignment to ensure that no private information of each holder set will be disclosed during the whole process. An implementation framework based on secure multiparty computation is proposed for fully anonymous joint modeling. The high performance and low error characteristics of the framework are verified through experiments, indicating it can be better applied in practice.
    Reference | Related Articles | Metrics