Most Read articles

    Published in last 1 year |  In last 2 years |  In last 3 years |  All
    Published in last 1 year
    Please wait a minute...
    For Selected: Toggle Thumbnails
    Design of Adversarial Attack Scheme Based on YOLOv8 Object Detector
    Journal of Information Security Reserach    2025, 11 (3): 221-.  
    Abstract304)      PDF (3519KB)(67)       Save
    Currently, cameras equipped with AI object detection technology are widely used. However, AI object detection models in realworld applications are vulnerable to adversarial attacks. Existing adversarial attack methods, primarily designed for earlier models, are ineffective against the latest YOLOv8 object detector. To address this issue, we propose a novel adversarial patch attack method specifically for the YOLOv8 object detector. This method minimizes confidence output while incorporating an exponential moving average (EMA) attention mechanism to enhance feature extraction during patch generation, thereby improving the attack’s effectiveness. Experimental results demonstrate that our method achieves superior attack performance and transferability. Validation tests, in which the adversarial patches were printed on clothing, also demonstrated excellent attack results, indicating the strong practicality of our proposed method.
    Reference | Related Articles | Metrics
    Privacypreserving Federated Learning Research Based on #br# Confused Modulo Projection Homomorphic Encryption#br#
    Journal of Information Security Reserach    2025, 11 (3): 198-.  
    Abstract233)      PDF (1298KB)(138)       Save
    In the current era of big data, deep learning is booming and has become a powerful tool for solving realworld problems. However, traditional centralized deep learning systems are at risk of privacy leakage. To address this problem, federated learning, a distributed machine learning approach, has emerged. Federated learning allows multiple organizations or individuals to train models together without sharing raw data, by uploading local model parameters to the server, aggregating each user’s parameters to construct a global model, and returning it to the user. This approach achieves global optimization and avoids private data leakage. However, even with federated learning, attackers may still be able to reconstruct user data by obtaining the model parameters uploaded by users, thus violating  privacy. To address this issue, privacy protection has become the focus of federated learning research. In this paper, we propose a federated learning scheme FLFC (federated learning with confused modulo projection homomorphic encryption) based on confused modulo projection homomorphic encryption to address the above issues. This scheme adopts a selfdeveloped modular fully homomorphic encryption algorithm to encrypt user model parameters. The modular fully homomorphic encryption algorithm has the advantages of high computational efficiency, support for floatingpoint operations, and localization, thus achieving stronger protection of privacy. Experimental results show that the FLFC scheme exhibits a higher average accuracy and good stability compared to the FedAvg scheme in experiments.
    Reference | Related Articles | Metrics
    A Survey of Network Topology Obfuscation Techniques
    Journal of Information Security Reserach    2025, 11 (4): 296-.  
    Abstract229)      PDF (1248KB)(121)       Save
    LinkFlooding Attack (LFA) is a novel distributed denialofservice (DDoS) attack that exploits network topology detection. Network Topology Obfuscation serves as an effective deceptive defense mechanism against this attack, aiming to provide proactive protection before an attack occurs. Over the past decade, relevant research has continuously made progress, proposing corresponding obfuscation solutions for different scenarios and objectives. This paper comprehensively reviews the network topology obfuscation techniques. First, it combines the basic principles and classifications of network topology discovery to point out the risks of topology leakage in current network topology discovery. Next, it formally defines network topology obfuscation design and presents a proactive defense model. Then, based on the obfuscation concept, the technologies are divided into packet modification, decoy traps, routing mutation, and metric forgery schemes, and proposes a set of metrics to comprehensively compare the current mainstream network topology obfuscation techniques.
    Reference | Related Articles | Metrics
    Design and Implementation of Resourceefficient SM4 Algorithm on FPGA
    Journal of Information Security Reserach    2025, 11 (6): 490-.  
    Abstract226)      PDF (2238KB)(96)       Save
    In the hardware implementation of the SM4 algorithm, the lookup table method is commonly adopted for realizing the Sbox, which consumes a significant amount of hardware resources. This paper proposes an implementation scheme for the SM4 algorithm based on polynomial basis. Two construction schemes are developed for the 8×8 Sbox used in the SM4 algorithm, one based on composite field GF((24)2) and the other on composite field GF(((22)2)2). The test results indicate that the scheme based on polynomial bases GF((24)2) is optimal. Taking into account both resource utilization and performance, this paper designs two hardware implementation structures for SM4: a state machine parallel structure and a pipelined structure. Compared with the traditional lookup table approach, the state machine parallel structure reduces resource utilization by 21.98% while increasing the operating frequency by 14.4%. The pipelined structure achieves a reduction in resource utilization by 54.23%.
    Reference | Related Articles | Metrics
    A Federated Learning Method Resistant to Label Flip Attack
    Journal of Information Security Reserach    2025, 11 (3): 205-.  
    Abstract223)      PDF (3486KB)(83)       Save
    Since users participating in federated learning training have high autonomy and their identities are difficult to identify, they are vulnerable to label flip attacks, causing the model to learn wrong rules from wrong labels and reducing the overall performance of the model. In order to effectively resist label flip attacks, a dilutionprotected federated learning method for multistage training models is proposed. This method randomly divides the training data set and uses a dilution protection federated learning algorithm to distribute part of the data to clients participating in the training to limit the amount of data owned by the client and avoid malicious participants with large amounts of data from causing major damage to the model. After each training session, the gradients of all training epochs in that phase are gradient clustered by a dimensionality reduction algorithm in order to identify potentially malicious actors and restrict their training in the next phase. At the same time, the global model parameters are saved after each stage of training to ensure that the training of each stage is based on the model foundation of the previous stage. Experimental results on the data set show that this method reduces the impact of attacks without damaging the model accuracy, and helps improve the convergence speed of the model.
    Reference | Related Articles | Metrics
    Deep Learningbased Method for Encrypted Website Fingerprinting
    Journal of Information Security Reserach    2025, 11 (4): 304-.  
    Abstract217)      PDF (1407KB)(109)       Save
    Website fingerprinting is an important research area within the fields of network security and privacy protection. Its goal is to identify websites accessed by users within an encrypted network environment by analyzing network traffic characteristics. In response to the problems of limited application scenarios, such as restricted application scenarios, insufficient applicability, and the singularity of feature selection, this paper proposes a deep learningbased method for encrypted website fingerprinting. Initially, a new preprocessing method for raw data packets is introduced, which processes directly captured raw packet files to generate a feature sequence with both spatial and temporal characteristics, structured hierarchically. Following this, a hybrid deep learning model combining convolutional neural networks and long shortterm memory networks is designed to thoroughly learn the spatial and temporal features present in the data. The study further investigates various activation functions, model parameters, and optimization algorithms to improve the model’s accuracy and generalization capability. Experimental results indicate that this method provides higher website fingerprinting accuracy in the onion router anonymous network environment when it does not rely on cell packets. And it also achieves better accuracy compared to current mainstream machine learning methods in virtual private network scenarios.
    Reference | Related Articles | Metrics
    Innovative and Professional Talent Education Architecture of  Cyberspace Security in New Situation
    Journal of Information Security Reserach    2025, 11 (4): 385-.  
    Abstract196)      PDF (3780KB)(120)       Save
    The emerging new problems and technologies in the field of cybersecurity currently do not match the applicability and timeliness of existing talent cultivation in technological development. In response to this, this paper investigates the innovative professional training system for cybersecurity talents under new circumstances. We systematically examine key issues in talent cultivation, dynamic updates of training objectives, evolution of knowledge systems, and cultivation of innovative competencies. The study proposes and constructs a comprehensive, multilevel, and dynamic talent cultivation framework for cyberspace security professionals, encompassing core theoretical research, critical technology R&D, and comprehensive innovation capability development that adapts to new technological trends. Through innovative processes including instructional objective design, content adaptation, teaching implementation, and feedback mechanisms, we establish an internationally adaptable training system that dynamically responds to technological advancements. This approach strengthens the dynamism, adaptability, and practical orientation of cybersecurity talent cultivation, effectively addressing the demand for innovative professionals in cyberspace security under evolving technological landscapes and emerging requirements.
    Reference | Related Articles | Metrics
    A Blackbox Antiforensics Method of GANgenerated Faces Based on #br# Invertible Neural Network#br#
    Journal of Information Security Reserach    2025, 11 (5): 394-.  
    Abstract195)      PDF (1920KB)(76)       Save
    Generative adversarial network GANgenerated faces forensics models are used to distinguish real faces and GANgenerated faces. But due to the fact that forensics models are susceptible to adversarial attacks, the antiforensics techniques for GANgenerated faces have emerged. However, existing antiforensic methods rely on whitebox surrogate models, which have limited transferability. Therefore, a blackbox method based on invertible neural network (INN) is proposed for GANgenerated faces antiforensics in this paper. This method embeds the features of real faces into GANgenerated faces through the INN, which enables the generated antiforensics faces to disturb forensics models. Meanwhile, the proposed method introduces a feature loss during training to maximize the cosine similarity between the features of the antiforensics faces and the real faces, further improving the attack performance of antiforensics faces. Experimental results demonstrate that, under the scenarios where no whitebox models are involved, the proposed method has good attack performance against eight GANgenerated faces forensics models with better performance than seven comparative methods, and can generate highquality antiforensics faces.
    Reference | Related Articles | Metrics
    Design and Implementation of 3D Model Matching Algorithm
    Journal of Information Security Reserach    2025, 11 (6): 539-.  
    Abstract183)      PDF (2587KB)(21)       Save
    3D model matching plays a vital role in model copyright protection and transaction facilitation by effectively preventing redundant authentication and enabling convenience for research, testing, and management in related fields. However, traditional matching approaches predominantly rely on plaintext matching, which, despite ensuring a certain level of matching accuracy and robustness, falls short in data privacy protection. To address this gap, ciphertext matching performs matching computations on encrypted data, thus enabling model matching while safeguarding data privacy. This approach offers significant practical value and broad application prospects. Therefore, this paper presents three matching strategies. 1) Under plaintext conditions, precise registration of 3D point clouds is achieved via the Iterative Closest Point (ICP) algorithm, followed by model matching using peak signaltonoise ratio (PSNR). 2) Under plaintext conditions, 3D point cloud features are extracted using the PointNet deep learning model, and feature similarity is calculated via cosine similarity. 3) Under ciphertext conditions, the extracted features are encrypted using homomorphic encryption. Cosine similarity is then used to compute the similarity of the encrypted features, thereby effectively protecting data privacy.
    Reference | Related Articles | Metrics
    The Finegrained Executor Scheduling Algorithm for Unknown  Attacks Perception
    Journal of Information Security Reserach    2025, 11 (6): 569-.  
    Abstract181)      PDF (1456KB)(38)       Save
    Addressing security threats from unknown attacks exploiting software and system vulnerabilities in power grid devices often overlooks potential issues within operating systems and communication protocols at the programming languarg level. This paper proposes a finegrained scheduling algorithm that quantifies the similarity of execution components and incorporates parameters such as attack timing and frequency to assess historical trust deficit. By combining similarity and historical trust deficit, a quantitative algorithm for redundant execution body heterogeneity is introduced. Simulation experiments demonstrate that this algorithm significantly outperforms other methods in distinguishing execution body similarity, effectively reducing the risk of exploiting similar vulnerabilities or defects, and minimizing redundant wastage from similar execution bodies. The failure rate remains consistently below 0.55, indicating superior practical performance compared to commonly used algorithms.
    Reference | Related Articles | Metrics
    Constructing Lightweight Trusted Execution Environment on  RISCV Dualcore Processor
    Journal of Information Security Reserach    2025, 11 (6): 500-.  
    Abstract179)      PDF (2551KB)(28)       Save
    With the rapid development of Internet of Things (IoT) technology, resourceconstrained embedded IoT devices face particularly severe challenges in information security. The Trusted Execution Environment (TEE) provides an effective approach to addressing the security issues of terminal devices. By dividing the system into secure and ordinary areas and employing mechanisms such as memory access control, TEE ensures the separate execution of secure and ordinary application software, thereby significantly enhancing the overall system security. This paper addresses the problem of trusted isolation of secure application software and proposes a lightweight TEE SystemonChip (SoC) solution based on a RISCV dualcore architecture. Specifically, the solution leverages the Physical Memory Protection (PMP) mechanism to achieve trusted isolation. Additionally, to prevent unauthorized access to secure area resources by ordinary area applications, a lowresource IOPMP design is presented, which uses a physical address access firewall mechanism to block unauthorized access. Furthermore, to facilitate efficient message transfer between the secure and ordinary areas, a Mailbox communication scheme based on the “message queue & interrupt” mechanism is proposed. Experimental results indicate that the design proposed in this paper has lower hardware resource consumption compared to similar designs, with a power consumption of only 0.256W, a 14% reduction. In the CoreMark test for the TEE CPU, the score reached 2.40 CoreMarks/MHz, which is double the performance of similar designs.
    Reference | Related Articles | Metrics
    Multiciphertext Equality Test Scheme Based on RLWE
    Journal of Information Security Reserach    2025, 11 (6): 511-.  
    Abstract174)      PDF (1049KB)(27)       Save
    With the rapid development of technology, privacy protection has become an important issue. In order to ensure the security of data, it is usually chosen to encrypt the data and store it on the cloud server. However, in this way, the cloud server cannot effectively process the encrypted data such as calculation and statistics, which limits many application scenarios. To address this issue, this paper proposes a PKEMET(publickey encryption with a multiciphertext equality test) scheme based on RLWE (ring learning with error) problem, and provides a correctness and security analysis. This solution allows the cloud server to perform equality tests on multiple ciphertexts at the same time, and is also resistant to quantum computing attacks. This paper also implements the scheme based on the Palisade library, and compares it with other schemes from the perspective of theory and implementation. Compared with other solutions, this solution has the advantages of high efficiency and short running time.
    Reference | Related Articles | Metrics
    An Intrusion Detection Method for Internet of Things by Fusing #br# Spatiotemporal Features#br#
    Journal of Information Security Reserach    2025, 11 (3): 241-.  
    Abstract174)      PDF (3194KB)(59)       Save
    Aiming at the problems of insufficient attack samples and more categories in unbalanced IoT traffic datasets reducing the classification accuracy and generalization ability of the detection model, an intrusion detection method for the Internet of things by fusing spatiotemporal features (BGAREU) is proposed. The data were first normalized and the SMOTEENN method was used to improve the data distribution of the training samples; then temporal features and global information were extracted by Bidirectional gated recurrent unit (BiGRU) and multihead attention, and combined ResNext network and UNet network to construct a multiscale spatial feature extraction network, and then incorporate efficient channel attention (ECANet) into the residual units to enhance the local characterization capability; finally, the fused features are fed into the Softmax classifier for multiclassification. Experiments show that the proposed model has more than 2% improvement in all the metrics compared with other models on IoT traffic datasets UNSWNB15, NSLKDD, and WSNDS. In addition, this paper verifies that the ECANet has stronger characterization ability by comparing multiple attention mechanisms, and explores the effect of different numbers of attention heads in multihead attention on the model performance.
    Reference | Related Articles | Metrics
    Multiparty Data Security Sharing Scheme Based on Decentralized Verification
    Journal of Information Security Reserach    2025, 11 (6): 578-.  
    Abstract168)      PDF (4817KB)(61)       Save
    With the development of the Internet of Things, collaborative work between multiple devices is becoming increasingly common. However, in the process of data sharing, user privacy may face the risk of data theft and tampering. Existing FL methods rely on mobile edge computing (MEC) servers for model aggregation, and have problems with trust, security threats, and single points of failure. To solve these problems, a new multiparty data sharing scheme based on blockchain is proposed, in which a decentralized verification mechanism and a consensus mechanism inspired by proof of stake (PoS) are introduced. The decentralized verification mechanism ensures the legitimacy of each local model update by evaluating node behavior and voting, and only legitimate updates are used for global model building. In the process of model construction, homomorphic encryption and key sharing techniques are used to encrypt the local model parameters to ensure the security integrity of model parameters in the process of transmission and aggregation. The PoS consensus mechanism rewards honest behavior devices, increasing their chances of becoming block generators. In addition, the cache mechanism of information search is introduced to reduce the number of multiparty search. The data sharing scheme has been verified to enhance data security.
    Reference | Related Articles | Metrics
    Design of a Large Model Data Supervision System Based on Blockchain
    Journal of Information Security Reserach    2025, 11 (8): 682-.  
    Abstract168)      PDF (2618KB)(69)       Save
    Large model (LM) has shown great potential in the fields of natural language processing, image and speech recognition, and has become a key force driving the technological revolution and social progress. However, the wide application of LM technology brings challenges such as data privacy risks, data compliance regulation, and data regulatory activation and intelligence.  This paper aims to explore how to utilize blockchain to design and construct an effective data regulatory system to promote its healthy development, in order to meet the challenges brought by the application of massive data to LM. This paper analyzes the trends and current status of the development of LM at home and abroad, and points out the main challenges to LM data regulation, including data privacy risks, data compliance, and the difficulty of effective supervision by regulators . A blockchainbased data regulation system design scheme is proposed to address these challenges, which realizes the fullcycle data regulation of LM data from the native metadata to the input of training until the posttraining feedback through four interconnected modules, namely, privacy protection, consensus algorithm, incentive mechanism, and smart contract. Finally, the application prospect of blockchain in LM data supervision is summarized, and the future trend of data supervision is outlooked.
    Reference | Related Articles | Metrics
    Research on Distributed Identity Authentication Technology Based on  Revocable Proxy Signature
    Journal of Information Security Reserach    2025, 11 (6): 521-.  
    Abstract166)      PDF (1936KB)(28)       Save
    With the proliferation of digital services in people’s daily lives, traditional identities have found a new form of expression—digital identities. In conventional network digital activities, the digital identity management is handled by centralized service providers, which brings a series of issues such as difficulties in centralized storage management and insufficient protection of user privacy. Consequently, the identity authentication technology based on decentralized identifier (DID) has become a current research hotspot. However, distributed digital identity authentication schemes often face problems of privacy leakage and cumbersome user signature authentication processes, presenting significant pain points in current distributed identity authentication technology. To address the aforementioned issues, this paper constructs a distributed identity authentication protocol based on revocable proxy signatures, verifiable credentials, and blockchain technology. This protocol achieves a userfriendly and secure signature authentication process, requiring low device performance from users participating in digital activities, making it suitable for a wider range of user digital activities.
    Reference | Related Articles | Metrics
    A Latticebased CPABE Scheme with Policy Splitting and #br# Attribute Revocation#br#
    Journal of Information Security Reserach    2025, 11 (6): 548-.  
    Abstract164)      PDF (1755KB)(15)       Save
    Ciphertextpolicy attributebased encryption (CPABE) is suitable for providing secure datasharing services in the cloud storage scenario. However, attribute revocation is a challenging issue in CPABE. With the advancements in quantum computing research, traditional CPABE are no longer secure. Latticebased CPABE can resist quantum attacks. This paper proposes a latticebased CPABE scheme with policy splitting and attribute revocation. This scheme is resistant to quantum and collusion attacks. When attribute revocation occurs, this paper uses policy splitting to reduce the affected ciphertexts (blocks) and uses the lazy mode ciphertext update method to reduce the number and scope of ciphertexts that need to be updated. Theoretical analysis demonstrates that the overall storage cost of our scheme remains within a reasonable range. Finally, it is shown that, under the standard model, the scheme is proven secure against chosenplaintext attacks (CPA), and its security can be attributed to the ring learning with errors (RLWE) difficulty problem.
    Reference | Related Articles | Metrics
    Fake News Detection Model Based on Crossmodal Attention Mechanism and#br#  Weaksupervised Contrastive Learning#br#
    Journal of Information Security Reserach    2025, 11 (8): 693-.  
    Abstract161)      PDF (1508KB)(42)       Save
    With the widespread popularization of the Internet and smart devices, social media has become a major platform for news dissemination. However, it also provides conditions for the widespread of fake news. In the current social media environment, fake news exists in multiple modalities such as text and images, while existing multimodal fake news detection techniques usually fail to fully explore the intrinsic connection between different modalities, which limits the overall performance of the detection model. To address this issue, this paper proposes a hybrid model of crossmodal attention mechanism and weaksupervised contrastive learning(CMAWSCL) for fake news detection. The model utilizes pretrained BERT and ViT models to extract text and image features respectively, and effectively fuses multimodal features through the crossmodal attention mechanism. At the same time, the model introduces weaksupervised contrast learning, which utilizes the prediction results of effective modalities as supervisory signals to guide the contrast learning process. This approach can effectively capture and utilize the complementary information between text and image, thus enhancing the performance and robustness of the model in multimodal environments. Simulation experiments show that the CMAWSCL performs well on the publicly available Weibo17 and Weibo21 datasets, with an average improvement of 1.17 percentage points in accuracy and 1.66 percentage points in F1 score compared to the current stateoftheart methods, which verifies its effectiveness and feasibility in coping with the task of multimodal fake news detection.
    Reference | Related Articles | Metrics
    Android Malware Detection Based on Threeway Decision Feature Selection
    Journal of Information Security Reserach    2025, 11 (6): 561-.  
    Abstract153)      PDF (1077KB)(28)       Save
    There are a large number of irrelevant and redundant features in the Android malware detection dataset. A single feature selection method cannot effectively remove irrelevant or redundant features. If the features with large amount of information are removed, it is easy to cause the problem of model collapse. To address these issues, this paper proposed an Android malware detection method based on ThreeWay Decision Feature Selection (3WDFS). The algorithm combines the idea of threeway decision, and uses a variety of feature selection methods to evaluate the features of the dataset in parallel. The features are divided into disjoint positive region, negative region and boundary region. Then, the interclass redundancy feature and the intraclass redundancy feature in the boundary region are deleted by using the approximate Markov blanket and the information difference respectively to form a lowredundancy boundary region. Finally, the positive region and the low redundancy boundary region are concatenated by the learnable weight parameter, and the classification model is input for training and learning. Experimental results on public datasets show that 3WDFS can effectively remove irrelevant and redundant features in Android malware detection and improve the detection efficiency and accuracy of malware detection.
    Reference | Related Articles | Metrics
    An Image Steganography Method Based on Threechannel Deep  Fusion Technology
    Journal of Information Security Reserach    2025, 11 (3): 257-.  
    Abstract153)      PDF (3334KB)(41)       Save
    The advancement of science and technology for information transmission provides convenience, but it has also led to information leaks. Aim at enhancing the quality and capacity of steganographic images, a threechannel deep fusion technology used in image steganography is designed. Firstly, the main channel of the steganographic model is used to extract features from the carrier image. This network is based on the UNet network structure and introduces residual blocks(ResBlock). Then, the bottom channel and the middle channel are utilized for extracting secret image features. Finally, fusing the features from the first and third layers of the bottom channel network into the corresponding layers of the middle channel network through way of crossfusion. Further, the features extracted from the second and fourth layers of the middle channel network are fused into the corresponding layers of the main channel network. The experimental results demonstrate that the proposed method has good invisibility. When the embedding capacity reaches 24bpp, the PSNR of the hidden image reaches 41.15dB, effectively improving the security of image transmission and steganography capacity.
    Reference | Related Articles | Metrics
    Fake Face Detection Method Based on ConvNeXt
    Journal of Information Security Reserach    2025, 11 (3): 231-.  
    Abstract153)      PDF (2205KB)(56)       Save
    The fake images generated by deep generative models are becoming increasingly realistic, surpassing the human eye’s ability to detect them. These models have become new tools for illegal activities, such as fabricating lies and creating public opinion. Although current researchers have proposed many detection methods to detect fake images, their generalization ability is typically limited. To address this issue, we proposed a fake face detection method based on ConvNeXt. Firstly, we add a PSA(polarization selfattention) module after the second and third downsampling modules of ConvNeXt, enhancing the network’s spatial and channel attention performance. Secondly, a RIB(rich imformation block) is designed at the end of ConvNeXt to enrich the information learned by the network. The information is processed through this module before final classification. Furthermore, the loss function used in network training is a combination of CrossEntropy loss and KL(KullbackLeibler) divergence. Extensive experiments on the current mainstream fake face datasets demonstrate that our method surpasses all comparative methods in accuracy and generalization on the FF++ C23 dataset.
    Reference | Related Articles | Metrics
    Design and Verification of V2V Authentication and Key Exchange Protocol  for Internet of Vehicles
    Journal of Information Security Reserach    2025, 11 (5): 465-.  
    Abstract152)      PDF (1252KB)(30)       Save
    In the Internet of vehicles system, vehicles need to achieve communications of vehicle to vehicle(V2V), which needs strong security, low latency, user anonymity and other security characteristics. Authentication and key exchange protocol(AKE) is based on cryptographic algorithms, aiming to complete session key negotiation for subsequent information exchange between communication parties. It is an important means to ensure the security of vehicle networking. However, the existing protocol registration phase requires offline secure channels, which is inconsistent with reality. Also the authentication phase is mostly based on third parties and requires multiple rounds of information exchange, increasing the complexity of the protocol interactions. In this paper, a lightweight V2V protocol is designed for public channels, which does not rely on the third party and only requires two rounds of information exchange during login and authentication phases. At the same time, a fast login phase is added to solve the delay of information exchange caused by sudden network interruptions. Theoretical analysis and formal verification results show that the designed protocol satisfied security properties such as authentication and confidentiality.
    Reference | Related Articles | Metrics
    A Deceptionresistant Multilevel Visual Cryptography Scheme  Based on Random Grids
    Journal of Information Security Reserach    2025, 11 (6): 532-.  
    Abstract152)      PDF (2395KB)(28)       Save
    Visual cryptography is a technique for encryption by dividing a secret image into n shares and recovering the image by superimposing the shares. However, there may be deceptive behavior during the process of reconstructing the secret image. This paper proposed a multi-level visual cryptography scheme based on random grids to address this problem. The scheme introduces a trusted third party (TTP) to address this issue. The scheme verified XOR on shares at each level during secret distribution and recovery processes. Experimental results demonstrate that the proposed scheme effectively detects deception by distributors and participants, enhancing security during implementation.
    Reference | Related Articles | Metrics
    A Survey on Backdoor Attacks and Defenses in Federated Learning
    Journal of Information Security Reserach    2025, 11 (9): 778-.  
    Abstract151)      PDF (2638KB)(47)       Save
    Federated learning is a machine learning framework that enables participants in different fields to participate in largescale centralized model training together under the condition of protecting local data privacy. In the context of addressing the pressing issue of data silos, federated learning has rapidly emerged as a research hotspot. However, the heterogeneity of training data among different participants in federated learning also makes it more vulnerable to model robustness attacks from malicious participants, such as backdoor attacks. Backdoor attacks inject backdoors into the global model by submitting malicious model updates. These backdoors can only be triggered by carefully designed inputs and behave normally when input clean data samples, which poses a great threat to the robustness of the model. This paper presents a comprehensive review of the current backdoor attack methods and backdoor defense strategies in federated learning. Firstly, the concept of federated learning, the main types of backdoor attacks and backdoor defenses and their evaluation metrics were introduced. Then, the main backdoor attacks and defenses were analyzed and compared, and their advantages and disadvantages were pointed out. On this basis, we further discusses the challenges of backdoor attacks and backdoor defenses in federated learning, and prospects their research directions in the future.
    Reference | Related Articles | Metrics
    Research and Implementation of a Blockchainbased Biometric #br# Information Sharing Scheme#br#
    Journal of Information Security Reserach    2025, 11 (5): 402-.  
    Abstract151)      PDF (1559KB)(42)       Save
    Traditional informationsharing solutions typically rely on data center servers for data storage and verification. However, this centralized model is vulnerable to issues such as data tampering, privacy breaches, and operational irregularities when under attack, making it difficult to meet the requirements for data trustworthiness. To address these challenges, this paper proposes a solution that combines blockchain technology with biometric information authentication. By using biometric features such as fingerprints and facial recognition to generate a unique authentication key, which is securely stored on the blockchain, the solution leverages the decentralized, tamperproof, and traceable characteristics of blockchain to ensure secure data storage and trusted sharing, thereby effectively safeguarding privacy and security during the information verification process. Taking the education sector as an example, this solution can effectively address issues like exam cheating and resource infringement, providing a new approach to data security and sharing that also ensures privacy protection.
    Reference | Related Articles | Metrics
    A Blockchain Oracle Scheme Based on Schnorr Threshold Signature
    Journal of Information Security Reserach    2025, 11 (3): 282-.  
    Abstract151)      PDF (832KB)(45)       Save
    A blockchain oracle scheme base on Schnorr threshold signatures is proposed to address the inefficiency of blockchain interactions with offchain data when using oracles as intermediaries. The scheme aggregates multiple signatures based on the Schnorr threshold signature combined with the linear secret sharing algorithm. Additionally, it employs multiple oracles to obtain data information in the physical world, and achieves efficient and highly reliable data transmission from the oracle to the blockchain. The analyses and experiments demonstrate that the scheme offers good security and performance.
    Reference | Related Articles | Metrics
    A Method for Extracting Vulnerable Entities in Small Sample  Semantic Analysis
    Journal of Information Security Reserach    2025, 11 (3): 265-.  
    Abstract150)      PDF (1775KB)(55)       Save
    At the moment, different information security vulnerability databases have different standards, with different focuses on vulnerability data and relatively independent relationships. It is difficult to quickly and comprehensively obtain highvalue vulnerability information, and a unified vulnerability entity standard needs to be established. Therefore, this paper focuses on vulnerability data in entity extraction technology research. The majority of vulnerability data is provided in unstructured natural language form that combines Chinese and English, rulebased methods lack robust generalization, deeplearningbased methods occupy too many resources and rely on a large amount of annotated data. To address these issues, this paper presents a vulnerability entity extraction method with small sample semantic analysis. The method employs BERT pretrained vulnerability data to generate a pretrained model within the cybersecurity vulnerability domain, allowing for a better understanding of cybersecurity vulnerability data and reducing reliance on lager annotated data. Additionally, a selfsupervised incremental learning approach is applied to improve model performance with very limited annotated data (1785 samples). The model in this paper extracts 12 types of vulnerability entities in the field of cybersecurity, and the experimental results show that the method outperforms other models in the recognition and extraction of cybersecurity vulnerability entities, with an F1 value of 0.8643.
    Reference | Related Articles | Metrics
    A Blockchainbased Privacypreserving Data Aggregation System for #br# Vehicular Networks#br#
    Journal of Information Security Reserach    2025, 11 (4): 367-.  
    Abstract147)      PDF (2631KB)(30)       Save
    Aiming at the privacy risks and challenges of data aggregation in vehicular networks, this paper proposes a secure and anonymous data aggregation scheme based on blockchain in vehicular networks. The scheme integrates cloud computing with blockchain and designs a blockchainbased data aggregation system that enables efficient and secure data collection and analysis in vehicular networks. The solution uses key escrow resilience to ensure the security of the keys in the system, preventing the security issues previously caused by thirdparty key generation. Additionally, the scheme employs a twostage data aggregation process to achieve finegrained data aggregation, providing effective support for cloud service in vehicular networks. Security analysis and performance evaluations demonstrate that the proposed scheme is secure and offers higher computational and communication efficiency.
    Reference | Related Articles | Metrics
    Research on Tor Traffic Classification Based on Improved Bidirectional  Memory Residual Network
    Journal of Information Security Reserach    2025, 11 (5): 447-.  
    Abstract145)      PDF (2384KB)(22)       Save
    In order to solve the problem of difficulty in correctly classifying Tor traffic and regulating it due to the encryption characteristics of Tor links, a Tor traffic classification method based on an improved bidirectional memory residual neural network (CBAMBiMRNet) is proposed. Firstly, the SMOTETomek (SMOTE and Tomek links) comprehensive sampling algorithm is adopted to balance the dataset, so that the model could learn from the traffic data of all categories. Secondly, CBAM is used to assign greater weights to important features, combining 1D convolution with bidirectional long shortterm memory modules to extract temporal and local spatial features of Tor traffic data. Finally, by adding identity maps, the phenomenon of gradient vanishing and exploding caused by the increase in model layers was avoided, and the problem of network degradation was solved. The experimental results show that on the ISCXTor2016 dataset, the accuracy of our model for Tor traffic recognition reached 99.22%, and the accuracy for Tor traffic application service type classification reached 93.10%, proving that the model can effectively recognize and classify Tor traffic.
    Reference | Related Articles | Metrics
    Task Independent Privacy Protection in Personalized Federated Learning  for Battery Monitoring
    Journal of Information Security Reserach    2025, 11 (5): 481-.  
    Abstract143)      PDF (4140KB)(26)       Save
    For the health management of batteries in new energy vehicles, it is essential to collaboratively share distributed battery data and establish a federated learning model to extract valuable information. To counteract the privacy leakage risks associated with battery data sharing, this paper designs a taskindependent privacy protection and communicationefficient federated learningempowered edge intelligence model. This model learns personalized subnetworks that generalize well to local data and uses network pruning to find the optimal subnetwork, ensuring inference accuracy. Meanwhile, to resist feature reconstruction attacks and privacy leakage risks, it constructs taskindependent privacyprotective anonymous intermediate representations. By employing adversarial training, it maximizes the reconstruction error of the adversarial reconstructor and the classification error of the adversarial classifier, while minimizing the classification error of the target classifier. Experimental simulations show that this method improves inference accuracy by 8.85%  and reduces communication overhead by 1.95 times. The balance analysis of utility and privacy demonstrates that it ensures the accuracy of target feature extraction while protecting privacy.
    Reference | Related Articles | Metrics
    Research on Video Adversarial Example Generation Methods for  Transfer Attacks
    Journal of Information Security Reserach    2025, 11 (3): 249-.  
    Abstract143)      PDF (2693KB)(39)       Save
    Different video recognition models possess distinct temporal discrimination patterns. In transfer attacks, the generation of video adversarial examples can lead to overfitting to the whitebox model’s temporal discrimination pattern, resulting in poor transferability of the adversarial examples. In view of this phenomenon, an effective algorithm is proposed to alleviate the overfitting phenomenon. The algorithm generates multiple augmented videos by frame extraction, inputs them into a whitebox model, and obtains augmented gradients through backpropagation. Then, it repositions these gradients and calculates a weighted sum to acquire the final gradient information. Finally, it introduces this gradient information into gradientbased whitebox attack methods, such as FGSM and BIM, to obtain the final adversarial samples. The crossentropy loss function was improved; while guiding the generation of adversarial examples, its primary goal was to quickly find a direction that causes the model to misclassify, without considering the semantic space distance between the classification result and other categories with higher probabilities. In response to this issue, a regularization term based on KL divergence was introduced. When combined with the crossentropy function, the adversarial examples generated based on this loss function have stronger transferability. On the Kinetics400 and UCF101 datasets, six commonly used models in the video recognition domain were trained, specifically NonLocal, SlowFast, and TPN, with ResNet50 and ResNet101 serving as the backbone networks. One of these models was selected as the whitebox model to conduct transfer attacks on the remaining models, and a large number of experiments demonstrated the effectiveness of the method.
    Reference | Related Articles | Metrics
    Malicious Behavior Detection Method Based on Behavior Clustering LSTMNN#br#
    Journal of Information Security Reserach    2025, 11 (4): 343-.  
    Abstract140)      PDF (2288KB)(43)       Save
    With the progress and development of society, the safety requirements for public places have further increased. Malicious behavior detection can monitor and identify potential safety hazards in real time. To solve this problem, the Kmeans clustering method is used to divide the molecular data set and distinguish different forms of malicious behavior. To solve this problem, the Kmeans clustering method is used to divide the subdatasets to distinguish different forms of malicious behaviors. The DTW time warping method solves the problem of inconsistent lengths of malicious behavior time series. In order to solve the problem of image recognition, the excessive amount of data in the malicious behavior frame set makes the model calculation accuracy low, and the Attention mechanism is used to focus on special information points to ensure the accuracy of model training. This method was applied to the malicious behavior data set of UBIFights. The results showed that the final classification accuracy of the subdataset after clustering division by weighted average calculation reached 95.03%. This model effectively identifies malicious behavior videos and improves safety.
    Reference | Related Articles | Metrics
    Hybrid Neural Network Encrypted Malicious Traffic Detection  in the Industrial Internet with Domain Adaptation
    Journal of Information Security Reserach    2025, 11 (5): 457-.  
    Abstract140)      PDF (2591KB)(24)       Save
    With the rapid development of information technology in the field of industrial control, the industrial Internet has become a major target for cyberattacks, making malicious traffic detection increasingly important. However, the widespread use of encryption allows attackers to easily hide malicious communication content, rendering traditional contentbased detection methods ineffective. This paper proposes an encrypted malicious traffic detection scheme based on a hybrid neural network and domain adaptation. The scheme integrates ResNet, ResNext, DenseNet, and similarity detection algorithms to construct a hybrid neural network. On this basis, a domain adaptation module is added to reduce data bias. By preprocessing streams from a public industrial Internet dataset, deep features are extracted from encrypted traffic without decryption. The hybrid neural network outputs higherdimensional feature vectors that leverage the strengths of each model. A domain classifier within the domain adaptation module enhances the model’s stability and generalization across different network environments and time periods, enabling accurate classification of malicious traffic. Experimental results show that the proposed scheme improves accuracy and efficiency in detecting encrypted malicious traffic.
    Reference | Related Articles | Metrics
    Encrypted Traffic Detection Method Based on Knowledge Distillation
    Journal of Information Security Reserach    2025, 11 (8): 702-.  
    Abstract138)      PDF (2774KB)(34)       Save
    In recent years, with the rapid growth of Internet traffic, especially the popularity of encrypted communication, malicious traffic detection is facing a huge challenge, due to the limited resources and performance of mobile devices, which makes it more difficult to identify malicious behaviors in encrypted traffic on mobile. Therefore this paper proposes a knowledge distillation based encrypted traffic detection method. First, the traffic is transformed into images through visualization techniques; second, based on the ConvNeXt network architecture, the SK_SwiGLU_ConvNeXt network is constructed as the teacher network by introducing the SKNet attention mechanism and replacing the activation function GELU with SwiGLU; finally, the lightweight MobileNetV2 is selected as the student network and the use the teacher network to guide the student network training. The experimental results of this paper’s detection method on the publicly available dataset ISCX VPNNonVPN show that even in the resourceconstrained mobile device environment, the student network can improve the detection effect of the teacher model while reducing the model complexity, which proves that this method has efficient deployment potential on mobile devices.
    Reference | Related Articles | Metrics
    Model of Insider Threat Behavior Detection Based on Graph Neural Network
    Journal of Information Security Reserach    2025, 11 (7): 586-.  
    Abstract137)      PDF (1890KB)(84)       Save
    This paper designs a new detection model based on graph neural networks to address the shortcomings of existing models for insider threat behavior detection based on user behavior sequences, which cannot handle long sequences well. The model converts user behavior sequences into a graph structure and transforms the processing of long sequences into the processing of subgraph structures. The experiment designs a graph structure to describe user behavior, which is used to store user behavior in the form of graph data. The baseline GNN model is optimized for this graph structure, which is heterogeneous and has data stored on its edges. The experimental results show that, for the binary classification task of distinguishing normal and threatening behavior, the ROC AUC value of the proposed model is improved by 7% and the MacroF1 value is improved by 7% compared to the baseline model. In the sixclass classification task of distinguishing specific threat types, the MacroF1 value of the proposed model improves by 10% compared to the baseline model.
    Reference | Related Articles | Metrics
    Hardware Trojan Detection Method Integrating Multiple Sidechannel #br# Analysis and Pearson Correlation Coefficient#br#
    Journal of Information Security Reserach    2025, 11 (5): 420-.  
    Abstract137)      PDF (1024KB)(20)       Save
    For the chip power consumption data acquisition when the influence of the noise problem, this paper proposes a multiple sidechannel analysis method based on correlation analysis, using the intrinsic relationship between dynamic current and electromagnetic radiation to identify the existence of hardware trojans. A dual channel detection platform is built to simultaneously collect and store the dynamic power consumption and electromagnetic radiation of the chip. Pearson correlation coefficient curves of power consumption and electromagnetism are obtained to distinguish hardware Trojan horse chip from hardware Trojan horse chip. The experimental results show that the hardware Trojan detection method based on multipleparameter sidechannel analysis can screen out the chip containing hardware Trojan whose area is only 0.28% of the chip to be tested, and can distinguish the two hardware Trojan horses whose area difference is only 0.08% of the chip to be tested.
    Reference | Related Articles | Metrics
    Multiaccess Controls for Defense Against Smart Contract Reentry Attacks
    Journal of Information Security Reserach    2025, 11 (4): 333-.  
    Abstract137)      PDF (2401KB)(26)       Save
    In order to solve the problem of reentry attacks caused by the vulnerability of smart contracts in handling external contract calls, a smart contract reentry attack defense method based on Multiple Access Controls (MAC) is proposed. By using MAC, only the contract owner is allowed to make calls and prevent functions from repeatedly entering the same transaction during execution; at the same time, the state variable is modified to store the secure contract address and update the contract state. Finally, formal verification is used to run the defended smart contract. In this paper, we verifies the method with a bank deposit and withdrawal transaction model. The experimental results show that the smart contract using this defense method can effectively solve the problem of reentry attacks when external contracts are invoked. Compared with other mainstream defense methods, it has higher feasibility, effectiveness, logical correctness and comprehensibility; compared with the undefended contract, the defended smart contract reduces the equivalent memory usage by 64.51%, and the running time is also shortened.
    Reference | Related Articles | Metrics
    Research on Model Antistealing Based on Image Augmentation
    Journal of Information Security Reserach    2025, 11 (3): 214-.  
    Abstract137)      PDF (1585KB)(44)       Save
    Convolutional neural network (CNN) models have been widely used in image classification tasks and have achieved good results, but these models can also become objects of stealing. This paper proposes a novel method to avoid the stealing of CNN models in image classification tasks, addressing the issues of high dependence on algorithm detection accuracy and post intellectual property verification in existing antistealing measures. It utilizes image data augmentation technology to improve the robustness and generalization ability of private models, and then uses loose suspicious behavior detection rules to detect image query behavior. Suspicious query images are processed using enhanced image technology, and the processed images are input into the enhanced model for prediction. Finally, a vector composed of the predicted category confidence of the model is output to achieve inputoutput inequality. This process will prevent suspicious users from obtaining the model prediction information corresponding to their input images, in order to achieve the goal of model stealing prevention. This paper conducts experiments using three common image datasets and four convolutional neural network (CNN) structures, and finally finds that the method proposed in this paper can achieve the goal of model antistealing and ensure that private models can complete their classification tasks normally.
    Reference | Related Articles | Metrics
    Research on Dataenhanced Multimodal False Information #br# Detection Framework#br#
    Journal of Information Security Reserach    2025, 11 (4): 377-.  
    Abstract136)      PDF (1878KB)(37)       Save
    With the development of multimedia technology, rumor spreaders tend to create false information with multimodal content to attract the attention of news readers. However, it is challenging to extract features from sparsely annotated multimodal data and effectively integrate implicit clues in the multimodal data to generate vector representations of false information. To address this issue, we propose a DEMF(dataenhanced multimodal false information detection framework). DEMF leverages the advantages of pretrained models and data augmentation techniques to reduce reliance on annotated data; it utilizes multilevel modal feature extraction and fusion to simultaneously capture finegrained elementlevel relationships and coarsegrained modallevel relationships, in order to fully extracting multimodal clues. Experiments on realworld datasets show that DEMF significantly outperforms stateoftheart baseline models.
    Reference | Related Articles | Metrics
    Research on Critical Information Infrastructure Security Protection
    Journal of Information Security Reserach    2025, 11 (10): 878-.  
    Abstract135)      PDF (324KB)(73)       Save
    Related Articles | Metrics
Author Center
Review Center
京ICP备19004174号
Copyright © Journal of Information Security Reserach, All Rights Reserved.
Tel: 010-68558637 E-mail: ris@cei.cn
Powered by Beijing Magtech Co., Ltd.