Most Read articles

    Published in last 1 year |  In last 2 years |  In last 3 years |  All
    Published in last 1 year
    Please wait a minute...
    For Selected: Toggle Thumbnails
    Overview of Regulation of Crossborder Data Flow
    Journal of Information Security Reserach    2025, 11 (2): 164-.  
    Abstract319)      PDF (1274KB)(143)       Save
    The development of the digital economy has made crossborder data flow an inevitable trend, and while bringing economic benefits, the security of crossborder data flow cannot be ignored. Due to the complexity of the subjects and scenes involved in the process of crossborder data flow, and the uncontrollability of the process, how to regulate the possible security problems in the process of crossborder data flow has become the focus of the world. So far, there is no unified governance rule system for crossborder data flow in the world, and at the same time, there are huge differences in legislation on crossborder data flow in different countries, which results in the complex situation of legislation on crossborder data flow in the world. This paper describes the current situation of crossborder data flow from the perspectives of laws and regulations, bilateral agreements and standards, and in this way develops horizontal comparisons, sorts out the existing regulatory differences, analyzes the challenges and opportunities China faces under the current trend, and gives reasonable countermeasures.
    Reference | Related Articles | Metrics
    Design of Adversarial Attack Scheme Based on YOLOv8 Object Detector
    Journal of Information Security Reserach    2025, 11 (3): 221-.  
    Abstract300)      PDF (3519KB)(67)       Save
    Currently, cameras equipped with AI object detection technology are widely used. However, AI object detection models in realworld applications are vulnerable to adversarial attacks. Existing adversarial attack methods, primarily designed for earlier models, are ineffective against the latest YOLOv8 object detector. To address this issue, we propose a novel adversarial patch attack method specifically for the YOLOv8 object detector. This method minimizes confidence output while incorporating an exponential moving average (EMA) attention mechanism to enhance feature extraction during patch generation, thereby improving the attack’s effectiveness. Experimental results demonstrate that our method achieves superior attack performance and transferability. Validation tests, in which the adversarial patches were printed on clothing, also demonstrated excellent attack results, indicating the strong practicality of our proposed method.
    Reference | Related Articles | Metrics
    An Optimized Computation Method for Cipher Symbol Functions  Based on Homomorphic Encryption
    Journal of Information Security Reserach    2025, 11 (2): 100-.  
    Abstract261)      PDF (1092KB)(161)       Save
    Fully homomorphic encryption extends encryption to computations, allowing ciphertext processing without decryption. Comparative operations, crucial in applications like deep learning, pose a challenge in homomorphic encryption environments restricted to addition and multiplication. Feng et al. (CNS 2023) proposed a comparison method using dynamic polynomial combinations. This paper enhances dynamic polynomial, allowing polynomial fluctuations within (-2,2). It introduces a novel equation system for solving dynamic polynomials and utilizes finite third and fifthdegree polynomials to construct more precise composite polynomials for approximating the sign function. It analyzes the method’s optimality in depth consumption and computational complexity, achieving a 32% reduction in runtime compared to the optimal method in a previous study (CNS 2023). The homomorphic comparison algorithm in this paper, for ε=2-20,α=20 requires only 0.69ms in amortized runtime.
    Reference | Related Articles | Metrics
    Research on Multimodal Cyberbullying Detection Model for #br# Social Networking Platforms#br#
    Journal of Information Security Reserach    2025, 11 (2): 154-.  
    Abstract238)      PDF (2099KB)(63)       Save
    With the rapid development of social networking platforms, the issue of cyberbullying has become increasingly prominent. The diverse forms of online expression that combine text and images have increased the difficulty of detecting and managing cyberbullying. This paper constructs a Chinese multimodal cyberbullying dataset that includes both text and images. By integrating the BERT(bidirectional encoder representations from transformers) model with the ResNet50 model, we extract singlemodal features from text and images, respectively, and perform decisionlevel fusion. The fused features are then detected, achieving accurate identification of text and images as either cyberbullying or noncyberbullying. Experimental results indicate that the multimodal cyberbullying detection model proposed in this paper can effectively identify social media posts or comments that contain cyberbullying characteristics in both text and images. It enhances the practicality, accuracy, and efficiency of detecting multimodal cyberbullying, providing a new approach and method for the detection and management of cyberbullying on social networking platforms. This contributes to the creation of a healthier and more civilized online environment.
    Reference | Related Articles | Metrics
    Privacypreserving Federated Learning Research Based on #br# Confused Modulo Projection Homomorphic Encryption#br#
    Journal of Information Security Reserach    2025, 11 (3): 198-.  
    Abstract230)      PDF (1298KB)(138)       Save
    In the current era of big data, deep learning is booming and has become a powerful tool for solving realworld problems. However, traditional centralized deep learning systems are at risk of privacy leakage. To address this problem, federated learning, a distributed machine learning approach, has emerged. Federated learning allows multiple organizations or individuals to train models together without sharing raw data, by uploading local model parameters to the server, aggregating each user’s parameters to construct a global model, and returning it to the user. This approach achieves global optimization and avoids private data leakage. However, even with federated learning, attackers may still be able to reconstruct user data by obtaining the model parameters uploaded by users, thus violating  privacy. To address this issue, privacy protection has become the focus of federated learning research. In this paper, we propose a federated learning scheme FLFC (federated learning with confused modulo projection homomorphic encryption) based on confused modulo projection homomorphic encryption to address the above issues. This scheme adopts a selfdeveloped modular fully homomorphic encryption algorithm to encrypt user model parameters. The modular fully homomorphic encryption algorithm has the advantages of high computational efficiency, support for floatingpoint operations, and localization, thus achieving stronger protection of privacy. Experimental results show that the FLFC scheme exhibits a higher average accuracy and good stability compared to the FedAvg scheme in experiments.
    Reference | Related Articles | Metrics
    Research on Deep Learningbased Spatiotemporal Feature Fusion  Network Intrusion Detection Model
    Journal of Information Security Reserach    2025, 11 (2): 122-.  
    Abstract227)      PDF (1944KB)(172)       Save
    As the number of network attacks increases, network intrusion detection systems are becoming increasingly important in maintaining network security. Most studies have used deep learning approaches for network intrusion detection but have not fully utilized the features of traffic from multiple perspectives. Additionally, these studies often suffer from the use of outdated experimental datasets. In this paper, a parallelstructured DSCInceptionBiLSTM network is proposed to evaluate the designed network model using stateoftheart datasets. The model consists of two branches, network traffic image, and text anomaly traffic detection. Spatial and temporal features of traffic are extracted by improved convolutional neural networks and recurrent neural networks, respectively. Finally, network intrusion detection is achieved by fusing spatiotemporal features. The experimental results show that our model achieves 99.96%, 99.19%, and 99.95% accuracy on the three datasets of CICIDS 2017, CSECICIDS 2018 and CICDDoS 2019, respectively, effectively classifying the anomalous traffic with high precision and meeting the requirements of intrusion detection system.
    Reference | Related Articles | Metrics
    A Survey of Network Topology Obfuscation Techniques
    Journal of Information Security Reserach    2025, 11 (4): 296-.  
    Abstract223)      PDF (1248KB)(119)       Save
    LinkFlooding Attack (LFA) is a novel distributed denialofservice (DDoS) attack that exploits network topology detection. Network Topology Obfuscation serves as an effective deceptive defense mechanism against this attack, aiming to provide proactive protection before an attack occurs. Over the past decade, relevant research has continuously made progress, proposing corresponding obfuscation solutions for different scenarios and objectives. This paper comprehensively reviews the network topology obfuscation techniques. First, it combines the basic principles and classifications of network topology discovery to point out the risks of topology leakage in current network topology discovery. Next, it formally defines network topology obfuscation design and presents a proactive defense model. Then, based on the obfuscation concept, the technologies are divided into packet modification, decoy traps, routing mutation, and metric forgery schemes, and proposes a set of metrics to comprehensively compare the current mainstream network topology obfuscation techniques.
    Reference | Related Articles | Metrics
    Design and Implementation of Resourceefficient SM4 Algorithm on FPGA
    Journal of Information Security Reserach    2025, 11 (6): 490-.  
    Abstract223)      PDF (2238KB)(92)       Save
    In the hardware implementation of the SM4 algorithm, the lookup table method is commonly adopted for realizing the Sbox, which consumes a significant amount of hardware resources. This paper proposes an implementation scheme for the SM4 algorithm based on polynomial basis. Two construction schemes are developed for the 8×8 Sbox used in the SM4 algorithm, one based on composite field GF((24)2) and the other on composite field GF(((22)2)2). The test results indicate that the scheme based on polynomial bases GF((24)2) is optimal. Taking into account both resource utilization and performance, this paper designs two hardware implementation structures for SM4: a state machine parallel structure and a pipelined structure. Compared with the traditional lookup table approach, the state machine parallel structure reduces resource utilization by 21.98% while increasing the operating frequency by 14.4%. The pipelined structure achieves a reduction in resource utilization by 54.23%.
    Reference | Related Articles | Metrics
    A Federated Learning Method Resistant to Label Flip Attack
    Journal of Information Security Reserach    2025, 11 (3): 205-.  
    Abstract217)      PDF (3486KB)(83)       Save
    Since users participating in federated learning training have high autonomy and their identities are difficult to identify, they are vulnerable to label flip attacks, causing the model to learn wrong rules from wrong labels and reducing the overall performance of the model. In order to effectively resist label flip attacks, a dilutionprotected federated learning method for multistage training models is proposed. This method randomly divides the training data set and uses a dilution protection federated learning algorithm to distribute part of the data to clients participating in the training to limit the amount of data owned by the client and avoid malicious participants with large amounts of data from causing major damage to the model. After each training session, the gradients of all training epochs in that phase are gradient clustered by a dimensionality reduction algorithm in order to identify potentially malicious actors and restrict their training in the next phase. At the same time, the global model parameters are saved after each stage of training to ensure that the training of each stage is based on the model foundation of the previous stage. Experimental results on the data set show that this method reduces the impact of attacks without damaging the model accuracy, and helps improve the convergence speed of the model.
    Reference | Related Articles | Metrics
    Journal of Information Security Reserach    2025, 11 (2): 173-.  
    Abstract215)      PDF (1383KB)(73)       Save
    With the rapid development of Internet of Things technology, smart cameras are widely used in personal and public safety due to ease of use and low cost. However, the issue of unauthorized video recording also raises concerns about privacy and security, so the detection and identification of hidden smart cameras in specific environments is of great significance. Existing covert smart camera detection methods cannot accurately detect cameras that delay data transmission or save data locally, because these methods rely primarily on camera audio and video network traffic generated when users view surveillance. To solve this problem, this paper proposes a covert intelligent camera detection method based on device WiFi reconnection traffic. The method uses MDK4 flooding attacks to make all smart devices connected to WiFi hotspots offline and reconnect, then sniffs and analyzes the encrypted traffic generated during the process of smart devices reconnecting to WiFi in the environment, and uses machine learning methods to detect hidden smart camera devices. The experimental results show that even without WiFi access, this method still has a high detection accuracy for hidden smart camera devices with delayed transmission or data stored locally.
    Reference | Related Articles | Metrics
    Deep Learningbased Method for Encrypted Website Fingerprinting
    Journal of Information Security Reserach    2025, 11 (4): 304-.  
    Abstract212)      PDF (1407KB)(107)       Save
    Website fingerprinting is an important research area within the fields of network security and privacy protection. Its goal is to identify websites accessed by users within an encrypted network environment by analyzing network traffic characteristics. In response to the problems of limited application scenarios, such as restricted application scenarios, insufficient applicability, and the singularity of feature selection, this paper proposes a deep learningbased method for encrypted website fingerprinting. Initially, a new preprocessing method for raw data packets is introduced, which processes directly captured raw packet files to generate a feature sequence with both spatial and temporal characteristics, structured hierarchically. Following this, a hybrid deep learning model combining convolutional neural networks and long shortterm memory networks is designed to thoroughly learn the spatial and temporal features present in the data. The study further investigates various activation functions, model parameters, and optimization algorithms to improve the model’s accuracy and generalization capability. Experimental results indicate that this method provides higher website fingerprinting accuracy in the onion router anonymous network environment when it does not rely on cell packets. And it also achieves better accuracy compared to current mainstream machine learning methods in virtual private network scenarios.
    Reference | Related Articles | Metrics
    A Malicious TLS Traffic Detection Method with Multimodal Features
    Journal of Information Security Reserach    2025, 11 (2): 130-.  
    Abstract211)      PDF (3159KB)(122)       Save
    The malicious TLS traffic detection aims to identify network traffic that involves malicious activities transmitted through the TLS protocol. Due to the encryption properties of the TLS protocol, traditional textbased traffic analysis methods have limited effectiveness when dealing with encrypted traffic. To address this issue, a malicious TLS traffic detection method called MultiModal Feature Fusion for TLS Traffic Detection (MTBRL) has been proposed. This method extracts and fuses features from different modalities to detect malicious TLS traffic. Firstly, expert knowledge is employed for feature engineering, extracting key features from encrypted traffic, including protocol versions, encryption suites, and certificate information. These features are processed and transformed into twodimensional image representations. Then, ResNet is utilized to encode these images and extract their features. Simultaneously, an encrypted traffic pretrained BERT model is used to encode TLS flows, allowing the learning of contextual and semantic features of the TLS traffic. Additionally, an LSTM model is employed to encode the sequence of packet length distributions of the encrypted traffic, capturing temporal characteristics. Finally, through feature fusion techniques, the different modality features are integrated, and the model’s weight parameters are automatically learned and optimized using the backpropagation algorithm to accurately predict malicious TLS traffic. Experimental results demonstrate that this method achieves accuracy, precision, recall, and F1score of 94.94%, 94.85%, 94.15%, and 94.45%, on the DataCon2020 dataset. This performance is significantly superior to traditional machine learning and deep learning methods. 
    Reference | Related Articles | Metrics
    Innovative and Professional Talent Education Architecture of  Cyberspace Security in New Situation
    Journal of Information Security Reserach    2025, 11 (4): 385-.  
    Abstract191)      PDF (3780KB)(104)       Save
    The emerging new problems and technologies in the field of cybersecurity currently do not match the applicability and timeliness of existing talent cultivation in technological development. In response to this, this paper investigates the innovative professional training system for cybersecurity talents under new circumstances. We systematically examine key issues in talent cultivation, dynamic updates of training objectives, evolution of knowledge systems, and cultivation of innovative competencies. The study proposes and constructs a comprehensive, multilevel, and dynamic talent cultivation framework for cyberspace security professionals, encompassing core theoretical research, critical technology R&D, and comprehensive innovation capability development that adapts to new technological trends. Through innovative processes including instructional objective design, content adaptation, teaching implementation, and feedback mechanisms, we establish an internationally adaptable training system that dynamically responds to technological advancements. This approach strengthens the dynamism, adaptability, and practical orientation of cybersecurity talent cultivation, effectively addressing the demand for innovative professionals in cyberspace security under evolving technological landscapes and emerging requirements.
    Reference | Related Articles | Metrics
    A Blackbox Antiforensics Method of GANgenerated Faces Based on #br# Invertible Neural Network#br#
    Journal of Information Security Reserach    2025, 11 (5): 394-.  
    Abstract189)      PDF (1920KB)(74)       Save
    Generative adversarial network GANgenerated faces forensics models are used to distinguish real faces and GANgenerated faces. But due to the fact that forensics models are susceptible to adversarial attacks, the antiforensics techniques for GANgenerated faces have emerged. However, existing antiforensic methods rely on whitebox surrogate models, which have limited transferability. Therefore, a blackbox method based on invertible neural network (INN) is proposed for GANgenerated faces antiforensics in this paper. This method embeds the features of real faces into GANgenerated faces through the INN, which enables the generated antiforensics faces to disturb forensics models. Meanwhile, the proposed method introduces a feature loss during training to maximize the cosine similarity between the features of the antiforensics faces and the real faces, further improving the attack performance of antiforensics faces. Experimental results demonstrate that, under the scenarios where no whitebox models are involved, the proposed method has good attack performance against eight GANgenerated faces forensics models with better performance than seven comparative methods, and can generate highquality antiforensics faces.
    Reference | Related Articles | Metrics
    Indoor Localization Security Scheme Based on Geographic  Indistinguishability and Flexible WiFi Deployment
    Journal of Information Security Reserach    2025, 11 (2): 107-.  
    Abstract184)      PDF (1351KB)(75)       Save
    In indoor localization services, WiFi fingerprinting technology has received widespread attention due to its extensive coverage  and high localization accuracy. However, for the online phase of location query, the user’s personal sensitive information is vulnerable to malicious attacks resulting in location privacy leakage. Existing WiFi fingerprintbased indoor positioning technologies primarily focus on single flat surfaces within indoor environments, which restricts the flexibility of WiFi deployment. When WiFi is deployed in multidimensional scenarios, addressing spatial location privacy issues becomes imperative. In this paper, a WiFi fingerprinting indoor localization privacy protection scheme based on geographic indistinguishability is proposed, in which the user generates a new received signal strength vector by using his own received signal strength and sends the obtained data to the location service provider through noise obfuscation, and introduces a digital signature technique to ensure that the client’s identity is not forged before obfuscating the position to be sent to the location service provider to achieve localization. Experimental results based on the simulation experimental platform show that the new scheme supports flexible deployment of WiFi, and is able to realize highprecision localization for the first time in the case of flexible deployment of 12 WiFi access points with guaranteed localization error of less than 1m while protecting location privacy.
    Reference | Related Articles | Metrics
    Design and Implementation of 3D Model Matching Algorithm
    Journal of Information Security Reserach    2025, 11 (6): 539-.  
    Abstract179)      PDF (2587KB)(20)       Save
    3D model matching plays a vital role in model copyright protection and transaction facilitation by effectively preventing redundant authentication and enabling convenience for research, testing, and management in related fields. However, traditional matching approaches predominantly rely on plaintext matching, which, despite ensuring a certain level of matching accuracy and robustness, falls short in data privacy protection. To address this gap, ciphertext matching performs matching computations on encrypted data, thus enabling model matching while safeguarding data privacy. This approach offers significant practical value and broad application prospects. Therefore, this paper presents three matching strategies. 1) Under plaintext conditions, precise registration of 3D point clouds is achieved via the Iterative Closest Point (ICP) algorithm, followed by model matching using peak signaltonoise ratio (PSNR). 2) Under plaintext conditions, 3D point cloud features are extracted using the PointNet deep learning model, and feature similarity is calculated via cosine similarity. 3) Under ciphertext conditions, the extracted features are encrypted using homomorphic encryption. Cosine similarity is then used to compute the similarity of the encrypted features, thereby effectively protecting data privacy.
    Reference | Related Articles | Metrics
    The Finegrained Executor Scheduling Algorithm for Unknown  Attacks Perception
    Journal of Information Security Reserach    2025, 11 (6): 569-.  
    Abstract176)      PDF (1456KB)(30)       Save
    Addressing security threats from unknown attacks exploiting software and system vulnerabilities in power grid devices often overlooks potential issues within operating systems and communication protocols at the programming languarg level. This paper proposes a finegrained scheduling algorithm that quantifies the similarity of execution components and incorporates parameters such as attack timing and frequency to assess historical trust deficit. By combining similarity and historical trust deficit, a quantitative algorithm for redundant execution body heterogeneity is introduced. Simulation experiments demonstrate that this algorithm significantly outperforms other methods in distinguishing execution body similarity, effectively reducing the risk of exploiting similar vulnerabilities or defects, and minimizing redundant wastage from similar execution bodies. The failure rate remains consistently below 0.55, indicating superior practical performance compared to commonly used algorithms.
    Reference | Related Articles | Metrics
    Constructing Lightweight Trusted Execution Environment on  RISCV Dualcore Processor
    Journal of Information Security Reserach    2025, 11 (6): 500-.  
    Abstract173)      PDF (2551KB)(25)       Save
    With the rapid development of Internet of Things (IoT) technology, resourceconstrained embedded IoT devices face particularly severe challenges in information security. The Trusted Execution Environment (TEE) provides an effective approach to addressing the security issues of terminal devices. By dividing the system into secure and ordinary areas and employing mechanisms such as memory access control, TEE ensures the separate execution of secure and ordinary application software, thereby significantly enhancing the overall system security. This paper addresses the problem of trusted isolation of secure application software and proposes a lightweight TEE SystemonChip (SoC) solution based on a RISCV dualcore architecture. Specifically, the solution leverages the Physical Memory Protection (PMP) mechanism to achieve trusted isolation. Additionally, to prevent unauthorized access to secure area resources by ordinary area applications, a lowresource IOPMP design is presented, which uses a physical address access firewall mechanism to block unauthorized access. Furthermore, to facilitate efficient message transfer between the secure and ordinary areas, a Mailbox communication scheme based on the “message queue & interrupt” mechanism is proposed. Experimental results indicate that the design proposed in this paper has lower hardware resource consumption compared to similar designs, with a power consumption of only 0.256W, a 14% reduction. In the CoreMark test for the TEE CPU, the score reached 2.40 CoreMarks/MHz, which is double the performance of similar designs.
    Reference | Related Articles | Metrics
    Group Key Management Mechanism for Internet of Vehicles
    Journal of Information Security Reserach    2025, 11 (2): 139-.  
    Abstract172)      PDF (873KB)(59)       Save
    Based on the characteristics of the Internet of vehicles(IoV), a treebased lightweight group key management mechanism (Lightweight Tree Group Key Management Mechanism, LTGKM) is proposed to realize the security of multicast and broadcast communications in the IoV. LTGKM adopts a hierarchical approach to generate, distribute and update the group keys. The management node of various layers generates the corresponding group key using the HMAC function as the key derivation function, and distributes the group key to the child node based on the encrypted certification algorithm; When a new node joins, the parent node generates a new group key and distribute it to the new node, and the remaining nodes update the group key by themselves; when the user leaves, the nonleaf node updates the group key by themselves, and the new group key is distributed to the leaf node by its father node. Security analysis shows that LTGKM realizes the randomness, forward security, and backward security during the group key generation and update, and the confidentiality, integrity and uniformity during key distribution. Performance analysis shows that LTGKM has obvious advantages in storage, computing and communication.
    Reference | Related Articles | Metrics
    Multiciphertext Equality Test Scheme Based on RLWE
    Journal of Information Security Reserach    2025, 11 (6): 511-.  
    Abstract170)      PDF (1049KB)(27)       Save
    With the rapid development of technology, privacy protection has become an important issue. In order to ensure the security of data, it is usually chosen to encrypt the data and store it on the cloud server. However, in this way, the cloud server cannot effectively process the encrypted data such as calculation and statistics, which limits many application scenarios. To address this issue, this paper proposes a PKEMET(publickey encryption with a multiciphertext equality test) scheme based on RLWE (ring learning with error) problem, and provides a correctness and security analysis. This solution allows the cloud server to perform equality tests on multiple ciphertexts at the same time, and is also resistant to quantum computing attacks. This paper also implements the scheme based on the Palisade library, and compares it with other schemes from the perspective of theory and implementation. Compared with other solutions, this solution has the advantages of high efficiency and short running time.
    Reference | Related Articles | Metrics
    An Intrusion Detection Method for Internet of Things by Fusing #br# Spatiotemporal Features#br#
    Journal of Information Security Reserach    2025, 11 (3): 241-.  
    Abstract169)      PDF (3194KB)(59)       Save
    Aiming at the problems of insufficient attack samples and more categories in unbalanced IoT traffic datasets reducing the classification accuracy and generalization ability of the detection model, an intrusion detection method for the Internet of things by fusing spatiotemporal features (BGAREU) is proposed. The data were first normalized and the SMOTEENN method was used to improve the data distribution of the training samples; then temporal features and global information were extracted by Bidirectional gated recurrent unit (BiGRU) and multihead attention, and combined ResNext network and UNet network to construct a multiscale spatial feature extraction network, and then incorporate efficient channel attention (ECANet) into the residual units to enhance the local characterization capability; finally, the fused features are fed into the Softmax classifier for multiclassification. Experiments show that the proposed model has more than 2% improvement in all the metrics compared with other models on IoT traffic datasets UNSWNB15, NSLKDD, and WSNDS. In addition, this paper verifies that the ECANet has stronger characterization ability by comparing multiple attention mechanisms, and explores the effect of different numbers of attention heads in multihead attention on the model performance.
    Reference | Related Articles | Metrics
    Multiparty Data Security Sharing Scheme Based on Decentralized Verification
    Journal of Information Security Reserach    2025, 11 (6): 578-.  
    Abstract168)      PDF (4817KB)(60)       Save
    With the development of the Internet of Things, collaborative work between multiple devices is becoming increasingly common. However, in the process of data sharing, user privacy may face the risk of data theft and tampering. Existing FL methods rely on mobile edge computing (MEC) servers for model aggregation, and have problems with trust, security threats, and single points of failure. To solve these problems, a new multiparty data sharing scheme based on blockchain is proposed, in which a decentralized verification mechanism and a consensus mechanism inspired by proof of stake (PoS) are introduced. The decentralized verification mechanism ensures the legitimacy of each local model update by evaluating node behavior and voting, and only legitimate updates are used for global model building. In the process of model construction, homomorphic encryption and key sharing techniques are used to encrypt the local model parameters to ensure the security integrity of model parameters in the process of transmission and aggregation. The PoS consensus mechanism rewards honest behavior devices, increasing their chances of becoming block generators. In addition, the cache mechanism of information search is introduced to reduce the number of multiparty search. The data sharing scheme has been verified to enhance data security.
    Reference | Related Articles | Metrics
    Design of a Large Model Data Supervision System Based on Blockchain
    Journal of Information Security Reserach    2025, 11 (8): 682-.  
    Abstract165)      PDF (2618KB)(68)       Save
    Large model (LM) has shown great potential in the fields of natural language processing, image and speech recognition, and has become a key force driving the technological revolution and social progress. However, the wide application of LM technology brings challenges such as data privacy risks, data compliance regulation, and data regulatory activation and intelligence.  This paper aims to explore how to utilize blockchain to design and construct an effective data regulatory system to promote its healthy development, in order to meet the challenges brought by the application of massive data to LM. This paper analyzes the trends and current status of the development of LM at home and abroad, and points out the main challenges to LM data regulation, including data privacy risks, data compliance, and the difficulty of effective supervision by regulators . A blockchainbased data regulation system design scheme is proposed to address these challenges, which realizes the fullcycle data regulation of LM data from the native metadata to the input of training until the posttraining feedback through four interconnected modules, namely, privacy protection, consensus algorithm, incentive mechanism, and smart contract. Finally, the application prospect of blockchain in LM data supervision is summarized, and the future trend of data supervision is outlooked.
    Reference | Related Articles | Metrics
    Research on Distributed Identity Authentication Technology Based on  Revocable Proxy Signature
    Journal of Information Security Reserach    2025, 11 (6): 521-.  
    Abstract163)      PDF (1936KB)(25)       Save
    With the proliferation of digital services in people’s daily lives, traditional identities have found a new form of expression—digital identities. In conventional network digital activities, the digital identity management is handled by centralized service providers, which brings a series of issues such as difficulties in centralized storage management and insufficient protection of user privacy. Consequently, the identity authentication technology based on decentralized identifier (DID) has become a current research hotspot. However, distributed digital identity authentication schemes often face problems of privacy leakage and cumbersome user signature authentication processes, presenting significant pain points in current distributed identity authentication technology. To address the aforementioned issues, this paper constructs a distributed identity authentication protocol based on revocable proxy signatures, verifiable credentials, and blockchain technology. This protocol achieves a userfriendly and secure signature authentication process, requiring low device performance from users participating in digital activities, making it suitable for a wider range of user digital activities.
    Reference | Related Articles | Metrics
    Research and Application of Trusted Data Security Management #br# Technology Based on Chameleon Hash#br#
    Journal of Information Security Reserach    2025, 11 (2): 189-.  
    Abstract163)      PDF (2544KB)(60)       Save
    To simultaneously address the demands for data updates and data security management in the field of data circulation, this paper investigates a trusted data security management scheme based on chameleon hash. Initially, the mathematical foundations of chameleon hash are analyzed and three construction methods are compared. A data security management approach that integrates chameleon hash with homomorphic encryption is summarized and applied to digital rights protection. This method not only permits the updating and modification of submitted data but also ensures data security and userfriendliness. Finally, the efficiency of the proposed method is evaluated through experimental simulations. The results demonstrate that the data security management and update method proposed in this paper is suitable for environments requiring frequent data updates and certain security needs. This method effectively reduces the overall cost of data updates, providing an efficient and secure solution for the circulation of data elements.
    Reference | Related Articles | Metrics
    A Latticebased CPABE Scheme with Policy Splitting and #br# Attribute Revocation#br#
    Journal of Information Security Reserach    2025, 11 (6): 548-.  
    Abstract161)      PDF (1755KB)(13)       Save
    Ciphertextpolicy attributebased encryption (CPABE) is suitable for providing secure datasharing services in the cloud storage scenario. However, attribute revocation is a challenging issue in CPABE. With the advancements in quantum computing research, traditional CPABE are no longer secure. Latticebased CPABE can resist quantum attacks. This paper proposes a latticebased CPABE scheme with policy splitting and attribute revocation. This scheme is resistant to quantum and collusion attacks. When attribute revocation occurs, this paper uses policy splitting to reduce the affected ciphertexts (blocks) and uses the lazy mode ciphertext update method to reduce the number and scope of ciphertexts that need to be updated. Theoretical analysis demonstrates that the overall storage cost of our scheme remains within a reasonable range. Finally, it is shown that, under the standard model, the scheme is proven secure against chosenplaintext attacks (CPA), and its security can be attributed to the ring learning with errors (RLWE) difficulty problem.
    Reference | Related Articles | Metrics
    Edge Cloud Collaborative Attributebased Signcryption Scheme  Based on State Secret SM9
    Journal of Information Security Reserach    2025, 11 (2): 115-.  
    Abstract150)      PDF (1474KB)(101)       Save
    In order to improve the security and efficiency of data interaction in edge cloud collaborative mode, an edge cloud collaborative attributebased signcryption scheme based on state secret SM9 is proposed. This scheme integrates the state secret SM9 algorithm with attributebased signcryption algorithm, constructs a mixed key and ciphertext policy access control mechanism with a linear secret sharing scheme, and implements partial outsourcing decryption through an edge cloud collaborative network. The experimental analysis results demonstrate that the proposed scheme provides flexible access control while achieving efficient and reliable security protection in the edge cloud collaborative mode, making it suitable for dynamic and complex cloud application scenarios.
    Reference | Related Articles | Metrics
    An Image Steganography Method Based on Threechannel Deep  Fusion Technology
    Journal of Information Security Reserach    2025, 11 (3): 257-.  
    Abstract150)      PDF (3334KB)(41)       Save
    The advancement of science and technology for information transmission provides convenience, but it has also led to information leaks. Aim at enhancing the quality and capacity of steganographic images, a threechannel deep fusion technology used in image steganography is designed. Firstly, the main channel of the steganographic model is used to extract features from the carrier image. This network is based on the UNet network structure and introduces residual blocks(ResBlock). Then, the bottom channel and the middle channel are utilized for extracting secret image features. Finally, fusing the features from the first and third layers of the bottom channel network into the corresponding layers of the middle channel network through way of crossfusion. Further, the features extracted from the second and fourth layers of the middle channel network are fused into the corresponding layers of the main channel network. The experimental results demonstrate that the proposed method has good invisibility. When the embedding capacity reaches 24bpp, the PSNR of the hidden image reaches 41.15dB, effectively improving the security of image transmission and steganography capacity.
    Reference | Related Articles | Metrics
    A Blockchain Oracle Scheme Based on Schnorr Threshold Signature
    Journal of Information Security Reserach    2025, 11 (3): 282-.  
    Abstract149)      PDF (832KB)(45)       Save
    A blockchain oracle scheme base on Schnorr threshold signatures is proposed to address the inefficiency of blockchain interactions with offchain data when using oracles as intermediaries. The scheme aggregates multiple signatures based on the Schnorr threshold signature combined with the linear secret sharing algorithm. Additionally, it employs multiple oracles to obtain data information in the physical world, and achieves efficient and highly reliable data transmission from the oracle to the blockchain. The analyses and experiments demonstrate that the scheme offers good security and performance.
    Reference | Related Articles | Metrics
    Android Malware Detection Based on Threeway Decision Feature Selection
    Journal of Information Security Reserach    2025, 11 (6): 561-.  
    Abstract148)      PDF (1077KB)(27)       Save
    There are a large number of irrelevant and redundant features in the Android malware detection dataset. A single feature selection method cannot effectively remove irrelevant or redundant features. If the features with large amount of information are removed, it is easy to cause the problem of model collapse. To address these issues, this paper proposed an Android malware detection method based on ThreeWay Decision Feature Selection (3WDFS). The algorithm combines the idea of threeway decision, and uses a variety of feature selection methods to evaluate the features of the dataset in parallel. The features are divided into disjoint positive region, negative region and boundary region. Then, the interclass redundancy feature and the intraclass redundancy feature in the boundary region are deleted by using the approximate Markov blanket and the information difference respectively to form a lowredundancy boundary region. Finally, the positive region and the low redundancy boundary region are concatenated by the learnable weight parameter, and the classification model is input for training and learning. Experimental results on public datasets show that 3WDFS can effectively remove irrelevant and redundant features in Android malware detection and improve the detection efficiency and accuracy of malware detection.
    Reference | Related Articles | Metrics
    A Deceptionresistant Multilevel Visual Cryptography Scheme  Based on Random Grids
    Journal of Information Security Reserach    2025, 11 (6): 532-.  
    Abstract148)      PDF (2395KB)(25)       Save
    Visual cryptography is a technique for encryption by dividing a secret image into n shares and recovering the image by superimposing the shares. However, there may be deceptive behavior during the process of reconstructing the secret image. This paper proposed a multi-level visual cryptography scheme based on random grids to address this problem. The scheme introduces a trusted third party (TTP) to address this issue. The scheme verified XOR on shares at each level during secret distribution and recovery processes. Experimental results demonstrate that the proposed scheme effectively detects deception by distributors and participants, enhancing security during implementation.
    Reference | Related Articles | Metrics
    Fake News Detection Model Based on Crossmodal Attention Mechanism and#br#  Weaksupervised Contrastive Learning#br#
    Journal of Information Security Reserach    2025, 11 (8): 693-.  
    Abstract148)      PDF (1508KB)(40)       Save
    With the widespread popularization of the Internet and smart devices, social media has become a major platform for news dissemination. However, it also provides conditions for the widespread of fake news. In the current social media environment, fake news exists in multiple modalities such as text and images, while existing multimodal fake news detection techniques usually fail to fully explore the intrinsic connection between different modalities, which limits the overall performance of the detection model. To address this issue, this paper proposes a hybrid model of crossmodal attention mechanism and weaksupervised contrastive learning(CMAWSCL) for fake news detection. The model utilizes pretrained BERT and ViT models to extract text and image features respectively, and effectively fuses multimodal features through the crossmodal attention mechanism. At the same time, the model introduces weaksupervised contrast learning, which utilizes the prediction results of effective modalities as supervisory signals to guide the contrast learning process. This approach can effectively capture and utilize the complementary information between text and image, thus enhancing the performance and robustness of the model in multimodal environments. Simulation experiments show that the CMAWSCL performs well on the publicly available Weibo17 and Weibo21 datasets, with an average improvement of 1.17 percentage points in accuracy and 1.66 percentage points in F1 score compared to the current stateoftheart methods, which verifies its effectiveness and feasibility in coping with the task of multimodal fake news detection.
    Reference | Related Articles | Metrics
    Design and Verification of V2V Authentication and Key Exchange Protocol  for Internet of Vehicles
    Journal of Information Security Reserach    2025, 11 (5): 465-.  
    Abstract147)      PDF (1252KB)(29)       Save
    In the Internet of vehicles system, vehicles need to achieve communications of vehicle to vehicle(V2V), which needs strong security, low latency, user anonymity and other security characteristics. Authentication and key exchange protocol(AKE) is based on cryptographic algorithms, aiming to complete session key negotiation for subsequent information exchange between communication parties. It is an important means to ensure the security of vehicle networking. However, the existing protocol registration phase requires offline secure channels, which is inconsistent with reality. Also the authentication phase is mostly based on third parties and requires multiple rounds of information exchange, increasing the complexity of the protocol interactions. In this paper, a lightweight V2V protocol is designed for public channels, which does not rely on the third party and only requires two rounds of information exchange during login and authentication phases. At the same time, a fast login phase is added to solve the delay of information exchange caused by sudden network interruptions. Theoretical analysis and formal verification results show that the designed protocol satisfied security properties such as authentication and confidentiality.
    Reference | Related Articles | Metrics
    Fake Face Detection Method Based on ConvNeXt
    Journal of Information Security Reserach    2025, 11 (3): 231-.  
    Abstract147)      PDF (2205KB)(53)       Save
    The fake images generated by deep generative models are becoming increasingly realistic, surpassing the human eye’s ability to detect them. These models have become new tools for illegal activities, such as fabricating lies and creating public opinion. Although current researchers have proposed many detection methods to detect fake images, their generalization ability is typically limited. To address this issue, we proposed a fake face detection method based on ConvNeXt. Firstly, we add a PSA(polarization selfattention) module after the second and third downsampling modules of ConvNeXt, enhancing the network’s spatial and channel attention performance. Secondly, a RIB(rich imformation block) is designed at the end of ConvNeXt to enrich the information learned by the network. The information is processed through this module before final classification. Furthermore, the loss function used in network training is a combination of CrossEntropy loss and KL(KullbackLeibler) divergence. Extensive experiments on the current mainstream fake face datasets demonstrate that our method surpasses all comparative methods in accuracy and generalization on the FF++ C23 dataset.
    Reference | Related Articles | Metrics
    Research and Implementation of a Blockchainbased Biometric #br# Information Sharing Scheme#br#
    Journal of Information Security Reserach    2025, 11 (5): 402-.  
    Abstract146)      PDF (1559KB)(40)       Save
    Traditional informationsharing solutions typically rely on data center servers for data storage and verification. However, this centralized model is vulnerable to issues such as data tampering, privacy breaches, and operational irregularities when under attack, making it difficult to meet the requirements for data trustworthiness. To address these challenges, this paper proposes a solution that combines blockchain technology with biometric information authentication. By using biometric features such as fingerprints and facial recognition to generate a unique authentication key, which is securely stored on the blockchain, the solution leverages the decentralized, tamperproof, and traceable characteristics of blockchain to ensure secure data storage and trusted sharing, thereby effectively safeguarding privacy and security during the information verification process. Taking the education sector as an example, this solution can effectively address issues like exam cheating and resource infringement, providing a new approach to data security and sharing that also ensures privacy protection.
    Reference | Related Articles | Metrics
    A Blockchainbased Privacypreserving Data Aggregation System for #br# Vehicular Networks#br#
    Journal of Information Security Reserach    2025, 11 (4): 367-.  
    Abstract146)      PDF (2631KB)(29)       Save
    Aiming at the privacy risks and challenges of data aggregation in vehicular networks, this paper proposes a secure and anonymous data aggregation scheme based on blockchain in vehicular networks. The scheme integrates cloud computing with blockchain and designs a blockchainbased data aggregation system that enables efficient and secure data collection and analysis in vehicular networks. The solution uses key escrow resilience to ensure the security of the keys in the system, preventing the security issues previously caused by thirdparty key generation. Additionally, the scheme employs a twostage data aggregation process to achieve finegrained data aggregation, providing effective support for cloud service in vehicular networks. Security analysis and performance evaluations demonstrate that the proposed scheme is secure and offers higher computational and communication efficiency.
    Reference | Related Articles | Metrics
    A Method for Extracting Vulnerable Entities in Small Sample  Semantic Analysis
    Journal of Information Security Reserach    2025, 11 (3): 265-.  
    Abstract142)      PDF (1775KB)(55)       Save
    At the moment, different information security vulnerability databases have different standards, with different focuses on vulnerability data and relatively independent relationships. It is difficult to quickly and comprehensively obtain highvalue vulnerability information, and a unified vulnerability entity standard needs to be established. Therefore, this paper focuses on vulnerability data in entity extraction technology research. The majority of vulnerability data is provided in unstructured natural language form that combines Chinese and English, rulebased methods lack robust generalization, deeplearningbased methods occupy too many resources and rely on a large amount of annotated data. To address these issues, this paper presents a vulnerability entity extraction method with small sample semantic analysis. The method employs BERT pretrained vulnerability data to generate a pretrained model within the cybersecurity vulnerability domain, allowing for a better understanding of cybersecurity vulnerability data and reducing reliance on lager annotated data. Additionally, a selfsupervised incremental learning approach is applied to improve model performance with very limited annotated data (1785 samples). The model in this paper extracts 12 types of vulnerability entities in the field of cybersecurity, and the experimental results show that the method outperforms other models in the recognition and extraction of cybersecurity vulnerability entities, with an F1 value of 0.8643.
    Reference | Related Articles | Metrics
    Research on Crosschain Privacy Sharing Based on Improved #br# Notary Mechanism#br#
    Journal of Information Security Reserach    2025, 11 (2): 146-.  
    Abstract142)      PDF (1405KB)(38)       Save
    In recent years, blockchain technology has been continuously developed, but with the development, problems have also emerged. For example, the problem of privacy data leakage on the chain and the problem of crosschain interaction of private data. In response to the above problems, a crosschain privacy sharing model based on an improved notary mechanism is proposed. First, the model designs a crosschain data sharing mechanism based on threshold proxy reencryption. This mechanism stipulates that notary nodes need to pledge a certain amount of tokens, crosschain initiators need to provide a certain amount of crosschain rewards, and honest notary nodes obtain tokens. Coin reward, the malicious notary node deducts a certain amount of deposit and gives it to the initiator. This mechanism effectively reduces the possibility that the notary node is a malicious node. Then, design a token locking mechanism based on hash locks and Merkle trees to ensure that cross chain initiators and notary nodes can achieve data trustworthiness across chains without mutual trust finally, experimental results and theoretical research prove that the proposed model has a low probability of malicious attack on the notary node and a high cost of malicious attack, and the algorithm used is better than other comparison schemes in terms of encryption and decryption efficiency.
    Reference | Related Articles | Metrics
    Research on Video Adversarial Example Generation Methods for  Transfer Attacks
    Journal of Information Security Reserach    2025, 11 (3): 249-.  
    Abstract140)      PDF (2693KB)(39)       Save
    Different video recognition models possess distinct temporal discrimination patterns. In transfer attacks, the generation of video adversarial examples can lead to overfitting to the whitebox model’s temporal discrimination pattern, resulting in poor transferability of the adversarial examples. In view of this phenomenon, an effective algorithm is proposed to alleviate the overfitting phenomenon. The algorithm generates multiple augmented videos by frame extraction, inputs them into a whitebox model, and obtains augmented gradients through backpropagation. Then, it repositions these gradients and calculates a weighted sum to acquire the final gradient information. Finally, it introduces this gradient information into gradientbased whitebox attack methods, such as FGSM and BIM, to obtain the final adversarial samples. The crossentropy loss function was improved; while guiding the generation of adversarial examples, its primary goal was to quickly find a direction that causes the model to misclassify, without considering the semantic space distance between the classification result and other categories with higher probabilities. In response to this issue, a regularization term based on KL divergence was introduced. When combined with the crossentropy function, the adversarial examples generated based on this loss function have stronger transferability. On the Kinetics400 and UCF101 datasets, six commonly used models in the video recognition domain were trained, specifically NonLocal, SlowFast, and TPN, with ResNet50 and ResNet101 serving as the backbone networks. One of these models was selected as the whitebox model to conduct transfer attacks on the remaining models, and a large number of experiments demonstrated the effectiveness of the method.
    Reference | Related Articles | Metrics
    Research on Tor Traffic Classification Based on Improved Bidirectional  Memory Residual Network
    Journal of Information Security Reserach    2025, 11 (5): 447-.  
    Abstract140)      PDF (2384KB)(21)       Save
    In order to solve the problem of difficulty in correctly classifying Tor traffic and regulating it due to the encryption characteristics of Tor links, a Tor traffic classification method based on an improved bidirectional memory residual neural network (CBAMBiMRNet) is proposed. Firstly, the SMOTETomek (SMOTE and Tomek links) comprehensive sampling algorithm is adopted to balance the dataset, so that the model could learn from the traffic data of all categories. Secondly, CBAM is used to assign greater weights to important features, combining 1D convolution with bidirectional long shortterm memory modules to extract temporal and local spatial features of Tor traffic data. Finally, by adding identity maps, the phenomenon of gradient vanishing and exploding caused by the increase in model layers was avoided, and the problem of network degradation was solved. The experimental results show that on the ISCXTor2016 dataset, the accuracy of our model for Tor traffic recognition reached 99.22%, and the accuracy for Tor traffic application service type classification reached 93.10%, proving that the model can effectively recognize and classify Tor traffic.
    Reference | Related Articles | Metrics
Author Center
Review Center
京ICP备19004174号
Copyright © Journal of Information Security Reserach, All Rights Reserved.
Tel: 010-68558637 E-mail: ris@cei.cn
Powered by Beijing Magtech Co., Ltd.