Most Read articles

Published in last 1 year |  In last 2 years |  In last 3 years |  All

Published in last 1 year

Please wait a minute...


For Selected: Download Citations EndNote Ris BibTeX Toggle Thumbnails

Select

Journal of Information Security Reserach    2024, 10 (E2): 105-.   Abstract （482）      PDF （929KB）（311）       Knowledge map    Save Reference | Related Articles | Metrics

Select

A Review of Adversarial Attack on Autonomous Driving Perception System Journal of Information Security Reserach    2024, 10 (9): 786-.   Abstract （348）      PDF （1560KB）（276）       Knowledge map    Save The autonomous driving perception system collects surrounding environmental information through various sensors and processes this data to detect vehicles, pedestrians and obstacles, providing realtime foundational data for subsequent control and decisionmaking functions. Since sensors are directly connected to the external environment and often lack the ability to discern the credibility of inputs, the perception systems are  potential targets for various attacks. Among these, adversarial example attack is a mainstream attack method characterized by high concealment and harm. Attackers manipulate or forge input data of the perception system to deceive the perception algorithms, leading to incorrect output results by the system. Based on the research of existing relevant literature, this paper systematically summarizes the working methods of the autonomous driving perception system, analyzes the adversarial example attack schemes and defense strategies targeting the perception system. In particular, this paper subdivide the adversarial examples for the autonomous driving perception system into signalbased adversarial example attack scheme and objectbased adversarial example attack scheme. Additionally, the paper comprehensively discusses defense strategy of the adversarial example attack for the perception system, and subdivide it into anomaly detection, model defense, and physical defense. Finally, this paper prospects the future research directions of adversarial example attack targeting autonomous driving perception systems. Reference | Related Articles | Metrics

Select

Research for Zero Trust Security Model Journal of Information Security Reserach    2024, 10 (10): 886-.   Abstract （320）      PDF （2270KB）（284）       Knowledge map    Save Zero trust is considered a new security paradigm. From the perspective of security models, this paper reveals the deepening and integration of security models in zero trust architecture, with “identity and data” as the main focus. Zero trust establishes a panoramic control object chain with identity at its core, builds defenseindepth mechanisms around object attributes, functions, and lifecycles, and centrally redirects the flow of information between objects. It integrates information channels to achieve layered protection and finegrained, dynamic access control. Finally, from an attacker’s perspective, it sets up proactive defense mechanisms at key nodes in the information flow path. Since zero trust systems are bound to become highvalue assets, this paper also explores the essential issues of inherent security and resilient service capabilities in zerotrust systems. Through the analysis of the security models embedded in zerotrust and its inherent security, this paper aims to provide a clearer technical development path for the architectural design, technological evolution, and selfprotection of zero trust in its application. Reference | Related Articles | Metrics

Select

Journal of Information Security Reserach    2024, 10 (E2): 27-.   Abstract （292）      PDF （763KB）（173）       Knowledge map    Save Reference | Related Articles | Metrics

Select

A Federated Learning Privacy Protection Method for Multikey Homomorphic  Encryption in the Internet of Things Journal of Information Security Reserach    2024, 10 (10): 958-.   Abstract （288）      PDF （1704KB）（202）       Knowledge map    Save With federated learning, multiple distributed IoT devices can jointly train a global model by updating the transmission model without leaking raw data. However, federated learning systems are susceptible to model inference attacks, resulting in compromised system robustness and data privacy. A federated learning privacy protection method for multikey homomorphic encryption in the Internet of Things is proposed to address the issues of existing federated learning solutions being unable to protect the confidentiality of shared gradients and resisting collusion attacks initiated by clients and servers. This method utilizes multikey homomorphic encryption to achieve gradient update confidentiality protection. Firstly, by using proxy reencryption technology, the ciphertext under different public keys is converted into encrypted data under the public key, ensuring that the cloud server can decrypt the gradient ciphertext. Then, IoT devices use their own public key and random secret factor to encrypt local gradient data, which can resist collusion attacks initiated by malicious devices and servers. Secondly, an identity authentication method based on hybrid cryptography was designed to achieve realtime verification of the identities of participants in federated modeling. In addition, in order to further reduce client computing costs, some decryption calculations are coordinated with trusted servers for computation, and users only need a small amount of computation. A comprehensive analysis was conducted on the proposed solution to evaluate its safety and efficiency. The results indicate that the proposed scheme meets the expected security requirements. Experimental simulation shows that compared to existing schemes, this scheme has lower computational overhead and can achieve faster and more accurate model training. Reference | Related Articles | Metrics

Select

Multilabel Classification Method of Open Source Threat Intelligence Text Based on BertTextCNN Journal of Information Security Reserach    2024, 10 (8): 760-.   Abstract （253）      PDF （1641KB）（152）       Knowledge map    Save Open source threat intelligence is very important for network security protection, but it has the characteristics of wide distribution, many forms and loud noise. Therefore, how to organize and analyze the collected massive open source threat intelligence efficiently has become an urgent problem to be solved. Therefore, this paper explores a multilabel classification method based on BertTextCNN model, considering the title, text, and regular judgment. According to the characteristics of the text published by the intelligence source, the article sets regular judgment rules to make up for the deficiency of the model. In order to fully reflect the threat topics involved in the open source threat intelligence text, the paper sets the BertTextCNN multilabel classification model for the title and the text respectively, and then resorts the two labels to get the final threat category of the text. Compared with the BertTextCNN multilabel classification model based on text only, the performance of the proposed model is improved, and the recall rate is significantly improved, which can provide valuable reference for the classification of open source threat intelligence. Reference | Related Articles | Metrics

Select

Reversible Video Information Hiding Based on Multi-pass Motion Vector Ordering Journal of Information Security Reserach    2024, 10 (8): 698-.   Abstract （236）      PDF （1590KB）（138）       Knowledge map    Save Aiming at the problem that existing reversible video information hiding algorithms based on motion vector ordering cannot adaptively adjust the embedding capacity according to the visual characteristics of video frames and have limited capacity, a multipass vector ordering reversible video information hiding algorithm is proposed. This algorithm decides whether to embed information in subsequent frames by assessing the texture and motion complexities of reference frames, thereby enabling adaptive information embedding in subsequent frames. The algorithm also enhances the multipass pixel value ordering (multipass PVO) technique and applies it to video information hiding, significantly enhancing the embedding capacity of reversible hiding algorithms. Experimental results demonstrate that, compared to similar algorithms, the variation values of PSNR and SSIM decreased by 14.5% and 8.5% respectively, and the embedding capacity increased by 7.4%. This represents significant improvements in both visual quality and embedding capacity. Reference | Related Articles | Metrics

Select

A Differential Privacy Text Desensitization Method for Enhancing Semantic Consistency Journal of Information Security Reserach    2024, 10 (8): 706-.   Abstract （232）      PDF （1067KB）（116）       Knowledge map    Save Text desensitization is an extremely important privacy protection method, and the balance between its privacy protection effect and semantic consistency with the original text is a challenge. When existing differential privacy desensitization methods are used to desensitize sensitive words, the similarity calculation probability method is used to select substitute words for sensitive words, which can easily cause inconsistency or even irrelevance between the substitute words and the original text semantics, seriously affecting the preservation of the original text semantics in the desensitized text. A differential privacy text desensitization method is proposed to enhance semantic consistency. A truncation distance measurement formula is given to adjust the probability of selecting replacement words and limit semantic irrelevant replacement words. The experimental results on real datasets show that it effectively improves the semantic consistency between desensitized text and the original text, and has great practical application value. Reference | Related Articles | Metrics

Select

Research on Data Security Sharing Technology Based on Blockchain and  Proxy Re-encryption Journal of Information Security Reserach    2024, 10 (8): 719-.   Abstract （232）      PDF （2800KB）（164）       Knowledge map    Save In the digital age, a vast amount of sensitive data is stored across various networks and cloud platforms, making data protection a crucial challenge in the field of information security. Traditional encryption methods are vulnerable due to single point of failure and centralized control, which can lead to data leakage. To address these issues, this study proposes a new method that integrates blockchain technology with an improved proxy reencryption algorithm, utilizing Shamir threshold key sharing. A data sharing scheme TDPRBC based on the threshold proxy reencryption algorithm is designed. Security analysis and experimental results show that this scheme can meet most data access needs. Reference | Related Articles | Metrics

Select

Keytarget Face Recognition Scheme Based on Homomorphic  Encryption and Edge Computing Journal of Information Security Reserach    2024, 10 (11): 1004-.   Abstract （229）      PDF （2205KB）（91）       Knowledge map    Save With the promotion of China’s comprehensive national strength and international status, more and more major international events are held in China’s firsttier cities, such as the 31st Chengdu Universiade and the 19th Hangzhou Asian Games. The huge flow of people and complex crowd categories have caused considerable security pressure on the security team. Because the traditional face recognition system realizes face recognition in the central server in plaintext state and relies on the traditional state secret algorithm to ensure security, the computational efficiency and security of the whole system cannot be fully guaranteed. Therefore, based on the CKKS homomorphic encryption scheme and Insightface face recognition algorithm, this paper proposes a keytarget face recognition scheme supporting edge computing. Firstly, the key face features are encrypted by the CKKS homomorphic encryption scheme, and the ciphertext data are distributed to each frontend monitoring device. After that, the frontend monitoring device is responsible for extracting the face features of the scene crowd and calculating the matching degree with the ciphertext database. Finally, the ciphertext calculation results are returned to the central server and decrypted. Experimental results show that the recognition accuracy of the proposed scheme is 98.2116% when the threshold is 1.23 on LFW data sets, which proves the reliability of the proposed scheme. Reference | Related Articles | Metrics

Select

Research on Risk Analysis of Opensource Software Supply Chain Security Journal of Information Security Reserach    2024, 10 (9): 862-.   Abstract （221）      PDF （1824KB）（173）       Knowledge map    Save Opensource software has become one of the most fundamental elements that support the operation of the digital society. It has also been penetrated to various industries and fields. As the opensource software supply chain becomes increasingly complex and diversified, the risks caused by security attacks on the opensource software supply chain are also intensified. This paper summarizes the current development of the opensource software supply chain ecosystem and the strategic layout of opensource software supply chain security in major countries. From the dimensions of development security, usage security, and operation security, this paper proposes an opensource software supply chain security risk analysis system. It identifies the major security risks currently faced by the opensource software supply chain. Besides, this paper constructs a security assurance model for the opensource software supply chain and offers countermeasures and suggestions for the security and development of China’s opensource software supply chain from the dimensions of supply chain phases, relevant entities, and safeguard measures. Reference | Related Articles | Metrics

Select

Overview of Regulation of Crossborder Data Flow Journal of Information Security Reserach    2025, 11 (2): 164-.   Abstract （213）      PDF （1274KB）（115）       Knowledge map    Save The development of the digital economy has made crossborder data flow an inevitable trend, and while bringing economic benefits, the security of crossborder data flow cannot be ignored. Due to the complexity of the subjects and scenes involved in the process of crossborder data flow, and the uncontrollability of the process, how to regulate the possible security problems in the process of crossborder data flow has become the focus of the world. So far, there is no unified governance rule system for crossborder data flow in the world, and at the same time, there are huge differences in legislation on crossborder data flow in different countries, which results in the complex situation of legislation on crossborder data flow in the world. This paper describes the current situation of crossborder data flow from the perspectives of laws and regulations, bilateral agreements and standards, and in this way develops horizontal comparisons, sorts out the existing regulatory differences, analyzes the challenges and opportunities China faces under the current trend, and gives reasonable countermeasures. Reference | Related Articles | Metrics

Select

Journal of Information Security Reserach    2024, 10 (E2): 88-.   Abstract （212）      PDF （684KB）（100）       Knowledge map    Save Reference | Related Articles | Metrics

Select

Design of Adversarial Attack Scheme Based on YOLOv8 Object Detector Journal of Information Security Reserach    2025, 11 (3): 221-.   Abstract （209）      PDF （3519KB）（61）       Knowledge map    Save Currently, cameras equipped with AI object detection technology are widely used. However, AI object detection models in realworld applications are vulnerable to adversarial attacks. Existing adversarial attack methods, primarily designed for earlier models, are ineffective against the latest YOLOv8 object detector. To address this issue, we propose a novel adversarial patch attack method specifically for the YOLOv8 object detector. This method minimizes confidence output while incorporating an exponential moving average (EMA) attention mechanism to enhance feature extraction during patch generation, thereby improving the attack’s effectiveness. Experimental results demonstrate that our method achieves superior attack performance and transferability. Validation tests, in which the adversarial patches were printed on clothing, also demonstrated excellent attack results, indicating the strong practicality of our proposed method. Reference | Related Articles | Metrics

Select

Blockchain Security Sharding Scheme Based on Multi-dimensional Reputation Journal of Information Security Reserach    2024, 10 (8): 690-.   Abstract （204）      PDF （2816KB）（192）       Knowledge map    Save Blockchain faces scalability issues. Sharding improves system performance by dividing the blockchain network into multiple subnetworks that process transactions in parallel. However, sharding can lead to the clustering of malicious nodes, resulting in 51% attacks and affecting system security. The existing singledimensional reputation schemes have the problems of high overhead and insufficient shard consensus in the redistribution process, failing to ensure both performance and security. To address these  problems, a blockchain security sharding scheme based on multidimensional reputation is proposed: Firstly, the scheme integrates multidimensional indicators of nodes to balance shard reputation and computational communication abilities, identifying malicious nodes.  Secondly, a twostage redistribution scheme is proposed to reduce the frequency and cost of redistribution through partial redistribution in first stage and complete redistribution in second stage. Finally, a multidimensional reputation based fast Byzantine faulttolerant consensus (MRFBFT) is designed, which combines voting power and reputation, and introduces consensus among shard leader nodes to prevent malicious behavior. The experimental results show that the shard reputation and computational communication level are more balanced, the consensus delay is reduced by about 20%, and the throughput is increased by about 15%. Reference | Related Articles | Metrics

Select

Journal of Information Security Reserach    2024, 10 (E2): 68-.   Abstract （202）      PDF （1105KB）（133）       Knowledge map    Save Reference | Related Articles | Metrics

Select

An Efficient Encrypted Database System Solution Based on Fully  Homomorphic Encryption Journal of Information Security Reserach    2024, 10 (9): 811-.   Abstract （200）      PDF （930KB）（108）       Knowledge map    Save In recent years, with the growing focus on privacy protection, fully homomorphic encryption (FHE)based encrypted database management systems (DBMS) have gained significant research attention. FHE allows DBMS to be outsourced to cloud servers without revealing plaintext data, preventing internal leaks and external breaches. However, FHEbased DBMS faces challenges such as high computational latency and low query processing capacity. To address these challenges, an efficient ciphertext database system based on Confusion Modulus Component Fully Homomorphic Encryption (CMPFHE) is proposed. This system designs a ciphertext index method that employs  symbolic functions and modulus operations, which reduces computation overhead and improving query efficiency. Additionally, it employs Nvariable Nequation homogeneous equations to achieve rapid ciphertext index retrieval, significantly decreasing the number of operations. This solution performs keyword queries on 10K rows of ciphertext data in just 54 seconds, demonstrating the practical feasibility of fully homomorphic encrypted databases. Reference | Related Articles | Metrics

Select

A Trust Framework for Large Language Model Application Journal of Information Security Reserach    2024, 10 (12): 1153-.   Abstract （200）      PDF （1420KB）（180）       Knowledge map    Save The emergence of large language model has greatly propelled the rapid application of artificial intelligence across various domains. In practice, however, there are a series of security and trust challenges in the applications of large language models caused by “model hallucinations”. These challenges make it difficult for practical applications to trust and adopt the results returned by the large language models, especially in securityrelated application domains. In many professional fields, we find that there lacks a unified technical framework to ensure the trustworthiness of results returned by large language models, which seriously hinders the application of largescale model technology in professional fields. To address this issue, a largescale model trusted application framework DKCF, integrating sufficient data (D), expertise knowledge (K), intellectual collaboration (C), and efficient feedback (F), is proposed. This framework is developed based on our practical applications in professional fields such as finance, healthcare, and security. We believe that DKCF can shed light on secure and reliable applications of large language models, and facilitate the intellectual revolution across various professional domains. Reference | Related Articles | Metrics

Select

Journal of Information Security Reserach    2024, 10 (E2): 24-.   Abstract （198）      PDF （555KB）（230）       Knowledge map    Save Reference | Related Articles | Metrics

Select

Journal of Information Security Reserach    2024, 10 (E2): 7-.   Abstract （198）      PDF （1507KB）（105）       Knowledge map    Save Reference | Related Articles | Metrics

Select

Journal of Information Security Reserach    2024, 10 (E2): 2-.   Abstract （194）      PDF （1381KB）（150）       Knowledge map    Save Reference | Related Articles | Metrics

Select

Journal of Information Security Reserach    2024, 10 (E2): 117-.   Abstract （194）      PDF （625KB）（121）       Knowledge map    Save Reference | Related Articles | Metrics

Select

Journal of Information Security Reserach    2024, 10 (E2): 32-.   Abstract （193）      PDF （3674KB）（155）       Knowledge map    Save Reference | Related Articles | Metrics

Select

A Large Language Model Detection System for Domainspecific Jargon Ji Xu, Zhang Jianyi, Zhao Zhangchi, Zhou Ziyin, Li Yilong, and Sun Zezheng Journal of Information Security Reserach    2024, 10 (9): 795-.   Abstract （192）      PDF （2610KB）（166）       Knowledge map    Save Large language model (LLM) retrieve knowledge from their own structures and reasoning processes to generate responses to user queries, thus many researchers begin to evaluate the reasoning capabilities of large language models. However, while these models have demonstrated strong reasoning and comprehension skills in generic language tasks, there remains a need to evaluate their proficiency in addressing specific domainrelated problems, such as those found in telecommunications fraud. In response to this challenge, this paper presents the first evaluation system for assessing the reasoning abilities of DomainSpecific Jargon and proposes the first domain specific jargon dataset. To address issues related to cross matching problem and complex data calculation problem, we propose the collaborative harmony algorithm and the data aware algorithm based on indicator functions. These algorithms provide a multidimensional assessment of the performance of large language models. Our experimental results demonstrate that our system is adaptable in evaluating the accuracy of questionanswering by large language models within specialized domains. Moreover, our findings reveal, for the first time, variations in recognition accuracy based on question style and contextual cues utilized by the models. In conclusion, our system serves as an objective auditing tool to enhance the reliability and security of large language models, particularly when applied to specialized domains. Reference | Related Articles | Metrics

Select

Journal of Information Security Reserach    2024, 10 (E2): 266-.   Abstract （191）      PDF （1927KB）（107）       Knowledge map    Save Reference | Related Articles | Metrics

Select

Journal of Information Security Reserach    2024, 10 (E2): 40-.   Abstract （188）      PDF （839KB）（102）       Knowledge map    Save Reference | Related Articles | Metrics

Select

Security Status Analysis and Countermeasures of Basic Software Supply Cha Journal of Information Security Reserach    2024, 10 (8): 780-.   Abstract （185）      PDF （4217KB）（154）       Knowledge map    Save Basic software is the cornerstone of supporting the efficient and stable operation of computer systems, which determines the level of development of digital infrastructure. The industrial chain of basic software, represented by operating system, database and middleware, occupies an upstream position in the entire software industry, which directly determines the scale and the efficiency of the downstream output. Due to the characteristics of long R&D cycle and large R&D investment, basic software has gradually attracted attention from various countries and risen to the level of national strategy in the increasingly complex environment of software supply chain. In recent years, while China’s basic software industry has developed rapidly with the help of open source, many security incidents of basic software supply chain have occurred, which brings risks and challenges. This paper reviews the current situation of the basic software supply chain security, analyzes the risks and challenges faced by the basic software supply chain, and puts forward reasonable suggestions from four aspects: policy, industry, user and ecology. Reference | Related Articles | Metrics

Select

An Optimized Computation Method for Cipher Symbol Functions  Based on Homomorphic Encryption Journal of Information Security Reserach    2025, 11 (2): 100-.   Abstract （184）      PDF （1092KB）（153）       Knowledge map    Save Fully homomorphic encryption extends encryption to computations, allowing ciphertext processing without decryption. Comparative operations, crucial in applications like deep learning, pose a challenge in homomorphic encryption environments restricted to addition and multiplication. Feng et al. (CNS 2023) proposed a comparison method using dynamic polynomial combinations. This paper enhances dynamic polynomial, allowing polynomial fluctuations within (-2,2). It introduces a novel equation system for solving dynamic polynomials and utilizes finite third and fifthdegree polynomials to construct more precise composite polynomials for approximating the sign function. It analyzes the method’s optimality in depth consumption and computational complexity, achieving a 32% reduction in runtime compared to the optimal method in a previous study (CNS 2023). The homomorphic comparison algorithm in this paper, for ε=2-20，α=20 requires only 0.69ms in amortized runtime. Reference | Related Articles | Metrics

Select

Multifamily Malicious Domain Intrusion Detection Based on #br# Collaborative Attention#br# Journal of Information Security Reserach    2024, 10 (12): 115-.   Abstract （181）      PDF （1317KB）（175）       Knowledge map    Save The timely and accurate detection of illegal domain names can effectively prevent the information loss caused by server crashes or unauthorized intrusions. A multifamily malicious domain name intrusion detection method based on collaborative attention is proposed. Firstly, the deep autoencoder network is used to encode and compress layer by layer, extracting the domain name encoding features at the intermediate layer. Secondly, the longdistance and shortdistance encoding features of the domain name string are extracted from the temporal and spatial dimensions, and the selfattention mechanism is constructed on the temporal and spatial encoding feature maps to enhance the expressiveness of the encoding features in local space. Thirdly, the crossattention mechanism is used to establish information interaction between the temporal and spatial encoding features, enhancing the expressiveness of different dimension encoding features in the global space. Finally, the softmax function is used to predict the probability of the domain name to be tested, and quickly determine the legitimacy of the domain name according to the probability value. The results of testing on multiple families of malicious domain name datasets show that the proposed method can achieve a detection accuracy of 0.9876 in the binary classification task of normal and malicious domain names, and an average recognition accuracy of 0.9568 on 16 family datasets. Compared with other classic methods of the same kind, the proposed method achieves the best detection results on multiple evaluation metrics. Reference | Related Articles | Metrics

Select

Research on Risk Analysis and Countermeasures of Software Supply  Chain in Critical Information Infrastructure Journal of Information Security Reserach    2024, 10 (9): 833-.   Abstract （172）      PDF （1295KB）（143）       Knowledge map    Save System security protection is crucial to critical information infrastructures (CII), and  software supply chain risk analysis is indispensable. In recent years, the number of supply chain attack incidents has increased rapidly. This paper first analysis the potential problems of “external” software components, personnel, tools, etc., which are the main causes of software supply chain threats, and then summarize the current research of domestic and foreign policies and technologies. Based on these findings, a software supply chain security framework for power industry systems is proposed. It covers 15 groups of security measures across 4 aspects, including external component governance, supplier management, development and operation facilities reinforcement, usage mechanism of the software bill of materials (SBOM), all of which can be  further extended. This framework can provide references on software supply chain security protection in power industry information systems. Reference | Related Articles | Metrics

Select

Data Sharing Access Control Method for Distribution Terminal IoT #br# Based on Zero Trust Architecture and Least Privilege Principle#br# Journal of Information Security Reserach    2024, 10 (10): 937-.   Abstract （169）      PDF （1282KB）（101）       Knowledge map    Save To maximize the security of IoT data sharing in distribution terminals, a data sharing access control method for distribution terminal IoT based on zero trust architecture and least privilege principle is proposed. We have developed a zerotrustbased IoT data sharing access control framework, which verifies user identity and access control permissions through identity authentication modules. After user access, IDS modules identify obvious network attack behaviors, while behavior trust measurement proxies in user behavior measurement modules, calculate user trust based on historical user behavior measurement data stored in trust measurement databases, and periodically evaluate user behavior trust levels, identify longterm and highly covert network attack behaviors. These proxies also periodically evaluate user behavior trust levels, identify longterm and highly covert network attack behaviors, and use behavioral trustbased access decision agents to allocate user roles based on the user trust level and the principle of least privilege, formulating and implementing access decisions. The IoT controller dynamically adjusts user resource access permissions based on trust measurement results, and achieves dynamic adjustment of user distribution terminal IoT resource access permissions by sending flow tables. The experimental results show that this method can accurately control the shared access of IoT data, and has more comprehensive performance. It has the least redundant permissions while completing user access tasks, which not only meets user access requirements but also ensures network data security. Reference | Related Articles | Metrics

Select

Journal of Information Security Reserach    2024, 10 (E2): 59-.   Abstract （161）      PDF （1210KB）（92）       Knowledge map    Save Reference | Related Articles | Metrics

Select

Blockchainbased Multifactor Crossdomain Authentication Scheme for IoV Journal of Information Security Reserach    2024, 10 (11): 1074-.   Abstract （161）      PDF （4252KB）（103）       Knowledge map    Save With the rapid rise in the number and prevalence of vehicular network (IoV) applications and services, the number of users has continuously increased, making the security of the IoV environment a crucial concern. In IoV systems, there is a risk of vehicle information being stolen or tampered with, which further affects the healthy operation of the system. To address this issue, this paper proposes a blockchainbased crossdomain authentication scheme for IoV. By integrating the entire IoV into a consortium blockchain, the trust gap between different domains is effectively resolved. Multifactor authentication of vehicle user information is employed to effectively prevent information leakage and ensure data security. The combination of blockchain and authentication technologies significantly reduces redundant operations in user identity authentication while enabling synchronized queries of IoV information. From a data security perspective, the security analysis demonstrates the feasibility of this scheme. Reference | Related Articles | Metrics

Select

A Blockchain Access Control Model for Grain Traceability Based on #br# Zerotrust Mechanism#br# Journal of Information Security Reserach    2024, 10 (10): 944-.   Abstract （156）      PDF （2180KB）（108）       Knowledge map    Save Aiming at the problems of malicious access, untrustworthy data sources, and identity forgery in the existing blockchainbased grain traceability model, a blockchain access control model for grain traceability based on a zerotrust mechanism is proposed. Based on the zerotrust security model and the concept of “never trust, always verify”, the blockchain is combined with tokenbased access control (TBAC). Using tokens as credentials to access resources, while introducing user trust analysis, establishing a dynamic and flexible authorization mechanism to achieve finegrained access control. Adding the blockchain smart contract to guarantee the automatic and trustworthy judgment of access control, TBAC is utilized to realize tokenbased access control; secondly, based on the user’s access behavior, Fuzzy Hierarchical Hierarchy Analysis (FAHP) is used so as to obtain the calculation method of the user’s trust value and to design the corresponding access control policy. Experimental results show that the method can correctly and efficiently respond to access requests, and dynamically grant users access rights on the basis of ensuring effective access to grain traceability data, realizing safe and reliable data access control. Reference | Related Articles | Metrics

Select

Design of SDP Trust Evaluation Model Based on Federated Learning Journal of Information Security Reserach    2024, 10 (10): 903-.   Abstract （155）      PDF （1860KB）（124）       Knowledge map    Save With the increasing blurring of network boundaries, zero trust has emerged as a new paradigm for network security defense. A federated learningbased SDP trust evaluation model and its deployment method are proposed to address the issues of low trust evaluation efficiency and difficulty in effectively protecting user data privacy in the face of massive contextual information and diverse terminal scenarios brought by the zero trust security architecture in the era of big data. This model adopts a decentralized approach to train a global model without sharing raw data, protecting the user data privacy of each distributed SDP controller node. Through experiments and comparative analysis, it has been proven that this zero trust evaluation model can effectively classify malicious and legitimate data streams, and its efficiency is superior to similar literature schemes. Reference | Related Articles | Metrics

Select

Behavior Conflict Detection Model Based on Transformer and  Graph Convolution Networks Journal of Information Security Reserach    2024, 10 (8): 729-.   Abstract （155）      PDF （1811KB）（123）       Knowledge map    Save In recent years, with the increasing number of surveillance cameras and the rapid development of the Internet, there are more and more surveillance and online videos. The automatic detection of behavior conflict in videos is of great significance to reduce the risk of privacy information leakage caused by human auditing, maintain social order and purify the environment online. To fully extract features of behavior conflict from videos and obtain models with good generalization ability and detection performance, we use I3D (inflated 3D convolutional network) and VGGish to extract multimodal features based on the XDViolence dataset, and propose the behavior conflict detection model based on transformer and graph convolution networks (TGBCDM) for behavior conflict detection. The model contains a Transformer encoder module and a graph convolution module, which can effectively capture the longrange dependencies in videos while paying attention to global and local information of video features. After experimental verification, the model outperforms eight existing methods. Reference | Related Articles | Metrics

Select

Journal of Information Security Reserach    2024, 10 (E2): 139-.   Abstract （155）      PDF （676KB）（138）       Knowledge map    Save Reference | Related Articles | Metrics

Select

Stream Cipher Cryptosystem Recognition Scheme Based on Hamming Weight Journal of Information Security Reserach    2024, 10 (12): 1172-.   Abstract （154）      PDF （1655KB）（60）       Knowledge map    Save Based on the known ciphertext, cryptosystem identification is a process of identifying cryptographic algorithms by analyzing the potential feature information in ciphertext data. This paper presents a recognition scheme of sequential cryptosystem based on Hamming weight. This scheme generates labeled ciphertext feature vectors by calculating the Hamming weight of ciphertext blocks of different lengths. LDA dimensionality reduction technique is used to reduce the dimensionality of feature vectors, so as to optimize the extraction and utilization efficiency of data information. Finally, fully connected neural network is used to identify the feature vector after dimensionality reduction. The experimental results show that the proposed scheme can effectively perform two classification recognition experiments and eight classification recognition experiments on 8 stream cipher algorithms such as ZUC, Salsa20 and Decimv2, and achieve good recognition results. The average recognition rate of twoclass and eightclass recognition experiments is 99.29% and 79.12% respectively. Compared with the existing research, the accuracy of this scheme is improved by 16.29% compared with the existing literature with a small amount of ciphertext data. Reference | Related Articles | Metrics

Select

Journal of Information Security Reserach    2024, 10 (E2): 114-.   Abstract （152）      PDF （592KB）（88）       Knowledge map    Save Reference | Related Articles | Metrics

Select

Journal of Information Security Reserach    2024, 10 (E2): 54-.   Abstract （152）      PDF （1425KB）（175）       Knowledge map    Save Reference | Related Articles | Metrics