Most Read articles

    Published in last 1 year |  In last 2 years |  In last 3 years |  All
    Published in last 1 year
    Please wait a minute...
    For Selected: Toggle Thumbnails
    Overview of Regulation of Crossborder Data Flow
    Journal of Information Security Reserach    2025, 11 (2): 164-.  
    Abstract310)      PDF (1274KB)(143)       Save
    The development of the digital economy has made crossborder data flow an inevitable trend, and while bringing economic benefits, the security of crossborder data flow cannot be ignored. Due to the complexity of the subjects and scenes involved in the process of crossborder data flow, and the uncontrollability of the process, how to regulate the possible security problems in the process of crossborder data flow has become the focus of the world. So far, there is no unified governance rule system for crossborder data flow in the world, and at the same time, there are huge differences in legislation on crossborder data flow in different countries, which results in the complex situation of legislation on crossborder data flow in the world. This paper describes the current situation of crossborder data flow from the perspectives of laws and regulations, bilateral agreements and standards, and in this way develops horizontal comparisons, sorts out the existing regulatory differences, analyzes the challenges and opportunities China faces under the current trend, and gives reasonable countermeasures.
    Reference | Related Articles | Metrics
    Design of Adversarial Attack Scheme Based on YOLOv8 Object Detector
    Journal of Information Security Reserach    2025, 11 (3): 221-.  
    Abstract284)      PDF (3519KB)(67)       Save
    Currently, cameras equipped with AI object detection technology are widely used. However, AI object detection models in realworld applications are vulnerable to adversarial attacks. Existing adversarial attack methods, primarily designed for earlier models, are ineffective against the latest YOLOv8 object detector. To address this issue, we propose a novel adversarial patch attack method specifically for the YOLOv8 object detector. This method minimizes confidence output while incorporating an exponential moving average (EMA) attention mechanism to enhance feature extraction during patch generation, thereby improving the attack’s effectiveness. Experimental results demonstrate that our method achieves superior attack performance and transferability. Validation tests, in which the adversarial patches were printed on clothing, also demonstrated excellent attack results, indicating the strong practicality of our proposed method.
    Reference | Related Articles | Metrics
    An Optimized Computation Method for Cipher Symbol Functions  Based on Homomorphic Encryption
    Journal of Information Security Reserach    2025, 11 (2): 100-.  
    Abstract251)      PDF (1092KB)(160)       Save
    Fully homomorphic encryption extends encryption to computations, allowing ciphertext processing without decryption. Comparative operations, crucial in applications like deep learning, pose a challenge in homomorphic encryption environments restricted to addition and multiplication. Feng et al. (CNS 2023) proposed a comparison method using dynamic polynomial combinations. This paper enhances dynamic polynomial, allowing polynomial fluctuations within (-2,2). It introduces a novel equation system for solving dynamic polynomials and utilizes finite third and fifthdegree polynomials to construct more precise composite polynomials for approximating the sign function. It analyzes the method’s optimality in depth consumption and computational complexity, achieving a 32% reduction in runtime compared to the optimal method in a previous study (CNS 2023). The homomorphic comparison algorithm in this paper, for ε=2-20,α=20 requires only 0.69ms in amortized runtime.
    Reference | Related Articles | Metrics
    Research on the Development Trend of Cybersecurity Technology
    Journal of Information Security Reserach    2025, 11 (1): 2-.  
    Abstract238)      PDF (563KB)(148)       Save
    Related Articles | Metrics
    Research on Multimodal Cyberbullying Detection Model for #br# Social Networking Platforms#br#
    Journal of Information Security Reserach    2025, 11 (2): 154-.  
    Abstract226)      PDF (2099KB)(63)       Save
    With the rapid development of social networking platforms, the issue of cyberbullying has become increasingly prominent. The diverse forms of online expression that combine text and images have increased the difficulty of detecting and managing cyberbullying. This paper constructs a Chinese multimodal cyberbullying dataset that includes both text and images. By integrating the BERT(bidirectional encoder representations from transformers) model with the ResNet50 model, we extract singlemodal features from text and images, respectively, and perform decisionlevel fusion. The fused features are then detected, achieving accurate identification of text and images as either cyberbullying or noncyberbullying. Experimental results indicate that the multimodal cyberbullying detection model proposed in this paper can effectively identify social media posts or comments that contain cyberbullying characteristics in both text and images. It enhances the practicality, accuracy, and efficiency of detecting multimodal cyberbullying, providing a new approach and method for the detection and management of cyberbullying on social networking platforms. This contributes to the creation of a healthier and more civilized online environment.
    Reference | Related Articles | Metrics
    Research on Deep Learningbased Spatiotemporal Feature Fusion  Network Intrusion Detection Model
    Journal of Information Security Reserach    2025, 11 (2): 122-.  
    Abstract215)      PDF (1944KB)(172)       Save
    As the number of network attacks increases, network intrusion detection systems are becoming increasingly important in maintaining network security. Most studies have used deep learning approaches for network intrusion detection but have not fully utilized the features of traffic from multiple perspectives. Additionally, these studies often suffer from the use of outdated experimental datasets. In this paper, a parallelstructured DSCInceptionBiLSTM network is proposed to evaluate the designed network model using stateoftheart datasets. The model consists of two branches, network traffic image, and text anomaly traffic detection. Spatial and temporal features of traffic are extracted by improved convolutional neural networks and recurrent neural networks, respectively. Finally, network intrusion detection is achieved by fusing spatiotemporal features. The experimental results show that our model achieves 99.96%, 99.19%, and 99.95% accuracy on the three datasets of CICIDS 2017, CSECICIDS 2018 and CICDDoS 2019, respectively, effectively classifying the anomalous traffic with high precision and meeting the requirements of intrusion detection system.
    Reference | Related Articles | Metrics
    Privacypreserving Federated Learning Research Based on #br# Confused Modulo Projection Homomorphic Encryption#br#
    Journal of Information Security Reserach    2025, 11 (3): 198-.  
    Abstract210)      PDF (1298KB)(135)       Save
    In the current era of big data, deep learning is booming and has become a powerful tool for solving realworld problems. However, traditional centralized deep learning systems are at risk of privacy leakage. To address this problem, federated learning, a distributed machine learning approach, has emerged. Federated learning allows multiple organizations or individuals to train models together without sharing raw data, by uploading local model parameters to the server, aggregating each user’s parameters to construct a global model, and returning it to the user. This approach achieves global optimization and avoids private data leakage. However, even with federated learning, attackers may still be able to reconstruct user data by obtaining the model parameters uploaded by users, thus violating  privacy. To address this issue, privacy protection has become the focus of federated learning research. In this paper, we propose a federated learning scheme FLFC (federated learning with confused modulo projection homomorphic encryption) based on confused modulo projection homomorphic encryption to address the above issues. This scheme adopts a selfdeveloped modular fully homomorphic encryption algorithm to encrypt user model parameters. The modular fully homomorphic encryption algorithm has the advantages of high computational efficiency, support for floatingpoint operations, and localization, thus achieving stronger protection of privacy. Experimental results show that the FLFC scheme exhibits a higher average accuracy and good stability compared to the FedAvg scheme in experiments.
    Reference | Related Articles | Metrics
    Design and Implementation of Resourceefficient SM4 Algorithm on FPGA
    Journal of Information Security Reserach    2025, 11 (6): 490-.  
    Abstract210)      PDF (2238KB)(91)       Save
    In the hardware implementation of the SM4 algorithm, the lookup table method is commonly adopted for realizing the Sbox, which consumes a significant amount of hardware resources. This paper proposes an implementation scheme for the SM4 algorithm based on polynomial basis. Two construction schemes are developed for the 8×8 Sbox used in the SM4 algorithm, one based on composite field GF((24)2) and the other on composite field GF(((22)2)2). The test results indicate that the scheme based on polynomial bases GF((24)2) is optimal. Taking into account both resource utilization and performance, this paper designs two hardware implementation structures for SM4: a state machine parallel structure and a pipelined structure. Compared with the traditional lookup table approach, the state machine parallel structure reduces resource utilization by 21.98% while increasing the operating frequency by 14.4%. The pipelined structure achieves a reduction in resource utilization by 54.23%.
    Reference | Related Articles | Metrics
    A Survey of Network Topology Obfuscation Techniques
    Journal of Information Security Reserach    2025, 11 (4): 296-.  
    Abstract208)      PDF (1248KB)(119)       Save
    LinkFlooding Attack (LFA) is a novel distributed denialofservice (DDoS) attack that exploits network topology detection. Network Topology Obfuscation serves as an effective deceptive defense mechanism against this attack, aiming to provide proactive protection before an attack occurs. Over the past decade, relevant research has continuously made progress, proposing corresponding obfuscation solutions for different scenarios and objectives. This paper comprehensively reviews the network topology obfuscation techniques. First, it combines the basic principles and classifications of network topology discovery to point out the risks of topology leakage in current network topology discovery. Next, it formally defines network topology obfuscation design and presents a proactive defense model. Then, based on the obfuscation concept, the technologies are divided into packet modification, decoy traps, routing mutation, and metric forgery schemes, and proposes a set of metrics to comprehensively compare the current mainstream network topology obfuscation techniques.
    Reference | Related Articles | Metrics
    A Federated Learning Method Resistant to Label Flip Attack
    Journal of Information Security Reserach    2025, 11 (3): 205-.  
    Abstract205)      PDF (3486KB)(83)       Save
    Since users participating in federated learning training have high autonomy and their identities are difficult to identify, they are vulnerable to label flip attacks, causing the model to learn wrong rules from wrong labels and reducing the overall performance of the model. In order to effectively resist label flip attacks, a dilutionprotected federated learning method for multistage training models is proposed. This method randomly divides the training data set and uses a dilution protection federated learning algorithm to distribute part of the data to clients participating in the training to limit the amount of data owned by the client and avoid malicious participants with large amounts of data from causing major damage to the model. After each training session, the gradients of all training epochs in that phase are gradient clustered by a dimensionality reduction algorithm in order to identify potentially malicious actors and restrict their training in the next phase. At the same time, the global model parameters are saved after each stage of training to ensure that the training of each stage is based on the model foundation of the previous stage. Experimental results on the data set show that this method reduces the impact of attacks without damaging the model accuracy, and helps improve the convergence speed of the model.
    Reference | Related Articles | Metrics
    A Malicious TLS Traffic Detection Method with Multimodal Features
    Journal of Information Security Reserach    2025, 11 (2): 130-.  
    Abstract201)      PDF (3159KB)(121)       Save
    The malicious TLS traffic detection aims to identify network traffic that involves malicious activities transmitted through the TLS protocol. Due to the encryption properties of the TLS protocol, traditional textbased traffic analysis methods have limited effectiveness when dealing with encrypted traffic. To address this issue, a malicious TLS traffic detection method called MultiModal Feature Fusion for TLS Traffic Detection (MTBRL) has been proposed. This method extracts and fuses features from different modalities to detect malicious TLS traffic. Firstly, expert knowledge is employed for feature engineering, extracting key features from encrypted traffic, including protocol versions, encryption suites, and certificate information. These features are processed and transformed into twodimensional image representations. Then, ResNet is utilized to encode these images and extract their features. Simultaneously, an encrypted traffic pretrained BERT model is used to encode TLS flows, allowing the learning of contextual and semantic features of the TLS traffic. Additionally, an LSTM model is employed to encode the sequence of packet length distributions of the encrypted traffic, capturing temporal characteristics. Finally, through feature fusion techniques, the different modality features are integrated, and the model’s weight parameters are automatically learned and optimized using the backpropagation algorithm to accurately predict malicious TLS traffic. Experimental results demonstrate that this method achieves accuracy, precision, recall, and F1score of 94.94%, 94.85%, 94.15%, and 94.45%, on the DataCon2020 dataset. This performance is significantly superior to traditional machine learning and deep learning methods. 
    Reference | Related Articles | Metrics
    Deep Learningbased Method for Encrypted Website Fingerprinting
    Journal of Information Security Reserach    2025, 11 (4): 304-.  
    Abstract199)      PDF (1407KB)(104)       Save
    Website fingerprinting is an important research area within the fields of network security and privacy protection. Its goal is to identify websites accessed by users within an encrypted network environment by analyzing network traffic characteristics. In response to the problems of limited application scenarios, such as restricted application scenarios, insufficient applicability, and the singularity of feature selection, this paper proposes a deep learningbased method for encrypted website fingerprinting. Initially, a new preprocessing method for raw data packets is introduced, which processes directly captured raw packet files to generate a feature sequence with both spatial and temporal characteristics, structured hierarchically. Following this, a hybrid deep learning model combining convolutional neural networks and long shortterm memory networks is designed to thoroughly learn the spatial and temporal features present in the data. The study further investigates various activation functions, model parameters, and optimization algorithms to improve the model’s accuracy and generalization capability. Experimental results indicate that this method provides higher website fingerprinting accuracy in the onion router anonymous network environment when it does not rely on cell packets. And it also achieves better accuracy compared to current mainstream machine learning methods in virtual private network scenarios.
    Reference | Related Articles | Metrics
    Journal of Information Security Reserach    2025, 11 (2): 173-.  
    Abstract198)      PDF (1383KB)(72)       Save
    With the rapid development of Internet of Things technology, smart cameras are widely used in personal and public safety due to ease of use and low cost. However, the issue of unauthorized video recording also raises concerns about privacy and security, so the detection and identification of hidden smart cameras in specific environments is of great significance. Existing covert smart camera detection methods cannot accurately detect cameras that delay data transmission or save data locally, because these methods rely primarily on camera audio and video network traffic generated when users view surveillance. To solve this problem, this paper proposes a covert intelligent camera detection method based on device WiFi reconnection traffic. The method uses MDK4 flooding attacks to make all smart devices connected to WiFi hotspots offline and reconnect, then sniffs and analyzes the encrypted traffic generated during the process of smart devices reconnecting to WiFi in the environment, and uses machine learning methods to detect hidden smart camera devices. The experimental results show that even without WiFi access, this method still has a high detection accuracy for hidden smart camera devices with delayed transmission or data stored locally.
    Reference | Related Articles | Metrics
    A Blackbox Antiforensics Method of GANgenerated Faces Based on #br# Invertible Neural Network#br#
    Journal of Information Security Reserach    2025, 11 (5): 394-.  
    Abstract177)      PDF (1920KB)(74)       Save
    Generative adversarial network GANgenerated faces forensics models are used to distinguish real faces and GANgenerated faces. But due to the fact that forensics models are susceptible to adversarial attacks, the antiforensics techniques for GANgenerated faces have emerged. However, existing antiforensic methods rely on whitebox surrogate models, which have limited transferability. Therefore, a blackbox method based on invertible neural network (INN) is proposed for GANgenerated faces antiforensics in this paper. This method embeds the features of real faces into GANgenerated faces through the INN, which enables the generated antiforensics faces to disturb forensics models. Meanwhile, the proposed method introduces a feature loss during training to maximize the cosine similarity between the features of the antiforensics faces and the real faces, further improving the attack performance of antiforensics faces. Experimental results demonstrate that, under the scenarios where no whitebox models are involved, the proposed method has good attack performance against eight GANgenerated faces forensics models with better performance than seven comparative methods, and can generate highquality antiforensics faces.
    Reference | Related Articles | Metrics
    Indoor Localization Security Scheme Based on Geographic  Indistinguishability and Flexible WiFi Deployment
    Journal of Information Security Reserach    2025, 11 (2): 107-.  
    Abstract175)      PDF (1351KB)(75)       Save
    In indoor localization services, WiFi fingerprinting technology has received widespread attention due to its extensive coverage  and high localization accuracy. However, for the online phase of location query, the user’s personal sensitive information is vulnerable to malicious attacks resulting in location privacy leakage. Existing WiFi fingerprintbased indoor positioning technologies primarily focus on single flat surfaces within indoor environments, which restricts the flexibility of WiFi deployment. When WiFi is deployed in multidimensional scenarios, addressing spatial location privacy issues becomes imperative. In this paper, a WiFi fingerprinting indoor localization privacy protection scheme based on geographic indistinguishability is proposed, in which the user generates a new received signal strength vector by using his own received signal strength and sends the obtained data to the location service provider through noise obfuscation, and introduces a digital signature technique to ensure that the client’s identity is not forged before obfuscating the position to be sent to the location service provider to achieve localization. Experimental results based on the simulation experimental platform show that the new scheme supports flexible deployment of WiFi, and is able to realize highprecision localization for the first time in the case of flexible deployment of 12 WiFi access points with guaranteed localization error of less than 1m while protecting location privacy.
    Reference | Related Articles | Metrics
    Research of Invisible Backdoor Attack Based on Interpretability
    Journal of Information Security Reserach    2025, 11 (1): 21-.  
    Abstract173)      PDF (1740KB)(58)       Save
    Deep learning has achieved remarkable success on a variety of critical tasks. However, recent work has shown that deep neural networks are vulnerable to backdoor attacks, where attackers release inverse models that behave normally on benign samples, but misclassify samples imposed by any trigger to the target label. Unlike adversarial samples, backdoor attacks are mainly implemented in the model training phase, perturbing samples with triggers and injecting backdoors into the model. This paper proposes an invisible backdoor attack based on interpretability algorithms. Different from the existing works that arbitrarily set the trigger mask, this paper carefully designs a trigger mask determination based on interpretability, and uses the latest random pixel perturbation as the trigger style design, so that the sample pairs imposed by the trigger are more natural and undetectable to avoid the detection of the human eye, and the defense strategy against the backdoor attack. In this paper, we conduct a large number of comparative experiments on CIFAR10, CIFAR100 and ImageNet datasets to demonstrate the effectiveness and superiority of our attack. The SSIM index is also used to evaluate the difference between the backdoor samples designed in this paper and the benign samples, and an evaluation index close to 0.99 is obtained, which proves that the backdoor samples generated in this paper are not identifiable under visual inspection. Finally, this paper also proves that the proposed attack is defensible against the existing backdoor defense methods.
    Reference | Related Articles | Metrics
    Innovative and Professional Talent Education Architecture of  Cyberspace Security in New Situation
    Journal of Information Security Reserach    2025, 11 (4): 385-.  
    Abstract171)      PDF (3780KB)(103)       Save
    The emerging new problems and technologies in the field of cybersecurity currently do not match the applicability and timeliness of existing talent cultivation in technological development. In response to this, this paper investigates the innovative professional training system for cybersecurity talents under new circumstances. We systematically examine key issues in talent cultivation, dynamic updates of training objectives, evolution of knowledge systems, and cultivation of innovative competencies. The study proposes and constructs a comprehensive, multilevel, and dynamic talent cultivation framework for cyberspace security professionals, encompassing core theoretical research, critical technology R&D, and comprehensive innovation capability development that adapts to new technological trends. Through innovative processes including instructional objective design, content adaptation, teaching implementation, and feedback mechanisms, we establish an internationally adaptable training system that dynamically responds to technological advancements. This approach strengthens the dynamism, adaptability, and practical orientation of cybersecurity talent cultivation, effectively addressing the demand for innovative professionals in cyberspace security under evolving technological landscapes and emerging requirements.
    Reference | Related Articles | Metrics
    Design and Implementation of 3D Model Matching Algorithm
    Journal of Information Security Reserach    2025, 11 (6): 539-.  
    Abstract167)      PDF (2587KB)(20)       Save
    3D model matching plays a vital role in model copyright protection and transaction facilitation by effectively preventing redundant authentication and enabling convenience for research, testing, and management in related fields. However, traditional matching approaches predominantly rely on plaintext matching, which, despite ensuring a certain level of matching accuracy and robustness, falls short in data privacy protection. To address this gap, ciphertext matching performs matching computations on encrypted data, thus enabling model matching while safeguarding data privacy. This approach offers significant practical value and broad application prospects. Therefore, this paper presents three matching strategies. 1) Under plaintext conditions, precise registration of 3D point clouds is achieved via the Iterative Closest Point (ICP) algorithm, followed by model matching using peak signaltonoise ratio (PSNR). 2) Under plaintext conditions, 3D point cloud features are extracted using the PointNet deep learning model, and feature similarity is calculated via cosine similarity. 3) Under ciphertext conditions, the extracted features are encrypted using homomorphic encryption. Cosine similarity is then used to compute the similarity of the encrypted features, thereby effectively protecting data privacy.
    Reference | Related Articles | Metrics
    Encrypted Traffic Detection Technology for Multisession Coordinated #br# Attack Based on Deep Learning#br#
    Journal of Information Security Reserach    2025, 11 (1): 66-.  
    Abstract165)      PDF (1497KB)(54)       Save
    Malicious encrypted traffic detection is currently an important research topic in the field of network security. Attacker used multisession encrypted traffic to achieve multistage coordinated attacks, which is becoming a trend. This paper analyzes the existing problems of current mainstream malicious encrypted traffic detection methods, and proposes an malicious encrypted traffic detection method for multisession coordinated attack scenarios. Based on the advantages of deep learning methods in the field of image recognition, this method extracts multisession features and converts them into images, converting encrypted traffic identification problems into image recognition problems, thereby indirectly realizes malicious encrypted traffic detection. The preliminary test results on the experimental data have verified the effectiveness of the method.
    Reference | Related Articles | Metrics
    EU Data Protection Certification System and China’s Mirror
    Journal of Information Security Reserach    2025, 11 (1): 91-.  
    Abstract163)      PDF (2512KB)(47)       Save
    Achieving secure, orderly, and free crossborder data transfer is a significant policy issue for countries worldwide. Article 38 of the “Personal Information Protection Law of the People’s Republic of China” explicitly stipulates a certification system for crossborder transfer of personal information. However, this system is still in its nascent stage and faces fundamental and implementation challenges, such as determining the objects of certification. The European Union, as the progenitor of data protection certification systems, offers a reference for the perfection of China’s certification system through its institutional framework and distinctive features. This paper takes the EU’s data protection certification system and China’s personal information crossborder transfer certification system as its research subjects, compares with the differences in their institutional designs, and proposes five improvement suggestions, including clarifying the objects of certification, to address the systemic challenges in the construction of China’s certification system. These suggestions aim to provide valuable support for the improvement and innovation of the personal information crossborder transfer certification system.
    Reference | Related Articles | Metrics
    Constructing Lightweight Trusted Execution Environment on  RISCV Dualcore Processor
    Journal of Information Security Reserach    2025, 11 (6): 500-.  
    Abstract162)      PDF (2551KB)(25)       Save
    With the rapid development of Internet of Things (IoT) technology, resourceconstrained embedded IoT devices face particularly severe challenges in information security. The Trusted Execution Environment (TEE) provides an effective approach to addressing the security issues of terminal devices. By dividing the system into secure and ordinary areas and employing mechanisms such as memory access control, TEE ensures the separate execution of secure and ordinary application software, thereby significantly enhancing the overall system security. This paper addresses the problem of trusted isolation of secure application software and proposes a lightweight TEE SystemonChip (SoC) solution based on a RISCV dualcore architecture. Specifically, the solution leverages the Physical Memory Protection (PMP) mechanism to achieve trusted isolation. Additionally, to prevent unauthorized access to secure area resources by ordinary area applications, a lowresource IOPMP design is presented, which uses a physical address access firewall mechanism to block unauthorized access. Furthermore, to facilitate efficient message transfer between the secure and ordinary areas, a Mailbox communication scheme based on the “message queue & interrupt” mechanism is proposed. Experimental results indicate that the design proposed in this paper has lower hardware resource consumption compared to similar designs, with a power consumption of only 0.256W, a 14% reduction. In the CoreMark test for the TEE CPU, the score reached 2.40 CoreMarks/MHz, which is double the performance of similar designs.
    Reference | Related Articles | Metrics
    Multiciphertext Equality Test Scheme Based on RLWE
    Journal of Information Security Reserach    2025, 11 (6): 511-.  
    Abstract161)      PDF (1049KB)(27)       Save
    With the rapid development of technology, privacy protection has become an important issue. In order to ensure the security of data, it is usually chosen to encrypt the data and store it on the cloud server. However, in this way, the cloud server cannot effectively process the encrypted data such as calculation and statistics, which limits many application scenarios. To address this issue, this paper proposes a PKEMET(publickey encryption with a multiciphertext equality test) scheme based on RLWE (ring learning with error) problem, and provides a correctness and security analysis. This solution allows the cloud server to perform equality tests on multiple ciphertexts at the same time, and is also resistant to quantum computing attacks. This paper also implements the scheme based on the Palisade library, and compares it with other schemes from the perspective of theory and implementation. Compared with other solutions, this solution has the advantages of high efficiency and short running time.
    Reference | Related Articles | Metrics
    The Finegrained Executor Scheduling Algorithm for Unknown  Attacks Perception
    Journal of Information Security Reserach    2025, 11 (6): 569-.  
    Abstract161)      PDF (1456KB)(29)       Save
    Addressing security threats from unknown attacks exploiting software and system vulnerabilities in power grid devices often overlooks potential issues within operating systems and communication protocols at the programming languarg level. This paper proposes a finegrained scheduling algorithm that quantifies the similarity of execution components and incorporates parameters such as attack timing and frequency to assess historical trust deficit. By combining similarity and historical trust deficit, a quantitative algorithm for redundant execution body heterogeneity is introduced. Simulation experiments demonstrate that this algorithm significantly outperforms other methods in distinguishing execution body similarity, effectively reducing the risk of exploiting similar vulnerabilities or defects, and minimizing redundant wastage from similar execution bodies. The failure rate remains consistently below 0.55, indicating superior practical performance compared to commonly used algorithms.
    Reference | Related Articles | Metrics
    Group Key Management Mechanism for Internet of Vehicles
    Journal of Information Security Reserach    2025, 11 (2): 139-.  
    Abstract157)      PDF (873KB)(59)       Save
    Based on the characteristics of the Internet of vehicles(IoV), a treebased lightweight group key management mechanism (Lightweight Tree Group Key Management Mechanism, LTGKM) is proposed to realize the security of multicast and broadcast communications in the IoV. LTGKM adopts a hierarchical approach to generate, distribute and update the group keys. The management node of various layers generates the corresponding group key using the HMAC function as the key derivation function, and distributes the group key to the child node based on the encrypted certification algorithm; When a new node joins, the parent node generates a new group key and distribute it to the new node, and the remaining nodes update the group key by themselves; when the user leaves, the nonleaf node updates the group key by themselves, and the new group key is distributed to the leaf node by its father node. Security analysis shows that LTGKM realizes the randomness, forward security, and backward security during the group key generation and update, and the confidentiality, integrity and uniformity during key distribution. Performance analysis shows that LTGKM has obvious advantages in storage, computing and communication.
    Reference | Related Articles | Metrics
    A Secure and Efficient Sharing Method for Electronic Medical Records #br# Based on Blockchain#br#
    Journal of Information Security Reserach    2025, 11 (1): 74-.  
    Abstract155)      PDF (1096KB)(52)       Save
    In response to the challenges faced by medical institutions in sharing electronic medical records, such as privacy leakage risks and inefficient retrieval issues, this paper proposes an efficient encrypted retrieval and sharing scheme for electronic medical records based on blockchain technology. We propose a blockchainbased scheme for efficient encryption, retrieval, and sharing of EMRs. Firstly, the scheme stores encrypted EMRs on cloud servers and implements the retrieval process on a consortium blockchain, effectively achieving separation of storage and retrieval. It incorporates a confusion trapdoor set, significantly reducing the risk of keyword guessing attacks. Secondly, considering the unique nature of medical data, we introduce an optimized inverted index structure that effectively resolves efficiency concerns when handling a large volume of EMRs. Lastly, based on this index structure, we develop a ciphertext retrieval algorithm that efficiently retrieves ciphertexts by combining searchable encryption’s trapdoor technique with keyword ciphertexts in the inverted index. Experimental results demonstrate that our proposed solution successfully addresses the challenges in the healthcare industry’s EMR sharing, enhancing system operational efficiency while ensuring privacy protection. 
    Reference | Related Articles | Metrics
    Multiparty Data Security Sharing Scheme Based on Decentralized Verification
    Journal of Information Security Reserach    2025, 11 (6): 578-.  
    Abstract155)      PDF (4817KB)(56)       Save
    With the development of the Internet of Things, collaborative work between multiple devices is becoming increasingly common. However, in the process of data sharing, user privacy may face the risk of data theft and tampering. Existing FL methods rely on mobile edge computing (MEC) servers for model aggregation, and have problems with trust, security threats, and single points of failure. To solve these problems, a new multiparty data sharing scheme based on blockchain is proposed, in which a decentralized verification mechanism and a consensus mechanism inspired by proof of stake (PoS) are introduced. The decentralized verification mechanism ensures the legitimacy of each local model update by evaluating node behavior and voting, and only legitimate updates are used for global model building. In the process of model construction, homomorphic encryption and key sharing techniques are used to encrypt the local model parameters to ensure the security integrity of model parameters in the process of transmission and aggregation. The PoS consensus mechanism rewards honest behavior devices, increasing their chances of becoming block generators. In addition, the cache mechanism of information search is introduced to reduce the number of multiparty search. The data sharing scheme has been verified to enhance data security.
    Reference | Related Articles | Metrics
    An Intrusion Detection Method for Internet of Things by Fusing #br# Spatiotemporal Features#br#
    Journal of Information Security Reserach    2025, 11 (3): 241-.  
    Abstract154)      PDF (3194KB)(59)       Save
    Aiming at the problems of insufficient attack samples and more categories in unbalanced IoT traffic datasets reducing the classification accuracy and generalization ability of the detection model, an intrusion detection method for the Internet of things by fusing spatiotemporal features (BGAREU) is proposed. The data were first normalized and the SMOTEENN method was used to improve the data distribution of the training samples; then temporal features and global information were extracted by Bidirectional gated recurrent unit (BiGRU) and multihead attention, and combined ResNext network and UNet network to construct a multiscale spatial feature extraction network, and then incorporate efficient channel attention (ECANet) into the residual units to enhance the local characterization capability; finally, the fused features are fed into the Softmax classifier for multiclassification. Experiments show that the proposed model has more than 2% improvement in all the metrics compared with other models on IoT traffic datasets UNSWNB15, NSLKDD, and WSNDS. In addition, this paper verifies that the ECANet has stronger characterization ability by comparing multiple attention mechanisms, and explores the effect of different numbers of attention heads in multihead attention on the model performance.
    Reference | Related Articles | Metrics
    Research and Application of Trusted Data Security Management #br# Technology Based on Chameleon Hash#br#
    Journal of Information Security Reserach    2025, 11 (2): 189-.  
    Abstract152)      PDF (2544KB)(60)       Save
    To simultaneously address the demands for data updates and data security management in the field of data circulation, this paper investigates a trusted data security management scheme based on chameleon hash. Initially, the mathematical foundations of chameleon hash are analyzed and three construction methods are compared. A data security management approach that integrates chameleon hash with homomorphic encryption is summarized and applied to digital rights protection. This method not only permits the updating and modification of submitted data but also ensures data security and userfriendliness. Finally, the efficiency of the proposed method is evaluated through experimental simulations. The results demonstrate that the data security management and update method proposed in this paper is suitable for environments requiring frequent data updates and certain security needs. This method effectively reduces the overall cost of data updates, providing an efficient and secure solution for the circulation of data elements.
    Reference | Related Articles | Metrics
    Design of a Large Model Data Supervision System Based on Blockchain
    Journal of Information Security Reserach    2025, 11 (8): 682-.  
    Abstract152)      PDF (2618KB)(68)       Save
    Large model (LM) has shown great potential in the fields of natural language processing, image and speech recognition, and has become a key force driving the technological revolution and social progress. However, the wide application of LM technology brings challenges such as data privacy risks, data compliance regulation, and data regulatory activation and intelligence.  This paper aims to explore how to utilize blockchain to design and construct an effective data regulatory system to promote its healthy development, in order to meet the challenges brought by the application of massive data to LM. This paper analyzes the trends and current status of the development of LM at home and abroad, and points out the main challenges to LM data regulation, including data privacy risks, data compliance, and the difficulty of effective supervision by regulators . A blockchainbased data regulation system design scheme is proposed to address these challenges, which realizes the fullcycle data regulation of LM data from the native metadata to the input of training until the posttraining feedback through four interconnected modules, namely, privacy protection, consensus algorithm, incentive mechanism, and smart contract. Finally, the application prospect of blockchain in LM data supervision is summarized, and the future trend of data supervision is outlooked.
    Reference | Related Articles | Metrics
    Research on Distributed Identity Authentication Technology Based on  Revocable Proxy Signature
    Journal of Information Security Reserach    2025, 11 (6): 521-.  
    Abstract151)      PDF (1936KB)(25)       Save
    With the proliferation of digital services in people’s daily lives, traditional identities have found a new form of expression—digital identities. In conventional network digital activities, the digital identity management is handled by centralized service providers, which brings a series of issues such as difficulties in centralized storage management and insufficient protection of user privacy. Consequently, the identity authentication technology based on decentralized identifier (DID) has become a current research hotspot. However, distributed digital identity authentication schemes often face problems of privacy leakage and cumbersome user signature authentication processes, presenting significant pain points in current distributed identity authentication technology. To address the aforementioned issues, this paper constructs a distributed identity authentication protocol based on revocable proxy signatures, verifiable credentials, and blockchain technology. This protocol achieves a userfriendly and secure signature authentication process, requiring low device performance from users participating in digital activities, making it suitable for a wider range of user digital activities.
    Reference | Related Articles | Metrics
    The Methods to Improve the Computational Performance of  Domestic Cryptographic Algorithm SM9
    Journal of Information Security Reserach    2025, 11 (1): 5-.  
    Abstract150)      PDF (1054KB)(41)       Save
    Aiming to improve the computational performance of the domestic cryptographic algorithm SM9, this paper proposes a twodimensional Comb fixedbase modular exponentiation algorithm, extends the application of precomputed scalar multiplication, and optimizes the commonly used ID. Theoretical analysis and experimental tests show that these proposed methods can effectively improve the computational performance of components such as fixedbase modular exponentiation and the three common steps of the SM9 algorithm by precomputing and increasing acceptable storage overhead. After applying the above improvement methods comprehensively, the performance of SM9 digital signature generation and verification, key exchange, key encapsulation, and encryption algorithms is improved by 14% to 116%.
    Reference | Related Articles | Metrics
    A Latticebased CPABE Scheme with Policy Splitting and #br# Attribute Revocation#br#
    Journal of Information Security Reserach    2025, 11 (6): 548-.  
    Abstract148)      PDF (1755KB)(13)       Save
    Ciphertextpolicy attributebased encryption (CPABE) is suitable for providing secure datasharing services in the cloud storage scenario. However, attribute revocation is a challenging issue in CPABE. With the advancements in quantum computing research, traditional CPABE are no longer secure. Latticebased CPABE can resist quantum attacks. This paper proposes a latticebased CPABE scheme with policy splitting and attribute revocation. This scheme is resistant to quantum and collusion attacks. When attribute revocation occurs, this paper uses policy splitting to reduce the affected ciphertexts (blocks) and uses the lazy mode ciphertext update method to reduce the number and scope of ciphertexts that need to be updated. Theoretical analysis demonstrates that the overall storage cost of our scheme remains within a reasonable range. Finally, it is shown that, under the standard model, the scheme is proven secure against chosenplaintext attacks (CPA), and its security can be attributed to the ring learning with errors (RLWE) difficulty problem.
    Reference | Related Articles | Metrics
    Container Anomaly Detection Based on Attention Mechanism and  Multiscale Convolutional Neural Network
    Journal of Information Security Reserach    2025, 11 (1): 35-.  
    Abstract143)      PDF (1437KB)(54)       Save
    Containers are widely used in cloud computing due to their lightweight, flexibility, and ease of deployment, making them an indispensable technology. However, they also face security concerns due to their shared kernel and weaker resource isolation compared to virtual machines. Based on attention mechanism and convolutional neural network, this paper proposes a method of process anomaly detection in container based on system call sequence, which uses the data generated by container process operation to analyze and judge the abnormal behavior of process. The experimental results on public datasets and simulated attack scenarios show that this method can detect anomalies in the behavior of processes within containers, and is higher in accuracy and precision than comparison methods such as random forest and LSTM.
    Reference | Related Articles | Metrics
    Android Malware Detection Based on Threeway Decision Feature Selection
    Journal of Information Security Reserach    2025, 11 (6): 561-.  
    Abstract139)      PDF (1077KB)(26)       Save
    There are a large number of irrelevant and redundant features in the Android malware detection dataset. A single feature selection method cannot effectively remove irrelevant or redundant features. If the features with large amount of information are removed, it is easy to cause the problem of model collapse. To address these issues, this paper proposed an Android malware detection method based on ThreeWay Decision Feature Selection (3WDFS). The algorithm combines the idea of threeway decision, and uses a variety of feature selection methods to evaluate the features of the dataset in parallel. The features are divided into disjoint positive region, negative region and boundary region. Then, the interclass redundancy feature and the intraclass redundancy feature in the boundary region are deleted by using the approximate Markov blanket and the information difference respectively to form a lowredundancy boundary region. Finally, the positive region and the low redundancy boundary region are concatenated by the learnable weight parameter, and the classification model is input for training and learning. Experimental results on public datasets show that 3WDFS can effectively remove irrelevant and redundant features in Android malware detection and improve the detection efficiency and accuracy of malware detection.
    Reference | Related Articles | Metrics
    A Blockchain Oracle Scheme Based on Schnorr Threshold Signature
    Journal of Information Security Reserach    2025, 11 (3): 282-.  
    Abstract137)      PDF (832KB)(45)       Save
    A blockchain oracle scheme base on Schnorr threshold signatures is proposed to address the inefficiency of blockchain interactions with offchain data when using oracles as intermediaries. The scheme aggregates multiple signatures based on the Schnorr threshold signature combined with the linear secret sharing algorithm. Additionally, it employs multiple oracles to obtain data information in the physical world, and achieves efficient and highly reliable data transmission from the oracle to the blockchain. The analyses and experiments demonstrate that the scheme offers good security and performance.
    Reference | Related Articles | Metrics
    An Alliance Chain Traceability System for USB Key Based on #br# Proxy Reencryption and Zeroknowledge Proof#br#
    Journal of Information Security Reserach    2025, 11 (1): 81-.  
    Abstract136)      PDF (2087KB)(35)       Save
    At present, blockchainbased information traceability solutions are widely applied in the Internet of things (IoT) space. However, during the storage and query processes in blockchainbased traceability solutions, there is a risk of data and user privacy leakage.  To address these issues, this paper proposes a trusted traceability solution for USB Keys based on consortium blockchain, integrating proxy reencryption and zeroknowledge proof technologies. Firstly, the Interplanetary File System (IPFS) and proxy reencryption technologies are introduced during the onchain storage process on the blockchain to establish a secure and efficient information storage mechanism for the participating parties. Additionally, during data query, a zkSNARK zeroknowledge proof mechanism is employed for user identity authentication and rights confirmation, ensuring the privacy of user identities in the traceability data query process. Finally, based on the proposed trusted traceability solution, a USB Key information traceability prototype system is implemented using the Hyperledger Fabric distributed ledger technology. Experiments demonstrate the feasibility of this system , effectively protecting user privacy under the premise of permission allocation and ensuring the confidentiality and authenticity of traceability information in the USB Key system.
    Reference | Related Articles | Metrics
    An Image Steganography Method Based on Threechannel Deep  Fusion Technology
    Journal of Information Security Reserach    2025, 11 (3): 257-.  
    Abstract135)      PDF (3334KB)(41)       Save
    The advancement of science and technology for information transmission provides convenience, but it has also led to information leaks. Aim at enhancing the quality and capacity of steganographic images, a threechannel deep fusion technology used in image steganography is designed. Firstly, the main channel of the steganographic model is used to extract features from the carrier image. This network is based on the UNet network structure and introduces residual blocks(ResBlock). Then, the bottom channel and the middle channel are utilized for extracting secret image features. Finally, fusing the features from the first and third layers of the bottom channel network into the corresponding layers of the middle channel network through way of crossfusion. Further, the features extracted from the second and fourth layers of the middle channel network are fused into the corresponding layers of the main channel network. The experimental results demonstrate that the proposed method has good invisibility. When the embedding capacity reaches 24bpp, the PSNR of the hidden image reaches 41.15dB, effectively improving the security of image transmission and steganography capacity.
    Reference | Related Articles | Metrics
    Edge Cloud Collaborative Attributebased Signcryption Scheme  Based on State Secret SM9
    Journal of Information Security Reserach    2025, 11 (2): 115-.  
    Abstract135)      PDF (1474KB)(99)       Save
    In order to improve the security and efficiency of data interaction in edge cloud collaborative mode, an edge cloud collaborative attributebased signcryption scheme based on state secret SM9 is proposed. This scheme integrates the state secret SM9 algorithm with attributebased signcryption algorithm, constructs a mixed key and ciphertext policy access control mechanism with a linear secret sharing scheme, and implements partial outsourcing decryption through an edge cloud collaborative network. The experimental analysis results demonstrate that the proposed scheme provides flexible access control while achieving efficient and reliable security protection in the edge cloud collaborative mode, making it suitable for dynamic and complex cloud application scenarios.
    Reference | Related Articles | Metrics
    Fake Face Detection Method Based on ConvNeXt
    Journal of Information Security Reserach    2025, 11 (3): 231-.  
    Abstract133)      PDF (2205KB)(49)       Save
    The fake images generated by deep generative models are becoming increasingly realistic, surpassing the human eye’s ability to detect them. These models have become new tools for illegal activities, such as fabricating lies and creating public opinion. Although current researchers have proposed many detection methods to detect fake images, their generalization ability is typically limited. To address this issue, we proposed a fake face detection method based on ConvNeXt. Firstly, we add a PSA(polarization selfattention) module after the second and third downsampling modules of ConvNeXt, enhancing the network’s spatial and channel attention performance. Secondly, a RIB(rich imformation block) is designed at the end of ConvNeXt to enrich the information learned by the network. The information is processed through this module before final classification. Furthermore, the loss function used in network training is a combination of CrossEntropy loss and KL(KullbackLeibler) divergence. Extensive experiments on the current mainstream fake face datasets demonstrate that our method surpasses all comparative methods in accuracy and generalization on the FF++ C23 dataset.
    Reference | Related Articles | Metrics
    A Deceptionresistant Multilevel Visual Cryptography Scheme  Based on Random Grids
    Journal of Information Security Reserach    2025, 11 (6): 532-.  
    Abstract133)      PDF (2395KB)(24)       Save
    Visual cryptography is a technique for encryption by dividing a secret image into n shares and recovering the image by superimposing the shares. However, there may be deceptive behavior during the process of reconstructing the secret image. This paper proposed a multi-level visual cryptography scheme based on random grids to address this problem. The scheme introduces a trusted third party (TTP) to address this issue. The scheme verified XOR on shares at each level during secret distribution and recovery processes. Experimental results demonstrate that the proposed scheme effectively detects deception by distributors and participants, enhancing security during implementation.
    Reference | Related Articles | Metrics
Author Center
Review Center
京ICP备19004174号
Copyright © Journal of Information Security Reserach, All Rights Reserved.
Tel: 010-68558637 E-mail: ris@cei.cn
Powered by Beijing Magtech Co., Ltd.