Most Download articles

Published in last 1 year | In last 2 years| In last 3 years| All| Most Downloaded in Recent Month| Most Downloaded in Recent Year|

Most Downloaded in Recent Month

Please wait a minute...


For Selected: Download Citations EndNote Ris BibTeX Toggle Thumbnails

Select

Research on Domain Adaptive Intrusion Detection Method Based on  Dynamic Feature Fusion Journal of Information Security Reserach    2026, 12 (4): 294-.   Abstract （97）      PDF （1452KB）（76）       Knowledge map    Save Aiming at the problems of incomplete feature extraction and limited model generalization ability in intrusion detection research, a domain adaptive intrusion detection method with dynamic feature fusion is proposed. Firstly, a convolutional neural network is used to extract spatial features, while a bidirectional long shortterm memory network is utilized for temporal feature extraction. This approach enables comprehensive extraction of multidimensional feature information from network traffic data. Secondly, the uncertainty is measured by calculating the information entropy of the two features, and different weights are assigned according to the entropy value, and the extracted features are weighted and fused according to the weights. Finally, during the training process, the proposed adaptive domain weight loss algorithm is used to dynamically adjust the contribution of the source domain and target domain data to improve the generalization ability of the model on the target domain data. Experiments are carried out using the NSLKDD and UNSWNB15 datasets. Compared with the existing mainstream methods, this method has higher detection accuracy, which is 0.8563 and 0.916 respectively. Reference | Related Articles | Metrics

Select

Research on the Risk Assessment System for Data Security in the Transportation Industry#br# Journal of Information Security Reserach    2025, 11 (11): 1064-.   Abstract （83）      PDF （5683KB）（61）       Knowledge map    Save The transportation information system is not only a critical component of the national key information infrastructure, but also an important industry of the 2+8+N system, in which is crucial to the nation’s economy and people’s livelihood. With the continuous advancement of smart transportation construction, the volume of traffic data is growing rapidly. The position of data as a production factor highlights its importance and value, and also induces higher demands for data security. The transportation industry pays close attention to data security, and based on national policies, laws, regulations, and standards, the competent transportation authorities have issued a series of industry standards and regulations to guide the security of transportation data. However, the transportation industry covers a wide range of business areas, and its data has characteristics such as multisource, heterogeneity, partiality, spatiotemporal correlation, asynchronicity, information sparsity, and concurrency. Moreover, the data has a high degree of mobility, and the operational conditions and flow are complex, making data surveillance a large range and great difficulty, which brings a series of challenges to the protection of data security. Based on existing laws, regulations, and standards, and deeply integrating the characteristics of transportation industry data, this research on the data security risk assessment system provides a reference for the construction of transportation data security protection. Reference | Related Articles | Metrics

Select

Overview of Voiceprint Recognition Technology and Applications Journal of Information Security Research    2016, 2 (1): 44-57.   Abstract （1346）      PDF （12707KB）（726）       Knowledge map    Save With the rapid development of information technology, how to identify a person to protect hisher personal privacy as well as information security has become a hot issue. Comparing with the traditional identity authentication, the biometric authentication technologies have the features of not being to get lost, to be stolen or forgotten when being used. The use of them is not only fast and convenient, but also accurate and reliable. Being one of the most popular biometric authentication technologies, the voiceprint recognition technology has its unique advantages in the field of remote authentication and other areas, and has attracted more and more attention. In this paper, the voiceprint recognition technology and its applications will be mainly introduced, including the fundamental concept, development history, technology applications and industrial standardizations. Various kinds of problems and corresponding solutions are overviewed, and the prospects are pointed out finally. Reference | Related Articles | Metrics

Select

Overview on Public Key Crytographic Algorithm SM2 Based on Elliptic Curves Journal of Information Security Research    2016, 2 (11): 972-982.   Abstract （1746）      PDF （7813KB）（975）       Knowledge map    Save Public key cryptographic algorithm SM2 based on elliptic curves (SM2 algorithm for abbreviation) was firstly issued in December 2010, had become the Chinese commercial cryptographic standard (GMT 0003—2012) in 2012, and had become the Chinese national cryptographic standard (GBT 32918—2016) in 2016. This paper briefly describe the development background of SM2 algorithm，describe SM2 algorithm in details，introduce the researches on its security, and evaluate its implementation efficiencies. All the researches on SM2 algorithm so far indicate that the provable securities of SM2 algorithm reach the supreme levels of public key cryptographic algorithms securities, and its implementation efficiencies are equivalent to or slightly superior to those similar elliptic curve cryptographic algorithms in some international standards. Reference | Related Articles | Metrics

Select

Dualbranch Malicious Code Homology Analysis Model Based on Feature Fusion Journal of Information Security Reserach    2025, 11 (7): 594-.   Abstract （146）      PDF （2563KB）（66）       Knowledge map    Save In the homology analysis of malicious code, a large number of malicious code variants are generated due to techniques such as encryption, obfuscation, and packing, which leads to the problem that the deep learning model has insufficient ability to extract the features of malicious code. To solve this problem, a multibranch convolution and transformernet (MCATNet) homology analysis model based on feature fusion was proposed. Firstly, an MCATNet dualbranch network was constructed, one branch was a multibranch convolutional MBC (Multibranch convolution) module, and the MBC module was used to construct the CNN branch, and the CBAM hybrid attention mechanism was introduced to make the network pay more attention to the core features while taking into account the local features. Another branch is the Transformer module with ViT as the backbone, which extracts global feature information of malicious code images and proposes a downsampling module to finely preserve global features while aligning the feature maps of Transformer and CNN at the spatial scale. Secondly, the cascading strategy is used to fuse the local features of the CNN branch and the global features of the Transformer branch to solve the problem that the network only focuses on a single feature. Finally, the Softmax classifier was used to analyze the homology of the malicious code family. Experimental results show that the classification accuracy of the twobranch model based on feature fusion reaches 99.24%, which is 0.11% and 0.65% higher than that of the singlebranch CNN and singlebranch Transformer models, respectively. Reference | Related Articles | Metrics

Select

A Trust Framework for Large Language Model Application Journal of Information Security Reserach    2024, 10 (12): 1153-.   Abstract （391）      PDF （1420KB）（265）       Knowledge map    Save The emergence of large language model has greatly propelled the rapid application of artificial intelligence across various domains. In practice, however, there are a series of security and trust challenges in the applications of large language models caused by “model hallucinations”. These challenges make it difficult for practical applications to trust and adopt the results returned by the large language models, especially in securityrelated application domains. In many professional fields, we find that there lacks a unified technical framework to ensure the trustworthiness of results returned by large language models, which seriously hinders the application of largescale model technology in professional fields. To address this issue, a largescale model trusted application framework DKCF, integrating sufficient data (D), expertise knowledge (K), intellectual collaboration (C), and efficient feedback (F), is proposed. This framework is developed based on our practical applications in professional fields such as finance, healthcare, and security. We believe that DKCF can shed light on secure and reliable applications of large language models, and facilitate the intellectual revolution across various professional domains. Reference | Related Articles | Metrics

Select

Research on Dataenhanced Multimodal False Information #br# Detection Framework#br# Journal of Information Security Reserach    2025, 11 (4): 377-.   Abstract （154）      PDF （1878KB）（67）       Knowledge map    Save With the development of multimedia technology, rumor spreaders tend to create false information with multimodal content to attract the attention of news readers. However, it is challenging to extract features from sparsely annotated multimodal data and effectively integrate implicit clues in the multimodal data to generate vector representations of false information. To address this issue, we propose a DEMF(dataenhanced multimodal false information detection framework). DEMF leverages the advantages of pretrained models and data augmentation techniques to reduce reliance on annotated data; it utilizes multilevel modal feature extraction and fusion to simultaneously capture finegrained elementlevel relationships and coarsegrained modallevel relationships, in order to fully extracting multimodal clues. Experiments on realworld datasets show that DEMF significantly outperforms stateoftheart baseline models. Reference | Related Articles | Metrics

Select

Design and Implementation of Resourceefficient SM4 Algorithm on FPGA Journal of Information Security Reserach    2025, 11 (6): 490-.   Abstract （265）      PDF （2238KB）（128）       Knowledge map    Save In the hardware implementation of the SM4 algorithm, the lookup table method is commonly adopted for realizing the Sbox, which consumes a significant amount of hardware resources. This paper proposes an implementation scheme for the SM4 algorithm based on polynomial basis. Two construction schemes are developed for the 8×8 Sbox used in the SM4 algorithm, one based on composite field GF((24)2) and the other on composite field GF(((22)2)2). The test results indicate that the scheme based on polynomial bases GF((24)2) is optimal. Taking into account both resource utilization and performance, this paper designs two hardware implementation structures for SM4: a state machine parallel structure and a pipelined structure. Compared with the traditional lookup table approach, the state machine parallel structure reduces resource utilization by 21.98% while increasing the operating frequency by 14.4%. The pipelined structure achieves a reduction in resource utilization by 54.23%. Reference | Related Articles | Metrics

Select

Multiparty Data Security Sharing Scheme Based on Decentralized Verification Journal of Information Security Reserach    2025, 11 (6): 578-.   Abstract （199）      PDF （4817KB）（99）       Knowledge map    Save With the development of the Internet of Things, collaborative work between multiple devices is becoming increasingly common. However, in the process of data sharing, user privacy may face the risk of data theft and tampering. Existing FL methods rely on mobile edge computing (MEC) servers for model aggregation, and have problems with trust, security threats, and single points of failure. To solve these problems, a new multiparty data sharing scheme based on blockchain is proposed, in which a decentralized verification mechanism and a consensus mechanism inspired by proof of stake (PoS) are introduced. The decentralized verification mechanism ensures the legitimacy of each local model update by evaluating node behavior and voting, and only legitimate updates are used for global model building. In the process of model construction, homomorphic encryption and key sharing techniques are used to encrypt the local model parameters to ensure the security integrity of model parameters in the process of transmission and aggregation. The PoS consensus mechanism rewards honest behavior devices, increasing their chances of becoming block generators. In addition, the cache mechanism of information search is introduced to reduce the number of multiparty search. The data sharing scheme has been verified to enhance data security. Reference | Related Articles | Metrics

Select

SM9based Decentration Crosschain Medical Data Sharing Scheme Yu Huifang and Li Shunkai Journal of Information Security Reserach    2025, 11 (9): 832-.   Abstract （133）      PDF （2204KB）（63）       Knowledge map    Save To solve the problems of data leakage and data silos between medical institutions in medical system, a SM9based decentration crosschain medical data sharing scheme (DCCMDSS) is proposed in this article. Relay chain and hash time lock contract (HTLC) realize the crosschain data sharing between medical institutions, the interplanetary file system (IPFS) reduces the storage pressure of blockchain and ensures the integrity of medical data. SM9based algorithm encrypts medical data and group signature allows the group members to sign the data on behalf of the whole group without revealing their personal identities. Consequently, DCCMDSS effectively avoids the privacy leakage and ensures the traceability of signature. DCCMDSS reduces the crosschain transaction overhead and improves the security of medical data. Reference | Related Articles | Metrics

Select

Task Independent Privacy Protection in Personalized Federated Learning  for Battery Monitoring Journal of Information Security Reserach    2025, 11 (5): 481-.   Abstract （170）      PDF （4140KB）（54）       Knowledge map    Save For the health management of batteries in new energy vehicles, it is essential to collaboratively share distributed battery data and establish a federated learning model to extract valuable information. To counteract the privacy leakage risks associated with battery data sharing, this paper designs a taskindependent privacy protection and communicationefficient federated learningempowered edge intelligence model. This model learns personalized subnetworks that generalize well to local data and uses network pruning to find the optimal subnetwork, ensuring inference accuracy. Meanwhile, to resist feature reconstruction attacks and privacy leakage risks, it constructs taskindependent privacyprotective anonymous intermediate representations. By employing adversarial training, it maximizes the reconstruction error of the adversarial reconstructor and the classification error of the adversarial classifier, while minimizing the classification error of the target classifier. Experimental simulations show that this method improves inference accuracy by 8.85%  and reduces communication overhead by 1.95 times. The balance analysis of utility and privacy demonstrates that it ensures the accuracy of target feature extraction while protecting privacy. Reference | Related Articles | Metrics

Select

The ZUC Stream Cipher Algorithm Journal of Information Security Research    2016, 2 (11): 1028-1041.   Abstract （1604）      PDF （7769KB）（793）       Knowledge map    Save 祖冲之算法，简称ZUC，是一个面向字设计的序列密码算法，其在128b种子密钥和128b初始向量控制下输出32b的密钥字流.祖冲之算法于2011年9月被3GPP LTE采纳为国际加密标准(标准号为TS 35.221)，即第4代移动通信加密标准，2012年3月被发布为国家密码行业标准(标准号为GMT 0001—2012)，2016年10月被发布为国家标准(标准号为GBT 33133—2016).简单介绍了祖冲之算法，并总结了其设计思想和国内外对该算法安全性分析的主要进展. Reference | Related Articles | Metrics

Select

Building Cyber Security Defense by Trusted Computing 3.0 Journal of Information Security Research    2017, 3 (4): 290-298.   Abstract （427）      PDF （1075KB）（2008）       Knowledge map    Save Related Articles | Metrics

Select

TOPSEC, Leading Brand of Independent Innovation, Supporting Cyberspace Power Strategy Journal of Information Security Research    2018, 4 (9): 774-782.   Abstract （206）      PDF （1579KB）（956）       Knowledge map    Save Related Articles | Metrics

Select

A Deceptionresistant Multilevel Visual Cryptography Scheme  Based on Random Grids Journal of Information Security Reserach    2025, 11 (6): 532-.   Abstract （180）      PDF （2395KB）（58）       Knowledge map    Save Visual cryptography is a technique for encryption by dividing a secret image into n shares and recovering the image by superimposing the shares. However, there may be deceptive behavior during the process of reconstructing the secret image. This paper proposed a multi-level visual cryptography scheme based on random grids to address this problem. The scheme introduces a trusted third party (TTP) to address this issue. The scheme verified XOR on shares at each level during secret distribution and recovery processes. Experimental results demonstrate that the proposed scheme effectively detects deception by distributors and participants, enhancing security during implementation. Reference | Related Articles | Metrics

Select

A Covert Backdoor Attack Method in Fewshot Class Incremental Learning Journal of Information Security Reserach    2025, 11 (9): 797-.   Abstract （103）      PDF （2644KB）（53）       Knowledge map    Save The rapid development of deep learning has led to a sharp increase in the demand for training data, and fewshot classincremental learning has become an important technique for enhancing data integrity when training deep learning models. Users can directly download datasets or models trained using fewshot classincremental learning algorithms to improve efficiency. However, while this technology brings convenience, the security issues of the models should also raise concerns. In this paper, the backdoor attack is studied on the fewshot classincremental learning model in the image domain, and a covert backdoor attack method in fewshot class incremental learning is proposed, which carries out the backdoor attack in the initial and incremental phases, respectively: in the initial phase, the covert backdoor trigger is injected into the base dataset, and the base dataset which contains the backdoor is used for the incremental learning in place of the original data; in the incremental phase, when new batch samples arrive, select some samples to add to the trigger, and iteratively optimize the trigger during the incremental process to achieve the best triggering effect. The experimental evaluation shows that the attack success rate (ASR) of the stealthy backdoor attack method proposed in this paper can reach up to 100%, the clean test accuracy (CTA) and the clean sample model performance remain at a stable level, and at the same time, the method proposed in this paper is robust to the backdoor defense mechanism. Reference | Related Articles | Metrics

Select

A Spectre Vulnerability Detection Method Integrating Fuzzing and #br# Taint Analysis#br# Journal of Information Security Reserach    2025, 11 (9): 822-.   Abstract （98）      PDF （1848KB）（40）       Knowledge map    Save Aiming at the problems of insufficient applicability of traditional vulnerability detection technology in Spectre V1 vulnerability detection, high false positive rate and false positive rate, a novel method TransFT integrating fuzz testing and taint analysis is proposed. First, program code is refactored to simulate the misprediction behavior of Spectre V1 vulnerabilities. Next, feedbackdriven fuzz testing is utilized to identify highrisk code segments and generate test cases capable of triggering vulnerabilities, thereby improving testing efficiency. Finally, static taint analysis is applied to validate potential vulnerabilities, effectively reducing FNR and FPR. Experimental results demonstrate that the proposed method significantly reduces FNR, FPR, and testing time compared to existing fuzzingbased approaches, showcasing superior detection capabilities. Reference | Related Articles | Metrics

Select

Research on USBHID Device Security Lü Zhiqiang1, Liu Zhe3,4, Chang Zijing1,2, Zhang Ning1, and Jiang Jianguo1,4 Journal of Information Security Research

Select

Security Architecture and Key Technologies of Blockchain Yan Zhu Journal of Information Security Research    2016, 2 (12): 1090-1097.   Abstract （1204）      PDF （6838KB）（843）       Knowledge map    Save Blockchain, both the cryptocurrency and the underlying Bitcoin technology, have attracted significant attention around the world. The reason is that blockchain is a decentralization technology with Consensus Trust Mechanism (CTM), which is obviously different from the traditional centralization system with Outer Trust Mechanism (OTM). This has made a great influence on the trust mechanism of people and promoted the usage of security technology in the blockchain. In this paper, we present the security architecture and key technologies of the blockchain, and explain how the blockchain ensure the integrity, non repudiation, privacy, consistency for the stored data through P2P network, distributed ledger, asymmetric encryption, consensus mechanism and smart contracts. Moreover, we analyze some new security threats and measures, for example, the preventing technology of Denial of Service (DoS) attack against the Transaction Storm (TS), the cryptographic access control (CAC) technology to enhance the data privacy, the key management technology against losing and stealing of digital asset, and so on. We also discuss the future security problems and technologies that might be discovered after the blockchain syncretizes new technologies, including, AI, Big Data, IOT, cloud computing, mobile Internet technologies. Reference | Related Articles | Metrics

Select

A Fully Homomorphic Encryption Scheme Based LWE Journal of Information Security Research    2016, 2 (3): 220-224.   Abstract （497）      PDF （3693KB）（709）       Knowledge map    Save Two main problems serve as foundations of current homomorphic encryption schemes: Regevs learning with errors problem (LWE) and HowgraveGrahams approximate greatest common divisor problem (AGCD). Firstly, we introduce a reduction from LWE to AGCD. Secondly, we propose a new AGCDbased additive homomorphic encryption scheme, which outperforms previous proposals: its security does not rely on the presumed hardness of the socalled sparse subset sum problem (SSSP), but on the hardness of LWE. Lastly, correctness analysis and security proof are given. Reference | Related Articles | Metrics

Select

Design and Implementation of 3D Model Matching Algorithm Journal of Information Security Reserach    2025, 11 (6): 539-.   Abstract （211）      PDF （2587KB）（45）       Knowledge map    Save 3D model matching plays a vital role in model copyright protection and transaction facilitation by effectively preventing redundant authentication and enabling convenience for research, testing, and management in related fields. However, traditional matching approaches predominantly rely on plaintext matching, which, despite ensuring a certain level of matching accuracy and robustness, falls short in data privacy protection. To address this gap, ciphertext matching performs matching computations on encrypted data, thus enabling model matching while safeguarding data privacy. This approach offers significant practical value and broad application prospects. Therefore, this paper presents three matching strategies. 1) Under plaintext conditions, precise registration of 3D point clouds is achieved via the Iterative Closest Point (ICP) algorithm, followed by model matching using peak signaltonoise ratio (PSNR). 2) Under plaintext conditions, 3D point cloud features are extracted using the PointNet deep learning model, and feature similarity is calculated via cosine similarity. 3) Under ciphertext conditions, the extracted features are encrypted using homomorphic encryption. Cosine similarity is then used to compute the similarity of the encrypted features, thereby effectively protecting data privacy. Reference | Related Articles | Metrics

Select

Development and Applications of Multimedia Technology in Physical Space Security Zhao Junhong1, Zhang Weiqiang2, Zheng Minghui3, Zhang Meng1, and Huang Weiqing1 Journal of Information Security Research

Select

“Internet +”Power: Analyze the Network Security of Alibaba —The Information Security and Strategic Layout of Alibaba and Ants Gold Dress on the Basis of “Internet +” Background Journal of Information Security Research    2016, 2 (5): 384-395.   Abstract （610）      PDF （1491KB）（1808）       Knowledge map    Save Related Articles | Metrics

Select

Malicious Behavior Detection Method Based on Behavior Clustering LSTMNN#br# Journal of Information Security Reserach    2025, 11 (4): 343-.   Abstract （162）      PDF （2288KB）（64）       Knowledge map    Save With the progress and development of society, the safety requirements for public places have further increased. Malicious behavior detection can monitor and identify potential safety hazards in real time. To solve this problem, the Kmeans clustering method is used to divide the molecular data set and distinguish different forms of malicious behavior. To solve this problem, the Kmeans clustering method is used to divide the subdatasets to distinguish different forms of malicious behaviors. The DTW time warping method solves the problem of inconsistent lengths of malicious behavior time series. In order to solve the problem of image recognition, the excessive amount of data in the malicious behavior frame set makes the model calculation accuracy low, and the Attention mechanism is used to focus on special information points to ensure the accuracy of model training. This method was applied to the malicious behavior data set of UBIFights. The results showed that the final classification accuracy of the subdataset after clustering division by weighted average calculation reached 95.03%. This model effectively identifies malicious behavior videos and improves safety. Reference | Related Articles | Metrics

Select

A Survey on the Application of LSTM in Malicious Code Detection Journal of Information Security Reserach    2026, 12 (1): 89-.   Abstract （61）      PDF （9291KB）（58）       Knowledge map    Save With the continuous evolution of hacking technology, the iterative upgrades of malicious code variants have been acclerating and the number of malicious codes has exploded. How to rapidly and accurately detect malicious code has become a challenging research hotspot in the realm of cybersecurity. The unique gating mechanism of long shortterm memory network (LSTM) can selectively retain important historical information. Moreover, it demonstrates excellent performance for the sequential dependence of data on time series, which can effectively solve the problem of gradient vanishing or gradient explosion that may occur when traditional RNNs deal with such problems. This distinctive sequential processing capability of LSTM is particularly important for malware detection, thus learning to its extensive application in this area. This paper comprehensively sorts out and summarizes the application of LSTM in malicious code detection from five aspects, including the detection method of malicious code, the basic model and variants of LSTM, the application of LSTM in malicious code detection, the performance analysis of LSTM in malicious code detection, and the future development direction of LSTM in the field of malicious code detection, aiming to facilitating further research and improvement of existing methods for malicious code detection. Reference | Related Articles | Metrics

Select

PDF File Malicious Code Detection Method Based on Spectrum Analysis Hao Chenxi and Fang Yong Journal of Information Security Research

Select

The Key Questions and Development of Studies on Cyber Deterrence Journal of Information Security Research    2016, 2 (10): 920-925.   Abstract （342）      PDF （5617KB）（654）       Knowledge map    Save As a strategy of defense, deterrence doctrine is usually used in traditional strategic spaces including the land, sea, air and outer space, and is deemed to be valid. But, in consideration that cyberspace is fundamentally different in all aspects from traditional strategic spaces, it is so controversial whether deterrence theory can be used to secure cyberspace. Based on these considerations above, this paper combed and summarized academic debates on cyber deterrence among American, European and Chinese scholars. The authors think: 1) cyber deterrence research is not only valuable on policy decision?making but also on security theory development; 2) if deterrence as a strategy to secure cyberspace can be enforced, two questions must be studied firstly: ① we must engage and understand the role of punishment in different kinds of cyber attacks; ② we must clarify the responsibility of the third parties, work and promote security cooperation with all stakeholders. Related Articles | Metrics

Select

Overview on SM9 Identity Based Cryptographic Algorithm Journal of Information Security Research    2016, 2 (11): 1008-1027.   Abstract （3716）      PDF （13949KB）（6226）       Knowledge map    Save SM9 identitybased cryptographic algorithm is an identitybased cryptosystem with bilinear pairings. In such a system the user s private key and public key may be extracted from user s identity and key generation centers parameters. The most common cryptographic uses of SM9 are with digital signature, data encryption, key exchange protocol and key encapsulation mechanism etc. The application and management of SM9 will not require digital certificate, certificate base, and key base. The key length of the SM9 cipher algorithm is 256b. SM9 cryptographic algorithm was issued as the cryptography standard in 2015. This paper will summarize the design, algorithm, software and hardware implementation and cryptanalysis of SM9 cryptographic algorithm. We also give some concrete examples in appendix. Reference | Related Articles | Metrics

Select

Blockchain Technology and Application Journal of Information Security Research    2018, 4 (6): 559-569.   Abstract （197）      PDF （1884KB）（536）       Knowledge map    Save A rush of digital cryptocurrency is being set off by bitcoin since it was introduced in 2008. As its underlying core technology, blockchain and blockchain technology have received extensive attention from many aspects. Blockchain technology is a combination of many technologies for data exchange, processing and storage based on cryptography, peer-to-peer communications, distributed coherency protocols and smart contracts. Blockchain is a decentralized, distributed public database based on the blockchain technology. The implementation of the blockchain's classification, five-tier architecture, smart contracts, scalability and security are introduced in detail in this article. We introduced the application of blockchain in current fields and related development of domestic blockchain. Finally, the advantages and disadvantages of the blockchain are outlined, which lays the foundation for futther research and application. Reference | Related Articles | Metrics

Select

TCNGANbased Temporal Traffic Anomaly Detection Journal of Information Security Reserach    2025, 11 (10): 907-.   Abstract （123）      PDF （2708KB）（53）       Knowledge map    Save In recent years, generative adversarial networks have been widely used in the field of temporal anomaly detection. However, temporal data often has complex timedependence, and problems such as gradient vanishing and training instability are common in existing anomaly detection models. To this end, this paper proposes an unsupervised temporal traffic anomaly detection model based on the combination of temporal convolutional network (TCN) and GAN. The model uses TCN as the infrastructure of generator and discriminator, which can effectively capture the temporal features of the temporal traffic data. During the anomaly detection process, the model constructs an anomaly scoring function based on the reconstruction loss and discriminator loss, and performs anomaly judgment by setting a threshold, thus improving the accuracy of anomaly detection. To verify the performance of the proposed model, experiments are conducted on five different types of datasets. The results show that the average F1 score of the proposed model is 11.02% higher than that of the TAnoGAN model. Reference | Related Articles | Metrics

Select

A Stateaware Fuzzing Method for Trusted Execution Environment Kernel Journal of Information Security Reserach    2026, 12 (3): 198-.   Abstract （94）      PDF （2080KB）（100）       Knowledge map    Save Trusted execution environment (TEE) is widely used, and its kernel security has become a significant area of focus. Fuzzing, a powerful technique for detecting vulnerabilities in operating system, has increasingly been applied to the security analysis of TEE. However, conventional fuzzing tools cannot be directly used for TEE kernels due to their isolation. Coverageguided fuzzers often discard test cases that trigger new states but cover the same code, which limits their effectiveness in discovering vulnerabilities. To address these challenges, a stateaware fuzzing method tailored for TEE kernels is proposed. Initially, a modeling and tracing approach is developed to represent the program state through statevariable values and retaining the test cases that trigger new states, overcoming the limitations of coverageguided fuzzers. Subsequently, we introduce an innovative communication scheme to tackle issues arising from TEE isolation. New seed retention and selection algorithms are proposed to better guide the fuzzer in exploring vulnerabilities. Finally, the NGram model is employed to enhance test case generation and optimize the framework’s performance. A prototype, named TrustyStatefuzz, has been implemented and evaluated on fuchsia, the selfdeveloped microkernel operating system Nebula, and OPTEE. The evaluation results show that TrustyStatefuzz is effective at detecting both new code and vulnerabilities. TrustyStatefuzz discovers 9 unknown vulnerabilities and 23 known vulnerabilities. Additionally, it achieves 13% higher code coverage and 27% higher state coverage than the stateoftheart fuzzer Syzkaller. Reference | Related Articles | Metrics

Select

Singapore’s Data Security Governance Model and Its Implications Journal of Information Security Reserach    2026, 12 (3): 284-.   Abstract （60）      PDF （1712KB）（64）       Knowledge map    Save As one of the countries with a relatively high level of digitalization in Asia, studying the successful experience of Singapore’s data security governance model is of great significance for improving China’s data security governance system. By using the methods of literature review and comparative research, this paper sorts out Singapore’s data security governance model from the aspects of institutional system, development process and collaborative mechanism, and finds the following characteristics: Singapore leads data security governance with the national innovation strategy, promotes data security governance with personal data rights, and builds an open crossborder data transmission rule system, forming a “rightspromoting” data security governance model. In light of China’s current circumstances, this paper proposes the optimization path of the data security governance model, including coordinating data security governance with an overall strategy, continuously deepening the personal data rights protection system, strengthening the multiparty collaborative governance system, and building a safe and effective crossborder data flow system. Reference | Related Articles | Metrics

Select

Research on Log Anomaly Detection Method Integrating Semantic Features Journal of Information Security Reserach    2026, 12 (4): 383-.   Abstract （30）      PDF （5672KB）（37）       Knowledge map    Save With the continuous expansion of system functionalities, the volume of system logs has grown exponentially, presenting substantial challenges to conventional anomaly detection approaches. Deep learningbased log anomaly detection techniques have gradually become a research hotspot due to their powerful feature extraction capabilities. This study proposes a semisupervised log anomaly detection model LogSem, which integrates semantic features. By introducing log content vectors that contain semantic information of the main log content and incorporating masked log key prediction tasks and hypersphere volume minimization tasks for semisupervised learning, the model deeply explores the semantic features of logs. Experiments conducted on three mainstream datasets show that the proposed method outperforms the LogBERT baseline model in terms of the F1 score. Furthermore, this study explores and verifies the feasibility of addressing the outofvocabulary problem through semisupervised learning. Reference | Related Articles | Metrics

Select

The Research and Implementation of a RealTime Network Risk Visualization Technology Wang Lin and Hu Xiaoqin Journal of Information Security Research

Select

A Survey of Zero Trust Research Journal of Information Security Research    2020, 6 (7): 608-614.   Abstract （1437）      PDF （2068KB）（1676）       Knowledge map    Save With the popularization of cloud computing, mobile office and other technologies, the enterprise network structure becomes complex. The traditional network security model is based on the idea of boundary protection, which can not meet the current needs. Zero trust is a new network security model, where no distinction is made between internal and external networks and all entities need authentication and authorization before accessing resources, which can be used to protect the network whose perimeter is increasingly fuzzy. This paper gives the definition of zero trust, introduces the architecture of zero trust, analyzes the core technology of zero trust, compares and analyses several representative zero trust schemes, summarizes the development status, points out the research direction needing attention in this field, which can provide reference for the research and application of zero trust. Reference | Related Articles | Metrics

Select

Research and Application of Trusted Data Security Management #br# Technology Based on Chameleon Hash#br# Journal of Information Security Reserach    2025, 11 (2): 189-.   Abstract （193）      PDF （2544KB）（82）       Knowledge map    Save To simultaneously address the demands for data updates and data security management in the field of data circulation, this paper investigates a trusted data security management scheme based on chameleon hash. Initially, the mathematical foundations of chameleon hash are analyzed and three construction methods are compared. A data security management approach that integrates chameleon hash with homomorphic encryption is summarized and applied to digital rights protection. This method not only permits the updating and modification of submitted data but also ensures data security and userfriendliness. Finally, the efficiency of the proposed method is evaluated through experimental simulations. The results demonstrate that the data security management and update method proposed in this paper is suitable for environments requiring frequent data updates and certain security needs. This method effectively reduces the overall cost of data updates, providing an efficient and secure solution for the circulation of data elements. Reference | Related Articles | Metrics

Select

A Comparative Study on the Legal Liability System for Critical Information Infrastructure#br# Journal of Information Security Reserach    2025, 11 (11): 986-.   Abstract （76）      PDF （1029KB）（26）       Knowledge map    Save A preliminary legal framework for China’s critical information infrastructure (CII) has been established. However, there remain several issues, including the insufficient industryspecificity and adaptability of the legal liability system, the inadequate coordination between accountability mechanisms and the enforcement of penalties, and the need for enhanced alignment with international regulations. By conducting a comparative analysis of the frameworks and models of CII legal liability systems in countries and organizations such as the United States, the European Union, and Russia, it is suggested that China should build a targeted CII liability system, strengthen the coordinated mechanism between law enforcement and accountability, and actively participate in international CII security protection. Reference | Related Articles | Metrics

Select

Highorder Program Driven by Large Language Model Journal of Information Security Reserach    2025, 11 (11): 1008-.   Abstract （100）      PDF （2871KB）（36）       Knowledge map    Save Large language models (LLMs) often exhibit hallucinations in various occasions, leading to unreliable inferences. Such vulnerabilities render it  critical for LLMs to be adopted cautiously in vertical domains such as financial, medical, and cybersecurity domains. In preLLM era, humans have accumulated the best practices to ensure reliabilities of complicated tasks through careful engineering. Standard operating procedures (SOP) and Check List are the exemplars of these best practices. Likewise, in LLM era, we propose highorder program (HOP)to achieve the reliability breakthroughs. By fusing both accurate execution of traditional programing languages, and superior knowledge intrinsics of LLMs, HOP sets the backbone of the control system required by vertical LLM applications. HOP achieves automations by leveraging key vertical knowledge and practices. More importantly, it delivers expected reliability through verifications. HOP itself can be autogenerated by LLMs, which further incentivizes its wide adoptions. Lately, we have applied HOP in different scenarios including fulllifecycle financial risk management in cryptographic computing settings, duplicate charges in medical diagnosis, and intrusion detection. HOP has achieved 5 to 10 folds of efficiency improvement, and an accuracy as good as 99% across aforementioned scenarios. Reference | Related Articles | Metrics

Select

China’s Mirror and Insights for the Legitimate Interest Rule from  the EU Law Perspective Journal of Information Security Reserach    2026, 12 (2): 142-.   Abstract （52）      PDF （1832KB）（47）       Knowledge map    Save The rapid development of generative artificial intelligence (GAI) poses significant challenges to traditional informed consent rules. The European Union (EU) addresses this tension through the “legitimate interest rule” established under the General Data Protection Regulation. The EU effectively reconciles data protection with technological innovation by adopting an openstructured framework and dynamic balancing mechanisms. In contrast, China’s Personal Information Protection Law diverges from the EU counterpart in terms of the data processing lawfulness, rendering informed consent rules challenging to meet the demands of largescale data processing in the context of GAI. The EU’s approach is rooted in its governance doctrine that harmonizes rights protection with risk management, alongside an economic logic prioritizing a unified market. China adopts a riskbased regulatory strategy and has developed a “strong protection, weak circulation” regulatory model. To address the technical complexities of GAI, China should construct a localized legitimate interest rule which is confined to applications in commercial scenarios. This framework would incorporate a threetiered analysis—interest test, necessity test, and balance test—supported by risk mitigation measures and accountability mechanisms. Such institutional innovation would overcome the consent application dilemma while enabling adjudication to dynamically balance data subjects’ rights, commercial interests, and public values casebycase. This solution offers both a theoretical framework and practical feasibility for optimizing data governance in the AI era. Reference | Related Articles | Metrics

Select

A Rapid Method for WebShell Attack Success Determination Based on Web Page Structural Similarity Journal of Information Security Reserach    2026, 12 (3): 255-.   Abstract （34）      PDF （1396KB）（43）       Knowledge map    Save WebShell attack, a type of network attack, can control the website completely for a long time after a successful attack, which is extremely harmful. Most of the previous studies have concentrated on detecting and alerting WebShell attack traffic without distinguishing whether the attack is ultimately successful. As a result, in actual network security protection and monitoring work, security personnel are overwhelmed by a large number of WebShell attack alerts and are prone to alert fatigue, making it difficult to filter out successful WebShell attacks which are truly threatening. To address the problem, this paper proposes an anomaly detection method based on Web page structural similarity to quickly determine whether WebShell attacks are successful. Based on the structural information of the response pages of failed WebShell attack traffic, this method uses the HuntSzymanski algorithm to calculate structural similarity and then generate Web page templates. During the detection phase, this method uses the generated Web page templates for pattern matching and similarity assessment to determine whether the WebShell attacks are successful. It can well distinguish between successful and failed WebShell attack traffic, achieving an accuracy rate of 99.02% and a recall rate of 99.37%. This method has been applied to Wukong network security defense system and realizes rapid identification of successful WebShell attacks. Reference | Related Articles | Metrics