Most Download articles

    Published in last 1 year | In last 2 years| In last 3 years| All| Most Downloaded in Recent Month| Most Downloaded in Recent Year|

    Most Downloaded in Recent Month
    Please wait a minute...
    For Selected: Toggle Thumbnails
    A Deep Learning Differential Privacy Protection Scheme Based on  Adaptive Clipping
    Journal of Information Security Reserach    2026, 12 (6): 490-.  
    Abstract114)      PDF (1728KB)(76)       Save
    To address the issues of utility degradation in deep learning models under differential privacy protection and the gap between theoretical and actual privacy protection effectiveness, this paper proposes a deep learning differential privacy protection scheme based on adaptive clipping. The scheme optimizes the process through a fourstep mechanism: firstly, gradient adaptive clipping controls the gradient magnitude during training by dynamically adjusting the gradient clipping threshold, thereby enabling the control of the magnitude of noise added subsequently; secondly, group label selection identifies the group with the smallest gradient as the privacypreserving object, and more accurate privacy loss can be obtained by training this group; thirdly, optimized privacy loss calculation combines the gaussian mechanism based on subsampling to reduce the computational overhead of model privacy loss calculation; finally, optimized gradient adaptive descent realizes the adaptive descent of gradients by adjusting the conditional smoothing parameter, thus improving the usability of the model. Experiments were conducted on the VGG architecture using the MNIST, CIFAR10, and MedicalMNIST datasets. The results show that the model accuracy rates after training with this scheme are 81.08%, 72.30%, and 67.91% respectively, representing improvements of 15.60%, 10.60%, and 9.71% compared to the traditional DPSGD, and 0.63%, 2.50%, and 4.40% over the widely used Nadam algorithm in recent years. The model training efficiency has been improved by 35.5% and 39.4%, respectively.
    Reference | Related Articles | Metrics
    Research on AIempowered Cybersecurity Detection and  Assessment Technologies
    Journal of Information Security Reserach    2026, 12 (6): 559-.  
    Abstract71)      PDF (1820KB)(49)       Save
    In response to the challenges faced by traditional cybersecurity detection and assessment technologies—such as large system scales, dynamic supply chain risks, and insufficient evaluation depth—this paper explores the application of AI technologie to advance this field. Methodologically, an endtoend implementation framework for largescale models is proposed, consisting of “data preparationdistillation and annotationcluster trainingquantitative deployment.” A localized compliance assessment model based on retrievalaugmented generation (RAG) technology is developed, and a multimodal model supporting joint textimage analysis is deployed. The large model significantly shortens the assessment cycle in scenarios such as provincial government clouds, improves the efficiency of compliance knowledge matching while reducing computational load by 70%, and markedly enhances the detection rate of inherent defects. The conclusion indicates that AI technology can effectively overcome the limitations of traditional assessment methods, promoting cybersecurity detection and assessment toward greater intelligence, adaptability, and comprehensiveness, thereby providing support for building resilient cybersecurity protection systems and fostering related ecosystem development.
    Reference | Related Articles | Metrics
    Research on Maintenance and Security of Industrial Control Networks in Electric Power Industry
    Journal of Information Security Research    2019, 5 (8): 679-684.  
    Abstract249)      PDF (2038KB)(681)       Save
    As an important part of national key infrastructure, the importance of operation and maintenance security of electric power industry control network is selfevident. Especially with the increasing security incidents of industrial control networks in the world in recent years, effective measures must be taken to protect the safe operation of industrial control networks, which also puts forward higher requirements for the operation, maintenance and safety protection of industrial control networks and industrial systems. Through indepth analysis of the characteristics of industrial control network in electric power industry, especially the key characteristics of the data type and network topology structure of the electric power network, effective operation and maintenance methods and security risk prevention methods are put forward. In operation and maintenance, the backup of system data and the state monitoring of the system itself are strengthened. Security measures, such as physical isolation, industrial control flow monitoring, fault recovery management and so on should be taken, and effective policies and behavioral norms should be provided. Finally, form safety protection measures suitable for electric power industry control network, to achieve the purpose of safe operation of the electric power industry control network.
    Reference | Related Articles | Metrics
    A Network Traffic Anomaly Detection Model Based on Semisupervised  Twochannel Multiscale Gating Fusion
    Journal of Information Security Reserach    2026, 12 (6): 566-.  
    Abstract54)      PDF (1947KB)(35)       Save
    With the increasing number of network attacks, network traffic anomaly detection is becoming more and more important for maintaining network security and stability. However, existing methods are often difficult to effectively capture both static statistical features and dynamic temporal features of network traffic during feature extraction, resulting in limited detection performance in complex and evolving network environments. To address these issues, this paper proposes a twochannel multiscale gated fusion anomaly detection model (MSAD) based on semisupervised learning. The model first extracts  static statistical features of the traffic, including the number of packets, total bytes, etc., through a multiscale convolutional neural network. Secondly, the temporal features of network traffic data are captured through a bidirectional GRU network and combined with a multihead attention mechanism. Finally, adaptive fusion of different modal features is performed through gated fusion mechanism. Meanwhile, for the problem of insufficient credibility of pseudolabel generation in semisupervised learning, a twostage adversarial pseudolabel generation strategy is proposed, which effectively improves the robustness of pseudolabels. The experimental results show that under the condition of limited labeled data, the model proposed in this paper achieves 99.63%, 99.54%, 99.9% and 99.72% of accuracy, precision, recall and F1 value on the CICIDS 2017 dataset, which is significantly better than traditional machine learning and deep learning methods.
    Reference | Related Articles | Metrics
    Research on Smart Contract Vulnerability Detection Method Based on  Multimodal Feature Fusion
    Journal of Information Security Reserach    2026, 12 (6): 503-.  
    Abstract63)      PDF (1602KB)(42)       Save
    Most of the smart contract vulnerability detection methods rely on single mode feature extraction, which leads to the problem of low detection accuracy due to insufficient key feature extraction. This paper proposes a smart contract vulnerability detection method based on multimodal feature fusion. Firstly, the construction of the control flow graph (CFG) is constructed by leveraging the abstract syntax tree (AST) trimmed at the source code layer and the data flow relationship based on the opcode layer, which is imported into the graph attention network (GAT) to extract two types of static features. Secondly, the fuzzing test report generated by echidna, a dynamic detection tool, is used to extract path coverage, state changes and other information to build a graph model, and the dynamic features are extracted by graph neural network (GNN). Finally, the extracted static and dynamic features are fused and input into CNN bilstm att model for vulnerability detection, and relevant experiments are carried out on 47398 smart contracts. Experimental results show that compared with eight mainstream detection methods, such as SmartCheck, Mythril, Oyente, BiGGNN, ASTNN, DRGCN, SVCB and CBGRU, the accuracy, recall and F1 value of this method in reentry vulnerability, timestamp vulnerability, integer overflow vulnerability and Tx.origin vulnerability are increased by 50.26%, 59.54% and 58.40%.
    Reference | Related Articles | Metrics
    Research Review on Collaborative Intrusion Detection Based on Federated Learning
    Journal of Information Security Reserach    2026, 12 (6): 526-.  
    Abstract70)      PDF (1168KB)(34)       Save
    The increasing complexity of cyber attacks challenges traditional centralized intrusion detection systems. Federated learningbased collaborative intrusion detection enables collaborative modeling and knowledge sharing among multiple nodes without sharing raw data, thereby effectively improving the detection capability for crossdomain and unknown attacks. This paper systematically reviews the research progress of federated learningbased collaborative intrusion detection. Existing methods are classified and analyzed from multiple perspectives, including architectureaware, model adaptation and evolutiondriven, as well as privacy and security enhanced approaches. Commonly used datasets and evaluation metrics are summarized. Finally, the major challenges and future research directions are discussed, providing references for subsequent research in this field.
    Reference | Related Articles | Metrics
    Three-Dimensional Way of Acorn Network in Industrial Control Cybersecurity
    Journal of Information Security Research    2017, 3 (8): 0-0.  
    Abstract492)      PDF (3703KB)(828)       Save
    Related Articles | Metrics
    VEDA, Establishing the AI Dynamic Defense System for Cyber Security
    Journal of Information Security Research    2017, 3 (12): 1058-1066.  
    Abstract435)      PDF (1526KB)(968)       Save
    Related Articles | Metrics
    TOPSEC, Leading Brand of Independent Innovation, Supporting Cyberspace Power Strategy
    Journal of Information Security Research    2018, 4 (9): 774-782.  
    Abstract208)      PDF (1579KB)(990)       Save
    Related Articles | Metrics
    Dynamic Invisible Backdoor Attack via Frequency Domain Injection
    Journal of Information Security Reserach    2026, 12 (6): 510-.  
    Abstract51)      PDF (1536KB)(20)       Save
    Deep neural networks are highly vulnerable to the threat of backdoor attacks due to their noninterpretability and high dependence on data during training. Although the current mainstream backdoor attack methods generally use fixed trigger design to simplify implementation, these triggers are often significantly different from the training data distribution, resulting in easy detection and identification. To this end, this paper proposes a dynamic invisible backdoor attack method via frequency domain injection: firstly, a generative network is used to generate a specific trigger pattern based on the input samples, and then the highfrequency information of the pattern is injected into the wavelet domain of the samples, ensuring the triggers remain stealthy. Additionally, this paper designs a fair screening strategy to select samples that are more influential to the backdoor model through cosine similarity and Kmeans clustering algorithm. Experimental results show that this method outperforms existing methods (e.g., BadNets, Blend, WaNet, and WABA) in terms of attack success rate and stealthiness, and effectively circumvents a variety of stateoftheart defence mechanisms (e.g., FP, NC, SentiNet, and SCALEUP), providing significant robustness and extensive practical potential.
    Reference | Related Articles | Metrics
    Analysis of the National College Student Information Security Project Competition from the Perspective of Award-winning Data
    Journal of Information Security Reserach    2021, 7 (6): 575-588.  
    Abstract646)      PDF (5052KB)(324)       Save
    As an effective carrier of practical teaching, competitions focus on examining students' creative ability and practical ability, and are an important means to improve talent training ability. The National College Student Information Security Competition is currently the only competition in the field of cyberspace security that has been shortlisted for college discipline competitions. It has been held for 13 sessions since 2008. This article will take the work competition as an example, through the collection, processing and statistics of recent competition information and award-winning data, for the first time to analyze the information security competition. By digging the hidden information and laws behind the winning data of the competition, exploring the internal connection between the topic selection direction of the winning works and the development and demand of security technology, we hope to provide theoretical and data references for colleges and students participating in such information security competitions in the future.
    Reference | Related Articles | Metrics
    Chinese Dark Web Product Detection and Classification Based on  Multimodal Data Augmentation#br#
    Journal of Information Security Reserach    2026, 12 (6): 575-.  
    Abstract47)      PDF (4502KB)(20)       Save
    In order to address the issues of coarse granularity in existing dark Web intelligence classification research and the predominance of Englishlanguage datasets, this paper proposes a finegrained analysis study focused on Chinese dark Web content. To overcome the scarcity of Chinese dark Web data and the misalignment of multimodal data, this study employs a large language model prompt rewriting strategy and a differentiated image enhancement strategy to achieve text and image data augmentation. By integrating product data from a certain platform on the Surface Web, a dataset comprising 14,052 product records was constructed. A feature selection optimization module was designed to establish an intertask coupling mechanism, and a Chinese dark Web product detection and classification model based on multimodal data augmentation was proposed. Experimental results demonstrate that the proposed model achieves macroF1 scores of 0.992 and 0.941 in dark Web product detection and classification tasks, respectively, representing an approximately 2% improvement over the best baseline model in  classification task and significantly outperforming existing singlemodal and multimodal methods. This approach effectively enhances the performance of finegrained classification tasks for Chinese dark Web intelligence, offering new insights and methodologies for dark Web intelligence analysis.
    Reference | Related Articles | Metrics
    Research of the Scenes in the Cyberspace Game
    Journal of Information Security Research    2018, 4 (5): 415-419.  
    Abstract299)      PDF (1454KB)(602)       Save
    With the comprehensive internetization of social fundamental industries, the network security situation has become increasingly severe. A case of Guiyang big data security drill is firstly introduced to point out that people are the core of network security. Second, we emphasize the “scenes” as one of the key factors to determine the effectiveness of talents training mode, which further influence the initiative of cyberspace game. However, for a long time, we have not paid enough attention to the accumulation of scenes and the retained methods of scenes mainly focus on text description. There is still a huge space for deep mining and utilizing the value of scenes for both security companies and users. Then Cyber Range is introduced as the infrastructure of generating and accumulating “scenes”. Based on analyzing the stateofart of Cyber Range of the United States and other developed countries, the key techniques of Cyber Range are described. Lastly, the functions that the Cyber Range should possess and applications in various fields such as product evaluation, mission rehearsal, architecture analysis, etc. are presented.
    Reference | Related Articles | Metrics
    Blockchain Security Sharding Scheme Based on Multi-dimensional Reputation
    Journal of Information Security Reserach    2024, 10 (8): 690-.  
    Abstract353)      PDF (2816KB)(226)       Save
    Blockchain faces scalability issues. Sharding improves system performance by dividing the blockchain network into multiple subnetworks that process transactions in parallel. However, sharding can lead to the clustering of malicious nodes, resulting in 51% attacks and affecting system security. The existing singledimensional reputation schemes have the problems of high overhead and insufficient shard consensus in the redistribution process, failing to ensure both performance and security. To address these  problems, a blockchain security sharding scheme based on multidimensional reputation is proposed: Firstly, the scheme integrates multidimensional indicators of nodes to balance shard reputation and computational communication abilities, identifying malicious nodes.  Secondly, a twostage redistribution scheme is proposed to reduce the frequency and cost of redistribution through partial redistribution in first stage and complete redistribution in second stage. Finally, a multidimensional reputation based fast Byzantine faulttolerant consensus (MRFBFT) is designed, which combines voting power and reputation, and introduces consensus among shard leader nodes to prevent malicious behavior. The experimental results show that the shard reputation and computational communication level are more balanced, the consensus delay is reduced by about 20%, and the throughput is increased by about 15%.
    Reference | Related Articles | Metrics
    Research on Source Code Vulnerability Detection Based on BERT Model
    Journal of Information Security Reserach    2024, 10 (4): 294-.  
    Abstract480)      PDF (3199KB)(298)       Save
    Techniques such as code metrics, machine learning, and deep learning are commonly employed in source code vulnerability detection. However, these techniques have problems, such as their inability to retain the syntactic and semantic information of the source code and the requirement of extensive expert knowledge to define vulnerability features. To cope with the problems of existing techniques, this paper proposed a source code vulnerability detection model based on BERT(bidirectional encoder representations from transformers) model. The model splits the source code to be detected into multiple small samples, converted each small sample into the form of approximate natural language, realized the automatic extraction of vulnerability features in the source code through the BERT model, and then trained a vulnerability classifier with good performance to realize the detection of multiple types of vulnerabilities in Python language. The model achieved an average detection accuracy of 99.2%, precision of 97.2%, recall of 96.2%, and an F1 score of 96.7% across various vulnerability types. This represents a performance improvement of 2% to 14% over existing vulnerability detection methods. The experimental results showed that the model was a general, lightweight and scalable vulnerability detection method.
    Reference | Related Articles | Metrics
    “Internet +”Power: Overview of Westone Secruity’s Cyber Secruity
    Journal of Information Security Research    2016, 2 (10): 862-875.  
    Abstract389)      PDF (2788KB)(1138)       Save
    Related Articles | Metrics
    Blockchain and Quantum Computing
    Journal of Information Security Research    2018, 4 (6): 496-504.  
    Abstract328)      PDF (1390KB)(704)       Save
    In recent years, the emerging of digital encryption currency such as bitcoin, blockchain as its key technology has caused the government, technology companies, financial institutions and capital market great attention and wide public concern. Blockchain is a new kind of distributed, decentralized or centralized mechanism, has high distributed redundant storage, go to the center of the credit, automatic intelligent contract execution, timeseries data, not tampered with, the advantages of security and privacy. However, with the development of quantum computer, some advantages of blockchain will be challenged. By analyzing the core technology of the blockchain and combining the advantages of quantum computing, we could analyze the problems that the blockchain system will face in the future. We could work to provide effective guidance and reference to relevant researches of blockchain in the future.
    Reference | Related Articles | Metrics
    Research on Cyber-Attack Defense System Based on Big Data and Threat Intelligence
    Journal of Information Security Research    2019, 5 (5): 383-387.  
    Abstract446)      PDF (1670KB)(1398)       Save
    Cyber-attacks are the use of network vulnerabilities and security flaws to attack the hardware, software and data of a cyber system. The earlier a cyber-attack is identified, the less adverse effect it has. The traditional network intrusion detection system (IDS) has some limitations in detecting cyber-attacks, such as passive protection and limited capability of threat identification. Threat intelligence technology provides a more scientific and effective method for identifying potential or actual cyber-attacks by using big data analysis,and provides a comprehensive and relevant cyber-attack defense model.
    Reference | Related Articles | Metrics
    Intelligent Data Management Platform
    Journal of Information Security Reserach    2021, 7 (E1): 50-.  
    Abstract311)      PDF (2215KB)(143)       Save
    In June 2021, the “Data Security Law of the People’s Republic of China” was officially promulgated, marking that China’s data security has entered a new development stage of legal construction. According to the overall national security concept of the data security law, the intelligent data governance platform should completethe data security governance system and improve the data security guarantee, including metadata management, data classification and grading, data security risks analysis, and data security rules.

    Related Articles | Metrics
    Journal of Information Security Reserach    2025, 11 (E2): 89-.  
    Abstract104)      PDF (1508KB)(57)       Save
    Reference | Related Articles | Metrics
    Analysis on American Critical Infrastructure Security Management
    Journal of Information Security Research    2017, 3 (8): 736-746.  
    Abstract380)      PDF (2098KB)(842)       Save
    In recent years, Different countries are paying more attention to critical infrastructure security and its cyber defense to the level of national security by developing regulations, laws and standards. As general secretary of the CPC Central Committee and president of China, Xi Jinping proposed efforts to promote innovative development, and work hard to build China into a cyberpower. Critical information infrastructure protection is one of the most important parts of the network strategy. We should learn from other countries, especially developed countries, to secure our critical infrastructure while we are still in the early stage. The United States, as the first country devoting attention to protect critical infrastructure cyber security, has developed a set of critical infrastructure information security policies, measures and supporting works. The study will provide suggestions for our critical infrastructure defense by reviewing American critical infrastructure measures from the perspectives of its identification, management system and security requirement.
    Reference | Related Articles | Metrics
    The Evolution and Enlightenment of US Encryption Export Controls legal System
    Journal of Information Security Research    2018, 4 (3): 211-218.  
    Abstract354)      PDF (1373KB)(556)       Save
    The encryption technology is widely used in every fields, It plays an important role in supporting the national security. Therefore, In the various states, The Regulations of encryption Export is the inevitable choice in accordance with Encryption Export Controls laws System. US Encryption Export Controls laws System has four stages, The four stages are respectively the early America, the Clinton era, George W. Bush administration period and the Obama era. The encryption export control began to appear loosening in 1990s, US encryption export controls had gradually loosen in the Clinton era. The network security policy had been the turning point after the Sept. 11, 2001, terrorist attacks,The regulation of encryption export is slowed pace. After the 2008 financial crisis, the Obama encryption export control reform to stimulate exports. US Encryption Export Controls laws System is the key part of the reform of export control. In 2015, The US passed legislation to strengthen the network space safety control items, Adding new constraints for encryption export. China is currently performing a strict encryption export control policy, we should step up the “Cryptography”and its corresponding regulations and policy. we should learn from America of The Evolution of Encryption Export Controls laws System to reform our laws System.we still want to consider the our national conditions, such as the level of encryption technology and legislative technique. Then, we will set up encryption export control policies and regulations law System with Chinese characteristics.
    Reference | Related Articles | Metrics
    A Static Tagging Method of Malicious Code Family Based on Multi-Feature
    Journal of Information Security Research    2018, 4 (4): 322-328.  
    Abstract229)      PDF (1878KB)(452)       Save
    This paper describes a method of static tagging of malicious code family based on multiple features, it uses malicious code visualization technology to draw malicious code image, extracts feature from image source and text source, byte code layer and Operation code layer, it extract features from multiple sources and multi-level which aims at overcoming defects that only extract features from one source. In order to make better use of the features extracted from multiple levels, this paper designs a 3-layer multi-classifier joint framework for feature learning, and the 3-layer multi-classifier joint framework is divided into three parts, which are feature combination layer, classification layer and union layer. Finally, we can use the learning model to tag the malicious code automatically. In order to verify the validity of the method, we made the malicious code family tagging test experiment with 9 kinds of malicious code in Microsoft’s data set, and the experimental results show that our method has higher accuracy, precision, recall and F1-score which are more than 90% in other sample families except SIMDA malicious code family. The validity and reliability of the method are proved by experiments.
    Reference | Related Articles | Metrics
    Reasearch on Online Public Opinion Governance in Chinas Western Minority Regions
    Journal of Information Security Research    2018, 4 (10): 954-958.  
    Abstract265)      PDF (1531KB)(421)       Save
    For the intertwine of ethnic, religious, historical and cultural problems, western minority regions is an essential part for public opinion safety in China. Therefore, the changing trend of online public opinion in these areas has been the focus of online public opinion researches. Influenced by the false and malicious information from abroad and infiltrated by the overseas religious extremists, the difficulty of governing the online public opinion in minority areas of west China has increased sharply. Therefore, it is particularly important for the governance of online public opinion in these areas. Based on the salient characteristics of the public opinion in minority areas of west China, such as regionalism, complexity, politicality, sensitivity and internationality, this article intends to clarify the potential problems existing in the online public opinion in minority areas of west China at present, and to further discuss the influencing factors of online public opinion in these areas, and finally to probe a sound and effective way to govern the online public opinion in minority areas of west China.
    Reference | Related Articles | Metrics
    Practical Information Security Personnel Training Framework
    Journal of Information Security Research    2018, 4 (12): 1119-1123.  
    Abstract201)      PDF (2812KB)(428)       Save
    Venustech Cyberspace Security Institute believes that the national network letter business provides strong talent support as its mission. Relying on the accumulation of network security in the Venustech Group, we have formed an Information Security operation and maintenance course system, an Information security attack and defense course system, an Information security management course system, an Information security technology course system, and new technology safety course system. Nearly 60 courses in eight major courses, such as security development course system. Each course has been meticulously polished, combined with new technologies and teaching feedback for industry users, constantly optimizing the course content and teaching methods, and has provided information security training for the government and major industry organizations for more than a thousand times; participated in organizing major safety competitions. Nearly 100 times, nearly 500 winners in the training industry information security competitions; nearly 25000 information security technology and information security management talents have been trained, and they have been praised as “China's powerful high-quality training institutions” by domestic and foreign partners.
    Reference | Related Articles | Metrics
    Ditigal Technology Fighting Epidemic: China’s Big Data Security Is in Action
    Journal of Information Security Research    2020, 6 (3): 194-201.  
    Abstract147)      PDF (2647KB)(407)       Save
    Related Articles | Metrics
    Journal of Information Security Reserach    2025, 11 (E2): 94-.  
    Abstract59)      PDF (826KB)(32)       Save
    Reference | Related Articles | Metrics
    Study on the Energy Trusted Data Network Mechanism Based on  Digital Object Architecture
    Journal of Information Security Reserach    2026, 12 (6): 550-.  
    Abstract52)      PDF (1624KB)(22)       Save
    The energy trusted data network primarily addresses challenges in achieving trusted interconnection, intercommunication, interdiscovery and interoperation of data, supported by digital object architecture (DOA) technology, and enables unified crossentity data access registration, directory interconnection services, and controllable analytical applications, flexibly meeting the development requirements of the energy industry, which demands high data security, organizational hierarchy, and multidomain entity segmentation. With reference to the traditional PESTEL (political, economic, social, technological, environmental, legal) environmental analysis model and the legaltechnologicaleconomiccommercial system model for data factor market development, this study proposes a systematic research framework for the energy trusted data network mechanism. Centered on data characteristics, the framework integrates dimensions of policy systems, industry layout, innovative technologies, and security compliance. Guided by the foundational principles of “costeffectiveness, equivalence of rights and responsibilities, collaborative integration, and longterm development”, it establishes a distributed overarching architecture. The mechanism is further constructed through the following aspects: collaboration mechanisms, technological mechanisms, incentive mechanisms, operational mechanisms, security mechanisms, and iterative mechanisms, to support energy industry advancement, flexible technological upgrades, and optimized evolution. By building this trusted network, more entities are encouraged to securely unify data access and leverage trusted service applications, transforming fragmented enterprise data advantages into industrywide collaborative strengths. This fosters deeper industry data utilization and advances artificial intelligence large language model development, providing critical support for the digital transformation and highquality development of the energy sector.
    Reference | Related Articles | Metrics
    Research of Emergency Resources Big Data Cloud Security Management
    Han Xiaolu1 and Lü Xin2
    Journal of Information Security Research   
    “Internet +”Power: The Information Security and Strategic Layout of Lenovo on the Basis of “Internet +” Background
    Journal of Information Security Research    2016, 2 (7): 574-586.  
    Abstract315)      PDF (3175KB)(829)       Save
    Related Articles | Metrics
    Deepin Anything Fast Retrieval Research
    Journal of Information Security Research    2018, 4 (1): 15-23.  
    Abstract294)      PDF (6426KB)(520)       Save
    In order to be able to provide users with a high-speed file search function based on file name search, we introduced "anything fast retrieval" technology. This paper introduces the design of “anything fast retrieval” technology in indexing technology in detail, and makes a theoretical analysis of the technical solutions, and gives a detailed analysis and explanation of the verification methods and verification conclusions of the technical solutions. “Anything Fast Retrieval” technology provides nearly 500 times more efficiency in file-name-based fast retrieval compared to the traditional used search techniques in today's Linux desktops OS.
    Reference | Related Articles | Metrics
    Research on Reference Architecture for Government Big Data Security
    Journal of Information Security Research    2019, 5 (5): 370-376.  
    Abstract363)      PDF (2263KB)(1193)       Save
    Government informatization has gradually moved from electronic and computerized information, to networked government information, and government big data (GBD) is a new stage in government informatization development. This stage features openness, sharing, dynamic, real-time and intelligence. In view of these features and the current situation of government big data development, this paper analyzes the technical and managemental challenges and basic security principles of the GBD platform development. Based on analysis, this paper proposes a new kind of reference architecture for GBD security based on an appropriate management organization structure. The paper also reviews related security regulatory mechanisms and security measures of this architecture. Compared to the US government's national institute of standards and technology (NIST) big data reference architecture, the proposed architecture is simpler, has a higher security level, clearer functional requirements, and is easier to implement. The proposed architecture can meet the actual current needs of big data security management, and has practical value in guiding the future government cloud platform, and security design and regulation of the GBD system.
    Reference | Related Articles | Metrics
    SecurityUnion IT: Committed to Internet of Everything Security
    Journal of Information Security Research    2019, 5 (9): 762-770.  
    Abstract359)      PDF (2670KB)(432)       Save
    Related Articles | Metrics
    An Overview of Application and Technology of Artificial Intelligence in Cybersecurity
    Journal of Information Security Reserach    2022, 8 (2): 110-.  
    Abstract2153)      PDF (1142KB)(1489)       Save
    Compared with the developed countries, the basic research and technology application in the field of artificial intelligence in China started later, especially the application of artificial intelligence in the important field of network security. Domestic and abroad disparity is still very obvious, which seriously affects the improvement of China's cybersecurity capability. This paper elaborates the relationship between artificial intelligence, network attack and network defense, and widely investigates the application status of artificial intelligence in major information security companies at home and abroad. It points out that APT detection, 0day vulnerability mining and cloud security are three core areas that affect the level of cybersecurity capability, This paper deeply analyzes the key technologies of artificial intelligence technology applied in these three fields, and puts forward the safety risks of artificial intelligence technology, and points out that artificial intelligence technology is not a panacea for all diseases, This Paper provides a scientific reference for the further research and application of artificial intelligence technology in China's information security industry.
    Reference | Related Articles | Metrics
    Research on Adversarial Examples Generation Technology Based on  Text Keywords
    Journal of Information Security Reserach    2023, 9 (4): 338-.  
    Abstract423)      PDF (2165KB)(193)       Save
    Deep learning models have been widely used to deal with natural language tasks, but the latest research shows that adversarial attacks will seriously reduce the accuracy of the classification model and make the model classification function ineffective. Aiming at the vulnerability of deep learning models when dealing with natural language tasks, a new adversarial examples generation method, KeywordsAttack, is proposed. The method uses a statistical algorithm to select some words to form a text keyword set. And then it iteratively replaces the keywords according to the contribution of the model classification results until the classification model is successfully misled or the number of replacements reaches the set value. According to the characteristics of Chinese, this method generates adversarial examples by splitting Chinese characters and replacing pinyin. Finally, using the public hotel shopping review dataset to conduct experiments, the results show that the average modification magnitude of adversarial examples accounts for 18.2% of the original text and the classification accuracy of attacking the BERT model is reduced by about 43%, and the classification accuracy of attacking the LSTM model is reduced by about 30%. These data show that the KeywordsAttack method can successfully mislead the classification model by making small perturbations to the text. At the same time, the number of query models in the process of generating adversarial examples is small.
    Reference | Related Articles | Metrics
    Analysis on the Homology of Malware Families Based on  Openset Recognition
    Journal of Information Security Reserach    2023, 9 (8): 762-.  
    Abstract365)      PDF (2218KB)(115)       Save
    At present, analysis on the homology of malware families mostly focuses on the closedset problem, that is, it is assumed that the samples to be tested must belong to a certain known class.However, there are many malware families in an open world, and the unknown classes usually account for the majority. The closedset recognition cannot accurately identify the malware families in an open world. Aiming at the above problems, this paper proposes a homology analysis method for malware families based on openset recognition. The malware executable files are converted into grayscale images through NGram sliding window and Doc2vec sentence embedding method, the features of the grayscale images are obtained based on the convolutional neural network model MobileNet, and the Open Longtailed Recognition model is used to realize openset recognition of malware families. Identifying 9 known classes and 9 unknown classes of malware families, the experimental results show that the proposed method can identify the malware family of the unknown classes while maintaining high accuracy on both known and unknown families.
    Reference | Related Articles | Metrics
    Image Encryption Method Based on Novel Combined Chaotic System and  Fractional Number Theory Transformation
    Journal of Information Security Reserach    2026, 12 (6): 517-.  
    Abstract41)      PDF (3694KB)(15)       Save
    Aiming at addressing existing issues in current image encryption technologies regarding encryption speed, security, and sensitivity, this paper proposes a novel image encryption method based on a combined chaotic system and fractional numbertheoretic transform. First, a new chaotic structure is proposed by combining two traditional onedimensional mappings to create a fully chaotic mapping. Metrics such as bifurcation diagrams, Lyapunov exponents, and information entropy demonstrate that the proposed chaotic structure exhibits excellent chaotic performance, large parameter space, strong sensitivity, and high randomness. Subsequently, a new image encryption method is developed based on this chaotic mapping and multiparameter fractional number theoretic transform. The hash value of the plaintext image is linked with the parameters of the chaotic system to generate initial chaotic keys and scrambling parameters. A multiparameter fractional number theoretic transform is defined by constructing a number theoretic transform feature vector. The plaintext image undergoes one round of number theoretic transform to obtain an intermediate image, followed by Arnold scrambling to disrupt the image. Finally, another round of numbertheoretic transformation is applied to generate the ciphertext image. Experimental results indicate that the algorithm achieves excellent encryption performance: the pixel change rate (NPCR) and unified average changing intensity (UACI) closely approach their ideal values; the average correlation coefficient of ciphertext images is 0.0018, approaching zero; the normalized entropy of ciphertext images reaches 0.9994, nearing the maximum value of 1. With an average encryption time of 0.273s and decryption time of 0.324s, the method outperforms other comparative schemes in efficiency. It demonstrates robust resistance against common attacks including chosenplaintext attacks, differential attacks, and exhaustive attacks, exhibiting high security and promising application prospects in multimedia security fields.
    Reference | Related Articles | Metrics
    The ZUC Stream Cipher Algorithm
    Journal of Information Security Research    2016, 2 (11): 1028-1041.  
    Abstract1708)      PDF (7769KB)(802)       Save
    祖冲之算法,简称ZUC,是一个面向字设计的序列密码算法,其在128b种子密钥和128b初始向量控制下输出32b的密钥字流.祖冲之算法于2011年9月被3GPP LTE采纳为国际加密标准(标准号为TS 35.221),即第4代移动通信加密标准,2012年3月被发布为国家密码行业标准(标准号为GMT 0001—2012),2016年10月被发布为国家标准(标准号为GBT 33133—2016).简单介绍了祖冲之算法,并总结了其设计思想和国内外对该算法安全性分析的主要进展.
    Reference | Related Articles | Metrics
    Semantics Based Webshell Detection Method Research
    Journal of Information Security Research    2017, 3 (2): 145-150.  
    Abstract505)      PDF (4585KB)(645)       Save
    A semanticsbased Webshell detection method was proposed. This method obtained the code behavior and related dependencies by syntax analysis of the file, and achieved semantic understanding to complete the Webshell detection by the risk model. A critical abstract syntax subtree extraction method which can reject irrelevant factor and get the malicious behavior occurrence point was proposed. The description of behavior in risk model database was defined with BackusNaur Form, finally a smooth risk value curve could be obtained by graph matching algorithm, which can finish the criticality assessment of the file and can get a better result by adjusting the threshold A webshell detection system based on that detection method was designed and finished, the experimental results have demonstrated that the SemanticsBased method was effective in Webshell detection.
    Reference | Related Articles | Metrics