Most Download articles

    Published in last 1 year | In last 2 years| In last 3 years| All| Most Downloaded in Recent Month| Most Downloaded in Recent Year|
    Most Downloaded in Recent Month
    Please wait a minute...
    For Selected: Toggle Thumbnails
    LLMenhanced Static Analysis for Detecting Broken Object Level Authorization Vulnerabilities in Java Web Applications#br#
    #br#
    Journal of Information Security Reserach    2026, 12 (5): 394-.  
    Abstract57)      PDF (1497KB)(48)       Save
    Broken object level authorization (BOLA) is currently one of the critical security threats to Web applications. As a typical unauthorized access vulnerability, BOLA arises when a system fails to properly validate a user’s access permissions to target objects. The key to static detection of BOLA vulnerabilities lies in: accurately identifying objectlevel sensitive operations and analyzing unprotected access behaviors during path traversal. Since BOLA is an application logiclevel vulnerability, its detection effectiveness directly depends on the precision of understanding the expected objectlevel authorization policies. However, existing detection methods predominantly rely on empirical heuristic rules to identify sensitive and protected operations, making them difficult to adapt to the actual business logic of different applications, resulting in high false positives and false negatives in detection results. To address this limitation, this paper innovatively proposes a large language model (LLM)enhanced static detection method for BOLA vulnerabilities in Web applications, LLM4BOLA. First, leveraging LLM’s advanced code comprehension and semantic reasoning capabilities to infer objectlevel sensitive operations and custom authorization policies in specific business scenarios. Then, identifying diverse permission protection mechanisms. Finally, comprehensively detecting missing objectlevel permission checks along the paths from request entry points to sensitive operations. Experimental results demonstrate that the proposed method not only effectively detects known vulnerabilities but also discovers unknown ones, significantly outperforming traditional rulebased approaches in detection accuracy.
    Reference | Related Articles | Metrics
    A Deep Learning Differential Privacy Protection Scheme Based on  Adaptive Clipping
    Journal of Information Security Reserach    2026, 12 (6): 490-.  
    Abstract37)      PDF (1728KB)(32)       Save
    To address the issues of utility degradation in deep learning models under differential privacy protection and the gap between theoretical and actual privacy protection effectiveness, this paper proposes a deep learning differential privacy protection scheme based on adaptive clipping. The scheme optimizes the process through a fourstep mechanism: firstly, gradient adaptive clipping controls the gradient magnitude during training by dynamically adjusting the gradient clipping threshold, thereby enabling the control of the magnitude of noise added subsequently; secondly, group label selection identifies the group with the smallest gradient as the privacypreserving object, and more accurate privacy loss can be obtained by training this group; thirdly, optimized privacy loss calculation combines the gaussian mechanism based on subsampling to reduce the computational overhead of model privacy loss calculation; finally, optimized gradient adaptive descent realizes the adaptive descent of gradients by adjusting the conditional smoothing parameter, thus improving the usability of the model. Experiments were conducted on the VGG architecture using the MNIST, CIFAR10, and MedicalMNIST datasets. The results show that the model accuracy rates after training with this scheme are 81.08%, 72.30%, and 67.91% respectively, representing improvements of 15.60%, 10.60%, and 9.71% compared to the traditional DPSGD, and 0.63%, 2.50%, and 4.40% over the widely used Nadam algorithm in recent years. The model training efficiency has been improved by 35.5% and 39.4%, respectively.
    Reference | Related Articles | Metrics
    OSN Intrusion Detection Method Based on Residual Timeattention with Feature Selection#br#
    #br#
    Journal of Information Security Reserach    2026, 12 (5): 402-.  
    Abstract34)      PDF (1781KB)(31)       Save
    Online social network (OSN), as core platform for information exchange, currently face serious intrusion threats. However, existing OSN intrusion detection techniques exhibit poor detection performance when dealing with issues such as high dimensionality, diverse datasets with different types of structures, significant semantic differences, and mismatched dynamic features. Therefore, an intrusion detection method based on residual timeattention with feature selection (RTAS) is proposed. The method utilizes the pretrained language model BERT for data preprocessing and designs a classifier based on residual timeattention. The model effectively captures contextual features in a wide range of text information through a bidirectional LSTM and attention mechanism. Meanwhile, an adaptive feature selection method based on deep reinforcement learning is proposed, which utilizes adaptive learning to obtain the optimal feature set. The experiment shows that the proposed method achieves accuracies of 98.53%, 98.68%, and 98.33% in detecting multiple threat patterns on datasets from Facebook, Google+, and Twitter, respectively. The average accuracy on the three datasets exceeds other mainstream methods.
    Reference | Related Articles | Metrics
    Research on the Implementation Path of Zero Trust Strategy
    Journal of Information Security Reserach    2026, 12 (5): 483-.  
    Abstract29)      PDF (3588KB)(31)       Save
    Amid the wave of digital transformation, the traditional boundarybased network security model is increasingly ineffective in dynamic and border less environments. The United States has taken the lead in restructuring its cybersquatting system through a systematic zerotrust strategy, and its trinity practice path of “policytechnologyecology” is of reference significance for China to build a digital security barrier. This paper uses case analysis and policy comparison methods to deeply analyze the toplevel design logic, core technological breakthrough points, and ecological coordination mechanisms of the U.S. zerotrust strategy, revealing its essence of transitioning from “passive protection” to “active immunity”. Based on a deep diagnosis of the complexity of China’s ultralargescale network ecosystem, the shortcomings in the autonomy of core technologies, and the challenges of data sovereignty governance, this paper proposes a Chinesestyle “fourdimensional integrated” implementation path: breaking the fragmented dilemma with systematic toplevel design; breaking through technological bottlenecks with the integration of national cryptography and AIdriven technologies; building a security ecosystem with costsharing and standard leadership through governmententerprise collaboration; and addressing implementation limitations with scenario classification and privacy enhancement. The study emphasizes that China needs to innovate on the basis of reference, take zero trust as an important engine for building a digital security barrier, and balance the needs of security protection with the development of the digital economy.
    Reference | Related Articles | Metrics
    Research on the Institutional Framework and Rule Characteristics of Chinese Network Information Security Policies
    Journal of Information Security Reserach    2026, 12 (5): 474-.  
    Abstract27)      PDF (1709KB)(27)       Save
    Network information security policy is an important institutional guarantee for maintaining national security and development, and analyzing the institutional framework and rule characteristics of Chinese network information security policies is of great significance for enhancing its implementation effect of network information security policies. Coding statistics of 39 network information security policies, based on the components of institutional grammar tool (IGT), this paper highlights the complex orientation of the institutional framework of Chinese network information security policies from five dimensions: actors, action constraints, action scenarios, action goals, and evaluation results. Based on the framework of the system,focusing on the function definition rules, exit access rules, decisionmaking guidance rules, information transfer rules, and rewards and punishments incentives rules in the institutional analysis and development (IAD) framework, it is found that the current Chinese network information security policies are characterized by the rules of ambiguous definition of departmental rights and responsibilities, missing access conditions of the main body, weakening of the statement of the regulatory strength, poor reverse feedback channels, and unequal distribution of the rewards and punishments. In view of existing problems, in the future, the effectiveness of regulation can be improved by clarifying the rights and responsibilities of departments, adding access conditions, adding rulebased statements, optimizing feedback channels, and improving incentive and punishment measures.
    Reference | Related Articles | Metrics
    Research on Harmful Website Detection Based on Graph Neural Network and Multifeature Fusion
    Journal of Information Security Reserach    2026, 12 (5): 420-.  
    Abstract33)      PDF (1884KB)(28)       Save
    To address the limitations of current harmful website detection methods in deep text semantic mining and multimodal feature coperception, this study proposes a multifeature fusion detection model based on graph attention networks (GAT) and ConvNeXt. The framework leverages GloVe word embeddings to construct semantic representations of website text, mapping it into a graph structure based on word cooccurrence relationships. The adaptive attention mechanism in GAT dynamically captures contextual dependencies between noncontiguous words, while ConvNeXt extracts both local details and global contextual features from website images. A crossattentionbased fusion module facilitates dynamic textimage feature alignment and interactive integration. Experimental results demonstrate that the proposed model achieves 99.10% accuracy in fourcategory website classification, significantly enhancing detection performance. This work offers valuable insights for identifying harmful online content and enhancing cybersecurity governance.
    Reference | Related Articles | Metrics
    Journal of Information Security Reserach    2025, 11 (E2): 89-.  
    Abstract94)      PDF (1508KB)(53)       Save
    Reference | Related Articles | Metrics
    Research on Large Model Security Assessment Technology Based on Group Polarization Nested Jailbreak Templates#br#
    #br#
    Journal of Information Security Reserach    2026, 12 (5): 410-.  
    Abstract30)      PDF (2619KB)(24)       Save
    As large model demonstrates excellent performance in natural language processing tasks, its security issues become increasingly prominent. Jailbreak attacks bypass model security mechanisms, weaken value alignment constraints, and induce models to generate harmful content. The risks of model abuse, hijacking, and information leakage caused by such attacks pose security threats to the large language model application ecosystem. To comprehensively evaluate large model security performance, a nested jailbreak template technique based on the group polarization psychological effect is proposed, which guides models to generate complex responses through progressively nested instructions. Based on this, the NesTHGA (nested templatehierarchical genetic algorithm) framework is constructed by integrating hierarchical genetic algorithms. Experimental results show that this method achieves an average attack success rate of over 80% across 8 mainstream large models, statistical tests confirm significant differences from existing methods, and ablation experiments verify component synergistic effects, effectively evaluating the security and robustness of large models against complex attacks.
    Reference | Related Articles | Metrics
    Generative Logic and Coping Strategies of Personal Information Security Risks in Digital Platform
    Journal of Information Security Reserach    2026, 12 (5): 445-.  
    Abstract40)      PDF (1235KB)(25)       Save
    While digital platform provides tremendous convenience for public production and daily life, security risks such as personal information leakage and misuse have simultaneously escalated. As a new tier in governance structures, guiding digital platform to strike a balance between information protection and data openness is crucial for advancing the modernization of cyberspace governance systems and enhancing governance capacity. Examining digital platform from the perspective of data controllers, this paper explores the generative logic of personal information security risks through a threetiered framework: unauthorized collection, unregulated processing and improper application. The paper proposes coping strategies including refining “informed consent” operational details to stabilize the privacy policy framework of platform, strengthening the application of data desensitization technologies to standardize the automated decisionmaking processes of platform, and improving the information provision and disclosure mechanisms to enhance the internal information management of platform, so as to achieve a balance between personal information protection and the release of the value of data elements.
    Reference | Related Articles | Metrics
    Research on Smart Contract Vulnerability Detection Method Based on  Multimodal Feature Fusion
    Journal of Information Security Reserach    2026, 12 (6): 503-.  
    Abstract23)      PDF (1602KB)(23)       Save
    Most of the smart contract vulnerability detection methods rely on single mode feature extraction, which leads to the problem of low detection accuracy due to insufficient key feature extraction. This paper proposes a smart contract vulnerability detection method based on multimodal feature fusion. Firstly, the construction of the control flow graph (CFG) is constructed by leveraging the abstract syntax tree (AST) trimmed at the source code layer and the data flow relationship based on the opcode layer, which is imported into the graph attention network (GAT) to extract two types of static features. Secondly, the fuzzing test report generated by echidna, a dynamic detection tool, is used to extract path coverage, state changes and other information to build a graph model, and the dynamic features are extracted by graph neural network (GNN). Finally, the extracted static and dynamic features are fused and input into CNN bilstm att model for vulnerability detection, and relevant experiments are carried out on 47398 smart contracts. Experimental results show that compared with eight mainstream detection methods, such as SmartCheck, Mythril, Oyente, BiGGNN, ASTNN, DRGCN, SVCB and CBGRU, the accuracy, recall and F1 value of this method in reentry vulnerability, timestamp vulnerability, integer overflow vulnerability and Tx.origin vulnerability are increased by 50.26%, 59.54% and 58.40%.
    Reference | Related Articles | Metrics
    Journal of Information Security Reserach    2026, 12 (2): 98-.  
    Abstract129)      PDF (532KB)(117)       Save
    Related Articles | Metrics
    Research on AIempowered Cybersecurity Detection and  Assessment Technologies
    Journal of Information Security Reserach    2026, 12 (6): 559-.  
    Abstract26)      PDF (1820KB)(18)       Save
    In response to the challenges faced by traditional cybersecurity detection and assessment technologies—such as large system scales, dynamic supply chain risks, and insufficient evaluation depth—this paper explores the application of AI technologie to advance this field. Methodologically, an endtoend implementation framework for largescale models is proposed, consisting of “data preparationdistillation and annotationcluster trainingquantitative deployment.” A localized compliance assessment model based on retrievalaugmented generation (RAG) technology is developed, and a multimodal model supporting joint textimage analysis is deployed. The large model significantly shortens the assessment cycle in scenarios such as provincial government clouds, improves the efficiency of compliance knowledge matching while reducing computational load by 70%, and markedly enhances the detection rate of inherent defects. The conclusion indicates that AI technology can effectively overcome the limitations of traditional assessment methods, promoting cybersecurity detection and assessment toward greater intelligence, adaptability, and comprehensiveness, thereby providing support for building resilient cybersecurity protection systems and fostering related ecosystem development.
    Reference | Related Articles | Metrics
    A Compressionrobust Video Watermarking Method Based on Multiscale Convolutional Attention and Dualbranch Adversarial Training#br#
    #br#
    Journal of Information Security Reserach    2026, 12 (5): 463-.  
    Abstract26)      PDF (2987KB)(18)       Save
    To overcome the limitations of current deep learningbased video watermarking methods, such as reliance on singlescale feature extraction, limited adversarial training mechanisms, and insufficient robustness against compression, this paper proposes a robust video watermarking model called MSCAGAN (multiscale convolutional attention generative adversarial network), which integrates a multiscale convolutional attention mechanism and a dualbranch adversarial training framework. The model employs a lightweight multiscale attention module to extract key features form video frames at both local and global perspectives. Combined with depthwise separable convolution, it reduces computational complexity while achieving precise localization and strength control of watermark embedding, thereby enhancing invisibility. This paper innovatively designs a dualbranch adversarial training structure, in which a learnable adversary network is introduced to simulate realworld attacks, enhancing the model’s robustness against common threats such as compression, cropping, and scaling. Experimental results demonstrate that the watermarked videos generated by MSCAGAN achieve an average PSNR of 44.61dB and a SSIM of 0.964, significantly outperforming existing methods. Under H.264 compression, the average decoding accuracy reaches 94.01%. Moreover, the model maintains strong robustness even under severe cropping and scaling attacks. In summary, MSCAGAN provides an efficient and reliable solution for multimedia content copyright protection. It has the potential to be extended to emerging coding standards such as H.265, further enhancing its robustness in complex application scenarios.
    Reference | Related Articles | Metrics
    Research on the Architecture of Crosschain Transaction System for Data Assets
    Journal of Information Security Reserach    2026, 12 (4): 366-.  
    Abstract50)      PDF (2367KB)(45)       Save
    In the context of the digital era, data has emerged as a critical production factor, and its trading and management are crucial for promoting socioeconomic growth. This paper aims to address the crosschain transaction challenges faced by data assets on different platforms. The article presents an analysis of the transaction market and value conversion paths of data asset, and proposes a crosschain transaction model that encompasses system architecture, network structure and functional processes. The model distinguishes data providers, establishing a data asset transaction chain and a personal data authorization chain for crosschain data transactions. This improves the efficiency of data transactions and the convenience of regulation, and promotes the digital economy development. This article offers theoretical and practical support for the stable development of the data asset trading market, thereby facilitating the further advancement of the digital economy. Building on this framework, the study constructs a secure and reliable crosschain data asset trading platform that ensures the fairness and transparency of transactions while protecting the privacy and data security of participants.
    Reference | Related Articles | Metrics
    Dynamic Scheduling Algorithm for Heterogeneous Executor Based on CSI Features#br#
    #br#
    Journal of Information Security Reserach    2026, 12 (5): 428-.  
    Abstract29)      PDF (3060KB)(15)       Save
    In the current mimetic authentication scenario based on channel state information (CSI), existing dynamic scheduling algorithms suffer from insufficient authentication performance due to inadequate consideration of the heterogeneity of execution entities. This paper proposes a CSI featuresbased heterogeneous executor dynamic scheduling algorithm (CFHEDA). The algorithm comprehensively quantifies the correlation between CSI features and the heterogeneity of execution entities to construct a featurebased heterogeneous execution entity matrix. Based on this, the algorithm integrates dynamic historical threat assessment with an iterative greedy strategy to prioritize maximizing feature coverage. It selects execution entities by integrating a comprehensive score that considers contributions from heterogeneity, historical risk, and failure indices. Through attack collision simulation experiments, this paper compares four algorithms, including the highorder heterogeneous scheduling algorithm (HFAWA). The experiments demonstrate that under different numbers of execution entities, CFHEDA consistently achieves the best performance, with average defense success rates and average attack interception rates improved compared to existing algorithms, and overall performance enhanced by approximately 5% to 12%.
    Reference | Related Articles | Metrics
    Study of Finger Vein Recognition Application
    Journal of Information Security Research    2016, 2 (1): 86-92.  
    Abstract598)      PDF (5765KB)(739)       Save
    With the national attention on public safety and information security, biometric technology has been gradually integrated into every aspect of peoples work and life. Based on the lots of advantages, such as natural living, difficult theft, difficult imitation and etc., fingervein recognition technology becomes the research focus for the research institutions and enterprises. With the development of technology, Chinas finger vein recognition technology has reached the world firstclass level.Based on the research resultsr on finger vein recognition for years, the paper has described the theory, advantage, system and terminal equipment of finger vein recognition, compared current development of the domestic and foreign finger vein recognition technology, and pointed out the future application direction of finger vein recognition. It can be predicted that the finger vein recognition can be more applied to peoples work and life.
    Reference | Related Articles | Metrics
    Research Review on Collaborative Intrusion Detection Based on Federated Learning
    Journal of Information Security Reserach    2026, 12 (6): 526-.  
    Abstract20)      PDF (1168KB)(14)       Save
    The increasing complexity of cyber attacks challenges traditional centralized intrusion detection systems. Federated learningbased collaborative intrusion detection enables collaborative modeling and knowledge sharing among multiple nodes without sharing raw data, thereby effectively improving the detection capability for crossdomain and unknown attacks. This paper systematically reviews the research progress of federated learningbased collaborative intrusion detection. Existing methods are classified and analyzed from multiple perspectives, including architectureaware, model adaptation and evolutiondriven, as well as privacy and security enhanced approaches. Commonly used datasets and evaluation metrics are summarized. Finally, the major challenges and future research directions are discussed, providing references for subsequent research in this field.
    Reference | Related Articles | Metrics
    Study on the Energy Trusted Data Network Mechanism Based on  Digital Object Architecture
    Journal of Information Security Reserach    2026, 12 (6): 550-.  
    Abstract13)      PDF (1624KB)(14)       Save
    The energy trusted data network primarily addresses challenges in achieving trusted interconnection, intercommunication, interdiscovery and interoperation of data, supported by digital object architecture (DOA) technology, and enables unified crossentity data access registration, directory interconnection services, and controllable analytical applications, flexibly meeting the development requirements of the energy industry, which demands high data security, organizational hierarchy, and multidomain entity segmentation. With reference to the traditional PESTEL (political, economic, social, technological, environmental, legal) environmental analysis model and the legaltechnologicaleconomiccommercial system model for data factor market development, this study proposes a systematic research framework for the energy trusted data network mechanism. Centered on data characteristics, the framework integrates dimensions of policy systems, industry layout, innovative technologies, and security compliance. Guided by the foundational principles of “costeffectiveness, equivalence of rights and responsibilities, collaborative integration, and longterm development”, it establishes a distributed overarching architecture. The mechanism is further constructed through the following aspects: collaboration mechanisms, technological mechanisms, incentive mechanisms, operational mechanisms, security mechanisms, and iterative mechanisms, to support energy industry advancement, flexible technological upgrades, and optimized evolution. By building this trusted network, more entities are encouraged to securely unify data access and leverage trusted service applications, transforming fragmented enterprise data advantages into industrywide collaborative strengths. This fosters deeper industry data utilization and advances artificial intelligence large language model development, providing critical support for the digital transformation and highquality development of the energy sector.
    Reference | Related Articles | Metrics
    Security Problems and Coping Strategies of Cyberspace in Social Network
    Li Yang Lv Xin
    Journal of Information Security Research    2015, 1 (2): 126-130.  
    Abstract463)      PDF (4325KB)(818)       Save
    Nowdays, social network has the same characteristics, such as rapid propagation, large numbers of target crowd, wideranging influence, which rapidly becomes one of the important windows reflecting popular wishes. Meanwhile, social network is also faced with some security problems containing behavior, information content and structure, which result in internet fraud, privacy disclosure, rumor propagation, and so on, and influence the safety and prosperity of the masses, social harmony and stability. Therefore, in the face of cyberspace in social network, build a sound law, deeply mine public sentiment, and strengthen the assessment of network, which have important practical significance for utilizing the platform efficiently and maintaining the security of cyberspace in social network.
    Reference | Related Articles | Metrics
    TOPSEC, Leading Brand of Independent Innovation, Supporting Cyberspace Power Strategy
    Journal of Information Security Research    2018, 4 (9): 774-782.  
    Abstract208)      PDF (1579KB)(974)       Save
    Related Articles | Metrics
    Remote Office Solution and Its Application Based on Secure Instant Messaging Technology
    Journal of Information Security Research    2020, 6 (4): 301-310.  
    Abstract204)      PDF (3086KB)(389)       Save
    Remote office is getting more and more favored by users for its characteristics of unconstrained time and space, high-efficiency and convenience, fragmentation time utilization and so on, but it also raised a lot of security problems. This article systematically introduces a security solution for remote office and its innovative applications. Based on the secure instant messaging architecture of interconnection and interworking, it realizes vertical security support and application aggregation, as well as horizontal data sharing and application collaboration through open aggregation interfaces. Therefore an remote office ecosystem is built. The solution has been widely used in sectors such as government, military, finance and energy, providing a security application solution to meet the requirements of relevant national standards for the high-security users’ remote office.
    Reference | Related Articles | Metrics
    Memory and Noise Cooptimization Method for Fully Homomorphic Encryption CNN Inference
    Journal of Information Security Reserach    2026, 12 (5): 439-.  
    Abstract28)      PDF (955KB)(14)       Save
    To address the challenges of high memory consumption, low computational efficiency, and homomorphic noise accumulation in fully homomorphic encryption (FHE) for privacypreserving inference in convolutional neural network (CNN), this paper proposes a collaborative optimization framework. The framework introduces a hierarchical memory scheduling strategy, which employs a dynamic key loading mechanism and an adaptive compression technique for polynomial ring slot numbers (reducing available slots exponentially based on network depth), thereby significantly decreasing memory usage. Additionally, a noise suppression residual module is developed, incorporating a noise propagation dynamics model to design a realtime noise monitoringbased ondemand bootstrapping trigger mechanism, which reduces bootstrapping frequency and enhances inference efficiency. Experimental results on the CIFAR10 dataset demonstrate that this framework enables homomorphic encrypted inference of ResNet20 in approximately 500s with only 20GB of memory, achieving a 3.5× improvement in inference efficiency and a 94% reduction in memory consumption compared to existing CKKSbased solutions (2271s384GB). This framework provides a novel technical paradigm for privacypreserving machine learning in resourceconstrained scenarios.
    Reference | Related Articles | Metrics
    Brief Introduction to Information Security in Air Traffic Management
    Wu Zhijun Hu Taotao
    Journal of Information Security Research    2015, 1 (2): 155-162.  
    Abstract393)      PDF (6791KB)(740)       Save
    Air traffic management (ATM) plays a crucial role in ensuring the operation of air transportation system and national airspace safe. ATM is a networkcentralized intelligent system with high information integration, which is vulnerable to threats and attacks. Potential system vulnerabilities and security risks in ATM system, especially, in aeronautical communication, navigation, surveillance, automation, and airborne aeronautical communication network system are explored and analyzed in this paper, and specific examples are given. Finally, security recommendations on ATM information assurance are presented for the purpose of taking protective measures to guarantee the security of ATM operation.
    Reference | Related Articles | Metrics
    Journal of Information Security Reserach    2025, 11 (E2): 267-.  
    Abstract28)      PDF (1553KB)(27)       Save
    Reference | Related Articles | Metrics
    Research on Phishing Email Detection Based on Large Language Model
    Journal of Information Security Reserach    2026, 12 (2): 151-.  
    Abstract76)      PDF (1835KB)(46)       Save
    With the rapid increase in phishing email volumes and the continuous evolution of adversarial techniques, traditional phishing detection methods have encountered significant challenges regarding efficiency and accuracy. To address issues such as low detection rates, high falsenegative rates, and poor humancomputer interaction in existing systems, the authors proposed a phishing email detection system based on large language model. Through comprehensive analysis of key phishing email characteristics—including header fields, body content, URLs, QR codes, attachments, and HTML pages—they constructed a highquality training dataset using feature insertion algorithms. Building upon the pretrained LLaMA model, the researchers implemented LoRA finetuning technology, achieving domain knowledge transfer by updating only 0.72% of model parameters (approximately 50MB). Experimental results demonstrate that compared to traditional methods, the LLMbased detection approach achieves 94.5% overall accuracy with enhanced robustness, effectively reduces falsepositive rates, improves classification and interpretation capabilities for phishing email features, and provides a more practical and reliable solution for phishing detection.
    Reference | Related Articles | Metrics
    SM3 Cryptographic Hash Algorithm
    Journal of Information Security Research    2016, 2 (11): 983-994.  
    Abstract1587)      PDF (8502KB)(946)       Save
    The cryptographic hash functions play an important role in modern cryptography. They are used to compress messages of arbitrary length to fixed length hash values. The most common cryptographic applications of hash functions are with digital signature and for data integrity. SM3 cryptographic hash algorithm is issued as the industry standard in 2012. In 2016, it was published as national standard. It takes a 512bit message as input and outputs a 256bit hash value. This paper summarizes the design, properties, software and hardware implementations and cryptanalysis of SM3 cryptographic hash algorithm. Furthermore, we compare SM3 with other hash standards.
    Reference | Related Articles | Metrics
    Research on a Fully Homomorphic Encryption Algorithm Based on  Confused Modulo Projection
    Journal of Information Security Reserach    2026, 12 (4): 311-.  
    Abstract41)      PDF (1123KB)(33)       Save
    With the rapid proliferation of cloud computing, big data, and InternetofThings technologies, data privacy and security concerns have become increasingly prominent, while traditional dataprocessing methods exhibit inherent limitations in safeguarding sensitive information. Homomorphic encryption (HE) offers a promising privacypreserving approach by enabling computations to be performed directly on encrypted data. However, existing schemes typically suffer from high computational complexity, significant ciphertext expansion, and substantial resource consumption, which impede their practical deployment. To address these challenges, this paper proposes an efficient confused modulo projectionbased fully homomorphic encryption (EffiCMPFHE) algorithm. Leveraging the Chinese Remainder Theorem for multimodular redundant encoding of plaintexts, the scheme introduces streamlined encryption, blindcomputation, and decryption procedures to reduce processing overhead. Moreover, to accommodate largescale data workloads, this paper develops a batching mechanism that aggregates multiple messages into a single large integer for parallel evaluation, thereby significantly reducing overall computation time. To facilitate adoption, this paper also designs and implements a generalpurpose homomorphic encryption library based on EffiCMPFHE and benchmarks it against mainstream FHE frameworks. Experimental results demonstrate that the library achieves a marked improvement in operational speed. This work provides an efficient and practical pathway for applying homomorphic encryption in dataprivacy protection, cloud computing, and secure multiparty computation environments.
    Reference | Related Articles | Metrics
    Adaptive Gaussian Mixturebased Federated Learning Backdoor Defense Approach
    Journal of Information Security Reserach    2026, 12 (4): 348-.  
    Abstract31)      PDF (4458KB)(28)       Save
    Aiming at the existing federated learning backdoor defense methods, which have the problems of misjudgment of abnormal client detection and are difficult to take into account the privacy protection of the client, we propose a federated learning backdoor defense approach based on adaptive Gaussian mixture model FedAGMM, which introduces Gaussian mixture model clustering at the server side, models the probability of gradient update of the client, and combines with the Bayesian information criterion to adaptively select the optimal number of clusters adaptively, so that the malicious model update is identified more accurately. Constructing a dynamic noise injection mechanism based on risk perception, adaptively adjusting the Gaussian noise intensity according to the client’s risk level.  This approach minimizes interference to normal clients while safeguarding privacy. Comparison experimental results with the latest defense methods show that in the face of three kinds of backdoor attacks, PGD, PGDEDGE, and MR, the success rate of the attack is reduced by 5.80, 3.27, and 1.00 percentage points, respectively, without decreasing the accuracy of the main task, and the theoretical analysis proves that FedAGMM meets the requirements of privacy protection while reducing overall noise injection, and significantly improves the detection accuracy and privacy security.
    Reference | Related Articles | Metrics
    Building Cyber Security Defense by Trusted Computing 3.0
    Journal of Information Security Research    2017, 3 (4): 290-298.  
    Abstract430)      PDF (1075KB)(2019)       Save
    Related Articles | Metrics
    Journal of Information Security Reserach    2025, 11 (E1): 9-.  
    Abstract89)      PDF (1462KB)(18)       Save
    Reference | Related Articles | Metrics
    Journal of Information Security Reserach    2025, 11 (E1): 229-.  
    Abstract82)      PDF (735KB)(22)       Save
    Reference | Related Articles | Metrics
    Design of a Port Industrial Control System Based on Zero Trust Architecture
    Journal of Information Security Reserach    2026, 12 (2): 189-.  
    Abstract69)      PDF (1391KB)(49)       Save
    With the increasing intelligence of port industrial control system (ICS), traditional perimeterbased security models face severe challenges such as expanded attack surfaces and rigid permission management. This paper presents a zero trust architecture (ZTA)based security protection scheme for port ICS, establishing a hierarchical defense system through dynamic trust evaluation, softwaredefined perimeter (SDP), and microsegmentation technologies. The core contributions include a fourlayer architecture (terminal, access, control, and data), a dynamic trust evaluation model that integrates identity authentication, device health, and behavioral characteristics, and finegrained instructionlevel access control for industrial protocols. Experimental results demonstrate that the proposed architecture reduces the attack surface exposure rate from 100% to 8%, optimizes the average authentication time to 0.8s, and limits the permission adjustment response time to 45s, significantly enhancing both security and realtime performance in port industrial control systems.
    Reference | Related Articles | Metrics
    Approximate Decision Boundary Approach for Blackbox Adversarial Attacks  Based on Saliency Detection
    Journal of Information Security Reserach    2026, 12 (4): 340-.  
    Abstract34)      PDF (2115KB)(22)       Save
    Decisionbased blackbox adversarial attacks have become an important research direction in the field of artificial intelligence security. Existing methods primarily approximate the decision boundary through uniform random traversal type search, ignoring the correlation between the semantic structure of the image and the region of interest of the model, and there are problems of blind search direction, insensitive region, and low query efficiency. To this end, this paper proposes a saliencyguided adversarial decision boundary attack (SADBA) method, which is designed for blackbox image classification systems that only provide hardlabel predictions in query budgetconstrained scenarios, and guides the perturbation with saliency mask semanticsto act preferentially on key sensitive regions of the image, thereby reducing redundant queries and improving the efficiency of the attack.Experiments on the ImageNet dataset show that SADBA outperforms the baseline attack methods on several mainstream models, with the number of queries decreasing by 11.5%, 25.3%, 3.6%, 30.4%, and 8.8% respectively on VGG19, InceptionV3, EffcientNetB0, DenseNet161, and ViTB32 respectively, while maintaining or improving the attack success rate, maintaining good robustness and achieving an effective balance between query efficiency and attack stealth.
    Reference | Related Articles | Metrics
    Highperformance Hardware Architecture Design and Implementation of the MLKEM Algorithm#br#
    Journal of Information Security Reserach    2026, 12 (5): 452-.  
    Abstract18)      PDF (1290KB)(11)       Save
    The postquantum cryptographic algorithm MLKEM has emerged as a key standard for resisting quantum computing attacks, and its highspeed hardware implementation is crucial for future network security. This paper proposes a hardware architecture for MLKEM and optimizes several specific modules within the design. For the encoding and decoding operations, FIFObased processing is employed to reduce resource consumption. In addition, the compression operation is analyzed to eliminate division operations during the compression process, and division and rounding are combined through specific parameter selection. Furthermore, a compact operation schedule is adopted to increase parallelism while reducing the overall computation latency. The proposed design is implemented and synthesized on a Xilinx Artix7 platform. Experimental results show that the maximum operating frequency reaches 125MHz, with resource utilization of 19791 LUTs, 8364 FFs, 22 BRAMs, and 9 DSPs. Under three security levels, the latencies of key generation, encapsulation, and decapsulation are 354149576593 cycles, 404255047183 cycles, and 6822907211274 cycles, respectively. The proposed architecture achieves a favorable balance between resource overhead and computational performance.
    Reference | Related Articles | Metrics
    A Network Traffic Anomaly Detection Model Based on Semisupervised  Twochannel Multiscale Gating Fusion
    Journal of Information Security Reserach    2026, 12 (6): 566-.  
    Abstract25)      PDF (1947KB)(10)       Save
    With the increasing number of network attacks, network traffic anomaly detection is becoming more and more important for maintaining network security and stability. However, existing methods are often difficult to effectively capture both static statistical features and dynamic temporal features of network traffic during feature extraction, resulting in limited detection performance in complex and evolving network environments. To address these issues, this paper proposes a twochannel multiscale gated fusion anomaly detection model (MSAD) based on semisupervised learning. The model first extracts  static statistical features of the traffic, including the number of packets, total bytes, etc., through a multiscale convolutional neural network. Secondly, the temporal features of network traffic data are captured through a bidirectional GRU network and combined with a multihead attention mechanism. Finally, adaptive fusion of different modal features is performed through gated fusion mechanism. Meanwhile, for the problem of insufficient credibility of pseudolabel generation in semisupervised learning, a twostage adversarial pseudolabel generation strategy is proposed, which effectively improves the robustness of pseudolabels. The experimental results show that under the condition of limited labeled data, the model proposed in this paper achieves 99.63%, 99.54%, 99.9% and 99.72% of accuracy, precision, recall and F1 value on the CICIDS 2017 dataset, which is significantly better than traditional machine learning and deep learning methods.
    Reference | Related Articles | Metrics
    Smartphone Image Recovery and Forensics Based on WinHex
    Journal of Information Security Research    2016, 2 (4): 328-332.  
    Abstract498)      PDF (4459KB)(751)       Save
    Smartphone has gradually become one of important sources of information in the current electronic forensics investigation. Aiming at the difficult problem of information acquisition when the picture of the Android smartphone was deleted or damaged, a file recovery method based on WinHex tools is provided. In experiments, by creating a cell phone store image and the header and tail sign of file, the phone's image files were extracted.
    Reference | Related Articles | Metrics
    Wang Gang
    Journal of Information Security Research    2015, 1 (1): 86-91.  
    Abstract341)      PDF (4279KB)(586)       Save
    Related Articles | Metrics
    “Internet +”Power: Overview of Westone Secruity’s Cyber Secruity
    Journal of Information Security Research    2016, 2 (10): 862-875.  
    Abstract364)      PDF (2788KB)(1128)       Save
    Related Articles | Metrics
    An Overview of Application and Technology of Artificial Intelligence in Cybersecurity
    Journal of Information Security Reserach    2022, 8 (2): 110-.  
    Abstract2138)      PDF (1142KB)(1483)       Save
    Compared with the developed countries, the basic research and technology application in the field of artificial intelligence in China started later, especially the application of artificial intelligence in the important field of network security. Domestic and abroad disparity is still very obvious, which seriously affects the improvement of China's cybersecurity capability. This paper elaborates the relationship between artificial intelligence, network attack and network defense, and widely investigates the application status of artificial intelligence in major information security companies at home and abroad. It points out that APT detection, 0day vulnerability mining and cloud security are three core areas that affect the level of cybersecurity capability, This paper deeply analyzes the key technologies of artificial intelligence technology applied in these three fields, and puts forward the safety risks of artificial intelligence technology, and points out that artificial intelligence technology is not a panacea for all diseases, This Paper provides a scientific reference for the further research and application of artificial intelligence technology in China's information security industry.
    Reference | Related Articles | Metrics
    Singapore’s Data Security Governance Model and Its Implications
    Journal of Information Security Reserach    2026, 12 (3): 284-.  
    Abstract72)      PDF (1712KB)(74)       Save
    As one of the countries with a relatively high level of digitalization in Asia, studying the successful experience of Singapore’s data security governance model is of great significance for improving China’s data security governance system. By using the methods of literature review and comparative research, this paper sorts out Singapore’s data security governance model from the aspects of institutional system, development process and collaborative mechanism, and finds the following characteristics: Singapore leads data security governance with the national innovation strategy, promotes data security governance with personal data rights, and builds an open crossborder data transmission rule system, forming a “rightspromoting” data security governance model. In light of China’s current circumstances, this paper proposes the optimization path of the data security governance model, including coordinating data security governance with an overall strategy, continuously deepening the personal data rights protection system, strengthening the multiparty collaborative governance system, and building a safe and effective crossborder data flow system.
    Reference | Related Articles | Metrics
Author Center
Review Center
京ICP备19004174号
Copyright © Journal of Information Security Reserach, All Rights Reserved.
Tel: 010-63691662 E-mail: ris@cei.cn
Powered by Beijing Magtech Co., Ltd.