Most Download articles

    Published in last 1 year | In last 2 years| In last 3 years| All| Most Downloaded in Recent Month| Most Downloaded in Recent Year|

    Most Downloaded in Recent Month
    Please wait a minute...
    For Selected: Toggle Thumbnails
    A Deep Learning Differential Privacy Protection Scheme Based on  Adaptive Clipping
    Journal of Information Security Reserach    2026, 12 (6): 490-.  
    Abstract81)      PDF (1728KB)(57)       Save
    To address the issues of utility degradation in deep learning models under differential privacy protection and the gap between theoretical and actual privacy protection effectiveness, this paper proposes a deep learning differential privacy protection scheme based on adaptive clipping. The scheme optimizes the process through a fourstep mechanism: firstly, gradient adaptive clipping controls the gradient magnitude during training by dynamically adjusting the gradient clipping threshold, thereby enabling the control of the magnitude of noise added subsequently; secondly, group label selection identifies the group with the smallest gradient as the privacypreserving object, and more accurate privacy loss can be obtained by training this group; thirdly, optimized privacy loss calculation combines the gaussian mechanism based on subsampling to reduce the computational overhead of model privacy loss calculation; finally, optimized gradient adaptive descent realizes the adaptive descent of gradients by adjusting the conditional smoothing parameter, thus improving the usability of the model. Experiments were conducted on the VGG architecture using the MNIST, CIFAR10, and MedicalMNIST datasets. The results show that the model accuracy rates after training with this scheme are 81.08%, 72.30%, and 67.91% respectively, representing improvements of 15.60%, 10.60%, and 9.71% compared to the traditional DPSGD, and 0.63%, 2.50%, and 4.40% over the widely used Nadam algorithm in recent years. The model training efficiency has been improved by 35.5% and 39.4%, respectively.
    Reference | Related Articles | Metrics
    Research on Smart Contract Vulnerability Detection Method Based on  Multimodal Feature Fusion
    Journal of Information Security Reserach    2026, 12 (6): 503-.  
    Abstract45)      PDF (1602KB)(37)       Save
    Most of the smart contract vulnerability detection methods rely on single mode feature extraction, which leads to the problem of low detection accuracy due to insufficient key feature extraction. This paper proposes a smart contract vulnerability detection method based on multimodal feature fusion. Firstly, the construction of the control flow graph (CFG) is constructed by leveraging the abstract syntax tree (AST) trimmed at the source code layer and the data flow relationship based on the opcode layer, which is imported into the graph attention network (GAT) to extract two types of static features. Secondly, the fuzzing test report generated by echidna, a dynamic detection tool, is used to extract path coverage, state changes and other information to build a graph model, and the dynamic features are extracted by graph neural network (GNN). Finally, the extracted static and dynamic features are fused and input into CNN bilstm att model for vulnerability detection, and relevant experiments are carried out on 47398 smart contracts. Experimental results show that compared with eight mainstream detection methods, such as SmartCheck, Mythril, Oyente, BiGGNN, ASTNN, DRGCN, SVCB and CBGRU, the accuracy, recall and F1 value of this method in reentry vulnerability, timestamp vulnerability, integer overflow vulnerability and Tx.origin vulnerability are increased by 50.26%, 59.54% and 58.40%.
    Reference | Related Articles | Metrics
    Research on AIempowered Cybersecurity Detection and  Assessment Technologies
    Journal of Information Security Reserach    2026, 12 (6): 559-.  
    Abstract47)      PDF (1820KB)(31)       Save
    In response to the challenges faced by traditional cybersecurity detection and assessment technologies—such as large system scales, dynamic supply chain risks, and insufficient evaluation depth—this paper explores the application of AI technologie to advance this field. Methodologically, an endtoend implementation framework for largescale models is proposed, consisting of “data preparationdistillation and annotationcluster trainingquantitative deployment.” A localized compliance assessment model based on retrievalaugmented generation (RAG) technology is developed, and a multimodal model supporting joint textimage analysis is deployed. The large model significantly shortens the assessment cycle in scenarios such as provincial government clouds, improves the efficiency of compliance knowledge matching while reducing computational load by 70%, and markedly enhances the detection rate of inherent defects. The conclusion indicates that AI technology can effectively overcome the limitations of traditional assessment methods, promoting cybersecurity detection and assessment toward greater intelligence, adaptability, and comprehensiveness, thereby providing support for building resilient cybersecurity protection systems and fostering related ecosystem development.
    Reference | Related Articles | Metrics
    Research Review on Collaborative Intrusion Detection Based on Federated Learning
    Journal of Information Security Reserach    2026, 12 (6): 526-.  
    Abstract44)      PDF (1168KB)(28)       Save
    The increasing complexity of cyber attacks challenges traditional centralized intrusion detection systems. Federated learningbased collaborative intrusion detection enables collaborative modeling and knowledge sharing among multiple nodes without sharing raw data, thereby effectively improving the detection capability for crossdomain and unknown attacks. This paper systematically reviews the research progress of federated learningbased collaborative intrusion detection. Existing methods are classified and analyzed from multiple perspectives, including architectureaware, model adaptation and evolutiondriven, as well as privacy and security enhanced approaches. Commonly used datasets and evaluation metrics are summarized. Finally, the major challenges and future research directions are discussed, providing references for subsequent research in this field.
    Reference | Related Articles | Metrics
    Journal of Information Security Reserach    2025, 11 (E2): 89-.  
    Abstract97)      PDF (1508KB)(56)       Save
    Reference | Related Articles | Metrics
    A Network Traffic Anomaly Detection Model Based on Semisupervised  Twochannel Multiscale Gating Fusion
    Journal of Information Security Reserach    2026, 12 (6): 566-.  
    Abstract39)      PDF (1947KB)(20)       Save
    With the increasing number of network attacks, network traffic anomaly detection is becoming more and more important for maintaining network security and stability. However, existing methods are often difficult to effectively capture both static statistical features and dynamic temporal features of network traffic during feature extraction, resulting in limited detection performance in complex and evolving network environments. To address these issues, this paper proposes a twochannel multiscale gated fusion anomaly detection model (MSAD) based on semisupervised learning. The model first extracts  static statistical features of the traffic, including the number of packets, total bytes, etc., through a multiscale convolutional neural network. Secondly, the temporal features of network traffic data are captured through a bidirectional GRU network and combined with a multihead attention mechanism. Finally, adaptive fusion of different modal features is performed through gated fusion mechanism. Meanwhile, for the problem of insufficient credibility of pseudolabel generation in semisupervised learning, a twostage adversarial pseudolabel generation strategy is proposed, which effectively improves the robustness of pseudolabels. The experimental results show that under the condition of limited labeled data, the model proposed in this paper achieves 99.63%, 99.54%, 99.9% and 99.72% of accuracy, precision, recall and F1 value on the CICIDS 2017 dataset, which is significantly better than traditional machine learning and deep learning methods.
    Reference | Related Articles | Metrics
    TOPSEC, Leading Brand of Independent Innovation, Supporting Cyberspace Power Strategy
    Journal of Information Security Research    2018, 4 (9): 774-782.  
    Abstract208)      PDF (1579KB)(985)       Save
    Related Articles | Metrics
    Study on the Energy Trusted Data Network Mechanism Based on  Digital Object Architecture
    Journal of Information Security Reserach    2026, 12 (6): 550-.  
    Abstract36)      PDF (1624KB)(19)       Save
    The energy trusted data network primarily addresses challenges in achieving trusted interconnection, intercommunication, interdiscovery and interoperation of data, supported by digital object architecture (DOA) technology, and enables unified crossentity data access registration, directory interconnection services, and controllable analytical applications, flexibly meeting the development requirements of the energy industry, which demands high data security, organizational hierarchy, and multidomain entity segmentation. With reference to the traditional PESTEL (political, economic, social, technological, environmental, legal) environmental analysis model and the legaltechnologicaleconomiccommercial system model for data factor market development, this study proposes a systematic research framework for the energy trusted data network mechanism. Centered on data characteristics, the framework integrates dimensions of policy systems, industry layout, innovative technologies, and security compliance. Guided by the foundational principles of “costeffectiveness, equivalence of rights and responsibilities, collaborative integration, and longterm development”, it establishes a distributed overarching architecture. The mechanism is further constructed through the following aspects: collaboration mechanisms, technological mechanisms, incentive mechanisms, operational mechanisms, security mechanisms, and iterative mechanisms, to support energy industry advancement, flexible technological upgrades, and optimized evolution. By building this trusted network, more entities are encouraged to securely unify data access and leverage trusted service applications, transforming fragmented enterprise data advantages into industrywide collaborative strengths. This fosters deeper industry data utilization and advances artificial intelligence large language model development, providing critical support for the digital transformation and highquality development of the energy sector.
    Reference | Related Articles | Metrics
    Chinese Dark Web Product Detection and Classification Based on  Multimodal Data Augmentation#br#
    Journal of Information Security Reserach    2026, 12 (6): 575-.  
    Abstract32)      PDF (4502KB)(17)       Save
    In order to address the issues of coarse granularity in existing dark Web intelligence classification research and the predominance of Englishlanguage datasets, this paper proposes a finegrained analysis study focused on Chinese dark Web content. To overcome the scarcity of Chinese dark Web data and the misalignment of multimodal data, this study employs a large language model prompt rewriting strategy and a differentiated image enhancement strategy to achieve text and image data augmentation. By integrating product data from a certain platform on the Surface Web, a dataset comprising 14,052 product records was constructed. A feature selection optimization module was designed to establish an intertask coupling mechanism, and a Chinese dark Web product detection and classification model based on multimodal data augmentation was proposed. Experimental results demonstrate that the proposed model achieves macroF1 scores of 0.992 and 0.941 in dark Web product detection and classification tasks, respectively, representing an approximately 2% improvement over the best baseline model in  classification task and significantly outperforming existing singlemodal and multimodal methods. This approach effectively enhances the performance of finegrained classification tasks for Chinese dark Web intelligence, offering new insights and methodologies for dark Web intelligence analysis.
    Reference | Related Articles | Metrics
    “Internet +”Power: Overview of Westone Secruity’s Cyber Secruity
    Journal of Information Security Research    2016, 2 (10): 862-875.  
    Abstract365)      PDF (2788KB)(1135)       Save
    Related Articles | Metrics
    Research on Maintenance and Security of Industrial Control Networks in Electric Power Industry
    Journal of Information Security Research    2019, 5 (8): 679-684.  
    Abstract246)      PDF (2038KB)(660)       Save
    As an important part of national key infrastructure, the importance of operation and maintenance security of electric power industry control network is selfevident. Especially with the increasing security incidents of industrial control networks in the world in recent years, effective measures must be taken to protect the safe operation of industrial control networks, which also puts forward higher requirements for the operation, maintenance and safety protection of industrial control networks and industrial systems. Through indepth analysis of the characteristics of industrial control network in electric power industry, especially the key characteristics of the data type and network topology structure of the electric power network, effective operation and maintenance methods and security risk prevention methods are put forward. In operation and maintenance, the backup of system data and the state monitoring of the system itself are strengthened. Security measures, such as physical isolation, industrial control flow monitoring, fault recovery management and so on should be taken, and effective policies and behavioral norms should be provided. Finally, form safety protection measures suitable for electric power industry control network, to achieve the purpose of safe operation of the electric power industry control network.
    Reference | Related Articles | Metrics
    Journal of Information Security Reserach    2026, 12 (2): 98-.  
    Abstract134)      PDF (532KB)(120)       Save
    Related Articles | Metrics
    Research on the Architecture of Crosschain Transaction System for Data Assets
    Journal of Information Security Reserach    2026, 12 (4): 366-.  
    Abstract52)      PDF (2367KB)(46)       Save
    In the context of the digital era, data has emerged as a critical production factor, and its trading and management are crucial for promoting socioeconomic growth. This paper aims to address the crosschain transaction challenges faced by data assets on different platforms. The article presents an analysis of the transaction market and value conversion paths of data asset, and proposes a crosschain transaction model that encompasses system architecture, network structure and functional processes. The model distinguishes data providers, establishing a data asset transaction chain and a personal data authorization chain for crosschain data transactions. This improves the efficiency of data transactions and the convenience of regulation, and promotes the digital economy development. This article offers theoretical and practical support for the stable development of the data asset trading market, thereby facilitating the further advancement of the digital economy. Building on this framework, the study constructs a secure and reliable crosschain data asset trading platform that ensures the fairness and transparency of transactions while protecting the privacy and data security of participants.
    Reference | Related Articles | Metrics
    Analysis of the National College Student Information Security Project Competition from the Perspective of Award-winning Data
    Journal of Information Security Reserach    2021, 7 (6): 575-588.  
    Abstract643)      PDF (5052KB)(324)       Save
    As an effective carrier of practical teaching, competitions focus on examining students' creative ability and practical ability, and are an important means to improve talent training ability. The National College Student Information Security Competition is currently the only competition in the field of cyberspace security that has been shortlisted for college discipline competitions. It has been held for 13 sessions since 2008. This article will take the work competition as an example, through the collection, processing and statistics of recent competition information and award-winning data, for the first time to analyze the information security competition. By digging the hidden information and laws behind the winning data of the competition, exploring the internal connection between the topic selection direction of the winning works and the development and demand of security technology, we hope to provide theoretical and data references for colleges and students participating in such information security competitions in the future.
    Reference | Related Articles | Metrics
    Research on the Institutional Framework and Rule Characteristics of Chinese Network Information Security Policies
    Journal of Information Security Reserach    2026, 12 (5): 474-.  
    Abstract34)      PDF (1709KB)(29)       Save
    Network information security policy is an important institutional guarantee for maintaining national security and development, and analyzing the institutional framework and rule characteristics of Chinese network information security policies is of great significance for enhancing its implementation effect of network information security policies. Coding statistics of 39 network information security policies, based on the components of institutional grammar tool (IGT), this paper highlights the complex orientation of the institutional framework of Chinese network information security policies from five dimensions: actors, action constraints, action scenarios, action goals, and evaluation results. Based on the framework of the system,focusing on the function definition rules, exit access rules, decisionmaking guidance rules, information transfer rules, and rewards and punishments incentives rules in the institutional analysis and development (IAD) framework, it is found that the current Chinese network information security policies are characterized by the rules of ambiguous definition of departmental rights and responsibilities, missing access conditions of the main body, weakening of the statement of the regulatory strength, poor reverse feedback channels, and unequal distribution of the rewards and punishments. In view of existing problems, in the future, the effectiveness of regulation can be improved by clarifying the rights and responsibilities of departments, adding access conditions, adding rulebased statements, optimizing feedback channels, and improving incentive and punishment measures.
    Reference | Related Articles | Metrics
    Dynamic Invisible Backdoor Attack via Frequency Domain Injection
    Journal of Information Security Reserach    2026, 12 (6): 510-.  
    Abstract37)      PDF (1536KB)(15)       Save
    Deep neural networks are highly vulnerable to the threat of backdoor attacks due to their noninterpretability and high dependence on data during training. Although the current mainstream backdoor attack methods generally use fixed trigger design to simplify implementation, these triggers are often significantly different from the training data distribution, resulting in easy detection and identification. To this end, this paper proposes a dynamic invisible backdoor attack method via frequency domain injection: firstly, a generative network is used to generate a specific trigger pattern based on the input samples, and then the highfrequency information of the pattern is injected into the wavelet domain of the samples, ensuring the triggers remain stealthy. Additionally, this paper designs a fair screening strategy to select samples that are more influential to the backdoor model through cosine similarity and Kmeans clustering algorithm. Experimental results show that this method outperforms existing methods (e.g., BadNets, Blend, WaNet, and WABA) in terms of attack success rate and stealthiness, and effectively circumvents a variety of stateoftheart defence mechanisms (e.g., FP, NC, SentiNet, and SCALEUP), providing significant robustness and extensive practical potential.
    Reference | Related Articles | Metrics
    Security Problems and Coping Strategies of Cyberspace in Social Network
    Li Yang Lv Xin
    Journal of Information Security Research    2015, 1 (2): 126-130.  
    Abstract463)      PDF (4325KB)(818)       Save
    Nowdays, social network has the same characteristics, such as rapid propagation, large numbers of target crowd, wideranging influence, which rapidly becomes one of the important windows reflecting popular wishes. Meanwhile, social network is also faced with some security problems containing behavior, information content and structure, which result in internet fraud, privacy disclosure, rumor propagation, and so on, and influence the safety and prosperity of the masses, social harmony and stability. Therefore, in the face of cyberspace in social network, build a sound law, deeply mine public sentiment, and strengthen the assessment of network, which have important practical significance for utilizing the platform efficiently and maintaining the security of cyberspace in social network.
    Reference | Related Articles | Metrics
    Research on Harmful Website Detection Based on Graph Neural Network and Multifeature Fusion
    Journal of Information Security Reserach    2026, 12 (5): 420-.  
    Abstract40)      PDF (1884KB)(30)       Save
    To address the limitations of current harmful website detection methods in deep text semantic mining and multimodal feature coperception, this study proposes a multifeature fusion detection model based on graph attention networks (GAT) and ConvNeXt. The framework leverages GloVe word embeddings to construct semantic representations of website text, mapping it into a graph structure based on word cooccurrence relationships. The adaptive attention mechanism in GAT dynamically captures contextual dependencies between noncontiguous words, while ConvNeXt extracts both local details and global contextual features from website images. A crossattentionbased fusion module facilitates dynamic textimage feature alignment and interactive integration. Experimental results demonstrate that the proposed model achieves 99.10% accuracy in fourcategory website classification, significantly enhancing detection performance. This work offers valuable insights for identifying harmful online content and enhancing cybersecurity governance.
    Reference | Related Articles | Metrics
    Research on the Implementation Path of Zero Trust Strategy
    Journal of Information Security Reserach    2026, 12 (5): 483-.  
    Abstract36)      PDF (3588KB)(33)       Save
    Amid the wave of digital transformation, the traditional boundarybased network security model is increasingly ineffective in dynamic and border less environments. The United States has taken the lead in restructuring its cybersquatting system through a systematic zerotrust strategy, and its trinity practice path of “policytechnologyecology” is of reference significance for China to build a digital security barrier. This paper uses case analysis and policy comparison methods to deeply analyze the toplevel design logic, core technological breakthrough points, and ecological coordination mechanisms of the U.S. zerotrust strategy, revealing its essence of transitioning from “passive protection” to “active immunity”. Based on a deep diagnosis of the complexity of China’s ultralargescale network ecosystem, the shortcomings in the autonomy of core technologies, and the challenges of data sovereignty governance, this paper proposes a Chinesestyle “fourdimensional integrated” implementation path: breaking the fragmented dilemma with systematic toplevel design; breaking through technological bottlenecks with the integration of national cryptography and AIdriven technologies; building a security ecosystem with costsharing and standard leadership through governmententerprise collaboration; and addressing implementation limitations with scenario classification and privacy enhancement. The study emphasizes that China needs to innovate on the basis of reference, take zero trust as an important engine for building a digital security barrier, and balance the needs of security protection with the development of the digital economy.
    Reference | Related Articles | Metrics
    Smartphone Image Recovery and Forensics Based on WinHex
    Journal of Information Security Research    2016, 2 (4): 328-332.  
    Abstract501)      PDF (4459KB)(757)       Save
    Smartphone has gradually become one of important sources of information in the current electronic forensics investigation. Aiming at the difficult problem of information acquisition when the picture of the Android smartphone was deleted or damaged, a file recovery method based on WinHex tools is provided. In experiments, by creating a cell phone store image and the header and tail sign of file, the phone's image files were extracted.
    Reference | Related Articles | Metrics
    Building Cyber Security Defense by Trusted Computing 3.0
    Journal of Information Security Research    2017, 3 (4): 290-298.  
    Abstract430)      PDF (1075KB)(2023)       Save
    Related Articles | Metrics
    Research on Phishing Email Detection Based on Large Language Model
    Journal of Information Security Reserach    2026, 12 (2): 151-.  
    Abstract82)      PDF (1835KB)(48)       Save
    With the rapid increase in phishing email volumes and the continuous evolution of adversarial techniques, traditional phishing detection methods have encountered significant challenges regarding efficiency and accuracy. To address issues such as low detection rates, high falsenegative rates, and poor humancomputer interaction in existing systems, the authors proposed a phishing email detection system based on large language model. Through comprehensive analysis of key phishing email characteristics—including header fields, body content, URLs, QR codes, attachments, and HTML pages—they constructed a highquality training dataset using feature insertion algorithms. Building upon the pretrained LLaMA model, the researchers implemented LoRA finetuning technology, achieving domain knowledge transfer by updating only 0.72% of model parameters (approximately 50MB). Experimental results demonstrate that compared to traditional methods, the LLMbased detection approach achieves 94.5% overall accuracy with enhanced robustness, effectively reduces falsepositive rates, improves classification and interpretation capabilities for phishing email features, and provides a more practical and reliable solution for phishing detection.
    Reference | Related Articles | Metrics
    Image Encryption Method Based on Novel Combined Chaotic System and  Fractional Number Theory Transformation
    Journal of Information Security Reserach    2026, 12 (6): 517-.  
    Abstract29)      PDF (3694KB)(11)       Save
    Aiming at addressing existing issues in current image encryption technologies regarding encryption speed, security, and sensitivity, this paper proposes a novel image encryption method based on a combined chaotic system and fractional numbertheoretic transform. First, a new chaotic structure is proposed by combining two traditional onedimensional mappings to create a fully chaotic mapping. Metrics such as bifurcation diagrams, Lyapunov exponents, and information entropy demonstrate that the proposed chaotic structure exhibits excellent chaotic performance, large parameter space, strong sensitivity, and high randomness. Subsequently, a new image encryption method is developed based on this chaotic mapping and multiparameter fractional number theoretic transform. The hash value of the plaintext image is linked with the parameters of the chaotic system to generate initial chaotic keys and scrambling parameters. A multiparameter fractional number theoretic transform is defined by constructing a number theoretic transform feature vector. The plaintext image undergoes one round of number theoretic transform to obtain an intermediate image, followed by Arnold scrambling to disrupt the image. Finally, another round of numbertheoretic transformation is applied to generate the ciphertext image. Experimental results indicate that the algorithm achieves excellent encryption performance: the pixel change rate (NPCR) and unified average changing intensity (UACI) closely approach their ideal values; the average correlation coefficient of ciphertext images is 0.0018, approaching zero; the normalized entropy of ciphertext images reaches 0.9994, nearing the maximum value of 1. With an average encryption time of 0.273s and decryption time of 0.324s, the method outperforms other comparative schemes in efficiency. It demonstrates robust resistance against common attacks including chosenplaintext attacks, differential attacks, and exhaustive attacks, exhibiting high security and promising application prospects in multimedia security fields.
    Reference | Related Articles | Metrics
    VEDA, Establishing the AI Dynamic Defense System for Cyber Security
    Journal of Information Security Research    2017, 3 (12): 1058-1066.  
    Abstract434)      PDF (1526KB)(959)       Save
    Related Articles | Metrics
    Journal of Information Security Reserach    2025, 11 (E1): 229-.  
    Abstract82)      PDF (735KB)(22)       Save
    Reference | Related Articles | Metrics
    Research on a Fully Homomorphic Encryption Algorithm Based on  Confused Modulo Projection
    Journal of Information Security Reserach    2026, 12 (4): 311-.  
    Abstract44)      PDF (1123KB)(33)       Save
    With the rapid proliferation of cloud computing, big data, and InternetofThings technologies, data privacy and security concerns have become increasingly prominent, while traditional dataprocessing methods exhibit inherent limitations in safeguarding sensitive information. Homomorphic encryption (HE) offers a promising privacypreserving approach by enabling computations to be performed directly on encrypted data. However, existing schemes typically suffer from high computational complexity, significant ciphertext expansion, and substantial resource consumption, which impede their practical deployment. To address these challenges, this paper proposes an efficient confused modulo projectionbased fully homomorphic encryption (EffiCMPFHE) algorithm. Leveraging the Chinese Remainder Theorem for multimodular redundant encoding of plaintexts, the scheme introduces streamlined encryption, blindcomputation, and decryption procedures to reduce processing overhead. Moreover, to accommodate largescale data workloads, this paper develops a batching mechanism that aggregates multiple messages into a single large integer for parallel evaluation, thereby significantly reducing overall computation time. To facilitate adoption, this paper also designs and implements a generalpurpose homomorphic encryption library based on EffiCMPFHE and benchmarks it against mainstream FHE frameworks. Experimental results demonstrate that the library achieves a marked improvement in operational speed. This work provides an efficient and practical pathway for applying homomorphic encryption in dataprivacy protection, cloud computing, and secure multiparty computation environments.
    Reference | Related Articles | Metrics
    Adaptive Gaussian Mixturebased Federated Learning Backdoor Defense Approach
    Journal of Information Security Reserach    2026, 12 (4): 348-.  
    Abstract36)      PDF (4458KB)(28)       Save
    Aiming at the existing federated learning backdoor defense methods, which have the problems of misjudgment of abnormal client detection and are difficult to take into account the privacy protection of the client, we propose a federated learning backdoor defense approach based on adaptive Gaussian mixture model FedAGMM, which introduces Gaussian mixture model clustering at the server side, models the probability of gradient update of the client, and combines with the Bayesian information criterion to adaptively select the optimal number of clusters adaptively, so that the malicious model update is identified more accurately. Constructing a dynamic noise injection mechanism based on risk perception, adaptively adjusting the Gaussian noise intensity according to the client’s risk level.  This approach minimizes interference to normal clients while safeguarding privacy. Comparison experimental results with the latest defense methods show that in the face of three kinds of backdoor attacks, PGD, PGDEDGE, and MR, the success rate of the attack is reduced by 5.80, 3.27, and 1.00 percentage points, respectively, without decreasing the accuracy of the main task, and the theoretical analysis proves that FedAGMM meets the requirements of privacy protection while reducing overall noise injection, and significantly improves the detection accuracy and privacy security.
    Reference | Related Articles | Metrics
    LLMenhanced Static Analysis for Detecting Broken Object Level Authorization Vulnerabilities in Java Web Applications#br#
    #br#
    Journal of Information Security Reserach    2026, 12 (5): 394-.  
    Abstract62)      PDF (1497KB)(50)       Save
    Broken object level authorization (BOLA) is currently one of the critical security threats to Web applications. As a typical unauthorized access vulnerability, BOLA arises when a system fails to properly validate a user’s access permissions to target objects. The key to static detection of BOLA vulnerabilities lies in: accurately identifying objectlevel sensitive operations and analyzing unprotected access behaviors during path traversal. Since BOLA is an application logiclevel vulnerability, its detection effectiveness directly depends on the precision of understanding the expected objectlevel authorization policies. However, existing detection methods predominantly rely on empirical heuristic rules to identify sensitive and protected operations, making them difficult to adapt to the actual business logic of different applications, resulting in high false positives and false negatives in detection results. To address this limitation, this paper innovatively proposes a large language model (LLM)enhanced static detection method for BOLA vulnerabilities in Web applications, LLM4BOLA. First, leveraging LLM’s advanced code comprehension and semantic reasoning capabilities to infer objectlevel sensitive operations and custom authorization policies in specific business scenarios. Then, identifying diverse permission protection mechanisms. Finally, comprehensively detecting missing objectlevel permission checks along the paths from request entry points to sensitive operations. Experimental results demonstrate that the proposed method not only effectively detects known vulnerabilities but also discovers unknown ones, significantly outperforming traditional rulebased approaches in detection accuracy.
    Reference | Related Articles | Metrics
    Research on Large Model Security Assessment Technology Based on Group Polarization Nested Jailbreak Templates#br#
    #br#
    Journal of Information Security Reserach    2026, 12 (5): 410-.  
    Abstract34)      PDF (2619KB)(25)       Save
    As large model demonstrates excellent performance in natural language processing tasks, its security issues become increasingly prominent. Jailbreak attacks bypass model security mechanisms, weaken value alignment constraints, and induce models to generate harmful content. The risks of model abuse, hijacking, and information leakage caused by such attacks pose security threats to the large language model application ecosystem. To comprehensively evaluate large model security performance, a nested jailbreak template technique based on the group polarization psychological effect is proposed, which guides models to generate complex responses through progressively nested instructions. Based on this, the NesTHGA (nested templatehierarchical genetic algorithm) framework is constructed by integrating hierarchical genetic algorithms. Experimental results show that this method achieves an average attack success rate of over 80% across 8 mainstream large models, statistical tests confirm significant differences from existing methods, and ablation experiments verify component synergistic effects, effectively evaluating the security and robustness of large models against complex attacks.
    Reference | Related Articles | Metrics
    A Compressionrobust Video Watermarking Method Based on Multiscale Convolutional Attention and Dualbranch Adversarial Training#br#
    #br#
    Journal of Information Security Reserach    2026, 12 (5): 463-.  
    Abstract31)      PDF (2987KB)(19)       Save
    To overcome the limitations of current deep learningbased video watermarking methods, such as reliance on singlescale feature extraction, limited adversarial training mechanisms, and insufficient robustness against compression, this paper proposes a robust video watermarking model called MSCAGAN (multiscale convolutional attention generative adversarial network), which integrates a multiscale convolutional attention mechanism and a dualbranch adversarial training framework. The model employs a lightweight multiscale attention module to extract key features form video frames at both local and global perspectives. Combined with depthwise separable convolution, it reduces computational complexity while achieving precise localization and strength control of watermark embedding, thereby enhancing invisibility. This paper innovatively designs a dualbranch adversarial training structure, in which a learnable adversary network is introduced to simulate realworld attacks, enhancing the model’s robustness against common threats such as compression, cropping, and scaling. Experimental results demonstrate that the watermarked videos generated by MSCAGAN achieve an average PSNR of 44.61dB and a SSIM of 0.964, significantly outperforming existing methods. Under H.264 compression, the average decoding accuracy reaches 94.01%. Moreover, the model maintains strong robustness even under severe cropping and scaling attacks. In summary, MSCAGAN provides an efficient and reliable solution for multimedia content copyright protection. It has the potential to be extended to emerging coding standards such as H.265, further enhancing its robustness in complex application scenarios.
    Reference | Related Articles | Metrics
    Remote Office Solution and Its Application Based on Secure Instant Messaging Technology
    Journal of Information Security Research    2020, 6 (4): 301-310.  
    Abstract204)      PDF (3086KB)(389)       Save
    Remote office is getting more and more favored by users for its characteristics of unconstrained time and space, high-efficiency and convenience, fragmentation time utilization and so on, but it also raised a lot of security problems. This article systematically introduces a security solution for remote office and its innovative applications. Based on the secure instant messaging architecture of interconnection and interworking, it realizes vertical security support and application aggregation, as well as horizontal data sharing and application collaboration through open aggregation interfaces. Therefore an remote office ecosystem is built. The solution has been widely used in sectors such as government, military, finance and energy, providing a security application solution to meet the requirements of relevant national standards for the high-security users’ remote office.
    Reference | Related Articles | Metrics
    Journal of Information Security Reserach    2025, 11 (E1): 9-.  
    Abstract91)      PDF (1462KB)(18)       Save
    Reference | Related Articles | Metrics
    Research on the Audio Information Hiding Algorithms Based on Mean Quantization
    Journal of Information Security Research    2016, 2 (10): 909-912.  
    Abstract294)      PDF (3215KB)(460)       Save
    We presented a new blind digital audio information hiding algorithms based on DWT and mean quantization. In order to achieve the high imperceptibility, the modification of wavelet coefficients was reduced by piecewise adjustment the quantized area. The ability of resisting attack was also improved by adjustment the boundary value with poor resistance to attack. Experimental results demonstrate that the proposed method has a better Signal Noise Ratio (SNR) than the current mean quantization algorithm, and the Normalized Cross?Correlation (NC) has also a certain amount of improvement.
    Related Articles | Metrics
    Journal of Information Security Research    2016, 2 (11): 969-971.  
    Abstract538)      PDF (726KB)(1433)       Save
    Related Articles | Metrics
    Research on Reference Architecture for Government Big Data Security
    Journal of Information Security Research    2019, 5 (5): 370-376.  
    Abstract361)      PDF (2263KB)(1191)       Save
    Government informatization has gradually moved from electronic and computerized information, to networked government information, and government big data (GBD) is a new stage in government informatization development. This stage features openness, sharing, dynamic, real-time and intelligence. In view of these features and the current situation of government big data development, this paper analyzes the technical and managemental challenges and basic security principles of the GBD platform development. Based on analysis, this paper proposes a new kind of reference architecture for GBD security based on an appropriate management organization structure. The paper also reviews related security regulatory mechanisms and security measures of this architecture. Compared to the US government's national institute of standards and technology (NIST) big data reference architecture, the proposed architecture is simpler, has a higher security level, clearer functional requirements, and is easier to implement. The proposed architecture can meet the actual current needs of big data security management, and has practical value in guiding the future government cloud platform, and security design and regulation of the GBD system.
    Reference | Related Articles | Metrics
    Research on Cyber-Attack Defense System Based on Big Data and Threat Intelligence
    Journal of Information Security Research    2019, 5 (5): 383-387.  
    Abstract445)      PDF (1670KB)(1392)       Save
    Cyber-attacks are the use of network vulnerabilities and security flaws to attack the hardware, software and data of a cyber system. The earlier a cyber-attack is identified, the less adverse effect it has. The traditional network intrusion detection system (IDS) has some limitations in detecting cyber-attacks, such as passive protection and limited capability of threat identification. Threat intelligence technology provides a more scientific and effective method for identifying potential or actual cyber-attacks by using big data analysis,and provides a comprehensive and relevant cyber-attack defense model.
    Reference | Related Articles | Metrics
    Design of Network Security Protection for Municipal Heating Control System
    Journal of Information Security Research    2019, 5 (9): 851-856.  
    Abstract178)      PDF (3049KB)(369)       Save
    By analyzing the typical structure of the municipal heating control system, the network security risks faced by the municipal heating control system are studied. According to the level protection requirements, a targeted security protection solution is proposed for the network security problem of the existing control system. The network security deep defense system of municipal heating control system is constructed based on area isolation, access authentication and network communication protection, software system security and centralized supervision. This solution of network security protection can be referenced in the municipal heating industry.
    Reference | Related Articles | Metrics
    Design and Analysis of a Forward Security Blindcoin Protocol
    Journal of Information Security Reserach    2022, 8 (10): 974-.  
    Abstract269)      PDF (1824KB)(126)       Save
    To prevent attackers from discovering the relationship between Bitcoin addresses and virtual user identity information, many anonymization and currency mixing techniques have been developed for cryptographic protocols. At present, the common centralized currency mixing protocols include the Mixcoin protocol and the Blindcoin protocol, but these protocols have problems such as long time delay, large number of confusing requesters, and vulnerability to denial of service attacks and adaptive attacks. To address these issues, we design a Blindcoin protocol that is efficient, storageinefficient, and resistant to adaptive attacks. This scheme not only uses blind signature technology to provide internal privacy for centralized currency mixing, but also achieves forward security through signature key update, which can prevent adaptive attacks. In addition, through the security analysis and performance evaluation, the safety and effectiveness of the scheme are illustrated.
    Reference | Related Articles | Metrics
    Research on Source Code Vulnerability Detection Based on BERT Model
    Journal of Information Security Reserach    2024, 10 (4): 294-.  
    Abstract477)      PDF (3199KB)(293)       Save
    Techniques such as code metrics, machine learning, and deep learning are commonly employed in source code vulnerability detection. However, these techniques have problems, such as their inability to retain the syntactic and semantic information of the source code and the requirement of extensive expert knowledge to define vulnerability features. To cope with the problems of existing techniques, this paper proposed a source code vulnerability detection model based on BERT(bidirectional encoder representations from transformers) model. The model splits the source code to be detected into multiple small samples, converted each small sample into the form of approximate natural language, realized the automatic extraction of vulnerability features in the source code through the BERT model, and then trained a vulnerability classifier with good performance to realize the detection of multiple types of vulnerabilities in Python language. The model achieved an average detection accuracy of 99.2%, precision of 97.2%, recall of 96.2%, and an F1 score of 96.7% across various vulnerability types. This represents a performance improvement of 2% to 14% over existing vulnerability detection methods. The experimental results showed that the model was a general, lightweight and scalable vulnerability detection method.
    Reference | Related Articles | Metrics
    A Survey on Backdoor Attacks and Defenses in Federated Learning
    Journal of Information Security Reserach    2025, 11 (9): 778-.  
    Abstract264)      PDF (2638KB)(78)       Save
    Federated learning is a machine learning framework that enables participants in different fields to participate in largescale centralized model training together under the condition of protecting local data privacy. In the context of addressing the pressing issue of data silos, federated learning has rapidly emerged as a research hotspot. However, the heterogeneity of training data among different participants in federated learning also makes it more vulnerable to model robustness attacks from malicious participants, such as backdoor attacks. Backdoor attacks inject backdoors into the global model by submitting malicious model updates. These backdoors can only be triggered by carefully designed inputs and behave normally when input clean data samples, which poses a great threat to the robustness of the model. This paper presents a comprehensive review of the current backdoor attack methods and backdoor defense strategies in federated learning. Firstly, the concept of federated learning, the main types of backdoor attacks and backdoor defenses and their evaluation metrics were introduced. Then, the main backdoor attacks and defenses were analyzed and compared, and their advantages and disadvantages were pointed out. On this basis, we further discusses the challenges of backdoor attacks and backdoor defenses in federated learning, and prospects their research directions in the future.
    Reference | Related Articles | Metrics