Most Download articles

    Published in last 1 year | In last 2 years| In last 3 years| All| Most Downloaded in Recent Month| Most Downloaded in Recent Year|
    Most Downloaded in Recent Month
    Please wait a minute...
    For Selected: Toggle Thumbnails
    Research Progress on Detection Technologies for Network Attack Based on Large Language Model#br#
    Journal of Information Security Reserach    2026, 12 (1): 16-.  
    Abstract33)      PDF (1439KB)(46)       Save
    Large language model (LLM), with its powerful feature learning ability, the ability to recognize complex patterns, and generalization ability, has paved the way for innovative and powerful methods in network attack detection. Firstly, this paper elaborates on the technical advantages of LLM in network attack detection and proposes a corresponding technical framework. Then, drawing on existing literature, the application status of LLM in network attack detection is reviewed from three aspects: processing original security data, extracting threat features, correlation analysis, and identifying threats in the target environment. Furthermore, the problems and challenges associated with network threat detection using LLM are analyzed. Lastly, the paper outlines the future research directions for network attack detection technology leveraging LLM. This paper aims to provide references for the further development of network attack detection technology based on LLM in the field of network security.
    Reference | Related Articles | Metrics
    Review of Secure Containers Based on System Call Isolation#br#
    #br#
    Journal of Information Security Reserach    2026, 12 (1): 2-.  
    Abstract24)      PDF (2062KB)(29)       Save
    This article elucidates the research progress in enhancing container security through the isolation of system calls. The article firstly outlines the development background of containerization technology and its major security challenges. Subsequently, an indepth analysis is conducted on the role of system call isolation in enhancing the security of containers, including the techniques of limiting the system calls of containerized applications to reduce the attack surface, and leveraging operating system middleware and hardware protection mechanisms to accomplish the isolation and protection of containers. By comparing the implementation principles, performance, and their effects on isolation, reduction of attack surfaces, and data protection, the article reveals the advantages and limitations of system call isolation technologies in enhancing container security.
    Reference | Related Articles | Metrics
    Journal of Information Security Reserach    2025, 11 (E1): 14-.  
    Abstract74)      PDF (999KB)(30)       Save
    Reference | Related Articles | Metrics
    PUFbased Identity Authentication for Internet of Things Against Machine Learning Attacks in Zerotrust Architecture#br#
    Journal of Information Security Reserach    2026, 12 (1): 33-.  
    Abstract10)      PDF (2690KB)(28)       Save
    To enable scalable IoT systems, edge computing, as a new decentralized model, is introduced into IoT scenarios. Zero trust architecture (ZTA) is wellsuited for cloudedgeend systems with blurred boundaries, offering continuous dynamic authentication and improved security. Due to their lightweight and unclonable properties, physical unclonable functions (PUFs) are often used to generate hardware fingerprint identities for devices. PUFs exploit inherent randomness introduced during hardware fabrication processes to generate unique and nonpredictable challengeresponse pairs. If an attacker collects many plaintext CRPs during continuous authentication, he may model and predict future responses, enabling machine learning attacks. This paper proposes a PUFbased authentication solution (PAMLCA). It enhances privacy protection against machine learning attacks by leveraging oblivious pseudorandom function techniques to obfuscate CRP transmission. The solution combines static and continuous multilayer dynamic verification protocols, limiting implicit trust domains within a session. Security analysis and performance comparisons demonstrate that PAMLCA offers better security, functionality, communication, and computational efficiency compared to other related solutions.
    Reference | Related Articles | Metrics
    Legal Regulation of Facial Recognition Applications from the Perspective of a Lawbased Government#br#
    Journal of Information Security Reserach    2026, 12 (1): 75-.  
    Abstract11)      PDF (979KB)(25)       Save
    The use of facial recognition by administrative organs has special characteristics in terms of the source of usage permissions, usage purposes, usage methods, etc., which puts forward a practical need for differentiated norms for the use of facial recognition by administrative organs. However, at present, there is no special regulation on the personal information processing behavior of administrative organs in China, and the relevant legal provisions are relatively rough and vague. Therefore, in response to the existing problems and based on the requirements of building a rule of law government, it is proposed to choose an appropriate legal regulatory model, restrict facial recognition application subjects through prior approval, grant facial recognition application permissions in stages, facilitate participation in supervision channels and improve information transparency, and carry out differentiated accountability for different types of administrative actions, so as to achieve the legalization of the institutions, functions, authorities, procedures, and responsibilities of administrative agencies using facial recognition.
    Reference | Related Articles | Metrics
    Studies on Cybersecurity Assurance System
    Lv Xin
    Journal of Information Security Research    2015, 1 (1): 37-43.  
    Abstract475)      PDF (6424KB)(766)       Save
    With the rapid development of internet and the deep integration of social and reality space, the concept of cyberspace has been continuously expanding. Cyberspace brings new challenges to national sovereignty, security and development interests, and presents new requirements which have a profound influence. The whole world attaches great importance to the construction of cybersecurity national strategy and research on cyberspace security issues. This paper introduceds the concept and process of cyberspace and cybersecurity, and analyzesd systematics behaviors of cyberspace from the perspective of systematology. Through regarding cybersecurity Assurance System as a complex giant system, the paper makes analysis of the security objects, objectives, measures, time and information security threats of cybersecurity, and finally buildst a five-dimensional model of Cybersecurity Assurance System.
    Related Articles | Metrics
    Journal of Information Security Reserach    2025, 11 (E1): 19-.  
    Abstract41)      PDF (1799KB)(20)       Save
    Reference | Related Articles | Metrics
    Journal of Information Security Reserach    2025, 11 (E2): 2-.  
    Abstract21)      PDF (1416KB)(20)       Save
    Reference | Related Articles | Metrics
    Journal of Information Security Reserach    2025, 11 (E2): 63-.  
    Abstract20)      PDF (706KB)(20)       Save
    Reference | Related Articles | Metrics
    Journal of Information Security Reserach    2025, 11 (E1): 5-.  
    Abstract47)      PDF (1368KB)(20)       Save
    Reference | Related Articles | Metrics
    Journal of Information Security Reserach    2024, 10 (E2): 27-.  
    Abstract411)      PDF (763KB)(202)       Save
    Reference | Related Articles | Metrics
    Copyright Open Licensing Rules and Their Implementation Paths in Data Training
    Journal of Information Security Reserach    2026, 12 (1): 68-.  
    Abstract5)      PDF (1135KB)(16)       Save
    The reliance of generative artificial intelligence training on massive volumes of copyrighted works has given rise to increasingly significant risks of copyright infringement. Jurisdictions such as the European Union, the United States, and Japan have introduced regulatory responses, including innovative rules on text and data mining exceptions. Although allowing the use of copyrighted works for data training has become a general theoretical consensus in China, there remains considerable controversy over the specific pathways to compliance. This article argues for the establishment of a copyright open licensing mechanism for data training, replacing individualized authorization with voluntary public declarations, and incentivizing right holders’ participation through fair benefit allocation and transparent regulatory safeguards. This approach aims to strike a dynamic balance between technological innovation and copyright protection. Given the automatic protection and vast quantity of copyrighted works, the legal effect of publicity of open licensing declarations should be expressly recognized to protect bona fide thirdparty reliance. Additionally, right holders should be permitted to grant collective licenses for series or sets of works to better accommodate the dataintensive utilization demands in the era of artificial intelligence.
    Reference | Related Articles | Metrics
    Research on Critical Information Infrastructure Security Protection
    Journal of Information Security Reserach    2025, 11 (12): 1074-.  
    Abstract70)      PDF (334KB)(47)       Save
    Related Articles | Metrics
    Journal of Information Security Reserach    2025, 11 (E1): 43-.  
    Abstract37)      PDF (529KB)(14)       Save
    Reference | Related Articles | Metrics
    Smart Contract Vulnerabilities Based on Differential Evolutionary Algorithms and Solution Time Prediction Detection#br#
    Journal of Information Security Reserach    2026, 12 (1): 24-.  
    Abstract12)      PDF (2331KB)(14)       Save
    Aiming at the problems of inefficient exploration, nonguided test case generation, and poor constraintsolving tenacity in current hybrid fuzzy testing frameworks for smart contracts, this paper proposes an improved hybrid fuzzy detection framework DEST.The model integrates the advantages of fuzzy testing and symbolic execution methods to efficiently detect smart contracts, incorporates the differential evolution (DE) algorithm to optimize the quality of test cases and global search capability, and learns SMT script features through LSTM framework to predict the solving time. The DEST model uses the differential evolutionary (DE) algorithm to optimize the quality of test cases and global search capability, and learns SMT script features through LSTM framework to predict the solving time,thereby improving the solving efficiency of symbolic execution. Experiments show that the DEST model improves vulnerability detection by 9.42% and average code coverage by 3.6% over the stateoftheart benchmark model.
    Reference | Related Articles | Metrics
    TOPSEC, Leading Brand of Independent Innovation, Supporting Cyberspace Power Strategy
    Journal of Information Security Research    2018, 4 (9): 774-782.  
    Abstract189)      PDF (1579KB)(890)       Save
    Related Articles | Metrics
    Journal of Information Security Reserach    2025, 11 (E1): 2-.  
    Abstract45)      PDF (741KB)(13)       Save
    Reference | Related Articles | Metrics
    The EU Artificial Intelligence Regulatory Sandbox System and Its Enlightenment#br#
    #br#
    Journal of Information Security Reserach    2026, 12 (1): 82-.  
    Abstract14)      PDF (1138KB)(13)       Save
    In order to cope with the potential risks and regulatory challenges brought by the rapid development of artificial intelligence technology, exploring how to stimulate technological innovation while ensuring public safety has become the core topic in the current reform of regulatory systems. This paper proposes an institutional analysis method to systematically analyze the balancing role of the EU’s artificial regulatory sandbox system in promoting technological innovation and ensuring public safety. The research findings reveal that although the system has the positive significance of reducing the risk cost of enterprises and improving the effectiveness of supervision, it also has the problems of limited application scenarios, limited scope of liability exemption and the emergence of power rentseeking in the access process. Based on the experience of the EU, China can advance the exploration of the artificial intelligence regulatory sandbox system in the following aspects: coordinating technological innovation and public safety, and establishing a centrallocal coordinated regulatory agency; optimizing the application, evaluation, testing, reporting and exit process; improving consumers’ risk tolerance, and safeguarding their rights to know and to be compensated; and through the establishment of regulatory chat rooms and institutional incentives to promote the effective implementation of the system.
    Reference | Related Articles | Metrics
    Journal of Information Security Research    2018, 4 (8): 687-688.  
    Abstract153)      PDF (607KB)(377)       Save
    Related Articles | Metrics
    Journal of Information Security Reserach    2025, 11 (E1): 139-.  
    Abstract34)      PDF (945KB)(12)       Save
    Reference | Related Articles | Metrics
    Object Removal Video Tampering Detection and Localization Based on Learnable Ptuning#br#
    Journal of Information Security Reserach    2026, 12 (1): 61-.  
    Abstract5)      PDF (2050KB)(12)       Save
    With the continuous advancement of artificial intelligence and big data technologies, the threshold for making fake videos has been significantly reduced. Therefore, identifying whether a video has been tampered with is crucial for ensuring the authenticity and credibility of the information. Current mainstream video forgery detection methods rely on convolutional neural networks, which exhibit limited capability in capturing temporal dependencies and lack comprehensive understanding of global temporal patterns. To address this issue, this paper proposes a learnable Ptuning based method for video object removal tamper detection and localization. Firstly, the prior knowledge of the pretrained model is fully mined by learnable Ptuning, and multiview features such as spatial, temporal and highfrequency are efficiently extracted. Secondly, a multiscale feature interaction module is proposed to accurately capture the tampering traces from finegrained to coarsegrained through multiscale convolution operation and twostep decomposition strategy. Furthermore, a multiview fusion attention module is designed to significantly enhance the information sharing and fusion ability among multiview features via the crossview interaction mechanism. Experimental results demonstrate that the proposed method outperforms existing detection methods in both the time domain and the spatial domain.
    Reference | Related Articles | Metrics
    Design and Implementation of Dark Net Data Crawler Based on Tor
    Journal of Information Security Research    2019, 5 (9): 798-804.  
    Abstract1354)      PDF (3976KB)(1471)       Save
    tWith the development of anonymous communication technology, more and more users begin to use anonymous communication to protect personal privacy. Tor, as the most popular application of anonymous communication system, can effectively prevent behavior such as traffic sniffing, eavesdropping and other behaviors. While protecting the privacy of users from being stolen, “dark net” is also used by many criminals. Thus, this has brought great challenges to the supervision of public security. How to strengthen the regulation and crackdown on illegal information of dark network websites is an urgent problem to be solved. Therefore, the data of crawling anonymous websites is an important basis for supervising those websites effectively. The most mainstream dark network anonymous communication system Tor was introduced briefly, its technical principles were analyzed, and a dark network data crawler program was designed, which mainly use Selenium to enter the Tor network, bulk crawl the dark Web pages and save the data to the local. It will help the public security department to further monitor and analyze the relevant content in the dark network, and also propose a feasible technical means for the police department to supervise the dark network.
    Reference | Related Articles | Metrics
    Research on the Application of Quantum Technology in  Egovernment Extranet
    Journal of Information Security Reserach    2023, 9 (2): 171-.  
    Abstract282)      PDF (3966KB)(146)       Save
    With the continuous breakthrough of quantum technology, especially the continuous development of quantum technology in the developed countries, the original classical password security measures of Chinese egovernment extranet have been seriously threatened, which must be prevented before the actual threat occurs; Using quantum secret communication to solve the security problem of key distribution in classical cryptography has become an important security measure for cryptographic applications in government affairs, finance and other fields. Based on quantum technology, this paper explores the application of special line encryption, application encryption, data encryption, identifying network attacks based on quantum computing, verifying the robustness of password security and other scenarios in the egovernment extranet, which improves the confidentiality, integrity and availability of the system business data transmission carried on the egovernment extranet to a certain extent.
    Reference | Related Articles | Metrics
    A Method of Active Defense for Intelligent Manufacturing  Device Swarms Based on Remote Attestation
    Journal of Information Security Reserach    2023, 9 (6): 580-.  
    Abstract261)      PDF (1988KB)(183)       Save
    With the development of artificial intelligence technology, intelligent manufacturing has become an inevitable choice for enterprise production. However, a compromised device not only causes issues such as confidentiality leaks and production chain errors, but also serves as a springboard for attackers and thus affects the security of the entire swarm. In this paper, we propose a proactive defense solution for intelligent manufacturing swarms based on remote attestation (SecRA). SecRA generates independent challenges for each device, enabling pointtopoint communication between gateways and devices. By extending the functionality of gateways, SecRA utilizes asynchronous communication to adapt to the existing network structure. In addition, based on the challengequery attestation protocol, communication and computation costs are transferred to resourcerich gateways, greatly reducing the burden of devices. Finally, the efficiency and feasibility of the SecRA are experimentally verified.
    Reference | Related Articles | Metrics
    A Secure Data Sharing Scheme Supporting Finegrained Authorization
    Journal of Information Security Reserach    2023, 9 (7): 667-.  
    Abstract287)      PDF (1681KB)(232)       Save
    Considering the problems such as centralized data storage and difficulty in data sharing in cloud computing environments, based on the combination of multiconditional proxy reencryption and attributebased proxy reencryption, a multiconditional attributebased threshold proxy reencryption scheme which supports multiple authorization conditions is proposed. The scheme supports finegrained access to ciphertext data under multiple keyword authorization conditions, and can limit the authorization conditions and scope of ciphertext sharing. Only when the attribute set meets the access structure in the ciphertext and the keywords are consistent with the keywords set in the ciphertext, users can access the data. This solution achieves finegrained access to ciphertext data under multiple keyword authorization conditions, supports flexible user revocation, prevents unauthorized decryption of ciphertext by conspirators, and protects the sensitive information of data owners. Through the provable security analysis, it is shown that under the general group model, the scheme can resist chosen plaintext attack; compared with other conditional proxy reencryption schemes, the functions it supports are more diverse.

    Reference | Related Articles | Metrics
    Journal of Information Security Reserach    2025, 11 (E1): 109-.  
    Abstract36)      PDF (770KB)(11)       Save
    Reference | Related Articles | Metrics
    Journal of Information Security Reserach    2025, 11 (E2): 97-.  
    Abstract17)      PDF (570KB)(11)       Save
    Reference | Related Articles | Metrics
    Feedbackbased Quantum Key Dynamic Adjustment Scheme for Power System
    Journal of Information Security Reserach    2026, 12 (1): 43-.  
    Abstract7)      PDF (2353KB)(11)       Save
    The power system features numerous nodes and heavy traffic. Current quantum key distribution have insufficient key generation rates to meet the encryption requirements of power system services. This paper proposes a dynamic feedbackbased quantum key adjustment scheme to address the security challenges in power system under limited quantum key resources in crossdomain key pools. The scheme consists of two phases, corresponding to the dynamic adjustment of key pool input and output. The feedback mechanism is applied to maintain equilibrium. During the dynamic adjustment of input, realtime selection and optimization of quantum key distribution protocols are carried out based on environmental factors to improve the realtime input rate of quantum keys. During the dynamic adjustment of output, the allocation and utilization of quantum key resources are settled to maximize the overall security level of data within the sampling time. Feedback on data security is reported to the input phase to ensure that the encryption can reach the predetermined lower limit of overall security level. Experimental results show that the proposed scheme achieves an average gain of 12.59% in overall service security under highsecurityrisk conditions, outperforming conventional methods.
    Reference | Related Articles | Metrics
    Research and Application of General Testbed for Heterogeneous and Multimodal Blockchain#br#
    Journal of Information Security Reserach    2026, 12 (1): 51-.  
    Abstract7)      PDF (2826KB)(11)       Save
    In the current era of digital economy, where globalization and informatization are deeply integrated, blockchain technology due to its inherent features of decentralization, immutability, and transparency has offered innovative solutions for secure data storage, value transfer, and trust building. Given the system complexity brought about by the distributed and decentralized nature of blockchain systems, conducting effectiveness tests is of particular importance. Taking this as a starting point, this research deeply analyzes blockchain technology and existing testing tools at home and abroad, and constructs a universal testing platform for heterogeneous and multimodal blockchain systems, with a focus on technical dimensions such as compatibility, universality, scalability, stability, reliability, and security. The aim is to promote research, facilitate product development, and enable realworld applications through testing, thereby accelerating the pace of innovation in blockchain technology.
    Reference | Related Articles | Metrics
    A Survey of Botnet
    Journal of Information Security Research    2017, 3 (7): 589-600.  
    Abstract711)      PDF (9509KB)(311)       Save
    In recent years, the botnet has become more and more complex, the scale is also growing. Botnets have become one of the largest Internet security threat, they have been used to launch DDOS attacks, send spam, steal sensitive information, and even launch a cyber-war. According to CNCERT‘s monitoring data, in 2013, there are more than 10900000 hosts that are controlled by more than 29000 overseas servers. In order to reduce the destruction of botnets, security researchers have proposed a variety of security detection mechanisms, Microsoft also cooperated with various security agencies and the federal court to close some botnets. But botnets constantly update to evade and use a more covert command control channel. This paper briefly summarizes the botnet system structure, protocol type, escape technology, detection technology, recently shut down event, and the new development trend.
    Reference | Related Articles | Metrics
    Journal of Information Security Reserach    2023, 9 (E2): 53-.  
    Abstract191)      PDF (1403KB)(156)       Save
    Reference | Related Articles | Metrics
    Lightweighted Mutual Authentication and Key Agreement in V2N IoV
    Journal of Information Security Reserach    2025, 11 (8): 753-.  
    Abstract96)      PDF (2403KB)(31)       Save
    Aiming at the scenario of vehicle secure access to application servers in the V2N (vehicle to network) environment, a Kerberos extension protocol is proposed based on the PUF (physical unclonable function). This protocol provides the twoway authentication and key agreement between the vehicle and the remoted application server and ensured the confidentiality and authentication of the V2N data transmission. The CRP (challenge response pair) generated by the PUF is used to replace the password in standard Kerberos to prevent the threats of key leakage caused by physical attacks such as intrusion, semiintrusion, sidechannel attacks, etc. The characteristics of Kerberos’s lightweighted twoway authentication protocol can overcome the defects of high calculation complexity and slow speed of the public key authentication algorithms, and effectively provide the secure data transmission between vehicles and application servers.
    Reference | Related Articles | Metrics
    Research on Security Challenges and Countermeasures for Critical  Information Infrastructure in the Artificial Intelligence Era
    Journal of Information Security Reserach    2025, 11 (12): 1087-.  
    Abstract64)      PDF (944KB)(29)       Save
    With the rapid advancement of artificial intelligence (AI) technologies, critical information infrastructure is confronting unprecedented security challenges. This paper employs systematic analysis and comparative research methods to examine the security threats faced by critical information infrastructure in the AI era, specifically focusing on structural vulnerabilities, governance lag, and dual technical risks. Drawing on the strategic practices of major economies such as the United States, the European Union, and Japan, it proposes that China should enhance AI security policy standards, establish a security risk governance framework, and strengthen security technology innovation. Through these pathways, China can build a selfreliant, secure, and reliable AIenabled critical information infrastructure system, thereby enhancing national digital security capabilities and global competitiveness.
    Reference | Related Articles | Metrics
    A Lightweight PUFbased Anonymous Authentication Protocol for  Wireless Medical Sensor Networks
    Journal of Information Security Reserach    2025, 11 (12): 1134-.  
    Abstract49)      PDF (2231KB)(14)       Save
    In response to the current challenges of resource constraints and the vulnerability of wireless medical sensor nodes, this paper proposes a lightweight anonymous authentication protocol specifically designed for wireless medical sensor networks. The protocol utilizes a physical unclonable function (PUF), deployed by the gateway, to facilitate secure authentication and key negotiation between medical experts and wireless medical sensor nodes via the gateway. The Proverif protocol analysis tool, the ROR Oracle model and nonformal analysis demonstrate that this protocol achieves mutual authentication and session key negotiation between medical specialists and wireless medical sensors, and is resistant to common attacks with good security properties. A comparison of the proposed protocol with other authentication protocols from recent years reveals that it has the lowest computational costs, with the total computational costs outperforming other protocols by more than 22.7% when the number of authentication times reaches 3500. Furthermore, experiments demonstrate that the protocol has good security attributes and lightweight characteristics, making it suitable for resourceconstrained wireless medical sensor networks.
    Reference | Related Articles | Metrics
    Journal of Information Security Reserach    2025, 11 (E1): 81-.  
    Abstract35)      PDF (1192KB)(10)       Save
    Reference | Related Articles | Metrics
    Journal of Information Security Reserach    2025, 11 (E1): 106-.  
    Abstract41)      PDF (629KB)(11)       Save
    Reference | Related Articles | Metrics
    Journal of Information Security Reserach    2025, 11 (E2): 12-.  
    Abstract15)      PDF (979KB)(10)       Save
    Reference | Related Articles | Metrics
    Journal of Information Security Reserach    2025, 11 (E2): 15-.  
    Abstract20)      PDF (1278KB)(10)       Save
    Reference | Related Articles | Metrics
    A Survey on the Application of LSTM in Malicious Code Detection
    Journal of Information Security Reserach    2026, 12 (1): 89-.  
    Abstract8)      PDF (9291KB)(10)       Save
    With the continuous evolution of hacking technology, the iterative upgrades of malicious code variants have been acclerating and the number of malicious codes has exploded. How to rapidly and accurately detect malicious code has become a challenging research hotspot in the realm of cybersecurity. The unique gating mechanism of long shortterm memory network (LSTM) can selectively retain important historical information. Moreover, it demonstrates excellent performance for the sequential dependence of data on time series, which can effectively solve the problem of gradient vanishing or gradient explosion that may occur when traditional RNNs deal with such problems. This distinctive sequential processing capability of LSTM is particularly important for malware detection, thus learning to its extensive application in this area. This paper comprehensively sorts out and summarizes the application of LSTM in malicious code detection from five aspects, including the detection method of malicious code, the basic model and variants of LSTM, the application of LSTM in malicious code detection, the performance analysis of LSTM in malicious code detection, and the future development direction of LSTM in the field of malicious code detection, aiming to facilitating further research and improvement of existing methods for malicious code detection.
    Reference | Related Articles | Metrics
    The Totlal Solution of Cyber Security in Critical Information Infrastructure
    Journal of Information Security Research    2016, 2 (10): 946-951.  
    Abstract292)      PDF (1455KB)(1102)       Save
    Related Articles | Metrics
Author Center
Review Center
京ICP备19004174号
Copyright © Journal of Information Security Reserach, All Rights Reserved.
Tel: 010-68558637 E-mail: ris@cei.cn
Powered by Beijing Magtech Co., Ltd.