Most Download articles

Published in last 1 year | In last 2 years| In last 3 years| All| Most Downloaded in Recent Month| Most Downloaded in Recent Year|

Most Downloaded in Recent Month

Please wait a minute...


For Selected: Download Citations EndNote Ris BibTeX Toggle Thumbnails

Select

SURFILTER, Insisting on the Road of Independent Innovation of Information Security -- Review of the Information and Network Security Strategy of SURFILTER Journal of Information Security Research    2016, 2 (12): 1054-1067.   Abstract （142）      PDF （5217KB）（990）       Knowledge map    Save Related Articles | Metrics

Select

TOPSEC, Leading Brand of Independent Innovation, Supporting Cyberspace Power Strategy Journal of Information Security Research    2018, 4 (9): 774-782.   Abstract （90）      PDF （1579KB）（670）       Knowledge map    Save Related Articles | Metrics

Select

Research of Threat Intelligence Sharing and Using for Cyber Attack Attribution Yang Zeming, Li Qiang, Liu Junrong, and Liu Baoxu Journal of Information Security Research    2015, 1 (1): 31-36.   Abstract （956）      PDF （5527KB）（1474）       Knowledge map    Save With the increasingly complexity of cyberspace security, the attack attribution has become an important challenge for the security protection system. The emergence of threat intelligence provided plentiful data source support for the attack attribution, which makes large-scale attack attribution became possible. To realize effective attack attribution, based on the structure expression of the threat information, a light weight framework of threat intelligence sharing and utilization was proposed. It included threat intelligence expression, exchange and utilization, which can achieve the attack attribution result. Take the case of C2 relevant information, we described the expression of threat intelligence sharing and utilization, and verified the framework. Results show that the framework is practical, and can provide new technical means for attack attribution. In addition, based on the understanding of threat intelligence, several thinking about the construction of sharing and utilization mechanisms were promoted in the end. Related Articles | Metrics

Select

Security-Development Road of National E-Gov Network in the “Internet +” Era Zhou Min Journal of Information Security Research    2015, 1 (2): 98-104.   Abstract （345）      PDF （2278KB）（1777）       Knowledge map    Save Related Articles | Metrics

Select

Meiya Pico,Innovation to Enhance the Core Technology of Cybersecurity Journal of Information Security Research    2017, 3 (9): 770-780.   Abstract （343）      PDF （1952KB）（868）       Knowledge map    Save Related Articles | Metrics

Select

Privacypreserving Federated Learning Research Based on #br# Confused Modulo Projection Homomorphic Encryption#br# Journal of Information Security Reserach    2025, 11 (3): 198-.   Abstract （100）      PDF （1298KB）（70）       Knowledge map    Save In the current era of big data, deep learning is booming and has become a powerful tool for solving realworld problems. However, traditional centralized deep learning systems are at risk of privacy leakage. To address this problem, federated learning, a distributed machine learning approach, has emerged. Federated learning allows multiple organizations or individuals to train models together without sharing raw data, by uploading local model parameters to the server, aggregating each user’s parameters to construct a global model, and returning it to the user. This approach achieves global optimization and avoids private data leakage. However, even with federated learning, attackers may still be able to reconstruct user data by obtaining the model parameters uploaded by users, thus violating  privacy. To address this issue, privacy protection has become the focus of federated learning research. In this paper, we propose a federated learning scheme FLFC (federated learning with confused modulo projection homomorphic encryption) based on confused modulo projection homomorphic encryption to address the above issues. This scheme adopts a selfdeveloped modular fully homomorphic encryption algorithm to encrypt user model parameters. The modular fully homomorphic encryption algorithm has the advantages of high computational efficiency, support for floatingpoint operations, and localization, thus achieving stronger protection of privacy. Experimental results show that the FLFC scheme exhibits a higher average accuracy and good stability compared to the FedAvg scheme in experiments. Reference | Related Articles | Metrics

Select

Journal of Information Security Reserach    2024, 10 (E2): 105-.   Abstract （363）      PDF （929KB）（241）       Knowledge map    Save Reference | Related Articles | Metrics

Select

PeopleNet, Independently Developing Core Technology of Cyber Information Security Journal of Information Security Research    2017, 3 (7): 578-588.   Abstract （210）      PDF （1448KB）（680）       Knowledge map    Save Related Articles | Metrics

Select

A Review of Hardware Accelerated Research on Zeroknowledge Proofs Journal of Information Security Reserach    2024, 10 (7): 594-.   Abstract （237）      PDF （1311KB）（232）       Knowledge map    Save ZeroKnowledge Proofs (ZKP) are cryptographic protocols that allow a prover to demonstrate the correctness of a statement to a verifier without revealing any additional information. This article primarily introduces research on the acceleration of zeroknowledge proofs, with a particular focus on ZKPs based on Quadratic Arithmetic Programs (QAP) and Inner Product Proofs (IPA). Studies have shown that the computational efficiency of zeroknowledge proofs can be significantly improved through hardware acceleration technologies, including the use of GPUs, ASICs, and FPGAs. Firstly, the article introduces the definition and classification of zeroknowledge proofs, as well as the difficulties encountered in its current application. Secondly, this article  discusses in detail the acceleration methods of different hardware systems, their implementation principles, and their performance improvements over traditional CPUs. For example, cuZK and GZKP utilize GPUs to perform Multiscalar Multiplication (MSM) and Number Theoretic Transform (NTT), while PipeZK, PipeMSM, and BSTMSM accelerate these computational processes through ASICs and FPGAs. Additionally, the article mentions applications of zeroknowledge proofs in blockchain for concealing transaction details, such as the private transactions in ZCash. Lastly, the article proposes future research directions, including accelerating more types of ZKPs and applying hardware acceleration to practical scenarios to resolve issues of inefficiency and promote the widespread application of zeroknowledge proof technology. Reference | Related Articles | Metrics

Select

Venustech’s Continuous Construction of the Information Security Ecological Chain — Analyze the Information and Cyber Security Strategy of Venustech Journal of Information Security Research    2017, 3 (2): 98-115.   Abstract （230）      PDF （3877KB）（939）       Knowledge map    Save Related Articles | Metrics

Select

VEDA, Establishing the AI Dynamic Defense System for Cyber Security Journal of Information Security Research    2017, 3 (12): 1058-1066.   Abstract （319）      PDF （1526KB）（819）       Knowledge map    Save Related Articles | Metrics

Select

An Overview of Application and Technology of Artificial Intelligence in Cybersecurity Journal of Information Security Reserach    2022, 8 (2): 110-.   Abstract （1691）      PDF （1142KB）（1267）       Knowledge map    Save Compared with the developed countries, the basic research and technology application in the field of artificial intelligence in China started later, especially the application of artificial intelligence in the important field of network security. Domestic and abroad disparity is still very obvious, which seriously affects the improvement of China's cybersecurity capability. This paper elaborates the relationship between artificial intelligence, network attack and network defense, and widely investigates the application status of artificial intelligence in major information security companies at home and abroad. It points out that APT detection, 0day vulnerability mining and cloud security are three core areas that affect the level of cybersecurity capability, This paper deeply analyzes the key technologies of artificial intelligence technology applied in these three fields, and puts forward the safety risks of artificial intelligence technology, and points out that artificial intelligence technology is not a panacea for all diseases, This Paper provides a scientific reference for the further research and application of artificial intelligence technology in China's information security industry. Reference | Related Articles | Metrics

Select

Research on Security Protection of High RealTime Metro Integrated Supervisory and Control System Journal of Information Security Research    2019, 5 (8): 691-695.   Abstract （75）      PDF （1098KB）（600）       Knowledge map    Save Integrated Supervisory and Control System (ISCS) is one of the necessary automatic systems for efficient and safe operation of urban rail transit automation. The integrated monitoring system is a largescale integrated system with high integration of informationization and automation. The system integrates multiple automation and information subsystems in urban rail transit stations, tunnels, depots, parking lots, control centers, etc, and performs unified monitoring, control and management of subsystems on the same software platform, realizing the information sharing of each specialty system and the linkage control function between the systems. In this paper, the ISCS security protection solution for rail transit under the requirement of high realtime performance is studied, the typical security protection design concept is given, and the equal guarantee evaluation method is put forward. Reference | Related Articles | Metrics

Select

A Review of Adversarial Attack on Autonomous Driving Perception System Journal of Information Security Reserach    2024, 10 (9): 786-.   Abstract （284）      PDF （1560KB）（227）       Knowledge map    Save The autonomous driving perception system collects surrounding environmental information through various sensors and processes this data to detect vehicles, pedestrians and obstacles, providing realtime foundational data for subsequent control and decisionmaking functions. Since sensors are directly connected to the external environment and often lack the ability to discern the credibility of inputs, the perception systems are  potential targets for various attacks. Among these, adversarial example attack is a mainstream attack method characterized by high concealment and harm. Attackers manipulate or forge input data of the perception system to deceive the perception algorithms, leading to incorrect output results by the system. Based on the research of existing relevant literature, this paper systematically summarizes the working methods of the autonomous driving perception system, analyzes the adversarial example attack schemes and defense strategies targeting the perception system. In particular, this paper subdivide the adversarial examples for the autonomous driving perception system into signalbased adversarial example attack scheme and objectbased adversarial example attack scheme. Additionally, the paper comprehensively discusses defense strategy of the adversarial example attack for the perception system, and subdivide it into anomaly detection, model defense, and physical defense. Finally, this paper prospects the future research directions of adversarial example attack targeting autonomous driving perception systems. Reference | Related Articles | Metrics

Select

Building Cyber Security Defense by Trusted Computing 3.0 Journal of Information Security Research    2017, 3 (4): 290-298.   Abstract （318）      PDF （1075KB）（1694）       Knowledge map    Save Related Articles | Metrics

Select

Leveraging “Internet Plus” and Big Data for the Improvement of Services Supervision Cui Chuanzhen Journal of Information Security Research    2016, 2 (2): 98-106.   Abstract （213）      PDF （1159KB）（911）       Knowledge map    Save Related Articles | Metrics

Select

Dean, the Pioneer and Guardian of Network Security for 20 Years Dean Group's Information Security and Strategy Based on a Network Powerful Nation Journal of Information Security Research    2017, 3 (10): 0-0.   Abstract （112）      PDF （2297KB）（630）       Knowledge map    Save Related Articles | Metrics

Select

A Trust Framework for Large Language Model Application Journal of Information Security Reserach    2024, 10 (12): 1153-.   Abstract （171）      PDF （1420KB）（154）       Knowledge map    Save The emergence of large language model has greatly propelled the rapid application of artificial intelligence across various domains. In practice, however, there are a series of security and trust challenges in the applications of large language models caused by “model hallucinations”. These challenges make it difficult for practical applications to trust and adopt the results returned by the large language models, especially in securityrelated application domains. In many professional fields, we find that there lacks a unified technical framework to ensure the trustworthiness of results returned by large language models, which seriously hinders the application of largescale model technology in professional fields. To address this issue, a largescale model trusted application framework DKCF, integrating sufficient data (D), expertise knowledge (K), intellectual collaboration (C), and efficient feedback (F), is proposed. This framework is developed based on our practical applications in professional fields such as finance, healthcare, and security. We believe that DKCF can shed light on secure and reliable applications of large language models, and facilitate the intellectual revolution across various professional domains. Reference | Related Articles | Metrics

Select

Journal of Information Security Research    2016, 2 (11): 969-971.   Abstract （386）      PDF （726KB）（1273）       Knowledge map    Save Related Articles | Metrics

Select

A Survey of Zero Trust Research Journal of Information Security Research    2020, 6 (7): 608-614.   Abstract （1167）      PDF （2068KB）（1544）       Knowledge map    Save With the popularization of cloud computing, mobile office and other technologies, the enterprise network structure becomes complex. The traditional network security model is based on the idea of boundary protection, which can not meet the current needs. Zero trust is a new network security model, where no distinction is made between internal and external networks and all entities need authentication and authorization before accessing resources, which can be used to protect the network whose perimeter is increasingly fuzzy. This paper gives the definition of zero trust, introduces the architecture of zero trust, analyzes the core technology of zero trust, compares and analyses several representative zero trust schemes, summarizes the development status, points out the research direction needing attention in this field, which can provide reference for the research and application of zero trust. Reference | Related Articles | Metrics

Select

Journal of Information Security Reserach    2024, 10 (E2): 139-.   Abstract （118）      PDF （676KB）（111）       Knowledge map    Save Reference | Related Articles | Metrics

Select

A Federated Learning Method Resistant to Label Flip Attack Journal of Information Security Reserach    2025, 11 (3): 205-.   Abstract （63）      PDF （3486KB）（42）       Knowledge map    Save Since users participating in federated learning training have high autonomy and their identities are difficult to identify, they are vulnerable to label flip attacks, causing the model to learn wrong rules from wrong labels and reducing the overall performance of the model. In order to effectively resist label flip attacks, a dilutionprotected federated learning method for multistage training models is proposed. This method randomly divides the training data set and uses a dilution protection federated learning algorithm to distribute part of the data to clients participating in the training to limit the amount of data owned by the client and avoid malicious participants with large amounts of data from causing major damage to the model. After each training session, the gradients of all training epochs in that phase are gradient clustered by a dimensionality reduction algorithm in order to identify potentially malicious actors and restrict their training in the next phase. At the same time, the global model parameters are saved after each stage of training to ensure that the training of each stage is based on the model foundation of the previous stage. Experimental results on the data set show that this method reduces the impact of attacks without damaging the model accuracy, and helps improve the convergence speed of the model. Reference | Related Articles | Metrics

Select

“Internet +”Power: Overview of Westone Secruity’s Cyber Secruity Journal of Information Security Research    2016, 2 (10): 862-875.   Abstract （214）      PDF （2788KB）（1018）       Knowledge map    Save Related Articles | Metrics

Select

Three-Dimensional Way of Acorn Network in Industrial Control Cybersecurity Journal of Information Security Research    2017, 3 (8): 0-0.   Abstract （373）      PDF （3703KB）（636）       Knowledge map    Save Related Articles | Metrics

Select

Journal of Information Security Reserach    2024, 10 (E1): 236-.   Abstract （383）      PDF （796KB）（306）       Knowledge map    Save Reference | Related Articles | Metrics

Select

Journal of Information Security Reserach    2024, 10 (E1): 45-.   Abstract （120）      PDF （820KB）（119）       Knowledge map    Save Reference | Related Articles | Metrics

Select

“Internet +”Power: Overview of AsiaInfo Secruity’s Cyber Security Journal of Information Security Research    2016, 2 (8): 670-684.   Abstract （338）      PDF （1873KB）（1175）       Knowledge map    Save Related Articles | Metrics

Select

To Create a Positive Cyberspace by Safeguarding Network Security with Active Immune Trusted Computing 3.0 Journal of Information Security Research    2018, 4 (4): 282-302.   Abstract （188）      PDF （2291KB）（893）       Knowledge map    Save Related Articles | Metrics

Select

AI and Data Privacy Protection: The Way to Federated Learning Journal of Information Security Research    2019, 5 (11): 961-965.   Abstract （1037）      PDF （1395KB）（1216）       Knowledge map    Save With the tremendous advance in computing, algorithms and data volume, artificial intelligence ushered in the third development climax, and began to gain a foot hold in exploring various industries. However, as the emergence of “big data”, more “small data” or “poorquality data”, and “data silos” exist in industry applications. For example, in the information security realm, it is difficult for enterprises who provide security services such as content security auditing and intrusion detection based on artificial intelligence technology to exchange raw data due to the consideration of user privacy and trade secrets protection. The services between enterprises are independent, and the overall development of cooperation and technology is difficult to make a breakthrough in a short period of time. How to promote greater cooperation on the premise of protecting the privacy of organizations? Will there be any chance for technical means to solve the data privacy protection problems? Federated Learning is an effective way to solve this problem and achieve acrossenterprise collaborative governance. Reference | Related Articles | Metrics

Select

Overview of Regulation of Crossborder Data Flow Journal of Information Security Reserach    2025, 11 (2): 164-.   Abstract （155）      PDF （1274KB）（88）       Knowledge map    Save The development of the digital economy has made crossborder data flow an inevitable trend, and while bringing economic benefits, the security of crossborder data flow cannot be ignored. Due to the complexity of the subjects and scenes involved in the process of crossborder data flow, and the uncontrollability of the process, how to regulate the possible security problems in the process of crossborder data flow has become the focus of the world. So far, there is no unified governance rule system for crossborder data flow in the world, and at the same time, there are huge differences in legislation on crossborder data flow in different countries, which results in the complex situation of legislation on crossborder data flow in the world. This paper describes the current situation of crossborder data flow from the perspectives of laws and regulations, bilateral agreements and standards, and in this way develops horizontal comparisons, sorts out the existing regulatory differences, analyzes the challenges and opportunities China faces under the current trend, and gives reasonable countermeasures. Reference | Related Articles | Metrics

Select

Network intrusion detection model based on convolutional neural network Journal of Information Security Research    2017, 3 (11): 990-994.   Abstract （533）      PDF （3567KB）（640）       Knowledge map    Save Network intrusion detection is an important component of network security. At present, the popular detection technology is to use the traditional machine learning algorithm to train the intrusion samples, so as to obtain the intrusion detection model. However, these algorithms have the disadvantage of low detection rate. Depth learning is an algorithm that automatically extracts features from samples. In view of the fact that the accuracy of intrusion detection is not high in traditional machine learning technology, this paper proposes a network intrusion detection model based on convolutional neural network algorithm. The model can automatically extract the effective features of intrusion samples, so that the intrusion samples can be accurately classified. Experimental results on KDD99 datasets show that the proposed model can greatly improve the accuracy of intrusion detection. Reference | Related Articles | Metrics

Select

Research on WordPress 5.0.0 Remote Code Execution Vulnerability Journal of Information Security Research    2019, 5 (4): 352-360.   Abstract （242）      PDF （5078KB）（453）       Knowledge map    Save With the high-speed development of the Internet, the security problems of Web applications have become increasingly prominent. In the context of the widespread used open source software, it has become more and more concerned by security practitioners. There is no doubt that open source software occupies an irreplaceable position in current network applications, its security issues are always related to a large number of our daily use applications. These security issues can cause immeasurable damage, both to individuals and businesses. Especially when these security issues or vulnerabilities are exploited by some attackers, the consequences are unimaginable. From the perspective of Internet companies, it is particularly necessary and vital to solve security problems. Research on open vulnerabilities can help security practitioners understand the causes of vulnerabilities and the main techniques of exploits better, help companies and their users reduce the risk of potential losses. As you can see, WordPress, an important part of open source software contributes to lots of Web applications, the representative of blog and content manage system, is all the time focused on by the attackers around the world. Some experienced attackers may use different exploit ways to bypass the existed protection policy which is based on the well-known tricks that published. At the same time, these attackers are now more circumspect about using these exploit ways to avoid these new ways being exposed. For the most enterprises, they consequently have no ability to keep knowing it in real time and they will be caught off guard when the attackers come. In a sense, to discuss about the different exploit ways is indispensable. Therefore, this paper combines the published analysis paper about WordPress 5.0.0 remote code execution vulnerability, proposes a different exploit way on last step which directly causes arbitrary code execution that can be maliciously exploited by some attackers. Purpose of the research is to provide detailed info for the security practitioners', help them understand the causes of the vulnerability, complete the vulnerability recurrence with a different approach, as well as to enhance their vulnerability detection capabilities and promote the enterprise to effectively discover and fix the vulnerabilities. Reference | Related Articles | Metrics

Select

Research on Network Security Governance and Response of  Largescale AI Model Journal of Information Security Reserach    2023, 9 (6): 551-.   Abstract （458）      PDF （1101KB）（433）       Knowledge map    Save With the continuous development of artificial intelligence technology, largescale AI model technology has become an important research direction in the field of artificial intelligence. The publication of ChatGPT4.0 and ERNIE Bot has rapidly promoted the development and application of this technology. However, the emergence of largescale AI model technology has also brought new challenges to network security. This paper will start with the definition, characteristics and application of largescale AI model technology, and analyze the network security situation under largescale AI model technology. The network security governance framework of largescale AI model is proposed, and the given steps can provide reference for network security work of largescale AI model. Reference | Related Articles | Metrics

Select

A Review of Algorithmic Risk and Its Governance in China#br# #br# Journal of Information Security Reserach    2024, 10 (2): 114-.   Abstract （288）      PDF （1781KB）（182）       Knowledge map    Save In the era of digital intelligence, algorithms pervade every corner of human society. While algorithms drive the transformation towards digitization and intelligence, they also give rise to a series of issues, necessitating effective governance of increasing algorithmic risks. Firstly, algorithmic risks are categorized into four fields: law and justice, politics and governance, information dissemination and business and economy. Then the formation mechanisms of algorithmic risk are analyzed, encompassing algorithm black box, algorithm discrimination and power alienation. Finally, a governance strategy framework is proposed, consisting of three paths: technology regulation, power and responsibility normative, and ecological optimization. The research systematically presents the progress and development trend of algorithmic risk and its governance in China, providing reference for advancing the theoretical research and system construction inalgorithmic risk governance. Reference | Related Articles | Metrics

Select

Cracking the Hard Mathematical Problems of Cryptographic Algorithm Cui Chuanzhen Journal of Information Security Research    2015, 1 (1): 92-96.   Abstract （319）      PDF （1027KB）（919）       Knowledge map    Save Related Articles | Metrics

Select

Journal of Information Security Reserach    2023, 9 (E2): 4-.   Abstract （75）      PDF （2945KB）（594）       Knowledge map    Save Related Articles | Metrics

Select

Blockchain and Quantum Computing Journal of Information Security Research    2018, 4 (6): 496-504.   Abstract （174）      PDF （1390KB）（578）       Knowledge map    Save In recent years, the emerging of digital encryption currency such as bitcoin, blockchain as its key technology has caused the government, technology companies, financial institutions and capital market great attention and wide public concern. Blockchain is a new kind of distributed, decentralized or centralized mechanism, has high distributed redundant storage, go to the center of the credit, automatic intelligent contract execution, timeseries data, not tampered with, the advantages of security and privacy. However, with the development of quantum computer, some advantages of blockchain will be challenged. By analyzing the core technology of the blockchain and combining the advantages of quantum computing, we could analyze the problems that the blockchain system will face in the future. We could work to provide effective guidance and reference to relevant researches of blockchain in the future. Reference | Related Articles | Metrics

Select

Research on Financial Data Security Management Based on Data Life Cycle Journal of Information Security Research    2018, 4 (6): 548-554.   Abstract （161）      PDF （1122KB）（591）       Knowledge map    Save At present, the trend of comprehensive financial management in China is constantly strengthened. The Internet, big data, and cloud computing are widely used in the financial industry. The convergence and development of the financial industry and the Internet is rapid. But at the same time, we have to face the problem of customer information security under the trend of “Internet +”. For information systems, data security is the core issue of information security. The current hacker attacks are focused on stealing the core corporate data and customer data. The security defense systems of enterprises also focuses on data security. Therefore, the data security management is a top priority for enterprises in the field of Internet finance. In order to improve the level of enterprise data security management and reduce the risk of data leakage caused by improper use of business data, we study the method of data security risk management based on the data life cycle. Reference | Related Articles | Metrics

Select

Cultivation of Cyber Security Talents Should Be Developed in Practical Training Journal of Information Security Research    2018, 4 (12): 1062-1065.   Abstract （74）      PDF （1423KB）（474）       Knowledge map    Save Related Articles | Metrics

Select

Application of Network Security Situational Awareness Platform Based on Big Data in the Field of Private Network Journal of Information Security Research    2019, 5 (2): 168-175.   Abstract （157）      PDF （1678KB）（461）       Knowledge map    Save In order to improve the information security defense capability of the private network, the institutions with private network pay more and more attention to the information network security situational perception technology to realize the prediction and prevention of security events. Based on the brief introduction of situational awareness and related technologies, this paper puts forward a set of applicable network security situational awareness functional architecture targeting industryspecific network needs. This paper details the functional elements contained in each system from the functional level, which would provide reference for relevant institutions to build a network security situational awareness platforms. Reference | Related Articles | Metrics