Most Download articles

Published in last 1 year | In last 2 years| In last 3 years| All| Most Downloaded in Recent Month | Most Downloaded in Recent Year|

Most Downloaded in Recent Year

Please wait a minute...


For Selected: Download Citations EndNote Ris BibTeX Toggle Thumbnails

Select

Journal of Information Security Reserach    2023, 9 (E2): 4-.   Abstract （71）      PDF （2945KB）（581）       Knowledge map    Save Related Articles | Metrics

Select

PeopleNet, Independently Developing Core Technology of Cyber Information Security Journal of Information Security Research    2017, 3 (7): 578-588.   Abstract （204）      PDF （1448KB）（631）       Knowledge map    Save Related Articles | Metrics

Select

“Internet +”Power: Overview of AsiaInfo Secruity’s Cyber Security Journal of Information Security Research    2016, 2 (8): 670-684.   Abstract （337）      PDF （1873KB）（1151）       Knowledge map    Save Related Articles | Metrics

Select

Security-Development Road of National E-Gov Network in the “Internet +” Era Zhou Min Journal of Information Security Research    2015, 1 (2): 98-104.   Abstract （343）      PDF （2278KB）（1710）       Knowledge map    Save Related Articles | Metrics

Select

TOPSEC, Leading Brand of Independent Innovation, Supporting Cyberspace Power Strategy Journal of Information Security Research    2018, 4 (9): 774-782.   Abstract （90）      PDF （1579KB）（599）       Knowledge map    Save Related Articles | Metrics

Select

Meiya Pico,Innovation to Enhance the Core Technology of Cybersecurity Journal of Information Security Research    2017, 3 (9): 770-780.   Abstract （343）      PDF （1952KB）（795）       Knowledge map    Save Related Articles | Metrics

Select

An Optimized Computation Method for Cipher Symbol Functions  Based on Homomorphic Encryption Journal of Information Security Reserach    2025, 11 (2): 100-.   Abstract （150）      PDF （1092KB）（123）       Knowledge map    Save Fully homomorphic encryption extends encryption to computations, allowing ciphertext processing without decryption. Comparative operations, crucial in applications like deep learning, pose a challenge in homomorphic encryption environments restricted to addition and multiplication. Feng et al. (CNS 2023) proposed a comparison method using dynamic polynomial combinations. This paper enhances dynamic polynomial, allowing polynomial fluctuations within (-2,2). It introduces a novel equation system for solving dynamic polynomials and utilizes finite third and fifthdegree polynomials to construct more precise composite polynomials for approximating the sign function. It analyzes the method’s optimality in depth consumption and computational complexity, achieving a 32% reduction in runtime compared to the optimal method in a previous study (CNS 2023). The homomorphic comparison algorithm in this paper, for ε=2-20，α=20 requires only 0.69ms in amortized runtime. Reference | Related Articles | Metrics

Select

The Review of Information Hiding Technology Based on GAN Image Generation Journal of Information Security Research    2019, 5 (9): 771-777.   Abstract （663）      PDF （630KB）（910）       Knowledge map    Save The traditional steganography is facing more and more threats, and the steganographic analysis technology is gradually mature. To solve this problem, the Generative Adversarial Networks is introduced into the steganography, which can reduce the traces of carrier modification and improve the concealment of steganography. This paper introduces the basic structure of the Generative Adversarial Networks, summarizes, compares and classifies the research results of the steganography based on GAN image generation. According to the existing technical means, the shortcomings of the current Generative Adversarial Networks in the development of steganography are proposed, and the future research directions are prospected. Reference | Related Articles | Metrics

Select

Research on Deep Learningbased Spatiotemporal Feature Fusion  Network Intrusion Detection Model Journal of Information Security Reserach    2025, 11 (2): 122-.   Abstract （105）      PDF （1944KB）（104）       Knowledge map    Save As the number of network attacks increases, network intrusion detection systems are becoming increasingly important in maintaining network security. Most studies have used deep learning approaches for network intrusion detection but have not fully utilized the features of traffic from multiple perspectives. Additionally, these studies often suffer from the use of outdated experimental datasets. In this paper, a parallelstructured DSCInceptionBiLSTM network is proposed to evaluate the designed network model using stateoftheart datasets. The model consists of two branches, network traffic image, and text anomaly traffic detection. Spatial and temporal features of traffic are extracted by improved convolutional neural networks and recurrent neural networks, respectively. Finally, network intrusion detection is achieved by fusing spatiotemporal features. The experimental results show that our model achieves 99.96%, 99.19%, and 99.95% accuracy on the three datasets of CICIDS 2017, CSECICIDS 2018 and CICDDoS 2019, respectively, effectively classifying the anomalous traffic with high precision and meeting the requirements of intrusion detection system. Reference | Related Articles | Metrics

Select

Journal of Information Security Reserach    2024, 10 (E2): 105-.   Abstract （287）      PDF （929KB）（182）       Knowledge map    Save Reference | Related Articles | Metrics

Select

A Review of Adversarial Attack on Autonomous Driving Perception System Journal of Information Security Reserach    2024, 10 (9): 786-.   Abstract （266）      PDF （1560KB）（184）       Knowledge map    Save The autonomous driving perception system collects surrounding environmental information through various sensors and processes this data to detect vehicles, pedestrians and obstacles, providing realtime foundational data for subsequent control and decisionmaking functions. Since sensors are directly connected to the external environment and often lack the ability to discern the credibility of inputs, the perception systems are  potential targets for various attacks. Among these, adversarial example attack is a mainstream attack method characterized by high concealment and harm. Attackers manipulate or forge input data of the perception system to deceive the perception algorithms, leading to incorrect output results by the system. Based on the research of existing relevant literature, this paper systematically summarizes the working methods of the autonomous driving perception system, analyzes the adversarial example attack schemes and defense strategies targeting the perception system. In particular, this paper subdivide the adversarial examples for the autonomous driving perception system into signalbased adversarial example attack scheme and objectbased adversarial example attack scheme. Additionally, the paper comprehensively discusses defense strategy of the adversarial example attack for the perception system, and subdivide it into anomaly detection, model defense, and physical defense. Finally, this paper prospects the future research directions of adversarial example attack targeting autonomous driving perception systems. Reference | Related Articles | Metrics

Select

Leveraging “Internet Plus” and Big Data for the Improvement of Services Supervision Cui Chuanzhen Journal of Information Security Research    2016, 2 (2): 98-106.   Abstract （213）      PDF （1159KB）（867）       Knowledge map    Save Related Articles | Metrics

Select

Dean, the Pioneer and Guardian of Network Security for 20 Years Dean Group's Information Security and Strategy Based on a Network Powerful Nation Journal of Information Security Research    2017, 3 (10): 0-0.   Abstract （111）      PDF （2297KB）（596）       Knowledge map    Save Related Articles | Metrics

Select

Research of Threat Intelligence Sharing and Using for Cyber Attack Attribution Yang Zeming, Li Qiang, Liu Junrong, and Liu Baoxu Journal of Information Security Research    2015, 1 (1): 31-36.   Abstract （939）      PDF （5527KB）（1391）       Knowledge map    Save With the increasingly complexity of cyberspace security, the attack attribution has become an important challenge for the security protection system. The emergence of threat intelligence provided plentiful data source support for the attack attribution, which makes large-scale attack attribution became possible. To realize effective attack attribution, based on the structure expression of the threat information, a light weight framework of threat intelligence sharing and utilization was proposed. It included threat intelligence expression, exchange and utilization, which can achieve the attack attribution result. Take the case of C2 relevant information, we described the expression of threat intelligence sharing and utilization, and verified the framework. Results show that the framework is practical, and can provide new technical means for attack attribution. In addition, based on the understanding of threat intelligence, several thinking about the construction of sharing and utilization mechanisms were promoted in the end. Related Articles | Metrics

Select

Trend on Cybersecurity Policy Risks of the Trump Administration and China Countermeasures Journal of Information Security Research    2018, 4 (10): 870-880.   Abstract （107）      PDF （1337KB）（761）       Knowledge map    Save Reference | Related Articles | Metrics

Select

Research on Security Risk and Governance Path of Large Models Journal of Information Security Reserach    2024, 10 (10): 975-.   Abstract （119）      PDF （1104KB）（128）       Knowledge map    Save Reference | Related Articles | Metrics

Select

Research on the Development Trend of Cybersecurity Technology Journal of Information Security Reserach    2025, 11 (1): 2-.   Abstract （86）      PDF （563KB）（67）       Knowledge map    Save Related Articles | Metrics

Select

Edge Cloud Collaborative Attributebased Signcryption Scheme  Based on State Secret SM9 Journal of Information Security Reserach    2025, 11 (2): 115-.   Abstract （60）      PDF （1474KB）（60）       Knowledge map    Save In order to improve the security and efficiency of data interaction in edge cloud collaborative mode, an edge cloud collaborative attributebased signcryption scheme based on state secret SM9 is proposed. This scheme integrates the state secret SM9 algorithm with attributebased signcryption algorithm, constructs a mixed key and ciphertext policy access control mechanism with a linear secret sharing scheme, and implements partial outsourcing decryption through an edge cloud collaborative network. The experimental analysis results demonstrate that the proposed scheme provides flexible access control while achieving efficient and reliable security protection in the edge cloud collaborative mode, making it suitable for dynamic and complex cloud application scenarios. Reference | Related Articles | Metrics

Select

Overview of Voiceprint Recognition Technology and Applications Journal of Information Security Research    2016, 2 (1): 44-57.   Abstract （997）      PDF （12707KB）（563）       Knowledge map    Save With the rapid development of information technology, how to identify a person to protect hisher personal privacy as well as information security has become a hot issue. Comparing with the traditional identity authentication, the biometric authentication technologies have the features of not being to get lost, to be stolen or forgotten when being used. The use of them is not only fast and convenient, but also accurate and reliable. Being one of the most popular biometric authentication technologies, the voiceprint recognition technology has its unique advantages in the field of remote authentication and other areas, and has attracted more and more attention. In this paper, the voiceprint recognition technology and its applications will be mainly introduced, including the fundamental concept, development history, technology applications and industrial standardizations. Various kinds of problems and corresponding solutions are overviewed, and the prospects are pointed out finally. Reference | Related Articles | Metrics

Select

Blockchain and Quantum Computing Journal of Information Security Research    2018, 4 (6): 496-504.   Abstract （171）      PDF （1390KB）（549）       Knowledge map    Save In recent years, the emerging of digital encryption currency such as bitcoin, blockchain as its key technology has caused the government, technology companies, financial institutions and capital market great attention and wide public concern. Blockchain is a new kind of distributed, decentralized or centralized mechanism, has high distributed redundant storage, go to the center of the credit, automatic intelligent contract execution, timeseries data, not tampered with, the advantages of security and privacy. However, with the development of quantum computer, some advantages of blockchain will be challenged. By analyzing the core technology of the blockchain and combining the advantages of quantum computing, we could analyze the problems that the blockchain system will face in the future. We could work to provide effective guidance and reference to relevant researches of blockchain in the future. Reference | Related Articles | Metrics

Select

AI and Data Privacy Protection: The Way to Federated Learning Journal of Information Security Research    2019, 5 (11): 961-965.   Abstract （978）      PDF （1395KB）（1185）       Knowledge map    Save With the tremendous advance in computing, algorithms and data volume, artificial intelligence ushered in the third development climax, and began to gain a foot hold in exploring various industries. However, as the emergence of “big data”, more “small data” or “poorquality data”, and “data silos” exist in industry applications. For example, in the information security realm, it is difficult for enterprises who provide security services such as content security auditing and intrusion detection based on artificial intelligence technology to exchange raw data due to the consideration of user privacy and trade secrets protection. The services between enterprises are independent, and the overall development of cooperation and technology is difficult to make a breakthrough in a short period of time. How to promote greater cooperation on the premise of protecting the privacy of organizations? Will there be any chance for technical means to solve the data privacy protection problems? Federated Learning is an effective way to solve this problem and achieve acrossenterprise collaborative governance. Reference | Related Articles | Metrics

Select

Cracking the Hard Mathematical Problems of Cryptographic Algorithm Cui Chuanzhen Journal of Information Security Research    2015, 1 (1): 92-96.   Abstract （313）      PDF （1027KB）（886）       Knowledge map    Save Related Articles | Metrics

Select

VEDA, Establishing the AI Dynamic Defense System for Cyber Security Journal of Information Security Research    2017, 3 (12): 1058-1066.   Abstract （319）      PDF （1526KB）（773）       Knowledge map    Save Related Articles | Metrics

Select

Journal of Information Security Research    2016, 2 (11): 969-971.   Abstract （385）      PDF （726KB）（1235）       Knowledge map    Save Related Articles | Metrics

Select

The Army Trusted Computing Standard of Civil-Military Integration Journal of Information Security Research    2017, 3 (4): 382-384.   Abstract （125）      PDF （685KB）（740）       Knowledge map    Save Related Articles | Metrics

Select

Cultivation of Cyber Security Talents Should Be Developed in Practical Training Journal of Information Security Research    2018, 4 (12): 1062-1065.   Abstract （73）      PDF （1423KB）（452）       Knowledge map    Save Related Articles | Metrics

Select

Design and Implementation of Cryptography Intensive Platform for  Government Information System Journal of Information Security Reserach    2023, 9 (5): 461-.   Abstract （185）      PDF （2467KB）（194）       Knowledge map    Save Aiming at the problems of inconvenient, nonstandard, non universal and waste of resources for cipher application in the field of egovernment, this paper puts forward a systematic, intensive and standardized technical scheme. The scheme combines the SM2, SM3, SM4 and SM9 algorithms to form an intensive system framework, pool the cryptographic facilities, reduce the burden of applying cipher in the information system, provide a unified interface for cryptographic applications, and realize compliant, effective and convenient cryptographic applications. The pilot application practice of cryptographyintensive platform construction of egovernment extranet shows that this scheme can improve the utilization rate of cipher resources and save investment, and has reference value for the security protection of cipher application of scale government information system.Key wordscommercial cryptography; intensification; government informatization; identitybased cryptograph; egovernment Aiming at the problems of inconvenient, nonstandard, non universal and waste of resources for cipher application in the field of egovernment, this paper puts forward a systematic, intensive and standardized technical scheme. The scheme combines the SM2, SM3, SM4 and SM9 algorithms to form an intensive system framework, pool the cryptographic facilities, reduce the burden of applying cipher in the information system, provide a unified interface for cryptographic applications, and realize compliant, effective and convenient cryptographic applications. The pilot application practice of cryptographyintensive platform construction of egovernment extranet shows that this scheme can improve the utilization rate of cipher resources and save investment, and has reference value for the security protection of cipher application of scale government information system. Reference | Related Articles | Metrics

Select

Research on Information System Auditing Mechanism for the Cyberpower Development Journal of Information Security Research    2018, 4 (6): 490-495.   Abstract （113）      PDF （772KB）（433）       Knowledge map    Save Reference | Related Articles | Metrics

Select

Blockchainbased Data Element Resources Sharing and Access  Control Scheme Journal of Information Security Reserach    2023, 9 (2): 137-.   Abstract （194）      PDF （1298KB）（147）       Knowledge map    Save The secure access control of data resources is the foundation of the industry chain. Attributebased encryption is widely used in finegrained access control to achieve secure data sharing, but there are many challenges, such as single authority, high trustbuilding cost, difficulty to revoke access, and single point of failure. In this paper, we propose a blockchainbased data resources access control scheme in the industry chain, which improves the security and flexibility of access control by designing a revocable multiauthority attributebased encryption algorithm. In addition, the blockchain with immutability, unforgeability, traceability and auditability is introduced to maintain the rights of data owners and reduce the cost of attribute management among attribute authorities. This scheme supports distributed attribute management and attributes updating without trusted authority to resist collusive attacks. The analysis results show that the proposed scheme can achieve secure and trustworthy data sharing in the industry chain. Reference | Related Articles | Metrics

Select

Research on the Application of Commercial Cryptography to Cloud Computing Journal of Information Security Reserach    2023, 9 (4): 375-.   Abstract （347）      PDF （3447KB）（308）       Knowledge map    Save Cloud computing, as a new information processing method, enables users to access information and communication resource services through the network, and it has become an inevitable trend in the development of information technology industry. Users, data, and information resources are highly concentrated, highly dependent on the continuity of cloud platform services, and the scalability of virtualized resources bring inevitable security risks to cloud computing., and the scalability of virtualized resources bring inevitable security risks to cloud computing. Therefore, how to eliminate the security risks of cloud computing by using commercial cryptography technology has become the current research hotspot. This paper starts from the cloud computing network architecture, anlyzes the cryptography application requirements of cloud computing. The paper proposes the corresponding commercial cryptography application scheme for cloud computing scenarios on this basis. The research results provide a theoretical guidance and reference for the application practice of commercial cryptography in cloud computing scenarios, and are expected to solve the key problems of cloud computing security. Reference | Related Articles | Metrics

Select

A Survey of SQL Injection Attack Detection and Defense Technology Journal of Information Security Reserach    2023, 9 (5): 412-.   Abstract （465）      PDF （2612KB）（350）       Knowledge map    Save In the era of “Internet+”, data is the most valuable resource of the Internet. Attackers often use SQL injection attacks to destroy the database in order to obtain important data information in the database. The threat to database security is becoming more and more serious. At present, the research on SQL injection attacks mostly focuses on traditional SQL injection attacks, but lacks the cognition of new advanced SQL injection technology with stronger concealment and higher risk, and the research on related detection and defense technology. In response to this phenomenon, this paper analyzes and evaluates traditional and advanced SQL injection attack technologies and their technical characteristics based on the classification of SQL injection technologies; summarizes existing detection and defense technologies, and evaluates the advantages and disadvantages of these methods for defense effectiveness; finally The problems existing in the current research field are sorted out, and suggestions for future research directions are put forward. Reference | Related Articles | Metrics

Select

A Malicious TLS Traffic Detection Method with Multimodal Features Journal of Information Security Reserach    2025, 11 (2): 130-.   Abstract （87）      PDF （3159KB）（63）       Knowledge map    Save The malicious TLS traffic detection aims to identify network traffic that involves malicious activities transmitted through the TLS protocol. Due to the encryption properties of the TLS protocol, traditional textbased traffic analysis methods have limited effectiveness when dealing with encrypted traffic. To address this issue, a malicious TLS traffic detection method called MultiModal Feature Fusion for TLS Traffic Detection (MTBRL) has been proposed. This method extracts and fuses features from different modalities to detect malicious TLS traffic. Firstly, expert knowledge is employed for feature engineering, extracting key features from encrypted traffic, including protocol versions, encryption suites, and certificate information. These features are processed and transformed into twodimensional image representations. Then, ResNet is utilized to encode these images and extract their features. Simultaneously, an encrypted traffic pretrained BERT model is used to encode TLS flows, allowing the learning of contextual and semantic features of the TLS traffic. Additionally, an LSTM model is employed to encode the sequence of packet length distributions of the encrypted traffic, capturing temporal characteristics. Finally, through feature fusion techniques, the different modality features are integrated, and the model’s weight parameters are automatically learned and optimized using the backpropagation algorithm to accurately predict malicious TLS traffic. Experimental results demonstrate that this method achieves accuracy, precision, recall, and F1score of 94.94%, 94.85%, 94.15%, and 94.45%, on the DataCon2020 dataset. This performance is significantly superior to traditional machine learning and deep learning methods.  Reference | Related Articles | Metrics

Select

Three-Dimensional Way of Acorn Network in Industrial Control Cybersecurity Journal of Information Security Research    2017, 3 (8): 0-0.   Abstract （372）      PDF （3703KB）（600）       Knowledge map    Save Related Articles | Metrics

Select

Construction and Practice of Emergency Plans for Cyber Security Events in E-Government Institutes Journal of Information Security Research    2019, 5 (5): 377-382.   Abstract （140）      PDF （2124KB）（444）       Knowledge map    Save With the frequent occurrence of various types of security risks in recent years, cyber security is becoming more and more serious. Once the critical information systems such as core business systems and goverment portals been attacked, will be having a wide range of impacts, endangering nation security, national economy and people's life and public interests.. In order to reduce the losses caused by cyber security incidents, it is very necessary for E-Government institutes to establish standardized and efficient emergency plan. Due to the limitations of consciousness, technology and resources, E-Government institutes have common problems in the construction and practice of common emergency plans. In view of this, it's necessary to put forward some suggestions for the optimization of emergency plans, which can help the information security staff of E-Government institutes to standardize the response process of cyber security incidents. Reference | Related Articles | Metrics

Select

The Study of Security Audit Framework and Key Technologies in Big Data Era Journal of Information Security Research    2019, 5 (5): 400-405.   Abstract （215）      PDF （1234KB）（467）       Knowledge map    Save The aggregation and sharing of data resources contributes to the concentration of security risks, and security audit technology in big data environment is facing many challenges. Firstly, the reference framework for big data security auditing is proposed based on big data reference framework and cloud security audit framework,which conducts security auditing from user dimension and data life-cycle dimension. Secondly,the security audit technology monitors the behaviors of data provider, system orchestrator, big data application provider, big data framework provider and data consumer. And which tracks the entire data life-cycle process which consists of data collection, transmission, storge, curation, exchange and destruction. Finally, this paper discusses the data provenance and privacy protection problems during security auditing, in order to serve as useful references for the development of big data security audit technology. Reference | Related Articles | Metrics

Select

Overview of Regulation of Crossborder Data Flow Journal of Information Security Reserach    2025, 11 (2): 164-.   Abstract （120）      PDF （1274KB）（56）       Knowledge map    Save The development of the digital economy has made crossborder data flow an inevitable trend, and while bringing economic benefits, the security of crossborder data flow cannot be ignored. Due to the complexity of the subjects and scenes involved in the process of crossborder data flow, and the uncontrollability of the process, how to regulate the possible security problems in the process of crossborder data flow has become the focus of the world. So far, there is no unified governance rule system for crossborder data flow in the world, and at the same time, there are huge differences in legislation on crossborder data flow in different countries, which results in the complex situation of legislation on crossborder data flow in the world. This paper describes the current situation of crossborder data flow from the perspectives of laws and regulations, bilateral agreements and standards, and in this way develops horizontal comparisons, sorts out the existing regulatory differences, analyzes the challenges and opportunities China faces under the current trend, and gives reasonable countermeasures. Reference | Related Articles | Metrics

Select

SURFILTER, Insisting on the Road of Independent Innovation of Information Security -- Review of the Information and Network Security Strategy of SURFILTER Journal of Information Security Research    2016, 2 (12): 1054-1067.   Abstract （142）      PDF （5217KB）（716）       Knowledge map    Save Related Articles | Metrics

Select

A Survey of IoT Firmware Vulnerability Security Detection Journal of Information Security Reserach    2022, 8 (12): 1146-.   Abstract （261）      PDF （1780KB）（247）       Knowledge map    Save With the advent of the Internet of everything, the security issues of the IoT have become more and more important, especially the economic losses caused by security risks and attacks caused by firmware vulnerabilities in the IoT. Efficient firmware vulnerability detection technology has increasingly become the key to ensuring the security of IoT devices. Therefore, studying the methods and technologies related to firmware vulnerability security detection in the IoT has essential theoretical significance and practical value. This paper analyzes the reasons for the frequent security problems of IoT firmware, summarizes the main security threats faced by IoT firmware, and targets the firmware. Based on the challenges faced by vulnerability analysis, the existing firmware vulnerability detection methods are reviewed. Through the analysis of the advantages and disadvantages of different methods, it provides guidance for further improving the intelligence, precision, automation, effectiveness, and scalability of the firmware security defect detection method. Finally, future research in IoT firmware vulnerability security detection is prospected. Reference | Related Articles | Metrics

Select

Malicious Client Detection and Defense Method for Federated Learning Journal of Information Security Reserach    2024, 10 (2): 163-.   Abstract （368）      PDF （806KB）（218）       Knowledge map    Save Federated learning allows participating clients to collaborate in training machine learning models without sharing their private data. Since the central server cannot control the behavior of clients, malicious clients may corrupt the global model by sending manipulated local gradient updates, and there may also be unreliable clients with low data quality but some value. To address the above problems, this paper proposes FedMDD,a defense approach for malicious client detection and defense for federated learning, to process detected malicious and unreliable clients in different ways based on local gradient updates, while defending against symbol flipping, additive noise, single label flipping, multilabel flipping, and backdoor attacks. Four baseline algorithms are compared for two datasets, and the experimental results show that FedMDD can successfully defend against various types of attacks in a training environment containing 50% malicious clients and 10% unreliable clients, with better results in both improving model testing accuracy and reducing backdoor accuracy. Related Articles | Metrics

Select

A Survey of Forensic Network Attack Source Traceback Journal of Information Security Reserach    2024, 10 (4): 302-.   Abstract （140）      PDF （1134KB）（157）       Knowledge map    Save The concealment and anonymity of cyber attackers pose significant challenges to the field of network attack traceback. This study provides a comprehensive overview of the current state of research on network attack traceback analysis techniques, focusing on three aspects: traffic, scenarios, and samples. Firstly, with respect to traffic traceback, the paper outlines methods and applications based on log records, packet marking, ICMP tracing, and link testing. Secondly, it categorizes traceback techniques for different scenarios, encompassinganonymous networks, zombie networks, springboards, local area networks, and advanced persistent threat attacks, as well as their applications and limitations in realworld environments. Finally, concerning sample analysis, the paper discusses the progress and application scenarios of static and dynamic traceback analysis in the context of malicious code analysis and attack tracing. Reference | Related Articles | Metrics