Loading...
Toggle navigation
Home
About
About Journal
Editorial Board
Author Center
Current Issue
Just Accepted
Archive
Most Read Articles
Most Download Articles
Most Cited Articles
E-mail Alert
RSS
Reader Center
Online Submission
Manuscript Tracking
Instruction
Download
Review Center
Peer Review
Office Work
Editor-in-Chief
Subscription
Contact Us
中文
Table of Content
18 March 2025, Volume 11 Issue 3
Previous Issue
Privacypreserving Federated Learning Research Based on #br# Confused Modulo Projection Homomorphic Encryption#br#
2025, 11(3): 198.
Asbtract
(
)
PDF
(1298KB) (
)
References
|
Related Articles
|
Metrics
In the current era of big data, deep learning is booming and has become a powerful tool for solving realworld problems. However, traditional centralized deep learning systems are at risk of privacy leakage. To address this problem, federated learning, a distributed machine learning approach, has emerged. Federated learning allows multiple organizations or individuals to train models together without sharing raw data, by uploading local model parameters to the server, aggregating each user’s parameters to construct a global model, and returning it to the user. This approach achieves global optimization and avoids private data leakage. However, even with federated learning, attackers may still be able to reconstruct user data by obtaining the model parameters uploaded by users, thus violating privacy. To address this issue, privacy protection has become the focus of federated learning research. In this paper, we propose a federated learning scheme FLFC (federated learning with confused modulo projection homomorphic encryption) based on confused modulo projection homomorphic encryption to address the above issues. This scheme adopts a selfdeveloped modular fully homomorphic encryption algorithm to encrypt user model parameters. The modular fully homomorphic encryption algorithm has the advantages of high computational efficiency, support for floatingpoint operations, and localization, thus achieving stronger protection of privacy. Experimental results show that the FLFC scheme exhibits a higher average accuracy and good stability compared to the FedAvg scheme in experiments.
A Federated Learning Method Resistant to Label Flip Attack
2025, 11(3): 205.
Asbtract
(
)
PDF
(3486KB) (
)
References
|
Related Articles
|
Metrics
Since users participating in federated learning training have high autonomy and their identities are difficult to identify, they are vulnerable to label flip attacks, causing the model to learn wrong rules from wrong labels and reducing the overall performance of the model. In order to effectively resist label flip attacks, a dilutionprotected federated learning method for multistage training models is proposed. This method randomly divides the training data set and uses a dilution protection federated learning algorithm to distribute part of the data to clients participating in the training to limit the amount of data owned by the client and avoid malicious participants with large amounts of data from causing major damage to the model. After each training session, the gradients of all training epochs in that phase are gradient clustered by a dimensionality reduction algorithm in order to identify potentially malicious actors and restrict their training in the next phase. At the same time, the global model parameters are saved after each stage of training to ensure that the training of each stage is based on the model foundation of the previous stage. Experimental results on the data set show that this method reduces the impact of attacks without damaging the model accuracy, and helps improve the convergence speed of the model.
Research on Model Antistealing Based on Image Augmentation
2025, 11(3): 214.
Asbtract
(
)
PDF
(1585KB) (
)
References
|
Related Articles
|
Metrics
Convolutional neural network (CNN) models have been widely used in image classification tasks and have achieved good results, but these models can also become objects of stealing. This paper proposes a novel method to avoid the stealing of CNN models in image classification tasks, addressing the issues of high dependence on algorithm detection accuracy and post intellectual property verification in existing antistealing measures. It utilizes image data augmentation technology to improve the robustness and generalization ability of private models, and then uses loose suspicious behavior detection rules to detect image query behavior. Suspicious query images are processed using enhanced image technology, and the processed images are input into the enhanced model for prediction. Finally, a vector composed of the predicted category confidence of the model is output to achieve inputoutput inequality. This process will prevent suspicious users from obtaining the model prediction information corresponding to their input images, in order to achieve the goal of model stealing prevention. This paper conducts experiments using three common image datasets and four convolutional neural network (CNN) structures, and finally finds that the method proposed in this paper can achieve the goal of model antistealing and ensure that private models can complete their classification tasks normally.
Design of Adversarial Attack Scheme Based on YOLOv8 Object Detector
2025, 11(3): 221.
Asbtract
(
)
PDF
(3519KB) (
)
References
|
Related Articles
|
Metrics
Currently, cameras equipped with AI object detection technology are widely used. However, AI object detection models in realworld applications are vulnerable to adversarial attacks. Existing adversarial attack methods, primarily designed for earlier models, are ineffective against the latest YOLOv8 object detector. To address this issue, we propose a novel adversarial patch attack method specifically for the YOLOv8 object detector. This method minimizes confidence output while incorporating an exponential moving average (EMA) attention mechanism to enhance feature extraction during patch generation, thereby improving the attack’s effectiveness. Experimental results demonstrate that our method achieves superior attack performance and transferability. Validation tests, in which the adversarial patches were printed on clothing, also demonstrated excellent attack results, indicating the strong practicality of our proposed method.
Fake Face Detection Method Based on ConvNeXt
2025, 11(3): 231.
Asbtract
(
)
PDF
(2205KB) (
)
References
|
Related Articles
|
Metrics
The fake images generated by deep generative models are becoming increasingly realistic, surpassing the human eye’s ability to detect them. These models have become new tools for illegal activities, such as fabricating lies and creating public opinion. Although current researchers have proposed many detection methods to detect fake images, their generalization ability is typically limited. To address this issue, we proposed a fake face detection method based on ConvNeXt. Firstly, we add a PSA(polarization selfattention) module after the second and third downsampling modules of ConvNeXt, enhancing the network’s spatial and channel attention performance. Secondly, a RIB(rich imformation block) is designed at the end of ConvNeXt to enrich the information learned by the network. The information is processed through this module before final classification. Furthermore, the loss function used in network training is a combination of CrossEntropy loss and KL(KullbackLeibler) divergence. Extensive experiments on the current mainstream fake face datasets demonstrate that our method surpasses all comparative methods in accuracy and generalization on the FF++ C23 dataset.
An Intrusion Detection Method for Internet of Things by Fusing #br# Spatiotemporal Features#br#
2025, 11(3): 241.
Asbtract
(
)
PDF
(3194KB) (
)
References
|
Related Articles
|
Metrics
Aiming at the problems of insufficient attack samples and more categories in unbalanced IoT traffic datasets reducing the classification accuracy and generalization ability of the detection model, an intrusion detection method for the Internet of things by fusing spatiotemporal features (BGAREU) is proposed. The data were first normalized and the SMOTEENN method was used to improve the data distribution of the training samples; then temporal features and global information were extracted by Bidirectional gated recurrent unit (BiGRU) and multihead attention, and combined ResNext network and UNet network to construct a multiscale spatial feature extraction network, and then incorporate efficient channel attention (ECANet) into the residual units to enhance the local characterization capability; finally, the fused features are fed into the Softmax classifier for multiclassification. Experiments show that the proposed model has more than 2% improvement in all the metrics compared with other models on IoT traffic datasets UNSWNB15, NSLKDD, and WSNDS. In addition, this paper verifies that the ECANet has stronger characterization ability by comparing multiple attention mechanisms, and explores the effect of different numbers of attention heads in multihead attention on the model performance.
Research on Video Adversarial Example Generation Methods for Transfer Attacks
2025, 11(3): 249.
Asbtract
(
)
PDF
(2693KB) (
)
References
|
Related Articles
|
Metrics
Different video recognition models possess distinct temporal discrimination patterns. In transfer attacks, the generation of video adversarial examples can lead to overfitting to the whitebox model’s temporal discrimination pattern, resulting in poor transferability of the adversarial examples. In view of this phenomenon, an effective algorithm is proposed to alleviate the overfitting phenomenon. The algorithm generates multiple augmented videos by frame extraction, inputs them into a whitebox model, and obtains augmented gradients through backpropagation. Then, it repositions these gradients and calculates a weighted sum to acquire the final gradient information. Finally, it introduces this gradient information into gradientbased whitebox attack methods, such as FGSM and BIM, to obtain the final adversarial samples. The crossentropy loss function was improved; while guiding the generation of adversarial examples, its primary goal was to quickly find a direction that causes the model to misclassify, without considering the semantic space distance between the classification result and other categories with higher probabilities. In response to this issue, a regularization term based on KL divergence was introduced. When combined with the crossentropy function, the adversarial examples generated based on this loss function have stronger transferability. On the Kinetics400 and UCF101 datasets, six commonly used models in the video recognition domain were trained, specifically NonLocal, SlowFast, and TPN, with ResNet50 and ResNet101 serving as the backbone networks. One of these models was selected as the whitebox model to conduct transfer attacks on the remaining models, and a large number of experiments demonstrated the effectiveness of the method.
An Image Steganography Method Based on Threechannel Deep Fusion Technology
2025, 11(3): 257.
Asbtract
(
)
PDF
(3334KB) (
)
References
|
Related Articles
|
Metrics
The advancement of science and technology for information transmission provides convenience, but it has also led to information leaks. Aim at enhancing the quality and capacity of steganographic images, a threechannel deep fusion technology used in image steganography is designed. Firstly, the main channel of the steganographic model is used to extract features from the carrier image. This network is based on the UNet network structure and introduces residual blocks(ResBlock). Then, the bottom channel and the middle channel are utilized for extracting secret image features. Finally, fusing the features from the first and third layers of the bottom channel network into the corresponding layers of the middle channel network through way of crossfusion. Further, the features extracted from the second and fourth layers of the middle channel network are fused into the corresponding layers of the main channel network. The experimental results demonstrate that the proposed method has good invisibility. When the embedding capacity reaches 24bpp, the PSNR of the hidden image reaches 41.15dB, effectively improving the security of image transmission and steganography capacity.
A Method for Extracting Vulnerable Entities in Small Sample Semantic Analysis
2025, 11(3): 265.
Asbtract
(
)
PDF
(1775KB) (
)
References
|
Related Articles
|
Metrics
At the moment, different information security vulnerability databases have different standards, with different focuses on vulnerability data and relatively independent relationships. It is difficult to quickly and comprehensively obtain highvalue vulnerability information, and a unified vulnerability entity standard needs to be established. Therefore, this paper focuses on vulnerability data in entity extraction technology research. The majority of vulnerability data is provided in unstructured natural language form that combines Chinese and English, rulebased methods lack robust generalization, deeplearningbased methods occupy too many resources and rely on a large amount of annotated data. To address these issues, this paper presents a vulnerability entity extraction method with small sample semantic analysis. The method employs BERT pretrained vulnerability data to generate a pretrained model within the cybersecurity vulnerability domain, allowing for a better understanding of cybersecurity vulnerability data and reducing reliance on lager annotated data. Additionally, a selfsupervised incremental learning approach is applied to improve model performance with very limited annotated data (1785 samples). The model in this paper extracts 12 types of vulnerability entities in the field of cybersecurity, and the experimental results show that the method outperforms other models in the recognition and extraction of cybersecurity vulnerability entities, with an F1 value of 0.8643.
Research on Physical Layer Security of CRNOMA System Based on DC Programming
2025, 11(3): 275.
Asbtract
(
)
PDF
(1559KB) (
)
References
|
Related Articles
|
Metrics
A physical layer security scheme for CRNOMA systems based on DC(difference of convex) function planning is proposed to address the communication security issues caused by the openness of CRNOMA systems. In the NOMA(nonorthogonal multiple access) communication scenario, construct a multiuser eavesdropping channel model derive the security and rate expressions for the CRNOMA system; And design a DCbased carrier power allocation algorithm to solve the optimal solution for subchannel power allocation and improve the security of system subcarriers. The simulation results show that without increasing the power of the base station, its SSR is improved by 35% and 10%, respectively, compared to OFDMA and NOMA; Under the same SSR, the maximum number of users can increase by 200%. Verified that the scheme can effectively enhance the physical layer security of the system.
A Blockchain Oracle Scheme Based on Schnorr Threshold Signature
2025, 11(3): 282.
Asbtract
(
)
PDF
(832KB) (
)
References
|
Related Articles
|
Metrics
A blockchain oracle scheme base on Schnorr threshold signatures is proposed to address the inefficiency of blockchain interactions with offchain data when using oracles as intermediaries. The scheme aggregates multiple signatures based on the Schnorr threshold signature combined with the linear secret sharing algorithm. Additionally, it employs multiple oracles to obtain data information in the physical world, and achieves efficient and highly reliable data transmission from the oracle to the blockchain. The analyses and experiments demonstrate that the scheme offers good security and performance.
Research and Practice on SASE Based on the 5G Integration of Cloud and Networking
2025, 11(3): 287.
Asbtract
(
)
PDF
(6463KB) (
)
References
|
Related Articles
|
Metrics
In the context of digital transformation, enterprises are evolving into multibranch conglomerates, adopting cloudbased services, and embracing decentralized models. However, this shift presents new challenges for network security. This article proposes a practical approach, based on the integration of 5G and SASE technologies, for secure access service edge (SASE) implementation. Leveraging 5G as the SDWAN transport network, the proposed solution connects data centers, hybrid clouds, and client endpoints. It deploys security access points of presence (POP) nodes nationwide, equipped with core modules such as Cloud Access Security Broker (CASB), Secure Web Gateway (SWG), Zero Trust Gateway, and FirewallasaService (FWaaS). Additionally, traditional security components can be selectively employed within these modules to enable usercentric security monitoring, access control, interception, and auditing capabilities. Practical implementation of this solution demonstrates its feasibility and effectiveness in various enterprise security protection scenarios.
Author Center
Online Submission
Instruction
Template
Copyright Agreement
Review Center
Peer Review
Editor Work
Editor-in-Chief
Office Work
