Table of Content

30 April 2025, Volume 11 Issue 4

Previous Issue   

A Survey of Network Topology Obfuscation Techniques

2025, 11(4):  296. 

Asbtract ( )   PDF (1248KB) ( )  

References | Related Articles | Metrics

LinkFlooding Attack (LFA) is a novel distributed denialofservice (DDoS) attack that exploits network topology detection. Network Topology Obfuscation serves as an effective deceptive defense mechanism against this attack, aiming to provide proactive protection before an attack occurs. Over the past decade, relevant research has continuously made progress, proposing corresponding obfuscation solutions for different scenarios and objectives. This paper comprehensively reviews the network topology obfuscation techniques. First, it combines the basic principles and classifications of network topology discovery to point out the risks of topology leakage in current network topology discovery. Next, it formally defines network topology obfuscation design and presents a proactive defense model. Then, based on the obfuscation concept, the technologies are divided into packet modification, decoy traps, routing mutation, and metric forgery schemes, and proposes a set of metrics to comprehensively compare the current mainstream network topology obfuscation techniques.

Deep Learningbased Method for Encrypted Website Fingerprinting

2025, 11(4):  304. 

Asbtract ( )   PDF (1407KB) ( )  

References | Related Articles | Metrics

Website fingerprinting is an important research area within the fields of network security and privacy protection. Its goal is to identify websites accessed by users within an encrypted network environment by analyzing network traffic characteristics. In response to the problems of limited application scenarios, such as restricted application scenarios, insufficient applicability, and the singularity of feature selection, this paper proposes a deep learningbased method for encrypted website fingerprinting. Initially, a new preprocessing method for raw data packets is introduced, which processes directly captured raw packet files to generate a feature sequence with both spatial and temporal characteristics, structured hierarchically. Following this, a hybrid deep learning model combining convolutional neural networks and long shortterm memory networks is designed to thoroughly learn the spatial and temporal features present in the data. The study further investigates various activation functions, model parameters, and optimization algorithms to improve the model’s accuracy and generalization capability. Experimental results indicate that this method provides higher website fingerprinting accuracy in the onion router anonymous network environment when it does not rely on cell packets. And it also achieves better accuracy compared to current mainstream machine learning methods in virtual private network scenarios.

A Searchable Proxy Reencryption Scheme Supporting Dynamic Verification

2025, 11(4):  311. 

Asbtract ( )   PDF (1602KB) ( )  

References | Related Articles | Metrics

Traditional searchable proxy reencryption schemes typically assume that cloud servers are honestbutcurious, an assumption that is not applicable in realworld scenarios. Therefore, this paper designs a Dynamic Verifiable Searchable Proxy Reencryption Scheme. The scheme employs a threelayer counting Bloom filter to reduce users’ query costs and support deletion operations. Additionally, blockchain technology is introduced to verify search results, and an innovative verification tag leveraging the XOR property is proposed to further enhance the flexibility of the verification process. Furthermore, by exploiting the tamperproof characteristics of blockchain, the scheme ensures the fairness and credibility of the verification process. Experimental comparisons and security analysis confirm the feasibility and security of the proposed scheme.

A Lightweight Image Steganalysis Model Based on Multidirectional  Hybrid Filters

2025, 11(4):  318. 

Asbtract ( )   PDF (1561KB) ( )  

References | Related Articles | Metrics

Aiming at the problems of large number of parameters, limited generalization ability and low accuracy of current image steganalysis model, a lightweight image steganalysis model based on multidirection hybrid filters is constructed. In this model, a multidirectional and multisize high and low frequency hybrid filter bank is designed and the channel attention mechanism is used to preprocess the image, so as to adaptively extract the effective features in the image and improve the generalization ability of the model. The feature extraction module designs a multilayer convolution including the residual module to extract the image features in depth and improve the ability of the model to capture features. The dimensionality reduction module adopts depthwise separable convolution instead of traditional convolution, which effectively reduces the number of model parameters and achieves lightweight. Comparative analysis of experimental data showed that the model had the characteristics of lightweight and good generalization ability, and improved the accuracy of steganalysis.

Network Coding Hybrid Encryption Scheme for IoT System

2025, 11(4):  326. 

Asbtract ( )   PDF (1258KB) ( )  

References | Related Articles | Metrics

Network coding allows the intermediate node to encode the received message and forward it to the downstream node. However, there exists the insecurity of transmission data and the polluted information network nodes to waste many network resources. To solve the problems, a network coding hybrid encryption scheme (NCHES) suitable for Internet of things (IoT) system is devised in this article. NCHES realizes secure communication of arbitrary messages and uses a homomorphic hash function to resist the data pollution attacks; it has lower calculation overhead and higher data transmission efficiency in the IoT system.

Multiaccess Controls for Defense Against Smart Contract Reentry Attacks

2025, 11(4):  333. 

Asbtract ( )   PDF (2401KB) ( )  

References | Related Articles | Metrics

In order to solve the problem of reentry attacks caused by the vulnerability of smart contracts in handling external contract calls, a smart contract reentry attack defense method based on Multiple Access Controls (MAC) is proposed. By using MAC, only the contract owner is allowed to make calls and prevent functions from repeatedly entering the same transaction during execution; at the same time, the state variable is modified to store the secure contract address and update the contract state. Finally, formal verification is used to run the defended smart contract. In this paper, we verifies the method with a bank deposit and withdrawal transaction model. The experimental results show that the smart contract using this defense method can effectively solve the problem of reentry attacks when external contracts are invoked. Compared with other mainstream defense methods, it has higher feasibility, effectiveness, logical correctness and comprehensibility; compared with the undefended contract, the defended smart contract reduces the equivalent memory usage by 64.51%, and the running time is also shortened.

Malicious Behavior Detection Method Based on Behavior Clustering LSTMNN#br#

2025, 11(4):  343. 

Asbtract ( )   PDF (2288KB) ( )  

References | Related Articles | Metrics

With the progress and development of society, the safety requirements for public places have further increased. Malicious behavior detection can monitor and identify potential safety hazards in real time. To solve this problem, the Kmeans clustering method is used to divide the molecular data set and distinguish different forms of malicious behavior. To solve this problem, the Kmeans clustering method is used to divide the subdatasets to distinguish different forms of malicious behaviors. The DTW time warping method solves the problem of inconsistent lengths of malicious behavior time series. In order to solve the problem of image recognition, the excessive amount of data in the malicious behavior frame set makes the model calculation accuracy low, and the Attention mechanism is used to focus on special information points to ensure the accuracy of model training. This method was applied to the malicious behavior data set of UBIFights. The results showed that the final classification accuracy of the subdataset after clustering division by weighted average calculation reached 95.03%. This model effectively identifies malicious behavior videos and improves safety.

Highutility Time Series Data Generation Method Combining Sequence #br# Correlation Graph and GAN#br#

2025, 11(4):  351. 

Asbtract ( )   PDF (1701KB) ( )  

References | Related Articles | Metrics

Longterm time series data is difficult to obtain in reality, which seriously restricts the development of applications such as situational awareness and threat analysis in cyberspace security. Deep learningdriven data generation methods can effectively protect the privacy of original data, where ensuring the high utility and diversity of generated data is crucial. However, existing methods used random splicing of shortterm data to construct training data, which cannot ensure that the distribution of generated data meets expectations, affecting the availability of generated data. To address the above problems, this paper proposes a highutility time series generation method combining sequence correlation graph and generative adversarial network. By constructing sequence correlation graph and probability weighted generative adversarial network, the original data distribution is accurately fitted. Experimental results on multiple real data sets show that the method can generate longterm time series data with high utility and diversity based on shortterm original data, showing its great potential in practical applications.

A DoH Realtime Traffic Identification System

2025, 11(4):  358. 

Asbtract ( )   PDF (1237KB) ( )  

References | Related Articles | Metrics

DoH(Dnsoverhttps) technology has become the main means of encrypting DNS. Different from DoH traffic data sets that are captured over a long period of time, realtime DoH traffic identification requires multiple traffic capture in a short period of time, resulting in traffic fragmentation and makeing flow level and session level features not applicable. In order to solve this problem, a DoH realtime traffic identification system is proposed. The system utilizes the DNS resolution server IP dictionary for preliminary and rapid identification, and establishes a feature extraction method for DoH realtime traffic based on the relevant characteristics of packet length, inter packet latency, and traffic surge, combined with machine learning models for accurate traffic identification. Multiple network public datasets are used, and a realtime DoH traffic dataset are independently generated for verification experiments. The experimental results show that the feature extraction method used in the traffic identification system, can accurately identify realtime DoH traffic.

A Blockchainbased Privacypreserving Data Aggregation System for #br# Vehicular Networks#br#

2025, 11(4):  367. 

Asbtract ( )   PDF (2631KB) ( )  

References | Related Articles | Metrics

Aiming at the privacy risks and challenges of data aggregation in vehicular networks, this paper proposes a secure and anonymous data aggregation scheme based on blockchain in vehicular networks. The scheme integrates cloud computing with blockchain and designs a blockchainbased data aggregation system that enables efficient and secure data collection and analysis in vehicular networks. The solution uses key escrow resilience to ensure the security of the keys in the system, preventing the security issues previously caused by thirdparty key generation. Additionally, the scheme employs a twostage data aggregation process to achieve finegrained data aggregation, providing effective support for cloud service in vehicular networks. Security analysis and performance evaluations demonstrate that the proposed scheme is secure and offers higher computational and communication efficiency.

Research on Dataenhanced Multimodal False Information #br# Detection Framework#br#

2025, 11(4):  377. 

Asbtract ( )   PDF (1878KB) ( )  

References | Related Articles | Metrics

With the development of multimedia technology, rumor spreaders tend to create false information with multimodal content to attract the attention of news readers. However, it is challenging to extract features from sparsely annotated multimodal data and effectively integrate implicit clues in the multimodal data to generate vector representations of false information. To address this issue, we propose a DEMF(dataenhanced multimodal false information detection framework). DEMF leverages the advantages of pretrained models and data augmentation techniques to reduce reliance on annotated data; it utilizes multilevel modal feature extraction and fusion to simultaneously capture finegrained elementlevel relationships and coarsegrained modallevel relationships, in order to fully extracting multimodal clues. Experiments on realworld datasets show that DEMF significantly outperforms stateoftheart baseline models.

Innovative and Professional Talent Education Architecture of  Cyberspace Security in New Situation

2025, 11(4):  385. 

Asbtract ( )   PDF (3780KB) ( )  

References | Related Articles | Metrics

The emerging new problems and technologies in the field of cybersecurity currently do not match the applicability and timeliness of existing talent cultivation in technological development. In response to this, this paper investigates the innovative professional training system for cybersecurity talents under new circumstances. We systematically examine key issues in talent cultivation, dynamic updates of training objectives, evolution of knowledge systems, and cultivation of innovative competencies. The study proposes and constructs a comprehensive, multilevel, and dynamic talent cultivation framework for cyberspace security professionals, encompassing core theoretical research, critical technology R&D, and comprehensive innovation capability development that adapts to new technological trends. Through innovative processes including instructional objective design, content adaptation, teaching implementation, and feedback mechanisms, we establish an internationally adaptable training system that dynamically responds to technological advancements. This approach strengthens the dynamism, adaptability, and practical orientation of cybersecurity talent cultivation, effectively addressing the demand for innovative professionals in cyberspace security under evolving technological landscapes and emerging requirements.