Loading...
Toggle navigation
Home
About
About Journal
Editorial Board
Author Center
Current Issue
Just Accepted
Archive
Most Read Articles
Most Download Articles
Most Cited Articles
E-mail Alert
RSS
Reader Center
Online Submission
Manuscript Tracking
Instruction
Download
Review Center
Peer Review
Office Work
Editor-in-Chief
Subscription
Contact Us
中文
Table of Content
29 July 2025, Volume 11 Issue 7
Previous Issue
Model of Insider Threat Behavior Detection Based on Graph Neural Network
2025, 11(7): 586.
Asbtract
(
)
PDF
(1890KB) (
)
References
|
Related Articles
|
Metrics
This paper designs a new detection model based on graph neural networks to address the shortcomings of existing models for insider threat behavior detection based on user behavior sequences, which cannot handle long sequences well. The model converts user behavior sequences into a graph structure and transforms the processing of long sequences into the processing of subgraph structures. The experiment designs a graph structure to describe user behavior, which is used to store user behavior in the form of graph data. The baseline GNN model is optimized for this graph structure, which is heterogeneous and has data stored on its edges. The experimental results show that, for the binary classification task of distinguishing normal and threatening behavior, the ROC AUC value of the proposed model is improved by 7% and the MacroF1 value is improved by 7% compared to the baseline model. In the sixclass classification task of distinguishing specific threat types, the MacroF1 value of the proposed model improves by 10% compared to the baseline model.
Dualbranch Malicious Code Homology Analysis Model Based on Feature Fusion
2025, 11(7): 594.
Asbtract
(
)
PDF
(2563KB) (
)
References
|
Related Articles
|
Metrics
In the homology analysis of malicious code, a large number of malicious code variants are generated due to techniques such as encryption, obfuscation, and packing, which leads to the problem that the deep learning model has insufficient ability to extract the features of malicious code. To solve this problem, a multibranch convolution and transformernet (MCATNet) homology analysis model based on feature fusion was proposed. Firstly, an MCATNet dualbranch network was constructed, one branch was a multibranch convolutional MBC (Multibranch convolution) module, and the MBC module was used to construct the CNN branch, and the CBAM hybrid attention mechanism was introduced to make the network pay more attention to the core features while taking into account the local features. Another branch is the Transformer module with ViT as the backbone, which extracts global feature information of malicious code images and proposes a downsampling module to finely preserve global features while aligning the feature maps of Transformer and CNN at the spatial scale. Secondly, the cascading strategy is used to fuse the local features of the CNN branch and the global features of the Transformer branch to solve the problem that the network only focuses on a single feature. Finally, the Softmax classifier was used to analyze the homology of the malicious code family. Experimental results show that the classification accuracy of the twobranch model based on feature fusion reaches 99.24%, which is 0.11% and 0.65% higher than that of the singlebranch CNN and singlebranch Transformer models, respectively.
Research on Address Recognition of Bitcoin Mixed Coin Transactions Based on ResGCN
2025, 11(7): 603.
Asbtract
(
)
PDF
(2739KB) (
)
References
|
Related Articles
|
Metrics
Bitcoin has received attention for its decentralized peertopeer anonymity nature, but its pseudoanonymity makes the transaction still traceable. In order to meet the higher requirements of users for privacy, mixedcoin transactions came into being. However, mixedcoin transactions make it more difficult to trace the funds of bitcoin, and at the same time, it also becomes an accomplice in assisting criminals to illegally launder money. In order to prevent and combat money laundering and other financial crimes, this paper proposes a graph neural networkbased address recognition method for bitcoin mixedcoin transactions. Firstly, a rich and representative labeled address dataset is constructed; secondly, a residual graph convolution network ResGCN is constructed by adding residual connections for graph feature learning and embedding, which overcomes the gradient decay problem of the traditional graph convolution network GCN with the increase of the number of graph convolution layers; and then the selfattention mechanism is combined with the multilayer perceptron MLP for graph classification; and finally output the binary classification results. The experimental results show that the method in this paper can accurately recognize the mixedcoin transaction addresses.
A Buildin Fuzzing Framework for Opensource BMC Firmware
2025, 11(7): 611.
Asbtract
(
)
PDF
(1321KB) (
)
References
|
Related Articles
|
Metrics
The baseboard management controller (BMC) is a remote management component of servers with high system privileges, and its firmware security is crucial. Currently, opensource BMC firmware, such as OpenBMC, is favored due to its good compatibility, high openness, and shorter development cycles. Facing challenges such as limited computational resources and complex execution environments in firmware dynamic analysis, fuzzing technology combined with firmware emulation can effectively perform vulnerability analysis. However, existing tools mainly target simple closedsource embedded firmware and are not wellsuited for the complex structure of BMC firmware. This paper presents a buildin fuzzing framework, BMCfuzz, tailored for opensource BMC firmware, which supports generalpurpose program analysis tools. The framework relies on full system emulation, allowing generalpurpose fuzzing tools to be directly deployed in the emulated firmware, bypassing the complex emulation environment and directly working on firmware programs. Additionally, the framework leverages opensource features to enhance fuzzing efficiency through source code instrumentation. For complex network service programs that are difficult to emulate, this paper proposes a simple method for generating fuzzed network packet injections to handle fuzzed data input, enabling better emulation and analysis. Experimental results show that the framework’s execution efficiency is improved by 12.1 times, and code coverage is increased by 6.17 times compared to binary instrumentation methods, demonstrating better testing performance.
FastHotStuff Blockchain Consensus Algorithm with Adaptive View Dynamic Timeouts
2025, 11(7): 619.
Asbtract
(
)
PDF
(1301KB) (
)
References
|
Related Articles
|
Metrics
The FastHotStuff algorithm achieves a twostage pipelined Byzantine fault tolerant consensus through aggregated signatures. When the leader node of FastHotStuff fails, the deadlock problem in the view change phase brings communication complexity of O(n2). However, current studies have only focused on the deadlock problem and have not considered the issue of continuous view timeouts caused by Byzantine nodes and volatile networks. To address this problem, we propose a FastHotStuff blockchain consensus algorithm with adaptive view dynamic timeouts, called AVDHotStuff. First, the view dynamic timeout strategy algorithm adaptively controls the duration of the next view timeout to avoid continuous view timeouts caused by volatile networks. Second, the leader waiting strategy algorithm reduces the communication complexity of view change from O(n2) to O(n), and ensures the efficiency of view change by adaptively controlling the leader waiting time. Finally, the reputationbased leader selection strategy algorithm introduces reliable nodes into the consensus process, avoiding continuous view timeouts by removing Byzantine nodes during the view change phase. We have conducted experiments to compare our algorithm with FastHotStuff. When Byzantine nodes are present, the average throughput of AVDHotStuff increases by approximately 51.4%, and its average latency decreases by about 59.9%.
A PUFbased Identity Authentication and Key Negotiation Protocol for Telemedicine
2025, 11(7): 626.
Asbtract
(
)
PDF
(2116KB) (
)
References
|
Related Articles
|
Metrics
Telemedicine is rapidly developing due to its high service efficiency and good medical experience, but the secure transmission of medical data is a critical challenge that needs urgent resolution. Although a large number of authentication and key negotiation protocols suitable for telemedicine environments exist, some of the protocols suffer from security risks and inefficiencies. To address the existing problems, we propose a PUFbased authentication and key negotiation protocol. The protocol employs a trusted gateway to implement a manytomany authentication and key negotiation mechanism, uses the PUF function to generate a “device fingerprint” for unique identification, and leverages the ECC algorithm to ensure the confidentiality of the data. The semantic security of the session key is proved under the random oracle model, the confidentiality and authenticity of the protocol are verified by the ProVerif simulation tool, and the nonformal analysis proves that the protocol is resistant to common attacks such as offline password guessing and session key compromise. Comparison results with related protocols in terms of computation overhead, storage overhead, communication overhead and security show that this protocol exhibits notable feasibility and advantages.
Multireceiver Multimessage Adaptive Broadcast Signcryption Mechanism
2025, 11(7): 636.
Asbtract
(
)
PDF
(1048KB) (
)
References
|
Related Articles
|
Metrics
To address the issues of user privacy protection and adaptive message quantity in multireceiver broadcast signcryption, a certificateless multireceiver multimessage adaptive broadcast signcryption mechanism was proposed. The receiver identity ID is input into the Lagrange interpolation polynomial to calculate the ciphertext index, and the receiver uniquely locates the signcryption ciphertext, which solves the problem of selfadaptation of the number of messages in the broadcast signcryption. Based on the elliptic curve cryptography, the user decryption key is associated with a random element on the group to solve the privacy protection problem of multireceiver users. Under the random Oracle model, based on the discrete logarithmic assumption and the computational DiffieHellman assumption on the elliptic curve additive cyclic group, it is proved that the scheme satisfies confidentiality and unforgeability. The functional efficiency analysis shows that the scheme is superior to the traditional multireceiver signcryption scheme.
Confidential Computation of Association Values of Set Intersection Elements
2025, 11(7): 645.
Asbtract
(
)
PDF
(846KB) (
)
References
|
Related Articles
|
Metrics
The computation of association values for intersection elements is an extension of the privacypreserving set intersection problem, representing a novel challenge in the domain of secure multiparty computation. This paper proposes a scheme for computing the association values of intersection elements securely. Initially, leveraging secret sharing combined with dual cloud servers, we implement a distributed oblivious pseudorandom function (OtdPRF). On this basis, we integrate the concept of oblivious polynomial interpolation with the ElGamal encryption algorithm to achieve a secure computation scheme for the sum of association values of intersection elements between two parties. In the above scheme,homomorphic computation overhead is outsourced to the cloud, thereby reducing computational complexity for participants. Furthermore, we expand the application scenarios based on the scheme for sum of association values of intersection elements, designing and implementing secure determination of threshold relationships and computation of average values of intersection elements. Finally, employing a simulation paradigm, we demonstrate the security of the proposed scheme under a semihonest model and analyze its performance in terms of computation and communication complexity.
Security Resource Scheduling Methods in Virtualization Environment
2025, 11(7): 652.
Asbtract
(
)
PDF
(1729KB) (
)
References
|
Related Articles
|
Metrics
In the era of cloud computing, The integration of security technology and cloud computing has given rise to an innovative security defense approachvirtualization of security resources. This novel architecture serves as a basis for a comprehensive security protection system that consolidates multiple security functionsincluding firewalls, intrusion detection and prevention systems, and antivirus solutionsinto a flexible resource set through virtualization and softwaredefined technologies. This article delves into the relevant concepts, advantages, typical scheduling algorithms, and future development directions of secure resource virtualization. This article provides a detailed analysis of the composition devices and functional characteristics of virtualized security resources, and points out their advantages in resource virtualization and sharing, flexible expansion, unified management, and deep integration with cloud environments. In terms of scheduling algorithms, this article studies various typical virtualization security resource and task scheduling strategies, such as coral reef task scheduling algorithm, immune genetic algorithm, improved pollen transmission algorithm, and improved algorithm based on Pareto optimal theory, and explores their advantages and applicable scenarios. The article looks forward to the future development direction of security resource virtualization, The aim is to provide reference for further optimization configuration and cost control of security resource virtualization, and promote more efficient and stable development in the field of cloud computing under the premise of ensuring security.
Authenticated Key Agreement Protocol for Postquantum Anonymous Communication
2025, 11(7): 661.
Asbtract
(
)
PDF
(1449KB) (
)
References
|
Related Articles
|
Metrics
As the scale of data in the network becomes more and more enormous. These data are highly associated with the users, once the data is leaked, the identity information and personal privacy of the users will be seriously threatened. The encryption system based on traditional number theory becomes no longer secure with the rapid development of quantum technology, in response to this problem, this paper proposes a key negotiation protocol that gives anonymous authentication on the lattice, based on lattice cryptography security challenges can resist quantum attacks, its security has been analyzed by the security model and theoretical and compared with similar schemes to obtain a significant improvement. This novel protocol is based on the authentication cryptography of lattice ciphers, which is capable of accomplishing mutual authentication and establishing secure communication, and is able to optimize the deployment of certificate system components of public key infrastructure.
Personalized Differential Privacy Trajectory Publishing Scheme Fusing Semantic
2025, 11(7): 670.
Asbtract
(
)
PDF
(3808KB) (
)
References
|
Related Articles
|
Metrics
Trajectory databases contain massive information, and direct release may lead to the disclosure of personal sensitive information. The location semantic information of users encompasses abundant details about daily activities and access preferences. The existing personalized differential privacy trajectory publishing scheme does not consider the semantic information between location points in determining the privacy level, and there is still an imbalance between privacy and data availability. To solve the above problems, a semantically integrated personalized differential privacy trajectory publishing scheme (PRTDP) is proposed, which determines the dynamic privacy level according to the mobile characteristics of the user’s own trajectory. Firstly, an algorithm for determining sensitive location points is proposed. The DBSCAN clustering algorithm is used to obtain the user’s sensitive location points. Then, a personalized privacy level partitioning algorithm is proposed. By leveraging the semantic information between the location points, we construct a digraph model of the sensitive location point relationships and design an enhanced PageRank algorithm to determine the privacy level of the location points. Laplace noise corresponding to the privacy level is added to the trajectory data before publication. PRTDP scheme can effectively protect the sensitive information of users while enhancing trajectory data usability of trajectory data. Experiments show that the scheme outperforms the existing schemes NFRP algorithm and FPT algorithm in three dimensions: privacy protection degree, availability and time efficiency.
Author Center
Online Submission
Instruction
Template
Copyright Agreement
Review Center
Peer Review
Editor Work
Editor-in-Chief
Office Work
