Table of Content

30 September 2025, Volume 11 Issue 9

Previous Issue   

A Survey on Backdoor Attacks and Defenses in Federated Learning

2025, 11(9):  778. 

Asbtract ( )   PDF (2638KB) ( )  

References | Related Articles | Metrics

Federated learning is a machine learning framework that enables participants in different fields to participate in largescale centralized model training together under the condition of protecting local data privacy. In the context of addressing the pressing issue of data silos, federated learning has rapidly emerged as a research hotspot. However, the heterogeneity of training data among different participants in federated learning also makes it more vulnerable to model robustness attacks from malicious participants, such as backdoor attacks. Backdoor attacks inject backdoors into the global model by submitting malicious model updates. These backdoors can only be triggered by carefully designed inputs and behave normally when input clean data samples, which poses a great threat to the robustness of the model. This paper presents a comprehensive review of the current backdoor attack methods and backdoor defense strategies in federated learning. Firstly, the concept of federated learning, the main types of backdoor attacks and backdoor defenses and their evaluation metrics were introduced. Then, the main backdoor attacks and defenses were analyzed and compared, and their advantages and disadvantages were pointed out. On this basis, we further discusses the challenges of backdoor attacks and backdoor defenses in federated learning, and prospects their research directions in the future.

Internet of Things Intrusion Detection Model Based on Federated Learning

2025, 11(9):  788. 

Asbtract ( )   PDF (1432KB) ( )  

References | Related Articles | Metrics

The Internet of things (IoT) has shown a wide range of application prospects and huge development potential in many fields. However, as the scale of the IoT continues to expand, independent IoT devices lack highquality attack instances, making it difficult to effectively respond to increasingly complex and diverse attack behaviors. Consequently, addressing IoT security issues has become a critical challenge that requires urgent attention. To address this problem, the paper proposes an IoT intrusion detection model based on federated learning and attention mechanisms, which allows multiple devices to train the global model collaboratively while protecting their data privacy. Firstly, this paper constructs an intrusion detection model combining convolutional neural network and mixed attention mechanism to extract key features of network traffic data, so as to improve detection accuracy. Secondly, the paper introduces the model contrast loss to correct the training direction of the local model to alleviate the global model convergence difficulties caused by the nonindependent and same distribution of data between devices. The experimental results show that the proposed model is significantly superior to the existing methods in terms of accuracy, accuracy and recall, demonstrating stronger intrusion detection capabilities, and can effectively deal with complex data distribution problems in the IoT environment.

A Covert Backdoor Attack Method in Fewshot Class Incremental Learning

2025, 11(9):  797. 

Asbtract ( )   PDF (2644KB) ( )  

References | Related Articles | Metrics

The rapid development of deep learning has led to a sharp increase in the demand for training data, and fewshot classincremental learning has become an important technique for enhancing data integrity when training deep learning models. Users can directly download datasets or models trained using fewshot classincremental learning algorithms to improve efficiency. However, while this technology brings convenience, the security issues of the models should also raise concerns. In this paper, the backdoor attack is studied on the fewshot classincremental learning model in the image domain, and a covert backdoor attack method in fewshot class incremental learning is proposed, which carries out the backdoor attack in the initial and incremental phases, respectively: in the initial phase, the covert backdoor trigger is injected into the base dataset, and the base dataset which contains the backdoor is used for the incremental learning in place of the original data; in the incremental phase, when new batch samples arrive, select some samples to add to the trigger, and iteratively optimize the trigger during the incremental process to achieve the best triggering effect. The experimental evaluation shows that the attack success rate (ASR) of the stealthy backdoor attack method proposed in this paper can reach up to 100%, the clean test accuracy (CTA) and the clean sample model performance remain at a stable level, and at the same time, the method proposed in this paper is robust to the backdoor defense mechanism.

Research on Network Unknown Attack Detection Based on Machine Learning#br#

#br#

2025, 11(9):  807. 

Asbtract ( )   PDF (1297KB) ( )  

References | Related Articles | Metrics

In the complex context of the continuous evolution of cybersecurity threats, the threats posed by unknown network attacks to digital infrastructure are increasing daily. Consequently, The technology for detecting unknown network attacks based on machine learning has emerged as a focal point in research. This paper first discusses the classification of intrusion detection systems and the commonly used technologies for detecting unknown network attacks. Subsequently, it conducts an indepth exploration of the methods for detecting unknown attacks based on machine learning from three dimensions: anomaly detection, openset recognition, and zeroshot learning. Furthermore, it summarizes the commonly used datasets and key evaluation indicators. Finally, it summarizes and looks ahead to the development trends and challenges of unknown attack detection. This article can provide references for further exploring new methods and technologies in the field of cyberspace security.

Double Differential Privacy Protection Algorithm Based on BP Neural Network

2025, 11(9):  814. 

Asbtract ( )   PDF (3270KB) ( )  

References | Related Articles | Metrics

With the continuous development of data mining, the information hidden within data can bring immense value across various fields, but there is always the risk of user sensitive information leakage when using the model for prediction. Aiming at the problem of sensitive data leakage in the training process of neural networks, this paper proposed an improved BP neural network algorithm with differential and dual privacy protection, named BPDDP. In this method, the difference privacy theory was introduced in the process of network training, and Gaussian noise conforming to a certain privacy budget was added to the loss function, and Laplace noise was added after the gradient is corrected, so as to achieve privacy protection. Finally, the experiment is compared with the traditional BP neural network. The experimental results show that the BP neural network still has good multiclassification performance under the premise of privacy protection when the added noise scale is small.

A Spectre Vulnerability Detection Method Integrating Fuzzing and #br# Taint Analysis#br#

2025, 11(9):  822. 

Asbtract ( )   PDF (1848KB) ( )  

References | Related Articles | Metrics

Aiming at the problems of insufficient applicability of traditional vulnerability detection technology in Spectre V1 vulnerability detection, high false positive rate and false positive rate, a novel method TransFT integrating fuzz testing and taint analysis is proposed. First, program code is refactored to simulate the misprediction behavior of Spectre V1 vulnerabilities. Next, feedbackdriven fuzz testing is utilized to identify highrisk code segments and generate test cases capable of triggering vulnerabilities, thereby improving testing efficiency. Finally, static taint analysis is applied to validate potential vulnerabilities, effectively reducing FNR and FPR. Experimental results demonstrate that the proposed method significantly reduces FNR, FPR, and testing time compared to existing fuzzingbased approaches, showcasing superior detection capabilities.

SM9based Decentration Crosschain Medical Data Sharing Scheme

Yu Huifang and Li Shunkai

2025, 11(9):  832. 

Asbtract ( )   PDF (2204KB) ( )  

References | Related Articles | Metrics

To solve the problems of data leakage and data silos between medical institutions in medical system, a SM9based decentration crosschain medical data sharing scheme (DCCMDSS) is proposed in this article. Relay chain and hash time lock contract (HTLC) realize the crosschain data sharing between medical institutions, the interplanetary file system (IPFS) reduces the storage pressure of blockchain and ensures the integrity of medical data. SM9based algorithm encrypts medical data and group signature allows the group members to sign the data on behalf of the whole group without revealing their personal identities. Consequently, DCCMDSS effectively avoids the privacy leakage and ensures the traceability of signature. DCCMDSS reduces the crosschain transaction overhead and improves the security of medical data.

Research on the Governance System of Ensuring Both Crossborder #br# Data Flow and Safety#br#

#br#

2025, 11(9):  840. 

Asbtract ( )   PDF (1493KB) ( )  

References | Related Articles | Metrics

Crossborder data flow is a fundamental part of digital trade, and it is also a key issue in the international data governance game. At present, China has preliminarily formed a system of rules and regulations for crossborder data flow, but there are still prominent problems such as difficulties in crossborder risk screening, slightly rough rules and systems, difficulties in the dominance of international rules, and weak crossborder regulatory means. To seriously  solve the problem of crossborder data flow, it is urgent to better coordinate development, security and openness to build a crossborder data governance system. The policy system clarifies basic propositions, improves the legal system, refines institutional rules, consolidates technology platforms and expands practice carriers, in order to align with highstandard international economic and trade rules, and gradually form a plan for crossborder data flow with Chinese characteristics.

Research on Lightweight Implicit Certificate Scheme for #br# Resourceconstrained Devices in Distribution Networks#br#

#br#

2025, 11(9):  845. 

Asbtract ( )   PDF (1576KB) ( )  

References | Related Articles | Metrics

As resourceconstrained terminal devices such as fault indicators and smart meters are increasingly deployed in power distribution networks, the security requirements for identity authentication systems have also intensified. However, existing regulations remain inadequate, and traditional public key infrastructure (PKI) technologies are difficult to apply directly due to its heavy burden. To address this issue, this paper proposes a lightweight implicit certificate scheme, improving the elliptic curve QuVanstone (ECQV) implicit certificate algorithm tailored for resourceconstrained environments. The scheme incorporates certificate field optimization and the concise binary object representation (CBOR) encoding, significantly reducing the storage and computational overhead for devices while enhancing system security. Through several simulation analyses under the computer platform, comparing the ECQV implicit certificate scheme before improvement with the traditional X.509 authentication scheme, the results show that the performance of this scheme is more superior. Through experimental verification, the proposed scheme is able to meet the multiple needs of authentication of resourceconstrained devices in the power distribution network, such as storage, computing, energy consumption, and so on.

Regulatory Path for OTC Derivatives Data Based on Transaction #br# Reporting Libraries#br#

#br#

2025, 11(9):  854. 

Asbtract ( )   PDF (964KB) ( )  

References | Related Articles | Metrics

Nonstandardized contract characteristics, information asymmetry, and the fragmented market structure of OTC derivatives lead to the concealed accumulation of financial risks in the OTC market. The regulation of OTC derivatives is hampered by the diversity of market participants, the heterogeneity of products, and fragmented reporting standards, leading to disordered frontend regulation. Additionally, the weak backend data integration capability under a segmented regulatory model exacerbates the gap in institutional supply for risk governance. The regulatory paradigm of the transaction reporting library, though theoretically and practically necessary, still faces institutional obstacles such as the lack of legal status for regulatory bodies and incomplete coverage of data collection obligations during its implementation. To address this, a threedimensional regulatory strategy is required: macrolevel institutional supply adjustment, mesolevel technical governance collaboration, and microlevel rights and responsibilities allocation to ensure comprehensive support.

Research on the Corporate Social Responsibility Governance Model of #br# Internet Platform Enterprises Based on Multicenter Synergy#br#

2025, 11(9):  861. 

Asbtract ( )   PDF (1166KB) ( )  

References | Related Articles | Metrics

The governance of corporate social responsibility in Internet platform enterprises is essential for promoting the healthy development of the platform economy. Currently, the phenomenon of the lack of corporate social responsibility in Internet platform enterprises is quite prominent, with issues such as unclear content of social responsibility, incomplete related systems, and weak awareness of corporate responsibility being quite common. Guided by the theory of multicenter synergy governance, this paper aims to resolve the above problems by constructing a multicenter synergy governance model. First, in the construction of the multicenter synergy governance model, multiple subjects such as the government, enterprises, and social organizations are introduced to engage in consultation and cooperation, driving transformations in governance synergy subjects, governance means, and governance content. Second, in the implementation of the multicenter synergy governance model, measures such as enhancing the recognition of the multicenter synergy governance concept and transforming the business philosophy of Internet platform enterprises are taken to provide realistic conditions for the implementation of the multicenter synergy governance model.

Design of Intrusion Detection System for Oil and Gas Production IoT #br# Based on Edgecloud Collaboration#br#

2025, 11(9):  868. 

Asbtract ( )   PDF (2738KB) ( )  

References | Related Articles | Metrics

Aiming at the multifaceted intrusion threats in the oil and gas production IoT, this paper proposes an intrusion detection system based on edgecloud collaboration. The system is designed to meet the high requirements for realtime performance and accuracy, while overcoming challenges such as limited edge computing resources and data heterogeneity between edge and cloud environments. The system adopts a cloudedge collaborative architecture, with different intrusion detection subsystems deployed at the edgecloud, working in coordination to ensure comprehensive protection. The edge uses a model based on independent classification and joint analysis to accurately detect anomalies in multiple physical data, achieving detection speeds within 100 milliseconds. The cloud uses a model based on feature extraction + XGBoost, and adopts pretraining and finetuning to obtain a detection model with both anomaly traffic detection capability and low false alarm rate. The simulation results show that the system achieves high accuracy and realtime performance, adapts to the differences in available computing resources of the edge and cloud devices, and satisfies the performance requirements of intrusion detection across different levels.