Journal of Information Security and Applications最新文献_第4页

MFDPN: A multimodal feature dynamic prototype network for few-Shot malware classification MFDPN：一种多模态特征动态原型网络

IF 3.7 2区计算机科学 Q2 COMPUTER SCIENCE, INFORMATION SYSTEMS

Journal of Information Security and Applications

Pub Date : 2025-12-29 DOI: 10.1016/j.jisa.2025.104354

Huiwu Huang , Jiale Li , Jiahui Chen , Terry Shue Chien Lau

The rapid evolution of malware, particularly the emergence of novel families, poses a significant challenge for conventional detection systems, which struggle to classify threats from a limited number of labeled samples. This data scarcity often leads to issues such as feature differences and overfitting. To address this, MFDPN, a Multimodal Feature Dynamic Prototype Network, is proposed. The core of MFDPN is its use of Affinity Propagation (AP) clustering to generate adaptive dynamic prototypes, overcoming the limitations of conventional methods like K-Means. This approach reduces prototype misalignment, enabling the model to capture discriminative features adapted to each query. The model integrates a hierarchical fusion of multimodal features, including grayscale textures, Dynamic-link Library (DLL) information, and Application Programming Interface (API) call sequences. By leveraging AP within a contrastive learning framework, MFDPN achieves strong feature alignment and enhances inter-class separation. On the MOTIF dataset, MFDPN achieves 94.78 % accuracy in a 5-way 10-shot setting, better than state-of-the-art methods by 4.75 percentage points. This improvement comes from better handling of intra-class variance in polymorphic malware via dynamic prototypes, while the 25.7-fold inference speed increase over K-Means-based methods highlights efficiency gains from adaptive clustering. Cross-dataset validation on MFD-WPE (accuracies of 65.09 % for 5-way 1-shot, 80.67 % for 5-way 5-shot, and 82.85 % for 5-way 10-shot) shows strong generalization to unseen categories, showing the model’s ability to transfer learned feature alignments across distributions.

恶意软件的快速发展，特别是新家族的出现，对传统的检测系统构成了重大挑战，传统的检测系统很难从有限数量的标记样本中对威胁进行分类。这种数据稀缺性通常会导致特征差异和过拟合等问题。为了解决这个问题，提出了一种多模态特征动态原型网络MFDPN。MFDPN的核心是使用亲和传播（Affinity Propagation， AP）聚类来生成自适应动态原型，克服了K-Means等传统方法的局限性。这种方法减少了原型偏差，使模型能够捕获适合每个查询的判别特征。该模型集成了多模态特征的分层融合，包括灰度纹理、动态链接库（DLL）信息和应用程序编程接口（API）调用序列。通过在对比学习框架中利用AP， MFDPN实现了强大的特征对齐并增强了类间分离。在MOTIF数据集上，MFDPN在5路10次射击设置中达到了94.78%的准确率，比最先进的方法高出4.75个百分点。这种改进来自于通过动态原型更好地处理多态恶意软件中的类内方差，而基于k - means的方法的推理速度提高了25.7倍，这突出了自适应聚类的效率提高。MFD-WPE上的跨数据集验证（5-way 1-shot的准确率为65.09%，5-way 5-shot的准确率为80.67%，5-way 10-shot的准确率为82.85%）显示出对未见类别的强泛化，表明模型能够跨分布转移学习到的特征对齐。

{"title":"MFDPN: A multimodal feature dynamic prototype network for few-Shot malware classification","authors":"Huiwu Huang , Jiale Li , Jiahui Chen , Terry Shue Chien Lau","doi":"10.1016/j.jisa.2025.104354","DOIUrl":"10.1016/j.jisa.2025.104354","url":null,"abstract":"<div><div>The rapid evolution of malware, particularly the emergence of novel families, poses a significant challenge for conventional detection systems, which struggle to classify threats from a limited number of labeled samples. This data scarcity often leads to issues such as feature differences and overfitting. To address this, MFDPN, a Multimodal Feature Dynamic Prototype Network, is proposed. The core of MFDPN is its use of Affinity Propagation (AP) clustering to generate adaptive dynamic prototypes, overcoming the limitations of conventional methods like K-Means. This approach reduces prototype misalignment, enabling the model to capture discriminative features adapted to each query. The model integrates a hierarchical fusion of multimodal features, including grayscale textures, Dynamic-link Library (DLL) information, and Application Programming Interface (API) call sequences. By leveraging AP within a contrastive learning framework, MFDPN achieves strong feature alignment and enhances inter-class separation. On the MOTIF dataset, MFDPN achieves 94.78 % accuracy in a 5-way 10-shot setting, better than state-of-the-art methods by 4.75 percentage points. This improvement comes from better handling of intra-class variance in polymorphic malware via dynamic prototypes, while the 25.7-fold inference speed increase over K-Means-based methods highlights efficiency gains from adaptive clustering. Cross-dataset validation on MFD-WPE (accuracies of 65.09 % for 5-way 1-shot, 80.67 % for 5-way 5-shot, and 82.85 % for 5-way 10-shot) shows strong generalization to unseen categories, showing the model’s ability to transfer learned feature alignments across distributions.</div></div>","PeriodicalId":48638,"journal":{"name":"Journal of Information Security and Applications","volume":"97 ","pages":"Article 104354"},"PeriodicalIF":3.7,"publicationDate":"2025-12-29","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"145884188","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

引用次数: 0

SAB:A stealing and robust backdoor attack based on steganographic algorithm against federated learning SAB：一种基于隐写算法的针对联邦学习的窃取和鲁棒后门攻击

IF 3.7 2区计算机科学 Q2 COMPUTER SCIENCE, INFORMATION SYSTEMS

Journal of Information Security and Applications

Pub Date : 2025-12-27 DOI: 10.1016/j.jisa.2025.104353

Weida Xu , Yang Xu , Sicong Zhang

Federated learning, an innovative network architecture designed to safeguard user privacy, is gaining widespread adoption in technology. However, given the existence of backdoor attacks in federated learning, exploring the security of federated learning is significant. Nevertheless, the backdoors investigated in current federated learning research can be readily detected by human inspection or resisted by detection algorithms. Accordingly, a new goal has been set to develop stealthy, robust federated learning backdoor attacks. This paper introduces a novel approach, SAB, explicitly tailored for backdoor attacks in federated learning, presenting an alternative gradient updating mechanism. SAB attack based on steganographic algorithm, using image steganographic algorithm to build a full-size trigger to improve the accuracy of backdoors and use multiple loss joint computation to produce triggers. SAB exhibits smaller distances to benign samples and greater imperceptibility to the human eye. As such, our triggers can mitigate or evade specific backdoor defense methods. In SAB, the bottom-95 % method is applied to extend the lifespan of backdoor attacks. It updates the gradient on minor value points to reduce the probability of being cleaned. Finally, the generalization of backdoors is enhanced with Sparse-update to improve the backdoor accuracy.

联邦学习是一种创新的网络架构，旨在保护用户隐私，在技术上得到广泛采用。然而，鉴于联邦学习中存在后门攻击，探索联邦学习的安全性具有重要意义。然而，在目前的联邦学习研究中调查的后门可以很容易地被人工检查检测到或被检测算法抵制。因此，一个新的目标被设定为开发隐形的、健壮的联邦学习后门攻击。本文介绍了一种新的方法，SAB，明确针对联邦学习中的后门攻击，提出了一种替代的梯度更新机制。基于隐写算法的SAB攻击，利用图像隐写算法构建全尺寸触发器来提高后门的精度，并利用多重损失联合计算产生触发器。SAB与良性样本的距离较小，人眼不易察觉。因此，我们的触发器可以减轻或逃避特定的后门防御方法。在SAB中，采用底部95%方法来延长后门攻击的生命周期。它更新小值点的梯度，以减少被清洗的概率。最后，利用稀疏更新增强后门算法的泛化能力，提高后门算法的准确率。

{"title":"SAB:A stealing and robust backdoor attack based on steganographic algorithm against federated learning","authors":"Weida Xu , Yang Xu , Sicong Zhang","doi":"10.1016/j.jisa.2025.104353","DOIUrl":"10.1016/j.jisa.2025.104353","url":null,"abstract":"<div><div>Federated learning, an innovative network architecture designed to safeguard user privacy, is gaining widespread adoption in technology. However, given the existence of backdoor attacks in federated learning, exploring the security of federated learning is significant. Nevertheless, the backdoors investigated in current federated learning research can be readily detected by human inspection or resisted by detection algorithms. Accordingly, a new goal has been set to develop stealthy, robust federated learning backdoor attacks. This paper introduces a novel approach, SAB, explicitly tailored for backdoor attacks in federated learning, presenting an alternative gradient updating mechanism. SAB attack based on steganographic algorithm, using image steganographic algorithm to build a full-size trigger to improve the accuracy of backdoors and use multiple loss joint computation to produce triggers. SAB exhibits smaller distances to benign samples and greater imperceptibility to the human eye. As such, our triggers can mitigate or evade specific backdoor defense methods. In SAB, the bottom-95 % method is applied to extend the lifespan of backdoor attacks. It updates the gradient on minor value points to reduce the probability of being cleaned. Finally, the generalization of backdoors is enhanced with Sparse-update to improve the backdoor accuracy.</div></div>","PeriodicalId":48638,"journal":{"name":"Journal of Information Security and Applications","volume":"97 ","pages":"Article 104353"},"PeriodicalIF":3.7,"publicationDate":"2025-12-27","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"145840958","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

引用次数: 0

LTRAA: Lightweight and transparent remote attestation with anonymity LTRAA：轻量级、透明的远程匿名认证

IF 3.7 2区计算机科学 Q2 COMPUTER SCIENCE, INFORMATION SYSTEMS

Journal of Information Security and Applications

Pub Date : 2025-12-27 DOI: 10.1016/j.jisa.2025.104352

Tao Shen , Zikang Wang , Xianlin Yang , Fenhua Bai , Kai Zeng , Chi Zhang , Bei Gong

The development of Internet of Things (IoT) technology is accompanied by security concerns. Remote attestation is an essential technique for ensuring the software integrity of IoT devices. However, most existing remote attestation schemes rely on the assumption that the verifier is trusted, and the assumption of pre-shared keys or other secrets, meaning that the verifier and prover need to be mutually known and able to communicate directly. However, in dynamic and asynchronous networks, such as publish/subscribe networks, these assumptions may not be realistic. In such environments, the prover and verifier have not pre-shared keys, software states, or other secrets, making it impossible to perform attestation. Additionally, public key encryption is expensive for resource-constrained IoT devices. Therefore, this paper proposes a Lightweight and Transparent Remote Attestation with Anonymity (LTRAA). It uses symmetric polynomials instead of public-key encryption for identity authentication. This method allows for the verification of software state and data attestation even when the verifier and prover are unfamiliar with each other, and it is both publicly and transparently verifiable. Moreover, it ensures bidirectional identity authentication for interacting parties under anonymity and traceability, without excessive overhead for resource-constrained devices. Performance experiments on a Raspberry Pi further show that the running overhead is the lowest compared to similar remote attestation schemes such as PROVE and SCRAPS.

物联网（IoT）技术的发展伴随着安全问题。远程认证是确保物联网设备软件完整性的重要技术。然而，大多数现有的远程认证方案依赖于验证者是可信的假设，以及预共享密钥或其他秘密的假设，这意味着验证者和证明者需要相互知道并能够直接通信。然而，在动态和异步网络中，例如发布/订阅网络，这些假设可能不现实。在这样的环境中，证明者和验证者没有预先共享密钥、软件状态或其他秘密，因此无法执行认证。此外，公钥加密对于资源受限的物联网设备来说是昂贵的。为此，本文提出了一种轻量级、透明的远程匿名认证（LTRAA）。它使用对称多项式代替公钥加密进行身份验证。这种方法允许在验证者和证明者彼此不熟悉的情况下验证软件状态和数据证明，并且它是公开和透明的可验证的。此外，它确保了交互各方在匿名和可追溯性下的双向身份认证，不会对资源受限的设备造成过大的开销。在Raspberry Pi上的性能实验进一步表明，与类似的远程认证方案（如PROVE和leftovers）相比，它的运行开销是最低的。

{"title":"LTRAA: Lightweight and transparent remote attestation with anonymity","authors":"Tao Shen , Zikang Wang , Xianlin Yang , Fenhua Bai , Kai Zeng , Chi Zhang , Bei Gong","doi":"10.1016/j.jisa.2025.104352","DOIUrl":"10.1016/j.jisa.2025.104352","url":null,"abstract":"<div><div>The development of Internet of Things (IoT) technology is accompanied by security concerns. Remote attestation is an essential technique for ensuring the software integrity of IoT devices. However, most existing remote attestation schemes rely on the assumption that the verifier is trusted, and the assumption of pre-shared keys or other secrets, meaning that the verifier and prover need to be mutually known and able to communicate directly. However, in dynamic and asynchronous networks, such as publish/subscribe networks, these assumptions may not be realistic. In such environments, the prover and verifier have not pre-shared keys, software states, or other secrets, making it impossible to perform attestation. Additionally, public key encryption is expensive for resource-constrained IoT devices. Therefore, this paper proposes a Lightweight and Transparent Remote Attestation with Anonymity (LTRAA). It uses symmetric polynomials instead of public-key encryption for identity authentication. This method allows for the verification of software state and data attestation even when the verifier and prover are unfamiliar with each other, and it is both publicly and transparently verifiable. Moreover, it ensures bidirectional identity authentication for interacting parties under anonymity and traceability, without excessive overhead for resource-constrained devices. Performance experiments on a Raspberry Pi further show that the running overhead is the lowest compared to similar remote attestation schemes such as PROVE and SCRAPS.</div></div>","PeriodicalId":48638,"journal":{"name":"Journal of Information Security and Applications","volume":"97 ","pages":"Article 104352"},"PeriodicalIF":3.7,"publicationDate":"2025-12-27","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"145841424","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

引用次数: 0

Malicious secure lightweight private set intersection 恶意安全轻量级私有集交集

IF 3.7 2区计算机科学 Q2 COMPUTER SCIENCE, INFORMATION SYSTEMS

Journal of Information Security and Applications

Pub Date : 2025-12-27 DOI: 10.1016/j.jisa.2025.104342

Duobin Lyu , Jinsong Wang , Zening Zhao , Zhao Zhao

This paper presents a novel Malicious Secure Private Set Intersection (MSL-PSI) protocol that is lightweight in communication that leverages polynomials and Bloom filters for efficient privacy-preserving set intersection. The protocol requires only a single round of symmetric communication, where both parties simultaneously obtain the intersection result without additional sharing. Under the Universal Composability (UC) framework, MSL-PSI is proven secure against malicious adversaries. Experimental results demonstrate superior performance on small-scale datasets compared to state-of-the-art methods, with significantly lower communication overhead. The protocol’s Bloom filter-based design enables dynamic updates and scalability, making it suitable for applications like privacy-preserving data analysis and contact tracing, particularly in communication-constrained environments.

本文提出了一种新的恶意安全私有集交集（MSL-PSI）协议，该协议利用多项式和Bloom过滤器实现高效的隐私保护集合交集。该协议只需要单轮对称通信，双方同时获得交集结果，无需额外共享。在通用可组合性（UC）框架下，MSL-PSI被证明对恶意对手是安全的。实验结果表明，与最先进的方法相比，在小规模数据集上具有优越的性能，并且通信开销显着降低。该协议基于Bloom过滤器的设计支持动态更新和可扩展性，使其适用于隐私保护数据分析和接触追踪等应用，特别是在通信受限的环境中。

引用次数: 0

HALO: Heterogeneous evaluation of arithmetic-and-logic circuit via unified homomorphic instruction set 基于统一同态指令集的算术逻辑电路异构求值

IF 3.7 2区计算机科学 Q2 COMPUTER SCIENCE, INFORMATION SYSTEMS

Journal of Information Security and Applications

Pub Date : 2025-12-26 DOI: 10.1016/j.jisa.2025.104297

Zian Zhao, Zhou Zhang, Ran Mao, Song Bian, Jianwei Liu

Fully homomorphic encryption (FHE) is a type of cryptographic primitives known for its high-computation but low-communication costs in carrying out secure multi-party computation. However, due to the large ciphertext expansions and complex computing paradigm, designs and implementations of foundational FHE infrastructures still have much to be desired. In this work, we propose HALO, the first homomorphic instruction set architecture that supports efficient evaluations of both arithmetic and logic circuits over FHE ciphertexts. We construct a new layer of abstraction for FHE by identifying unique data structures, cryptographic primitives and homomorphic operators. We provide an open-source implementation for all instructions and data types in HALO, and demonstrate that our implementation can be

1.7 \times

–

11 \times

faster than similar implementations across test benchmarks. Moreover, we show that HALO can be

1.7 \times

–

5.4 \times

faster than the prior work over a set of end-to-end neural network benchmarks.

全同态加密（Fully homomorphic encryption， FHE）是一种用于安全多方计算的高计算量、低通信成本的加密原语。然而，由于大量的密文扩展和复杂的计算范式，基础FHE基础设施的设计和实现仍然有很多需要改进的地方。在这项工作中，我们提出了HALO，这是第一个支持在FHE密文上有效评估算术和逻辑电路的同态指令集架构。我们通过识别唯一的数据结构、密码原语和同态算子，为FHE构建了一个新的抽象层。我们为HALO中的所有指令和数据类型提供了一个开源实现，并证明我们的实现在测试基准测试中比类似的实现1.7×-11×快。此外，我们表明HALO可以在一组端到端神经网络基准测试中比先前的工作快1.7×-5.4×。

{"title":"HALO: Heterogeneous evaluation of arithmetic-and-logic circuit via unified homomorphic instruction set","authors":"Zian Zhao, Zhou Zhang, Ran Mao, Song Bian, Jianwei Liu","doi":"10.1016/j.jisa.2025.104297","DOIUrl":"10.1016/j.jisa.2025.104297","url":null,"abstract":"<div><div>Fully homomorphic encryption (FHE) is a type of cryptographic primitives known for its high-computation but low-communication costs in carrying out secure multi-party computation. However, due to the large ciphertext expansions and complex computing paradigm, designs and implementations of foundational FHE infrastructures still have much to be desired. In this work, we propose HALO, the first homomorphic instruction set architecture that supports efficient evaluations of both arithmetic and logic circuits over FHE ciphertexts. We construct a new layer of abstraction for FHE by identifying unique data structures, cryptographic primitives and homomorphic operators. We provide an open-source implementation for all instructions and data types in HALO, and demonstrate that our implementation can be <span><math><mrow><mn>1</mn><mo>.</mo><mn>7</mn><mo>×</mo></mrow></math></span>–<span><math><mrow><mn>11</mn><mo>×</mo></mrow></math></span> faster than similar implementations across test benchmarks. Moreover, we show that HALO can be <span><math><mrow><mn>1</mn><mo>.</mo><mn>7</mn><mo>×</mo></mrow></math></span>–<span><math><mrow><mn>5</mn><mo>.</mo><mn>4</mn><mo>×</mo></mrow></math></span> faster than the prior work over a set of end-to-end neural network benchmarks.</div></div>","PeriodicalId":48638,"journal":{"name":"Journal of Information Security and Applications","volume":"97 ","pages":"Article 104297"},"PeriodicalIF":3.7,"publicationDate":"2025-12-26","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"145841429","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

引用次数: 0

Moving target defense for DDos mitigation with shuffling of critical edge(s) connections 移动目标防御DDos缓解与关键边缘(s)连接的洗牌

IF 3.7 2区计算机科学 Q2 COMPUTER SCIENCE, INFORMATION SYSTEMS

Journal of Information Security and Applications

Pub Date : 2025-12-26 DOI: 10.1016/j.jisa.2025.104347

Amir Javadpour , Forough Ja’ Fari , Tarik Taleb , Chafika Benzaïd

Moving Target Defense (MTD) has as a widely adopted approach to mitigate vulnerability exploitation. It is a widely adopted approach to mitigate the exploitation of vulnerabilities. Its dynamic and proactive nature makes it well-suited for SDNs requiring comprehensive and continuous monitoring. A core objective of MTD is to minimize the number of hosts shuffled while maintaining robust security and low scrambling frequency. This paper introduces a novel approach, the Number of Edge Connections (NoEC) strategy, aimed at mitigating Distributed Denial of Service (DDoS) attacks in a resource-efficient manner. This is achieved by strategically reconfiguring a select group of highly connected hosts known as “Edges” to protect critical assets. This approach enhances analytical clarity and supports informed selection of defense strategies tailored to specific edge deployment scenarios. We designed a system utilizing NoEC and conducted simulations using Mininet. The results show that NoEC reduces the complexity by 55.12 % compared to previous MTD methods while increasing the security level by 15.72 %. Among the techniques, topology randomization and edge node shuffling show the highest disruption effect, validating the approach’s practical viability and robustness in defending edge infrastructures.

移动目标防御（MTD）是一种被广泛采用的减少漏洞利用的方法。这是一种广泛采用的方法，以减轻漏洞的利用。其动态和主动的性质使其非常适合需要全面和连续监测的sdn。MTD的核心目标是在保持高安全性和低置乱频率的同时，最大限度地减少打乱的主机数量。本文介绍了一种新颖的方法，边缘连接数（NoEC）策略，旨在以资源高效的方式减轻分布式拒绝服务（DDoS）攻击。这是通过战略性地重新配置一组高度连接的主机来实现的，这些主机被称为“边缘”，以保护关键资产。这种方法增强了分析的清晰度，并支持针对特定边缘部署场景量身定制的明智的防御策略选择。我们利用NoEC设计了一个系统，并使用Mininet进行了模拟。结果表明，NoEC方法比以前的MTD方法降低了55.12%的复杂度，同时提高了15.72%的安全性。其中，拓扑随机化和边缘节点洗牌的干扰效果最好，验证了该方法在边缘基础设施防御中的实际可行性和鲁棒性。

{"title":"Moving target defense for DDos mitigation with shuffling of critical edge(s) connections","authors":"Amir Javadpour , Forough Ja’ Fari , Tarik Taleb , Chafika Benzaïd","doi":"10.1016/j.jisa.2025.104347","DOIUrl":"10.1016/j.jisa.2025.104347","url":null,"abstract":"<div><div>Moving Target Defense (MTD) has as a widely adopted approach to mitigate vulnerability exploitation. It is a widely adopted approach to mitigate the exploitation of vulnerabilities. Its dynamic and proactive nature makes it well-suited for SDNs requiring comprehensive and continuous monitoring. A core objective of MTD is to minimize the number of hosts shuffled while maintaining robust security and low scrambling frequency. This paper introduces a novel approach, the Number of Edge Connections (NoEC) strategy, aimed at mitigating Distributed Denial of Service (DDoS) attacks in a resource-efficient manner. This is achieved by strategically reconfiguring a select group of highly connected hosts known as “Edges” to protect critical assets. This approach enhances analytical clarity and supports informed selection of defense strategies tailored to specific edge deployment scenarios. We designed a system utilizing NoEC and conducted simulations using Mininet. The results show that NoEC reduces the complexity by 55.12 % compared to previous MTD methods while increasing the security level by 15.72 %. Among the techniques, topology randomization and edge node shuffling show the highest disruption effect, validating the approach’s practical viability and robustness in defending edge infrastructures.</div></div>","PeriodicalId":48638,"journal":{"name":"Journal of Information Security and Applications","volume":"97 ","pages":"Article 104347"},"PeriodicalIF":3.7,"publicationDate":"2025-12-26","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"145841428","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

引用次数: 0

A traceable threshold Asmuth–Bloom secret sharing scheme 可追踪阈值Asmuth-Bloom秘密共享方案

IF 3.7 2区计算机科学 Q2 COMPUTER SCIENCE, INFORMATION SYSTEMS

Journal of Information Security and Applications

Pub Date : 2025-12-25 DOI: 10.1016/j.jisa.2025.104350

Maria Leslie, Ratna Dutta

In a (t, n)-threshold secret sharing scheme, accountability is crucial when a subset of f < t servers collude to leak secret shares. Traceable Threshold Secret Sharing (TTSS) ensures that leaked shares can be traced back to the compromised servers while preventing false accusations through non-imputability. In Crypto’24, Boneh et al. proposed new definitions and more practical constructions for TTSS based on Shamir’s and Blakley’s secret sharing schemes, removing the practical limitation of existing TTSS.

Our work presents a TTSS scheme built upon an additive variant of the Asmuth-Bloom scheme, relying only on oracle access to the reconstruction box

R

. In our model, a subset of f < t colluding servers can construct a reconstruction box

R

that recovers the secret with the assistance of an additional

t - f

random shares. We note that integrating tracing in the standard (t, n)-Asmuth-Bloom Secret Sharing (ABSS) scheme exhibits a tracing leakage issue. We fix this limitation by introducing additive variants of ABSS, ABSS-I and ABSS-II that retain the security of the original scheme ABSS while splitting the secret s into t additive components and generating all shares from the additive components of s. Based on ABSS-I, we construct a TTSS scheme, TTSS-I, that introduces traceability into the framework and is proven to be universally traceable in the random oracle model, assuming

R

is a universally good reconstruction box. We integrate a tracing mechanism in ABSS-II and propose a second scheme, TTSS-II, which extends TTSS-I by additionally concealing partial information about the additive component of the secret s to introduce non-imputability to prevent the tracer from falsely accusing any honest party by fabricating evidence of its corruption. The security of TTSS-II is also in the random oracle model and relies on the hardness of the discrete logarithm problem.

在（t, n）阈值秘密共享方案中，当f子集 <； t服务器串通泄露秘密共享时，问责制是至关重要的。可追踪的阈值秘密共享（TTSS）确保泄露的共享可以追溯到受损的服务器，同时通过不可归责性防止虚假指控。在Crypto’24中，Boneh等人基于Shamir和Blakley的秘密共享方案，提出了新的TTSS定义和更实用的TTSS结构，消除了现有TTSS的实际限制。我们的工作提出了一种基于Asmuth-Bloom方案的附加变体的TTSS方案，仅依赖于oracle对重建盒R的访问。在我们的模型中，f <； t个共谋服务器的子集可以构建一个重建盒R，该重建盒R在额外的t−f个随机共享的帮助下恢复秘密。我们注意到，在标准(t, n)-Asmuth-Bloom秘密共享（ABSS）方案中集成跟踪显示出跟踪泄漏问题。我们通过引入ABSS， ABSS- i和ABSS- ii的加性变体来解决这一限制，这些变体保留了原始方案ABSS的安全性，同时将秘密s拆分为t个加性组件，并从s的加性组件生成所有共享。基于ABSS- i，我们构建了一个TTSS方案TTSS- i，该方案在框架中引入了可追溯性，并在随机oracle模型中被证明是普遍可追溯的，假设R是一个普遍良好的重建盒。我们在ABSS-II中集成了一种追踪机制，并提出了第二种方案TTSS-II，该方案扩展了TTSS-I，通过额外隐藏有关秘密s的附加成分的部分信息来引入非归罪性，以防止追踪者通过伪造其腐败证据而错误地指控任何诚实的一方。TTSS-II的安全性也在随机oracle模型中，依赖于离散对数问题的硬度。

{"title":"A traceable threshold Asmuth–Bloom secret sharing scheme","authors":"Maria Leslie, Ratna Dutta","doi":"10.1016/j.jisa.2025.104350","DOIUrl":"10.1016/j.jisa.2025.104350","url":null,"abstract":"<div><div>In a (<em>t, n</em>)-threshold secret sharing scheme, accountability is crucial when a subset of <em>f</em> < <em>t</em> servers collude to leak secret shares. <em>Traceable Threshold Secret Sharing</em> (<span>TTSS</span>) ensures that leaked shares can be traced back to the compromised servers while preventing false accusations through non-imputability. In Crypto’24, Boneh et al. proposed new definitions and more practical constructions for <span>TTSS</span> based on Shamir’s and Blakley’s secret sharing schemes, removing the practical limitation of existing <span>TTSS</span>.</div><div>Our work presents a <span>TTSS</span> scheme built upon an additive variant of the Asmuth-Bloom scheme, relying only on oracle access to the reconstruction box <span><math><mi>R</mi></math></span>. In our model, a subset of <em>f</em> < <em>t</em> colluding servers can construct a reconstruction box <span><math><mi>R</mi></math></span> that recovers the secret with the assistance of an additional <span><math><mrow><mi>t</mi><mo>−</mo><mi>f</mi></mrow></math></span> random shares. We note that integrating tracing in the standard (<em>t, n</em>)-Asmuth-Bloom Secret Sharing (<span>ABSS</span>) scheme exhibits a tracing leakage issue. We fix this limitation by introducing additive variants of <span>ABSS</span>, <span>ABSS-</span>I and <span>ABSS-</span>II that retain the security of the original scheme <span>ABSS</span> while splitting the secret <em>s</em> into <em>t</em> additive components and generating all shares from the additive components of <em>s</em>. Based on <span>ABSS-</span>I, we construct a <span>TTSS</span> scheme, <span>TTSS-</span>I, that introduces traceability into the framework and is proven to be universally traceable in the random oracle model, assuming <span><math><mi>R</mi></math></span> is a universally good reconstruction box. We integrate a tracing mechanism in <span>ABSS-</span>II and propose a second scheme, <span>TTSS-</span>II, which extends <span>TTSS-</span>I by additionally concealing partial information about the additive component of the secret <em>s</em> to introduce non-imputability to prevent the tracer from falsely accusing any honest party by fabricating evidence of its corruption. The security of <span>TTSS-</span>II is also in the random oracle model and relies on the hardness of the discrete logarithm problem.</div></div>","PeriodicalId":48638,"journal":{"name":"Journal of Information Security and Applications","volume":"97 ","pages":"Article 104350"},"PeriodicalIF":3.7,"publicationDate":"2025-12-25","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"145841431","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

引用次数: 0

A large-capacity and robust screen-shooting resilient image watermarking based on attention-enhanced invertible neural network 基于注意增强可逆神经网络的大容量鲁棒截屏弹性图像水印

IF 3.7 2区计算机科学 Q2 COMPUTER SCIENCE, INFORMATION SYSTEMS

Journal of Information Security and Applications

Pub Date : 2025-12-23 DOI: 10.1016/j.jisa.2025.104346

Jingyi Zhang , Zhenzhen Zhang , Zichen Li , Bo Gao , Jinfeng Kou

To address the growing issue of illegal screen-shooting behavior, screen-shooting resilient watermarking has become an increasingly important area of research in copyright protection. This technology aims to resist the complex distortions caused by screen-shooting and accurately extract the watermark from the watermarked images. However, existing screen-shooting resilient watermarking schemes often overlook the importance of the watermark capacity, failing to strike a balance among watermark capacity, robustness and visual quality, which hinders their practical application. To tackle these problems, we propose a large capacity and robust image watermarking scheme based on Invertible Neural Network (INN) in this paper. The proposed method combines INN with a channel-spatial attention mechanism to increase watermark capacity and enhance visual quality. Additionally, a frequency domain feature enhancement (FDFE) module is introduced to assist watermark extraction, improving the model’s robustness in real-world screen-shooting scenarios. The experimental results show that when the embedding capacity increases to 400 bits, the proposed algorithm exhibits stronger resistance to screen-shooting attacks compared to the state-of-the-art (SoTA) algorithm with an embedding capacity of 30 bits. The watermark extraction accuracy of the proposed method remains above 99 % under all shooting angles and distances, with an average extraction accuracy of 99.81 %, significantly outperforming the compared SoTA methods.

为了解决日益严重的非法截屏行为问题，截屏弹性水印已成为版权保护中日益重要的研究领域。该技术旨在抵抗截屏造成的复杂失真，准确地从水印图像中提取水印。然而，现有的截屏弹性水印方案往往忽视了水印容量的重要性，未能在水印容量、鲁棒性和视觉质量之间取得平衡，阻碍了其实际应用。针对这些问题，本文提出了一种基于可逆神经网络（INN）的大容量鲁棒图像水印方案。该方法结合了信道空间注意机制，增加了水印容量，提高了视觉质量。此外，引入了频域特征增强（FDFE）模块来辅助水印提取，提高了模型在实际屏幕拍摄场景中的鲁棒性。实验结果表明，当嵌入容量增加到400比特时，该算法比当前最先进的SoTA算法（嵌入容量为30比特）具有更强的抗截屏攻击能力。在所有拍摄角度和拍摄距离下，该方法的水印提取精度均保持在99%以上，平均提取精度达到99.81%，明显优于SoTA方法。

{"title":"A large-capacity and robust screen-shooting resilient image watermarking based on attention-enhanced invertible neural network","authors":"Jingyi Zhang , Zhenzhen Zhang , Zichen Li , Bo Gao , Jinfeng Kou","doi":"10.1016/j.jisa.2025.104346","DOIUrl":"10.1016/j.jisa.2025.104346","url":null,"abstract":"<div><div>To address the growing issue of illegal screen-shooting behavior, screen-shooting resilient watermarking has become an increasingly important area of research in copyright protection. This technology aims to resist the complex distortions caused by screen-shooting and accurately extract the watermark from the watermarked images. However, existing screen-shooting resilient watermarking schemes often overlook the importance of the watermark capacity, failing to strike a balance among watermark capacity, robustness and visual quality, which hinders their practical application. To tackle these problems, we propose a large capacity and robust image watermarking scheme based on Invertible Neural Network (INN) in this paper. The proposed method combines INN with a channel-spatial attention mechanism to increase watermark capacity and enhance visual quality. Additionally, a frequency domain feature enhancement (FDFE) module is introduced to assist watermark extraction, improving the model’s robustness in real-world screen-shooting scenarios. The experimental results show that when the embedding capacity increases to 400 bits, the proposed algorithm exhibits stronger resistance to screen-shooting attacks compared to the state-of-the-art (SoTA) algorithm with an embedding capacity of 30 bits. The watermark extraction accuracy of the proposed method remains above 99 % under all shooting angles and distances, with an average extraction accuracy of 99.81 %, significantly outperforming the compared SoTA methods.</div></div>","PeriodicalId":48638,"journal":{"name":"Journal of Information Security and Applications","volume":"97 ","pages":"Article 104346"},"PeriodicalIF":3.7,"publicationDate":"2025-12-23","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"145841426","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

引用次数: 0

Dual-driven synergy of blockchain and federated learning for trustworthy medical data sharing in internet of medical things 区块链与联邦学习双驱动协同，实现医疗物联网医疗数据可信共享

IF 3.7 2区计算机科学 Q2 COMPUTER SCIENCE, INFORMATION SYSTEMS

Journal of Information Security and Applications

Pub Date : 2025-12-22 DOI: 10.1016/j.jisa.2025.104348

Chenquan Gan , Xin Tan , Qingyi Zhu , Akanksha Saini , Deepak Kumar Jain , Abebe Diro

In the Internet of Medical Things (IoMT) field, data sharing is crucial for enhancing the quality and efficiency of diagnosis and treatment. However, due to data privacy and security concerns, data sharing among medical institutions is hindered, presenting challenges in integration and privacy protection. To address these issues, we propose a trustworthy medical data sharing method based on the dual-driven synergy of blockchain and federated learning. Different from previous work, it can resist reasoning, poisoning, and collusion attacks because it covers a more comprehensive discussion on privacy, security, and reputation incentives. This method includes: 1) Privacy protection mechanism: integrating random response and differential privacy technology to resist inference attacks, protect model privacy, and reduce the impact of noise on model performance; 2) Dual-quality threshold aggregation mechanism: Precisely filter out malicious and low-quality nodes through quality thresholds, introduce contribution values including node participation to assign aggregation weights to nodes, improve model performance and resist poisoning attacks; 3) Reputation assessment and incentive mechanism: Calculate the reputation value based on the historical performance of nodes, and design a reputation consensus to encourage honest participation of nodes, punish malicious behavior, and at the same time reduce the entry of malicious nodes into the committee to resist collusion attacks. Finally, we compare our method with state-of-the-art approaches on real-world medical image datasets OrganMNIST_A and BloodMNIST. The results demonstrate that our method achieves superior performance in both Accuracy and F1 Score metrics.

在医疗物联网（IoMT）领域，数据共享对于提高诊疗质量和效率至关重要。然而，由于数据隐私和安全问题，阻碍了医疗机构之间的数据共享，在整合和隐私保护方面面临挑战。为了解决这些问题，我们提出了一种基于区块链和联邦学习双驱动协同的可信医疗数据共享方法。与之前的工作不同，它可以抵抗推理、中毒和串通攻击，因为它涵盖了对隐私、安全和声誉激励的更全面的讨论。该方法包括：1)隐私保护机制：结合随机响应和差分隐私技术抵御推理攻击，保护模型隐私，降低噪声对模型性能的影响；2)双质量阈值聚合机制：通过质量阈值精确过滤掉恶意和低质量节点，引入包括节点参与在内的贡献值，为节点分配聚合权值，提高模型性能，抵御投毒攻击；3)声誉评估与激励机制：根据节点的历史表现计算声誉值，设计声誉共识，鼓励节点诚实参与，惩罚恶意行为，同时减少恶意节点进入委员会，抵御合谋攻击。最后，我们将我们的方法与现实世界医学图像数据集OrganMNIST_A和BloodMNIST的最新方法进行了比较。结果表明，我们的方法在准确性和F1分数指标上都取得了优异的性能。

{"title":"Dual-driven synergy of blockchain and federated learning for trustworthy medical data sharing in internet of medical things","authors":"Chenquan Gan , Xin Tan , Qingyi Zhu , Akanksha Saini , Deepak Kumar Jain , Abebe Diro","doi":"10.1016/j.jisa.2025.104348","DOIUrl":"10.1016/j.jisa.2025.104348","url":null,"abstract":"<div><div>In the Internet of Medical Things (IoMT) field, data sharing is crucial for enhancing the quality and efficiency of diagnosis and treatment. However, due to data privacy and security concerns, data sharing among medical institutions is hindered, presenting challenges in integration and privacy protection. To address these issues, we propose a trustworthy medical data sharing method based on the dual-driven synergy of blockchain and federated learning. Different from previous work, it can resist reasoning, poisoning, and collusion attacks because it covers a more comprehensive discussion on privacy, security, and reputation incentives. This method includes: 1) Privacy protection mechanism: integrating random response and differential privacy technology to resist inference attacks, protect model privacy, and reduce the impact of noise on model performance; 2) Dual-quality threshold aggregation mechanism: Precisely filter out malicious and low-quality nodes through quality thresholds, introduce contribution values including node participation to assign aggregation weights to nodes, improve model performance and resist poisoning attacks; 3) Reputation assessment and incentive mechanism: Calculate the reputation value based on the historical performance of nodes, and design a reputation consensus to encourage honest participation of nodes, punish malicious behavior, and at the same time reduce the entry of malicious nodes into the committee to resist collusion attacks. Finally, we compare our method with state-of-the-art approaches on real-world medical image datasets OrganMNIST_A and BloodMNIST. The results demonstrate that our method achieves superior performance in both Accuracy and F1 Score metrics.</div></div>","PeriodicalId":48638,"journal":{"name":"Journal of Information Security and Applications","volume":"97 ","pages":"Article 104348"},"PeriodicalIF":3.7,"publicationDate":"2025-12-22","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"145841427","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

引用次数: 0

Securing large language models: A quantitative assurance framework approach 保护大型语言模型：一种定量保证框架方法

IF 3.7 2区计算机科学 Q2 COMPUTER SCIENCE, INFORMATION SYSTEMS

Journal of Information Security and Applications

Pub Date : 2025-12-20 DOI: 10.1016/j.jisa.2025.104351

Sander Stamnes Karlsen , Muhammad Mudassar Yamin , Ehtesham Hashmi , Basel Katt , Mohib Ullah

Large Language Models (LLMs) are increasingly integrated into sensitive domains such as healthcare and autonomous systems, yet adoption is constrained by security risks that conventional assurance methods do not capture. Traditional software assurance techniques are inadequate for LLM-specific vulnerabilities, including prompt injection, insecure output handling, and training data poisoning. We introduce a quantitative security assurance framework for LLM applications that translates security requirements and vulnerabilities into measurable scores. The framework computes an Assurance Metric (AM) as

A M = R M - V M

, where VM is weighted using CVSS v4.0, and maps results to five security assurance levels, making security posture comparable, auditable, and actionable. Requirements span input/output validation, training data, development and deployment, access control, third-party services, and security procedures; vulnerability tests align with the OWASP Top 10 for LLMs (prompt injection, insecure output handling, training data poisoning, denial of service, sensitive information disclosure, overreliance, and model theft). Case study results show uncensored models (e.g., Llama2-uncensored) exhibit significantly higher exposure, especially to prompt injection and output-handling attacks–while censored and fine-tuned models attain higher assurance levels. Significance and impact: the framework provides transparent, quantitative scoring to compare systems, prioritize mitigations, and support evidence-based deployment and governance in high-takes environments, with continuous human oversight emphasized.

大型语言模型（llm）越来越多地集成到医疗保健和自治系统等敏感领域，但其采用受到传统保证方法无法捕获的安全风险的限制。传统的软件保证技术不足以解决llm特定的漏洞，包括提示注入、不安全的输出处理和训练数据中毒。我们为LLM应用程序引入了一个定量的安全保证框架，将安全需求和漏洞转换为可测量的分数。该框架计算保证度量（AM）为AM=RM - VM，其中VM使用CVSS v4.0进行加权，并将结果映射到五个安全保证级别，使安全状态具有可比性，可审计性和可操作性。需求涵盖输入/输出验证、培训数据、开发和部署、访问控制、第三方服务和安全过程；漏洞测试与OWASP十大llm漏洞（提示注入、不安全的输出处理、训练数据中毒、拒绝服务、敏感信息泄露、过度依赖和模型盗窃）保持一致。案例研究结果表明，未经审查的模型（例如，llama2 - uncensorship）表现出明显更高的风险，特别是对提示注入和输出处理攻击，而审查和微调的模型获得更高的保证级别。重要性和影响：该框架提供透明、定量的评分，以比较系统、优先考虑缓解措施，并支持在高需求环境中基于证据的部署和治理，强调持续的人为监督。

{"title":"Securing large language models: A quantitative assurance framework approach","authors":"Sander Stamnes Karlsen , Muhammad Mudassar Yamin , Ehtesham Hashmi , Basel Katt , Mohib Ullah","doi":"10.1016/j.jisa.2025.104351","DOIUrl":"10.1016/j.jisa.2025.104351","url":null,"abstract":"<div><div>Large Language Models (LLMs) are increasingly integrated into sensitive domains such as healthcare and autonomous systems, yet adoption is constrained by security risks that conventional assurance methods do not capture. Traditional software assurance techniques are inadequate for LLM-specific vulnerabilities, including prompt injection, insecure output handling, and training data poisoning. We introduce a quantitative security assurance framework for LLM applications that translates security requirements and vulnerabilities into measurable scores. The framework computes an Assurance Metric (AM) as <span><math><mrow><mi>A</mi><mi>M</mi><mo>=</mo><mi>R</mi><mi>M</mi><mo>−</mo><mi>V</mi><mi>M</mi></mrow></math></span>, where VM is weighted using CVSS v4.0, and maps results to five security assurance levels, making security posture comparable, auditable, and actionable. Requirements span input/output validation, training data, development and deployment, access control, third-party services, and security procedures; vulnerability tests align with the OWASP Top 10 for LLMs (prompt injection, insecure output handling, training data poisoning, denial of service, sensitive information disclosure, overreliance, and model theft). Case study results show uncensored models (e.g., Llama2-uncensored) exhibit significantly higher exposure, especially to prompt injection and output-handling attacks–while censored and fine-tuned models attain higher assurance levels. Significance and impact: the framework provides transparent, quantitative scoring to compare systems, prioritize mitigations, and support evidence-based deployment and governance in high-takes environments, with continuous human oversight emphasized.</div></div>","PeriodicalId":48638,"journal":{"name":"Journal of Information Security and Applications","volume":"97 ","pages":"Article 104351"},"PeriodicalIF":3.7,"publicationDate":"2025-12-20","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"145790944","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

引用次数: 0