Journal of Information Security and Applications最新文献_第4页

V2G-RingChain: Blockchain-enabled linkable ring signature scheme for vehicle-to-grid security and privacy V2G-RingChain：支持区块链的可链接环签名方案，用于车辆到电网的安全和隐私

IF 3.7 2区计算机科学 Q2 COMPUTER SCIENCE, INFORMATION SYSTEMS

Journal of Information Security and Applications

Pub Date : 2026-01-10 DOI: 10.1016/j.jisa.2026.104371

Zhenqi Wang , Peng Yang , Dongmei Yang , Xiaoyan Liu , Hongmei Pei

Vehicle-to-Grid (V2G) technology enables electric vehicles to obtain power from the smart grid and supply electricity back during peak hours, and it is crucial for enhancing energy efficiency and reducing carbon emissions. However, attackers may steal sensitive information from electric vehicles through frequent charging and discharging transactions, or even forge such transactions to breach V2G security. Existing schemes mainly adopt ring signatures to achieve forgery resistance and privacy preservation for charging and discharging transactions, and extend them into multi-layer ring signature structures to support multi-input and multi-output transactions. Nevertheless, such schemes either cause the signature size and verification complexity to grow with the transaction scale, or rely on logarithmic compression proofs that introduce substantial system overhead, thereby limiting their practical applicability. To address this issue, we propose an efficient blockchain-enabled linkable ring signature scheme named V2G-RingChain. Specifically, we design an innovative multi-layer linkable ring signature protocol, which reconstructs the key images structure to reduce the computation time required for signing and combines Sum Arguments of Knowledge to control the signature size at a logarithmic level. Moreover, we construct a blockchain-enabled ring transaction mechanism to decouple anonymous electricity payments, blockchain verification, and bill extraction, which relies on Pedersen Commitments and Back-Maxwell RangeProof for hidden account amounts and non-negative judgment. Finally, we conduct a comprehensive security analysis demonstrating that our scheme ensures security and privacy. We conducted extensive experiments, and the results show that V2G-RingChain significantly reduces signature generation cost, verification cost, and communication cost compared with state-of-the-art schemes.

车辆到电网（V2G）技术使电动汽车能够从智能电网获取电力，并在高峰时段供电，对于提高能源效率和减少碳排放至关重要。然而，攻击者可能会通过频繁的充放电交易窃取电动汽车的敏感信息，甚至伪造此类交易，从而破坏V2G安全。现有方案主要采用环签名实现充放电交易的防伪造和隐私保护，并将其扩展为多层环签名结构，支持多输入多输出交易。然而，这些方案要么导致签名大小和验证复杂性随着交易规模的增长而增长，要么依赖于引入大量系统开销的对数压缩证明，从而限制了它们的实际适用性。为了解决这个问题，我们提出了一个高效的支持区块链的可链接环签名方案，名为V2G-RingChain。具体而言，我们设计了一种创新的多层可链接环签名协议，该协议通过重构密钥图像结构来减少签名所需的计算时间，并结合知识参数总和在对数水平上控制签名大小。此外，我们构建了一个支持区块链的环交易机制，以解耦匿名电力支付、区块链验证和账单提取，该机制依赖于Pedersen承诺和Back-Maxwell RangeProof来隐藏账户金额和非负面判断。最后，我们进行了全面的安全性分析，证明我们的方案保证了安全性和隐私性。我们进行了大量的实验，结果表明，与最先进的方案相比，V2G-RingChain显著降低了签名生成成本、验证成本和通信成本。

{"title":"V2G-RingChain: Blockchain-enabled linkable ring signature scheme for vehicle-to-grid security and privacy","authors":"Zhenqi Wang , Peng Yang , Dongmei Yang , Xiaoyan Liu , Hongmei Pei","doi":"10.1016/j.jisa.2026.104371","DOIUrl":"10.1016/j.jisa.2026.104371","url":null,"abstract":"<div><div>Vehicle-to-Grid (V2G) technology enables electric vehicles to obtain power from the smart grid and supply electricity back during peak hours, and it is crucial for enhancing energy efficiency and reducing carbon emissions. However, attackers may steal sensitive information from electric vehicles through frequent charging and discharging transactions, or even forge such transactions to breach V2G security. Existing schemes mainly adopt ring signatures to achieve forgery resistance and privacy preservation for charging and discharging transactions, and extend them into multi-layer ring signature structures to support multi-input and multi-output transactions. Nevertheless, such schemes either cause the signature size and verification complexity to grow with the transaction scale, or rely on logarithmic compression proofs that introduce substantial system overhead, thereby limiting their practical applicability. To address this issue, we propose an efficient blockchain-enabled linkable ring signature scheme named V2G-RingChain. Specifically, we design an innovative multi-layer linkable ring signature protocol, which reconstructs the key images structure to reduce the computation time required for signing and combines Sum Arguments of Knowledge to control the signature size at a logarithmic level. Moreover, we construct a blockchain-enabled ring transaction mechanism to decouple anonymous electricity payments, blockchain verification, and bill extraction, which relies on Pedersen Commitments and Back-Maxwell RangeProof for hidden account amounts and non-negative judgment. Finally, we conduct a comprehensive security analysis demonstrating that our scheme ensures security and privacy. We conducted extensive experiments, and the results show that V2G-RingChain significantly reduces signature generation cost, verification cost, and communication cost compared with state-of-the-art schemes.</div></div>","PeriodicalId":48638,"journal":{"name":"Journal of Information Security and Applications","volume":"97 ","pages":"Article 104371"},"PeriodicalIF":3.7,"publicationDate":"2026-01-10","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"145926038","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

引用次数: 0

A taxonomy of graph-based risk, vulnerability, and attack assessment methods in IoT systems 物联网系统中基于图的风险、漏洞和攻击评估方法的分类

IF 3.7 2区计算机科学 Q2 COMPUTER SCIENCE, INFORMATION SYSTEMS

Journal of Information Security and Applications

Pub Date : 2026-01-09 DOI: 10.1016/j.jisa.2025.104360

Ferhat Arat , Aykut Karakaya , Sedat Akleylek

This paper presents a comprehensive Systematic Literature Review (SLR) focusing on graph-based security and risk assessment approaches for IoT systems, utilizing a comprehensive taxonomy. In addition to elucidating IoT fundamentals and principles, we offer an expansive framework with a specific emphasis on graph-IoT-security concepts, contributing to the systematic organization of information. Unlike existing reviews, our focus is explicitly directed towards using graph theory for security assessment. Moreover, no systematic literature review has been conducted to specifically analyze security assessment approaches of IoT systems using graph methods, excluding other theoretical and applied techniques.

The objective is to describe, synthesize, and compare security developments in IoT from the perspective of various research questions. To the best of our knowledge, this paper represents the first SLR that concentrates on graph-based risk and vulnerability assessments. The primary objective of the SLR is to provide a comprehensive overview for researchers to identify attack graph or attack tree-based approaches. We delineate the IoT paradigm from a security perspective, highlighting various types of attacks detected by graph-based techniques. Furthermore, we present a comparative analysis of existing graph-based security evaluation mechanisms designed for IoT under various metrics, such as procedural performance, runtime, complexity, and other algorithmic overheads. Finally, we reveal issues and challenges regarding open problems that have not been considered and addressed in existing studies.

本文介绍了一篇全面的系统文献综述（SLR），重点介绍了基于图的物联网系统安全和风险评估方法，采用了全面的分类法。除了阐明物联网的基本原理和原则外，我们还提供了一个广泛的框架，特别强调图形物联网安全概念，有助于系统地组织信息。与现有的评论不同，我们的重点明确地指向使用图论进行安全评估。此外，除了其他理论和应用技术外，没有系统的文献综述专门使用图方法分析物联网系统的安全评估方法。目的是从各种研究问题的角度描述、综合和比较物联网的安全发展。据我们所知，这篇论文代表了第一个专注于基于图的风险和脆弱性评估的单反。SLR的主要目标是为研究人员提供一个全面的概述，以确定攻击图或基于攻击树的方法。我们从安全的角度描述了物联网范式，重点介绍了基于图形的技术检测到的各种类型的攻击。此外，我们在各种指标（如程序性能、运行时间、复杂性和其他算法开销）下，对为物联网设计的现有基于图的安全评估机制进行了比较分析。最后，我们揭示了在现有研究中尚未考虑和解决的开放性问题的问题和挑战。

{"title":"A taxonomy of graph-based risk, vulnerability, and attack assessment methods in IoT systems","authors":"Ferhat Arat , Aykut Karakaya , Sedat Akleylek","doi":"10.1016/j.jisa.2025.104360","DOIUrl":"10.1016/j.jisa.2025.104360","url":null,"abstract":"<div><div>This paper presents a comprehensive Systematic Literature Review (SLR) focusing on graph-based security and risk assessment approaches for IoT systems, utilizing a comprehensive taxonomy. In addition to elucidating IoT fundamentals and principles, we offer an expansive framework with a specific emphasis on graph-IoT-security concepts, contributing to the systematic organization of information. Unlike existing reviews, our focus is explicitly directed towards using graph theory for security assessment. Moreover, no systematic literature review has been conducted to specifically analyze security assessment approaches of IoT systems using graph methods, excluding other theoretical and applied techniques.</div><div>The objective is to describe, synthesize, and compare security developments in IoT from the perspective of various research questions. To the best of our knowledge, this paper represents the first SLR that concentrates on graph-based risk and vulnerability assessments. The primary objective of the SLR is to provide a comprehensive overview for researchers to identify attack graph or attack tree-based approaches. We delineate the IoT paradigm from a security perspective, highlighting various types of attacks detected by graph-based techniques. Furthermore, we present a comparative analysis of existing graph-based security evaluation mechanisms designed for IoT under various metrics, such as procedural performance, runtime, complexity, and other algorithmic overheads. Finally, we reveal issues and challenges regarding open problems that have not been considered and addressed in existing studies.</div></div>","PeriodicalId":48638,"journal":{"name":"Journal of Information Security and Applications","volume":"97 ","pages":"Article 104360"},"PeriodicalIF":3.7,"publicationDate":"2026-01-09","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"145926054","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

引用次数: 0

MIE-SMC: Multiple images encryption scheme based on secure multiple-party computation MIE-SMC：基于安全多方计算的多图像加密方案

IF 3.7 2区计算机科学 Q2 COMPUTER SCIENCE, INFORMATION SYSTEMS

Journal of Information Security and Applications

Pub Date : 2026-01-09 DOI: 10.1016/j.jisa.2025.104366

Meng Li , Haojie Li , Xiaozeng Xu , Huanhuan Wang

The protection of privacy for images uploaded to the Internet platform has attracted increasing public concern. As a popular protection technology, multiple-images encryption (MIE) has been widely explored in academic and practical applications. However, existing schemes rarely consider secure key management and selective image decryption. To this end, we propose a multi-user-oriented MIE framework, which achieves selective decryption and enhances key security management. Firstly, we design a novel computing protocol (PCP-UI) based on secure multiple-party computation (SMC). All users obtain the share key without relying on network transmission. Based on PCP-UI, we propose a multiple-stages encryption scheme including pre-encryption, joint encryption, and exclusive encryption. The pre-encrypted results are confused into the joint ciphertext, which is served as the public key to re-encrypt the images. Compared with many other MIE schemes, our scheme achieves permission control for each image and prevents privacy leakage caused by a single key. In addition, the shared key can be obtained via PCP-UI, thus avoiding leakage risk of keys caused by network transmission. To test the encryption performance, various classic attacks analysis and experiments are conducted to demonstrate the effectiveness of our scheme.

上传到互联网平台的图片的隐私保护已经引起了越来越多的公众关注。作为一种流行的保护技术，多图像加密技术在学术和实际应用中得到了广泛的探索。然而，现有方案很少考虑安全密钥管理和选择性图像解密。为此，我们提出了一个面向多用户的MIE框架，实现了选择性解密，增强了密钥安全管理。首先，我们设计了一种基于安全多方计算（SMC）的新型计算协议（PCP-UI）。所有用户获得共享密钥，不依赖网络传输。基于PCP-UI，提出了一种多级加密方案，包括预加密、联合加密和独占加密。将预加密的结果混合成联合密文，作为对图像进行重新加密的公钥。与许多其他MIE方案相比，我们的方案实现了对每个图像的权限控制，防止了单个密钥导致的隐私泄露。另外，共享密钥可以通过PCP-UI获取，避免了网络传输导致密钥泄露的风险。为了测试加密性能，对各种经典攻击进行了分析和实验，以验证该方案的有效性。

{"title":"MIE-SMC: Multiple images encryption scheme based on secure multiple-party computation","authors":"Meng Li , Haojie Li , Xiaozeng Xu , Huanhuan Wang","doi":"10.1016/j.jisa.2025.104366","DOIUrl":"10.1016/j.jisa.2025.104366","url":null,"abstract":"<div><div>The protection of privacy for images uploaded to the Internet platform has attracted increasing public concern. As a popular protection technology, multiple-images encryption (MIE) has been widely explored in academic and practical applications. However, existing schemes rarely consider secure key management and selective image decryption. To this end, we propose a multi-user-oriented MIE framework, which achieves selective decryption and enhances key security management. Firstly, we design a novel computing protocol (PCP-UI) based on secure multiple-party computation (SMC). All users obtain the share key without relying on network transmission. Based on PCP-UI, we propose a multiple-stages encryption scheme including pre-encryption, joint encryption, and exclusive encryption. The pre-encrypted results are confused into the joint ciphertext, which is served as the public key to re-encrypt the images. Compared with many other MIE schemes, our scheme achieves permission control for each image and prevents privacy leakage caused by a single key. In addition, the shared key can be obtained via PCP-UI, thus avoiding leakage risk of keys caused by network transmission. To test the encryption performance, various classic attacks analysis and experiments are conducted to demonstrate the effectiveness of our scheme.</div></div>","PeriodicalId":48638,"journal":{"name":"Journal of Information Security and Applications","volume":"97 ","pages":"Article 104366"},"PeriodicalIF":3.7,"publicationDate":"2026-01-09","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"145926055","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

引用次数: 0

A lattice-based dual blockchain anonymous authentication scheme with forward security and revocability for VANETs 一种基于格的双向区块链匿名认证方案，具有前向安全性和可撤销性

IF 3.7 2区计算机科学 Q2 COMPUTER SCIENCE, INFORMATION SYSTEMS

Journal of Information Security and Applications

Pub Date : 2026-01-07 DOI: 10.1016/j.jisa.2025.104369

Xiuhua Lu , Jingzhuo Zhang , Shuanggen Liu , Yanzhe Dong , Xijie Lu , Junzhong Liu

Vehicular Ad-hoc Networks (VANETs) play a vital role in Intelligent Transportation Systems (ITS) by improving traffic safety and efficiency. However, its open communication channels and high-speed mobility introduce privacy and security vulnerabilities, which makes anonymous authentication particularly important for privacy protection and secure communication. Nevertheless, existing anonymous authentication schemes face significant limitations in resisting single point of failure and supporting distributed storage of authentication messages. Moreover, most of these schemes rely on traditional number-theoretic assumptions, and lack resistance to quantum attacks. We propose a lattice-based dual blockchain anonymous authentication scheme with forward security and revocability for VANETs. The dual blockchain framework logically decouples vehicle identities from their mobility patterns, thereby enhancing anonymity. Forward security is obtained by leveraging bonsai trees structure, ensuring that exposure of current secret key of a vehicle does not affect the authenticity of previously transmitted messages. To address the issue of vehicle misbehavior or credential compromise, the scheme also supports revocability, allowing the system to efficiently and anonymously exclude malicious vehicles from the network without affecting honest participants. Our scheme is rigorously proven to achieve correctness, full anonymity and forward secure traceability. Experimental evaluations show its balanced performance in terms of security and efficiency.

车辆自组织网络（VANETs）通过提高交通安全和效率在智能交通系统（ITS）中发挥着至关重要的作用。然而，其开放的通信通道和高速的移动性带来了隐私和安全漏洞，这使得匿名认证对隐私保护和安全通信尤为重要。然而，现有的匿名身份验证方案在抵抗单点故障和支持身份验证消息的分布式存储方面面临着很大的限制。此外，这些方案大多依赖于传统的数论假设，缺乏对量子攻击的抵抗力。提出了一种基于格的双区块链匿名认证方案，具有前向安全性和可撤销性。双区块链框架从逻辑上将车辆身份与其移动模式解耦，从而增强了匿名性。前向安全性是利用盆景树结构实现的，确保车辆当前密钥的暴露不会影响先前传输消息的真实性。为了解决车辆不当行为或凭证泄露的问题，该方案还支持可撤销性，允许系统在不影响诚实参与者的情况下有效和匿名地从网络中排除恶意车辆。我们的方案被严格证明可以实现正确性、完全匿名性和前向安全可追溯性。实验结果表明，该算法在安全性和效率方面达到了平衡。

{"title":"A lattice-based dual blockchain anonymous authentication scheme with forward security and revocability for VANETs","authors":"Xiuhua Lu , Jingzhuo Zhang , Shuanggen Liu , Yanzhe Dong , Xijie Lu , Junzhong Liu","doi":"10.1016/j.jisa.2025.104369","DOIUrl":"10.1016/j.jisa.2025.104369","url":null,"abstract":"<div><div>Vehicular Ad-hoc Networks (VANETs) play a vital role in Intelligent Transportation Systems (ITS) by improving traffic safety and efficiency. However, its open communication channels and high-speed mobility introduce privacy and security vulnerabilities, which makes anonymous authentication particularly important for privacy protection and secure communication. Nevertheless, existing anonymous authentication schemes face significant limitations in resisting single point of failure and supporting distributed storage of authentication messages. Moreover, most of these schemes rely on traditional number-theoretic assumptions, and lack resistance to quantum attacks. We propose a lattice-based dual blockchain anonymous authentication scheme with forward security and revocability for VANETs. The dual blockchain framework logically decouples vehicle identities from their mobility patterns, thereby enhancing anonymity. Forward security is obtained by leveraging bonsai trees structure, ensuring that exposure of current secret key of a vehicle does not affect the authenticity of previously transmitted messages. To address the issue of vehicle misbehavior or credential compromise, the scheme also supports revocability, allowing the system to efficiently and anonymously exclude malicious vehicles from the network without affecting honest participants. Our scheme is rigorously proven to achieve correctness, full anonymity and forward secure traceability. Experimental evaluations show its balanced performance in terms of security and efficiency.</div></div>","PeriodicalId":48638,"journal":{"name":"Journal of Information Security and Applications","volume":"97 ","pages":"Article 104369"},"PeriodicalIF":3.7,"publicationDate":"2026-01-07","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"145926040","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

引用次数: 0

LTMIA: a loss trajectory-based membership inference attack method in federated learning LTMIA：联邦学习中一种基于损失轨迹的隶属推理攻击方法

IF 3.7 2区计算机科学 Q2 COMPUTER SCIENCE, INFORMATION SYSTEMS

Journal of Information Security and Applications

Pub Date : 2026-01-07 DOI: 10.1016/j.jisa.2025.104364

Jia Song , Jianting Yuan , Guanxin Chen , Yipeng Liu , Nan Yang

Federated Learning (FL) preserves privacy by avoiding direct data sharing, yet trained models remain vulnerable to information leakage through Membership Inference Attacks (MIAs) and Source Inference Attacks (SIAs). Existing MIA methods in FL demand substantial storage space and computational resources by requiring complete client updates across multiple rounds, while SIAs typically depend on impractical assumptions such as auxiliary datasets. To address these limitations, we propose LTMIA (Loss Trajectory-based Membership Inference Attack), a unified framework capable of performing both MIA and SIA efficiently. Our method exploits loss trajectory discrepancies during early FL training stages. By extracting temporal loss patterns from initial rounds, LTMIA trains a lightweight inference model for membership prediction. For SIA, we introduce a statistical averaging strategy that enables accurate source attribution without requiring auxiliary datasets. Experimental results demonstrate that LTMIA achieves more than 94% attack accuracy in MIA while using only the first half of client updates. For SIA tasks, LTMIA consistently surpasses state-of-the-art baselines across various configurations. The method shows particular strength in scenarios with limited computational resources and storage capacity. These findings underscore LTMIA’s effectiveness, efficiency, and practicality for assessing privacy risks in FL systems.

联邦学习（FL）通过避免直接的数据共享来保护隐私，但是经过训练的模型仍然容易受到成员推理攻击（mia）和源推理攻击（SIAs）的信息泄露。FL中现有的MIA方法需要跨多轮完整的客户端更新，需要大量的存储空间和计算资源，而sia通常依赖于不切实际的假设，如辅助数据集。为了解决这些限制，我们提出了LTMIA（基于损失轨迹的成员推理攻击），这是一个能够有效执行MIA和SIA的统一框架。我们的方法利用了早期FL训练阶段的损失轨迹差异。通过从初始回合中提取时间损失模式，LTMIA训练轻量级推理模型用于成员预测。对于SIA，我们引入了一种统计平均策略，可以在不需要辅助数据集的情况下实现准确的来源归属。实验结果表明，LTMIA在只使用客户端更新的前半部分的情况下，在MIA中实现了94%以上的攻击准确率。对于SIA任务，LTMIA在各种配置中始终超过最先进的基线。该方法在计算资源和存储容量有限的情况下表现出特别的优势。这些发现强调了LTMIA在FL系统中评估隐私风险的有效性、效率和实用性。

{"title":"LTMIA: a loss trajectory-based membership inference attack method in federated learning","authors":"Jia Song , Jianting Yuan , Guanxin Chen , Yipeng Liu , Nan Yang","doi":"10.1016/j.jisa.2025.104364","DOIUrl":"10.1016/j.jisa.2025.104364","url":null,"abstract":"<div><div>Federated Learning (FL) preserves privacy by avoiding direct data sharing, yet trained models remain vulnerable to information leakage through Membership Inference Attacks (MIAs) and Source Inference Attacks (SIAs). Existing MIA methods in FL demand substantial storage space and computational resources by requiring complete client updates across multiple rounds, while SIAs typically depend on impractical assumptions such as auxiliary datasets. To address these limitations, we propose LTMIA (Loss Trajectory-based Membership Inference Attack), a unified framework capable of performing both MIA and SIA efficiently. Our method exploits loss trajectory discrepancies during early FL training stages. By extracting temporal loss patterns from initial rounds, LTMIA trains a lightweight inference model for membership prediction. For SIA, we introduce a statistical averaging strategy that enables accurate source attribution without requiring auxiliary datasets. Experimental results demonstrate that LTMIA achieves more than 94% attack accuracy in MIA while using only the first half of client updates. For SIA tasks, LTMIA consistently surpasses state-of-the-art baselines across various configurations. The method shows particular strength in scenarios with limited computational resources and storage capacity. These findings underscore LTMIA’s effectiveness, efficiency, and practicality for assessing privacy risks in FL systems.</div></div>","PeriodicalId":48638,"journal":{"name":"Journal of Information Security and Applications","volume":"97 ","pages":"Article 104364"},"PeriodicalIF":3.7,"publicationDate":"2026-01-07","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"145926105","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

引用次数: 0

CallTrust: A federated system for call authentication in telephony networks CallTrust：在电话网络中用于呼叫身份验证的联邦系统

IF 3.7 2区计算机科学 Q2 COMPUTER SCIENCE, INFORMATION SYSTEMS

Journal of Information Security and Applications

Pub Date : 2026-01-07 DOI: 10.1016/j.jisa.2025.104365

Francesco Buccafurri , Vincenzo De Angelis , Sara Lazzaro , Carmen Licciardi

Voice phishing (vishing) remains a critical security threat in telephone communications, where users cannot reliably authenticate calling parties. Despite technical efforts like STIR/SHAKEN, traditional telephony still lacks application-layer mechanisms to detect spoofed or hijacked calls. In this paper, we present CallTrust, a novel, deployable, and infrastructure-agnostic solution that enables real-time verification of incoming and outgoing calls between users and Certified Services, i.e., trusted entities publicly certified to own specific phone numbers. Our protocol operates entirely at the application layer and leverages time-slotted, privacy-preserving credentials published by Certified Services to detect spoofed or hijacked calls. We detail the protocol design and show that it satisfies the intended security properties. To demonstrate the practical relevance of our approach, we propose a federated design that enables cross-realm (i.e., cross-border) adoption. As a concrete example, we apply it to the European eIDAS framework by extending Qualified Website Authentication Certificates (QWACs) to support the binding of telephone numbers to legally recognized entities. Through a mobile-based proof-of-concept implementation, we show that call authentication can be completed in under two seconds, thus providing users with timely warnings before engaging with potentially phone scammers. Experimental results confirm the practicality of our approach, offering a viable path toward securing telephony communication against impersonation-based threats.

语音网络钓鱼（vishing）在电话通信中仍然是一个严重的安全威胁，因为用户无法可靠地验证呼叫方的身份。尽管有诸如STIR/SHAKEN之类的技术努力，传统电话仍然缺乏应用层机制来检测欺骗或劫持电话。在本文中，我们介绍了CallTrust，这是一种新颖的、可部署的、与基础设施无关的解决方案，可以实时验证用户和认证服务（即公开认证为拥有特定电话号码的受信任实体）之间的呼入和呼出呼叫。我们的协议完全在应用层运行，并利用认证服务发布的时隙、隐私保护凭证来检测欺骗或劫持呼叫。我们详细介绍了协议设计，并说明它满足预期的安全属性。为了演示我们的方法的实际相关性，我们提出了一个支持跨领域（即跨界）采用的联邦设计。作为一个具体的例子，我们通过扩展合格网站认证证书（QWACs）将其应用于欧洲eIDAS框架，以支持将电话号码绑定到法律认可的实体。通过基于手机的概念验证实现，我们展示了呼叫身份验证可以在两秒钟内完成，从而在与潜在的电话诈骗者接触之前为用户提供及时的警告。实验结果证实了我们方法的实用性，为保护电话通信免受基于模拟的威胁提供了可行的途径。

{"title":"CallTrust: A federated system for call authentication in telephony networks","authors":"Francesco Buccafurri , Vincenzo De Angelis , Sara Lazzaro , Carmen Licciardi","doi":"10.1016/j.jisa.2025.104365","DOIUrl":"10.1016/j.jisa.2025.104365","url":null,"abstract":"<div><div>Voice phishing (vishing) remains a critical security threat in telephone communications, where users cannot reliably authenticate calling parties. Despite technical efforts like STIR/SHAKEN, traditional telephony still lacks application-layer mechanisms to detect spoofed or hijacked calls. In this paper, we present CallTrust, a novel, deployable, and infrastructure-agnostic solution that enables real-time verification of incoming and outgoing calls between users and Certified Services, i.e., trusted entities publicly certified to own specific phone numbers. Our protocol operates entirely at the application layer and leverages time-slotted, privacy-preserving credentials published by Certified Services to detect spoofed or hijacked calls. We detail the protocol design and show that it satisfies the intended security properties. To demonstrate the practical relevance of our approach, we propose a federated design that enables cross-realm (i.e., cross-border) adoption. As a concrete example, we apply it to the European eIDAS framework by extending Qualified Website Authentication Certificates (QWACs) to support the binding of telephone numbers to legally recognized entities. Through a mobile-based proof-of-concept implementation, we show that call authentication can be completed in under two seconds, thus providing users with timely warnings before engaging with potentially phone scammers. Experimental results confirm the practicality of our approach, offering a viable path toward securing telephony communication against impersonation-based threats.</div></div>","PeriodicalId":48638,"journal":{"name":"Journal of Information Security and Applications","volume":"97 ","pages":"Article 104365"},"PeriodicalIF":3.7,"publicationDate":"2026-01-07","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"145926039","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

引用次数: 0

γ-M2I: Image-based malware classification via feature spatial transformation γ-M2I：基于图像特征空间变换的恶意软件分类

IF 3.7 2区计算机科学 Q2 COMPUTER SCIENCE, INFORMATION SYSTEMS

Journal of Information Security and Applications

Pub Date : 2026-01-07 DOI: 10.1016/j.jisa.2025.104355

Wanhu Nie, Changsheng Zhu

In recent years, the surge in malware variants has made fast and accurate classification a critical cybersecurity challenge. Visualization-based deep learning methods offer promising solutions, among which the State Transition Probability Matrix (STPM) effectively reduces redundancy by modeling binaries as Markov chains. However, STPM is inherently a mathematical statistical model that disregards visual characteristics, resulting in Markov images with inherent flaws such as sparse pixel distribution and insufficient brightness. This paper reveals the fundamental conflict between mathematical semantics and visual perception requirements in STPM visualization and proposes a feature spatial transformation method, γ-M2I, for visual malware classification. The core idea of γ-M2I is to introduce a plug-and-play feature spatial transformation module into traditional STPM visualization schemes to mitigate its intrinsic visual limitations, utilizing spatial transformations (γ-mapping) to optimize feature distribution and enhance the representational capacity of feature maps. This stems from the feature space transformation’s ability to preserve low-frequency state transitions while relatively suppressing high-frequency noise. γ-M2I operates independently of STPM and can be seamlessly integrated into STPM-based frameworks and convolutional neural network architectures. This modular design supports rapid adaptation to advanced models. Extensive experiments conducted on benchmark malware classification datasets, including Malimg and BIG-2015, demonstrate that the proposed method achieves high accuracy rates of 99.82% and 99.46%, with F₁-scores of 99.73% and 99.22%, respectively, outperforming existing state-of-the-art approaches. Moreover, it exhibits robustness against evasion techniques employed by malware variants, such as packing, encryption and obfuscation.

近年来，恶意软件变体的激增使得快速准确的分类成为一项关键的网络安全挑战。基于可视化的深度学习方法提供了很好的解决方案，其中状态转移概率矩阵（STPM）通过将二进制文件建模为马尔可夫链有效地减少了冗余。然而，STPM本质上是一种忽略视觉特征的数学统计模型，导致马尔可夫图像具有像素分布稀疏、亮度不足等固有缺陷。本文揭示了STPM可视化中数学语义与视觉感知需求之间的根本冲突，提出了一种用于可视化恶意软件分类的特征空间变换方法γ-M2I。γ-M2I的核心思想是在传统的STPM可视化方案中引入即插即用的特征空间转换模块，利用空间转换（γ映射）优化特征分布，增强特征映射的表示能力，以缓解其固有的视觉局限性。这源于特征空间变换在相对抑制高频噪声的同时保持低频状态转换的能力。γ-M2I独立于STPM工作，可以无缝集成到基于STPM的框架和卷积神经网络架构中。这种模块化设计支持快速适应先进的模型。在Malimg和BIG-2015等基准恶意软件分类数据集上进行的大量实验表明，该方法的准确率高达99.82%和99.46%，f1得分分别为99.73%和99.22%，优于现有的最先进方法。此外，它还展示了对恶意软件变体所采用的规避技术的鲁棒性，例如打包、加密和混淆。

{"title":"γ-M2I: Image-based malware classification via feature spatial transformation","authors":"Wanhu Nie, Changsheng Zhu","doi":"10.1016/j.jisa.2025.104355","DOIUrl":"10.1016/j.jisa.2025.104355","url":null,"abstract":"<div><div>In recent years, the surge in malware variants has made fast and accurate classification a critical cybersecurity challenge. Visualization-based deep learning methods offer promising solutions, among which the State Transition Probability Matrix (STPM) effectively reduces redundancy by modeling binaries as Markov chains. However, STPM is inherently a mathematical statistical model that disregards visual characteristics, resulting in Markov images with inherent flaws such as sparse pixel distribution and insufficient brightness. This paper reveals the fundamental conflict between mathematical semantics and visual perception requirements in STPM visualization and proposes a feature spatial transformation method, <em>γ</em>-M2I, for visual malware classification. The core idea of <em>γ</em>-M2I is to introduce a plug-and-play feature spatial transformation module into traditional STPM visualization schemes to mitigate its intrinsic visual limitations, utilizing spatial transformations (<em>γ</em>-mapping) to optimize feature distribution and enhance the representational capacity of feature maps. This stems from the feature space transformation’s ability to preserve low-frequency state transitions while relatively suppressing high-frequency noise. <em>γ</em>-M2I operates independently of STPM and can be seamlessly integrated into STPM-based frameworks and convolutional neural network architectures. This modular design supports rapid adaptation to advanced models. Extensive experiments conducted on benchmark malware classification datasets, including Malimg and BIG-2015, demonstrate that the proposed method achieves high accuracy rates of 99.82% and 99.46%, with <em>F</em><sub>1</sub>-scores of 99.73% and 99.22%, respectively, outperforming existing state-of-the-art approaches. Moreover, it exhibits robustness against evasion techniques employed by malware variants, such as packing, encryption and obfuscation.</div></div>","PeriodicalId":48638,"journal":{"name":"Journal of Information Security and Applications","volume":"97 ","pages":"Article 104355"},"PeriodicalIF":3.7,"publicationDate":"2026-01-07","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"145926053","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

引用次数: 0

A Novel Privacy-Preserving user information queries scheme with functional policy 一种新的带功能策略的保隐私用户信息查询方案

IF 3.7 2区计算机科学 Q2 COMPUTER SCIENCE, INFORMATION SYSTEMS

Journal of Information Security and Applications

Pub Date : 2026-01-05 DOI: 10.1016/j.jisa.2025.104359

Yuhang Lei , Rui Shi , Yang Yang , Chunjie Cao , Huamin Feng

Privacy-preserving information queries enable a requester to obtain only the value f(x) computed over sensitive data x, while preventing disclosure of the underlying records. Existing approaches typically reveal full data, incur high on-chain overhead, or lack fair and verifiable delivery of function outputs. We propose a general-purpose, blockchain-compatible framework that ensures the requester learns only f(x) with no extra leakage and that the provider receives fair payment. The design integrates Adaptor Signatures (AS) for fair exchange and Inner-Product Functional Encryption (IPFE) for fine-grained function extraction. The framework is domain-agnostic and applicable to privacy-sensitive applications such as medical insurance and financial risk assessment. We formally prove advertisement soundness, unforgeability, witness extractability, and witness privacy. A prototype demonstrates linear scalability up to ℓ=100,000. We conduct a comparative evaluation between our scheme and related works under typical attribute dimensions

ℓ = 10, 20, 30

. The results show that, under the same dimensional settings, our scheme achieves a 2.5×-6× performance improvement. Meanwhile, the storage overhead of our solution ranges from 1.6 KB to 4.1 KB, which is slightly lower than that of existing schemes (2.7-4.0 KB), and the on-chain cost consistently remains a fixed 64 bytes. These findings demonstrate that our approach provides significant practical advantages in low-dimensional, high-frequency medical query scenarios.

保护隐私的信息查询使请求者只能获得对敏感数据x计算的值f(x)，同时防止底层记录的泄露。现有的方法通常会显示完整的数据，导致高链上开销，或者缺乏公平和可验证的功能输出交付。我们提出了一个通用的、区块链兼容的框架，确保请求者只学习f(x)，没有额外的泄漏，并且提供者收到公平的支付。该设计集成了用于公平交换的适配器签名（AS）和用于细粒度功能提取的内部产品功能加密（IPFE）。该框架与领域无关，适用于隐私敏感的应用程序，如医疗保险和金融风险评估。我们正式证明广告的稳健性、不可伪造性、证人可提取性和证人隐私性。一个原型演示了线性可扩展性，最高可达100,000。在典型属性维数=10、20、30的情况下，我们将我们的方案与相关工作进行了比较评价。结果表明，在相同的维度设置下，我们的方案实现了2.5×-6×性能提升。同时，我们的解决方案的存储开销范围从1.6 KB到4.1 KB，略低于现有方案（2.7-4.0 KB），并且链上成本始终保持固定的64字节。这些发现表明，我们的方法在低维、高频医疗查询场景中具有显著的实用优势。

{"title":"A Novel Privacy-Preserving user information queries scheme with functional policy","authors":"Yuhang Lei , Rui Shi , Yang Yang , Chunjie Cao , Huamin Feng","doi":"10.1016/j.jisa.2025.104359","DOIUrl":"10.1016/j.jisa.2025.104359","url":null,"abstract":"<div><div>Privacy-preserving information queries enable a requester to obtain only the value <em>f</em>(<em>x</em>) computed over sensitive data <em>x</em>, while preventing disclosure of the underlying records. Existing approaches typically reveal full data, incur high on-chain overhead, or lack fair and verifiable delivery of function outputs. We propose a general-purpose, blockchain-compatible framework that ensures the requester learns only <em>f</em>(<em>x</em>) with no extra leakage and that the provider receives fair payment. The design integrates Adaptor Signatures (AS) for fair exchange and Inner-Product Functional Encryption (IPFE) for fine-grained function extraction. The framework is domain-agnostic and applicable to privacy-sensitive applications such as medical insurance and financial risk assessment. We formally prove advertisement soundness, unforgeability, witness extractability, and witness privacy. A prototype demonstrates linear scalability up to ℓ=100,000. We conduct a comparative evaluation between our scheme and related works under typical attribute dimensions <span><math><mrow><mi>ℓ</mi><mo>=</mo><mrow><mn>10</mn><mo>,</mo><mn>20</mn><mo>,</mo><mn>30</mn></mrow></mrow></math></span>. The results show that, under the same dimensional settings, our scheme achieves a 2.5×-6× performance improvement. Meanwhile, the storage overhead of our solution ranges from 1.6 KB to 4.1 KB, which is slightly lower than that of existing schemes (2.7-4.0 KB), and the on-chain cost consistently remains a fixed 64 bytes. These findings demonstrate that our approach provides significant practical advantages in low-dimensional, high-frequency medical query scenarios.</div></div>","PeriodicalId":48638,"journal":{"name":"Journal of Information Security and Applications","volume":"97 ","pages":"Article 104359"},"PeriodicalIF":3.7,"publicationDate":"2026-01-05","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"145926104","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

引用次数: 0

FedDNA: Behavioural based approach for byzantine defense in federated learning via model fingerprinting and adaptive thresholding 基于模型指纹和自适应阈值的联邦学习拜占庭防御行为方法

IF 3.7 2区计算机科学 Q2 COMPUTER SCIENCE, INFORMATION SYSTEMS

Journal of Information Security and Applications

Pub Date : 2026-01-02 DOI: 10.1016/j.jisa.2025.104358

Aditya Garg , Naman Bansal , Sumit Yadav , Nisha Kandhoul , Sanjay K. Dhurandher , Isaac Woungang

Federated Learning presents a distributed system approach that is capable of achieving higher pri- vacy and security guarantees by not sharing its local data. However, federated learning is vulnerable to Byzantine faults, where unreliable or malicious agents can disrupt the central aggregation process and degrade performance. Existing Byzantine-resilient algorithms often face challenges of lim- ited effectiveness under non-independent and identically distributed (non-IID) data distribution. This paper presents the FedDNA Algorithm, a novel adaptive aggregation algorithm that enhances robust- ness by focusing on the internal behaviour of client models rather than just their parameters. FedDNA is based on the concept of a model fingerprint, a unique signature of a machine learning model’s inter- but this manipulation will almost always cause a sudden, detectable change in the model’s internal computations, which is captured by the fingerprint. Another distinguishing feature of FedDNA is its adaptive threshold mechanism based on Median Absolute Deviation (MAD), which dynamically adjusts in response to the internal consistency of client updates, thereby enhancing the algorithm’s robustness against Byzantine behaviour. To evaluate the effectiveness of the proposed approach, an extensive feasibility study was conducted comparing it with existing algorithms. Experimental results indicate that FedDNA achieves good accuracy and stability under Byzantine attacks, outperforming state-of-the-art methods by effectively identifying and mitigating the influence of faulty nodes in both independent and identically distributed (IID) and non-independent and identically distributed (non-IID) data distributions.

联邦学习提出了一种分布式系统方法，能够通过不共享其本地数据来实现更高的隐私性和安全性保证。然而，联邦学习容易受到拜占庭错误的影响，其中不可靠或恶意的代理可能会破坏中心聚合过程并降低性能。现有的拜占庭弹性算法在非独立和同分布（non-IID）数据分布下常常面临有效性有限的挑战。本文提出了一种新的自适应聚合算法FedDNA算法，该算法通过关注客户端模型的内部行为而不仅仅是它们的参数来增强鲁棒性。FedDNA基于模型指纹的概念，这是机器学习模型内部的独特特征，但这种操作几乎总是会导致模型内部计算发生突然的、可检测的变化，这些变化会被指纹捕获。FedDNA的另一个显著特征是其基于中值绝对偏差（MAD）的自适应阈值机制，该机制根据客户端更新的内部一致性动态调整，从而增强了算法对拜占庭行为的鲁棒性。为了评估所提出方法的有效性，将其与现有算法进行了广泛的可行性研究。实验结果表明，FedDNA在拜占庭攻击下具有良好的准确性和稳定性，能够有效识别和减轻独立与同分布（IID）和非独立与同分布（non-IID）数据分布中故障节点的影响，优于现有方法。

{"title":"FedDNA: Behavioural based approach for byzantine defense in federated learning via model fingerprinting and adaptive thresholding","authors":"Aditya Garg , Naman Bansal , Sumit Yadav , Nisha Kandhoul , Sanjay K. Dhurandher , Isaac Woungang","doi":"10.1016/j.jisa.2025.104358","DOIUrl":"10.1016/j.jisa.2025.104358","url":null,"abstract":"<div><div>Federated Learning presents a distributed system approach that is capable of achieving higher pri- vacy and security guarantees by not sharing its local data. However, federated learning is vulnerable to Byzantine faults, where unreliable or malicious agents can disrupt the central aggregation process and degrade performance. Existing Byzantine-resilient algorithms often face challenges of lim- ited effectiveness under non-independent and identically distributed (non-IID) data distribution. This paper presents the FedDNA Algorithm, a novel adaptive aggregation algorithm that enhances robust- ness by focusing on the internal behaviour of client models rather than just their parameters. FedDNA is based on the concept of a model fingerprint, a unique signature of a machine learning model’s inter- but this manipulation will almost always cause a sudden, detectable change in the model’s internal computations, which is captured by the fingerprint. Another distinguishing feature of FedDNA is its adaptive threshold mechanism based on Median Absolute Deviation (MAD), which dynamically adjusts in response to the internal consistency of client updates, thereby enhancing the algorithm’s robustness against Byzantine behaviour. To evaluate the effectiveness of the proposed approach, an extensive feasibility study was conducted comparing it with existing algorithms. Experimental results indicate that FedDNA achieves good accuracy and stability under Byzantine attacks, outperforming state-of-the-art methods by effectively identifying and mitigating the influence of faulty nodes in both independent and identically distributed (IID) and non-independent and identically distributed (non-IID) data distributions.</div></div>","PeriodicalId":48638,"journal":{"name":"Journal of Information Security and Applications","volume":"97 ","pages":"Article 104358"},"PeriodicalIF":3.7,"publicationDate":"2026-01-02","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"145884190","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

引用次数: 0

IF 3.7 2区计算机科学 Q2 COMPUTER SCIENCE, INFORMATION SYSTEMS

Journal of Information Security and Applications

Pub Date : 2026-01-01

引用次数: 0