Journal of Information Security and Applications最新文献_第6页

Moving target defense for DDos mitigation with shuffling of critical edge(s) connections 移动目标防御DDos缓解与关键边缘(s)连接的洗牌

IF 3.7 2区计算机科学 Q2 COMPUTER SCIENCE, INFORMATION SYSTEMS

Journal of Information Security and Applications

Pub Date : 2025-12-26 DOI: 10.1016/j.jisa.2025.104347

Amir Javadpour , Forough Ja’ Fari , Tarik Taleb , Chafika Benzaïd

Moving Target Defense (MTD) has as a widely adopted approach to mitigate vulnerability exploitation. It is a widely adopted approach to mitigate the exploitation of vulnerabilities. Its dynamic and proactive nature makes it well-suited for SDNs requiring comprehensive and continuous monitoring. A core objective of MTD is to minimize the number of hosts shuffled while maintaining robust security and low scrambling frequency. This paper introduces a novel approach, the Number of Edge Connections (NoEC) strategy, aimed at mitigating Distributed Denial of Service (DDoS) attacks in a resource-efficient manner. This is achieved by strategically reconfiguring a select group of highly connected hosts known as “Edges” to protect critical assets. This approach enhances analytical clarity and supports informed selection of defense strategies tailored to specific edge deployment scenarios. We designed a system utilizing NoEC and conducted simulations using Mininet. The results show that NoEC reduces the complexity by 55.12 % compared to previous MTD methods while increasing the security level by 15.72 %. Among the techniques, topology randomization and edge node shuffling show the highest disruption effect, validating the approach’s practical viability and robustness in defending edge infrastructures.

移动目标防御（MTD）是一种被广泛采用的减少漏洞利用的方法。这是一种广泛采用的方法，以减轻漏洞的利用。其动态和主动的性质使其非常适合需要全面和连续监测的sdn。MTD的核心目标是在保持高安全性和低置乱频率的同时，最大限度地减少打乱的主机数量。本文介绍了一种新颖的方法，边缘连接数（NoEC）策略，旨在以资源高效的方式减轻分布式拒绝服务（DDoS）攻击。这是通过战略性地重新配置一组高度连接的主机来实现的，这些主机被称为“边缘”，以保护关键资产。这种方法增强了分析的清晰度，并支持针对特定边缘部署场景量身定制的明智的防御策略选择。我们利用NoEC设计了一个系统，并使用Mininet进行了模拟。结果表明，NoEC方法比以前的MTD方法降低了55.12%的复杂度，同时提高了15.72%的安全性。其中，拓扑随机化和边缘节点洗牌的干扰效果最好，验证了该方法在边缘基础设施防御中的实际可行性和鲁棒性。

{"title":"Moving target defense for DDos mitigation with shuffling of critical edge(s) connections","authors":"Amir Javadpour , Forough Ja’ Fari , Tarik Taleb , Chafika Benzaïd","doi":"10.1016/j.jisa.2025.104347","DOIUrl":"10.1016/j.jisa.2025.104347","url":null,"abstract":"<div><div>Moving Target Defense (MTD) has as a widely adopted approach to mitigate vulnerability exploitation. It is a widely adopted approach to mitigate the exploitation of vulnerabilities. Its dynamic and proactive nature makes it well-suited for SDNs requiring comprehensive and continuous monitoring. A core objective of MTD is to minimize the number of hosts shuffled while maintaining robust security and low scrambling frequency. This paper introduces a novel approach, the Number of Edge Connections (NoEC) strategy, aimed at mitigating Distributed Denial of Service (DDoS) attacks in a resource-efficient manner. This is achieved by strategically reconfiguring a select group of highly connected hosts known as “Edges” to protect critical assets. This approach enhances analytical clarity and supports informed selection of defense strategies tailored to specific edge deployment scenarios. We designed a system utilizing NoEC and conducted simulations using Mininet. The results show that NoEC reduces the complexity by 55.12 % compared to previous MTD methods while increasing the security level by 15.72 %. Among the techniques, topology randomization and edge node shuffling show the highest disruption effect, validating the approach’s practical viability and robustness in defending edge infrastructures.</div></div>","PeriodicalId":48638,"journal":{"name":"Journal of Information Security and Applications","volume":"97 ","pages":"Article 104347"},"PeriodicalIF":3.7,"publicationDate":"2025-12-26","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"145841428","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

引用次数: 0

A traceable threshold Asmuth–Bloom secret sharing scheme 可追踪阈值Asmuth-Bloom秘密共享方案

IF 3.7 2区计算机科学 Q2 COMPUTER SCIENCE, INFORMATION SYSTEMS

Journal of Information Security and Applications

Pub Date : 2025-12-25 DOI: 10.1016/j.jisa.2025.104350

Maria Leslie, Ratna Dutta

In a (t, n)-threshold secret sharing scheme, accountability is crucial when a subset of f < t servers collude to leak secret shares. Traceable Threshold Secret Sharing (TTSS) ensures that leaked shares can be traced back to the compromised servers while preventing false accusations through non-imputability. In Crypto’24, Boneh et al. proposed new definitions and more practical constructions for TTSS based on Shamir’s and Blakley’s secret sharing schemes, removing the practical limitation of existing TTSS.

Our work presents a TTSS scheme built upon an additive variant of the Asmuth-Bloom scheme, relying only on oracle access to the reconstruction box

R

. In our model, a subset of f < t colluding servers can construct a reconstruction box

R

that recovers the secret with the assistance of an additional

t - f

random shares. We note that integrating tracing in the standard (t, n)-Asmuth-Bloom Secret Sharing (ABSS) scheme exhibits a tracing leakage issue. We fix this limitation by introducing additive variants of ABSS, ABSS-I and ABSS-II that retain the security of the original scheme ABSS while splitting the secret s into t additive components and generating all shares from the additive components of s. Based on ABSS-I, we construct a TTSS scheme, TTSS-I, that introduces traceability into the framework and is proven to be universally traceable in the random oracle model, assuming

R

is a universally good reconstruction box. We integrate a tracing mechanism in ABSS-II and propose a second scheme, TTSS-II, which extends TTSS-I by additionally concealing partial information about the additive component of the secret s to introduce non-imputability to prevent the tracer from falsely accusing any honest party by fabricating evidence of its corruption. The security of TTSS-II is also in the random oracle model and relies on the hardness of the discrete logarithm problem.

在（t, n）阈值秘密共享方案中，当f子集 <； t服务器串通泄露秘密共享时，问责制是至关重要的。可追踪的阈值秘密共享（TTSS）确保泄露的共享可以追溯到受损的服务器，同时通过不可归责性防止虚假指控。在Crypto’24中，Boneh等人基于Shamir和Blakley的秘密共享方案，提出了新的TTSS定义和更实用的TTSS结构，消除了现有TTSS的实际限制。我们的工作提出了一种基于Asmuth-Bloom方案的附加变体的TTSS方案，仅依赖于oracle对重建盒R的访问。在我们的模型中，f <； t个共谋服务器的子集可以构建一个重建盒R，该重建盒R在额外的t−f个随机共享的帮助下恢复秘密。我们注意到，在标准(t, n)-Asmuth-Bloom秘密共享（ABSS）方案中集成跟踪显示出跟踪泄漏问题。我们通过引入ABSS， ABSS- i和ABSS- ii的加性变体来解决这一限制，这些变体保留了原始方案ABSS的安全性，同时将秘密s拆分为t个加性组件，并从s的加性组件生成所有共享。基于ABSS- i，我们构建了一个TTSS方案TTSS- i，该方案在框架中引入了可追溯性，并在随机oracle模型中被证明是普遍可追溯的，假设R是一个普遍良好的重建盒。我们在ABSS-II中集成了一种追踪机制，并提出了第二种方案TTSS-II，该方案扩展了TTSS-I，通过额外隐藏有关秘密s的附加成分的部分信息来引入非归罪性，以防止追踪者通过伪造其腐败证据而错误地指控任何诚实的一方。TTSS-II的安全性也在随机oracle模型中，依赖于离散对数问题的硬度。

{"title":"A traceable threshold Asmuth–Bloom secret sharing scheme","authors":"Maria Leslie, Ratna Dutta","doi":"10.1016/j.jisa.2025.104350","DOIUrl":"10.1016/j.jisa.2025.104350","url":null,"abstract":"<div><div>In a (<em>t, n</em>)-threshold secret sharing scheme, accountability is crucial when a subset of <em>f</em> < <em>t</em> servers collude to leak secret shares. <em>Traceable Threshold Secret Sharing</em> (<span>TTSS</span>) ensures that leaked shares can be traced back to the compromised servers while preventing false accusations through non-imputability. In Crypto’24, Boneh et al. proposed new definitions and more practical constructions for <span>TTSS</span> based on Shamir’s and Blakley’s secret sharing schemes, removing the practical limitation of existing <span>TTSS</span>.</div><div>Our work presents a <span>TTSS</span> scheme built upon an additive variant of the Asmuth-Bloom scheme, relying only on oracle access to the reconstruction box <span><math><mi>R</mi></math></span>. In our model, a subset of <em>f</em> < <em>t</em> colluding servers can construct a reconstruction box <span><math><mi>R</mi></math></span> that recovers the secret with the assistance of an additional <span><math><mrow><mi>t</mi><mo>−</mo><mi>f</mi></mrow></math></span> random shares. We note that integrating tracing in the standard (<em>t, n</em>)-Asmuth-Bloom Secret Sharing (<span>ABSS</span>) scheme exhibits a tracing leakage issue. We fix this limitation by introducing additive variants of <span>ABSS</span>, <span>ABSS-</span>I and <span>ABSS-</span>II that retain the security of the original scheme <span>ABSS</span> while splitting the secret <em>s</em> into <em>t</em> additive components and generating all shares from the additive components of <em>s</em>. Based on <span>ABSS-</span>I, we construct a <span>TTSS</span> scheme, <span>TTSS-</span>I, that introduces traceability into the framework and is proven to be universally traceable in the random oracle model, assuming <span><math><mi>R</mi></math></span> is a universally good reconstruction box. We integrate a tracing mechanism in <span>ABSS-</span>II and propose a second scheme, <span>TTSS-</span>II, which extends <span>TTSS-</span>I by additionally concealing partial information about the additive component of the secret <em>s</em> to introduce non-imputability to prevent the tracer from falsely accusing any honest party by fabricating evidence of its corruption. The security of <span>TTSS-</span>II is also in the random oracle model and relies on the hardness of the discrete logarithm problem.</div></div>","PeriodicalId":48638,"journal":{"name":"Journal of Information Security and Applications","volume":"97 ","pages":"Article 104350"},"PeriodicalIF":3.7,"publicationDate":"2025-12-25","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"145841431","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

引用次数: 0

A large-capacity and robust screen-shooting resilient image watermarking based on attention-enhanced invertible neural network 基于注意增强可逆神经网络的大容量鲁棒截屏弹性图像水印

IF 3.7 2区计算机科学 Q2 COMPUTER SCIENCE, INFORMATION SYSTEMS

Journal of Information Security and Applications

Pub Date : 2025-12-23 DOI: 10.1016/j.jisa.2025.104346

Jingyi Zhang , Zhenzhen Zhang , Zichen Li , Bo Gao , Jinfeng Kou

To address the growing issue of illegal screen-shooting behavior, screen-shooting resilient watermarking has become an increasingly important area of research in copyright protection. This technology aims to resist the complex distortions caused by screen-shooting and accurately extract the watermark from the watermarked images. However, existing screen-shooting resilient watermarking schemes often overlook the importance of the watermark capacity, failing to strike a balance among watermark capacity, robustness and visual quality, which hinders their practical application. To tackle these problems, we propose a large capacity and robust image watermarking scheme based on Invertible Neural Network (INN) in this paper. The proposed method combines INN with a channel-spatial attention mechanism to increase watermark capacity and enhance visual quality. Additionally, a frequency domain feature enhancement (FDFE) module is introduced to assist watermark extraction, improving the model’s robustness in real-world screen-shooting scenarios. The experimental results show that when the embedding capacity increases to 400 bits, the proposed algorithm exhibits stronger resistance to screen-shooting attacks compared to the state-of-the-art (SoTA) algorithm with an embedding capacity of 30 bits. The watermark extraction accuracy of the proposed method remains above 99 % under all shooting angles and distances, with an average extraction accuracy of 99.81 %, significantly outperforming the compared SoTA methods.

为了解决日益严重的非法截屏行为问题，截屏弹性水印已成为版权保护中日益重要的研究领域。该技术旨在抵抗截屏造成的复杂失真，准确地从水印图像中提取水印。然而，现有的截屏弹性水印方案往往忽视了水印容量的重要性，未能在水印容量、鲁棒性和视觉质量之间取得平衡，阻碍了其实际应用。针对这些问题，本文提出了一种基于可逆神经网络（INN）的大容量鲁棒图像水印方案。该方法结合了信道空间注意机制，增加了水印容量，提高了视觉质量。此外，引入了频域特征增强（FDFE）模块来辅助水印提取，提高了模型在实际屏幕拍摄场景中的鲁棒性。实验结果表明，当嵌入容量增加到400比特时，该算法比当前最先进的SoTA算法（嵌入容量为30比特）具有更强的抗截屏攻击能力。在所有拍摄角度和拍摄距离下，该方法的水印提取精度均保持在99%以上，平均提取精度达到99.81%，明显优于SoTA方法。

{"title":"A large-capacity and robust screen-shooting resilient image watermarking based on attention-enhanced invertible neural network","authors":"Jingyi Zhang , Zhenzhen Zhang , Zichen Li , Bo Gao , Jinfeng Kou","doi":"10.1016/j.jisa.2025.104346","DOIUrl":"10.1016/j.jisa.2025.104346","url":null,"abstract":"<div><div>To address the growing issue of illegal screen-shooting behavior, screen-shooting resilient watermarking has become an increasingly important area of research in copyright protection. This technology aims to resist the complex distortions caused by screen-shooting and accurately extract the watermark from the watermarked images. However, existing screen-shooting resilient watermarking schemes often overlook the importance of the watermark capacity, failing to strike a balance among watermark capacity, robustness and visual quality, which hinders their practical application. To tackle these problems, we propose a large capacity and robust image watermarking scheme based on Invertible Neural Network (INN) in this paper. The proposed method combines INN with a channel-spatial attention mechanism to increase watermark capacity and enhance visual quality. Additionally, a frequency domain feature enhancement (FDFE) module is introduced to assist watermark extraction, improving the model’s robustness in real-world screen-shooting scenarios. The experimental results show that when the embedding capacity increases to 400 bits, the proposed algorithm exhibits stronger resistance to screen-shooting attacks compared to the state-of-the-art (SoTA) algorithm with an embedding capacity of 30 bits. The watermark extraction accuracy of the proposed method remains above 99 % under all shooting angles and distances, with an average extraction accuracy of 99.81 %, significantly outperforming the compared SoTA methods.</div></div>","PeriodicalId":48638,"journal":{"name":"Journal of Information Security and Applications","volume":"97 ","pages":"Article 104346"},"PeriodicalIF":3.7,"publicationDate":"2025-12-23","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"145841426","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

引用次数: 0

Dual-driven synergy of blockchain and federated learning for trustworthy medical data sharing in internet of medical things 区块链与联邦学习双驱动协同，实现医疗物联网医疗数据可信共享

IF 3.7 2区计算机科学 Q2 COMPUTER SCIENCE, INFORMATION SYSTEMS

Journal of Information Security and Applications

Pub Date : 2025-12-22 DOI: 10.1016/j.jisa.2025.104348

Chenquan Gan , Xin Tan , Qingyi Zhu , Akanksha Saini , Deepak Kumar Jain , Abebe Diro

In the Internet of Medical Things (IoMT) field, data sharing is crucial for enhancing the quality and efficiency of diagnosis and treatment. However, due to data privacy and security concerns, data sharing among medical institutions is hindered, presenting challenges in integration and privacy protection. To address these issues, we propose a trustworthy medical data sharing method based on the dual-driven synergy of blockchain and federated learning. Different from previous work, it can resist reasoning, poisoning, and collusion attacks because it covers a more comprehensive discussion on privacy, security, and reputation incentives. This method includes: 1) Privacy protection mechanism: integrating random response and differential privacy technology to resist inference attacks, protect model privacy, and reduce the impact of noise on model performance; 2) Dual-quality threshold aggregation mechanism: Precisely filter out malicious and low-quality nodes through quality thresholds, introduce contribution values including node participation to assign aggregation weights to nodes, improve model performance and resist poisoning attacks; 3) Reputation assessment and incentive mechanism: Calculate the reputation value based on the historical performance of nodes, and design a reputation consensus to encourage honest participation of nodes, punish malicious behavior, and at the same time reduce the entry of malicious nodes into the committee to resist collusion attacks. Finally, we compare our method with state-of-the-art approaches on real-world medical image datasets OrganMNIST_A and BloodMNIST. The results demonstrate that our method achieves superior performance in both Accuracy and F1 Score metrics.

在医疗物联网（IoMT）领域，数据共享对于提高诊疗质量和效率至关重要。然而，由于数据隐私和安全问题，阻碍了医疗机构之间的数据共享，在整合和隐私保护方面面临挑战。为了解决这些问题，我们提出了一种基于区块链和联邦学习双驱动协同的可信医疗数据共享方法。与之前的工作不同，它可以抵抗推理、中毒和串通攻击，因为它涵盖了对隐私、安全和声誉激励的更全面的讨论。该方法包括：1)隐私保护机制：结合随机响应和差分隐私技术抵御推理攻击，保护模型隐私，降低噪声对模型性能的影响；2)双质量阈值聚合机制：通过质量阈值精确过滤掉恶意和低质量节点，引入包括节点参与在内的贡献值，为节点分配聚合权值，提高模型性能，抵御投毒攻击；3)声誉评估与激励机制：根据节点的历史表现计算声誉值，设计声誉共识，鼓励节点诚实参与，惩罚恶意行为，同时减少恶意节点进入委员会，抵御合谋攻击。最后，我们将我们的方法与现实世界医学图像数据集OrganMNIST_A和BloodMNIST的最新方法进行了比较。结果表明，我们的方法在准确性和F1分数指标上都取得了优异的性能。

{"title":"Dual-driven synergy of blockchain and federated learning for trustworthy medical data sharing in internet of medical things","authors":"Chenquan Gan , Xin Tan , Qingyi Zhu , Akanksha Saini , Deepak Kumar Jain , Abebe Diro","doi":"10.1016/j.jisa.2025.104348","DOIUrl":"10.1016/j.jisa.2025.104348","url":null,"abstract":"<div><div>In the Internet of Medical Things (IoMT) field, data sharing is crucial for enhancing the quality and efficiency of diagnosis and treatment. However, due to data privacy and security concerns, data sharing among medical institutions is hindered, presenting challenges in integration and privacy protection. To address these issues, we propose a trustworthy medical data sharing method based on the dual-driven synergy of blockchain and federated learning. Different from previous work, it can resist reasoning, poisoning, and collusion attacks because it covers a more comprehensive discussion on privacy, security, and reputation incentives. This method includes: 1) Privacy protection mechanism: integrating random response and differential privacy technology to resist inference attacks, protect model privacy, and reduce the impact of noise on model performance; 2) Dual-quality threshold aggregation mechanism: Precisely filter out malicious and low-quality nodes through quality thresholds, introduce contribution values including node participation to assign aggregation weights to nodes, improve model performance and resist poisoning attacks; 3) Reputation assessment and incentive mechanism: Calculate the reputation value based on the historical performance of nodes, and design a reputation consensus to encourage honest participation of nodes, punish malicious behavior, and at the same time reduce the entry of malicious nodes into the committee to resist collusion attacks. Finally, we compare our method with state-of-the-art approaches on real-world medical image datasets OrganMNIST_A and BloodMNIST. The results demonstrate that our method achieves superior performance in both Accuracy and F1 Score metrics.</div></div>","PeriodicalId":48638,"journal":{"name":"Journal of Information Security and Applications","volume":"97 ","pages":"Article 104348"},"PeriodicalIF":3.7,"publicationDate":"2025-12-22","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"145841427","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

引用次数: 0

Securing large language models: A quantitative assurance framework approach 保护大型语言模型：一种定量保证框架方法

IF 3.7 2区计算机科学 Q2 COMPUTER SCIENCE, INFORMATION SYSTEMS

Journal of Information Security and Applications

Pub Date : 2025-12-20 DOI: 10.1016/j.jisa.2025.104351

Sander Stamnes Karlsen , Muhammad Mudassar Yamin , Ehtesham Hashmi , Basel Katt , Mohib Ullah

Large Language Models (LLMs) are increasingly integrated into sensitive domains such as healthcare and autonomous systems, yet adoption is constrained by security risks that conventional assurance methods do not capture. Traditional software assurance techniques are inadequate for LLM-specific vulnerabilities, including prompt injection, insecure output handling, and training data poisoning. We introduce a quantitative security assurance framework for LLM applications that translates security requirements and vulnerabilities into measurable scores. The framework computes an Assurance Metric (AM) as

A M = R M - V M

, where VM is weighted using CVSS v4.0, and maps results to five security assurance levels, making security posture comparable, auditable, and actionable. Requirements span input/output validation, training data, development and deployment, access control, third-party services, and security procedures; vulnerability tests align with the OWASP Top 10 for LLMs (prompt injection, insecure output handling, training data poisoning, denial of service, sensitive information disclosure, overreliance, and model theft). Case study results show uncensored models (e.g., Llama2-uncensored) exhibit significantly higher exposure, especially to prompt injection and output-handling attacks–while censored and fine-tuned models attain higher assurance levels. Significance and impact: the framework provides transparent, quantitative scoring to compare systems, prioritize mitigations, and support evidence-based deployment and governance in high-takes environments, with continuous human oversight emphasized.

大型语言模型（llm）越来越多地集成到医疗保健和自治系统等敏感领域，但其采用受到传统保证方法无法捕获的安全风险的限制。传统的软件保证技术不足以解决llm特定的漏洞，包括提示注入、不安全的输出处理和训练数据中毒。我们为LLM应用程序引入了一个定量的安全保证框架，将安全需求和漏洞转换为可测量的分数。该框架计算保证度量（AM）为AM=RM - VM，其中VM使用CVSS v4.0进行加权，并将结果映射到五个安全保证级别，使安全状态具有可比性，可审计性和可操作性。需求涵盖输入/输出验证、培训数据、开发和部署、访问控制、第三方服务和安全过程；漏洞测试与OWASP十大llm漏洞（提示注入、不安全的输出处理、训练数据中毒、拒绝服务、敏感信息泄露、过度依赖和模型盗窃）保持一致。案例研究结果表明，未经审查的模型（例如，llama2 - uncensorship）表现出明显更高的风险，特别是对提示注入和输出处理攻击，而审查和微调的模型获得更高的保证级别。重要性和影响：该框架提供透明、定量的评分，以比较系统、优先考虑缓解措施，并支持在高需求环境中基于证据的部署和治理，强调持续的人为监督。

{"title":"Securing large language models: A quantitative assurance framework approach","authors":"Sander Stamnes Karlsen , Muhammad Mudassar Yamin , Ehtesham Hashmi , Basel Katt , Mohib Ullah","doi":"10.1016/j.jisa.2025.104351","DOIUrl":"10.1016/j.jisa.2025.104351","url":null,"abstract":"<div><div>Large Language Models (LLMs) are increasingly integrated into sensitive domains such as healthcare and autonomous systems, yet adoption is constrained by security risks that conventional assurance methods do not capture. Traditional software assurance techniques are inadequate for LLM-specific vulnerabilities, including prompt injection, insecure output handling, and training data poisoning. We introduce a quantitative security assurance framework for LLM applications that translates security requirements and vulnerabilities into measurable scores. The framework computes an Assurance Metric (AM) as <span><math><mrow><mi>A</mi><mi>M</mi><mo>=</mo><mi>R</mi><mi>M</mi><mo>−</mo><mi>V</mi><mi>M</mi></mrow></math></span>, where VM is weighted using CVSS v4.0, and maps results to five security assurance levels, making security posture comparable, auditable, and actionable. Requirements span input/output validation, training data, development and deployment, access control, third-party services, and security procedures; vulnerability tests align with the OWASP Top 10 for LLMs (prompt injection, insecure output handling, training data poisoning, denial of service, sensitive information disclosure, overreliance, and model theft). Case study results show uncensored models (e.g., Llama2-uncensored) exhibit significantly higher exposure, especially to prompt injection and output-handling attacks–while censored and fine-tuned models attain higher assurance levels. Significance and impact: the framework provides transparent, quantitative scoring to compare systems, prioritize mitigations, and support evidence-based deployment and governance in high-takes environments, with continuous human oversight emphasized.</div></div>","PeriodicalId":48638,"journal":{"name":"Journal of Information Security and Applications","volume":"97 ","pages":"Article 104351"},"PeriodicalIF":3.7,"publicationDate":"2025-12-20","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"145790944","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

引用次数: 0

Blockchain-based proxy broadcast signcryption supporting multi-message synchronous transmission suitable for cross-institutional EHRs sharing system 基于区块链的代理广播签名加密，支持多消息同步传输，适用于跨机构电子病历共享系统

IF 3.7 2区计算机科学 Q2 COMPUTER SCIENCE, INFORMATION SYSTEMS

Journal of Information Security and Applications

Pub Date : 2025-12-20 DOI: 10.1016/j.jisa.2025.104349

Yan Gao , Lunzhi Deng , Yaying Wu , Na Wang , Huawei Huang , Siwei Li

In the modern healthcare system, patients’ electronic health records (EHRs) often need to be shared among various medical institutions to support continuous treatment and cross-institutional collaboration. To maintain the confidentiality and authenticity of medical data, improve data-sharing efficiency, and restrict each institution’s access to only its relevant data, a signcryption scheme capable of simultaneously signcrypting distinct EHRs for multiple receivers is an efficient solution for secure cross-institutional data sharing. This paper introduces a blockchain-based proxy broadcast signcryption (PBSC) scheme supporting multi-message synchronous transmission. In our work, patients delegate their signcryption rights to a trusted proxy medical institution, which signcrypts distinct plaintexts into a single ciphertext and stores the ciphertext off-chain. To enforce secure access, we design a blockchain-based access control mechanism, allowing only authorized users to retrieve and decrypt the off-chain ciphertext. Under the random oracle model, we prove the proposed PBSC scheme is confidential and unforgeable. Comparative analysis shows our scheme reduces computational costs by 50 % versus existing state-of-the-art schemes, thus rendering it highly suitable for secure EHRs sharing.

在现代医疗保健系统中，患者的电子健康记录（EHRs）往往需要在不同的医疗机构之间共享，以支持持续治疗和跨机构协作。为了保持医疗数据的机密性和真实性，提高数据共享效率，并限制每个机构只能访问其相关数据，能够同时为多个接收者对不同的电子病历进行签名加密的签名加密方案是安全跨机构数据共享的有效解决方案。介绍了一种支持多消息同步传输的基于区块链的代理广播签名加密（PBSC）方案。在我们的工作中，患者将其签名加密权委托给可信任的代理医疗机构，该代理医疗机构将不同的明文签名为单个密文，并将密文存储在链下。为了加强安全访问，我们设计了一个基于区块链的访问控制机制，只允许授权用户检索和解密链外密文。在随机oracle模型下，我们证明了所提出的PBSC方案具有保密性和不可伪造性。对比分析表明，我们的方案比现有的最先进的方案减少了50%的计算成本，因此非常适合安全的电子病历共享。

{"title":"Blockchain-based proxy broadcast signcryption supporting multi-message synchronous transmission suitable for cross-institutional EHRs sharing system","authors":"Yan Gao , Lunzhi Deng , Yaying Wu , Na Wang , Huawei Huang , Siwei Li","doi":"10.1016/j.jisa.2025.104349","DOIUrl":"10.1016/j.jisa.2025.104349","url":null,"abstract":"<div><div>In the modern healthcare system, patients’ electronic health records (EHRs) often need to be shared among various medical institutions to support continuous treatment and cross-institutional collaboration. To maintain the confidentiality and authenticity of medical data, improve data-sharing efficiency, and restrict each institution’s access to only its relevant data, a signcryption scheme capable of simultaneously signcrypting distinct EHRs for multiple receivers is an efficient solution for secure cross-institutional data sharing. This paper introduces a blockchain-based proxy broadcast signcryption (PBSC) scheme supporting multi-message synchronous transmission. In our work, patients delegate their signcryption rights to a trusted proxy medical institution, which signcrypts distinct plaintexts into a single ciphertext and stores the ciphertext off-chain. To enforce secure access, we design a blockchain-based access control mechanism, allowing only authorized users to retrieve and decrypt the off-chain ciphertext. Under the random oracle model, we prove the proposed PBSC scheme is confidential and unforgeable. Comparative analysis shows our scheme reduces computational costs by 50 % versus existing state-of-the-art schemes, thus rendering it highly suitable for secure EHRs sharing.</div></div>","PeriodicalId":48638,"journal":{"name":"Journal of Information Security and Applications","volume":"97 ","pages":"Article 104349"},"PeriodicalIF":3.7,"publicationDate":"2025-12-20","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"145790945","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

引用次数: 0

SchoCo: Schnorr signature concatenation for extensible tokens SchoCo：可扩展令牌的Schnorr签名连接

IF 3.7 2区计算机科学 Q2 COMPUTER SCIENCE, INFORMATION SYSTEMS

Journal of Information Security and Applications

Pub Date : 2025-12-19 DOI: 10.1016/j.jisa.2025.104327

Marco Antonio Marques , Lucas Cupertino Cardoso , Pedro H. Barcha Correia , Charles Christian Miers , Marcos Antonio Simplicio Junior

The increasing adoption of extensible and decentralized token systems demands efficient and flexible signature schemes. Aggregate signatures enable the combination of multiple signatures on various messages into a single aggregate. Existing techniques often lack support for features such as delegation and extension, or introduce significant complexity without clear advantages over non-aggregated schemes. This paper presents SchoCo, a Schnorr-based half-aggregate scheme designed for extensible tokens. Its security is proven in the random oracle model through a reduction to the existential unforgeability under adaptive chosen-message attacks of the Schnorr signature scheme. The proposed scheme is inspired by the identity-based signature technique developed by Galindo and Garcia. It achieves signature sizes comparable to existing schemes while cutting verification costs by up to 50 %. Furthermore, we show that SchoCo is well-suited for integrating token-based authorization frameworks, using the Biscuit token as a concrete instantiation, with practical gains in both token size and verification efficiency.

越来越多地采用可扩展和分散的令牌系统需要高效灵活的签名方案。聚合签名支持将各种消息上的多个签名组合成单个聚合。现有技术通常缺乏对委托和扩展等特性的支持，或者引入了显著的复杂性，但与非聚合模式相比没有明显的优势。本文提出了SchoCo，一种基于schnorr的半聚合方案，设计用于可扩展令牌。通过将Schnorr签名方案在自适应选择消息攻击下的存在不可伪造性约简，在随机oracle模型中证明了其安全性。该方案的灵感来自Galindo和Garcia开发的基于身份的签名技术。它实现了与现有方案相当的签名大小，同时将验证成本降低了50%。此外，我们表明，SchoCo非常适合集成基于令牌的授权框架，使用Biscuit令牌作为具体实例，在令牌大小和验证效率方面都有实际的收获。

{"title":"SchoCo: Schnorr signature concatenation for extensible tokens","authors":"Marco Antonio Marques , Lucas Cupertino Cardoso , Pedro H. Barcha Correia , Charles Christian Miers , Marcos Antonio Simplicio Junior","doi":"10.1016/j.jisa.2025.104327","DOIUrl":"10.1016/j.jisa.2025.104327","url":null,"abstract":"<div><div>The increasing adoption of extensible and decentralized token systems demands efficient and flexible signature schemes. Aggregate signatures enable the combination of multiple signatures on various messages into a single aggregate. Existing techniques often lack support for features such as delegation and extension, or introduce significant complexity without clear advantages over non-aggregated schemes. This paper presents SchoCo, a Schnorr-based half-aggregate scheme designed for extensible tokens. Its security is proven in the random oracle model through a reduction to the existential unforgeability under adaptive chosen-message attacks of the Schnorr signature scheme. The proposed scheme is inspired by the identity-based signature technique developed by Galindo and Garcia. It achieves signature sizes comparable to existing schemes while cutting verification costs by up to 50 %. Furthermore, we show that SchoCo is well-suited for integrating token-based authorization frameworks, using the Biscuit token as a concrete instantiation, with practical gains in both token size and verification efficiency.</div></div>","PeriodicalId":48638,"journal":{"name":"Journal of Information Security and Applications","volume":"97 ","pages":"Article 104327"},"PeriodicalIF":3.7,"publicationDate":"2025-12-19","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"145791478","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

引用次数: 0

Robust DSSA-Net framework for splicing detection in image encryption domain 鲁棒dsa - net框架在图像加密领域的拼接检测

IF 3.7 2区计算机科学 Q2 COMPUTER SCIENCE, INFORMATION SYSTEMS

Journal of Information Security and Applications

Pub Date : 2025-12-15 DOI: 10.1016/j.jisa.2025.104341

Debolina Ghosh , Ruchira Naskar , Bidesh Chakraborty

One of the most common and widespread types of digital image fraudulence is image splicing attack, which combines contents from several sources into a single composite to deceive viewers. In this work, we address the problem of image splicing detection by proposing a robust deep learning-based framework. Specifically, the detector is built to operate for splicing detection on encrypted images, considering the growing usage of images in encrypted domains in IoT environments. The proposed model operates at two levels of granularity. At level 1, the model answers a binary question: whether an encrypted image is spliced or authentic. We achieve this by adding Self-Attention and Squeeze-and-Excitation modules to a custom DenseNet backbone, which enhances feature discrimination and localization in difficult scenarios like compression and encryption. At level 2, we determine the encryption technique that the image under question has undergone. Dense connections and attention mechanisms allow the network to focus on subtle splicing artifacts, on encrypted image inputs. Our results show that learnable patterns are persistent in encrypted image representations, resulting in robust classification performance.

最常见和最广泛的数字图像欺诈类型之一是图像拼接攻击，它将来自多个来源的内容组合成单个合成物来欺骗观众。在这项工作中，我们通过提出一个基于深度学习的鲁棒框架来解决图像拼接检测问题。具体来说，考虑到物联网环境中加密领域中图像的使用越来越多，该检测器旨在对加密图像进行拼接检测。所建议的模型在两个粒度级别上运行。在第一级，模型回答一个二元问题：加密图像是拼接的还是真实的。我们通过在自定义DenseNet骨干网中添加自关注和压缩激励模块来实现这一点，这增强了在压缩和加密等困难场景下的特征识别和定位。在第2级，我们确定所讨论的图像经过的加密技术。密集的连接和注意机制允许网络专注于细微的拼接工件，加密的图像输入。我们的研究结果表明，可学习模式在加密图像表示中是持久的，从而产生了鲁棒的分类性能。

{"title":"Robust DSSA-Net framework for splicing detection in image encryption domain","authors":"Debolina Ghosh , Ruchira Naskar , Bidesh Chakraborty","doi":"10.1016/j.jisa.2025.104341","DOIUrl":"10.1016/j.jisa.2025.104341","url":null,"abstract":"<div><div>One of the most common and widespread types of digital image fraudulence is image splicing attack, which combines contents from several sources into a single composite to deceive viewers. In this work, we address the problem of image splicing detection by proposing a robust deep learning-based framework. Specifically, the detector is built to operate for splicing detection on encrypted images, considering the growing usage of images in encrypted domains in IoT environments. The proposed model operates at two levels of granularity. At <em>level 1</em>, the model answers a binary question: whether an encrypted image is spliced or authentic. We achieve this by adding Self-Attention and Squeeze-and-Excitation modules to a custom <em>DenseNet</em> backbone, which enhances feature discrimination and localization in difficult scenarios like compression and encryption. At <em>level 2</em>, we determine the encryption technique that the image under question has undergone. Dense connections and attention mechanisms allow the network to focus on subtle splicing artifacts, on encrypted image inputs. Our results show that learnable patterns are persistent in encrypted image representations, resulting in robust classification performance.</div></div>","PeriodicalId":48638,"journal":{"name":"Journal of Information Security and Applications","volume":"97 ","pages":"Article 104341"},"PeriodicalIF":3.7,"publicationDate":"2025-12-15","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"145791477","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

引用次数: 0

Knit scrambling: A novel image scrambling framework and its demonstration in image encryption 编织置乱：一种新的图像置乱框架及其在图像加密中的应用

IF 3.7 2区计算机科学 Q2 COMPUTER SCIENCE, INFORMATION SYSTEMS

Journal of Information Security and Applications

Pub Date : 2025-12-15 DOI: 10.1016/j.jisa.2025.104326

Muhammed Saadetdin KAYA , Kenan İNCE

The exponential growth of visual data and the expansion of resource-constrained IoT platforms have intensified the demand for lightweight yet secure image protection schemes. Conventional ciphers, while cryptographically strong, often fail to meet real-time and hardware-efficiency requirements for image data. To address this gap, this study presents the Knit Scrambling (KS) framework, a textile-inspired deterministic permutation framework designed for reversible image scrambling with linear computational cost. This approach models an image as a sequence interwoven from multiple subsequences following cyclic knitting patterns, ensuring both reversibility and high diffusion. A specific instantiation, termed Triple Check Pattern (TCP), realizes the KS framework by dividing the image into three subsequences and applying cyclic pattern rotations to enhance pixel decorrelation while preserving strict invertibility. The confusion process is integrated with a lightweight diffusion stage based on a key-nonce-derived chaotic keystream generated by a one-dimensional logistic map, eliminating plaintext dependence and enabling per-image uniqueness. Experimental analyses conducted on benchmark color images show near-uniform histograms, high entropy close to eight bits, and strong differential performance, with average NPCR around 99.6 percent and UACI approximately 33.5 percent. Statistical randomness evaluation using the NIST SP 800-22 test suite confirms the scheme’s ability to produce unpredictable ciphertexts, while runtime benchmarking on both desktop and embedded-class hardware demonstrates real-time feasibility. The results indicate that the proposed framework provides an effective and hardware-efficient alternative to existing chaos-based and geometric scrambling approaches for lightweight image encryption in IoT environments. The proposed framework (KS) defines a general textile-inspired permutation model, while its implementation through the TCP algorithm demonstrates how this model can be practically realized to achieve efficient and reversible image scrambling.

视觉数据的指数级增长和资源受限的物联网平台的扩展加剧了对轻量级但安全的图像保护方案的需求。传统的密码虽然密码学很强，但往往不能满足图像数据的实时性和硬件效率要求。为了解决这一差距，本研究提出了针织置乱（KS）框架，这是一种受纺织品启发的确定性排列框架，设计用于具有线性计算成本的可逆图像置乱。这种方法将图像建模为由多个子序列按照循环编织模式交织而成的序列，确保了可逆性和高扩散性。一个具体的实例，称为三重检查模式（TCP），通过将图像划分为三个子序列并应用循环模式旋转来实现KS框架，以增强像素去相关，同时保持严格的可逆性。混淆过程与基于一维逻辑映射生成的键非派生混沌密钥流的轻量级扩散阶段相集成，消除了明文依赖并实现了每个图像的唯一性。对基准彩色图像进行的实验分析显示，直方图接近均匀，高熵接近8位，差异性能强，平均NPCR约为99.6%，UACI约为33.5%。使用NIST SP 800-22测试套件的统计随机性评估证实了该方案产生不可预测的密文的能力，而在桌面和嵌入式类硬件上的运行时基准测试证明了实时可行性。结果表明，所提出的框架为物联网环境中的轻量级图像加密提供了一种有效且硬件效率高的替代方案，可以替代现有的基于混沌和几何置乱的方法。提出的框架（KS）定义了一个通用的纺织品启发的排列模型，而通过TCP算法的实现演示了该模型如何实际实现，以实现高效和可逆的图像置乱。

{"title":"Knit scrambling: A novel image scrambling framework and its demonstration in image encryption","authors":"Muhammed Saadetdin KAYA , Kenan İNCE","doi":"10.1016/j.jisa.2025.104326","DOIUrl":"10.1016/j.jisa.2025.104326","url":null,"abstract":"<div><div>The exponential growth of visual data and the expansion of resource-constrained IoT platforms have intensified the demand for lightweight yet secure image protection schemes. Conventional ciphers, while cryptographically strong, often fail to meet real-time and hardware-efficiency requirements for image data. To address this gap, this study presents the Knit Scrambling (KS) framework, a textile-inspired deterministic permutation framework designed for reversible image scrambling with linear computational cost. This approach models an image as a sequence interwoven from multiple subsequences following cyclic knitting patterns, ensuring both reversibility and high diffusion. A specific instantiation, termed Triple Check Pattern (TCP), realizes the KS framework by dividing the image into three subsequences and applying cyclic pattern rotations to enhance pixel decorrelation while preserving strict invertibility. The confusion process is integrated with a lightweight diffusion stage based on a key-nonce-derived chaotic keystream generated by a one-dimensional logistic map, eliminating plaintext dependence and enabling per-image uniqueness. Experimental analyses conducted on benchmark color images show near-uniform histograms, high entropy close to eight bits, and strong differential performance, with average NPCR around 99.6 percent and UACI approximately 33.5 percent. Statistical randomness evaluation using the NIST SP 800-22 test suite confirms the scheme’s ability to produce unpredictable ciphertexts, while runtime benchmarking on both desktop and embedded-class hardware demonstrates real-time feasibility. The results indicate that the proposed framework provides an effective and hardware-efficient alternative to existing chaos-based and geometric scrambling approaches for lightweight image encryption in IoT environments. The proposed framework (KS) defines a general textile-inspired permutation model, while its implementation through the TCP algorithm demonstrates how this model can be practically realized to achieve efficient and reversible image scrambling.</div></div>","PeriodicalId":48638,"journal":{"name":"Journal of Information Security and Applications","volume":"97 ","pages":"Article 104326"},"PeriodicalIF":3.7,"publicationDate":"2025-12-15","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"145791475","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

引用次数: 0

Lightweight orthogonal perturbation for privacy-preserving federated learning against poisoning attacks 针对中毒攻击的保护隐私的联邦学习轻量级正交摄动

IF 3.7 2区计算机科学 Q2 COMPUTER SCIENCE, INFORMATION SYSTEMS

Journal of Information Security and Applications

Pub Date : 2025-12-15 DOI: 10.1016/j.jisa.2025.104345

Chuanyu Peng , Hequn Xian

Federated Learning (FL) is a distributed machine learning approach where multiple users collaboratively train a shared model without sharing raw data, thereby preserving data privacy. However, FL remains vulnerable to inference and poisoning attacks, which can compromise privacy and degrade global model performance. Therefore, many privacy-preserving frameworks have been proposed. Among these, mask-based frameworks provide advantages in efficiency and flexibility, but are particularly susceptible to poisoning attacks by malicious users. To overcome this challenge, we propose LOPAS-FL, an efficient, privacy-preserving, and robust mask-based federated learning scheme. It first introduces a gradient-splitting and orthogonal perturbation mechanism to ensure privacy through computational indistinguishability. Meanwhile, a dual-server architecture conducts multi-dimensional verification across gradient direction, distribution, and homogeneity. Only gradients that pass all validations are aggregated. This approach effectively defends against poisoning attacks and ensures the quality and robustness of the final model. Security analysis and experiments show that LOPAS-FL effectively detects and mitigates poisoning attacks, outperforming existing approaches in efficiency.

联邦学习（FL）是一种分布式机器学习方法，其中多个用户协作训练共享模型，而不共享原始数据，从而保护数据隐私。然而，FL仍然容易受到推理和中毒攻击，这可能会损害隐私并降低全局模型的性能。因此，人们提出了许多隐私保护框架。其中，基于掩码的框架在效率和灵活性方面具有优势，但特别容易受到恶意用户的中毒攻击。为了克服这一挑战，我们提出了一种高效、隐私保护和鲁棒的基于掩码的联邦学习方案LOPAS-FL。它首先引入了梯度分裂和正交摄动机制，通过计算不可区分来确保隐私。同时，双服务器架构跨梯度方向、分布和同质性进行多维度验证。只有通过所有验证的梯度才被聚合。这种方法有效地防御了中毒攻击，并确保了最终模型的质量和健壮性。安全分析和实验表明，LOPAS-FL可以有效检测和减轻中毒攻击，效率优于现有方法。

{"title":"Lightweight orthogonal perturbation for privacy-preserving federated learning against poisoning attacks","authors":"Chuanyu Peng , Hequn Xian","doi":"10.1016/j.jisa.2025.104345","DOIUrl":"10.1016/j.jisa.2025.104345","url":null,"abstract":"<div><div>Federated Learning (FL) is a distributed machine learning approach where multiple users collaboratively train a shared model without sharing raw data, thereby preserving data privacy. However, FL remains vulnerable to inference and poisoning attacks, which can compromise privacy and degrade global model performance. Therefore, many privacy-preserving frameworks have been proposed. Among these, mask-based frameworks provide advantages in efficiency and flexibility, but are particularly susceptible to poisoning attacks by malicious users. To overcome this challenge, we propose LOPAS-FL, an efficient, privacy-preserving, and robust mask-based federated learning scheme. It first introduces a gradient-splitting and orthogonal perturbation mechanism to ensure privacy through computational indistinguishability. Meanwhile, a dual-server architecture conducts multi-dimensional verification across gradient direction, distribution, and homogeneity. Only gradients that pass all validations are aggregated. This approach effectively defends against poisoning attacks and ensures the quality and robustness of the final model. Security analysis and experiments show that LOPAS-FL effectively detects and mitigates poisoning attacks, outperforming existing approaches in efficiency.</div></div>","PeriodicalId":48638,"journal":{"name":"Journal of Information Security and Applications","volume":"97 ","pages":"Article 104345"},"PeriodicalIF":3.7,"publicationDate":"2025-12-15","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"145791476","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

引用次数: 0