Journal of Information Security and Applications最新文献_第7页

Moving target defense for DDos mitigation with shuffling of critical edge(s) connections 移动目标防御DDos缓解与关键边缘(s)连接的洗牌

IF 3.7 2区计算机科学 Q2 COMPUTER SCIENCE, INFORMATION SYSTEMS

Journal of Information Security and Applications

Pub Date : 2026-03-01 Epub Date: 2025-12-26 DOI: 10.1016/j.jisa.2025.104347

Amir Javadpour , Forough Ja’ Fari , Tarik Taleb , Chafika Benzaïd

Moving Target Defense (MTD) has as a widely adopted approach to mitigate vulnerability exploitation. It is a widely adopted approach to mitigate the exploitation of vulnerabilities. Its dynamic and proactive nature makes it well-suited for SDNs requiring comprehensive and continuous monitoring. A core objective of MTD is to minimize the number of hosts shuffled while maintaining robust security and low scrambling frequency. This paper introduces a novel approach, the Number of Edge Connections (NoEC) strategy, aimed at mitigating Distributed Denial of Service (DDoS) attacks in a resource-efficient manner. This is achieved by strategically reconfiguring a select group of highly connected hosts known as “Edges” to protect critical assets. This approach enhances analytical clarity and supports informed selection of defense strategies tailored to specific edge deployment scenarios. We designed a system utilizing NoEC and conducted simulations using Mininet. The results show that NoEC reduces the complexity by 55.12 % compared to previous MTD methods while increasing the security level by 15.72 %. Among the techniques, topology randomization and edge node shuffling show the highest disruption effect, validating the approach’s practical viability and robustness in defending edge infrastructures.

移动目标防御（MTD）是一种被广泛采用的减少漏洞利用的方法。这是一种广泛采用的方法，以减轻漏洞的利用。其动态和主动的性质使其非常适合需要全面和连续监测的sdn。MTD的核心目标是在保持高安全性和低置乱频率的同时，最大限度地减少打乱的主机数量。本文介绍了一种新颖的方法，边缘连接数（NoEC）策略，旨在以资源高效的方式减轻分布式拒绝服务（DDoS）攻击。这是通过战略性地重新配置一组高度连接的主机来实现的，这些主机被称为“边缘”，以保护关键资产。这种方法增强了分析的清晰度，并支持针对特定边缘部署场景量身定制的明智的防御策略选择。我们利用NoEC设计了一个系统，并使用Mininet进行了模拟。结果表明，NoEC方法比以前的MTD方法降低了55.12%的复杂度，同时提高了15.72%的安全性。其中，拓扑随机化和边缘节点洗牌的干扰效果最好，验证了该方法在边缘基础设施防御中的实际可行性和鲁棒性。

{"title":"Moving target defense for DDos mitigation with shuffling of critical edge(s) connections","authors":"Amir Javadpour , Forough Ja’ Fari , Tarik Taleb , Chafika Benzaïd","doi":"10.1016/j.jisa.2025.104347","DOIUrl":"10.1016/j.jisa.2025.104347","url":null,"abstract":"<div><div>Moving Target Defense (MTD) has as a widely adopted approach to mitigate vulnerability exploitation. It is a widely adopted approach to mitigate the exploitation of vulnerabilities. Its dynamic and proactive nature makes it well-suited for SDNs requiring comprehensive and continuous monitoring. A core objective of MTD is to minimize the number of hosts shuffled while maintaining robust security and low scrambling frequency. This paper introduces a novel approach, the Number of Edge Connections (NoEC) strategy, aimed at mitigating Distributed Denial of Service (DDoS) attacks in a resource-efficient manner. This is achieved by strategically reconfiguring a select group of highly connected hosts known as “Edges” to protect critical assets. This approach enhances analytical clarity and supports informed selection of defense strategies tailored to specific edge deployment scenarios. We designed a system utilizing NoEC and conducted simulations using Mininet. The results show that NoEC reduces the complexity by 55.12 % compared to previous MTD methods while increasing the security level by 15.72 %. Among the techniques, topology randomization and edge node shuffling show the highest disruption effect, validating the approach’s practical viability and robustness in defending edge infrastructures.</div></div>","PeriodicalId":48638,"journal":{"name":"Journal of Information Security and Applications","volume":"97 ","pages":"Article 104347"},"PeriodicalIF":3.7,"publicationDate":"2026-03-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"145841428","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

引用次数: 0

A traceable threshold Asmuth–Bloom secret sharing scheme 可追踪阈值Asmuth-Bloom秘密共享方案

IF 3.7 2区计算机科学 Q2 COMPUTER SCIENCE, INFORMATION SYSTEMS

Journal of Information Security and Applications

Pub Date : 2026-03-01 Epub Date: 2025-12-25 DOI: 10.1016/j.jisa.2025.104350

Maria Leslie, Ratna Dutta

In a (t, n)-threshold secret sharing scheme, accountability is crucial when a subset of f < t servers collude to leak secret shares. Traceable Threshold Secret Sharing (TTSS) ensures that leaked shares can be traced back to the compromised servers while preventing false accusations through non-imputability. In Crypto’24, Boneh et al. proposed new definitions and more practical constructions for TTSS based on Shamir’s and Blakley’s secret sharing schemes, removing the practical limitation of existing TTSS.

Our work presents a TTSS scheme built upon an additive variant of the Asmuth-Bloom scheme, relying only on oracle access to the reconstruction box

R

. In our model, a subset of f < t colluding servers can construct a reconstruction box

R

that recovers the secret with the assistance of an additional

t - f

random shares. We note that integrating tracing in the standard (t, n)-Asmuth-Bloom Secret Sharing (ABSS) scheme exhibits a tracing leakage issue. We fix this limitation by introducing additive variants of ABSS, ABSS-I and ABSS-II that retain the security of the original scheme ABSS while splitting the secret s into t additive components and generating all shares from the additive components of s. Based on ABSS-I, we construct a TTSS scheme, TTSS-I, that introduces traceability into the framework and is proven to be universally traceable in the random oracle model, assuming

R

is a universally good reconstruction box. We integrate a tracing mechanism in ABSS-II and propose a second scheme, TTSS-II, which extends TTSS-I by additionally concealing partial information about the additive component of the secret s to introduce non-imputability to prevent the tracer from falsely accusing any honest party by fabricating evidence of its corruption. The security of TTSS-II is also in the random oracle model and relies on the hardness of the discrete logarithm problem.

在（t, n）阈值秘密共享方案中，当f子集 <； t服务器串通泄露秘密共享时，问责制是至关重要的。可追踪的阈值秘密共享（TTSS）确保泄露的共享可以追溯到受损的服务器，同时通过不可归责性防止虚假指控。在Crypto’24中，Boneh等人基于Shamir和Blakley的秘密共享方案，提出了新的TTSS定义和更实用的TTSS结构，消除了现有TTSS的实际限制。我们的工作提出了一种基于Asmuth-Bloom方案的附加变体的TTSS方案，仅依赖于oracle对重建盒R的访问。在我们的模型中，f <； t个共谋服务器的子集可以构建一个重建盒R，该重建盒R在额外的t−f个随机共享的帮助下恢复秘密。我们注意到，在标准(t, n)-Asmuth-Bloom秘密共享（ABSS）方案中集成跟踪显示出跟踪泄漏问题。我们通过引入ABSS， ABSS- i和ABSS- ii的加性变体来解决这一限制，这些变体保留了原始方案ABSS的安全性，同时将秘密s拆分为t个加性组件，并从s的加性组件生成所有共享。基于ABSS- i，我们构建了一个TTSS方案TTSS- i，该方案在框架中引入了可追溯性，并在随机oracle模型中被证明是普遍可追溯的，假设R是一个普遍良好的重建盒。我们在ABSS-II中集成了一种追踪机制，并提出了第二种方案TTSS-II，该方案扩展了TTSS-I，通过额外隐藏有关秘密s的附加成分的部分信息来引入非归罪性，以防止追踪者通过伪造其腐败证据而错误地指控任何诚实的一方。TTSS-II的安全性也在随机oracle模型中，依赖于离散对数问题的硬度。

{"title":"A traceable threshold Asmuth–Bloom secret sharing scheme","authors":"Maria Leslie, Ratna Dutta","doi":"10.1016/j.jisa.2025.104350","DOIUrl":"10.1016/j.jisa.2025.104350","url":null,"abstract":"<div><div>In a (<em>t, n</em>)-threshold secret sharing scheme, accountability is crucial when a subset of <em>f</em> < <em>t</em> servers collude to leak secret shares. <em>Traceable Threshold Secret Sharing</em> (<span>TTSS</span>) ensures that leaked shares can be traced back to the compromised servers while preventing false accusations through non-imputability. In Crypto’24, Boneh et al. proposed new definitions and more practical constructions for <span>TTSS</span> based on Shamir’s and Blakley’s secret sharing schemes, removing the practical limitation of existing <span>TTSS</span>.</div><div>Our work presents a <span>TTSS</span> scheme built upon an additive variant of the Asmuth-Bloom scheme, relying only on oracle access to the reconstruction box <span><math><mi>R</mi></math></span>. In our model, a subset of <em>f</em> < <em>t</em> colluding servers can construct a reconstruction box <span><math><mi>R</mi></math></span> that recovers the secret with the assistance of an additional <span><math><mrow><mi>t</mi><mo>−</mo><mi>f</mi></mrow></math></span> random shares. We note that integrating tracing in the standard (<em>t, n</em>)-Asmuth-Bloom Secret Sharing (<span>ABSS</span>) scheme exhibits a tracing leakage issue. We fix this limitation by introducing additive variants of <span>ABSS</span>, <span>ABSS-</span>I and <span>ABSS-</span>II that retain the security of the original scheme <span>ABSS</span> while splitting the secret <em>s</em> into <em>t</em> additive components and generating all shares from the additive components of <em>s</em>. Based on <span>ABSS-</span>I, we construct a <span>TTSS</span> scheme, <span>TTSS-</span>I, that introduces traceability into the framework and is proven to be universally traceable in the random oracle model, assuming <span><math><mi>R</mi></math></span> is a universally good reconstruction box. We integrate a tracing mechanism in <span>ABSS-</span>II and propose a second scheme, <span>TTSS-</span>II, which extends <span>TTSS-</span>I by additionally concealing partial information about the additive component of the secret <em>s</em> to introduce non-imputability to prevent the tracer from falsely accusing any honest party by fabricating evidence of its corruption. The security of <span>TTSS-</span>II is also in the random oracle model and relies on the hardness of the discrete logarithm problem.</div></div>","PeriodicalId":48638,"journal":{"name":"Journal of Information Security and Applications","volume":"97 ","pages":"Article 104350"},"PeriodicalIF":3.7,"publicationDate":"2026-03-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"145841431","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

引用次数: 0

Implications of applying emulation data to machine learning-based intrusion detection systems 仿真数据应用于基于机器学习的入侵检测系统的意义

IF 3.7 2区计算机科学 Q2 COMPUTER SCIENCE, INFORMATION SYSTEMS

Journal of Information Security and Applications

Pub Date : 2026-03-01 Epub Date: 2026-01-17 DOI: 10.1016/j.jisa.2025.104362

Maximilian Wolf , Kevin Bergner , Pascal Förtsch, Dieter Landes

Intrusion detection systems (IDS) require high-quality benchmark data sets for evaluating their performance in distinguishing suspicious activities from normal behavior patterns. While real-world network environments often consist of physical hardware components, it is, however, difficult to generate an IDS benchmark data set in a real-world network environment for reasons such as scalability, costs, anonymity in real-world data, infrastructure, and availability of hardware components. A solution to this problem is the usage of emulated network environments to create IDS benchmark data sets. Nevertheless, it is unclear whether emulated data represents physical network characteristics based on the recorded data patterns. Several IDS benchmark data sets were generated in the past, but none addressed the described infrastructure gap so far. To address this issue, we recreated a small physical enterprise network by using an emulated network environment. Inside both networks, we executed identical script-based user behavior, which includes six normal behavior categories and one attack behavior category. To check whether the emulated data are a suitable proxy for training machine learning-based IDS, recorded host and network data sources of both simulation environments are analyzed via diverse approaches. We use Wasserstein distances to compare the properties of the data distributions. Subsequently, we apply established classification metrics to evaluate the performances of a collection of machine learning-based classifiers on the data. For both host and network data, differences between emulated and actual hardware-based data could be identified. In general, the machine learning-based performances show that emulated IDS data is a good proxy for hardware-generated data produced on actual devices during our experiments.

入侵检测系统（IDS）需要高质量的基准数据集来评估其在区分可疑活动和正常行为模式方面的性能。虽然真实的网络环境通常由物理硬件组件组成，但是，由于可伸缩性、成本、真实数据的匿名性、基础设施和硬件组件的可用性等原因，很难在真实的网络环境中生成IDS基准数据集。这个问题的解决方案是使用模拟网络环境来创建IDS基准数据集。然而，尚不清楚模拟数据是否表示基于记录数据模式的物理网络特征。过去生成了几个IDS基准数据集，但是到目前为止没有一个解决了所描述的基础设施差距。为了解决这个问题，我们使用模拟的网络环境重新创建了一个小型的物理企业网络。在这两个网络中，我们执行了相同的基于脚本的用户行为，其中包括六种正常行为类别和一种攻击行为类别。为了检查模拟数据是否适合用于训练基于机器学习的IDS，通过不同的方法分析了两种模拟环境中记录的主机和网络数据源。我们使用Wasserstein距离来比较数据分布的性质。随后，我们应用已建立的分类指标来评估一组基于机器学习的分类器对数据的性能。对于主机和网络数据，可以识别出仿真数据和实际基于硬件的数据之间的差异。一般来说，基于机器学习的性能表明，在我们的实验中，模拟的IDS数据是在实际设备上产生的硬件生成数据的良好代理。

{"title":"Implications of applying emulation data to machine learning-based intrusion detection systems","authors":"Maximilian Wolf , Kevin Bergner , Pascal Förtsch, Dieter Landes","doi":"10.1016/j.jisa.2025.104362","DOIUrl":"10.1016/j.jisa.2025.104362","url":null,"abstract":"<div><div>Intrusion detection systems (IDS) require high-quality benchmark data sets for evaluating their performance in distinguishing suspicious activities from normal behavior patterns. While real-world network environments often consist of physical hardware components, it is, however, difficult to generate an IDS benchmark data set in a real-world network environment for reasons such as scalability, costs, anonymity in real-world data, infrastructure, and availability of hardware components. A solution to this problem is the usage of emulated network environments to create IDS benchmark data sets. Nevertheless, it is unclear whether emulated data represents physical network characteristics based on the recorded data patterns. Several IDS benchmark data sets were generated in the past, but none addressed the described infrastructure gap so far. To address this issue, we recreated a small physical enterprise network by using an emulated network environment. Inside both networks, we executed identical script-based user behavior, which includes six normal behavior categories and one attack behavior category. To check whether the emulated data are a suitable proxy for training machine learning-based IDS, recorded host and network data sources of both simulation environments are analyzed via diverse approaches. We use Wasserstein distances to compare the properties of the data distributions. Subsequently, we apply established classification metrics to evaluate the performances of a collection of machine learning-based classifiers on the data. For both host and network data, differences between emulated and actual hardware-based data could be identified. In general, the machine learning-based performances show that emulated IDS data is a good proxy for hardware-generated data produced on actual devices during our experiments.</div></div>","PeriodicalId":48638,"journal":{"name":"Journal of Information Security and Applications","volume":"97 ","pages":"Article 104362"},"PeriodicalIF":3.7,"publicationDate":"2026-03-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"145977328","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

引用次数: 0

Software supply chain: A taxonomy of attacks, mitigations and risk assessment strategies 软件供应链：攻击、缓解和风险评估策略的分类

IF 3.7 2区计算机科学 Q2 COMPUTER SCIENCE, INFORMATION SYSTEMS

Journal of Information Security and Applications

Pub Date : 2026-03-01 Epub Date: 2025-12-11 DOI: 10.1016/j.jisa.2025.104324

Betul Gokkaya, Leonardo Aniello, Basel Halak

The software product is a source of cyber-attacks that target organizations by using their software supply chain (SSC) as a distribution vector. As the reliance of software projects on open-source or proprietary modules is increasing drastically, SSC is becoming more and more critical and, therefore, has attracted the interest of cyber attackers. While existing studies primarily focus on software supply chain attacks’ prevention and detection methods, there is a need for a broad overview of attacks and comprehensive risk assessment for software supply chain security. This study conducts a systematic literature review to fill this gap. By analyzing 96 papers published between 2015-2023, we identified 19 distinct SSC attacks, including 6 novel attacks highlighted in recent studies. Additionally, we developed 25 specific security controls and established a precisely mapped taxonomy that transparently links each control to one or more specific attacks. By establishing this relationship, we demonstrate how SSC security controls are strategically designed to counteract specific attack vectors. Furthermore, we emphasize the role of risk assessment as a foundational step in understanding and prioritizing these vulnerabilities. This study introduces a risk assessment methodology tailored to software supply chain environments, focusing on identifying vulnerabilities in software components, dependencies, and suppliers. The proposed methodology enables organizations to systematically prioritize threats and implement appropriate mitigation strategies.

软件产品是网络攻击的一个来源，通过将组织的软件供应链（SSC）作为分发载体来攻击组织。随着软件项目对开源或专有模块的依赖急剧增加，SSC变得越来越重要，因此引起了网络攻击者的兴趣。现有的研究主要集中在软件供应链攻击的预防和检测方法上，需要对软件供应链安全的攻击进行广泛的概述和全面的风险评估。本研究通过系统的文献综述来填补这一空白。通过分析2015-2023年间发表的96篇论文，我们确定了19种不同的SSC攻击，包括最近研究中突出的6种新型攻击。此外，我们开发了25个特定的安全控件，并建立了一个精确映射的分类法，将每个控件透明地链接到一个或多个特定的攻击。通过建立这种关系，我们演示了如何战略性地设计SSC安全控制来对抗特定的攻击向量。此外，我们强调风险评估作为理解和优先考虑这些脆弱性的基础步骤的作用。本研究介绍了一种针对软件供应链环境的风险评估方法，着重于识别软件组件、依赖关系和供应商中的漏洞。拟议的方法使各组织能够系统地确定威胁的优先次序并实施适当的缓解战略。

{"title":"Software supply chain: A taxonomy of attacks, mitigations and risk assessment strategies","authors":"Betul Gokkaya, Leonardo Aniello, Basel Halak","doi":"10.1016/j.jisa.2025.104324","DOIUrl":"10.1016/j.jisa.2025.104324","url":null,"abstract":"<div><div>The software product is a source of cyber-attacks that target organizations by using their software supply chain (SSC) as a distribution vector. As the reliance of software projects on open-source or proprietary modules is increasing drastically, SSC is becoming more and more critical and, therefore, has attracted the interest of cyber attackers. While existing studies primarily focus on software supply chain attacks’ prevention and detection methods, there is a need for a broad overview of attacks and comprehensive risk assessment for software supply chain security. This study conducts a systematic literature review to fill this gap. By analyzing 96 papers published between 2015-2023, we identified 19 distinct SSC attacks, including 6 novel attacks highlighted in recent studies. Additionally, we developed 25 specific security controls and established a precisely mapped taxonomy that transparently links each control to one or more specific attacks. By establishing this relationship, we demonstrate how SSC security controls are strategically designed to counteract specific attack vectors. Furthermore, we emphasize the role of risk assessment as a foundational step in understanding and prioritizing these vulnerabilities. This study introduces a risk assessment methodology tailored to software supply chain environments, focusing on identifying vulnerabilities in software components, dependencies, and suppliers. The proposed methodology enables organizations to systematically prioritize threats and implement appropriate mitigation strategies.</div></div>","PeriodicalId":48638,"journal":{"name":"Journal of Information Security and Applications","volume":"97 ","pages":"Article 104324"},"PeriodicalIF":3.7,"publicationDate":"2026-03-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"145738765","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

引用次数: 0

RL-IDS: A robust and lightweight intrusion detection system for in-vehicle network RL-IDS：一种鲁棒且轻量级的车载网络入侵检测系统

IF 3.7 2区计算机科学 Q2 COMPUTER SCIENCE, INFORMATION SYSTEMS

Journal of Information Security and Applications

Pub Date : 2026-03-01 Epub Date: 2025-12-30 DOI: 10.1016/j.jisa.2025.104361

Jianjun Yuan, Hong Sun, Rong Cao, Guojun Huang

As a standard protocol for in-vehicle networks, the Controller Area Network (CAN) effectively facilitates communication among electronic control units. However, due to the lack of necessary security mechanisms in CAN, hackers can exploit the CAN bus to launch various attacks on vehicles. To enhance vehicle security, an intrusion detection system (IDS) can be deployed to detect attacks in the CAN bus. This paper proposes a robust and lightweight intrusion detection system (RL-IDS) for detecting attacks in CAN traffic. RL-IDS is built upon an unsupervised learning model to address the limitation of supervised methods, which cannot detect previously unknown attacks. Furthermore, to address the issue that unsupervised models are difficult to use in-vehicle networks due to their high complexity, we utilize the teacher-student network architecture to perform lightweight optimization of RL-IDS. Experimental results on real in-vehicle network intrusion detection datasets (car hacking dataset and survival analysis dataset) demonstrate that compared with state-of-the-art methods, RL-IDS achieves competitive attack detection performance while ensuring a higher degree of lightweight.

控制器局域网（CAN）作为车载网络的标准协议，有效地促进了电子控制单元之间的通信。然而，由于CAN缺乏必要的安全机制，黑客可以利用CAN总线对车辆发动各种攻击。为了提高车辆的安全性，可以部署入侵检测系统（IDS）来检测can总线上的攻击。本文提出了一种鲁棒、轻量级的入侵检测系统（RL-IDS），用于检测CAN通信中的攻击。RL-IDS建立在无监督学习模型之上，以解决监督方法的局限性，即无法检测到先前未知的攻击。此外，为了解决无监督模型由于其高复杂性而难以使用车载网络的问题，我们利用师生网络架构对RL-IDS进行轻量级优化。在真实车载网络入侵检测数据集（汽车黑客数据集和生存分析数据集）上的实验结果表明，与最先进的方法相比，RL-IDS在确保更高轻量化程度的同时，实现了具有竞争力的攻击检测性能。

{"title":"RL-IDS: A robust and lightweight intrusion detection system for in-vehicle network","authors":"Jianjun Yuan, Hong Sun, Rong Cao, Guojun Huang","doi":"10.1016/j.jisa.2025.104361","DOIUrl":"10.1016/j.jisa.2025.104361","url":null,"abstract":"<div><div>As a standard protocol for in-vehicle networks, the Controller Area Network (CAN) effectively facilitates communication among electronic control units. However, due to the lack of necessary security mechanisms in CAN, hackers can exploit the CAN bus to launch various attacks on vehicles. To enhance vehicle security, an intrusion detection system (IDS) can be deployed to detect attacks in the CAN bus. This paper proposes a robust and lightweight intrusion detection system (RL-IDS) for detecting attacks in CAN traffic. RL-IDS is built upon an unsupervised learning model to address the limitation of supervised methods, which cannot detect previously unknown attacks. Furthermore, to address the issue that unsupervised models are difficult to use in-vehicle networks due to their high complexity, we utilize the teacher-student network architecture to perform lightweight optimization of RL-IDS. Experimental results on real in-vehicle network intrusion detection datasets (car hacking dataset and survival analysis dataset) demonstrate that compared with state-of-the-art methods, RL-IDS achieves competitive attack detection performance while ensuring a higher degree of lightweight.</div></div>","PeriodicalId":48638,"journal":{"name":"Journal of Information Security and Applications","volume":"97 ","pages":"Article 104361"},"PeriodicalIF":3.7,"publicationDate":"2026-03-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"145884192","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

引用次数: 0

FRIDA: Free-rider detection using privacy attacks FRIDA：使用隐私攻击的搭便车检测

IF 3.7 2区计算机科学 Q2 COMPUTER SCIENCE, INFORMATION SYSTEMS

Journal of Information Security and Applications

Pub Date : 2026-03-01 Epub Date: 2025-12-30 DOI: 10.1016/j.jisa.2025.104357

Pol G. Recasens , Ádám Horváth , Alberto Gutierrez-Torre , Jordi Torres , Josep Ll Berral , Balázs Pejó

Federated learning is increasingly popular as it enables multiple parties with limited datasets and resources to train a machine learning model collaboratively. However, similar to other collaborative systems, federated learning is vulnerable to free-riders — participants who benefit from the global model without contributing. Free-riders compromise the integrity of the learning process and slow down the convergence of the global model, resulting in increased costs for honest participants. To address this challenge, we propose FRIDA: free-rider detection using privacy attacks. Instead of focusing on implicit effects of free-riding, FRIDA utilizes membership and property inference attacks to directly infer evidence of genuine client training. Our extensive evaluation demonstrates that FRIDA is effective across a wide range of scenarios.

联邦学习越来越受欢迎，因为它使具有有限数据集和资源的多方能够协作训练机器学习模型。然而，与其他协作系统类似，联邦学习很容易受到搭便车者的影响——参与者从全球模式中受益，却没有做出贡献。搭便车者损害了学习过程的完整性，减缓了全球模式的趋同，导致诚实参与者的成本增加。为了应对这一挑战，我们提出了FRIDA：使用隐私攻击的搭便车检测。FRIDA没有关注搭便车的隐性影响，而是利用成员资格和财产推理攻击来直接推断真实客户培训的证据。我们的广泛评估表明，FRIDA在各种情况下都是有效的。

引用次数: 0

Lightweight orthogonal perturbation for privacy-preserving federated learning against poisoning attacks 针对中毒攻击的保护隐私的联邦学习轻量级正交摄动

IF 3.7 2区计算机科学 Q2 COMPUTER SCIENCE, INFORMATION SYSTEMS

Journal of Information Security and Applications

Pub Date : 2026-03-01 Epub Date: 2025-12-15 DOI: 10.1016/j.jisa.2025.104345

Chuanyu Peng , Hequn Xian

Federated Learning (FL) is a distributed machine learning approach where multiple users collaboratively train a shared model without sharing raw data, thereby preserving data privacy. However, FL remains vulnerable to inference and poisoning attacks, which can compromise privacy and degrade global model performance. Therefore, many privacy-preserving frameworks have been proposed. Among these, mask-based frameworks provide advantages in efficiency and flexibility, but are particularly susceptible to poisoning attacks by malicious users. To overcome this challenge, we propose LOPAS-FL, an efficient, privacy-preserving, and robust mask-based federated learning scheme. It first introduces a gradient-splitting and orthogonal perturbation mechanism to ensure privacy through computational indistinguishability. Meanwhile, a dual-server architecture conducts multi-dimensional verification across gradient direction, distribution, and homogeneity. Only gradients that pass all validations are aggregated. This approach effectively defends against poisoning attacks and ensures the quality and robustness of the final model. Security analysis and experiments show that LOPAS-FL effectively detects and mitigates poisoning attacks, outperforming existing approaches in efficiency.

联邦学习（FL）是一种分布式机器学习方法，其中多个用户协作训练共享模型，而不共享原始数据，从而保护数据隐私。然而，FL仍然容易受到推理和中毒攻击，这可能会损害隐私并降低全局模型的性能。因此，人们提出了许多隐私保护框架。其中，基于掩码的框架在效率和灵活性方面具有优势，但特别容易受到恶意用户的中毒攻击。为了克服这一挑战，我们提出了一种高效、隐私保护和鲁棒的基于掩码的联邦学习方案LOPAS-FL。它首先引入了梯度分裂和正交摄动机制，通过计算不可区分来确保隐私。同时，双服务器架构跨梯度方向、分布和同质性进行多维度验证。只有通过所有验证的梯度才被聚合。这种方法有效地防御了中毒攻击，并确保了最终模型的质量和健壮性。安全分析和实验表明，LOPAS-FL可以有效检测和减轻中毒攻击，效率优于现有方法。

{"title":"Lightweight orthogonal perturbation for privacy-preserving federated learning against poisoning attacks","authors":"Chuanyu Peng , Hequn Xian","doi":"10.1016/j.jisa.2025.104345","DOIUrl":"10.1016/j.jisa.2025.104345","url":null,"abstract":"<div><div>Federated Learning (FL) is a distributed machine learning approach where multiple users collaboratively train a shared model without sharing raw data, thereby preserving data privacy. However, FL remains vulnerable to inference and poisoning attacks, which can compromise privacy and degrade global model performance. Therefore, many privacy-preserving frameworks have been proposed. Among these, mask-based frameworks provide advantages in efficiency and flexibility, but are particularly susceptible to poisoning attacks by malicious users. To overcome this challenge, we propose LOPAS-FL, an efficient, privacy-preserving, and robust mask-based federated learning scheme. It first introduces a gradient-splitting and orthogonal perturbation mechanism to ensure privacy through computational indistinguishability. Meanwhile, a dual-server architecture conducts multi-dimensional verification across gradient direction, distribution, and homogeneity. Only gradients that pass all validations are aggregated. This approach effectively defends against poisoning attacks and ensures the quality and robustness of the final model. Security analysis and experiments show that LOPAS-FL effectively detects and mitigates poisoning attacks, outperforming existing approaches in efficiency.</div></div>","PeriodicalId":48638,"journal":{"name":"Journal of Information Security and Applications","volume":"97 ","pages":"Article 104345"},"PeriodicalIF":3.7,"publicationDate":"2026-03-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"145791476","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

引用次数: 0

MVNIDS: A multiview-based network intrusion detection system MVNIDS：基于多视图的网络入侵检测系统

IF 3.7 2区计算机科学 Q2 COMPUTER SCIENCE, INFORMATION SYSTEMS

Journal of Information Security and Applications

Pub Date : 2026-01-01 Epub Date: 2025-12-02 DOI: 10.1016/j.jisa.2025.104321

Sunit Kumar Nandi, Ritesh Ratti, Sanasam Ranbir Singh, Sukumar Nandi

Traditional Network Intrusion Detection Systems (NIDS) predominantly rely on signature-based and supervised learning approaches that require large volumes of labeled attack data. However, generating such labeled data is costly, time-consuming, and often impractical, especially in the presence of class imbalance and zero-day attacks. To address these limitations, this paper proposes MVNIDS, a Multiview-based Network Intrusion Detection System employing a self-supervised learning paradigm. The proposed method constructs three complementary views from raw packet capture data, namely, Network View, Flow View, and Image View, each capturing distinct protocol, temporal, and structural characteristics of network traffic. Independent autoencoder models are trained on benign samples for each view, and their reconstruction errors are fused through a majority-voting mechanism to automatically generate “Attack” and “Benign” pseudo-labels. These labels are subsequently used to train a binary classifier for final intrusion detection. Experimental evaluation on the CICIDS2018 dataset, focusing on FTP BruteForce and UDP DoS attacks, demonstrates that MVNIDS outperforms most view-specific and supervised baselines, achieving up to 98.3 % F1-score and 98.5 % accuracy. The multiview representation enhances detection robustness and enables effective identification of zero-day and variant attacks, highlighting MVNIDS as a scalable, computationally efficient, and generalizable framework for modern network security applications.

传统的网络入侵检测系统（NIDS）主要依赖于基于签名和监督学习的方法，这些方法需要大量标记攻击数据。然而，生成这样的标记数据是昂贵的、耗时的，而且通常是不切实际的，特别是在存在类不平衡和零日攻击的情况下。为了解决这些限制，本文提出了MVNIDS，一种采用自监督学习范式的基于多视图的网络入侵检测系统。该方法从原始数据包捕获数据构建三个互补视图，即网络视图、流视图和图像视图，每个视图捕获网络流量的不同协议、时间和结构特征。在每个视图的良性样本上训练独立的自编码器模型，并通过多数投票机制融合其重建误差，自动生成“攻击”和“良性”伪标签。这些标签随后用于训练用于最终入侵检测的二值分类器。对CICIDS2018数据集的实验评估，重点是FTP暴力攻击和UDP DoS攻击，表明MVNIDS优于大多数特定视图和监督基线，达到98.3%的f1得分和98.5%的准确率。多视图表示增强了检测鲁棒性，能够有效识别零日攻击和变体攻击，突出了MVNIDS作为现代网络安全应用的可扩展、计算效率高和可通用的框架。

{"title":"MVNIDS: A multiview-based network intrusion detection system","authors":"Sunit Kumar Nandi, Ritesh Ratti, Sanasam Ranbir Singh, Sukumar Nandi","doi":"10.1016/j.jisa.2025.104321","DOIUrl":"10.1016/j.jisa.2025.104321","url":null,"abstract":"<div><div>Traditional Network Intrusion Detection Systems (NIDS) predominantly rely on signature-based and supervised learning approaches that require large volumes of labeled attack data. However, generating such labeled data is costly, time-consuming, and often impractical, especially in the presence of class imbalance and zero-day attacks. To address these limitations, this paper proposes MVNIDS, a Multiview-based Network Intrusion Detection System employing a self-supervised learning paradigm. The proposed method constructs three complementary views from raw packet capture data, namely, Network View, Flow View, and Image View, each capturing distinct protocol, temporal, and structural characteristics of network traffic. Independent autoencoder models are trained on benign samples for each view, and their reconstruction errors are fused through a majority-voting mechanism to automatically generate “Attack” and “Benign” pseudo-labels. These labels are subsequently used to train a binary classifier for final intrusion detection. Experimental evaluation on the CICIDS2018 dataset, focusing on FTP BruteForce and UDP DoS attacks, demonstrates that MVNIDS outperforms most view-specific and supervised baselines, achieving up to 98.3 % F1-score and 98.5 % accuracy. The multiview representation enhances detection robustness and enables effective identification of zero-day and variant attacks, highlighting MVNIDS as a scalable, computationally efficient, and generalizable framework for modern network security applications.</div></div>","PeriodicalId":48638,"journal":{"name":"Journal of Information Security and Applications","volume":"96 ","pages":"Article 104321"},"PeriodicalIF":3.7,"publicationDate":"2026-01-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"145684285","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

引用次数: 0

Enhancing black-box membership inference attacks in federated learning 增强联邦学习中的黑盒成员推理攻击

IF 3.7 2区计算机科学 Q2 COMPUTER SCIENCE, INFORMATION SYSTEMS

Journal of Information Security and Applications

Pub Date : 2026-01-01 Epub Date: 2025-11-15 DOI: 10.1016/j.jisa.2025.104302

Qiang Shi, Luzhen Ren, Xinfeng He

With the widespread deployment of machine learning models in privacy-sensitive domains such as healthcare and finance, the risk of training data leakage has attracted increasing attention. As a fundamental approach for evaluating model privacy leakage, Membership Inference Attack (MIA) has been extensively studied in distributed learning scenarios such as Federated Learning (FL). However, under black-box settings, attackers face severe challenges, including the unavailability of real non-member samples and the inaccessibility of target model architectures, which limit the generalization and accuracy of existing methods. To address these limitations, this paper proposes a DCGAN-enhanced black-box MIA framework, whose innovations are reflected in three major aspects: (1) a discriminator-guided pseudo-sample filtering mechanism that ensures the authenticity and diversity of non-member data; (2) a multi-shadow-model softmax high-dimensional concatenation strategy, which fuses the softmax probability outputs from multiple shadow models to construct discriminative high-dimensional attack representations; and (3) a SMOTE-based balancing module designed to mitigate class imbalance and further improve the generalization of the attack model. The proposed framework significantly enhances the discriminative capability and robustness of black-box MIAs without accessing the internal parameters or training procedures of the target model. Extensive experiments demonstrate that our method consistently outperforms state-of-the-art baselines across multiple federated learning protocols (FedAvg, FedMD, and FedProx) and benchmark datasets (CIFAR-10, CIFAR-100, Fashion-MNIST, and SVHN), achieving an accuracy of 0.9897, an AUC of 0.9899, and a TPR@FPR=1% of 0.9967. These results verify the robustness, generalizability, and wide applicability of the proposed framework, providing a systematic and scalable solution for privacy evaluation in federated learning environments.

随着机器学习模型在医疗保健和金融等隐私敏感领域的广泛应用，培训数据泄露的风险越来越受到关注。隶属关系推理攻击（MIA）作为评估模型隐私泄露的基本方法，在联邦学习（FL）等分布式学习场景中得到了广泛的研究。然而，在黑盒设置下，攻击者面临着严峻的挑战，包括真实非成员样本的不可获得性和目标模型体系结构的不可访问性，这限制了现有方法的泛化和准确性。针对这些局限性，本文提出了一种基于dcgan的黑箱MIA框架，其创新主要体现在三个方面：(1)采用了鉴别器引导的伪样本过滤机制，保证了非成员数据的真实性和多样性；(2)多阴影模型softmax高维拼接策略，融合多个阴影模型的softmax概率输出，构建判别性高维攻击表征；(3)基于smote的平衡模块，旨在缓解类不平衡，进一步提高攻击模型的泛化性。该框架在不访问目标模型内部参数或训练过程的情况下，显著提高了黑箱MIAs的判别能力和鲁棒性。广泛的实验表明，我们的方法在多个联邦学习协议（fedag、FedMD和FedProx）和基准数据集（CIFAR-10、CIFAR-100、fashionon - mnist和SVHN）上始终优于最先进的基线，实现了0.9897的准确率，0.9899的AUC和TPR@FPR=1%的0.9967。这些结果验证了所提出框架的鲁棒性、泛化性和广泛适用性，为联邦学习环境中的隐私评估提供了系统和可扩展的解决方案。

{"title":"Enhancing black-box membership inference attacks in federated learning","authors":"Qiang Shi, Luzhen Ren, Xinfeng He","doi":"10.1016/j.jisa.2025.104302","DOIUrl":"10.1016/j.jisa.2025.104302","url":null,"abstract":"<div><div>With the widespread deployment of machine learning models in privacy-sensitive domains such as healthcare and finance, the risk of training data leakage has attracted increasing attention. As a fundamental approach for evaluating model privacy leakage, Membership Inference Attack (MIA) has been extensively studied in distributed learning scenarios such as Federated Learning (FL). However, under black-box settings, attackers face severe challenges, including the unavailability of real non-member samples and the inaccessibility of target model architectures, which limit the generalization and accuracy of existing methods. To address these limitations, this paper proposes a DCGAN-enhanced black-box MIA framework, whose innovations are reflected in three major aspects: (1) a discriminator-guided pseudo-sample filtering mechanism that ensures the authenticity and diversity of non-member data; (2) a multi-shadow-model softmax high-dimensional concatenation strategy, which fuses the softmax probability outputs from multiple shadow models to construct discriminative high-dimensional attack representations; and (3) a SMOTE-based balancing module designed to mitigate class imbalance and further improve the generalization of the attack model. The proposed framework significantly enhances the discriminative capability and robustness of black-box MIAs without accessing the internal parameters or training procedures of the target model. Extensive experiments demonstrate that our method consistently outperforms state-of-the-art baselines across multiple federated learning protocols (FedAvg, FedMD, and FedProx) and benchmark datasets (CIFAR-10, CIFAR-100, Fashion-MNIST, and SVHN), achieving an accuracy of 0.9897, an AUC of 0.9899, and a TPR@FPR=1% of 0.9967. These results verify the robustness, generalizability, and wide applicability of the proposed framework, providing a systematic and scalable solution for privacy evaluation in federated learning environments.</div></div>","PeriodicalId":48638,"journal":{"name":"Journal of Information Security and Applications","volume":"96 ","pages":"Article 104302"},"PeriodicalIF":3.7,"publicationDate":"2026-01-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"145520857","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

引用次数: 0

Uncertainty-aware regular-singular discriminant analysis for lossless watermarking 无损水印的正则奇异判别分析

IF 3.7 2区计算机科学 Q2 COMPUTER SCIENCE, INFORMATION SYSTEMS

Journal of Information Security and Applications

Pub Date : 2026-01-01 Epub Date: 2025-11-08 DOI: 10.1016/j.jisa.2025.104295

Guo-Dong Su , Xu Wang , Ching-Chun Chang

It remains a major challenge in how to effectively organize and manage digital images stored in cloud. Regular-singular (RS) based watermarking, as one of important technologies, aims to insert watermark into digital images to solve this issue. By revisiting series of RS based watermarking methods, however, how to achieve a better trade-off between enlarging the embedding capacity and keeping the amount of distortion as soon as possible remains an interesting problem, especially deep learning comes powerful. For this, this paper presents a novel lossless watermarking method using uncertainty-aware discriminant analysis and deep learning technology. First, a numerical ordinary differential equation inspired network architecture for cover synthesis we refer to as NDCS is introduced. It produces a more realistic cover objective by minimizing a smaller local truncation error. As for NDCS, we are also interested in its performance under different network configurations. On this basis, we introduce an uncertainty-aware discriminant analysis in steganographic algorithm, thereby enabling to yield perceptually indistinguishable watermarked images at various capacities. The experimental results demonstrate that our method is conducive to improving the quality of synthetic objective with the mean hamming distance of 0.2231 and achieving a more satisfactory rate-distortion trade-off with an average embedding capacity of 0.2043 bpp, when comparing to the prior regular-singular methods. In addition, our approach can against RS steganalysis and has the identical performance in encrypted domain.

如何有效地组织和管理存储在云中的数字图像仍然是一个重大挑战。正则奇异水印作为一种重要的水印技术，旨在通过在数字图像中插入水印来解决这一问题。然而，通过回顾一系列基于RS的水印方法，如何在扩大嵌入容量和尽快保持失真量之间取得更好的平衡仍然是一个有趣的问题，尤其是深度学习的强大。为此，本文提出了一种利用不确定性感知判别分析和深度学习技术的无损水印方法。首先，介绍了一种数值常微分方程启发的覆盖物综合网络结构，我们称之为NDCS。它通过最小化较小的局部截断误差来产生更真实的覆盖目标。对于NDCS，我们也对它在不同网络配置下的性能很感兴趣。在此基础上，我们在隐写算法中引入了不确定性感知的判别分析，从而能够在不同容量下产生感知上不可区分的水印图像。实验结果表明，与现有的正则奇异方法相比，该方法可以提高合成目标的质量，平均汉明距离为0.2231，平均嵌入容量为0.2043 bpp，实现了更令人满意的率失真权衡。此外，我们的方法可以对抗RS隐写分析，并且在加密域具有相同的性能。

{"title":"Uncertainty-aware regular-singular discriminant analysis for lossless watermarking","authors":"Guo-Dong Su , Xu Wang , Ching-Chun Chang","doi":"10.1016/j.jisa.2025.104295","DOIUrl":"10.1016/j.jisa.2025.104295","url":null,"abstract":"<div><div>It remains a major challenge in how to effectively organize and manage digital images stored in cloud. Regular-singular (RS) based watermarking, as one of important technologies, aims to insert watermark into digital images to solve this issue. By revisiting series of RS based watermarking methods, however, how to achieve a better trade-off between enlarging the embedding capacity and keeping the amount of distortion as soon as possible remains an interesting problem, especially deep learning comes powerful. For this, this paper presents a novel lossless watermarking method using uncertainty-aware discriminant analysis and deep learning technology. First, a numerical ordinary differential equation inspired network architecture for cover synthesis we refer to as <strong>NDCS</strong> is introduced. It produces a more realistic cover objective by minimizing a smaller local truncation error. As for <strong>NDCS</strong>, we are also interested in its performance under different network configurations. On this basis, we introduce an uncertainty-aware discriminant analysis in steganographic algorithm, thereby enabling to yield perceptually indistinguishable watermarked images at various capacities. The experimental results demonstrate that our method is conducive to improving the quality of synthetic objective with the mean hamming distance of 0.2231 and achieving a more satisfactory rate-distortion trade-off with an average embedding capacity of 0.2043 bpp, when comparing to the prior regular-singular methods. In addition, our approach can against RS steganalysis and has the identical performance in encrypted domain.</div></div>","PeriodicalId":48638,"journal":{"name":"Journal of Information Security and Applications","volume":"96 ","pages":"Article 104295"},"PeriodicalIF":3.7,"publicationDate":"2026-01-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"145468934","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

引用次数: 0