Journal of Information Security and Applications最新文献

{"title":"Beyond Reinforcement Learning for network security: A comprehensive survey and tutorial","authors":"Amir Javadpour ,&nbsp;Forough Ja’fari ,&nbsp;Tarik Taleb ,&nbsp;Fatih Turkmen ,&nbsp;Chafika Benzaïd","doi":"10.1016/j.jisa.2025.104294","DOIUrl":"10.1016/j.jisa.2025.104294","url":null,"abstract":"<div><div>Maintaining strong security is a complex yet vital challenge in the rapidly evolving landscape of modern digital networks. The risks and consequences of security breaches make neglecting network protection unacceptable. Fortunately, ongoing advances in computer science have equipped researchers with powerful tools to reinforce network defenses. Among these, Reinforcement Learning (RL), a branch of machine learning, has gained significant attention for its versatility and effectiveness in strengthening security mechanisms. This paper presents a comprehensive survey and tutorial on the role of RL in network security. It provides background information, a step-by-step tutorial for training RL models, and systematically categorizes research efforts based on the targeted cyber threats. Leveraging recent advances and real-world applications, this survey elucidates how RL enables the development of adaptive and intelligent systems that autonomously learn and respond to evolving threats. Through in-depth analysis, we provide a comprehensive view of the current landscape and the future potential of RL in safeguarding digital assets. The main contributions of this survey are: (1) a systematic and up-to-date review of RL approaches for network security; (2) a unified taxonomy for classifying RL-based solutions; (3) a comparison of the latest advances from 2019 to 2024 across mainstream and emerging research areas; (4) identification of open challenges and future research directions; and (5) a comparative analysis of state-of-the-art models, offering practical insights for both researchers and practitioners. Furthermore, this survey emphasizes the practical translation of RL advances into real-world deployments. By focusing on hands-on implementation guidelines and comparative analyses of deployment scenarios, it bridges the gap between academic research and operational practice. The comprehensive evaluation of RL-based models across different network environments provides actionable insights for practitioners seeking adaptive and scalable security solutions in dynamic and heterogeneous settings.</div></div>","PeriodicalId":48638,"journal":{"name":"Journal of Information Security and Applications","volume":"96 ","pages":"Article 104294"},"PeriodicalIF":3.7,"publicationDate":"2026-01-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"145520862","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"Reversible data hiding in encrypted images using adaptive block-level pixel difference encoding","authors":"Hua Ren,&nbsp;Zhen Yue,&nbsp;Ming Li","doi":"10.1016/j.jisa.2025.104316","DOIUrl":"10.1016/j.jisa.2025.104316","url":null,"abstract":"<div><div>The blooming cloud storage has brought great convenience for users to upload multimedia data on remote cloud servers and efficiently access the uploaded data through terminals. With the accumulation of user data, how to effectively manage cloud user data while ensuring security becomes particularly important. Reversible Data Hiding in Encrypted Images (RDHEI) is an effective privacy-preserving technology that can embed user identity information, tags, time stamps or other data into encrypted images to facilitate the management of multi-user data. However, the capacity of existing RDHEI methods is not ideal due to the less redundancy in encrypted images. In this paper, a high-capacity RDHEI method using Adaptive Block-level Pixel Difference Encoding (ABPDE) is proposed. Firstly, the content owner uses the block modulation and permutation to encrypt the original image to preserve some redundant space. Secondly, the data hider counts the frequency of occurrence of pixel differences and uses adaptive Huffman encoding to mark the encrypted pixels as embeddable and non-embeddable pixels. The generated Huffman table is embedded into some reference pixels, the side information consisting of the replaced reference pixels and non-embeddable bits is embedded into some embeddable pixels, and the remaining embeddable pixels are used to carry additional data. Finally, a receiver holding the relevant keys can extract the embedded data without errors and reversibly recover the original image. Extensive simulations illustrate that the proposed method is superior to state-of-the-art methods in capacity and security, and the average embedding rates are at least 0.2845 bpp and 0.2900 bpp higher than other state-of-the-art methods on the BOSSbase and BOWS-2 databases, respectively.</div></div>","PeriodicalId":48638,"journal":{"name":"Journal of Information Security and Applications","volume":"96 ","pages":"Article 104316"},"PeriodicalIF":3.7,"publicationDate":"2026-01-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"145569600","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"PER-AE-DRL: A malicious traffic detection model based on prioritized experience replay and adversarial mechanism","authors":"Peihao Liu,&nbsp;Yuntao Zhao,&nbsp;Yongxin Feng","doi":"10.1016/j.jisa.2025.104298","DOIUrl":"10.1016/j.jisa.2025.104298","url":null,"abstract":"<div><div>With the rapid advancement of information technology, cybersecurity threats have become more sophisticated, making network intrusion detection vital for ensuring network security. Although existing detection methods have made significant progress in identifying malicious traffic, data class imbalance remains a key challenge. This paper proposes a deep reinforcement learning-based malicious traffic detection model that integrates an adversarial mechanism and Prioritized Experience Replay (PER). First, an environment agent is introduced into the Dueling Double Deep Q-Network (Dueling DDQN) framework to address the data imbalance by resampling the training set. Then, a TD-error-based prioritized experience replay mechanism is introduced, which prioritizes samples with larger TD errors during neural network updates, thereby accelerating model convergence and enhancing learning ability for minority class samples. Finally, through multi-class classification experiments on the NSL-KDD and CIC-IDS2017 datasets, the proposed model achieved an accuracy of 83.41% and an F1 score of 83.39% on the NSL-KDD dataset. On the CIC-IDS2017 dataset, the model achieved both an accuracy and an F1 score exceeding 99%.</div></div>","PeriodicalId":48638,"journal":{"name":"Journal of Information Security and Applications","volume":"96 ","pages":"Article 104298"},"PeriodicalIF":3.7,"publicationDate":"2026-01-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"145569601","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"A privacy-preserving information sharing scheme in online social networks","authors":"Yehong Luo ,&nbsp;Nafei Zhu ,&nbsp;Jingsha He ,&nbsp;Anca Delia Jurcut ,&nbsp;Yuzi Yi ,&nbsp;Xiangjun Ma ,&nbsp;Juan Fang","doi":"10.1016/j.jisa.2025.104304","DOIUrl":"10.1016/j.jisa.2025.104304","url":null,"abstract":"<div><div>Information leakage during sharing among users is a critical concern for individuals in online social networks (OSNs). The key to addressing the concern is to align privacy protection policies with the subjective willingness of privacy subjects to maximize the utility of information while achieving privacy protection. In this paper, we propose a new framework that can be used to dynamically modulate the extent of information sharing and privacy protection by regulating the scale of propagation of privacy information. In the proposed framework, we firstly define privacy information propagation conditions (PPCs) and then design a PPC-based privacy-preserving information sharing scheme. This scheme performs privacy risk assessment according to the subjective willingness and the consensus on the sensitivity of privacy information as the basis for trade-offs between privacy protection and information sharing. We introduce PPC-TD3, a variant of Twin Delayed Deep Deterministic policy gradient (TD3) integrated with our PPC framework, to identify decision points that maximize information-sharing utility while ensuring robust privacy protection. Theoretical analysis and extensive experiment show that the proposed framework can optimally balance privacy protection and information sharing through identifying the point where the utility of information is maximized.</div></div>","PeriodicalId":48638,"journal":{"name":"Journal of Information Security and Applications","volume":"96 ","pages":"Article 104304"},"PeriodicalIF":3.7,"publicationDate":"2026-01-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"145569602","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"Revocable multi-authority attribute-based keyword search scheme for enhanced security in multi-owner settings","authors":"Zongmin Wang,&nbsp;Qiang Wang,&nbsp;Fucai Zhou,&nbsp;Jian Xu","doi":"10.1016/j.jisa.2025.104315","DOIUrl":"10.1016/j.jisa.2025.104315","url":null,"abstract":"<div><div>Attribute-based keyword search (ABKS) has emerged as an effective approach for secure, fine-grained data retrieval in encrypted cloud environments. Although traditional ABKS effectively enforces access policies, it suffers from significant limitations in multi-owner settings, where decentralized control and collaborative governance are required. In addition, existing ABKS schemes encounter several unresolved security challenges. First, as ABKS is built upon attribute-based encryption (ABE), it inevitably inherits its shortcomings, including key escrow and single points of failure. Second, it lacks the ability to detect servers that intentionally return incorrect results, while existing verification mechanisms risk exposing sensitive information. Third, misbehaving cloud service providers face no penalty and may continue to provide services without restriction.</div><div>To address these challenges, we propose a revocable multi-authority attribute-based keyword search (RMA-ABKS) scheme tailored for multi-owner environments. RMA-ABKS integrates multi-authority ABE with searchable encryption to decentralize trust and eliminate key escrow, while enabling collaborative access policy formulation across multiple owners. For the remaining challenges, we incorporate a blockchain-based blind verification mechanism to ensure result integrity without privacy leakage, and a cryptographic revocation mechanism to disable malicious cloud servers. Formal security proofs demonstrate selective security and resilience, while experimental evaluations confirm computational efficiency comparable to advanced schemes.</div></div>","PeriodicalId":48638,"journal":{"name":"Journal of Information Security and Applications","volume":"96 ","pages":"Article 104315"},"PeriodicalIF":3.7,"publicationDate":"2026-01-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"145569603","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"Blockchain-based threshold proxy re-encryption scheme with zero-knowledge proofs for confidential and verifiable IoT networks","authors":"Vinay Rishiwal ,&nbsp;Ved Prakash Mishra ,&nbsp;A. Jayanthiladevi ,&nbsp;Vinay Maurya ,&nbsp;Udit Agarwal ,&nbsp;Mano Yadav","doi":"10.1016/j.jisa.2025.104300","DOIUrl":"10.1016/j.jisa.2025.104300","url":null,"abstract":"<div><div>The rapid proliferation of interconnected devices within the Internet of Things (IoT) continues to generate vast amounts of sensitive, context-rich data, raising significant concerns regarding data confidentiality, verifiability, trust management, and systemic resilience. Traditional IoT network architectures typically rely on centralised third-party entities. This reliance creates single points of failure and elevates the risk of unauthorised data access. To address these limitations, this paper proposes a confidential and verifiable IoT network based on a decentralised security architecture that integrates blockchain with proxy re-encryption. The framework uses threshold cryptography and zero-knowledge proofs to enable privacy-preserving transformations of ciphertext across consensus nodes. This design protects sensitive data while preserving transaction verifiability and integrity. As a result, the system effectively counters threats such as node collusion, Sybil attacks, and metadata leakage. Comprehensive simulations and performance evaluations underscore that the presented model substantially diminishes dependence on centralised proxies while delivering enhanced scalability, robust security, and increased trustworthiness, making it particularly well-suited for practical implementation in confidential IoT environments.</div></div>","PeriodicalId":48638,"journal":{"name":"Journal of Information Security and Applications","volume":"96 ","pages":"Article 104300"},"PeriodicalIF":3.7,"publicationDate":"2026-01-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"145520861","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"Intervalmapping and QR code based multi-stage reversible watermarking scheme for vector map distribution and source tracing","authors":"Xu Xi,&nbsp;Mingkang Wu,&nbsp;Jie Zhang,&nbsp;Huimin Tian,&nbsp;Jinglong Du","doi":"10.1016/j.jisa.2025.104303","DOIUrl":"10.1016/j.jisa.2025.104303","url":null,"abstract":"<div><div>Digital watermarking is crucial for vector map safeguard, yet current applications focus on watermark response mechanisms targeted at thieves and unauthorized users, existing studies presume data protection in the context of harmful propagation and unlawful use, while ignoring the responsibility tracing of data distributors. To address this issue, this study designs a secure distribution scheme of vector maps using QR codes and a reversible watermarking algorithm to trace and identify both distributor and propagation paths. During watermark encoding, QR codes carry watermark information, recording distributor and recipient details at each distribution stage. By leveraging the high payload capacity and error-correction capability of QR codes, the data distribution path is effectively recorded. With each data distribution, watermark extraction and re-embedding are executed. In terms of algorithm design, a reversible watermarking algorithm based on interval mapping is designed based on quantitative index modulation. The algorithm defines sub-intervals according to embedding strength, modulates coordinate points using grouped watermark information, and uses the average coordinates of all vertices as a key for watermark extraction and data recovery. The experimental results show that the proposed scheme can successfully extract the QR codes and recover the embedded information even after ten consecutive cycles of embedding and extraction. This is achieved while maintaining high robustness and controlled perturbations, even when the scheme undergoes to strong geometric and vertex-editing attacks like rotation, vertex deletion, and cropping.</div></div>","PeriodicalId":48638,"journal":{"name":"Journal of Information Security and Applications","volume":"96 ","pages":"Article 104303"},"PeriodicalIF":3.7,"publicationDate":"2026-01-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"145615158","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"An efficient certificateless authentication scheme based on RSA accumulator for smart healthcare","authors":"Zhuowei Shen ,&nbsp;Xiao Kou ,&nbsp;Taiyao Yang","doi":"10.1016/j.jisa.2025.104319","DOIUrl":"10.1016/j.jisa.2025.104319","url":null,"abstract":"<div><div>With the growing prevalence of smart healthcare applications in hospitals, certificateless cryptography has become one of the widely used methods to achieve secure communications. To reduce the heavy overhead caused by bilinear pairing operations, schemes based on elliptic curve cryptography (ECC) have been proposed to improve efficiency. However, many of these certificateless aggregate signature (CLAS) schemes focus solely on authenticity and integrity, neglecting the dynamic nature of inpatient membership. For instance, upon the discharge of inpatients from the ward following recovery, it becomes necessary to revoke their corresponding identities. Meanwhile, existing solutions, such as the time period key or the cuckoo filter, have failed to meet the demand due to the lack of timely membership changes and computational determinism individually. To address the dynamic requirement of real-world environments, we introduce an ECC-based CLAS scheme with an efficient membership update mechanism. By integrating the RSA accumulator into the CLAS framework and transmitting the auxiliary information via broadcasting, our proposed scheme facilitates efficient and timely membership updates with low overhead. Through comprehensive evaluations, our scheme outperforms comparable schemes regarding computational and communication overheads during the signing-verification and membership update phases.</div></div>","PeriodicalId":48638,"journal":{"name":"Journal of Information Security and Applications","volume":"96 ","pages":"Article 104319"},"PeriodicalIF":3.7,"publicationDate":"2026-01-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"145615159","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"Protocol design of non-linear function in secure multi-party computation based on secret sharing","authors":"Zhongkai Li,&nbsp;Shuyang Fan,&nbsp;Lingfei Jin","doi":"10.1016/j.jisa.2025.104293","DOIUrl":"10.1016/j.jisa.2025.104293","url":null,"abstract":"<div><div>Secure Multi-Party Computation (MPC) enables a group of untrusted parties to collaboratively compute the output of a specified function, while ensuring that each party’s private input remains confidential. Coupled with secret sharing, MPC facilitates privacy-preserving computations, a technique increasingly utilized in diverse fields, such as machine learning. While efficient protocols exist within MPC for linear functions, the evaluation of non-linear functions presents a significant challenge. Existing methods for non-linear functions are often either inefficient or lack the generality for widespread adoption, making them a major impediment in both the design and practical implementation of MPC schemes.</div><div>In this study, we explore the development of a generic protocol for non-linear function computation in MPC, grounded in secret sharing. We have devised a series of protocols to compute fundamental non-linear functions in a three-party setting under a semi-honest security model, representing secret-shared decimal numbers in fixed-point format. These protocols include <span><math><msub><mrow><mi>Π</mi></mrow><mrow><mo>exp</mo></mrow></msub></math></span> for exponential functions, <span><math><msub><mrow><mi>Π</mi></mrow><mrow><mo>log</mo></mrow></msub></math></span> for logarithmic functions, and <span><math><msub><mrow><mi>Π</mi></mrow><mrow><mtext>Inv</mtext></mrow></msub></math></span> for inverse proportion functions. By integrating these basic functions, we can formulate protocols for a broad spectrum of non-linear functions. Specifically, we have developed the <span><math><msub><mrow><mi>Π</mi></mrow><mrow><mtext>Sigmoid</mtext></mrow></msub></math></span> and <span><math><msub><mrow><mi>Π</mi></mrow><mrow><mtext>Tanh</mtext></mrow></msub></math></span> protocols based on the aforementioned methods. Throughout this paper, unless otherwise specified, comparisons refer exclusively to secret-sharing-based (SS-based) MPC protocols in the three-party, semi-honest setting; constant-round garbled-circuit (GC) approaches are outside our comparison scope due to different cost trade-offs. Within this SS-based literature, our protocols offer the lowest online communication rounds. Furthermore, <span><math><msub><mrow><mi>Π</mi></mrow><mrow><mo>exp</mo></mrow></msub></math></span> and <span><math><msub><mrow><mi>Π</mi></mrow><mrow><mtext>inv</mtext></mrow></msub></math></span> support an extended range of inputs, and <span><math><msub><mrow><mi>Π</mi></mrow><mrow><mo>log</mo></mrow></msub></math></span> represents the first protocol capable of handling logarithmic functions with fixed-point inputs. This paper provides a thorough analysis of the security and performance of these innovative protocols.</div></div>","PeriodicalId":48638,"journal":{"name":"Journal of Information Security and Applications","volume":"96 ","pages":"Article 104293"},"PeriodicalIF":3.7,"publicationDate":"2026-01-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"145520879","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"Blockchain-based access control model for smart grids using peak hour and privilege level attributes (BACS-HP)","authors":"Sarra Namane ,&nbsp;Imed Ben Dhaou","doi":"10.1016/j.jisa.2025.104261","DOIUrl":"10.1016/j.jisa.2025.104261","url":null,"abstract":"<div><div>The increasing reliance on smart plugs and smart meters in modern electricity grids introduces significant security vulnerabilities, as unauthorized access can compromise grid reliability and stability. Traditional access control models are ill-suited for smart grids’ decentralized and dynamic nature. This paper introduces BACS-HP, a novel Blockchain-Based Access Control Model for Smart Grids that enhances security by incorporating <em>privilege levels</em> and <em>peak hour</em> attributes. Privilege levels prioritize access to critical devices during energy constraints, while the peak hour attribute enables adaptive decision-making to optimize energy allocation during periods of high demand. Unlike existing blockchain-based access control solutions, BACS-HP uniquely combines these context-aware attributes to provide fine-grained access control tailored to the specific needs of smart grids. The model leverages blockchain technology to ensure the secure and decentralized storage of access rights and enforces policies via smart contracts, mitigating single points of failure. Empirical results demonstrate that BACS-HP achieves low-latency security rule updates (between 42 ms and 46 ms), rapid access request processing (between 21 ms and 46 ms), and a high acceptance rate (60%) for critical devices during power outages, outperforming standard ABAC implementations in terms of responsiveness and prioritization. BACS-HP contributes to advancing access control mechanisms in smart grids and highlights the potential of blockchain to meet the security and performance demands of modern energy systems.</div></div>","PeriodicalId":48638,"journal":{"name":"Journal of Information Security and Applications","volume":"96 ","pages":"Article 104261"},"PeriodicalIF":3.7,"publicationDate":"2026-01-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"145520877","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}