Journal of Information Security and Applications最新文献_第8页

A Dual-Layer image encryption framework using chaotic AES with dynamic S-Boxes and steganographic QR codes 基于混沌AES动态s盒和隐写QR码的双层图像加密框架

IF 3.7 2区计算机科学 Q2 COMPUTER SCIENCE, INFORMATION SYSTEMS

Journal of Information Security and Applications

Pub Date : 2025-12-01 DOI: 10.1016/j.jisa.2025.104322

Md Rishadul Bayesh , Dabbrata Das , Md Ahadullah

This paper presents a robust image encryption and key distribution framework that integrates an enhanced AES-128 algorithm with chaos theory and advanced steganographic techniques for dual-layer security. The encryption engine features a dynamic ShiftRows operation controlled by a logistic map, variable S-boxes generated from a two-dimensional Hénon map for substitution and key expansion, and feedback chaining with post-encryption XOR diffusion to improve confusion, diffusion, and key sensitivity. To address secure key delivery, the scheme introduces dual-key distribution via steganographically modified QR codes. A static key and an AES-encrypted dynamic session key are embedded with a covert hint message using least significant bit (LSB) steganography. This design ensures the dynamic key can only be decrypted after reconstructing the static key from the hidden message, offering multi-factor protection against interception. Experimental results demonstrate the framework outperforms existing chaos-based and hybrid AES methods, achieving near-ideal entropy ( 7.997 bits per pixel), minimal pixel correlation, and strong differential resistance with NPCR (>99.6 %) and UACI ( 33 %–34 %). Encrypted images show uniform histograms and robustness against noise and data loss. The framework offers a scalable, secure solution for sensitive image transmission in applications such as surveillance, medical imaging, and digital forensics, bridging the gap between cryptographic strength and safe key distribution

本文提出了一种鲁棒的图像加密和密钥分发框架，该框架将增强的AES-128算法与混沌理论和先进的隐写技术相结合，用于双层安全。加密引擎的特点是动态ShiftRows操作，由逻辑映射控制，从二维hsamnon映射生成变量s -box，用于替换和密钥扩展，以及带有加密后异或扩散的反馈链，以改善混淆、扩散和密钥敏感性。为了解决安全密钥传递问题，该方案通过隐写修改的QR码引入了双密钥分发。静态密钥和aes加密的动态会话密钥使用最低有效位（LSB）隐写技术嵌入隐蔽提示消息。这种设计确保动态密钥只能在从隐藏消息重构静态密钥后才能解密，从而提供多因素防止拦截的保护。实验结果表明，该框架优于现有的基于混沌和混合AES方法，实现了接近理想的熵（7.997比特/像素），最小的像素相关性，以及与NPCR （> 99.6%）和UACI（33% - 34%）的强差分抵抗。加密后的图像具有均匀的直方图和抗噪声和数据丢失的鲁棒性。该框架为监控、医学成像和数字取证等应用中的敏感图像传输提供了可扩展的安全解决方案，弥合了加密强度和安全密钥分发之间的差距

{"title":"A Dual-Layer image encryption framework using chaotic AES with dynamic S-Boxes and steganographic QR codes","authors":"Md Rishadul Bayesh , Dabbrata Das , Md Ahadullah","doi":"10.1016/j.jisa.2025.104322","DOIUrl":"10.1016/j.jisa.2025.104322","url":null,"abstract":"<div><div>This paper presents a robust image encryption and key distribution framework that integrates an enhanced AES-128 algorithm with chaos theory and advanced steganographic techniques for dual-layer security. The encryption engine features a dynamic ShiftRows operation controlled by a logistic map, variable S-boxes generated from a two-dimensional Hénon map for substitution and key expansion, and feedback chaining with post-encryption XOR diffusion to improve confusion, diffusion, and key sensitivity. To address secure key delivery, the scheme introduces dual-key distribution via steganographically modified QR codes. A static key and an AES-encrypted dynamic session key are embedded with a covert hint message using least significant bit (LSB) steganography. This design ensures the dynamic key can only be decrypted after reconstructing the static key from the hidden message, offering multi-factor protection against interception. Experimental results demonstrate the framework outperforms existing chaos-based and hybrid AES methods, achieving near-ideal entropy ( 7.997 bits per pixel), minimal pixel correlation, and strong differential resistance with NPCR (>99.6 %) and UACI ( 33 %–34 %). Encrypted images show uniform histograms and robustness against noise and data loss. The framework offers a scalable, secure solution for sensitive image transmission in applications such as surveillance, medical imaging, and digital forensics, bridging the gap between cryptographic strength and safe key distribution</div></div>","PeriodicalId":48638,"journal":{"name":"Journal of Information Security and Applications","volume":"96 ","pages":"Article 104322"},"PeriodicalIF":3.7,"publicationDate":"2025-12-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"145684286","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

引用次数: 0

An efficient certificateless authentication scheme based on RSA accumulator for smart healthcare 基于RSA累加器的智能医疗高效无证书认证方案

IF 3.7 2区计算机科学 Q2 COMPUTER SCIENCE, INFORMATION SYSTEMS

Journal of Information Security and Applications

Pub Date : 2025-11-27 DOI: 10.1016/j.jisa.2025.104319

Zhuowei Shen , Xiao Kou , Taiyao Yang

With the growing prevalence of smart healthcare applications in hospitals, certificateless cryptography has become one of the widely used methods to achieve secure communications. To reduce the heavy overhead caused by bilinear pairing operations, schemes based on elliptic curve cryptography (ECC) have been proposed to improve efficiency. However, many of these certificateless aggregate signature (CLAS) schemes focus solely on authenticity and integrity, neglecting the dynamic nature of inpatient membership. For instance, upon the discharge of inpatients from the ward following recovery, it becomes necessary to revoke their corresponding identities. Meanwhile, existing solutions, such as the time period key or the cuckoo filter, have failed to meet the demand due to the lack of timely membership changes and computational determinism individually. To address the dynamic requirement of real-world environments, we introduce an ECC-based CLAS scheme with an efficient membership update mechanism. By integrating the RSA accumulator into the CLAS framework and transmitting the auxiliary information via broadcasting, our proposed scheme facilitates efficient and timely membership updates with low overhead. Through comprehensive evaluations, our scheme outperforms comparable schemes regarding computational and communication overheads during the signing-verification and membership update phases.

随着智能医疗应用在医院的日益普及，无证加密已成为实现安全通信的广泛方法之一。为了减少双线性配对运算带来的繁重开销，提出了基于椭圆曲线密码术（ECC）的方案来提高效率。然而，许多无证书聚合签名（CLAS）方案只关注真实性和完整性，而忽略了住院会员的动态特性。例如，住院病人康复出院后，需要撤销其相应的身份。同时，现有的解决方案，如时间段密钥或杜鹃过滤器，由于缺乏及时的成员变化和单独的计算确定性而无法满足需求。为了满足现实环境的动态需求，我们引入了一种基于ecc的CLAS方案，该方案具有高效的成员更新机制。通过将RSA累加器集成到CLAS框架中，并通过广播传输辅助信息，我们提出的方案以低开销实现了高效、及时的成员更新。通过综合评估，我们的方案在签名验证和成员更新阶段的计算和通信开销方面优于可比方案。

{"title":"An efficient certificateless authentication scheme based on RSA accumulator for smart healthcare","authors":"Zhuowei Shen , Xiao Kou , Taiyao Yang","doi":"10.1016/j.jisa.2025.104319","DOIUrl":"10.1016/j.jisa.2025.104319","url":null,"abstract":"<div><div>With the growing prevalence of smart healthcare applications in hospitals, certificateless cryptography has become one of the widely used methods to achieve secure communications. To reduce the heavy overhead caused by bilinear pairing operations, schemes based on elliptic curve cryptography (ECC) have been proposed to improve efficiency. However, many of these certificateless aggregate signature (CLAS) schemes focus solely on authenticity and integrity, neglecting the dynamic nature of inpatient membership. For instance, upon the discharge of inpatients from the ward following recovery, it becomes necessary to revoke their corresponding identities. Meanwhile, existing solutions, such as the time period key or the cuckoo filter, have failed to meet the demand due to the lack of timely membership changes and computational determinism individually. To address the dynamic requirement of real-world environments, we introduce an ECC-based CLAS scheme with an efficient membership update mechanism. By integrating the RSA accumulator into the CLAS framework and transmitting the auxiliary information via broadcasting, our proposed scheme facilitates efficient and timely membership updates with low overhead. Through comprehensive evaluations, our scheme outperforms comparable schemes regarding computational and communication overheads during the signing-verification and membership update phases.</div></div>","PeriodicalId":48638,"journal":{"name":"Journal of Information Security and Applications","volume":"96 ","pages":"Article 104319"},"PeriodicalIF":3.7,"publicationDate":"2025-11-27","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"145615159","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

引用次数: 0

Intervalmapping and QR code based multi-stage reversible watermarking scheme for vector map distribution and source tracing 基于间隔映射和QR码的矢量图分布和源跟踪多阶段可逆水印方案

IF 3.7 2区计算机科学 Q2 COMPUTER SCIENCE, INFORMATION SYSTEMS

Journal of Information Security and Applications

Pub Date : 2025-11-24 DOI: 10.1016/j.jisa.2025.104303

Xu Xi, Mingkang Wu, Jie Zhang, Huimin Tian, Jinglong Du

Digital watermarking is crucial for vector map safeguard, yet current applications focus on watermark response mechanisms targeted at thieves and unauthorized users, existing studies presume data protection in the context of harmful propagation and unlawful use, while ignoring the responsibility tracing of data distributors. To address this issue, this study designs a secure distribution scheme of vector maps using QR codes and a reversible watermarking algorithm to trace and identify both distributor and propagation paths. During watermark encoding, QR codes carry watermark information, recording distributor and recipient details at each distribution stage. By leveraging the high payload capacity and error-correction capability of QR codes, the data distribution path is effectively recorded. With each data distribution, watermark extraction and re-embedding are executed. In terms of algorithm design, a reversible watermarking algorithm based on interval mapping is designed based on quantitative index modulation. The algorithm defines sub-intervals according to embedding strength, modulates coordinate points using grouped watermark information, and uses the average coordinates of all vertices as a key for watermark extraction and data recovery. The experimental results show that the proposed scheme can successfully extract the QR codes and recover the embedded information even after ten consecutive cycles of embedding and extraction. This is achieved while maintaining high robustness and controlled perturbations, even when the scheme undergoes to strong geometric and vertex-editing attacks like rotation, vertex deletion, and cropping.

数字水印对矢量图安全至关重要，但目前的应用主要集中在针对窃贼和未经授权用户的水印响应机制上，现有研究将数据保护假设在有害传播和非法使用的背景下，而忽略了数据分发者的责任追踪。为了解决这个问题，本研究设计了一个安全的矢量地图分发方案，使用QR码和可逆水印算法来跟踪和识别分发和传播路径。在水印编码过程中，QR码携带水印信息，记录每个分发阶段的分发者和接收者的详细信息。利用二维码的高载荷能力和纠错能力，有效记录数据分发路径。在每一次数据分布中，都进行水印提取和重新嵌入。在算法设计方面，设计了一种基于定量指标调制的区间映射可逆水印算法。该算法根据嵌入强度定义子区间，利用分组水印信息调制坐标点，并以所有顶点的平均坐标作为水印提取和数据恢复的关键。实验结果表明，在连续10个周期的嵌入和提取后，该方法仍能成功提取出嵌入的信息。这是在保持高鲁棒性和可控扰动的同时实现的，即使该方案经历了强烈的几何和顶点编辑攻击，如旋转、顶点删除和裁剪。

{"title":"Intervalmapping and QR code based multi-stage reversible watermarking scheme for vector map distribution and source tracing","authors":"Xu Xi, Mingkang Wu, Jie Zhang, Huimin Tian, Jinglong Du","doi":"10.1016/j.jisa.2025.104303","DOIUrl":"10.1016/j.jisa.2025.104303","url":null,"abstract":"<div><div>Digital watermarking is crucial for vector map safeguard, yet current applications focus on watermark response mechanisms targeted at thieves and unauthorized users, existing studies presume data protection in the context of harmful propagation and unlawful use, while ignoring the responsibility tracing of data distributors. To address this issue, this study designs a secure distribution scheme of vector maps using QR codes and a reversible watermarking algorithm to trace and identify both distributor and propagation paths. During watermark encoding, QR codes carry watermark information, recording distributor and recipient details at each distribution stage. By leveraging the high payload capacity and error-correction capability of QR codes, the data distribution path is effectively recorded. With each data distribution, watermark extraction and re-embedding are executed. In terms of algorithm design, a reversible watermarking algorithm based on interval mapping is designed based on quantitative index modulation. The algorithm defines sub-intervals according to embedding strength, modulates coordinate points using grouped watermark information, and uses the average coordinates of all vertices as a key for watermark extraction and data recovery. The experimental results show that the proposed scheme can successfully extract the QR codes and recover the embedded information even after ten consecutive cycles of embedding and extraction. This is achieved while maintaining high robustness and controlled perturbations, even when the scheme undergoes to strong geometric and vertex-editing attacks like rotation, vertex deletion, and cropping.</div></div>","PeriodicalId":48638,"journal":{"name":"Journal of Information Security and Applications","volume":"96 ","pages":"Article 104303"},"PeriodicalIF":3.7,"publicationDate":"2025-11-24","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"145615158","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

引用次数: 0

A privacy-preserving information sharing scheme in online social networks 在线社交网络中保护隐私的信息共享方案

IF 3.7 2区计算机科学 Q2 COMPUTER SCIENCE, INFORMATION SYSTEMS

Journal of Information Security and Applications

Pub Date : 2025-11-21 DOI: 10.1016/j.jisa.2025.104304

Yehong Luo , Nafei Zhu , Jingsha He , Anca Delia Jurcut , Yuzi Yi , Xiangjun Ma , Juan Fang

Information leakage during sharing among users is a critical concern for individuals in online social networks (OSNs). The key to addressing the concern is to align privacy protection policies with the subjective willingness of privacy subjects to maximize the utility of information while achieving privacy protection. In this paper, we propose a new framework that can be used to dynamically modulate the extent of information sharing and privacy protection by regulating the scale of propagation of privacy information. In the proposed framework, we firstly define privacy information propagation conditions (PPCs) and then design a PPC-based privacy-preserving information sharing scheme. This scheme performs privacy risk assessment according to the subjective willingness and the consensus on the sensitivity of privacy information as the basis for trade-offs between privacy protection and information sharing. We introduce PPC-TD3, a variant of Twin Delayed Deep Deterministic policy gradient (TD3) integrated with our PPC framework, to identify decision points that maximize information-sharing utility while ensuring robust privacy protection. Theoretical analysis and extensive experiment show that the proposed framework can optimally balance privacy protection and information sharing through identifying the point where the utility of information is maximized.

在线社交网络（online social network, OSNs）中，用户共享过程中的信息泄露是个人关注的一个重要问题。解决这一问题的关键是使隐私保护政策符合隐私主体的主观意愿，在实现隐私保护的同时实现信息效用最大化。在本文中，我们提出了一个新的框架，可以通过调节隐私信息的传播规模来动态调节信息共享和隐私保护的程度。在该框架中，我们首先定义了隐私信息传播条件（PPCs），然后设计了一个基于PPCs的隐私信息共享方案。该方案根据隐私信息的主观意愿和对隐私信息敏感性的共识进行隐私风险评估，作为隐私保护与信息共享之间权衡的基础。我们引入了PPC-TD3，这是双延迟深度确定性策略梯度（TD3）的一种变体，与我们的PPC框架集成在一起，以确定最大限度地提高信息共享效用的决策点，同时确保强大的隐私保护。理论分析和大量实验表明，该框架通过识别信息效用最大化的点，可以实现隐私保护和信息共享的最优平衡。

{"title":"A privacy-preserving information sharing scheme in online social networks","authors":"Yehong Luo , Nafei Zhu , Jingsha He , Anca Delia Jurcut , Yuzi Yi , Xiangjun Ma , Juan Fang","doi":"10.1016/j.jisa.2025.104304","DOIUrl":"10.1016/j.jisa.2025.104304","url":null,"abstract":"<div><div>Information leakage during sharing among users is a critical concern for individuals in online social networks (OSNs). The key to addressing the concern is to align privacy protection policies with the subjective willingness of privacy subjects to maximize the utility of information while achieving privacy protection. In this paper, we propose a new framework that can be used to dynamically modulate the extent of information sharing and privacy protection by regulating the scale of propagation of privacy information. In the proposed framework, we firstly define privacy information propagation conditions (PPCs) and then design a PPC-based privacy-preserving information sharing scheme. This scheme performs privacy risk assessment according to the subjective willingness and the consensus on the sensitivity of privacy information as the basis for trade-offs between privacy protection and information sharing. We introduce PPC-TD3, a variant of Twin Delayed Deep Deterministic policy gradient (TD3) integrated with our PPC framework, to identify decision points that maximize information-sharing utility while ensuring robust privacy protection. Theoretical analysis and extensive experiment show that the proposed framework can optimally balance privacy protection and information sharing through identifying the point where the utility of information is maximized.</div></div>","PeriodicalId":48638,"journal":{"name":"Journal of Information Security and Applications","volume":"96 ","pages":"Article 104304"},"PeriodicalIF":3.7,"publicationDate":"2025-11-21","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"145569602","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

引用次数: 0

Revocable multi-authority attribute-based keyword search scheme for enhanced security in multi-owner settings 可撤销的基于多授权机构属性的关键字搜索方案，用于增强多所有者设置中的安全性

IF 3.7 2区计算机科学 Q2 COMPUTER SCIENCE, INFORMATION SYSTEMS

Journal of Information Security and Applications

Pub Date : 2025-11-20 DOI: 10.1016/j.jisa.2025.104315

Zongmin Wang, Qiang Wang, Fucai Zhou, Jian Xu

Attribute-based keyword search (ABKS) has emerged as an effective approach for secure, fine-grained data retrieval in encrypted cloud environments. Although traditional ABKS effectively enforces access policies, it suffers from significant limitations in multi-owner settings, where decentralized control and collaborative governance are required. In addition, existing ABKS schemes encounter several unresolved security challenges. First, as ABKS is built upon attribute-based encryption (ABE), it inevitably inherits its shortcomings, including key escrow and single points of failure. Second, it lacks the ability to detect servers that intentionally return incorrect results, while existing verification mechanisms risk exposing sensitive information. Third, misbehaving cloud service providers face no penalty and may continue to provide services without restriction.

To address these challenges, we propose a revocable multi-authority attribute-based keyword search (RMA-ABKS) scheme tailored for multi-owner environments. RMA-ABKS integrates multi-authority ABE with searchable encryption to decentralize trust and eliminate key escrow, while enabling collaborative access policy formulation across multiple owners. For the remaining challenges, we incorporate a blockchain-based blind verification mechanism to ensure result integrity without privacy leakage, and a cryptographic revocation mechanism to disable malicious cloud servers. Formal security proofs demonstrate selective security and resilience, while experimental evaluations confirm computational efficiency comparable to advanced schemes.

基于属性的关键字搜索（ABKS）已经成为加密云环境中安全、细粒度数据检索的有效方法。尽管传统的ABKS有效地执行了访问策略，但它在多所有者设置中存在显着的局限性，其中需要分散控制和协作治理。此外，现有的ABKS方案遇到了一些未解决的安全挑战。首先，由于ABKS建立在基于属性的加密（ABE）之上，它不可避免地继承了它的缺点，包括密钥托管和单点故障。其次，它缺乏检测故意返回错误结果的服务器的能力，而现有的验证机制有暴露敏感信息的风险。第三，行为不端的云服务提供商不会受到处罚，可以继续不受限制地提供服务。为了解决这些挑战，我们提出了一种针对多所有者环境量身定制的可撤销的多权威基于属性的关键字搜索（RMA-ABKS）方案。RMA-ABKS将多权威ABE与可搜索加密集成在一起，以分散信任并消除密钥托管，同时实现跨多个所有者的协作访问策略制定。对于剩下的挑战，我们采用了基于区块链的盲验证机制来确保结果的完整性而不会泄露隐私，并采用了加密撤销机制来禁用恶意云服务器。正式的安全证明证明了选择性安全性和弹性，而实验评估证实了与高级方案相当的计算效率。

{"title":"Revocable multi-authority attribute-based keyword search scheme for enhanced security in multi-owner settings","authors":"Zongmin Wang, Qiang Wang, Fucai Zhou, Jian Xu","doi":"10.1016/j.jisa.2025.104315","DOIUrl":"10.1016/j.jisa.2025.104315","url":null,"abstract":"<div><div>Attribute-based keyword search (ABKS) has emerged as an effective approach for secure, fine-grained data retrieval in encrypted cloud environments. Although traditional ABKS effectively enforces access policies, it suffers from significant limitations in multi-owner settings, where decentralized control and collaborative governance are required. In addition, existing ABKS schemes encounter several unresolved security challenges. First, as ABKS is built upon attribute-based encryption (ABE), it inevitably inherits its shortcomings, including key escrow and single points of failure. Second, it lacks the ability to detect servers that intentionally return incorrect results, while existing verification mechanisms risk exposing sensitive information. Third, misbehaving cloud service providers face no penalty and may continue to provide services without restriction.</div><div>To address these challenges, we propose a revocable multi-authority attribute-based keyword search (RMA-ABKS) scheme tailored for multi-owner environments. RMA-ABKS integrates multi-authority ABE with searchable encryption to decentralize trust and eliminate key escrow, while enabling collaborative access policy formulation across multiple owners. For the remaining challenges, we incorporate a blockchain-based blind verification mechanism to ensure result integrity without privacy leakage, and a cryptographic revocation mechanism to disable malicious cloud servers. Formal security proofs demonstrate selective security and resilience, while experimental evaluations confirm computational efficiency comparable to advanced schemes.</div></div>","PeriodicalId":48638,"journal":{"name":"Journal of Information Security and Applications","volume":"96 ","pages":"Article 104315"},"PeriodicalIF":3.7,"publicationDate":"2025-11-20","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"145569603","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

引用次数: 0

Reversible data hiding in encrypted images using adaptive block-level pixel difference encoding 可逆数据隐藏在加密图像使用自适应块级像素差异编码

IF 3.7 2区计算机科学 Q2 COMPUTER SCIENCE, INFORMATION SYSTEMS

Journal of Information Security and Applications

Pub Date : 2025-11-18 DOI: 10.1016/j.jisa.2025.104316

Hua Ren, Zhen Yue, Ming Li

The blooming cloud storage has brought great convenience for users to upload multimedia data on remote cloud servers and efficiently access the uploaded data through terminals. With the accumulation of user data, how to effectively manage cloud user data while ensuring security becomes particularly important. Reversible Data Hiding in Encrypted Images (RDHEI) is an effective privacy-preserving technology that can embed user identity information, tags, time stamps or other data into encrypted images to facilitate the management of multi-user data. However, the capacity of existing RDHEI methods is not ideal due to the less redundancy in encrypted images. In this paper, a high-capacity RDHEI method using Adaptive Block-level Pixel Difference Encoding (ABPDE) is proposed. Firstly, the content owner uses the block modulation and permutation to encrypt the original image to preserve some redundant space. Secondly, the data hider counts the frequency of occurrence of pixel differences and uses adaptive Huffman encoding to mark the encrypted pixels as embeddable and non-embeddable pixels. The generated Huffman table is embedded into some reference pixels, the side information consisting of the replaced reference pixels and non-embeddable bits is embedded into some embeddable pixels, and the remaining embeddable pixels are used to carry additional data. Finally, a receiver holding the relevant keys can extract the embedded data without errors and reversibly recover the original image. Extensive simulations illustrate that the proposed method is superior to state-of-the-art methods in capacity and security, and the average embedding rates are at least 0.2845 bpp and 0.2900 bpp higher than other state-of-the-art methods on the BOSSbase and BOWS-2 databases, respectively.

蓬勃发展的云存储为用户在远程云服务器上上传多媒体数据以及通过终端高效访问上传的数据带来了极大的便利。随着用户数据的积累，如何在保证安全的同时对云用户数据进行有效管理显得尤为重要。加密图像中的可逆数据隐藏（rdhi）是一种有效的隐私保护技术，它可以将用户身份信息、标签、时间戳或其他数据嵌入到加密图像中，以方便多用户数据的管理。然而，由于加密图像的冗余较少，现有的rdhi方法的容量并不理想。本文提出了一种基于自适应块级像素差编码（ABPDE）的大容量rdhi方法。首先，内容所有者使用分组调制和排列对原始图像进行加密，以保留冗余空间；其次，数据隐藏器计算像素差异出现的频率，并使用自适应霍夫曼编码将加密像素标记为可嵌入像素和不可嵌入像素。将生成的霍夫曼表嵌入到一些参考像素中，将替换的参考像素和不可嵌入位组成的边信息嵌入到一些可嵌入像素中，剩余的可嵌入像素用于携带附加数据。最后，接收器持有相应的密钥，可以准确无误地提取嵌入的数据，并可逆地恢复原始图像。大量的仿真结果表明，该方法在容量和安全性方面都优于目前最先进的方法，并且在bosssbase和BOWS-2数据库上的平均嵌入率分别比其他最先进的方法高0.2845 bpp和0.2900 bpp。

{"title":"Reversible data hiding in encrypted images using adaptive block-level pixel difference encoding","authors":"Hua Ren, Zhen Yue, Ming Li","doi":"10.1016/j.jisa.2025.104316","DOIUrl":"10.1016/j.jisa.2025.104316","url":null,"abstract":"<div><div>The blooming cloud storage has brought great convenience for users to upload multimedia data on remote cloud servers and efficiently access the uploaded data through terminals. With the accumulation of user data, how to effectively manage cloud user data while ensuring security becomes particularly important. Reversible Data Hiding in Encrypted Images (RDHEI) is an effective privacy-preserving technology that can embed user identity information, tags, time stamps or other data into encrypted images to facilitate the management of multi-user data. However, the capacity of existing RDHEI methods is not ideal due to the less redundancy in encrypted images. In this paper, a high-capacity RDHEI method using Adaptive Block-level Pixel Difference Encoding (ABPDE) is proposed. Firstly, the content owner uses the block modulation and permutation to encrypt the original image to preserve some redundant space. Secondly, the data hider counts the frequency of occurrence of pixel differences and uses adaptive Huffman encoding to mark the encrypted pixels as embeddable and non-embeddable pixels. The generated Huffman table is embedded into some reference pixels, the side information consisting of the replaced reference pixels and non-embeddable bits is embedded into some embeddable pixels, and the remaining embeddable pixels are used to carry additional data. Finally, a receiver holding the relevant keys can extract the embedded data without errors and reversibly recover the original image. Extensive simulations illustrate that the proposed method is superior to state-of-the-art methods in capacity and security, and the average embedding rates are at least 0.2845 bpp and 0.2900 bpp higher than other state-of-the-art methods on the BOSSbase and BOWS-2 databases, respectively.</div></div>","PeriodicalId":48638,"journal":{"name":"Journal of Information Security and Applications","volume":"96 ","pages":"Article 104316"},"PeriodicalIF":3.7,"publicationDate":"2025-11-18","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"145569600","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

引用次数: 0

PER-AE-DRL: A malicious traffic detection model based on prioritized experience replay and adversarial mechanism PER-AE-DRL：一种基于优先体验重放和对抗机制的恶意流量检测模型

IF 3.7 2区计算机科学 Q2 COMPUTER SCIENCE, INFORMATION SYSTEMS

Journal of Information Security and Applications

Pub Date : 2025-11-18 DOI: 10.1016/j.jisa.2025.104298

Peihao Liu, Yuntao Zhao, Yongxin Feng

With the rapid advancement of information technology, cybersecurity threats have become more sophisticated, making network intrusion detection vital for ensuring network security. Although existing detection methods have made significant progress in identifying malicious traffic, data class imbalance remains a key challenge. This paper proposes a deep reinforcement learning-based malicious traffic detection model that integrates an adversarial mechanism and Prioritized Experience Replay (PER). First, an environment agent is introduced into the Dueling Double Deep Q-Network (Dueling DDQN) framework to address the data imbalance by resampling the training set. Then, a TD-error-based prioritized experience replay mechanism is introduced, which prioritizes samples with larger TD errors during neural network updates, thereby accelerating model convergence and enhancing learning ability for minority class samples. Finally, through multi-class classification experiments on the NSL-KDD and CIC-IDS2017 datasets, the proposed model achieved an accuracy of 83.41% and an F1 score of 83.39% on the NSL-KDD dataset. On the CIC-IDS2017 dataset, the model achieved both an accuracy and an F1 score exceeding 99%.

随着信息技术的飞速发展，网络安全威胁日趋复杂，网络入侵检测对于保障网络安全至关重要。尽管现有的检测方法在识别恶意流量方面取得了重大进展，但数据类不平衡仍然是一个关键挑战。本文提出了一种基于深度强化学习的恶意流量检测模型，该模型集成了对抗机制和优先体验重放（PER）。首先，在Dueling Double Deep Q-Network （Dueling DDQN）框架中引入环境代理，通过对训练集进行重采样来解决数据不平衡问题。然后，引入一种基于TD误差的优先经验重放机制，在神经网络更新时优先考虑TD误差较大的样本，从而加快模型收敛速度，增强对少数类样本的学习能力。最后，通过在NSL-KDD和CIC-IDS2017数据集上的多类分类实验，该模型在NSL-KDD数据集上的准确率达到83.41%，F1分数达到83.39%。在CIC-IDS2017数据集上，该模型的准确率和F1得分均超过99%。

{"title":"PER-AE-DRL: A malicious traffic detection model based on prioritized experience replay and adversarial mechanism","authors":"Peihao Liu, Yuntao Zhao, Yongxin Feng","doi":"10.1016/j.jisa.2025.104298","DOIUrl":"10.1016/j.jisa.2025.104298","url":null,"abstract":"<div><div>With the rapid advancement of information technology, cybersecurity threats have become more sophisticated, making network intrusion detection vital for ensuring network security. Although existing detection methods have made significant progress in identifying malicious traffic, data class imbalance remains a key challenge. This paper proposes a deep reinforcement learning-based malicious traffic detection model that integrates an adversarial mechanism and Prioritized Experience Replay (PER). First, an environment agent is introduced into the Dueling Double Deep Q-Network (Dueling DDQN) framework to address the data imbalance by resampling the training set. Then, a TD-error-based prioritized experience replay mechanism is introduced, which prioritizes samples with larger TD errors during neural network updates, thereby accelerating model convergence and enhancing learning ability for minority class samples. Finally, through multi-class classification experiments on the NSL-KDD and CIC-IDS2017 datasets, the proposed model achieved an accuracy of 83.41% and an F1 score of 83.39% on the NSL-KDD dataset. On the CIC-IDS2017 dataset, the model achieved both an accuracy and an F1 score exceeding 99%.</div></div>","PeriodicalId":48638,"journal":{"name":"Journal of Information Security and Applications","volume":"96 ","pages":"Article 104298"},"PeriodicalIF":3.7,"publicationDate":"2025-11-18","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"145569601","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

引用次数: 0

CTFAgent: An LLM-powered Agent for CTF Challenge Solving CTFAgent：一个llm驱动的CTF挑战解决代理

IF 3.7 2区计算机科学 Q2 COMPUTER SCIENCE, INFORMATION SYSTEMS

Journal of Information Security and Applications

Pub Date : 2025-11-18 DOI: 10.1016/j.jisa.2025.104305

Yuwen Zou , Jia Liu , Wenjun Fan

Capture-the-Flag (CTF) competitions play an important role in the cybersecurity landscape by simulating realistic attack and defense scenarios and offering diverse categories of challenges. This diversity demands flexible reasoning and adaptive problem-solving, which traditional automation tools struggle to provide, as they are typically designed for specific tasks. Large Language Models (LLMs) with their vast knowledge and strong reasoning capabilities, present a promising approach to overcome these limitations. In this work, we propose CTFAgent, an LLM-powered agent featuring a new plan-and-execute paradigm with a stateful task tree for long-horizon reasoning. To handle diverse challenges, CTFAgent integrates challenge-specific prompting and specialized tools for multimodal analysis and concrete operations. The agent comprises two modes: a fully automated mode and a human-in-the-loop (HITL) mode, which incorporates human operational support for tool execution beyond the automation. Evaluated on challenges from PicoCTF with GPT-4o, Gemini-2.5-Pro and DeepSeek-V3, CTFAgent outperforms 88% of human teams in its automated mode. This performance rises significantly in HITL mode, where it surpasses approximately 94% of teams. These results demonstrate that CTFAgent can effectively solve a wide range of complex tasks, highlighting the potential of LLM-powered agents to advance autonomous cybersecurity solutions.

夺旗（CTF）竞赛通过模拟真实的攻击和防御场景，并提供不同类别的挑战，在网络安全领域发挥着重要作用。这种多样性需要灵活的推理和自适应的问题解决，这是传统自动化工具难以提供的，因为它们通常是为特定的任务设计的。大型语言模型（llm）具有丰富的知识和强大的推理能力，为克服这些限制提供了一种有希望的方法。在这项工作中，我们提出了CTFAgent，一个llm驱动的代理，具有新的计划和执行范式，具有用于长期推理的有状态任务树。为了应对各种挑战，CTFAgent集成了针对特定挑战的提示和用于多模态分析和具体操作的专用工具。代理包括两种模式：一种是完全自动化模式，另一种是人在循环（HITL）模式，后者在自动化之外包含了对工具执行的人工操作支持。通过使用gpt - 40、Gemini-2.5-Pro和DeepSeek-V3对PicoCTF的挑战进行评估，CTFAgent在自动化模式下的表现优于88%的人工团队。这种性能在HITL模式下显著提高，超过了大约94%的团队。这些结果表明，CTFAgent可以有效地解决广泛的复杂任务，突出了llm驱动的代理在推进自主网络安全解决方案方面的潜力。

{"title":"CTFAgent: An LLM-powered Agent for CTF Challenge Solving","authors":"Yuwen Zou , Jia Liu , Wenjun Fan","doi":"10.1016/j.jisa.2025.104305","DOIUrl":"10.1016/j.jisa.2025.104305","url":null,"abstract":"<div><div>Capture-the-Flag (CTF) competitions play an important role in the cybersecurity landscape by simulating realistic attack and defense scenarios and offering diverse categories of challenges. This diversity demands flexible reasoning and adaptive problem-solving, which traditional automation tools struggle to provide, as they are typically designed for specific tasks. Large Language Models (LLMs) with their vast knowledge and strong reasoning capabilities, present a promising approach to overcome these limitations. In this work, we propose CTFAgent, an LLM-powered agent featuring a new plan-and-execute paradigm with a stateful task tree for long-horizon reasoning. To handle diverse challenges, CTFAgent integrates challenge-specific prompting and specialized tools for multimodal analysis and concrete operations. The agent comprises two modes: a fully automated mode and a human-in-the-loop (HITL) mode, which incorporates human operational support for tool execution beyond the automation. Evaluated on challenges from PicoCTF with GPT-4o, Gemini-2.5-Pro and DeepSeek-V3, CTFAgent outperforms 88% of human teams in its automated mode. This performance rises significantly in HITL mode, where it surpasses approximately 94% of teams. These results demonstrate that CTFAgent can effectively solve a wide range of complex tasks, highlighting the potential of LLM-powered agents to advance autonomous cybersecurity solutions.</div></div>","PeriodicalId":48638,"journal":{"name":"Journal of Information Security and Applications","volume":"96 ","pages":"Article 104305"},"PeriodicalIF":3.7,"publicationDate":"2025-11-18","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"145569604","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

引用次数: 0

Enhancing black-box membership inference attacks in federated learning 增强联邦学习中的黑盒成员推理攻击

IF 3.7 2区计算机科学 Q2 COMPUTER SCIENCE, INFORMATION SYSTEMS

Journal of Information Security and Applications

Pub Date : 2025-11-15 DOI: 10.1016/j.jisa.2025.104302

Qiang Shi, Luzhen Ren, Xinfeng He

With the widespread deployment of machine learning models in privacy-sensitive domains such as healthcare and finance, the risk of training data leakage has attracted increasing attention. As a fundamental approach for evaluating model privacy leakage, Membership Inference Attack (MIA) has been extensively studied in distributed learning scenarios such as Federated Learning (FL). However, under black-box settings, attackers face severe challenges, including the unavailability of real non-member samples and the inaccessibility of target model architectures, which limit the generalization and accuracy of existing methods. To address these limitations, this paper proposes a DCGAN-enhanced black-box MIA framework, whose innovations are reflected in three major aspects: (1) a discriminator-guided pseudo-sample filtering mechanism that ensures the authenticity and diversity of non-member data; (2) a multi-shadow-model softmax high-dimensional concatenation strategy, which fuses the softmax probability outputs from multiple shadow models to construct discriminative high-dimensional attack representations; and (3) a SMOTE-based balancing module designed to mitigate class imbalance and further improve the generalization of the attack model. The proposed framework significantly enhances the discriminative capability and robustness of black-box MIAs without accessing the internal parameters or training procedures of the target model. Extensive experiments demonstrate that our method consistently outperforms state-of-the-art baselines across multiple federated learning protocols (FedAvg, FedMD, and FedProx) and benchmark datasets (CIFAR-10, CIFAR-100, Fashion-MNIST, and SVHN), achieving an accuracy of 0.9897, an AUC of 0.9899, and a TPR@FPR=1% of 0.9967. These results verify the robustness, generalizability, and wide applicability of the proposed framework, providing a systematic and scalable solution for privacy evaluation in federated learning environments.

随着机器学习模型在医疗保健和金融等隐私敏感领域的广泛应用，培训数据泄露的风险越来越受到关注。隶属关系推理攻击（MIA）作为评估模型隐私泄露的基本方法，在联邦学习（FL）等分布式学习场景中得到了广泛的研究。然而，在黑盒设置下，攻击者面临着严峻的挑战，包括真实非成员样本的不可获得性和目标模型体系结构的不可访问性，这限制了现有方法的泛化和准确性。针对这些局限性，本文提出了一种基于dcgan的黑箱MIA框架，其创新主要体现在三个方面：(1)采用了鉴别器引导的伪样本过滤机制，保证了非成员数据的真实性和多样性；(2)多阴影模型softmax高维拼接策略，融合多个阴影模型的softmax概率输出，构建判别性高维攻击表征；(3)基于smote的平衡模块，旨在缓解类不平衡，进一步提高攻击模型的泛化性。该框架在不访问目标模型内部参数或训练过程的情况下，显著提高了黑箱MIAs的判别能力和鲁棒性。广泛的实验表明，我们的方法在多个联邦学习协议（fedag、FedMD和FedProx）和基准数据集（CIFAR-10、CIFAR-100、fashionon - mnist和SVHN）上始终优于最先进的基线，实现了0.9897的准确率，0.9899的AUC和TPR@FPR=1%的0.9967。这些结果验证了所提出框架的鲁棒性、泛化性和广泛适用性，为联邦学习环境中的隐私评估提供了系统和可扩展的解决方案。

{"title":"Enhancing black-box membership inference attacks in federated learning","authors":"Qiang Shi, Luzhen Ren, Xinfeng He","doi":"10.1016/j.jisa.2025.104302","DOIUrl":"10.1016/j.jisa.2025.104302","url":null,"abstract":"<div><div>With the widespread deployment of machine learning models in privacy-sensitive domains such as healthcare and finance, the risk of training data leakage has attracted increasing attention. As a fundamental approach for evaluating model privacy leakage, Membership Inference Attack (MIA) has been extensively studied in distributed learning scenarios such as Federated Learning (FL). However, under black-box settings, attackers face severe challenges, including the unavailability of real non-member samples and the inaccessibility of target model architectures, which limit the generalization and accuracy of existing methods. To address these limitations, this paper proposes a DCGAN-enhanced black-box MIA framework, whose innovations are reflected in three major aspects: (1) a discriminator-guided pseudo-sample filtering mechanism that ensures the authenticity and diversity of non-member data; (2) a multi-shadow-model softmax high-dimensional concatenation strategy, which fuses the softmax probability outputs from multiple shadow models to construct discriminative high-dimensional attack representations; and (3) a SMOTE-based balancing module designed to mitigate class imbalance and further improve the generalization of the attack model. The proposed framework significantly enhances the discriminative capability and robustness of black-box MIAs without accessing the internal parameters or training procedures of the target model. Extensive experiments demonstrate that our method consistently outperforms state-of-the-art baselines across multiple federated learning protocols (FedAvg, FedMD, and FedProx) and benchmark datasets (CIFAR-10, CIFAR-100, Fashion-MNIST, and SVHN), achieving an accuracy of 0.9897, an AUC of 0.9899, and a TPR@FPR=1% of 0.9967. These results verify the robustness, generalizability, and wide applicability of the proposed framework, providing a systematic and scalable solution for privacy evaluation in federated learning environments.</div></div>","PeriodicalId":48638,"journal":{"name":"Journal of Information Security and Applications","volume":"96 ","pages":"Article 104302"},"PeriodicalIF":3.7,"publicationDate":"2025-11-15","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"145520857","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

引用次数: 0

Cybersecurity Digital Twins: Concept, blueprint, and challenges for multi-ownership digital service chains 网络安全数字孪生：多所有权数字服务链的概念、蓝图和挑战

IF 3.7 2区计算机科学 Q2 COMPUTER SCIENCE, INFORMATION SYSTEMS

Journal of Information Security and Applications

Pub Date : 2025-11-15 DOI: 10.1016/j.jisa.2025.104299

M. Repetto

The growing level of interconnectedness of digital services and infrastructures creates tight and recursive security inter-dependencies between their providers. However, cybersecurity operations remain highly fragmented, since common tasks like disclosing vulnerabilities, reporting alerts, and suggesting remediation are largely restricted within the boundaries of the administrative domain of each provider, while cooperation is usually limited to paperwork and human interactions. This practice has already demonstrated to be inadequate and risky, because it cannot effectively address multi-step attacks and kill chains that propagate across multiple domains.

In this position paper, we elaborate on the concept, blueprint, and usage of a Cyber-security Digital Twin that models and captures the security posture of such interconnected systems. Differently from existing models, our work explicitly addresses the challenges brought by multi-ownership, by focusing on the overall architecture to build cooperative, agile, adaptive and autonomous processes for threat hunting, detection of lateral movements, and eradication of attacks among multiple domains. For this reason, our framework takes into account the necessary federation mechanisms that address trust and confidentiality concerns.

数字服务和基础设施的互联程度不断提高，在它们的提供商之间产生了紧密的、递归的安全相互依赖关系。然而，网络安全运营仍然高度分散，因为披露漏洞、报告警报和建议补救等常见任务在很大程度上限制在每个提供商的管理领域范围内，而合作通常仅限于文书工作和人际互动。这种做法已经被证明是不充分和有风险的，因为它不能有效地处理跨多个域传播的多步骤攻击和杀伤链。在这份意见书中，我们详细阐述了网络安全数字孪生模型的概念、蓝图和用法，该模型可以模拟和捕获此类互联系统的安全状态。与现有模型不同，我们的工作明确解决了多所有权带来的挑战，通过关注整体架构来构建合作，敏捷，自适应和自主的过程，用于威胁狩猎，检测横向移动，并消除多个领域的攻击。出于这个原因，我们的框架考虑了解决信任和机密性问题的必要联合机制。

{"title":"Cybersecurity Digital Twins: Concept, blueprint, and challenges for multi-ownership digital service chains","authors":"M. Repetto","doi":"10.1016/j.jisa.2025.104299","DOIUrl":"10.1016/j.jisa.2025.104299","url":null,"abstract":"<div><div>The growing level of interconnectedness of digital services and infrastructures creates tight and recursive security inter-dependencies between their providers. However, cybersecurity operations remain highly fragmented, since common tasks like disclosing vulnerabilities, reporting alerts, and suggesting remediation are largely restricted within the boundaries of the administrative domain of each provider, while cooperation is usually limited to paperwork and human interactions. This practice has already demonstrated to be inadequate and risky, because it cannot effectively address multi-step attacks and kill chains that propagate across multiple domains.</div><div>In this position paper, we elaborate on the concept, blueprint, and usage of a Cyber-security Digital Twin that models and captures the security posture of such interconnected systems. Differently from existing models, our work explicitly addresses the challenges brought by multi-ownership, by focusing on the overall architecture to build cooperative, agile, adaptive and autonomous processes for threat hunting, detection of lateral movements, and eradication of attacks among multiple domains. For this reason, our framework takes into account the necessary federation mechanisms that address trust and confidentiality concerns.</div></div>","PeriodicalId":48638,"journal":{"name":"Journal of Information Security and Applications","volume":"96 ","pages":"Article 104299"},"PeriodicalIF":3.7,"publicationDate":"2025-11-15","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"145520858","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

引用次数: 0