Journal of Information Security and Applications最新文献

Android malware uses anti-reverse analysis and APK shelling technology, which leads to the failure of the classification method based on decompiled features and the reduction of the classification accuracy based on single file features. Moreover, the lack of samples in some families of Android malware makes the classification model based on sample learning ineffective. To solve the above problems, this paper proposes a two-layer general framework for Android malware classification and adversarial training named GMADV, which enhances classifier performance through adversarial training. In the sample classification layer, based on the transformation method of the Markov model, it is proposed for the first time to convert the three files in the APK into RGB Markov images, and use VGG13 to automatically extract features and classification; In the variant amplification layer, the idea of "regression for generation" is firstly proposed, and GMM-GAN based on Gaussian process is designed to amplify the diversity of samples within the family. The experimental results show that RGB Markov images have better classification performance than grayscale images. On the three datasets, the classification effect after amplification has been improved to varying degrees, and all F1_Score reaches 95 %. Compared with other methods, GMADV has stronger family sample amplification ability and greater adversarial intensity.

Context-aware steganography techniques are quite popular due to their robustness. However, steganography techniques are misused to hide inappropriate information in some occurrences. In this paper, a new entropy-driven convolutional neural network is proposed to detect a stego-image. The proposed steganalysis method divides images into multiple sub-regions, and the highest entropy sub-regions are utilized for training the network. Small block size is used to eliminate the requirement of a pooling layer and to intact the flow of information content between the layers. A pooling layer is commonly used between the layers to reduce the size of the block at the cost of some information loss. The proposed method uses only sixteen non-trainable 3 × 3 size kernels, rather than thirty 3 × 3 and 5 × 5 size kernels used in the previous networks. In the proposed method, one global average pooling layer is considered to boost the performance at the last part of the network. The proposed method reduces the computational cost and improves detection accuracy. The proposed scheme is verified in the experimental analysis on the content-aware steganography algorithms, i.e., WOW, S-UNIWARD, and HILL, with multiple payloads. Two publicly available databases, i.e., BOWS2 and BOSSBase, are used to create numerous test scenarios.

The growing integration of mobile applications for user authentication has revolutionized user interactions with digital platforms, offering novel possibilities in user experience (UX). However, this paradigm shift poses significant security challenges. Leveraging smartphones for authentication purposes provides convenient and swift access to services, streamlining user interactions with various platforms through simple taps. Several institutions adopt static QR Codes generated from primary, unchanging user data (e.g., individual citizen national identification numbers) for physical authentication procedures like access turnstiles. However, relying on static data introduces critical security vulnerabilities as this data is susceptible to compromise. Implementing an One-Time Authentication Code (OTAC) approach appears promising in addressing these issues. Nevertheless, the absence of an integrated solution for developing a physical authentication process using OTAC leads to suboptimal API user experiences (UX APIs) and subsequent security vulnerabilities. In response to this challenge, we introduce Auth4App, a protocol set designed for identification and authentication using mobile applications. Auth4App comprises two core protocols: one dedicated to linking user credentials to mobile devices (i.e., identification), and the other for generating OTAC. We showcase the adaptability and practicality of Auth4App through three distinct case studies: a mobile-only scenario, integration of mobile devices with a turnstile, and integration of Auth4App with FIDO2. To ensure the robustness of the security protocols, Auth4App is evaluated using automated verification tools and argument proofs, solidifying the system’s reliability.

In the current age of constrained local storage capacity, ensuring the security and privacy of user data against unauthorized third-party access has grown significantly more vital. Searchable Encryption (SE) has arisen as a promising method for preserving the confidentiality of user data while also enabling efficient search capabilities. Certificateless Searchable Encryption (CLSE) stands out among a range of SE cryptosystems by effectively addressing issues related to certification management and key escrow. Nevertheless, the majority of current CLSE approaches heavily depend on computationally intensive bilinear pairings and do not offer robust support for conjunctive keyword searches in multi-receiver scenarios. To address these limitations, we propose a Pairing-free Dynamic Multi-receiver Certificateless Authenticated Searchable Encryption (PDMCLASE) scheme. PDMCLASE focuses on three essential features: (1) Dynamic multi-receiver functionality, enabling new data receivers to access documents while revoking access for existing receivers; (2) Conjunctive subset keyword search, empowering data receivers to perform efficient conjunctive searches on subsets of keywords; and (3) Data sender authentication, ensuring the authenticity of keyword encryption by the data sender. Furthermore, PDMCLASE attains keyword privacy by leveraging elliptic curve hardness problems within the standard model. Through our performance analysis, we establish that PDMCLASE not only delivers improved functionality but also demonstrates reduced computational overhead when compared to alternative schemes.

With the exponential growth of online videos and the availability of advanced video editing tools, the integrity of videos is increasingly threatened by various cyber-based attacks, particularly recompression attacks. Different recompression parameters are used for various attack scenarios. However, recompression operations can modify video data and cause authentication failures, especially for videos with integrated authentication information. To address this issue, this research proposes a robust video data concealing strategy to protect authentication information during recompression operations. By analyzing the impact of recompression on the reference and encoded components of a video, a robust embedding entity is developed. This entity enables the identification of suitable embedding parameters that minimize distortion caused by recompression. Based on the embedding entity and parameters, a scheme is proposed to hide data using two embedding methods, thereby enhancing the robustness of the overall approach. The performance of the scheme is evaluated based on criteria such as the correct rate of extracted information and the quality of marked videos. Hypothesis testing is employed to assess the confidence level. In comparison to existing robust video data hiding methods against recompression, our scheme demonstrates the ability to preserve more information during recompression, particularly with Quantization Parameters (QP) ranging from 25 to 34. This is achieved when the test videos are initially compressed with QP=28.

The public blockchain lacks data confidentiality. Although a level of anonymity seems guaranteed, it is still possible to link transactions and disclose related information. A solution to the privacy problem is to use cryptography in transactions, however this can lead to increased costs and slowdown in network throughput. Recent works experiment with advanced cryptography, in particular Zero-Knowledge proofs (ZK-proofs) can be supplied within a transaction to prove its validity, without revealing sensitive information. We analyze solutions that adopt ZK-proofs, such as Confidential Transactions (CTs). Several challenges emerge depending on both the zero-knowledge system and the balance model considered (UTXO, hybrid or account model). For ZK-proofs, systems that do not introduce additional trust are required. On the other hand, the account model is the most flexible for addressing security challenges. Moreover, CTs do not fully exploit the potential of ZK-proofs, since each transaction comes with one or more ZK-proof for a single transfer. Within this paper, we present ZeroMT, a novel multi-transfer private payment scheme for account-based blockchains. Drawing inspiration from Zether, our approach extends their work to develop a payment model that supports multiple payees within a single transaction. This also benefits scalability: ZeroMT enriches the CTs with the aggregation property, i.e., the batch verification of multiple transfers from a single and aggregate proof. We show that in our extended model the overdraft-safety and privacy security properties still hold. We provide an implementation and evaluation of ZeroMT, which shows the benefits of aggregating multiple transfers.

For confidential transmission of information over open channels, image encryption algorithms offer a vital method to safeguard content. Traditional ciphers often prove inefficient for large, correlated content like digital images. To address this, DNA and digital chaos are utilized in the creation of numerous image ciphers. Most DNA chaotic image ciphers utilize DNA bases for substitution and chaotic maps for permutation operations. This paper introduces a novel approach wherein the secret key is generated by a DNA tree, providing complete control over all components of the image cipher. A new chaotic state machine map (CSMM) is proposed, incorporating a finite state machine and a one-dimensional (1D) perturbed logistic chaotic map controlled by a DNA state transition table. The CSMM enhances security while maintaining efficient implementation. The DNA tree is employed to generate a DNA table consisting of 256 values representing DNA bases. This table is used to convert digital images into DNA bases and chaotic points into DNA bases. Chaotic DNA bases facilitate permutation operations, while the DNA table is utilized to generate a DNA S-box for substitution operations. The encryption process involves two rounds of permutations and substitutions, coupled with XOR operations, using all DNA bases in the digital image. The resulting cipher effectively encrypts digital images of various sizes and types. Experimental results demonstrate that the proposed cipher generates noise-like images and withstands rigorous security tests, including differential attack analysis and entropy measurements, all accomplished in a short amount of time.

With the rapid development of deep learning and face recognition technology, AI(Artificial Intelligence) experts have rated Deepfake cheating as the top AI threat. It is difficult for the human eye to distinguish the fake face images generated by Deepfake. Therefore, it has become a popular tool for criminals to seek benefits. Deepfake can be mainly divided into two types, a manipulated Deepfake that falsifies images of others by targeting real faces, and a synthetic Deepfake using GAN to generate a new fake image. So far, seldom cybersecurity system is able to detect these two types simultaneously. In this article, we aim to propose a hybrid Deepfake detection mechanism (HDDM) based on face texture and naturalness degree. HDDM constructs a unique texture from a facial image based on CNN(Convolutional Neural Network) and builds a naturalness degree recognition model via DNN(Deep Neural Network) to help cheating detection. Experimental results have proved that HDDM possesses a sound effect and stability for synthetic and manipulated Deepfake attacks. In particular, the WildDeepfake simulation has demonstrated the possibility of applying HDDM to the real world.

NTRU is a lattice-based cryptosystem built on a convolutional ring of polynomials. There are many generalizations of NTRU in the literature; however, group ring NTRU, or GR-NTRU, is the most reasonable description of NTRU as a general framework to design its variants. Most versions are commutative and are obtained by changing the ring of coefficients while keeping the cyclic structure intact. In this work, we analyze the noncommutative version of GR-NTRU designed with the group ring of dihedral group over the ring of Eisenstein integers. We experimentally test the size of the keyspace of this new variant and find that it is comparable and even larger for certain parameters compared to the existing commutative counterpart. We observe that although it is slightly slow in terms of speed of encryption and decryption, it has higher lattice security.