Ye Bai, Weiwei Jiang, Jianbin Mu, Shang Liu, Weixi Gu, Shuke Wang
The rapid proliferation of Internet of Things (IoT) devices has revolutionized various industries by enabling smart grids, smart cities, and other applications that rely on seamless connectivity and real-time data processing. However, this growth has also introduced significant security challenges due to the scale, heterogeneity, and resource constraints of IoT systems. Traditional intrusion detection systems (IDS) often struggle to address these challenges effectively, as they require centralized data collection and processing, which raises concerns about data privacy, communication overhead, and scalability. To address these issues, this paper investigates the application of federated learning for network intrusion detection in IoT environments. We first evaluate a range of machine learning (ML) and deep learning (DL) models, finding that the random forest model achieves the highest classification accuracy. We then propose a federated learning approach that allows distributed IoT devices to collaboratively train ML models without sharing raw data, thereby preserving privacy and reducing communication costs. Experimental results using the UNSW-NB15 dataset demonstrate that this approach achieves promising outcomes in the IoT context, with minimal performance degradation compared to centralized learning. Our findings highlight the potential of federated learning as an effective, decentralized solution for network intrusion detection in IoT environments, addressing critical challenges, such as data privacy, heterogeneity, and scalability.
{"title":"Enhancing IoT Security via Federated Learning: A Comprehensive Approach to Intrusion Detection","authors":"Ye Bai, Weiwei Jiang, Jianbin Mu, Shang Liu, Weixi Gu, Shuke Wang","doi":"10.1049/ise2/8432654","DOIUrl":"10.1049/ise2/8432654","url":null,"abstract":"<p>The rapid proliferation of Internet of Things (IoT) devices has revolutionized various industries by enabling smart grids, smart cities, and other applications that rely on seamless connectivity and real-time data processing. However, this growth has also introduced significant security challenges due to the scale, heterogeneity, and resource constraints of IoT systems. Traditional intrusion detection systems (IDS) often struggle to address these challenges effectively, as they require centralized data collection and processing, which raises concerns about data privacy, communication overhead, and scalability. To address these issues, this paper investigates the application of federated learning for network intrusion detection in IoT environments. We first evaluate a range of machine learning (ML) and deep learning (DL) models, finding that the random forest model achieves the highest classification accuracy. We then propose a federated learning approach that allows distributed IoT devices to collaboratively train ML models without sharing raw data, thereby preserving privacy and reducing communication costs. Experimental results using the UNSW-NB15 dataset demonstrate that this approach achieves promising outcomes in the IoT context, with minimal performance degradation compared to centralized learning. Our findings highlight the potential of federated learning as an effective, decentralized solution for network intrusion detection in IoT environments, addressing critical challenges, such as data privacy, heterogeneity, and scalability.</p>","PeriodicalId":50380,"journal":{"name":"IET Information Security","volume":"2025 1","pages":""},"PeriodicalIF":2.6,"publicationDate":"2025-09-15","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"https://ietresearch.onlinelibrary.wiley.com/doi/epdf/10.1049/ise2/8432654","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"145062618","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":4,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"OA","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Blockchain technology has reshaped numerous industries by providing secure and transparent transactional platforms. This paper delves into the intersection of blockchain analytics and artificial intelligence (AI) to advance transaction analysis. The primary aim is to bolster fraud detection and enhance transaction efficiency. Through a comprehensive literature review, we identify gaps in existing knowledge and lay the groundwork for our research. We introduce a novel transaction-hybrid model developed using machine learning (ML) algorithms, including support vector machines (SVMs), K-nearest neighbors (KNNs), and random forest (RF). This transact-hybrid model aims to fortify fraud detection capabilities by harnessing the strengths of each algorithm. We curate a unique dataset comprising 1000 instances, incorporating critical transaction features such as transaction hash, block number, transaction fee and gas limit, with binary classification indicating fraudulent transactions. Meticulous preprocessing, including feature engineering and data splitting for training and testing, is conducted. Visualization techniques, including seaborn-based graphs, correlation plots and violin plots, elucidate the dataset’s characteristics. Additionally, a spring colormap correlation map enhances the understanding of feature relationships. Transaction fee distributions before and after preprocessing are visually presented, highlighting the impact of data preparation. We introduce the novel transact-hybrid classifier (THC) with detailed mathematical equations, emphasising its contribution to transactional fraud detection. The classifier integrates SVM, KNN and RF outputs using an exclusive OR operation, showcasing innovation in model development. To evaluate model performance, we conduct a comparative analysis, incorporating SVM, KNN, RF and a voting classifier. Bar plots for accuracy, precision, recall and F1 score, with a custom plasma colormap, offer a visual summary of each model’s metrics. Furthermore, a receiver operating characteristics (ROC) curve analysis is presented, highlighting the area under the curve (AUC) for SVM, KNN, RF and voting models, providing a comprehensive view of their performance in distinguishing between true positive and false positive rates. Our proposed method demonstrates over 99% efficacy in fraud detection, underscoring its potential impact in transaction analysis.
{"title":"Blockchain Analytics Based on Artificial Intelligence: Using Machine Learning for Improved Transaction Analysis","authors":"Ahmed I. Alutaibi","doi":"10.1049/ise2/5560771","DOIUrl":"10.1049/ise2/5560771","url":null,"abstract":"<p>Blockchain technology has reshaped numerous industries by providing secure and transparent transactional platforms. This paper delves into the intersection of blockchain analytics and artificial intelligence (AI) to advance transaction analysis. The primary aim is to bolster fraud detection and enhance transaction efficiency. Through a comprehensive literature review, we identify gaps in existing knowledge and lay the groundwork for our research. We introduce a novel transaction-hybrid model developed using machine learning (ML) algorithms, including support vector machines (SVMs), <i>K</i>-nearest neighbors (KNNs), and random forest (RF). This transact-hybrid model aims to fortify fraud detection capabilities by harnessing the strengths of each algorithm. We curate a unique dataset comprising 1000 instances, incorporating critical transaction features such as transaction hash, block number, transaction fee and gas limit, with binary classification indicating fraudulent transactions. Meticulous preprocessing, including feature engineering and data splitting for training and testing, is conducted. Visualization techniques, including seaborn-based graphs, correlation plots and violin plots, elucidate the dataset’s characteristics. Additionally, a spring colormap correlation map enhances the understanding of feature relationships. Transaction fee distributions before and after preprocessing are visually presented, highlighting the impact of data preparation. We introduce the novel transact-hybrid classifier (THC) with detailed mathematical equations, emphasising its contribution to transactional fraud detection. The classifier integrates SVM, KNN and RF outputs using an exclusive OR operation, showcasing innovation in model development. To evaluate model performance, we conduct a comparative analysis, incorporating SVM, KNN, RF and a voting classifier. Bar plots for accuracy, precision, recall and F1 score, with a custom plasma colormap, offer a visual summary of each model’s metrics. Furthermore, a receiver operating characteristics (ROC) curve analysis is presented, highlighting the area under the curve (AUC) for SVM, KNN, RF and voting models, providing a comprehensive view of their performance in distinguishing between true positive and false positive rates. Our proposed method demonstrates over 99% efficacy in fraud detection, underscoring its potential impact in transaction analysis.</p>","PeriodicalId":50380,"journal":{"name":"IET Information Security","volume":"2025 1","pages":""},"PeriodicalIF":2.6,"publicationDate":"2025-09-05","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"https://ietresearch.onlinelibrary.wiley.com/doi/epdf/10.1049/ise2/5560771","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"144999043","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":4,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"OA","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pseudorandom functions (PRFs) are a very important tool in cryptography, and the learning with rounding (LWR) problem is one of the main issues in their construction. LWR problem, is to find from ⌊As⌋p, where and is the rounding function. The LWR problem is considered a variant of the learning with error (LWE) problem, that is, to find s from b = As + e, where , and LWE has been reduced to GapSVP and SIVP. The hardness of the lattice problems is the security foundation of the issued schemes. The best-known reduction for LWR was completed using information-theoretic entropy arguments, and the reduction requires q ≥ 2nmp. It does not directly reduce to the closest vector problem (CVP) problem, but rather to the LWE problem. However, the reduction in the aforementioned work significantly reduces the difficulty of LWR. To more accurately characterize the hardness of LWR, this paper uses statistical approximation and a Quantum Fourier Transform to reduce LWR to the CVP, thereby ensuring the hardness of LWR. Furthermore, unlike the previous conclusions, our reduction involves minimal loss and has broad security conditions, requiring only that , where q and p are prime numbers and 0 < α < 1.
伪随机函数(prf)是密码学中非常重要的工具,而带舍入学习(LWR)问题是构造伪随机函数的主要问题之一。LWR问题,是从⌊As⌋中求出,其中和为舍入函数。LWR问题被认为是带误差学习(LWE)问题的一个变体,即从b = As + e中找到s,其中,LWE被简化为GapSVP和SIVP。晶格问题的硬度是所发布方案的安全性基础。最著名的LWR的减少是使用信息论熵参数完成的,减少需要q≥2nmp。它不直接简化为最接近向量问题(CVP)问题,而是简化为LWE问题。然而,上述工作的减少大大降低了LWR的难度。为了更准确地表征LWR的硬度,本文采用统计近似和量子傅立叶变换将LWR降至CVP,从而保证了LWR的硬度。此外,与之前的结论不同,我们的约简涉及最小的损失和广泛的安全条件,只需要,其中q和p是素数,0 < α < 1。
{"title":"Revisiting LWR: A Novel Reduction Through Quantum Approximations","authors":"Zhuang Shan, Leyou Zhang, Qiqi Lai","doi":"10.1049/ise2/6825855","DOIUrl":"10.1049/ise2/6825855","url":null,"abstract":"<p>Pseudorandom functions (PRFs) are a very important tool in cryptography, and the learning with rounding (LWR) problem is one of the main issues in their construction. LWR problem, is to find <span></span><math></math> from ⌊<b>A</b><b>s</b>⌋<sub><i>p</i></sub>, where <span></span><math></math> and <span></span><math></math> is the rounding function. The LWR problem is considered a variant of the learning with error (LWE) problem, that is, to find <b>s</b> from <b>b</b> = <b>A</b><b>s</b> + <b>e</b>, where <span></span><math></math>, and LWE has been reduced to GapSVP and SIVP. The hardness of the lattice problems is the security foundation of the issued schemes. The best-known reduction for LWR was completed using information-theoretic entropy arguments, and the reduction requires <i>q</i> ≥ 2<i>n</i><i>m</i><i>p</i>. It does not directly reduce to the closest vector problem (CVP) problem, but rather to the LWE problem. However, the reduction in the aforementioned work significantly reduces the difficulty of LWR. To more accurately characterize the hardness of LWR, this paper uses statistical approximation and a Quantum Fourier Transform to reduce LWR to the CVP, thereby ensuring the hardness of LWR. Furthermore, unlike the previous conclusions, our reduction involves minimal loss and has broad security conditions, requiring only that <span></span><math></math>, where <i>q</i> and <i>p</i> are prime numbers and 0 < <i>α</i> < 1.</p>","PeriodicalId":50380,"journal":{"name":"IET Information Security","volume":"2025 1","pages":""},"PeriodicalIF":2.6,"publicationDate":"2025-08-25","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"https://ietresearch.onlinelibrary.wiley.com/doi/epdf/10.1049/ise2/6825855","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"144897395","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":4,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"OA","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Background: The Internet of Things (IoT) represents one of the fastest-expanding developments in the computer industry. However, the inherently hostile environment of the internet makes IoT systems vulnerable. A popular and promising method for detecting cyberattacks is machine learning (ML), which produces excellent outcomes for identified attacks. However, their ability to identify unidentified malicious traffic is nearly nonexistent.
Need for the Study: The need for study arises from the advanced security solutions of IoT, which are vulnerable to various known and unknown cyberattacks. Traditional ML methods are used to effectively detect new threats. It is followed by a hybrid methodological framework to combine supervised and semisupervised learning. It is an advanced approach to enhance detection accuracy and adaptability in dynamic IoT environments.
Methods: The study suggests an innovative strategy that combines supervised and unsupervised techniques. Initially employing several flow-based parameters, the improved density-based spatial clustering of applications with noise (IDBSCAN) clustering technique distinguishes between anomalous and regular traffic. Next, utilizing specific statistical metrics, a hybrid multiple kernel extreme learning machine with modified teaching–learning-based optimization (HMKELM-MTLBO) classification process is applied to label the clusters.
Findings of the Study: The findings of accuracy result as 98.95%, precision as 97.65%, recall as 98.56%, and F1 score value as 98.23%.
Results: The approach’s effectiveness was evaluated using the ToN_IoT dataset, and a 99%+ accuracy rate was attained in identifying cyberattacks across IoT technology.
Conclusion: The study validates the suggested strategy by testing a distinct set of attacks and training on the ToN_IoT dataset utilizing an extensive data processing system.
{"title":"A Methodological Framework to Hybrid Machine Learning for Detecting Unusual Cyberattacks in Internet of Things","authors":"R. S. Ramya, S. Jayanthy","doi":"10.1049/ise2/8381148","DOIUrl":"10.1049/ise2/8381148","url":null,"abstract":"<p><b>Background:</b> The Internet of Things (IoT) represents one of the fastest-expanding developments in the computer industry. However, the inherently hostile environment of the internet makes IoT systems vulnerable. A popular and promising method for detecting cyberattacks is machine learning (ML), which produces excellent outcomes for identified attacks. However, their ability to identify unidentified malicious traffic is nearly nonexistent.</p><p><b>Need for the Study:</b> The need for study arises from the advanced security solutions of IoT, which are vulnerable to various known and unknown cyberattacks. Traditional ML methods are used to effectively detect new threats. It is followed by a hybrid methodological framework to combine supervised and semisupervised learning. It is an advanced approach to enhance detection accuracy and adaptability in dynamic IoT environments.</p><p><b>Methods:</b> The study suggests an innovative strategy that combines supervised and unsupervised techniques. Initially employing several flow-based parameters, the improved density-based spatial clustering of applications with noise (IDBSCAN) clustering technique distinguishes between anomalous and regular traffic. Next, utilizing specific statistical metrics, a hybrid multiple kernel extreme learning machine with modified teaching–learning-based optimization (HMKELM-MTLBO) classification process is applied to label the clusters.</p><p><b>Findings of the Study:</b> The findings of accuracy result as 98.95%, precision as 97.65%, recall as 98.56%, and F1 score value as 98.23%.</p><p><b>Results:</b> The approach’s effectiveness was evaluated using the ToN_IoT dataset, and a 99%+ accuracy rate was attained in identifying cyberattacks across IoT technology.</p><p><b>Conclusion:</b> The study validates the suggested strategy by testing a distinct set of attacks and training on the ToN_IoT dataset utilizing an extensive data processing system.</p>","PeriodicalId":50380,"journal":{"name":"IET Information Security","volume":"2025 1","pages":""},"PeriodicalIF":2.6,"publicationDate":"2025-08-19","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"https://ietresearch.onlinelibrary.wiley.com/doi/epdf/10.1049/ise2/8381148","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"144869754","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":4,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"OA","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Lei Tang, Zhengxin Cao, Xin Zhou, Junzhe Zhang, Junchi Ma
There are user privacy risks in cloud-based vehicle dispatch platforms due to the unauthorized collection, use, and dissemination of data. However, existing data protection methods cannot balance privacy, usability, and efficiency well. To address this, we propose a local privacy-preserving vehicle assignment strategy via spatial–temporal fusion (STF-LPPVA). Specifically, the strategy allows the cloud platform to train and distribute a spatial–temporal representation model to the user side. Encoded by this model, drivers and passengers can privately fuze the spatial–temporal information of their trips and then transmit these fuzed vectors to the cloud platform. Based on the similarity of the vectors, the cloud platform can allocate vehicles using the Kuhn–Monkreth (KM) algorithm. In addition, we analyze the theoretical feasibility of the STF-LPPVA strategy using entropy change and get good performance with a dataset from DiDi in Chengdu, China. The results show that the successful matching rate of the STF-LPPVA strategy is very close to the original data matching with lower time overhead. Our approach can reduce the traveling distance by 66.5% and improve the matching success rate by 36.2% on average.
{"title":"STF-LPPVA: Local Privacy-Preserving Method for Vehicle Assignment Based on Spatial–Temporal Fusion","authors":"Lei Tang, Zhengxin Cao, Xin Zhou, Junzhe Zhang, Junchi Ma","doi":"10.1049/ise2/1915019","DOIUrl":"10.1049/ise2/1915019","url":null,"abstract":"<p>There are user privacy risks in cloud-based vehicle dispatch platforms due to the unauthorized collection, use, and dissemination of data. However, existing data protection methods cannot balance privacy, usability, and efficiency well. To address this, we propose a local privacy-preserving vehicle assignment strategy via spatial–temporal fusion (STF-LPPVA). Specifically, the strategy allows the cloud platform to train and distribute a spatial–temporal representation model to the user side. Encoded by this model, drivers and passengers can privately fuze the spatial–temporal information of their trips and then transmit these fuzed vectors to the cloud platform. Based on the similarity of the vectors, the cloud platform can allocate vehicles using the Kuhn–Monkreth (KM) algorithm. In addition, we analyze the theoretical feasibility of the STF-LPPVA strategy using entropy change and get good performance with a dataset from DiDi in Chengdu, China. The results show that the successful matching rate of the STF-LPPVA strategy is very close to the original data matching with lower time overhead. Our approach can reduce the traveling distance by 66.5% and improve the matching success rate by 36.2% on average.</p>","PeriodicalId":50380,"journal":{"name":"IET Information Security","volume":"2025 1","pages":""},"PeriodicalIF":2.6,"publicationDate":"2025-08-16","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"https://ietresearch.onlinelibrary.wiley.com/doi/epdf/10.1049/ise2/1915019","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"144853799","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":4,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"OA","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Hailong Xi, Le Ru, Jiwei Tian, Bo Lu, Shiguang Hu, Wenfei Wang, Hongqiao Wang, Xiaohui Luan
Recent advancements in unmanned aerial vehicle (UAV) technology have facilitated its widespread adoption across a spectrum of sectors, such as commercial logistics, agricultural surveillance, industrial diagnostics, and military maneuvers. However, the widespread adoption has also engendered a burgeoning array of security concerns. Unmanned aerial systems (UAS) networks are characterized by high node mobility, unstable links, open communication environments, and limited platform resources, which in turn exhibit typical vulnerabilities in terms of cybersecurity. Most current studies on UAV cybersecurity issues tend to focus on individual UAVs, often neglecting the holistic cybersecurity of UAS. This paper outlines the composition of UAS network architecture. It summarizes the main cybersecurity challenges UAS faces within six categories—spoofing, tampering, information disclosure, denial of service (DoS), service refusal, and privilege escalation—based on the STRIDE threat model. Corresponding methods for risk mitigation and security protection strategies are proposed. Ultimately, the paper provides a perspective on the future development directions of UAS cybersecurity, aiming to offer a reference for addressing related issues in subsequent research and practice.
{"title":"Enhanced Cybersecurity Framework for Unmanned Aerial Systems: A Comprehensive STRIDE-Model Analysis and Emerging Defense Strategies","authors":"Hailong Xi, Le Ru, Jiwei Tian, Bo Lu, Shiguang Hu, Wenfei Wang, Hongqiao Wang, Xiaohui Luan","doi":"10.1049/ise2/9637334","DOIUrl":"10.1049/ise2/9637334","url":null,"abstract":"<p>Recent advancements in unmanned aerial vehicle (UAV) technology have facilitated its widespread adoption across a spectrum of sectors, such as commercial logistics, agricultural surveillance, industrial diagnostics, and military maneuvers. However, the widespread adoption has also engendered a burgeoning array of security concerns. Unmanned aerial systems (UAS) networks are characterized by high node mobility, unstable links, open communication environments, and limited platform resources, which in turn exhibit typical vulnerabilities in terms of cybersecurity. Most current studies on UAV cybersecurity issues tend to focus on individual UAVs, often neglecting the holistic cybersecurity of UAS. This paper outlines the composition of UAS network architecture. It summarizes the main cybersecurity challenges UAS faces within six categories—spoofing, tampering, information disclosure, denial of service (DoS), service refusal, and privilege escalation—based on the STRIDE threat model. Corresponding methods for risk mitigation and security protection strategies are proposed. Ultimately, the paper provides a perspective on the future development directions of UAS cybersecurity, aiming to offer a reference for addressing related issues in subsequent research and practice.</p>","PeriodicalId":50380,"journal":{"name":"IET Information Security","volume":"2025 1","pages":""},"PeriodicalIF":2.6,"publicationDate":"2025-08-11","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"https://ietresearch.onlinelibrary.wiley.com/doi/epdf/10.1049/ise2/9637334","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"144815012","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":4,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"OA","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
The COVID-19 pandemic has impacted the world, prompting a shift toward remote work and stay-at-home economies, altering routines for individuals and businesses. Organizations have had to swiftly implement digital solutions to enable productive and efficient remote work, a trend that is becoming increasingly common. In this context, enterprise programmers often rely on open-source software from social platforms to accelerate application development. However, the source code on these platforms may not always be regularly updated or well-maintained, posing security risks. These risks are exacerbated when programmers need more security software-focused development practices, testing for vulnerabilities, or applying necessary patches regularly. This study introduces two secure software development (SSD) performance baselines based on international standards and utilizing statistical process control (SPC): proactive information security awareness and reactive risk management. These baselines enable enterprise IT departments to monitor security awareness and improve the secure development capabilities of programmers and R&D teams, thereby mitigating the security risks of released software. A practical case study is presented to demonstrate the effectiveness of this approach.
{"title":"Establishing Performance Baselines for Secure Software Development","authors":"Ying-Ti Tsai, Chung-Ho Wang, Yung-Chia Chang, Lee-Ing Tong","doi":"10.1049/ise2/6139424","DOIUrl":"10.1049/ise2/6139424","url":null,"abstract":"<p>The COVID-19 pandemic has impacted the world, prompting a shift toward remote work and stay-at-home economies, altering routines for individuals and businesses. Organizations have had to swiftly implement digital solutions to enable productive and efficient remote work, a trend that is becoming increasingly common. In this context, enterprise programmers often rely on open-source software from social platforms to accelerate application development. However, the source code on these platforms may not always be regularly updated or well-maintained, posing security risks. These risks are exacerbated when programmers need more security software-focused development practices, testing for vulnerabilities, or applying necessary patches regularly. This study introduces two secure software development (SSD) performance baselines based on international standards and utilizing statistical process control (SPC): proactive information security awareness and reactive risk management. These baselines enable enterprise IT departments to monitor security awareness and improve the secure development capabilities of programmers and R&D teams, thereby mitigating the security risks of released software. A practical case study is presented to demonstrate the effectiveness of this approach.</p>","PeriodicalId":50380,"journal":{"name":"IET Information Security","volume":"2025 1","pages":""},"PeriodicalIF":2.6,"publicationDate":"2025-08-08","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"https://ietresearch.onlinelibrary.wiley.com/doi/epdf/10.1049/ise2/6139424","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"145128940","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":4,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"OA","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Blockchain technology has become a popular choice for electronic voting systems due to its transparency, security, and decentralization. However, it is not a perfect solution, as its inherent immutability poses challenges in blockchain-based e-voting systems. Specifically, without the physical security provided by traditional polling stations, preventing bribery and coercion becomes more difficult. Additionally, because of blockchain’s immutability, voters who are coerced or mistakenly vote cannot correct their choice. To address these issues, this paper proposes a secure blockchain-based voting system with editable ballots. The system uses chameleon hashes with ephemeral trapdoors and a timestamp mechanism, allowing voters to modify their ballots within a legitimate timeframe. Additionally, a modified Paillier cryptosystem and blind signature technology are used to ensure that any modifications leave no trace. We simulate and evaluate the system using Fabric 2.2, focusing on computational complexity and system stability. Analysis of experimental results shows that the blockchain-based voting system with an editable ballot mechanism proposed in this article has good computational cost and stability performance under normal use pressure.
{"title":"Secure and Editable: A Blockchain Voting System Based on Chameleon Hash With Ephemeral Trapdoors","authors":"Qiankun Zheng, Junyao Ye, Peng Li, Junzuo Lai","doi":"10.1049/ise2/3915638","DOIUrl":"10.1049/ise2/3915638","url":null,"abstract":"<p>Blockchain technology has become a popular choice for electronic voting systems due to its transparency, security, and decentralization. However, it is not a perfect solution, as its inherent immutability poses challenges in blockchain-based e-voting systems. Specifically, without the physical security provided by traditional polling stations, preventing bribery and coercion becomes more difficult. Additionally, because of blockchain’s immutability, voters who are coerced or mistakenly vote cannot correct their choice. To address these issues, this paper proposes a secure blockchain-based voting system with editable ballots. The system uses chameleon hashes with ephemeral trapdoors and a timestamp mechanism, allowing voters to modify their ballots within a legitimate timeframe. Additionally, a modified Paillier cryptosystem and blind signature technology are used to ensure that any modifications leave no trace. We simulate and evaluate the system using Fabric 2.2, focusing on computational complexity and system stability. Analysis of experimental results shows that the blockchain-based voting system with an editable ballot mechanism proposed in this article has good computational cost and stability performance under normal use pressure.</p>","PeriodicalId":50380,"journal":{"name":"IET Information Security","volume":"2025 1","pages":""},"PeriodicalIF":2.6,"publicationDate":"2025-08-05","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"https://onlinelibrary.wiley.com/doi/epdf/10.1049/ise2/3915638","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"144773741","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":4,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"OA","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Jiang-Yi Lin, Ching-Chun Chang, Chin-Chen Chang, Chin-Feng Lee
Reversible data hiding in encrypted images (RDHEI) is a technique that not only allows the cover images can be fully restored without any loss of information after the embedded data has been extracted but also ensures the confidentiality within the cover images. This article proposes an RDHEI scheme combining adaptive (n, n) secret image sharing (SIS) manner. The content owner reserves part of the least significant bit plane (LSBP) in cover images by two most significant bit planes (MSBPs) compression using the median edge detector (MED) prediction method. To level up the privacy protection of n cover images, a two-layer encryption method is utilized to generate n shares, that is, the self-encryption and cross-encryption. Moreover, our method can be applied on no matter how many of cover images. The secret data with identification can be concealed by the data hiders into the vacated LSB of their own shares. Through the cooperation of the overall shares, the receiver can retrieve the embedded secret data and recover the cover images. Experiment results reveal the security reliability of our approach and the outstanding performance when compared to some related methods. Also, the approach can be employed in color image domain.
加密图像中的可逆数据隐藏技术(Reversible data hiding in encrypted images, RDHEI)是一种既可以在提取嵌入数据后完全恢复封面图像而不丢失任何信息的技术,又可以保证封面图像内部的保密性。本文提出了一种结合自适应(n, n)秘密图像共享(SIS)方式的RDHEI方案。内容所有者利用中值边缘检测器(MED)预测方法,通过两个最高有效位平面(msbp)压缩,保留部分封面图像的最低有效位平面(LSBP)。为了提高n张封面图片的隐私保护水平,我们采用两层加密方式生成n个共享,即自加密和交叉加密。此外,无论有多少张封面图像,我们的方法都可以应用。具有标识的秘密数据可以被数据隐藏者隐藏到他们自己共享的空的LSB中。通过整体股份的配合,接收方可以检索嵌入的秘密数据,恢复封面图像。实验结果表明,该方法具有较高的安全性和可靠性。同时,该方法也适用于彩色图像领域。
{"title":"Highly Secure and Adaptive Multisecret Sharing for Reversible Data Hiding in Encrypted Images","authors":"Jiang-Yi Lin, Ching-Chun Chang, Chin-Chen Chang, Chin-Feng Lee","doi":"10.1049/ise2/6695380","DOIUrl":"10.1049/ise2/6695380","url":null,"abstract":"<p>Reversible data hiding in encrypted images (RDHEI) is a technique that not only allows the cover images can be fully restored without any loss of information after the embedded data has been extracted but also ensures the confidentiality within the cover images. This article proposes an RDHEI scheme combining adaptive (<i>n</i>, <i>n</i>) secret image sharing (SIS) manner. The content owner reserves part of the least significant bit plane (LSBP) in cover images by two most significant bit planes (MSBPs) compression using the median edge detector (MED) prediction method. To level up the privacy protection of <i>n</i> cover images, a two-layer encryption method is utilized to generate <i>n</i> shares, that is, the self-encryption and cross-encryption. Moreover, our method can be applied on no matter how many of cover images. The secret data with identification can be concealed by the data hiders into the vacated LSB of their own shares. Through the cooperation of the overall shares, the receiver can retrieve the embedded secret data and recover the cover images. Experiment results reveal the security reliability of our approach and the outstanding performance when compared to some related methods. Also, the approach can be employed in color image domain.</p>","PeriodicalId":50380,"journal":{"name":"IET Information Security","volume":"2025 1","pages":""},"PeriodicalIF":2.6,"publicationDate":"2025-08-03","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"https://onlinelibrary.wiley.com/doi/epdf/10.1049/ise2/6695380","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"144767711","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":4,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"OA","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
The current multikey fully homomorphic encryption (MKFHE) needs to add exponential noise in the distributed decryption phase to ensure the simulatability of partial decryption. Such a large noise causes the ciphertext modulus of the scheme to increase exponentially compared to the single-key fully homomorphic encryption (FHE), further reducing the efficiency of the scheme and making the hardness problem on the lattice on which the scheme relies have a subexponential approximation factor (which means that the security of the scheme is reduced). To address this problem, this paper analyzes in detail the noise in partial decryption of the MKFHE based on the learning with error (LWE) problem. It points out that this part of the noise is composed of private key and the noise in initial ciphertext. Therefore, as long as the encryption scheme is leak-resistant and the noise in partial decryption is independent of the noise in the initial ciphertext, the semantic security of the ciphertext can be guaranteed. In order to make the noise in the initial ciphertext independent of the noise in the partial decryption, this paper proves the smudging lemma on discrete Gaussian distribution and achieves this goal by multiplying the initial ciphertext by a “dummy” ciphertext with a plaintext of 1. Based on the above method, this paper removes the exponential noise in the distributed decryption phase for the first time and reduces the ciphertext modulus of MKFHE from 2ω(λL logλ) to 2O(λ + L) as the same level as the FHE.
{"title":"Multikey Fully Homomorphic Encryption: Removing Noise Flooding in Distributed Decryption via the Smudging Lemma on Discrete Gaussian Distribution","authors":"Xiaokang Dai, Wenyuan Wu, Yong Feng","doi":"10.1049/ise2/7550044","DOIUrl":"10.1049/ise2/7550044","url":null,"abstract":"<p>The current multikey fully homomorphic encryption (MKFHE) needs to add exponential noise in the distributed decryption phase to ensure the simulatability of partial decryption. Such a large noise causes the ciphertext modulus of the scheme to increase exponentially compared to the single-key fully homomorphic encryption (FHE), further reducing the efficiency of the scheme and making the hardness problem on the lattice on which the scheme relies have a subexponential approximation factor <span></span><math></math> (which means that the security of the scheme is reduced). To address this problem, this paper analyzes in detail the noise in partial decryption of the MKFHE based on the learning with error (LWE) problem. It points out that this part of the noise is composed of private key and the noise in initial ciphertext. Therefore, as long as the encryption scheme is leak-resistant and the noise in partial decryption is independent of the noise in the initial ciphertext, the semantic security of the ciphertext can be guaranteed. In order to make the noise in the initial ciphertext independent of the noise in the partial decryption, this paper proves the smudging lemma on discrete Gaussian distribution and achieves this goal by multiplying the initial ciphertext by a “dummy” ciphertext with a plaintext of 1. Based on the above method, this paper removes the exponential noise in the distributed decryption phase for the first time and reduces the ciphertext modulus of MKFHE from 2<sup><i>ω</i>(<i>λ</i><i>L</i> log<i>λ</i>)</sup> to 2<sup><i>O</i>(<i>λ</i> + <i>L</i>)</sup> as the same level as the FHE.</p>","PeriodicalId":50380,"journal":{"name":"IET Information Security","volume":"2025 1","pages":""},"PeriodicalIF":2.6,"publicationDate":"2025-07-30","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"https://onlinelibrary.wiley.com/doi/epdf/10.1049/ise2/7550044","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"144725510","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":4,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"OA","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
扫码关注我们
求助内容:
应助结果提醒方式:
京公网安备 11010802042870号