发布求助
文献互助 智能选刊 最新文献

IEEE Transactions on Information Forensics and Security最新文献

筛选
英文 中文
unFlowS: An Unsupervised Construction Scheme of Flow Spectrum for Network Traffic Detection
IF 6.3 1区 计算机科学
IEEE Transactions on Information Forensics and Security Pub Date : 2025-03-11 DOI: 10.1109/TIFS.2025.3550060
Luming Yang;Yongjun Wang;Lin Liu;Jun-Jie Huang;Jiangyong Shi;Shaojing Fu;Shize Guo
{"title":"unFlowS: An Unsupervised Construction Scheme of Flow Spectrum for Network Traffic Detection","authors":"Luming Yang;Yongjun Wang;Lin Liu;Jun-Jie Huang;Jiangyong Shi;Shaojing Fu;Shize Guo","doi":"10.1109/TIFS.2025.3550060","DOIUrl":"10.1109/TIFS.2025.3550060","url":null,"abstract":"In recent years, the construction of behavior-based analysis models is hindered by issues such as insufficient data, difficulty in labeling, and the complexity of behavior types. In reality, specific cyber threats often require manual analysis of raw network traffic, which is a complex and inefficient process. Flow spectrum can simplify the complex analysis process of raw network flow by mapping it from a high-dimensional space to a one-dimensional spectral space. However, the existing flow spectrum cannot adapt to the open-world scenarios and behavior-based detection for unknown cyber threats. To address these challenges, we propose a new flow spectrum construction scheme, named unFlowS, to effectively represent network flows and assist analysts to understand the behaviors of network traffic. unFlowS-Net, an unsupervised flow-based detection model we designed as the core of our scheme, can transform network flows into spectral lines. It makes unFlowS possible to detect unknown cyber threats. We further build spectral vectors for spectral lines generated by network flow sets, enabling the visualization of network behaviors within a period of time and automatic behavior-based detection. Experimental results demonstrated that unFlowS-Net can achieve better performance than state-of-the-art methods on unsupervised flow-based detection. Based on spectral vectors, not only can it intuitively display the network behavior characteristic of the target host, but also automatically detect suspicious network behaviors.","PeriodicalId":13492,"journal":{"name":"IEEE Transactions on Information Forensics and Security","volume":"20 ","pages":"3330-3345"},"PeriodicalIF":6.3,"publicationDate":"2025-03-11","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"143598745","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":1,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 0
Comparing Different Membership Inference Attacks with a Comprehensive Benchmark
IF 6.8 1区 计算机科学
IEEE Transactions on Information Forensics and Security Pub Date : 2025-03-11 DOI: 10.1109/tifs.2025.3550070
Jun Niu, Xiaoyan Zhu, Moxuan Zeng, Ge Zhang, Qingyang Zhao, Chunhui Huang, Yangming Zhang, Suyu An, Yangzhong Wang, Xinghui Yue, Zhipeng He, Weihao Guo, Kuo Shen, Peng Liu, Lan Zhang, Jianfeng Ma, Yuqing Zhang
{"title":"Comparing Different Membership Inference Attacks with a Comprehensive Benchmark","authors":"Jun Niu, Xiaoyan Zhu, Moxuan Zeng, Ge Zhang, Qingyang Zhao, Chunhui Huang, Yangming Zhang, Suyu An, Yangzhong Wang, Xinghui Yue, Zhipeng He, Weihao Guo, Kuo Shen, Peng Liu, Lan Zhang, Jianfeng Ma, Yuqing Zhang","doi":"10.1109/tifs.2025.3550070","DOIUrl":"https://doi.org/10.1109/tifs.2025.3550070","url":null,"abstract":"","PeriodicalId":13492,"journal":{"name":"IEEE Transactions on Information Forensics and Security","volume":"39 1","pages":""},"PeriodicalIF":6.8,"publicationDate":"2025-03-11","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"143598999","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":1,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 0
Labeled Private Set Intersection From Distributed Point Function
IF 6.3 1区 计算机科学
IEEE Transactions on Information Forensics and Security Pub Date : 2025-03-10 DOI: 10.1109/TIFS.2025.3550059
Qi Liu;Xiaojie Guo;Kang Yang;Yu Yu
{"title":"Labeled Private Set Intersection From Distributed Point Function","authors":"Qi Liu;Xiaojie Guo;Kang Yang;Yu Yu","doi":"10.1109/TIFS.2025.3550059","DOIUrl":"https://doi.org/10.1109/TIFS.2025.3550059","url":null,"abstract":"Private Set Intersection (PSI) allows two mutually distrusting parties to compute the intersection of their sets without revealing any additional information, and has found numerous applications. A part of applications require labeled PSI in the unbalanced setting, where a server holds a label for each item in a set that is much larger than the set held by a client, and the client obtains the intersection and the corresponding labels. In this paper, we present a new concretely efficient labeled PSI protocol in the unbalanced setting, without using computation-heavy homomorphic encryption. Our protocol is based on Distributed Point Function (DPF) with hardware acceleration from fixed-key AES-NI, and has communication complexity linear in the size of a small set of the client and sublinear in the size of a large set of the server. Our protocol exploits two Oblivious Pesudorandom Function (OPRF) protocols, based on Diffle-Hellman PRFs or block ciphers, to achieve a trade-off between computation and communication. Our implementation demonstrates that our protocol outperforms the previous labeled and unbalanced PSI protocols. In particular, for two sets with respective <inline-formula> <tex-math>$2^{24}$ </tex-math></inline-formula> and 1 items, where each item has a 32-byte label, our protocol takes 1.19 seconds for an end-to-end performance, resulting in <inline-formula> <tex-math>$26 times $ </tex-math></inline-formula> improvement compared to the state-of-the-art protocol by Cong et al. (CCS 2021). In terms of the cost of the one-time initialization, we speed up the computations more than <inline-formula> <tex-math>$325times $ </tex-math></inline-formula> in the above comparison.","PeriodicalId":13492,"journal":{"name":"IEEE Transactions on Information Forensics and Security","volume":"20 ","pages":"2970-2983"},"PeriodicalIF":6.3,"publicationDate":"2025-03-10","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"143675967","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":1,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 0
Rethinking Prefix-Based Steganography for Enhanced Security and Efficiency
IF 6.3 1区 计算机科学
IEEE Transactions on Information Forensics and Security Pub Date : 2025-03-10 DOI: 10.1109/TIFS.2025.3550073
Chao Pan;Donghui Hu;Yaofei Wang;Kejiang Chen;Yinyin Peng;Xianjin Rong;Chen Gu;Meng Li
{"title":"Rethinking Prefix-Based Steganography for Enhanced Security and Efficiency","authors":"Chao Pan;Donghui Hu;Yaofei Wang;Kejiang Chen;Yinyin Peng;Xianjin Rong;Chen Gu;Meng Li","doi":"10.1109/TIFS.2025.3550073","DOIUrl":"https://doi.org/10.1109/TIFS.2025.3550073","url":null,"abstract":"Generative models have demonstrated remarkable capabilities in synthesizing realistic content, creating new opportunities for secure communication through steganography---the practice of embedding covert messages within seemingly innocuous data. While prefix-based steganography, which encodes secret messages into shared probability intervals during generative sampling, has emerged as a promising paradigm for provably secure communication, its practical adoption remains constrained by inherent tradeoffs between security, capacity, and efficiency. To address these challenges, we propose two enhancements. The first enhancement optimizes quantization distortion in existing frameworks to minimize KL divergence, thereby enhancing theoretical security. The second redesigns the sampling mechanism via distribution coupling to amplify steganographic capacity, achieving this without incurring substantial computational overhead. Experimental validation on text generation task confirms our enhancements substantially outperform previous implementations, demonstrating notable capacity improvements, marked security enhancements, and efficiency gains on consumer-grade hardware. Cross-task comparisons with popular provably secure steganography further establish the proposed enhancements as achieving superior security-capacity-efficiency tradeoffs across diverse generative scenarios, advancing the practical deployment of provably secure steganography systems.","PeriodicalId":13492,"journal":{"name":"IEEE Transactions on Information Forensics and Security","volume":"20 ","pages":"3287-3301"},"PeriodicalIF":6.3,"publicationDate":"2025-03-10","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"143716371","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":1,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 0
Provably Secure Public-Key Steganography Based on Admissible Encoding
IF 6.3 1区 计算机科学
IEEE Transactions on Information Forensics and Security Pub Date : 2025-03-10 DOI: 10.1109/TIFS.2025.3550076
Xin Zhang;Kejiang Chen;Na Zhao;Weiming Zhang;Nenghai Yu
{"title":"Provably Secure Public-Key Steganography Based on Admissible Encoding","authors":"Xin Zhang;Kejiang Chen;Na Zhao;Weiming Zhang;Nenghai Yu","doi":"10.1109/TIFS.2025.3550076","DOIUrl":"10.1109/TIFS.2025.3550076","url":null,"abstract":"The technique of hiding secret messages within seemingly harmless covertext to evade examination by censors with rigorous security proofs is known as provably secure steganography (PSS). PSS evolves from symmetric key steganography to public-key steganography, functioning without the requirement of a pre-shared key and enabling the extension to multi-party covert communication and identity verification mechanisms. Recently, a public-key steganography method based on elliptic curves was proposed, which uses point compression to eliminate the algebraic structure of curve points. However, this method has strict requirements on the curve parameters and is only available on half of the points. To overcome these limitations, this paper proposes a more general elliptic curve public key steganography method based on admissible encoding. By applying the tensor square function to the known well-distributed encoding, we construct admissible encoding, which can create the pseudo-random public-key encryption function. The theoretical analysis and experimental results show that the proposed provable secure public-key steganography method can be deployed on all types of curves and utilize all points on the curve.","PeriodicalId":13492,"journal":{"name":"IEEE Transactions on Information Forensics and Security","volume":"20 ","pages":"3161-3175"},"PeriodicalIF":6.3,"publicationDate":"2025-03-10","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"143598746","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":1,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 0
Bring Your Device Group (BYDG): Efficient and Privacy-Preserving User-Device Authentication Protocol in Multi-Access Edge Computing
IF 6.3 1区 计算机科学
IEEE Transactions on Information Forensics and Security Pub Date : 2025-03-10 DOI: 10.1109/TIFS.2025.3550051
Yan Zhang;Chunsheng Gu;Peizhong Shi;Zhengjun Jing;Bing Li;Bo Liu
{"title":"Bring Your Device Group (BYDG): Efficient and Privacy-Preserving User-Device Authentication Protocol in Multi-Access Edge Computing","authors":"Yan Zhang;Chunsheng Gu;Peizhong Shi;Zhengjun Jing;Bing Li;Bo Liu","doi":"10.1109/TIFS.2025.3550051","DOIUrl":"10.1109/TIFS.2025.3550051","url":null,"abstract":"Authentication is an important security issue for multi-access edge computing (MEC). To restrict user access from untrusted devices, Bring Your Own Device (BYOD) policy has been proposed to authenticate users and devices simultaneously. However, when integrating BYOD policy into MEC authentication to improve security, issues of efficient binding and user-device conditional anonymity have not been well supported. To address these issues, we propose Bring Your Device Group (BYDG) policy by constructing efficient and privacy-preserving user-device authentication. Our core idea is to use key sequences generated by PUFs-based key derivation functions (KDFs) to not only construct efficient binding relationships, but also achieve conditional anonymity for device groups. Specifically, a flexible and secure binding method is first developed by leveraging Chinese Remainder Theorem (CRT) to bind user with device groups. Each device’s CRT modulus is derived from the key sequence to construct many-to-many user-device binding relationships, which are managed in the form of on-chain Pedersen Commitment. Moreover, we design an identity anonymizing and tracing method for device groups. The key sequence is regarded as traceable device pseudo-identities, and then inserted into the cuckoo filter to reduce the on-chain storage overhead and mitigate malicious login attempts with low costs. Based on above two methods, the combination of Pedersen Commitment and Zero-Knowledge Proof of Knowledge is used to achieve user-device authentication with conditional anonymity. The security analysis was presented to demonstrate important security properties. A proof-of-concept prototype was implemented to conduct performance evaluation and comparative analysis.","PeriodicalId":13492,"journal":{"name":"IEEE Transactions on Information Forensics and Security","volume":"20 ","pages":"3346-3361"},"PeriodicalIF":6.3,"publicationDate":"2025-03-10","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"143598864","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":1,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 0
DEEPVMUNPROTECT: Neural Network-Based Recovery of VM-Protected Android Apps for Semantics-Aware Malware Detection
IF 6.8 1区 计算机科学
IEEE Transactions on Information Forensics and Security Pub Date : 2025-03-10 DOI: 10.1109/tifs.2025.3550049
Xin Zhao, Mu Zhang, Xiaopeng Ke, Yu Pan, Yue Duan, Sheng Zhong, Fengyuan Xu
{"title":"DEEPVMUNPROTECT: Neural Network-Based Recovery of VM-Protected Android Apps for Semantics-Aware Malware Detection","authors":"Xin Zhao, Mu Zhang, Xiaopeng Ke, Yu Pan, Yue Duan, Sheng Zhong, Fengyuan Xu","doi":"10.1109/tifs.2025.3550049","DOIUrl":"https://doi.org/10.1109/tifs.2025.3550049","url":null,"abstract":"","PeriodicalId":13492,"journal":{"name":"IEEE Transactions on Information Forensics and Security","volume":"21 1","pages":""},"PeriodicalIF":6.8,"publicationDate":"2025-03-10","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"143598749","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":1,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 0
GLiRA: Black-Box Membership Inference Attack via Knowledge Distillation
IF 6.8 1区 计算机科学
IEEE Transactions on Information Forensics and Security Pub Date : 2025-03-10 DOI: 10.1109/tifs.2025.3550068
Andrey V. Galichin, Mikhail Pautov, Alexey Zhavoronkin, Oleg Y. Rogov, Ivan Oseledets
{"title":"GLiRA: Black-Box Membership Inference Attack via Knowledge Distillation","authors":"Andrey V. Galichin, Mikhail Pautov, Alexey Zhavoronkin, Oleg Y. Rogov, Ivan Oseledets","doi":"10.1109/tifs.2025.3550068","DOIUrl":"https://doi.org/10.1109/tifs.2025.3550068","url":null,"abstract":"","PeriodicalId":13492,"journal":{"name":"IEEE Transactions on Information Forensics and Security","volume":"3 1","pages":""},"PeriodicalIF":6.8,"publicationDate":"2025-03-10","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"143598862","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":1,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 0
GNSS Jammer Localization and Identification With Airborne Commercial GNSS Receivers
IF 6.3 1区 计算机科学
IEEE Transactions on Information Forensics and Security Pub Date : 2025-03-10 DOI: 10.1109/TIFS.2025.3550050
Marco Spanghero;Filip Geib;Ronny Panier;Panos Papadimitratos
{"title":"GNSS Jammer Localization and Identification With Airborne Commercial GNSS Receivers","authors":"Marco Spanghero;Filip Geib;Ronny Panier;Panos Papadimitratos","doi":"10.1109/TIFS.2025.3550050","DOIUrl":"https://doi.org/10.1109/TIFS.2025.3550050","url":null,"abstract":"Global Navigation Satellite Systems (GNSS) are fundamental in ubiquitously providing position and time to a wide gamut of systems. Jamming remains a realistic threat in many deployment settings, civilian and tactical. Specifically, in drones sustained denial raises safety critical concerns. This work presents a strategy that allows detection, localization, and classification both in the frequency and time domain of interference signals harmful to navigation. A high-performance Vertical Take Off and Landing (VTOL) drone with a single antenna and a commercial GNSS receiver is used to geolocate and characterize RF emitters at long range, to infer the navigation impairment. Raw IQ baseband snapshots from the GNSS receiver make the application of spectral correlation methods possible without extra software-defined radio payload, paving the way to spectrum identification and monitoring in airborne platforms, aiming at RF situational awareness. Live testing at Jammertest, in Norway, with portable, commercially available GNSS multi-band jammers demonstrates the ability to detect, localize, and characterize harmful interference. Our system pinpointed the position with an error of a few meters of the transmitter and the extent of the affected area at long range, without entering the denied zone. Additionally, further spectral content extraction is used to accurately identify the jammer frequency, bandwidth, and modulation scheme based on spectral correlation techniques.","PeriodicalId":13492,"journal":{"name":"IEEE Transactions on Information Forensics and Security","volume":"20 ","pages":"3550-3565"},"PeriodicalIF":6.3,"publicationDate":"2025-03-10","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"https://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=10919159","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"143740339","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":1,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"OA","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 0
Distribution-Agnostic Database De-Anonymization Under Obfuscation and Synchronization Errors
IF 6.3 1区 计算机科学
IEEE Transactions on Information Forensics and Security Pub Date : 2025-03-10 DOI: 10.1109/TIFS.2025.3550058
Serhat Bakirtas;Elza Erkip
{"title":"Distribution-Agnostic Database De-Anonymization Under Obfuscation and Synchronization Errors","authors":"Serhat Bakirtas;Elza Erkip","doi":"10.1109/TIFS.2025.3550058","DOIUrl":"10.1109/TIFS.2025.3550058","url":null,"abstract":"Database de-anonymization typically involves matching an anonymized database with correlated publicly available data. Existing research focuses either on practical aspects without requiring knowledge of the data distribution yet provides limited guarantees, or on theoretical aspects assuming known distributions. This paper aims to bridge these two approaches, offering theoretical guarantees for database de-anonymization under synchronization errors and obfuscation without prior knowledge of data distribution. Using a modified replica detection algorithm and a new seeded deletion detection algorithm, we establish sufficient conditions on the database growth rate for successful matching, demonstrating a double-logarithmic seed size relative to row size is sufficient for detecting deletions in the database. Importantly, our findings indicate that these sufficient de-anonymization conditions are tight and are the same as in the distribution-aware setting, avoiding asymptotic performance loss due to unknown distributions. Finally, we evaluate the performance of our proposed algorithms through simulations, confirming their effectiveness in more practical, non-asymptotic, scenarios.","PeriodicalId":13492,"journal":{"name":"IEEE Transactions on Information Forensics and Security","volume":"20 ","pages":"3190-3203"},"PeriodicalIF":6.3,"publicationDate":"2025-03-10","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"143598865","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":1,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 0
首页 上一页 下一页 尾页
0
×
引用
GB/T 7714-2015
复制
MLA
复制
APA
复制
导出至
BibTeX EndNote RefMan NoteFirst NoteExpress
×
提示
您的信息不完整,为了账户安全,请先补充。
现在去补充
×
提示
您因"违规操作"
具体请查看互助需知
我知道了
×
提示
现在去查看 取消
×
提示
确定
请完成安全验证×
相关产品
×
本文献相关产品
联系我们:info@booksci.cn Book学术提供免费学术资源搜索服务,方便国内外学者检索中英文文献。致力于提供最便捷和优质的服务体验。 Copyright © 2023 布克学术 All rights reserved.
京ICP备2023020795号-1
ghs 京公网安备 11010802042870号
Book学术文献互助
Book学术文献互助群
群 号:481959085
Book学术官方微信