IEEE Transactions on Information Forensics and Security最新文献

{"title":"Comments on “VCD-FL: Verifiable, Collusion-Resistant, and Dynamic Federated Learning”","authors":"Zhuoqun Yan, Wenfang Zhang, Xiaomin Wang, Muhammad Khurram Khan","doi":"10.1109/tifs.2025.3533141","DOIUrl":"https://doi.org/10.1109/tifs.2025.3533141","url":null,"abstract":"","PeriodicalId":13492,"journal":{"name":"IEEE Transactions on Information Forensics and Security","volume":"29 1","pages":""},"PeriodicalIF":6.8,"publicationDate":"2025-01-23","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"143026520","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":1,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"Dynamic event-triggered control for leader-following consensus of nonlinear multi-agent systems against malicious attacks","authors":"Lingzhi Zhao, Jianquan Lu, Yang Liu, Jungang Lou","doi":"10.1109/tifs.2025.3531775","DOIUrl":"https://doi.org/10.1109/tifs.2025.3531775","url":null,"abstract":"","PeriodicalId":13492,"journal":{"name":"IEEE Transactions on Information Forensics and Security","volume":"49 1","pages":""},"PeriodicalIF":6.8,"publicationDate":"2025-01-20","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"142991445","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":1,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"Angle and Distance Discrimination by Utilizing Frequency Conversion Capability of STC-IRS for Covert Communications","authors":"Manlin Wang;Yao Yao;Haiyang Ding;Shihai Shao;Bin Xia;Jiangzhou Wang","doi":"10.1109/TIFS.2025.3530689","DOIUrl":"10.1109/TIFS.2025.3530689","url":null,"abstract":"Covert communication is an important approach to ensure information security by hiding the transmission behavior. Space-domain-coding intelligent reflecting surface (SDC-IRS) can adjust the phase of the reflection signal for passive beamforming in angle domains, which is widely employed in covert communications. However, the gains by SDC-IRS vanish when the warder is proximal to the receiver in angle domains. To overcome this limitation, in this paper, the space-time-coding IRS (STC-IRS) is considered, which can adjust both the phase and the frequency of the reflection signal for passive beamforming in angle-distance domains. Specifically, system performance under STC-IRS and SDC-IRS is compared, revealing the essence that angle and distance discrimination for the receiver is achieved with STC-IRS. Further, to fully exploit STC-IRS, optimization problems are formulated to maximize the covert rate in both line-of-sight scenarios and Rician fading scenarios. To solve the above problems, penalty-based algorithms are proposed where the transmit power, the phase shift and the frequency shift at STC-IRS are optimized jointly with majorization-minimization and block successive upper bound minimization techniques. Considering more general and adverse cases, the proposed algorithms are also extended to the scenario with multiple warders. Simulation results demonstrate the superiority of the proposed scheme compared with other benchmarks. Especially, when the warder and the receiver overlap in angle domains, covert rates with STC-IRS exceed 3 bps by distance domain discrimination, whereas covert rates with SDC-IRS are less than 0.01 bps.","PeriodicalId":13492,"journal":{"name":"IEEE Transactions on Information Forensics and Security","volume":"20 ","pages":"1503-1518"},"PeriodicalIF":6.3,"publicationDate":"2025-01-20","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"142991402","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":1,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":" $mathsf{TCG}text{-}mathsf{IDS}$ : Robust Network Intrusion Detection via Temporal Contrastive Graph Learning","authors":"Cong Wu;Jianfei Sun;Jing Chen;Mamoun Alazab;Yang Liu;Yang Xiang","doi":"10.1109/TIFS.2025.3530702","DOIUrl":"10.1109/TIFS.2025.3530702","url":null,"abstract":"In the era of zero trust security models and next-generation networks (NGN), the primary challenge is that network nodes may be untrusted, even if they have been verified, necessitating continuous validation and scrutiny. Effective intrusion detection systems (IDS) are crucial for continuously monitoring network traffic and identifying potential threats. However, traditional IDS approaches often struggle to keep pace with evolving threats, requiring extensive supervised training on labeled datasets. This limitation leads to high false positive rates, low detection accuracy, and a failure to provide real-time detection, thereby undermining the security of NGNs. This paper proposed the first self-supervised learning-based IDS, designed on temporal contrastive graph neural network (GNN), namely <inline-formula> <tex-math>$mathsf{TCG}text{-}mathsf{IDS}$ </tex-math></inline-formula>. It innovatively integrates three contrastive learning strategies: temporal contrasting to capture temporal dependencies, asymmetric contrasting to account for the diverse interactions within network data, and masked contrasting to enhance the learning of node representations by masking parts of the data during training. Performance evaluation was conducted on two publicly available network traffic datasets, NF-CSE-CIC-IDS2018-V2 and NF-UNSW-NB15-V2. <inline-formula> <tex-math>$mathsf{TCG}text{-}mathsf{IDS}$ </tex-math></inline-formula> achieved a balanced accuracy of 99.48% and 91.48% on two datasets respectively, significantly outperforming state-of-the-art graph learning models. In multi-class detection, <inline-formula> <tex-math>$mathsf{TCG}text{-}mathsf{IDS}$ </tex-math></inline-formula> attained a mean false positive rate of 4.15% and 3.34% on the two datasets respectively. Besides, it exhibits high efficiency with its running time of 0.37s and 0.51s on the two datasets to predict per batch of 100 samples. Results highlight the effectiveness and efficiency of <inline-formula> <tex-math>$mathsf{TCG}text{-}mathsf{IDS}$ </tex-math></inline-formula> in accurately detecting various types of network intrusions. This work significantly advances the field of network intrusion detection via self-supervised temporal graph learning, offering a promising solution for future network security systems.","PeriodicalId":13492,"journal":{"name":"IEEE Transactions on Information Forensics and Security","volume":"20 ","pages":"1475-1486"},"PeriodicalIF":6.3,"publicationDate":"2025-01-20","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"142991343","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":1,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"Physical-Layer Key Generation Efficient Beamspace Adaptations in 5G New Radio","authors":"Dongming Li;Wanting Ma;Fuhui Zhou;Qihui Wu;Derrick Wing Kwan Ng","doi":"10.1109/TIFS.2025.3530677","DOIUrl":"10.1109/TIFS.2025.3530677","url":null,"abstract":"The fifth-generation new radio (NR) cellular communication is featured with numerous advancements over Long Term Evolution (LTE) and earlier technologies. It enables more flexible physical-layer resource scheduling across multiple dimensions, and two representative techniques are beamspace transmissions and time-frequency numerology selection. Nevertheless, the lightweight physical-layer secure transmission in NR remains under investigation, especially taking NR beamspace and mobility into consideration. In this work, we propose a physical-layer wireless key generation (KG) efficient beamspace adaptation scheme for NR, where the KG capacity is theoretically characterized by critical NR components including beam direction and beamwidth. In addition, we consider the impacts of user mobility on KG performance. Since NR beamspace plays a key role in deciding the channel probing window in the spatial dimension, the NR beamspace directly affects channel probing results and hence the KG efficiency. To this end, NR beam parameters are obtained to improve the KG performance. Especially, we propose to optimize the NR beamwidth for maximizing the secrecy-delay efficiency, because a tradeoff exists in adapting the beamwidth where smaller beamwidth can improve the channel estimation accuracy but increase the beam sweeping delay. Theoretical analysis and simulation results show that the beam direction adaptation provides spatial degrees of freedom for NR to enhance KG, by enabling beam selection pointing at target areas with richer multipath scatterings. Experimental results demonstrate that the narrow beam is beneficial to enhancing the channel estimation accuracy and the resultant key agreements.","PeriodicalId":13492,"journal":{"name":"IEEE Transactions on Information Forensics and Security","volume":"20 ","pages":"1535-1550"},"PeriodicalIF":6.3,"publicationDate":"2025-01-20","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"142991404","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":1,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"Collaboratively Self-Supervised Video Representation Learning for Action Recognition","authors":"Jie Zhang;Zhifan Wan;Lanqing Hu;Stephen Lin;Shuzhe Wu;Shiguang Shan","doi":"10.1109/TIFS.2025.3531772","DOIUrl":"10.1109/TIFS.2025.3531772","url":null,"abstract":"Considering the close connection between action recognition and human pose estimation, we design a Collaboratively Self-supervised Video Representation (CSVR) learning framework specific to action recognition by jointly factoring in generative pose prediction and discriminative context matching as pretext tasks. Specifically, our CSVR consists of three branches: a generative pose prediction branch, a discriminative context matching branch, and a video generating branch. Among them, the first one encodes dynamic motion feature by utilizing Conditional-GAN to predict the human poses of future frames, and the second branch extracts static context features by contrasting positive and negative video feature and I-frame feature pairs. The third branch is designed to generate both current and future video frames, for the purpose of collaboratively improving dynamic motion features and static context features. Extensive experiments demonstrate that our method achieves state-of-the-art performance on multiple popular video datasets.","PeriodicalId":13492,"journal":{"name":"IEEE Transactions on Information Forensics and Security","volume":"20 ","pages":"1895-1907"},"PeriodicalIF":6.3,"publicationDate":"2025-01-20","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"142991403","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":1,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"CiseLeaks: Information Leakage Assessment of Cryptographic Instruction Set Extension Prototypes","authors":"Aruna Jayasena;Richard Bachmann;Prabhat Mishra","doi":"10.1109/TIFS.2025.3531239","DOIUrl":"10.1109/TIFS.2025.3531239","url":null,"abstract":"Software based cryptographic implementations provide flexibility but they face performance limitations. In contrast, hardware based cryptographic accelerators utilize application-specific customization to provide real-time security solutions. Cryptographic instruction-set extensions (CISE) combine the advantages of both hardware and software based solutions to provide higher performance combined with the flexibility of atomic-level cryptographic operations. While CISE is widely used to develop security solutions, side-channel analysis of CISE-based devices is in its infancy. Specifically, it is important to evaluate whether the power usage and electromagnetic emissions of CISE-based devices have any correlation with its internal operations, which an adversary can exploit to deduce cryptographic secrets. In this paper, we propose a test vector leakage assessment framework to evaluate the pre-silicon prototypes at the early stages of the design life-cycle. Specifically, we first identify functional units with the potential for leaking information through power side-channel signatures and then evaluate them on system prototypes by generating the necessary firmware to maximize the side-channel signature. Our experimental results on two RISC-V based cryptographic extensions, RISCV-CRYPTO and XCRYPTO, demonstrated that seven out of eight prototype AES- and SHA-related functional units are vulnerable to leaking cryptographic secrets through their power side-channel signature even in full system mode with a statistical significance of <inline-formula> <tex-math>$alpha = 0.05$ </tex-math></inline-formula>.","PeriodicalId":13492,"journal":{"name":"IEEE Transactions on Information Forensics and Security","volume":"20 ","pages":"1551-1565"},"PeriodicalIF":6.3,"publicationDate":"2025-01-17","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"142989189","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":1,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"Healthcare Security: Post-Quantum Continuous Authentication With Behavioral Biometrics Using Vector Similarity Search","authors":"Basudeb Bera;Sutanu Nandi;Ashok Kumar Das;Biplab Sikdar","doi":"10.1109/TIFS.2025.3531197","DOIUrl":"10.1109/TIFS.2025.3531197","url":null,"abstract":"With the increasing digitization of medical records and the interconnected nature of healthcare networks, robust security measures are vital to mitigate the risk of data breaches, cyberattacks, and unauthorized access. Existing healthcare security models, like one-time authentication (OTA), rely on complex mathematical problems such as the integer factorization problem (IFP) and discrete logarithm problem (DLP). However, advancements in quantum computing, notably Shor’s algorithm, pose a threat to the security of these systems. Once the attacker bypasses OTA, they gain permanent access and can reveal sensitive healthcare user information. Given the numerous vulnerabilities exposed in OTA systems, there is a rising demand and trend toward implementing continuous authentication systems. Current cutting-edge privacy technologies either are not feasible or entail high costs for continuous authentication systems, which necessitate periodic real-time verification. As a result, we proposed a cutting-edge novel approach to healthcare security through post-quantum continuous authentication without breaking the continuity of a session, leveraging behavioral biometrics (BB) and vector similarity search (VSS). By integrating BB, which analyzes individual behavioral patterns, with VSS, our robust lightweight quantum-secure technique ensures a heightened level of security. The proposed framework offers seamless and continuous authentication, adapting in real-time to users’ behavioral patterns. The proof of concept for VSS demonstrates the efficiency of the proposed scheme in real-time healthcare applications. Through extensive testing, analysis, and performance analysis under unknown attacks, this study demonstrates the efficacy and resilience of our approach, promising a new frontier in healthcare security. A real-time testbed experiment, along with the implementation and design of FastAPI, demonstrates the novelty of the proposed scheme.","PeriodicalId":13492,"journal":{"name":"IEEE Transactions on Information Forensics and Security","volume":"20 ","pages":"1597-1612"},"PeriodicalIF":6.3,"publicationDate":"2025-01-17","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"142989187","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":1,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"D24D: Dynamic Deep 4-Dimensional Analysis for Malware Detection","authors":"Rama Krishna Koppanati;Monika Santra;Sateesh Kumar Peddoju","doi":"10.1109/TIFS.2025.3531230","DOIUrl":"10.1109/TIFS.2025.3531230","url":null,"abstract":"In the era of ubiquitous computing devices, malware is the primary weapon of cyber attacks, and malware-related security breaches remain a significant security concern. Nowadays, adversaries require fewer resources to exploit a system with the help of contemporary malicious payloads and AI tools than in the old days. Despite many advances in malware defense research, adversaries continually employ sophisticated tools and techniques to evade existing defense mechanisms and create chaos. Moreover, it is challenging to recognize these malicious binaries with shallow features such as section names, entropies, virtual sizes, and strings, which are not robust. The proposed work mainly focuses on identifying robust features that can help to detect more sophisticated (i) seen and (ii) never-seen-before malware effectively. Unlike the existing research works, <inline-formula> <tex-math>$D^{2}4D$ </tex-math></inline-formula> concentrates on four types of analysis: Registry key, API function, network, and memory analysis. Above all, <inline-formula> <tex-math>$D^{2}4D$ </tex-math></inline-formula> identifies the binaries that perform fast-flux attacks, DGA-based attacks, homoglyphs attacks, and other attack types. The evaluation results indicate that the <inline-formula> <tex-math>$D^{2}4D$ </tex-math></inline-formula> achieves an accuracy of 99.67%, with a 0.10% False Positive Rate for seen binaries and more than 91% accuracy for never-seen-before binaries. Beyond that, <inline-formula> <tex-math>$D^{2}4D$ </tex-math></inline-formula> outperforms 33 existing anti-malware. The extracted features prove robust in identifying seen and never-seen-before binaries based on the experimental analysis, comparison with the state-of-the-art models, and ablation study.","PeriodicalId":13492,"journal":{"name":"IEEE Transactions on Information Forensics and Security","volume":"20 ","pages":"2083-2095"},"PeriodicalIF":6.3,"publicationDate":"2025-01-17","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"142989043","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":1,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"Maximizing Uncertainty for Federated learning via Bayesian Optimisation-based Model Poisoning","authors":"Marios Aristodemou, Xiaolan Liu, Yuan Wang, Konstantinos G. Kyriakopoulos, Sangarapillai Lambotharan, Qingsong Wei","doi":"10.1109/tifs.2025.3531143","DOIUrl":"https://doi.org/10.1109/tifs.2025.3531143","url":null,"abstract":"","PeriodicalId":13492,"journal":{"name":"IEEE Transactions on Information Forensics and Security","volume":"51 1","pages":""},"PeriodicalIF":6.8,"publicationDate":"2025-01-17","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"142989042","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":1,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}