IEEE Transactions on Information Forensics and Security最新文献

{"title":"A Synthetic Data-Assisted Satellite Terrestrial Integrated Network Intrusion Detection Framework","authors":"Junpeng He;Xiong Li;Xiaosong Zhang;Weina Niu;Fagen Li","doi":"10.1109/TIFS.2025.3530676","DOIUrl":"10.1109/TIFS.2025.3530676","url":null,"abstract":"The Satellite-Terrestrial Integrated Network (STIN) is an emerging paradigm offering seamless network services across geographical boundaries, yet it faces significant security challenges, including limited intrusion prevention capabilities. Federated learning (FL) provides a viable solution by aggregating traffic data from STIN clients (e.g., ground stations and edge routers) to train models for network intrusion detection systems (NIDS). However, satellite and terrestrial domain data’s non-independent and identically distributed (non-IID) nature hinders training efficiency and performance. This paper proposes STINIDF, a novel STIN intrusion detection framework leveraging FL-based data augmentation. STINIDF utilizes FL to collaboratively train a conditional diffusion model across STIN nodes while preserving privacy via differential privacy mechanisms, generating global traffic data representative of the STIN distribution. Each node then integrates global and local traffic data to train a local model for NIDS, addressing non-IID challenges by balancing data distribution through data augmentation. Using a simulation environment developed with OMNeT++ and INET, a Satellite-Terrestrial Integrated (STI) traffic dataset was created, including intrusion scenarios such as signal disruption, UDP flooding, and jamming attacks. Experimental results indicate that STINIDF outperforms existing data augmentation-based approaches under non-IID conditions, achieving <inline-formula> <tex-math>$mathbf {96.63%(2.41%uparrow)}$ </tex-math></inline-formula> accuracy, <inline-formula> <tex-math>$mathbf {96.71% (3.14%uparrow)}$ </tex-math></inline-formula> precision, <inline-formula> <tex-math>$mathbf {96.54%(1.65%uparrow)}$ </tex-math></inline-formula> recall and <inline-formula> <tex-math>$mathbf {96.66%(2.7%uparrow)}$ </tex-math></inline-formula> F1 score. Furthermore, when compared to methods integrating data augmentation with differential privacy, STINIDF demonstrates an effective balance between privacy preservation and intrusion detection performance, attaining an accuracy of <inline-formula> <tex-math>$mathbf {96.14%(2.57%uparrow)}$ </tex-math></inline-formula> and a FID of <inline-formula> <tex-math>$mathbf {17.88(7.41downarrow)}$ </tex-math></inline-formula>.","PeriodicalId":13492,"journal":{"name":"IEEE Transactions on Information Forensics and Security","volume":"20 ","pages":"1739-1754"},"PeriodicalIF":6.3,"publicationDate":"2025-01-16","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"142987548","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":1,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"ModelShield: Adaptive and Robust Watermark Against Model Extraction Attack","authors":"Kaiyi Pang;Tao Qi;Chuhan Wu;Minhao Bai;Minghu Jiang;Yongfeng Huang","doi":"10.1109/TIFS.2025.3530691","DOIUrl":"10.1109/TIFS.2025.3530691","url":null,"abstract":"Large language models (LLMs) demonstrate general intelligence across a variety of machine learning tasks, thereby enhancing the commercial value of their intellectual property (IP). To protect this IP, model owners typically allow user access only in a black-box manner, however, adversaries can still utilize model extraction attacks to steal the model intelligence encoded in model generation. Watermarking technology offers a promising solution for defending against such attacks by embedding unique identifiers into the model-generated content. However, existing watermarking methods often compromise the quality of generated content due to heuristic alterations and lack robust mechanisms to counteract adversarial strategies, thus limiting their practicality in real-world scenarios. In this paper, we introduce an adaptive and robust watermarking method (named ModelShield) to protect the IP of LLMs. Our method incorporates a self-watermarking mechanism that allows LLMs to autonomously insert watermarks into their generated content to avoid the degradation of model content. We also propose a robust watermark detection mechanism capable of effectively identifying watermark signals under the interference of varying adversarial strategies. Besides, ModelShield is a plug-and-play method that does not require additional model training, enhancing its applicability in LLM deployments. Extensive evaluations on two real-world datasets and three LLMs demonstrate that our method surpasses existing methods in terms of defense effectiveness and robustness while significantly reducing the degradation of watermarking on the model-generated content.","PeriodicalId":13492,"journal":{"name":"IEEE Transactions on Information Forensics and Security","volume":"20 ","pages":"1767-1782"},"PeriodicalIF":6.3,"publicationDate":"2025-01-16","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"142987549","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":1,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"Non-Fragile Robust Security Control Based on Dynamic Threshold Cryptographic Detector for Remote Motor Under Stealthy FDI Attacks","authors":"Qiaofeng Zhang;Meng Li;Yong Chen;Meng Zhang","doi":"10.1109/TIFS.2025.3530694","DOIUrl":"10.1109/TIFS.2025.3530694","url":null,"abstract":"This paper investigates a non-fragile robust security control strategy for remote motors, based on a dynamic threshold cryptographic detector. This strategy aims to protect system performance against stealthy false data injection (FDI) attacks and to effectively minimize the impact of controller jitter. First, a stealthy FDI attack is designed to bypass the conventional <inline-formula> <tex-math>$chi ^{2}$ </tex-math></inline-formula> detector and degrade system performance. The stealthiness and destructiveness of the attack are demonstrated. Next, to counter the stealthy FDI attack, a dynamic threshold cryptographic detector is proposed. This detector addresses the stealthiness of the attack and enhances robustness by incorporating a time-varying nonlinear function and a dynamic threshold detection strategy. Furthermore, a non-fragile robust security control strategy is introduced to prevent these attacks and mitigate the problem of controller perturbations. The stability of this strategy is proven using Lyapunov theory. Finally, the effectiveness of the proposed security control strategy is validated through numerical and semi-physical simulations.","PeriodicalId":13492,"journal":{"name":"IEEE Transactions on Information Forensics and Security","volume":"20 ","pages":"1783-1793"},"PeriodicalIF":6.3,"publicationDate":"2025-01-16","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"142987319","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":1,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"Bottom Aggregating, Top Separating: An Aggregator and Separator Network for Encrypted Traffic Understanding","authors":"Wei Peng;Lei Cui;Wei Cai;Wei Wang;Xiaoyu Cui;Zhiyu Hao;Xiaochun Yun","doi":"10.1109/TIFS.2025.3529316","DOIUrl":"10.1109/TIFS.2025.3529316","url":null,"abstract":"Encrypted traffic classification refers to the task of identifying the application, service or malware associated with network traffic that is encrypted. Previous methods mainly have two weaknesses. Firstly, from the perspective of word-level (namely, byte-level) semantics, current methods use pre-training language models like BERT, learned general natural language knowledge, to directly process byte-based traffic data. However, understanding traffic data is different from understanding words in natural language, using BERT directly on traffic data could disrupt internal word sense information so as to affect the performance of classification. Secondly, from the perspective of packet-level semantics, current methods mostly implicitly classify traffic using abstractive semantic features learned at the top layer, without further explicitly separating the features into different space of categories, leading to poor feature discriminability. In this paper, we propose a simple but effective Aggregator and Separator Network (ASNet) for encrypted traffic understanding, which consists of two core modules. Specifically, a parameter-free word sense aggregator enables BERT to rapidly adapt to understanding traffic data and keeping the complete word sense without introducing additional model parameters. And a category-constrained semantics separator with task-aware prompts (as the stimulus) is introduced to explicitly conduct feature learning independently in semantic spaces of different categories. Experiments on five datasets across seven tasks demonstrate that our proposed model achieves the current state-of-the-art results without pre-training in both the public benchmark and real-world collected traffic dataset. Statistical analyses and visualization experiments also validate the interpretability of the core modules. Furthermore, what is important is that ASNet does not need pre-training, which dramatically reduces the cost of computing power and time. The model code and dataset will be released in <uri>https://github.com/pengwei-iie/ASNET</uri>.","PeriodicalId":13492,"journal":{"name":"IEEE Transactions on Information Forensics and Security","volume":"20 ","pages":"1794-1806"},"PeriodicalIF":6.3,"publicationDate":"2025-01-13","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"142974875","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":1,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"Robust Generative Adaptation Network for Open-Set Adversarial Defense","authors":"Yanchun Li;Long Huang;Shujuan Tian;Haolin Liu;Zhetao Li","doi":"10.1109/TIFS.2025.3529311","DOIUrl":"10.1109/TIFS.2025.3529311","url":null,"abstract":"In open-set recognition scenarios, deep learning models are required to handle samples from unknown categories, which better reflects real-world conditions. However, this task poses significant challenges to current closed-set recognition models, and the emergence of adversarial samples further exacerbates the issue. Existing open-set adversarial defense methods still lack a comprehensive exploration of model architectures, and the efficacy of adversarial training methods remains suboptimal in generalizing to various types of noise. In this paper, we propose a novel network called the Robust Generative Adaptation Network (RGAN), which enhances closed-set recognition accuracy and open-set detection performance by optimizing the model architecture for open-set adversarial defense. We optimize the robust block that can be embedded within deep learning models to constrain the propagation effects of adversarial attacks, thereby enhancing the model’s robustness. Simultaneously, we employ a noise generator to create perturbations tailored to specific adversarial samples and leverage these perturbations to increase the model’s generalization ability to different forms of noise. We conduct comprehensive experiments on five widely used datasets and various classification architectures, and the experimental results demonstrate that our RGAN achieves State-Of-The-Art (SOTA) performance in open-set adversarial defense tasks. The code and models are available at <uri>https://github.com/ycLi-CV/RGAN-main</uri>.","PeriodicalId":13492,"journal":{"name":"IEEE Transactions on Information Forensics and Security","volume":"20 ","pages":"1649-1664"},"PeriodicalIF":6.3,"publicationDate":"2025-01-13","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"142975186","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":1,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"Bitcoin-Compatible Privacy-Preserving Multi-Party Payment Channels Supporting Variable Amounts","authors":"Ruonan Chen, Yang Zhang, Dawei Li, Yizhong Liu, Jianwei Liu, Qianhong Wu, Jianying Zhou, Willy Susilo","doi":"10.1109/tifs.2025.3528827","DOIUrl":"https://doi.org/10.1109/tifs.2025.3528827","url":null,"abstract":"","PeriodicalId":13492,"journal":{"name":"IEEE Transactions on Information Forensics and Security","volume":"3 1","pages":""},"PeriodicalIF":6.8,"publicationDate":"2025-01-13","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"142975055","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":1,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"DroneAudioID: A Lightweight Acoustic Fingerprint-Based Drone Authentication System for Secure Drone Delivery","authors":"Meng Zhang;Li Lu;Yuhan Wu;Zheng Yan;Jiaqi Sun;Feng Lin;Kui Ren","doi":"10.1109/TIFS.2025.3527814","DOIUrl":"10.1109/TIFS.2025.3527814","url":null,"abstract":"With the increasing accessibility of drones, they have been warmly embraced across various sectors, especially in low-altitude logistics transportation. However, during drone delivery, legal drones dispatched by logistics companies are susceptible to malicious attacks, resulting in package theft or substitution. To address this, existing works focus on designing drone authentication to secure drone delivery. However, most of these methods require expensive specialized equipment, such as high-quality microphones and professional recording devices, resulting in high real-world application costs. In this paper, we propose DroneAudioID, a lightweight acoustic fingerprint-based drone authentication system that relies solely on common mobile devices. The basic idea is to employ acoustic fingerprints to authenticate different drones of the same model based on differences in fundamental frequency and harmonic components of drone audio. Specifically, the drone audio is recorded by a mobile device instead of sophisticated equipment. We apply wavelet transform to remove high-frequency noise during data preprocessing. Then, specialized filter banks are designed for feature extraction, leveraging the frequency characteristics of drone audio. Finally, we construct a Bi-Long Short-Term Memory (Bi-LSTM) with an Open-Max model for open-set classification. Extensive experiments are conducted on eight crafts drones of <inline-formula> <tex-math>$DJI Mini2$ </tex-math></inline-formula>, showing an authentication accuracy of 99.6%. A series of comprehensive experiments further validate DroneAudioID’s capability to defend against various attacks.","PeriodicalId":13492,"journal":{"name":"IEEE Transactions on Information Forensics and Security","volume":"20 ","pages":"1447-1461"},"PeriodicalIF":6.3,"publicationDate":"2025-01-13","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"142975053","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":1,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"Multi-View Graph-Based Hierarchical Representation Learning for Money Laundering Group Detection","authors":"Zhong Li;Xueting Yang;Changjun Jiang","doi":"10.1109/TIFS.2025.3529321","DOIUrl":"10.1109/TIFS.2025.3529321","url":null,"abstract":"Anti-money laundering (AML) is crucial to maintaining national financial security. Contemporary AML methods focus on homogeneous mining or unitary money laundering pattern. These methods ignore a characteristic of gang operation in money laundering. Thus, in this paper, we propose a multi-view graph-based hierarchical representation learning method, named MG-HRL, to mine organized money laundering groups. In particular, we extract multi-level representations of transaction subgraphs, including transaction features, user features, structural features, and high-order association features from multiple observational perspectives. To learn the correlation between users, we model transaction networks as heterogeneous information networks (HINs) and design six meta-paths related to money laundering scenarios to mine correlations among users. Combining with correlation representations of users, we propose a heterogeneous hypergraph representation learning method to learn high-order representations of transaction subgraphs. Through hierarchical representation learning, the MG-HRL achieves full exploration of money laundering groups. Finally, we conduct experiments on two public transaction datasets. The result shows that MG-HRL method performs better than other state-of-the-art baselines.","PeriodicalId":13492,"journal":{"name":"IEEE Transactions on Information Forensics and Security","volume":"20 ","pages":"2035-2050"},"PeriodicalIF":6.3,"publicationDate":"2025-01-13","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"142975187","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":1,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"TextSafety: Visual Text Vanishing via Hierarchical Context-Aware Interaction Reconstruction","authors":"Pengwen Dai;Jingyu Li;Dayan Wu;Peijia Zheng;Xiaochun Cao","doi":"10.1109/TIFS.2025.3528249","DOIUrl":"10.1109/TIFS.2025.3528249","url":null,"abstract":"Privacy information existing in the scene text will be leaked with the spread of images in cyberspace. Vanishing the scene text from the image is a simple yet effective method to prevent privacy disclosure to the machine and the human. Previous visual text vanishing methods have achieved promising results but the performance still fell short of expectations for complicated-shape scene texts with various scales. In this paper, we propose a novel hierarchical context-aware interaction reconstruction method to make the visual text vanish in the natural scene image. To avoid the interference of the non-text regions, we narrow down the reconstruction regions by the guidance of the hierarchical refined text region masks, helping provide accurate position information. Meanwhile, we propose to learn the long-range context-aware interaction in a lightweight way, which can ensure the smoothing of the artifacts that are easily generated by the convolutional layers. To be more specific, we first simultaneously generate the coarse text region mask and the initially vanishing scene text image. Then, we obtain more accurate refined masks to better capture the locations of complicated-shape texts via a hierarchical mask generation network. Next, based on the refined masks, we exploit a channel-wise context-aware interaction mechanism to model the long-range relationships between the reconstruction region and the backgrounds for better removing the artifacts. Finally, we fuse the reconstructed text regions with the non-masked regions to obtain the ultimate protected image. Experiments on two frequently-used benchmarks SCUT-EnsText and SCUT-Syn demonstrate that our proposed method outperforms previous related methods by a large margin.","PeriodicalId":13492,"journal":{"name":"IEEE Transactions on Information Forensics and Security","volume":"20 ","pages":"1421-1433"},"PeriodicalIF":6.3,"publicationDate":"2025-01-10","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"142961528","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":1,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"Privacy and Fairness Analysis in the Post-Processed Differential Privacy Framework","authors":"Ying Zhao, Kai Zhang, Longxiang Gao, Jinjun Chen","doi":"10.1109/tifs.2025.3528222","DOIUrl":"https://doi.org/10.1109/tifs.2025.3528222","url":null,"abstract":"","PeriodicalId":13492,"journal":{"name":"IEEE Transactions on Information Forensics and Security","volume":"82 1","pages":""},"PeriodicalIF":6.8,"publicationDate":"2025-01-10","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"142961526","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":1,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}