IEEE Transactions on Information Forensics and Security最新文献

筛选
英文 中文
Identifying Backdoored Graphs in Graph Neural Network Training: An Explanation-Based Approach with Novel Metrics 图神经网络训练中的后门图识别:一种基于解释的新度量方法
IF 6.8 1区 计算机科学
IEEE Transactions on Information Forensics and Security Pub Date : 2025-09-22 DOI: 10.1109/tifs.2025.3613061
Jane Downer, Ren Wang, Binghui Wang
{"title":"Identifying Backdoored Graphs in Graph Neural Network Training: An Explanation-Based Approach with Novel Metrics","authors":"Jane Downer, Ren Wang, Binghui Wang","doi":"10.1109/tifs.2025.3613061","DOIUrl":"https://doi.org/10.1109/tifs.2025.3613061","url":null,"abstract":"","PeriodicalId":13492,"journal":{"name":"IEEE Transactions on Information Forensics and Security","volume":"30 1","pages":""},"PeriodicalIF":6.8,"publicationDate":"2025-09-22","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"145127662","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":1,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 0
Differentially-Private Collaborative Online Personalized Mean Estimation 差分私有协同在线个性化均值估计
IF 6.8 1区 计算机科学
IEEE Transactions on Information Forensics and Security Pub Date : 2025-09-22 DOI: 10.1109/tifs.2025.3612276
Yauhen Yakimenka, Chung-Wei Weng, Hsuan-Yin Lin, Eirik Rosnes, Jörg Kliewer
{"title":"Differentially-Private Collaborative Online Personalized Mean Estimation","authors":"Yauhen Yakimenka, Chung-Wei Weng, Hsuan-Yin Lin, Eirik Rosnes, Jörg Kliewer","doi":"10.1109/tifs.2025.3612276","DOIUrl":"https://doi.org/10.1109/tifs.2025.3612276","url":null,"abstract":"","PeriodicalId":13492,"journal":{"name":"IEEE Transactions on Information Forensics and Security","volume":"40 1","pages":""},"PeriodicalIF":6.8,"publicationDate":"2025-09-22","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"145116686","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":1,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 0
Using Random Forests for Efficient Identification of Decoys Under Link Flooding Attacks in SDNs 基于随机森林的sdn链路泛洪攻击诱饵有效识别
IF 8 1区 计算机科学
IEEE Transactions on Information Forensics and Security Pub Date : 2025-09-19 DOI: 10.1109/TIFS.2025.3612159
Wenjie Yu;Boyang Zhou
{"title":"Using Random Forests for Efficient Identification of Decoys Under Link Flooding Attacks in SDNs","authors":"Wenjie Yu;Boyang Zhou","doi":"10.1109/TIFS.2025.3612159","DOIUrl":"10.1109/TIFS.2025.3612159","url":null,"abstract":"Software-defined networks (SDNs) face significant challenges from link flooding attacks (LFAs), where malicious bots flood towards a limited number of hidden hosts, known as decoys, at a low rate. Efficient decoy identification is crucial for mitigating LFAs and is more resource-efficient than traditional bot detection methods, given the smaller number of decoys compared to bots. This paper proposes a novel decoy identification mechanism (DIM) that utilizes the SDN controller to generate forwarding rules for critical switches, enabling them to classify and report decoy addresses effectively. DIM addresses the challenges of minimizing communication overhead between the controller and data plane while maintaining high classification accuracy. It optimizes critical switch selection by partitioning the network into smaller areas, which reduces communication costs while maximizing monitoring efficiency. Within each area, DIM pre-trains random forest (RF) models for the selected switches and generates their respective binary-encoded forwarding rules. These rules empower the switches to identify decoy addresses in LFA traffic at line speed. The identified addresses are then reported back to DIM for further analysis. Theoretical analysis demonstrates that DIM scales efficiently in terms of time and space complexity. Our evaluation with the NS-3 simulator—using real CAIDA traffic and a synthesized topology of over 30,000 nodes—shows DIM achieves 98.3% decoy identification accuracy, outperforming state-of-the-art models like LSTM and CNN in both accuracy and speed. Tests under routing changes and moving target defense scenarios confirm DIM’s robustness and adaptability, highlighting its practical effectiveness against LFAs.","PeriodicalId":13492,"journal":{"name":"IEEE Transactions on Information Forensics and Security","volume":"20 ","pages":"10636-10651"},"PeriodicalIF":8.0,"publicationDate":"2025-09-19","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"145089371","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":1,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 0
Detection of Unknown Attacks Through Encrypted Traffic: A Gaussian Prototype-Aided Variational Autoencoder Framework 通过加密流量检测未知攻击:高斯原型辅助变分自编码器框架
IF 6.8 1区 计算机科学
IEEE Transactions on Information Forensics and Security Pub Date : 2025-09-19 DOI: 10.1109/tifs.2025.3612141
Qianwei Meng, Jing Tao, Qingjun Yuan, Guangsong Li, Yongjuan Wang, Bing Gao, Siqi Lu
{"title":"Detection of Unknown Attacks Through Encrypted Traffic: A Gaussian Prototype-Aided Variational Autoencoder Framework","authors":"Qianwei Meng, Jing Tao, Qingjun Yuan, Guangsong Li, Yongjuan Wang, Bing Gao, Siqi Lu","doi":"10.1109/tifs.2025.3612141","DOIUrl":"https://doi.org/10.1109/tifs.2025.3612141","url":null,"abstract":"","PeriodicalId":13492,"journal":{"name":"IEEE Transactions on Information Forensics and Security","volume":"11 1","pages":""},"PeriodicalIF":6.8,"publicationDate":"2025-09-19","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"145089373","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":1,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 0
Optimal String Sanitization Against Strategic Attackers 针对战略攻击者的最优字符串消毒
IF 6.8 1区 计算机科学
IEEE Transactions on Information Forensics and Security Pub Date : 2025-09-19 DOI: 10.1109/tifs.2025.3610245
Pengxin Bian, George Theodorakopoulos, Solon P. Pissis, Grigorios Loukides
{"title":"Optimal String Sanitization Against Strategic Attackers","authors":"Pengxin Bian, George Theodorakopoulos, Solon P. Pissis, Grigorios Loukides","doi":"10.1109/tifs.2025.3610245","DOIUrl":"https://doi.org/10.1109/tifs.2025.3610245","url":null,"abstract":"","PeriodicalId":13492,"journal":{"name":"IEEE Transactions on Information Forensics and Security","volume":"162 1","pages":""},"PeriodicalIF":6.8,"publicationDate":"2025-09-19","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"145089370","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":1,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 0
JMA: a General Algorithm to Craft Nearly Optimal Targeted Adversarial Examples JMA:一种通用算法来制作接近最优的目标对抗示例
IF 6.8 1区 计算机科学
IEEE Transactions on Information Forensics and Security Pub Date : 2025-09-19 DOI: 10.1109/tifs.2025.3611121
Benedetta Tondi, Wei Guo, Niccolò Pancino, Mauro Barni
{"title":"JMA: a General Algorithm to Craft Nearly Optimal Targeted Adversarial Examples","authors":"Benedetta Tondi, Wei Guo, Niccolò Pancino, Mauro Barni","doi":"10.1109/tifs.2025.3611121","DOIUrl":"https://doi.org/10.1109/tifs.2025.3611121","url":null,"abstract":"","PeriodicalId":13492,"journal":{"name":"IEEE Transactions on Information Forensics and Security","volume":"36 1","pages":""},"PeriodicalIF":6.8,"publicationDate":"2025-09-19","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"145089372","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":1,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 0
Fine-Grained and Class-Incremental Malicious Account Detection in Ethereum via Dynamic Graph Learning 基于动态图学习的以太坊细粒度和类增量恶意账户检测
IF 8 1区 计算机科学
IEEE Transactions on Information Forensics and Security Pub Date : 2025-09-19 DOI: 10.1109/TIFS.2025.3612194
Hanbiao Du;Meng Shen;Yang Liu;Zheng Che;Jinhe Wu;Wei Wang;Liehuang Zhu
{"title":"Fine-Grained and Class-Incremental Malicious Account Detection in Ethereum via Dynamic Graph Learning","authors":"Hanbiao Du;Meng Shen;Yang Liu;Zheng Che;Jinhe Wu;Wei Wang;Liehuang Zhu","doi":"10.1109/TIFS.2025.3612194","DOIUrl":"10.1109/TIFS.2025.3612194","url":null,"abstract":"Ethereum serves as the cornerstone for value transfer in Web 3.0, providing a decentralized and efficient trust mechanism for global connectivity. However, the anonymity of Ethereum undermines market regulatory capabilities, leading to frequent malicious behaviors such as Ponzi Scheme, Money Laundering, and Phishing. Therefore, in the face of the diverse and continuously emerging malicious behaviors, implementing fine-grained detection is crucial for maintaining the prosperous development of the blockchain ecosystem. In this paper, we propose FiMAD, a fine-grained and class-incremental malicious account detection framework based on dynamic graph learning. Specifically, we first propose a general graph structure called Dynamic Account Relation Graph (DARG), which dynamically models Ethereum accounts from a continuous-time perspective. Then, we design a cascade graph feature extraction method to capture deep temporal evolution patterns and neighbor interaction features in DARG. Next, we construct a pre-training universal encoder to transform account features into high-dimensional embeddings, followed by fine-tuning the model classifier with a few labeled samples, enabling accurate fine-grained detection and rapid updates for incremental classes. We conduct extensive experiments using real Ethereum data. The results demonstrate that FiMAD outperforms state-of-the-art (SOTA) methods in fine-grained detection across five typical scenarios: class-incremental, full data, new malicious accounts, imbalanced data, and binary classification. In the class-incremental scenario, FiMAD improves the Macro-F1 by up to 26.4% compared to SOTA methods.","PeriodicalId":13492,"journal":{"name":"IEEE Transactions on Information Forensics and Security","volume":"20 ","pages":"10130-10145"},"PeriodicalIF":8.0,"publicationDate":"2025-09-19","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"145089506","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":1,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 0
LMAE4Eth: Generalizable and Robust Ethereum Fraud Detection by Exploring Transaction Semantics and Masked Graph Embedding LMAE4Eth:通过探索交易语义和掩码图嵌入的可推广和鲁棒的以太坊欺诈检测
IF 8 1区 计算机科学
IEEE Transactions on Information Forensics and Security Pub Date : 2025-09-19 DOI: 10.1109/TIFS.2025.3612149
Yifan Jia;Yanbin Wang;Jianguo Sun;Ye Tian;Peng Qian
{"title":"LMAE4Eth: Generalizable and Robust Ethereum Fraud Detection by Exploring Transaction Semantics and Masked Graph Embedding","authors":"Yifan Jia;Yanbin Wang;Jianguo Sun;Ye Tian;Peng Qian","doi":"10.1109/TIFS.2025.3612149","DOIUrl":"10.1109/TIFS.2025.3612149","url":null,"abstract":"As Ethereum confronts increasingly sophisticated fraud threats, recent research seeks to improve fraud account detection by leveraging advanced pre-trained Transformer or self-supervised graph neural network. However, current Transformer-based methods rely on context-independent, numerical transaction sequences, failing to capture semantic of account transactions. Furthermore, the pervasive homogeneity in Ethereum transaction records renders it challenging to learn discriminative account embeddings. Moreover, current self-supervised graph learning methods primarily learn node representations through graph reconstruction, resulting in suboptimal performance for node-level tasks like fraud account detection, while these methods also encounter scalability challenges. To tackle these challenges, we propose LMAE4Eth, a multi-view learning framework that fuses transaction semantics, masked graph embedding, and expert knowledge. We first propose a transaction-token contrastive language model (TxCLM) that transforms context-independent numerical transaction records into logically cohesive linguistic representations, and leverages language modeling to learn transaction semantics. To clearly characterize the semantic differences between accounts, we also use a token-aware contrastive learning pre-training objective, which, together with the masked transaction model pre-training objective, learns high-expressive account representations. We then propose a masked account graph autoencoder (MAGAE) using generative self-supervised learning, which achieves superior node-level account detection by focusing on reconstructing account node features rather than graph structure. To enable MAGAE to scale for large-scale training, we propose to integrate layer-neighbor sampling into the graph, which reduces the number of sampled vertices by several times without compromising training quality. Additionally, we initialize the account nodes in the graph with expert-engineered features to inject empirical and statistical knowledge into the model. Finally, using a cross-attention fusion network, we unify the embeddings of TxCLM and MAGAE to leverage the benefits of both. We evaluate our method against 21 baseline approaches on three datasets. Experimental results show that our method improves the F1-score by over 10% at most compared with the best baseline. Furthermore, we observe from three datasets that the proposed method demonstrates strong generalization ability compared to previous work. Our source code is avaliable at: <uri>https://github.com/lmae4eth/LMAE4Eth</uri>","PeriodicalId":13492,"journal":{"name":"IEEE Transactions on Information Forensics and Security","volume":"20 ","pages":"10260-10274"},"PeriodicalIF":8.0,"publicationDate":"2025-09-19","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"145089369","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":1,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 0
Detecting DeFi Fraud With a Graph-Transformer Language Model 用图转换语言模型检测DeFi欺诈
IF 8 1区 计算机科学
IEEE Transactions on Information Forensics and Security Pub Date : 2025-09-19 DOI: 10.1109/TIFS.2025.3612184
Wei Ma;Junjie Shi;Jiaxi Qiu;Cong Wu;Jing Chen;Lingxiao Jiang;Shangqing Liu;Yang Liu;Yang Xiang
{"title":"Detecting DeFi Fraud With a Graph-Transformer Language Model","authors":"Wei Ma;Junjie Shi;Jiaxi Qiu;Cong Wu;Jing Chen;Lingxiao Jiang;Shangqing Liu;Yang Liu;Yang Xiang","doi":"10.1109/TIFS.2025.3612184","DOIUrl":"10.1109/TIFS.2025.3612184","url":null,"abstract":"With the rapid development of blockchain technology, the widespread adoption of smart contracts—particularly in decentralized finance (DeFi) applications—has introduced significant security challenges, such as reentrancy attacks, phishing, and Sybil attacks. To address these issues, we propose a novel model called TrxGNNBERT, which combines Graph Neural Network (GNN) and the Transformer architecture to effectively handle both graph-structured and textual data. This combination enhances the detection of suspicious transactions and accounts on blockchain platforms like Ethereum. TrxGNNBERT was pre-trained using a masked language model (MLM) on a dataset of 60,000 Ethereum transactions by randomly masking the attributes of nodes and edges, thereby capturing deep semantic relationships and structural information. In this work, we constructed transaction subgraphs, using a GNN module to enrich the embedding representations, which were then fed into a Transformer encoder. The experimental results demonstrate that TrxGNNBERT outperforms various baseline models—including DeepWalk, Trans2Vec, Role2Vec, GCN, GAT, GraphSAGE, CodeBERT, GraphCodeBERT, Zipzap and BERT4ETH—in detecting suspicious transactions and accounts. Specifically, TrxGNNBERT achieved an accuracy of 0.755 and an F1 score of 0.756 on the TrxLarge dataset; an accuracy of 0.903 and an F1 score of 0.894 on the TrxSmall dataset; and an accuracy of 0.790 and an F1 score of 0.781 on the AddrDec dataset. We also explored different pre-training configurations and strategies, comparing the performance of encoder-based versus decoder-based Transformer structures. The results indicate that pre-training improves downstream task performance, with encoder-based structures outperforming decoder-based ones. Through ablation studies, we found that node-level information and subgraph structures are critical for achieving optimal performance in transaction classification tasks. When key features were removed, the model performance declined considerably, demonstrating the importance of each component of our method. These findings offer valuable insights for future research, suggesting further improvements in node attribute representation and subgraph extraction.","PeriodicalId":13492,"journal":{"name":"IEEE Transactions on Information Forensics and Security","volume":"20 ","pages":"10051-10065"},"PeriodicalIF":8.0,"publicationDate":"2025-09-19","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"145089368","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":1,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 0
Feature Reconstruction: Far Field EM Side-Channel Attacks in Complex Environment 特征重构:复杂环境下远场电磁侧信道攻击
IF 8 1区 计算机科学
IEEE Transactions on Information Forensics and Security Pub Date : 2025-09-18 DOI: 10.1109/TIFS.2025.3611788
Huanyu Wang;Dalin He;Deng Tuo;Junnian Wang
{"title":"Feature Reconstruction: Far Field EM Side-Channel Attacks in Complex Environment","authors":"Huanyu Wang;Dalin He;Deng Tuo;Junnian Wang","doi":"10.1109/TIFS.2025.3611788","DOIUrl":"10.1109/TIFS.2025.3611788","url":null,"abstract":"Far Field EM Side-Channel Attacks (FEM-SCAs) have emerged as a realistic security threat to widely deployed RF-integrated IoT edge devices. In mixed-signal chips, side-channel leakage may unintentionally couple with transmission signals and be emitted via the on-chip antenna, potentially allowing adversaries to extract sensitive information from the victim at long distances. However, in practical scenarios, far field EM traces captured at long distances usually suffer from noise and interference, which makes the attack less efficient or sometimes even unfeasible. In this paper, we propose a Domain-Adversarial ReFeature Nueral Network (DAR-NN) to facilitate “noisy-clean” adaptation for far field EM traces captured at long distances. By integrating a DAE model with two deep-learning classifiers as regularization terms, the proposed DAR-NN model can reconstruct features of traces obtained remotely in complex environments, thereby achieving a more efficient FEM-SCA. We first test our model by using a publicly available dataset and show that it is feasible to extract the AES key from 141 traces captured at 15 m distance to the victim, which is 58.7% more efficient than existing methods with 80% less profiling data. Afterwards, we set up a more complex experimental environment with a HackRF radio serving as an interference source. We show that the proposed model can still extract the key by using around 2K traces at 15 m even in the presence of 25% active interference, while the state-of-the-art model fails under same conditions.","PeriodicalId":13492,"journal":{"name":"IEEE Transactions on Information Forensics and Security","volume":"20 ","pages":"10066-10081"},"PeriodicalIF":8.0,"publicationDate":"2025-09-18","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"145083814","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":1,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 0
0
×
引用
GB/T 7714-2015
复制
MLA
复制
APA
复制
导出至
BibTeX EndNote RefMan NoteFirst NoteExpress
×
提示
您的信息不完整,为了账户安全,请先补充。
现在去补充
×
提示
您因"违规操作"
具体请查看互助需知
我知道了
×
提示
确定
请完成安全验证×
相关产品
×
本文献相关产品
联系我们:info@booksci.cn Book学术提供免费学术资源搜索服务,方便国内外学者检索中英文文献。致力于提供最便捷和优质的服务体验。 Copyright © 2023 布克学术 All rights reserved.
京ICP备2023020795号-1
ghs 京公网安备 11010802042870号
Book学术文献互助
Book学术文献互助群
群 号:604180095
Book学术官方微信