IEEE Transactions on Information Forensics and Security最新文献

{"title":"Hodor: Robust Fine-Grained Information Flow Control With Full Data Traffic Protection for Cloud-Edge Computing","authors":"Yansen Xin;Hui Ma;Rui Zhang","doi":"10.1109/TIFS.2025.3546846","DOIUrl":"10.1109/TIFS.2025.3546846","url":null,"abstract":"Cloud-edge computing has been widely-adopted for large-scale data sharing and processing. In practical data sharing systems, data are very sensitive and typically encrypted, such as health records. Unauthorized users may attempt to decrypt ciphertexts to recover the data. Due to mistakes or malice, some users might try to share sensitive information with others who do not have access. Clearly, strong access control should be employed to restrict the read and write privilege of users. There was a rich literature on mandatory fine-grained information flow control for such scenarios, but three important issues remain. First, payload privacy was often neglected. Most of the known solutions focused on the protection ciphertext header, but ignored the payload, i.e. encrypted data, which may leak information by a malicious sender. Second, no guarantee of the encrypted data. Ill-formed ciphertexts, e.g. encrypted garbage data, can pass the global policy check, causing decryption failures or disseminating bad information, hence are incapable of content distribution. Finally, the heavy computation cost of sender authentication impedes the practical deployment. In this work, we introduce Hodor, a robust fine-grained information flow control scheme that not only guards the transmission channel with mandatory fine-grained access control for massive data, but also protects whole data traffic, checks ciphertext well-formedness, and efficiently authenticates the sender. In particular, Hodor considers full data traffic protection of both the ciphertext header and encrypted payload to resist information leakage, completely verifies the consistency between the claimed access structure and the actual access structure, and achieves efficient sender authentication with a succinct challenge-response protocol. We present a formal model and give detailed proofs. We also implement and evaluate Hodor using various optimization techniques to boost its performance. The results demonstrate the efficiency and practicality of Hodor for cloud-edge data sharing.","PeriodicalId":13492,"journal":{"name":"IEEE Transactions on Information Forensics and Security","volume":"20 ","pages":"3074-3087"},"PeriodicalIF":6.3,"publicationDate":"2025-02-28","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"143526349","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":1,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"NTTproofs: A Maintainable and Aggregatable Vector Commitment With Fast Openings and Updates","authors":"Lijuan Huo;Libing Wu;Enshu Wang;Jinfei Liu;Chunshuo Li;Zemei Liu;Zhuangzhuang Zhang","doi":"10.1109/TIFS.2025.3546839","DOIUrl":"10.1109/TIFS.2025.3546839","url":null,"abstract":"In vector commitments, the complex process of generating and updating proofs, along with the large-sized proofs, seriously hinders the practicality of stateless cryptocurrencies. In this work, we present NTTproofs, containing two sub-schemes, a vector commitment (VC) and a mulit-vector commitment (MC). Both sub-schemes are maintainable and aggregatable, and they also enjoy fast openings (i.e., generating all the proofs) as well as efficient proof updates. MC in NTTproofs employs the Fast Number Theoretic Transform (NTT) and sharding technique to significantly improve the time of generating all proofs by up to <inline-formula> <tex-math>$0.76 times $ </tex-math></inline-formula> and <inline-formula> <tex-math>$0.32 times $ </tex-math></inline-formula>, respectively, over Balanceproofs, Matproofs. Moreover, our proposed MC in NTTproofs is efficiently maintainable and requires merely 15.78 milliseconds at <inline-formula> <tex-math>$n_{1}=n_{2}=2^{12}$ </tex-math></inline-formula> to update all proofs. Meanwhile, NTTproofs schemes exhibit superior aggregatability, taking 0.003 seconds in VC and 0.05 seconds in MC to aggregate 1024 proofs and reducing the size of an aggregated proof to a constant size of 96 Bytes. Finally, macrobenchmarks indicate that our proposed MC in NTTproofs outperforms the other schemes, but is slightly inferior to that of Balanceproofs.","PeriodicalId":13492,"journal":{"name":"IEEE Transactions on Information Forensics and Security","volume":"20 ","pages":"2778-2792"},"PeriodicalIF":6.3,"publicationDate":"2025-02-28","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"143526195","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":1,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"Privacy-Preserving Epidemiological Modeling on Mobile Graphs","authors":"Daniel Günther;Marco Holz;Benjamin Judkewitz;Hellen Möllering;Benny Pinkas;Thomas Schneider;Ajith Suresh","doi":"10.1109/TIFS.2025.3546850","DOIUrl":"10.1109/TIFS.2025.3546850","url":null,"abstract":"The latest pandemic COVID-19 brought governments worldwide to use various containment measures to control its spread, such as contact tracing, social distance regulations, and curfews. Epidemiological simulations are commonly used to assess the impact of those policies before they are implemented. Unfortunately, the scarcity of relevant empirical data, specifically detailed social contact graphs, hampered their predictive accuracy. As this data is inherently privacy-critical, a method is urgently needed to perform powerful epidemiological simulations on real-world contact graphs without disclosing any sensitive information. In this work, we present RIPPLE, a privacy-preserving epidemiological modeling framework enabling standard models for infectious disease on a population’s real contact graph while keeping all contact information locally on the participants’ devices. As a building block of independent interest, we present PIR-SUM, a novel extension to private information retrieval for secure download of element sums from a database. Our protocols are supported by a proof-of-concept implementation, demonstrating a 2-week simulation over half a million participants completed in 7 minutes, with each participant communicating less than 50 KB.","PeriodicalId":13492,"journal":{"name":"IEEE Transactions on Information Forensics and Security","volume":"20 ","pages":"3088-3101"},"PeriodicalIF":6.3,"publicationDate":"2025-02-28","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"143526350","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":1,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"A Lightweight and Dynamic Open-Set Intrusion Detection for Industrial Internet of Things","authors":"Xueji Yang;Fei Tong;Fang Jiang;Guang Cheng","doi":"10.1109/TIFS.2025.3546849","DOIUrl":"10.1109/TIFS.2025.3546849","url":null,"abstract":"Recently intrusion detection technology has been deployed in the Industrial Internet of Things (IIoT), which is an efficacious approach to enhancing security. However, identifying previously unseen and unknown attacks, referred to as the open-set problem, has become increasingly difficult due to the openness of IoT architecture and the continuous evolution of attack patterns. Moreover, existing open-set intrusion detection solutions are challenging to be applied directly to IIoT because of their unique characteristics, such as limited computational and storage capabilities, long detection times, and the inability to continuously learn. In this paper, we propose an efficient, lightweight, and dynamic open-set intrusion detection scheme for IIoT. It consists of three stages: the known attack classification stage focuses on extracting features from known data to efficiently classify normal data and known attacks; the unknown attack recognition stage analyzes the distribution of reconstruction errors to effectively distinguish between known data and unknown attacks; and the dynamic update detection stage introduces a lightweight detection architecture for unknown attacks detection, significantly reducing the computational overhead and storage requirements of IIoT devices. Simultaneously, it learns from and updates with newly detected unknown attacks to further optimize detection capabilities. We conduct experiments on four widely used datasets to evaluate the performance of open-set intrusion detection for IIoT. The experimental results delineate the superiority of our proposed method over four state-of-the-art approaches in open-set intrusion detection. Meanwhile, our proposed lightweight model updating method significantly reduces detection time by over 65% and memory overhead by over 80% compared to retraining methods, while achieving an average detection accuracy of 96%.","PeriodicalId":13492,"journal":{"name":"IEEE Transactions on Information Forensics and Security","volume":"20 ","pages":"2930-2943"},"PeriodicalIF":6.3,"publicationDate":"2025-02-28","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"143526201","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":1,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"Information-Theoretic Security Problem in Cluster Distributed Storage Systems: Regenerating Code Against Two General Types of Eavesdroppers","authors":"Tinghan Wang;Chenhao Ying;Jia Wang;Yuan Luo","doi":"10.1109/TIFS.2025.3546567","DOIUrl":"10.1109/TIFS.2025.3546567","url":null,"abstract":"In recent years, there has been growing interest in heterogeneous distributed storage systems (DSSs), such as clustered DSSs, which are widely used in practice. However, research regarding information-theoretic security in heterogeneous DSSs remains limited. Furthermore, unlike traditional DSSs, the heterogeneous DSSs face eavesdropper with diverse operating patterns, complicating the secrecy models. In this paper, we aim to investigate the secrecy capacity and code constructions for clustered DSSs (CDSSs), a type of heterogeneous DSSs in which the system is divided into clusters with an equal number of nodes and different repair bandwidths for intra-cluster and cross-cluster against two types of eavesdroppers: the occupying-type eavesdropper and the osmotic-type eavesdropper. We construct two CDSS secrecy models tailored to these aforementioned eavesdroppers, derive the upper bounds on adjustable secrecy capacities, and explore the relationships between the upper bounds of perfect secrecy capacities and the number of compromised nodes. Notably, the upper bounds obtained in this paper generalize those of the traditional DSS model. Additionally, we propose three repair-by-transfer code constructions that achieve the secrecy capacity under both eavesdropper scenarios. These codes are based on nested MDS code and represent a generalized form of the minimum bandwidth regenerating (MBR) codes in traditional DSSs.","PeriodicalId":13492,"journal":{"name":"IEEE Transactions on Information Forensics and Security","volume":"20 ","pages":"2852-2867"},"PeriodicalIF":6.3,"publicationDate":"2025-02-27","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"https://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=10906666","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"143518713","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":1,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"OA","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"Beyond Access Pattern: Efficient Volume-Hiding Multi-Range Queries Over Outsourced Data Services","authors":"Haoyang Wang;Kai Fan;Chong Yu;Kuan Zhang;Fenghua Li;Haojin Zhu","doi":"10.1109/TIFS.2025.3540576","DOIUrl":"10.1109/TIFS.2025.3540576","url":null,"abstract":"Multi-range query (MRQ) is a typical multi-attribute data query widely used in various practical applications. It is capable of searching all data objects contained in a query request. Many privacy-preserving MRQ schemes have been proposed to realize MRQ on encrypted data. However, existing MRQ schemes only consider the security threat caused by access pattern leakage, not the harm of volume pattern leakage. Moreover, most existing schemes cannot achieve efficient queries and updates while preserving the access pattern. In this paper, we propose an efficient MRQ scheme for hiding volume and access patterns. We first design a joint data index using Order-Revealing Encryption (ORE) and Pseudo-random functions (PRFs) to realize volume-hiding range queries. Then, we combine the private set intersection (PSI) and hardware Software Guard Extensions (SGX) to compute each attribute’s intersection of query results. In addition, we preserve access patterns during queries by designing a batch refresh algorithm and an update protocol. Finally, rigorous security analysis and extensive experiments demonstrate the security and performance of our scheme in real-world scenarios.","PeriodicalId":13492,"journal":{"name":"IEEE Transactions on Information Forensics and Security","volume":"20 ","pages":"2509-2522"},"PeriodicalIF":6.3,"publicationDate":"2025-02-27","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"143518716","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":1,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"Kullback-Leibler Divergence-Based Observer Design Against Sensor Bias Injection Attacks in Single-Output Systems","authors":"Fatih Emre Tosun;André M. H. Teixeira;Jingwei Dong;Anders Ahlén;Subhrakanti Dey","doi":"10.1109/TIFS.2025.3546167","DOIUrl":"10.1109/TIFS.2025.3546167","url":null,"abstract":"This paper considers observer-based detection of sensor bias injection attacks (BIAs) on linear cyber-physical systems with single output driven by white Gaussian noise. Despite their simplicity, BIAs pose a severe risk to systems with integrators, which we refer to as integrator vulnerability. Specifically, the residual generated by any linear observer is indistinguishable under attack and normal operation at steady state, making BIAs detectable only during transients. To address this, we propose a principled method based on Kullback-Leibler divergence to design a residual generator that significantly increases the signal-to-noise ratio against BIAs. For systems without integrator vulnerability, our method also enables a trade-off between transient and steady-state detectability. The effectiveness of the proposed method is demonstrated through numerical comparisons with three state-of-the-art residual generators.","PeriodicalId":13492,"journal":{"name":"IEEE Transactions on Information Forensics and Security","volume":"20 ","pages":"2763-2777"},"PeriodicalIF":6.3,"publicationDate":"2025-02-26","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"143507287","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":1,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"Efficient and Privacy-Preserving Ride Matching Over Road Networks Against Malicious ORH Server","authors":"Mingtian Zhang;Anjia Yang;Jian Weng;Min-Rong Chen;Huang Zeng;Yi Liu;Xiaoli Liu;Zhihua Xia","doi":"10.1109/TIFS.2025.3544453","DOIUrl":"10.1109/TIFS.2025.3544453","url":null,"abstract":"Online ride-hailing (ORH) services have become indispensable for our travel needs, offering the convenience of easily locating the nearest driver for riders through ride matching algorithms. However, existing ORH systems, such as Lyft and Didi, require users (both riders and drivers) to disclose their real-time location information during the matching process, thus giving rise to serious privacy concerns. Despite the proposal of various privacy-preserving ride-matching schemes, they remain insufficient in addressing potential malicious behaviors from the ORH server, such as colluding with designated drivers and deviation from computation protocols to interfere with the matching process. These behaviors lead to non-optimal matching results for riders. To address these issues, we present EMPRide, an efficient and privacy-preserving ride-matching scheme resistant to malicious ORH server. In EMPRide, we design an efficient and accurate computation of distances between users protocol, which integrates road network embedding and secure two-party computation. Additionally, we design a verification protocol that allows riders to verify the correctness of computed distances and matching results. Crucially, the communication overhead for riders in EMPRide remains constant, irrelevant to the number of available drivers. Our evaluation using real-world datasets demonstrates that EMPRide significantly outperforms existing solutions. Specifically, under identical conditions, in EMPRide, the computation speed on the ORH server is <inline-formula> <tex-math>$19.22times $ </tex-math></inline-formula> faster and the communication cost is <inline-formula> <tex-math>$8.08times $ </tex-math></inline-formula> less than state-of-the-art approaches. Moreover, riders experience a speed improvement of 4.84 orders of magnitude with <inline-formula> <tex-math>$1.30times $ </tex-math></inline-formula> less communication, while drivers benefit from a 4.79 orders of magnitude speed increase with <inline-formula> <tex-math>$1.45times $ </tex-math></inline-formula> less communication.","PeriodicalId":13492,"journal":{"name":"IEEE Transactions on Information Forensics and Security","volume":"20 ","pages":"2372-2386"},"PeriodicalIF":6.3,"publicationDate":"2025-02-25","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"143495479","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":1,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"Secrecy Coding for the Binary Symmetric Wiretap Channel via Linear Programming","authors":"Ali Nikkhah;Morteza Shoushtari;Bahareh Akhbari;Willie K. Harrison","doi":"10.1109/TIFS.2025.3545301","DOIUrl":"10.1109/TIFS.2025.3545301","url":null,"abstract":"In this paper, we use a linear programming (LP) optimization approach to evaluate the equivocation when coding over a wiretap channel model where the main channel is noiseless and the eavesdropper’s channel is a binary symmetric channel (BSC). Using this technique, we present a numerically-derived upper bound for the achievable secrecy rate in the finite blocklength regime that is tighter than traditional infinite blocklength bounds. We also propose a secrecy coding technique that outperforms random binning codes. When there is one overhead bit, this coding technique is optimum and achieves the newly derived bound. For cases with additional bits of overhead, our coding scheme can achieve equivocation rates close to the new bound. Furthermore, we explore the patterns of the generator matrix and the parity-check matrix for linear codes and we present binning techniques for both linear and nonlinear codes using two different approaches: recursive and non-recursive. To our knowledge, this is the first optimization solution for secrecy coding obtained through linear programming. Our new bounds and codes mark a significant breakthrough towards understanding fundamental limits of performance (and how to achieve them in some instances) for the binary symmetric wiretap channel with real finite blocklength coding constructions. Our techniques are especially useful for codes of small to medium blocklength, such as those that may be required by applications with small payloads, such as the Internet of Things.","PeriodicalId":13492,"journal":{"name":"IEEE Transactions on Information Forensics and Security","volume":"20 ","pages":"2450-2463"},"PeriodicalIF":6.3,"publicationDate":"2025-02-25","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"143495501","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":1,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"Reliable Open-Set Network Traffic Classification","authors":"Xueman Wang;Yipeng Wang;Yingxu Lai;Zhiyu Hao;Alex X. Liu","doi":"10.1109/TIFS.2025.3544067","DOIUrl":"10.1109/TIFS.2025.3544067","url":null,"abstract":"The widespread use of modern network communications necessitates effective resource control and management in TCP/IP networks. However, most existing network traffic classification methods are limited to labeled known classes and struggle to handle open-set scenarios, where known classes coexist with significant volumes of unknown classes of traffic. To solve this problem more accurately and reliably, we propose RoNeTC. This method achieves high-precision classification by enhancing feature extraction and quantifying the reliability of classification decisions through uncertainty estimation. For feature extraction, we divide each packet of a flow into three views for parallel training, integrating both local and global feature representations across multiple packets to enhance accuracy. We devise a second-order classification probability to quantify the reliability of the classifier’s results and to visualize the reliability of open-set flow classification in terms of uncertainty. Additionally, we dynamically fuse classification decisions from multiple views, evaluating decision uncertainty to classify known and unknown flows and ensure robust, reliable results. We compare RoNeTC with four state-of-the-art (SOTA) methods in six open-set scenarios. RoNeTC outperforms the other methods by an average of 25.94% in F1 across all open-set scenarios, indicating its superior performance in open-set network traffic classification.","PeriodicalId":13492,"journal":{"name":"IEEE Transactions on Information Forensics and Security","volume":"20 ","pages":"2313-2328"},"PeriodicalIF":6.3,"publicationDate":"2025-02-24","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"143486223","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":1,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}