{"title":"AsCred: An anonymous credential system based on batch partial blind signature and polymath","authors":"Xian Guo, Yongjie Zhao, Yudan Cheng, Wenjuan Jia, Yongbo Jiang","doi":"10.1016/j.jisa.2025.104151","DOIUrl":"10.1016/j.jisa.2025.104151","url":null,"abstract":"<div><div>Anonymous credentials are a vital tool for privacy-preserving authentication. However, existing signature-based schemes suffer from two limitations: (1) An issuer can only generate a single signature for an entire attribute set during a credential issuance stage, which makes it inflexible for a user to append new attributes to an existing valid credential; (2) During a selective disclosure phase, a user must compute a commitment for attributes that do not need to be disclosed to prove the authenticity of a selective disclosed attribute, which leads to extra computational overhead. In this paper, a novel anonymous credential system based on batch partial blind signature and Polymath (a zk-SNARK) is proposed, and it is called AsCred. The core ideas of AsCred are that an issuer can batch-sign each attribute within an attribute set in one-round interaction with a user during a credential issuance stage, which enables a user to flexibly append new attributes to an existing valid credential. Moreover, a user can generate a proof using only the attributes that are required to be disclosed and their corresponding signatures, which avoids using unnecessary attributes to calculate a commitment, and the signature information is not revealed by leveraging Polymath. We analyze our novel solution in a scenario where only a single attribute needs to be disclosed. Experimental results demonstrate that proof generation, verification time, and proof size in blind BBS+ signature-based and blind CL-based signature schemes exhibit linear overhead growth with the attribute set size. However, AsCred maintains constant-level performance across all metrics. Specifically, in AsCred, a single proof generation and verification time are 9 ms and 3.9 ms respectively, and the proof size is 342 bytes.</div></div>","PeriodicalId":48638,"journal":{"name":"Journal of Information Security and Applications","volume":"93 ","pages":"Article 104151"},"PeriodicalIF":3.8,"publicationDate":"2025-07-04","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"144556775","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Peng Yang , Zhuoyang Xie , Hongmei Pei , Tianwai Zhou , Kun Song
{"title":"A secure distributed resolution model for industrial internet identifier based on ordered multi-group signature","authors":"Peng Yang , Zhuoyang Xie , Hongmei Pei , Tianwai Zhou , Kun Song","doi":"10.1016/j.jisa.2025.104143","DOIUrl":"10.1016/j.jisa.2025.104143","url":null,"abstract":"<div><div>The security of the industrial Internet identifier resolution system is critical to ensuring the circulation of data in industrial production. Most existing schemes mainly use blockchain to solve problems such as a single point of failure and the unfair interests of multiple parties in the identifier resolution system. However, these schemes usually ignore the security of source data and transmission of the identifiers, which makes the identifiers vulnerable to manipulation or privacy disclosure. To address these issues, we propose a secure distributed resolution model for industrial Internet identifier based on ordered multi-group signature named SDRMI-OMGS. Specifically, a novel resolution model for industrial Internet identifier is proposed for enhancing the security of the identifiers in SDRMI-OMGS, which includes the Ordered Multi-Group Signature (OMGS) and the improved identifier encoding scheme. We conceive an authentication mechanism with OMGS to achieve trusted authentication of the identifiers and users during identifier resolution. Moreover, we utilize the confidentiality of asymmetric encryption and the immutability of blockchain to implement an identifier encoding scheme, which prevents the identifiers from manipulation or privacy disclosure during transmission. Finally, we prove the security of OMGS in SDRMI-OMGS based on the assumption of the hardness of the Elliptic Curve Discrete Logarithm Problem (ECDLP). Through experiments on the group signature, compared with the baselines, the extensive results show that the signature efficiency and verification of our scheme are increased by 67%, 40%, 58%, 35%, respectively in case of different members and groups.</div></div>","PeriodicalId":48638,"journal":{"name":"Journal of Information Security and Applications","volume":"93 ","pages":"Article 104143"},"PeriodicalIF":3.8,"publicationDate":"2025-07-03","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"144550038","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Weinan Liu , Jiawen Shi , Hong Wang , Tingting Chen , Zhaoyang Han , Qingqing Li
{"title":"Coordinate plane based authentication method for detecting clone node in wireless sensor networks","authors":"Weinan Liu , Jiawen Shi , Hong Wang , Tingting Chen , Zhaoyang Han , Qingqing Li","doi":"10.1016/j.jisa.2025.104148","DOIUrl":"10.1016/j.jisa.2025.104148","url":null,"abstract":"<div><div>Nowadays, wireless sensor networks (WSNs) have become a very promising technology for automatic data collection in many applications. Due to the feature of limited resource, WSNs are more vulnerable to certain attacks, such as node clone attacks. An adversary can clone a valid member sensor node and place the new clone node within the group to collect information in the group. The clone node has the same information as the cloned one, and can act as if it were the cloned one to obtain the group key, leading to leakage of group communication data. The current solutions have drawbacks; for instance, schemes based on IDS require additional component support. In this paper, a novel authentication scheme is proposed to address node clone attacks, utilizing a coordinate plane instead of geographical locations. This scheme also possesses additional functionalities, effectively managing node additions and revocations while incorporating collusion attack detection. Through theoretical analysis, the detection rate of our scheme is approximately 99.5%. Experimental simulations demonstrate that the practical detection rate of our scheme is 98.4%, which is lower than the theoretical maximum rate but is higher than that of many recent works and does not rely on additional mechanisms such as trust or hierarchical structures. Furthermore, through multiple rounds of detection, the overall detection rate can be further improved, and collusion attacks can be effectively identified.</div></div>","PeriodicalId":48638,"journal":{"name":"Journal of Information Security and Applications","volume":"93 ","pages":"Article 104148"},"PeriodicalIF":3.8,"publicationDate":"2025-07-03","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"144534635","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Cristian H.M. Souza , Túlio Pascoal , Emidio P. Neto , Galileu B. Sousa , Francisco S.L. Filho , Daniel M. Batista , Felipe S. Dantas Silva
{"title":"SDN-based solutions for malware analysis and detection: State-of-the-art, open issues and research challenges","authors":"Cristian H.M. Souza , Túlio Pascoal , Emidio P. Neto , Galileu B. Sousa , Francisco S.L. Filho , Daniel M. Batista , Felipe S. Dantas Silva","doi":"10.1016/j.jisa.2025.104145","DOIUrl":"10.1016/j.jisa.2025.104145","url":null,"abstract":"<div><div>Software-Defined Networking (SDN) has emerged as a key technology for countering evolving malware threats in 5G and Internet-of-Things (IoT) environments. This paper provides a comprehensive survey of SDN-based strategies for malware analysis and detection, consolidating several hundred candidate works and distilling a focused set of studies published up to April 2025. We examine approaches ranging from static code inspection and heuristic traffic monitoring to advanced machine learning and deep learning frameworks, demonstrating that these methods consistently achieve high detection accuracy with low false-positive rates while imposing only modest latency and resource overhead. We illustrate how SDN’s centralized control and programmable data plane enable rapid policy updates and real-time mitigation of malicious flows, surpassing traditional network defense mechanisms. Our review clarifies how AI-driven techniques enhance the identification of novel and obfuscated malware, and highlights persistent challenges such as the need for standardized datasets, controller scalability, and privacy-preserving inspection. By synthesizing key insights, open issues, and future research directions, this survey underscores the essential role of SDN in fortifying contemporary cybersecurity architectures.</div></div>","PeriodicalId":48638,"journal":{"name":"Journal of Information Security and Applications","volume":"93 ","pages":"Article 104145"},"PeriodicalIF":3.8,"publicationDate":"2025-07-02","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"144534634","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Yang Yang , Xiangjie Huang , Han Fang , Weiming Zhang
{"title":"IPMN: Invertible privacy-preserving mask network with intellectual property protection","authors":"Yang Yang , Xiangjie Huang , Han Fang , Weiming Zhang","doi":"10.1016/j.jisa.2025.104149","DOIUrl":"10.1016/j.jisa.2025.104149","url":null,"abstract":"<div><div>Facial information is widely used in security fields like identity authentication. But the large number of facial images online makes them vulnerable to unauthorized capture, posing privacy and security risks. Existing face privacy protection methods aim to mitigate these risks. However, many of these methods lack reversibility, making it impossible to restore the original face when needed. Additionally, they often neglect model intellectual property (IP) protection, leaving methods vulnerable to unauthorized stealing. Therefore, to address the shortcomings of existing face privacy protection methods in IP protection, this paper proposes an invertible privacy protection mask network with IP protection. The proposed method consists of two main parts: facial privacy protection and IP protection. For facial privacy protection, the mask generator replaces facial features with other faces and generates the mask, which is then embedded with the watermark to generate the watermarked mask. This watermarked mask conceals the original face by the putting on mask network, and the original face can be restored by the putting off mask network. For IP protection, the watermark extractor network is a key component that can extract the watermark from images of the sender, receiver and attacker to verify the method’s IP. Experimental results show that the proposed method has good effects in both privacy protection and IP protection, providing double security for face privacy protection.</div></div>","PeriodicalId":48638,"journal":{"name":"Journal of Information Security and Applications","volume":"93 ","pages":"Article 104149"},"PeriodicalIF":3.8,"publicationDate":"2025-07-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"144524298","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
{"title":"Detecting audio splicing forgery: A noise-robust approach with Swin Transformer and cochleagram","authors":"Tolgahan Gulsoy , Elif Kanca Gulsoy , Arda Ustubioglu , Beste Ustubioglu , Elif Baykal Kablan , Selen Ayas , Guzin Ulutas , Gul Tahaoglu , Mohamed Elhoseny","doi":"10.1016/j.jisa.2025.104130","DOIUrl":"10.1016/j.jisa.2025.104130","url":null,"abstract":"<div><div>Audio splicing forgery involves cutting specific parts of an audio recording and inserting or combining them into another audio recording. This manipulation technique is often used to create misleading or fake audio content, particularly in digital media environments. The detection of audio splicing forgery is of great importance, especially in forensic analysis, security applications and media verification processes. In this paper, we present a novel noise robust method for detecting audio splicing forgery. The proposed method converts audio signals into cochleagram images, which are then input into SWIN transformer model for training. Following the training process, the model classifies and labels test audio files as either original or fake. In the experiments, the method is tested on data sets of varying durations. The results demonstrate high performance across different datasets, both without and with Gaussian noise, as well as under real-world environmental noise attacks with varying audio durations. For example, under 30 dB noise condition on 2-second data segments, the model achieved an accuracy of 94.33%, precision of 96.46%, recall of 92.90%, and an F1-score of 94.65%. For rain noise condition, the proposed method achieves the highest accuracy of 93.26%, precision of 99.83%, and F1-score of 95.48% .</div></div>","PeriodicalId":48638,"journal":{"name":"Journal of Information Security and Applications","volume":"93 ","pages":"Article 104130"},"PeriodicalIF":3.8,"publicationDate":"2025-07-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"144517765","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
{"title":"Secure order based voting using distributed tallying","authors":"Tamir Tassa , Lihi Dery , Arthur Zamarin","doi":"10.1016/j.jisa.2025.104141","DOIUrl":"10.1016/j.jisa.2025.104141","url":null,"abstract":"<div><div>Electronic voting systems have significant advantages in comparison with physical voting systems. One of the main challenges in e-voting systems is to secure the voting process: namely, to certify that the computed results are consistent with the cast ballots and that the voters’ privacy is preserved. We propose herein a secure voting protocol for elections that are governed by order-based voting rules. Our protocol, in which the tallying task is distributed among several independent talliers, offers perfect ballot secrecy in the sense that it issues only the required output while no other information on the cast ballots is revealed. Such perfect secrecy, achieved by employing secure multiparty computation tools, may increase the voters’ confidence and, consequently, encourage them to vote according to their true preferences. We implemented a demo of a voting system that is based on our protocol and we describe herein the system’s components and its operation. Our implementation demonstrates that our secure order-based voting protocol can be readily implemented in real-life large-scale electronic elections.</div></div>","PeriodicalId":48638,"journal":{"name":"Journal of Information Security and Applications","volume":"93 ","pages":"Article 104141"},"PeriodicalIF":3.8,"publicationDate":"2025-07-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"144517766","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Xiaoyi Ge , Xiongwei Zhang , Meng Sun , Yimin Wang , Li Li , Kunkun SongGong
{"title":"Cross-domain redundancy exploration by a deep encoder–decoder network for speech steganography","authors":"Xiaoyi Ge , Xiongwei Zhang , Meng Sun , Yimin Wang , Li Li , Kunkun SongGong","doi":"10.1016/j.jisa.2025.104150","DOIUrl":"10.1016/j.jisa.2025.104150","url":null,"abstract":"<div><div>The technique of speech steganography involves embedding messages within openly transmitted speech channels without arousing suspicion. Nevertheless, current methods for embedding speech in speech suffer from weak imperceptibility and low message speech intelligibility. In this paper, we introduce a novel approach that explores cross-domain redundancy by leveraging a deep encoder–decoder neural network architecture to embed Mel-spectrograms into magnitude spectrograms. Specifically, the message is transformed into its Mel-spectrogram, while the cover is transformed into its magnitude spectrogram. Subsequently, the Mel-spectrogram is embedded as residuals in the magnitude spectrogram through an encoder known as the spectrogram super-resolution network (SSRN). Upon receiving the stego, a decoder network recoveres the Mel-spectrograms of the messages, and a high-fidelity HiFi-GAN vocoder then recovers the message waveform. The encoder–decoder network’s parameters are optimized to ensure imperceptibility and high quality. To validate the superiority of our proposed method, we compare it with recently proposed baselines using common databases such as the LJ Speech and VCTK datasets. Experimental results demonstrate that our method achieves SNRs of 33.83 dB and 30.28 dB for the cover signals on these two datasets, respectively. Furthermore, both the content and speaker identity of the recovered messages are well preserved, and the experiments also confirm the robustness against noises and the security of our approach.</div></div>","PeriodicalId":48638,"journal":{"name":"Journal of Information Security and Applications","volume":"93 ","pages":"Article 104150"},"PeriodicalIF":3.8,"publicationDate":"2025-06-30","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"144517446","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pengbo Liu , Lin Teng , Herbert Ho-Ching Iu , Mingxu Wang , Qi Li , Xianping Fu
{"title":"High sensitivity image encryption algorithm based on cascaded chaotic system","authors":"Pengbo Liu , Lin Teng , Herbert Ho-Ching Iu , Mingxu Wang , Qi Li , Xianping Fu","doi":"10.1016/j.jisa.2025.104153","DOIUrl":"10.1016/j.jisa.2025.104153","url":null,"abstract":"<div><div>Chaotic systems are widely used in cryptography due to their complexity and unpredictability. This paper proposes a novel power exponential chaotic system (PECS), which gives the system better cryptographic properties than the classical and newest ones through the experimental results shown. Furthermore, the systems are applied to a new encryption method to improve the security and robustness of image communication. First, the initial parameters and key stream are perturbed by plaintext information. Then, block the plaintext image with a modified chaotic sequence and carry out the dynamic diffusion on the scrambled pixels to obtain the encrypted image. Among them, one of the interference values in diffusion is the dynamic ciphertext pixel selected by the previous diffusion pixel and chaos interference value. Both the scrambling and diffusion phases incorporate interference from the plaintext and intermediate ciphertext pixels. Therefore, the proposed algorithm has high plaintext information sensitivity to better defend chosen-plaintext attacks. Experimental analysis shows that the metrics such as Entropy (IE), Unified Average Changing Intensity (UACI), Shannon entropy et al. of our algorithm are all close to ideal results, demonstrating its ability to resist cryptographic attacks.</div></div>","PeriodicalId":48638,"journal":{"name":"Journal of Information Security and Applications","volume":"93 ","pages":"Article 104153"},"PeriodicalIF":3.8,"publicationDate":"2025-06-30","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"144517445","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Deyu Tong , Hongxin Han , Can Li , Fengting Wang , Weilong Kong , Na Ren
{"title":"ConZWNet: A contrastive learning-based zero-watermarking network for high robustness and distinguishability","authors":"Deyu Tong , Hongxin Han , Can Li , Fengting Wang , Weilong Kong , Na Ren","doi":"10.1016/j.jisa.2025.104139","DOIUrl":"10.1016/j.jisa.2025.104139","url":null,"abstract":"<div><div>Zero-watermarking is an effective solution for image copyright protection without altering the original content. However, current deep learning-based methods suffer from two key limitations. First, most feature extraction networks, originally designed for classification, lack robust feature learning essential for resisting attacks. Second, conventional methods seldom incorporate the generated watermark back into training, missing opportunities to further optimize the model. To address these issues, we propose ConZWNet, a two-stage framework that integrates contrastive learning with feedback-driven zero-watermark generation. In the first stage, we use ConvNeXt to learn invariant, attack-resistant features via contrastive learning on weak–strong augmentation. In the second stage, a residual network coupled with a Multi-Layer Perceptron (MLP) fuses features from host and copyright images to produce a latent zero-watermark, which is then verified by an MLP-based copyright identification network. This feedback loop optimizes feature fusion and transforms zero-watermark generation into a self-supervised process. Extensive experiments demonstrate that ConZWNet achieves state-of-the-art robustness against various attacks while ensuring high distinguishability among host images and copyrights. Ablation studies confirm the effectiveness of components, including two-stage architecture, contrastive learning, weak–strong augmentation, and copyright identification network. The source code is publicly available at <span><span>https://github.com/hanhongxin1028/ConZWNet</span><svg><path></path></svg></span>.</div></div>","PeriodicalId":48638,"journal":{"name":"Journal of Information Security and Applications","volume":"93 ","pages":"Article 104139"},"PeriodicalIF":3.8,"publicationDate":"2025-06-28","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"144501975","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}