Journal of Information Security and Applications最新文献

QS-CPABE: Quantum-Safe CP-ABE with policy hiding and verifiable policy update for cloud storage 量子安全的CP-ABE，具有策略隐藏和可验证的云存储策略更新

IF 3.8 2区计算机科学

Journal of Information Security and Applications Pub Date : 2025-05-17 DOI: 10.1016/j.jisa.2025.104080

Sravya Gudipati , Syamkumar Pasupuleti , Padmavathy R.

引用次数: 0

A lightweight intrusion detection system for connected autonomous vehicles based on ECANet and image encoding 一种基于ECANet和图像编码的轻型联网自动驾驶汽车入侵检测系统

IF 3.8 2区计算机科学

Journal of Information Security and Applications Pub Date : 2025-05-17 DOI: 10.1016/j.jisa.2025.104082

Zhuoqun Xia , Longfei Huang , Jingjing Tan , Yongbin Yu , Wei Hao , Kejun Long

{"title":"A lightweight intrusion detection system for connected autonomous vehicles based on ECANet and image encoding","authors":"Zhuoqun Xia , Longfei Huang , Jingjing Tan , Yongbin Yu , Wei Hao , Kejun Long","doi":"10.1016/j.jisa.2025.104082","DOIUrl":"10.1016/j.jisa.2025.104082","url":null,"abstract":"<div><div>The Controller Area Network (CAN) bus plays an essential role in Connected Autonomous Vehicles (CAVs), yet its inherent design limitations regarding data protection make it susceptible to malicious intrusions. Contemporary research in intrusion detection predominantly employs Long Short-Term Memory (LSTM) models to analyze CAN IDs as time series data. However, the high computational complexity of LSTM models makes them unsuitable for resource constrained in-vehicle network. To address this problem, a lightweight IDS combining image encoding and an Efficient Channel Attention (ECA) network is proposed. Specifically, three temporal image encoding techniques, Gramian Angular Sum Fields, Markov Transition Fields, and Recurrence Plots are employed to transform CAN ID time-series data into single-channel images, which are then superimposed into three-channel images. A lightweight three-layer convolutional neural network integrated with an ECA module dynamically adjusts channel weights for image classification. Evaluated on real in-vehicle datasets, the method achieves classification accuracies of 99.83%, 99.98%, and 98.75% across three test scenarios with 5.5ms average inference time, demonstrating robust detection capability and computational efficiency.</div></div>","PeriodicalId":48638,"journal":{"name":"Journal of Information Security and Applications","volume":"92 ","pages":"Article 104082"},"PeriodicalIF":3.8,"publicationDate":"2025-05-17","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"144071994","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

引用次数: 0

Enhancing security in software defined networks: Privacy-preserving intrusion detection with Homomorphic Encryption 增强软件定义网络的安全性：利用同态加密保护隐私的入侵检测

IF 3.8 2区计算机科学

Journal of Information Security and Applications Pub Date : 2025-05-11 DOI: 10.1016/j.jisa.2025.104084

Vankamamidi S. Naresh, D. Ayyappa

{"title":"Enhancing security in software defined networks: Privacy-preserving intrusion detection with Homomorphic Encryption","authors":"Vankamamidi S. Naresh, D. Ayyappa","doi":"10.1016/j.jisa.2025.104084","DOIUrl":"10.1016/j.jisa.2025.104084","url":null,"abstract":"<div><div>This study proposes a novel privacy-preserving intrusion detection framework for software-defined networks (SDNs) by integrating Homomorphic Encryption (HE) with Deep Neural Networks (DNNs). The framework encrypts network traffic using HE before performing intrusion detection analysis with a DNN model, ensuring data confidentiality while enabling robust threat detection. The proposed approach involves encrypting the dataset, training the DNN-based intrusion detection model on encrypted data, and deploying the model within the SDN architecture. Key findings demonstrate that the DNN achieves high accuracy (87.11 %) on encrypted data, comparable to its performance on unencrypted data (99.99 %), indicating its suitability for secure applications. In contrast, traditional machine learning models such as Logistic Regression, Random Forest, and Decision Tree exhibit decreased accuracy on encrypted data compared to their performance on unencrypted data. The minimal performance difference of the DNN between encrypted and unencrypted datasets highlights its effectiveness for applications prioritizing security and privacy. The proposed framework incorporates encryption at critical stages, from data collection to application deployment, and leverages robust control mechanisms like SDN controllers and open flow switches to strengthen the overall security posture. This study represents a significant step towards achieving privacy-preserving intrusion detection in SDNs, contributing to ongoing efforts to enhance network security while safeguarding data privacy against evolving cybersecurity threats.</div></div>","PeriodicalId":48638,"journal":{"name":"Journal of Information Security and Applications","volume":"92 ","pages":"Article 104084"},"PeriodicalIF":3.8,"publicationDate":"2025-05-11","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"143931520","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

引用次数: 0

Novel 2D nonlinear sine-log-sqrt-logistic map and staircase block scrambling for a rapid image encryption algorithm 一种新的二维非线性正弦-对数-sqrt-logistic映射和阶梯块置乱快速图像加密算法

IF 3.8 2区计算机科学

Journal of Information Security and Applications Pub Date : 2025-05-10 DOI: 10.1016/j.jisa.2025.104085

Meng-meng Wang , Shun-wen Jin , Hongxia Wang , Man-tao Xu , Si-hang Liu

{"title":"Novel 2D nonlinear sine-log-sqrt-logistic map and staircase block scrambling for a rapid image encryption algorithm","authors":"Meng-meng Wang , Shun-wen Jin , Hongxia Wang , Man-tao Xu , Si-hang Liu","doi":"10.1016/j.jisa.2025.104085","DOIUrl":"10.1016/j.jisa.2025.104085","url":null,"abstract":"<div><div>In this paper, we propose a nonlinear 2-dimensional hyperchaotic map, called the 2D nonlinear sine-log-sqrt-logistic map (2D-NSLSLM), which introduces both the logarithmic function and the square root function. By incorporating the square root and logarithmic functions, the complexity of its nonlinear characteristics is further enhanced. This increases the dynamic complexity of the system and makes the system difficult to predict. Compared to some 2D chaotic maps, the 2D-NSLSLM exhibits higher sensitivity, a wider chaotic range, and more complex chaotic behavior. To explore its applications, 2D-NSLSLM is applied to formulate an image encryption algorithm with a new structure. The proposed algorithm consists of three steps: three rounds of staircase block scrambling, followed by one round of fast diffusion, and concluding with an additional round of staircase block scrambling. The simulation experiments prove that the structure not only has good anti-multiple-noise attacks and anti-differential attack ability, that is, it cleverly balances the robustness and anti-different attack ability, but also greatly improves the encryption speed. Through experiments and comparisons involving local Shannon entropy, information entropy, chosen plaintext attacks, and differential attacks, the results indicate that the new algorithm provides very secure encryption.</div></div>","PeriodicalId":48638,"journal":{"name":"Journal of Information Security and Applications","volume":"92 ","pages":"Article 104085"},"PeriodicalIF":3.8,"publicationDate":"2025-05-10","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"143927781","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

引用次数: 0

If you cannot Measure it, you cannot Secure it. A Case Study on Metrics for Informed Choice of Security Controls 如果你不能衡量它，你就不能确保它。安全控制的知情选择度量的案例研究

IF 3.8 2区计算机科学

Journal of Information Security and Applications Pub Date : 2025-05-09 DOI: 10.1016/j.jisa.2025.104056

Md Rayhanur Rahman , Imranur Rahman , Laurie Williams

{"title":"If you cannot Measure it, you cannot Secure it. A Case Study on Metrics for Informed Choice of Security Controls","authors":"Md Rayhanur Rahman , Imranur Rahman , Laurie Williams","doi":"10.1016/j.jisa.2025.104056","DOIUrl":"10.1016/j.jisa.2025.104056","url":null,"abstract":"<div><div>Information security standards such as the National Institute of Standards and Technology (NIST), and the International Organization for Standardization (ISO) specify hundreds of security controls to protect and defend information systems. However, implementing all the available controls simultaneously can be infeasible for organizations. Controls need to be chosen based on their degree of mitigation over attack techniques. <em>The goal of this research is to help organizations make an informed choice of security controls by proposing a set of metrics for measuring the degree of mitigation of attack techniques.</em> We propose a set of seven metrics to characterize the mitigation by security controls against attack techniques used in cyberattacks. We perform a case study in this paper, where we investigate the 298 NIST SP800-53 security controls and 201 adversarial techniques cataloged in the MITRE ATT&CK. Based on the metrics, we identify that only 107 out of 298 controls are capable of mitigating adversarial techniques. However, we also identify that 50 attack techniques cannot be mitigated by existing controls. We identify 21 critical controls based on the metrics, which also match 90% with NIST-provided priority codes and 70% with NIST-provided baselines, which evaluates the practical relevance of the metrics. Furthermore, we also identify that the critical controls are specified in an abstract manner, which could lead to varying degrees of implementation.</div></div>","PeriodicalId":48638,"journal":{"name":"Journal of Information Security and Applications","volume":"92 ","pages":"Article 104056"},"PeriodicalIF":3.8,"publicationDate":"2025-05-09","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"143924682","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

引用次数: 0

Detection of denial-of-service attack using a novel hybrid learning technique 基于混合学习技术的拒绝服务攻击检测

IF 3.8 2区计算机科学

Journal of Information Security and Applications Pub Date : 2025-05-08 DOI: 10.1016/j.jisa.2025.104081

Swethambri Mohan , Nandhini S, Gunaseelan K

{"title":"Detection of denial-of-service attack using a novel hybrid learning technique","authors":"Swethambri Mohan , Nandhini S, Gunaseelan K","doi":"10.1016/j.jisa.2025.104081","DOIUrl":"10.1016/j.jisa.2025.104081","url":null,"abstract":"<div><div>Physical Layer Security (PLS) in wireless networks is becoming crucial with advancements in technologies like Beyond-5G (B5G) and 6G. To address growing threats such as Denial of Service (DoS) attacks, PLS uses Machine Learning (ML) techniques to detect and counter these threats effectively. PLS secures wireless communication systems, by utilizing the physical properties of the communication medium such as signal metrics, channel characteristics and noise patterns. In this paper, a novel approach to classify attack and non-attack scenarios using Long Short-Term Memory-Fully Connected network (LSTM-FCNet) for feature extraction and Gradient Boost (GB) algorithm for classification has been proposed. The DoS attack datasets are generated in the form of jamming, where both attack and non-attack case wireless channel behaviour are captured using Channel State Information (CSI) under various Signal to Noise Ratio (SNR) conditions. The proposed hybrid learning technique plays a crucial role to extract features, in order to capture temporal dependencies in the data, which is significant for identifying delicate patterns. These features are then classified using the GB algorithm to accurately distinguish between attack and non-attack scenarios. The simulated results show that the attack detection accuracy has been achieved up to a maximum of 98.25 % for different SNR values, with precision, recall, and F1-score of all achieving 98 %. The Receiver Operating Characteristic (ROC) curve with a value of 0.99 indicates that the classifier has achieved a high True Positive Rate (TPR). The results ensure that the classifier works at peak accuracy for the developed attack detection model, effectively handling the generated DoS attack dataset.</div></div>","PeriodicalId":48638,"journal":{"name":"Journal of Information Security and Applications","volume":"92 ","pages":"Article 104081"},"PeriodicalIF":3.8,"publicationDate":"2025-05-08","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"143918406","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

引用次数: 0

A high-security batch message authentication protocol assisted by edge servers in industrial Internet of Things 基于边缘服务器的工业物联网高安全批量消息认证协议

IF 3.8 2区计算机科学

Journal of Information Security and Applications Pub Date : 2025-05-08 DOI: 10.1016/j.jisa.2025.104075

Han Yu , Jianhong Zhou , Maode Ma

{"title":"A high-security batch message authentication protocol assisted by edge servers in industrial Internet of Things","authors":"Han Yu , Jianhong Zhou , Maode Ma","doi":"10.1016/j.jisa.2025.104075","DOIUrl":"10.1016/j.jisa.2025.104075","url":null,"abstract":"<div><div>As the number of smart devices increases dramatically in industrial IoT (IIoT) systems, a large amount of privacy-sensitive data could be generated in manufacturing operations, and more message authentication operations need to be performed. Meanwhile, the processing of such data has to meet stringent requirements on communication latency, reliability, and security. However, the resource constraint in the IIoT systems prevents legacy resource-intensive security measures from being used directly in the systems. To address the massive data security issue with the consideration of the limitations of resource-constrained devices, we propose a new batch message authentication protocol supported by edge computing. Specifically, we propose to offload message authentication operations to the edge servers to reduce the authentication burden on the devices. Meanwhile, the protocol uses certificateless aggregate signatures to verify the legitimacy of messages in large batches, significantly reducing signaling overhead and avoiding key escrow. The proposed protocol has been formally verified by using Scyther tool, which demonstrates its capacity against major typical malicious attacks. Furthermore, the performance evaluation results show that the proposed protocol is efficient in terms of computational and communication costs.</div></div>","PeriodicalId":48638,"journal":{"name":"Journal of Information Security and Applications","volume":"92 ","pages":"Article 104075"},"PeriodicalIF":3.8,"publicationDate":"2025-05-08","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"143924681","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

引用次数: 0

Efficient, usable and Coercion-Resistant Blockchain-Based E-Voting 基于区块链的高效、可用和抗胁迫的电子投票

IF 3.8 2区计算机科学

Journal of Information Security and Applications Pub Date : 2025-05-06 DOI: 10.1016/j.jisa.2025.104074

Neyire Deniz Sarier

{"title":"Efficient, usable and Coercion-Resistant Blockchain-Based E-Voting","authors":"Neyire Deniz Sarier","doi":"10.1016/j.jisa.2025.104074","DOIUrl":"10.1016/j.jisa.2025.104074","url":null,"abstract":"<div><div>In Sarier (2021), the author presents a practical biometric-based non-transferable credential scheme that maintains the efficiency of the underlying Brands’ Credential (BC). In this paper, we design a new Blockchain-Based E-Voting (BBEV) scheme to solve the open problem of voter authentication in BBEV by combining the system of Sarier (2021) with <em>encrypted</em> Attribute Based Credential (ABC), where the latter is also based on BC. Despite of its efficiency, <em>encrypted</em> ABC is employed the first time<span><span><sup>2</sup></span></span> in the context of e-voting to achieve efficient, usable, anonymous, auditable, verifiable, and coercion-resistant BBEV for small/medium scale elections. To the best of our knowledge, the system is the first pre-encrypted digital ballot system for a non-transferable and user-centric BBEV that depends on the one-show BC both for biometric authentication and ballot generation leading to a natural prevention against double voting. Even though the system is instantiated with Bitcoin (BTC) due to its prevalence and various coin mixers available for anonymity, the system is designed to be generic in addition to avoiding complex smart contracts and heavy crypto-primitives. Thus, the new BBEV scheme can be extended to large-scale elections for public Blockchains with higher throughput/cheaper transaction fees compared to BTC/BCH or other UTXO-based Blockchains such as BSV. We analyze BBEV in terms of the highest security notion in e-voting, namely Coercion Resistance together with an efficiency estimate of its voting phase. Also, we evaluate BBEV in terms of the Multos smartcard implementation, where BC-based systems are already shown to be the most efficient on Multos. Finally, a cost analysis based on the last US presidential election data shows that, the new BBEV is advantageous over the traditional one if implemented for three consecutive elections.</div></div>","PeriodicalId":48638,"journal":{"name":"Journal of Information Security and Applications","volume":"92 ","pages":"Article 104074"},"PeriodicalIF":3.8,"publicationDate":"2025-05-06","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"143911681","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

引用次数: 0

QMDS:QKD-based multi-index data secure sharing solution on blockchain QMDS：区块链上基于qkd的多索引数据安全共享解决方案

IF 3.8 2区计算机科学

Journal of Information Security and Applications Pub Date : 2025-05-03 DOI: 10.1016/j.jisa.2025.104077

Dexin Zhu , Zilong Zhao , Jian Zhao , Lijun Song , Jun Zheng

{"title":"QMDS:QKD-based multi-index data secure sharing solution on blockchain","authors":"Dexin Zhu , Zilong Zhao , Jian Zhao , Lijun Song , Jun Zheng","doi":"10.1016/j.jisa.2025.104077","DOIUrl":"10.1016/j.jisa.2025.104077","url":null,"abstract":"<div><div>Aiming at the privacy leakage of user data in cloud storage, secure search of encrypted data in cloud storage has become a research hotspot. Most of the current schemes suffer from the problems of assuming secure key distribution channels and considering only one-to-one search mode. In this paper, we propose QMDS, QKD-based(Quantum key distribution-based) multi-index data secure sharing solution on blockchain. To ensure secure key sharing among multiple data owners and data users, we use an actual quantum key distribution network to generate theoretically absolutely secure symmetric quantum keys and encrypt files using quantum keys to achieve secure file storage. To achieve secure sharing of parameters among users, we use zero-knowledge to prove the legal identity of users’ keys. Combined with the Merkle tree, we propose the Merkle XOR tree(MXT). The multi-index structure containing high-priority keywords is extracted in MXT to achieve one-to-many secure retrieval. Meanwhile, we use smart contracts to reliably search and achieve a search time complexity of <span><math><mrow><mi>O</mi><mrow><mo>(</mo><mn>1</mn><mo>)</mo></mrow></mrow></math></span>. Based on the Decisional Diffie-Hellman(DDH) difficult problem assumption, it is proved that the scheme can guarantee the security of keyword index and trapdoor. The correctness and efficiency of the scheme are proved by a large number of actual data experiments.</div></div>","PeriodicalId":48638,"journal":{"name":"Journal of Information Security and Applications","volume":"91 ","pages":"Article 104077"},"PeriodicalIF":3.8,"publicationDate":"2025-05-03","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"143900052","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

引用次数: 0

Commander: A robust cross-machine multi-phase Advanced Persistent Threat detector via provenance analytics 指挥官：一个强大的跨机器多阶段高级持续威胁探测器，通过来源分析

IF 3.8 2区计算机科学

Journal of Information Security and Applications Pub Date : 2025-04-29 DOI: 10.1016/j.jisa.2025.104057

Qi Liu, Kaibin Bao, Veit Hagenmeyer

{"title":"Commander: A robust cross-machine multi-phase Advanced Persistent Threat detector via provenance analytics","authors":"Qi Liu, Kaibin Bao, Veit Hagenmeyer","doi":"10.1016/j.jisa.2025.104057","DOIUrl":"10.1016/j.jisa.2025.104057","url":null,"abstract":"<div><div>Intrusion detection systems (IDS) have traditionally focused on identifying malicious behaviors caused by malware undertaking a series of suspicious activities within a short time. Facing Advanced Persistent Threat (APT) actors employing the so-called low-and-slow strategy, defenders are often blindsided by the poor performance of these IDS. Provenance-based IDS (PIDS) emerged as a promising solution for reducing false alerts, detecting true attacks, and facilitating attack investigation, by causally linking and contextualizing indicative system activities in provenance graphs. However, most existing PIDS can detect neither multi-phase nor cross-machine APT attacks, enabled by persistence and lateral movement techniques, respectively. In the present work, we propose a new PIDS called <span>Commander</span>, which is, to our knowledge, the first system capable of detecting cross-machine multi-phase APT attacks. Further, <span>Commander</span> targets several evasion attacks that can bypass existing PIDS, making it more robust. In addition, <span>Commander</span> can perform whole network tracing for cross-machine multi-phase APT attacks across an industrial-sector organization, for which we additionally develop parsers for system logs of popular industrial controllers. We also develop detection rules with a reference to MITRE’s knowledge base for industrial control systems. Our evaluations show that <span>Commander</span> accurately detects attacks, outperforms existing detection systems, and delivers succinct and insightful attack graphs.</div></div>","PeriodicalId":48638,"journal":{"name":"Journal of Information Security and Applications","volume":"91 ","pages":"Article 104057"},"PeriodicalIF":3.8,"publicationDate":"2025-04-29","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"143881985","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

引用次数: 0