Journal of Information Security and Applications最新文献

Collaborative intrusion detection in resource-constrained IoT environments: Challenges, methods, and future directions a review 资源受限物联网环境下的协同入侵检测：挑战、方法和未来方向综述

IF 3.8 2区计算机科学

Journal of Information Security and Applications Pub Date : 2025-06-17 DOI: 10.1016/j.jisa.2025.104127

Vasilis Ieropoulos , Eirini Anthi , Theodoros Spyridopoulos , Pete Burnap , Ioannis Mavromatis , Aftab Khan , Pietro Carnelli

{"title":"Collaborative intrusion detection in resource-constrained IoT environments: Challenges, methods, and future directions a review","authors":"Vasilis Ieropoulos , Eirini Anthi , Theodoros Spyridopoulos , Pete Burnap , Ioannis Mavromatis , Aftab Khan , Pietro Carnelli","doi":"10.1016/j.jisa.2025.104127","DOIUrl":"10.1016/j.jisa.2025.104127","url":null,"abstract":"<div><div>The rapid growth of technology has increased interconnected large-scale systems, broadening the attack surface for malicious actors. Traditional security solutions often employ centralised management of components like firewalls and intrusion detection systems for consistent configuration. This centralisation introduces a ”single point of failure,” risking severe consequences if compromised. While redundancy can mitigate concerns in IT systems, it does not scale well for larger systems. Edge computing, which pushes computation closer to endpoint devices, has been explored to improve scalability. The research community has also explored distributing and decentralising cybersecurity operations, especially intrusion detection, using new machine learning methods that mix centralised and distributed approaches to scale effectively while preserving data privacy. However, challenges remain in implementing these methods in large-scale IoT systems due to resource constraints. This paper evaluates intrusion detection methods in large-scale, resource-limited IoT systems, exploring the benefits of low-powered devices for network security and discussing solutions to current implementation challenges.</div></div>","PeriodicalId":48638,"journal":{"name":"Journal of Information Security and Applications","volume":"93 ","pages":"Article 104127"},"PeriodicalIF":3.8,"publicationDate":"2025-06-17","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"144298288","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

引用次数: 0

Automatic IoT permission assignment with transformer models under spatiotemporal constraints 时空约束下变压器模型的物联网权限自动分配

IF 3.8 2区计算机科学

Journal of Information Security and Applications Pub Date : 2025-06-16 DOI: 10.1016/j.jisa.2025.104099

Chao Fu , Guohua Shen , Zhiqiu Huang , Jian Xie , Jiazhou Fu

{"title":"Automatic IoT permission assignment with transformer models under spatiotemporal constraints","authors":"Chao Fu , Guohua Shen , Zhiqiu Huang , Jian Xie , Jiazhou Fu","doi":"10.1016/j.jisa.2025.104099","DOIUrl":"10.1016/j.jisa.2025.104099","url":null,"abstract":"<div><div>Permission assignment in IoT environments faces significant challenges due to dynamic spatiotemporal constraints and the limitations of traditional static access control models. This paper introduces a Transformer-Based Permission Assignment (TBPA), a novel framework integrating Long Short-Term Memory (LSTM) networks and Transformer architectures to automate permission assignment under spatiotemporal dynamics. TBPA uses LSTM to predict attribute trends, embeds attributes into the feature space through the Feature Tokenizer module, and Transformer’s multi-head attention mechanism to capture the complex relationships between attributes and permissions, enabling the dynamic assignment of permissions based on changing subject and environment attributes. To mitigate data imbalance, TBPA employs Synthetic Minority Over-sampling Technique and Tomek Links, enhancing prediction accuracy for critical “deny” decisions. Experiments on real-world and synthetic datasets demonstrate TBPA’s superiority, with a 1.5% improvement in F1 score over other methods. The robustness of the framework is validated across different IoT scenarios, including imbalanced datasets and dynamic spatiotemporal constraints. By automating permission assignment without manual intervention, TBPA bridges the gap between policy mining and real-time enforcement, offering a scalable solution for secure, context-aware IoT access control.</div></div>","PeriodicalId":48638,"journal":{"name":"Journal of Information Security and Applications","volume":"93 ","pages":"Article 104099"},"PeriodicalIF":3.8,"publicationDate":"2025-06-16","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"144290438","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

引用次数: 0

Reversible data hiding in encrypted image based on multiple linear regressions and adaptive adjustment of the prediction data 基于多元线性回归和预测数据自适应调整的加密图像可逆数据隐藏

IF 3.8 2区计算机科学

Journal of Information Security and Applications Pub Date : 2025-06-14 DOI: 10.1016/j.jisa.2025.104106

Hang Gao , Tiegang Gao

{"title":"Reversible data hiding in encrypted image based on multiple linear regressions and adaptive adjustment of the prediction data","authors":"Hang Gao , Tiegang Gao","doi":"10.1016/j.jisa.2025.104106","DOIUrl":"10.1016/j.jisa.2025.104106","url":null,"abstract":"<div><div>As an effective mean, reversible data hiding in encrypted images (RDH-EI) can be used for privacy protection by means of encryption and data hiding technology, and it can also be used to hide data in the encrypted image without any information of image content. In this paper, a large capacity RDH-EI algorithm based on multiple linear regressions (MLR) and multi-bit prediction (MBP) is proposed. In the scheme, the pixels of the original image are divided into two classes; the pixels in the first class is predicted by its afore pixel. The pixel in the second class is predicted by MLR through its four neighboring pixels, and then the label map of pixels (LMP) is adaptively generated based on the prediction error and smoothness of image. In this way, large capacity space for data hiding can be reserved before image encryption, and secret data can be embedded into the encrypted image by multi-bit substitution. Experiments and analyses on some standard test images and three image datasets show that the proposed scheme achieves the higher payload than those obtained with current state of the art methods, and the adjustment techniques is reasonable and effective.</div></div>","PeriodicalId":48638,"journal":{"name":"Journal of Information Security and Applications","volume":"93 ","pages":"Article 104106"},"PeriodicalIF":3.8,"publicationDate":"2025-06-14","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"144280813","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

引用次数: 0

Conformal prediction for labelling and updating online models in the presence of concept drift in cybersecurity 网络安全中存在概念漂移的在线模型标记和更新的保形预测

IF 3.8 2区计算机科学

Journal of Information Security and Applications Pub Date : 2025-06-14 DOI: 10.1016/j.jisa.2025.104120

David Escudero García , Noemí DeCastro-García

引用次数: 0

DRAC: A dynamic fine-grained access control scheme for cloud storage with censorship-coerced resistance DRAC：一种动态的细粒度访问控制方案，用于具有审查强制阻力的云存储

IF 3.8 2区计算机科学

Journal of Information Security and Applications Pub Date : 2025-06-13 DOI: 10.1016/j.jisa.2025.104123

Yuan Zhai , Haochen Yang , Jingyu Yao , Tao Wang , Yanwei Zhou , Feng Zhu , Bo Yang

{"title":"DRAC: A dynamic fine-grained access control scheme for cloud storage with censorship-coerced resistance","authors":"Yuan Zhai , Haochen Yang , Jingyu Yao , Tao Wang , Yanwei Zhou , Feng Zhu , Bo Yang","doi":"10.1016/j.jisa.2025.104123","DOIUrl":"10.1016/j.jisa.2025.104123","url":null,"abstract":"<div><div>The increasing reliance on cloud storage for data outsourcing raises concerns regarding the security and access to sensitive information and private data. To ensure the security of cloud data, encryption technology is widely applied in cloud storage. However, most existing encryption schemes rely on the assumption that encryption keys remain private, which may become invalid under censorship by unauthorized authorities, potentially leading to data leaks in the cloud. Furthermore, accessing and sharing data in the cloud are crucial for its utilization, and enabling authorized users to achieve fine-grained access control during the dynamic sharing of cloud data poses a significant challenge. To address these issues, this paper proposes a novel fine-grained access control scheme, DRAC. By combining deniable encryption primitives with ciphertext-policy attribute-based encryption technology that supports revocation, the proposed scheme achieves: (1) provide privacy protection for cloud data; (2) resist censorship by unauthorized authorities; and (3) support dynamic fine-grained access control for cloud data. The security and correctness of DRAC are analyzed theoretically, while its performance is evaluated experimentally. The results demonstrate that the system is feasible and effective in practical applications.</div></div>","PeriodicalId":48638,"journal":{"name":"Journal of Information Security and Applications","volume":"93 ","pages":"Article 104123"},"PeriodicalIF":3.8,"publicationDate":"2025-06-13","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"144280810","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

引用次数: 0

A cross-architecture malware detection approach based on intermediate representation 一种基于中间表示的跨架构恶意软件检测方法

IF 3.8 2区计算机科学

Journal of Information Security and Applications Pub Date : 2025-06-13 DOI: 10.1016/j.jisa.2025.104117

Claudia Greco , Michele Ianni

{"title":"A cross-architecture malware detection approach based on intermediate representation","authors":"Claudia Greco , Michele Ianni","doi":"10.1016/j.jisa.2025.104117","DOIUrl":"10.1016/j.jisa.2025.104117","url":null,"abstract":"<div><div>Detecting malware across diverse architectures and evasion techniques has become a critical challenge as modern malware increasingly targets non-traditional platforms such as IoT devices. Traditional signature-based approaches, which rely on architecture-specific bytecode patterns, often fail when malware is recompiled for different platforms or obfuscated to evade detection. In this paper, we propose a novel framework for cross-architecture, signature-based malware detection. Our approach leverages Intermediate Representation (IR) to identify malicious behaviors in a platform-independent manner. By matching higher-level patterns in the IR, our framework generates signatures capable of detecting malware across multiple architectures and resisting common obfuscation techniques. The proposed framework adopts the YARA syntax, a widely used tool for malware detection, while introducing custom high-level primitives that abstract complex IR constructs. These primitives simplify the rule-writing process, enabling more efficient and precise signature creation. Additionally, we discuss the limitations of current approaches and demonstrate how our framework advances the state of the art in signature-based malware detection.</div></div>","PeriodicalId":48638,"journal":{"name":"Journal of Information Security and Applications","volume":"93 ","pages":"Article 104117"},"PeriodicalIF":3.8,"publicationDate":"2025-06-13","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"144271074","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

引用次数: 0

VMC2-PS: Blockchain-based multi-copy data Pub/Sub service with fine-grained access control for multi-cloud storage VMC2-PS：基于区块链的多副本数据发布/订阅服务，具有多云存储的细粒度访问控制

IF 3.8 2区计算机科学

Journal of Information Security and Applications Pub Date : 2025-06-13 DOI: 10.1016/j.jisa.2025.104113

Xiaobing Shi , Jiawen Wu , Yifan Xu , Zhimei Sui , Lifei Wei , Kai Zhang

{"title":"VMC2-PS: Blockchain-based multi-copy data Pub/Sub service with fine-grained access control for multi-cloud storage","authors":"Xiaobing Shi , Jiawen Wu , Yifan Xu , Zhimei Sui , Lifei Wei , Kai Zhang","doi":"10.1016/j.jisa.2025.104113","DOIUrl":"10.1016/j.jisa.2025.104113","url":null,"abstract":"<div><div>Data Pub/Sub services provide a secure manner for publishers and subscribers to selectively share and receive data. Besides enabling privacy protection and anti-malicious propagation of data, blockchain-based multi-cloud storage schemes have recently been proposed. However, existing data Pub/Sub works fail to achieve the following features: (i) multi-copy and multi-cloud storage; (ii) ciphertext integrity verification; (iii) fine-grained bilateral access control. Therefore, we design a fine-grained and verifiable data Pub/Sub service, VMC<span><math><msup><mrow></mrow><mrow><mn>2</mn></mrow></msup></math></span>-PS, which implements multi-cloud multi-copy storage and ciphertext integrity verification with fine-grained bilateral access control. Technically, we perform attribute-based keyword search operations by the edge nodes and employ a dual-policy framework to define access/subscription policy. To realize integrity verification, we employ blockchain technology for ciphertext verification using the Merkle tree and store the ciphertext (copy) as blocks on multiple cloud servers. Moreover, we provide the security model and analyze the security of the solution, then evaluate its performance in real cloud environments. Especially, VMC<span><math><msup><mrow></mrow><mrow><mn>2</mn></mrow></msup></math></span>-PS runs 12<span><math><mo>×</mo></math></span> faster than relevant solutions in the data encryption phase (with the number of attributes is 50).</div></div>","PeriodicalId":48638,"journal":{"name":"Journal of Information Security and Applications","volume":"93 ","pages":"Article 104113"},"PeriodicalIF":3.8,"publicationDate":"2025-06-13","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"144270983","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

引用次数: 0

NID: A privacy-preserving operator based on Neural Information Diffusion NID：基于神经信息扩散的隐私保护算子

IF 3.8 2区计算机科学

Journal of Information Security and Applications Pub Date : 2025-06-13 DOI: 10.1016/j.jisa.2025.104105

Muhammad Luqman Naseem , Zipeng Ye , Qi Zhou , Wenjian Luo

{"title":"NID: A privacy-preserving operator based on Neural Information Diffusion","authors":"Muhammad Luqman Naseem , Zipeng Ye , Qi Zhou , Wenjian Luo","doi":"10.1016/j.jisa.2025.104105","DOIUrl":"10.1016/j.jisa.2025.104105","url":null,"abstract":"<div><div>Gradient inversion attacks (GIAs) pose a significant privacy threat to distributed learning paradigms, aiming to reconstruct the victim’s training data with high fidelity through shared gradients. To mitigate this issue, numerous privacy-preserving strategies have been proposed, yet few methods achieve a balance between efficiency, utility and privacy. In this paper, we will explore the limitations of the widely adopted privacy-preserving method in distributed learning, i.e., Local Differential Privacy (LDP), and expose that there is a discrepancy between the conceptualization of privacy budget and its practical application against gradient leakage attacks; simultaneously, we will reveal that under imbalanced data distributions, privacy-preserving methods based on random perturbations inevitably exacerbate the degradation of model performance. To alleviate these issues, we propose a plug-and-play privacy protection method based on Neural Information Diffusion (NID). In our approach, participants in training need only diffuse neural information in an unbiased manner, thus ensuring the privacy through propagatable randomness. We have evaluated our method in privacy-vulnerable scenarios and thoroughly demonstrated its effectiveness in resisting GIAs. Meanwhile, a comprehensive array of experimental configurations robustly shows that NID possesses the capability to balance model utility and privacy.</div></div>","PeriodicalId":48638,"journal":{"name":"Journal of Information Security and Applications","volume":"93 ","pages":"Article 104105"},"PeriodicalIF":3.8,"publicationDate":"2025-06-13","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"144280811","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

引用次数: 0

Covert secret-key agreement based on rate-splitting polar code 基于速率分裂极化码的秘密密钥协议

IF 3.8 2区计算机科学

Journal of Information Security and Applications Pub Date : 2025-06-13 DOI: 10.1016/j.jisa.2025.104119

Jiajia Wu , Ming Xu

{"title":"Covert secret-key agreement based on rate-splitting polar code","authors":"Jiajia Wu , Ming Xu","doi":"10.1016/j.jisa.2025.104119","DOIUrl":"10.1016/j.jisa.2025.104119","url":null,"abstract":"<div><div>In order to prevent illegal sensors from detecting the secret-key agreement process in the underwater acoustic channel (UAC), a covert secret-key agreement scheme based on rate-splitting polar code called RSPC is proposed. Firstly, a novel Bhattacharyya parameter is established and calculated by the transmitter for code construction according to the fading process of the UAC. The information set is then selected by sorting the reliability of the polarized sub-channels. Secondly, two independent codewords are obtained by the transmitter through rate-splitting and polar coding. Then, an UAC gain prediction algorithm is designed based on the first-order autoregressive model, Wiener–Khinchin theorem and Karush-Kuhn–Tucker (KKT) condition. Based on the rate-splitting and prediction algorithm, the index set of the polarized sub-channels is divided into a random set and a deterministic set, and the bitwise XOR operation is performed between the very high entropy bits of one codeword and the low entropy bits of the other codeword. This strategy improves the covertness of the codeword transmission in the UAC. According to the sensor-based observation and channel gain, the estimate of the codeword is obtained via successive cancellation decoding and the same secret-key can be extracted by the receiver. Finally, theoretical analyses are conducted on the reliability, covertness, and covert secret-key generation rate of the RSPC scheme. The simulation results show that compared with existing schemes, the RSPC scheme improves the above performance indicators by 21.26%, 47.19%, and 24.71%, respectively. Meanwhile, the secret-key generated by the RSPC scheme successfully passes the NIST randomness detection.</div></div>","PeriodicalId":48638,"journal":{"name":"Journal of Information Security and Applications","volume":"93 ","pages":"Article 104119"},"PeriodicalIF":3.8,"publicationDate":"2025-06-13","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"144280809","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

引用次数: 0

Privacy-preserving federated learning in asynchronous environment using homomorphic encryption 异步环境下使用同态加密保护隐私的联邦学习

IF 3.8 2区计算机科学

Journal of Information Security and Applications Pub Date : 2025-06-13 DOI: 10.1016/j.jisa.2025.104116

Mansi Gupta , Mohit Kumar , Renu Dhir

{"title":"Privacy-preserving federated learning in asynchronous environment using homomorphic encryption","authors":"Mansi Gupta , Mohit Kumar , Renu Dhir","doi":"10.1016/j.jisa.2025.104116","DOIUrl":"10.1016/j.jisa.2025.104116","url":null,"abstract":"<div><div>Integrating Federated Learning (FL) into Internet of Things (IoT)-based smart systems has introduced as a promising approach for enhancing data privacy by allowing decentralized model training. However, even with FL, the risk of privacy breaches persists, especially during communication phases, where adversaries may perform reverse engineering on gradients to infer sensitive information. To mitigate this, cryptographic techniques such as Secure Multiparty Computation (SMPC), Homomorphic Encryption (HE), and Differential Privacy (DP) are commonly employed. This paper proposes a novel FL framework that combines an improved Paillier HE scheme with quantization-based compression to enhance privacy, reduce communication overhead, and ensure computational efficiency. The framework operates in asynchronous settings by employing a dynamic timestamp mechanism to synchronize client updates and facilitate an efficient aggregation. The experimental evaluation using MNIST, CIFAR-10, and Fashion-MNIST datasets showed that the proposed method reduced the total training time and communication cost by 12.46% (for MNIST and CIFAR-10) and 14.72% (for Fashion-MNIST), respectively, compared to baseline models. The results confirmed the effectiveness of our approach in safeguarding privacy while maintaining scalability and resource efficiency in real-world IoT applications.</div></div>","PeriodicalId":48638,"journal":{"name":"Journal of Information Security and Applications","volume":"93 ","pages":"Article 104116"},"PeriodicalIF":3.8,"publicationDate":"2025-06-13","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"144270982","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

引用次数: 0