Journal of Information Security and Applications最新文献

筛选
英文 中文
A tenant-aware deep learning-based intrusion detection system for detecting DDoS attacks in multi-tenant SaaS networks 基于租户感知的深度学习入侵检测系统,用于多租户SaaS网络中的DDoS攻击检测
IF 3.7 2区 计算机科学
Journal of Information Security and Applications Pub Date : 2025-10-03 DOI: 10.1016/j.jisa.2025.104251
M. Franckie Singha, Ripon Patgiri, Laiphrakpam Dolendro Singh
{"title":"A tenant-aware deep learning-based intrusion detection system for detecting DDoS attacks in multi-tenant SaaS networks","authors":"M. Franckie Singha,&nbsp;Ripon Patgiri,&nbsp;Laiphrakpam Dolendro Singh","doi":"10.1016/j.jisa.2025.104251","DOIUrl":"10.1016/j.jisa.2025.104251","url":null,"abstract":"<div><div>Software-as-a-Service (SaaS) platforms are a crucial aspect of cloud computing and are increasingly vulnerable to Distributed Denial of Service (DDoS) attacks, primarily due to their underlying multi-tenant architecture. Conventional intrusion detection systems cannot generalize effectively across tenants, resulting in high levels of false positives and limited adaptability. We have addressed this risk by designing a tenant-aware deep learning-based intrusion detection system for multi-tenant SaaS environments. Our hybrid model employs Capsule Networks to extract spatial features and Long Short-Term Memory (LSTM) networks to recognize temporal patterns. Our innovative contribution is a new tenant embedding system that incorporates tenant-specific behavioral context into the model, enabling the system to capture variations in benign behaviors within the context of evolving attack traffic. Experimental evaluations on CICIDS2017, CICDDoS2019, and CSE-CIC-IDS2018 datasets demonstrated that our proposed model achieved higher accuracy, precision, and generalization across tenants. Furthermore, various ablation test is done to validate our model. However, the zero-shot ablation study shows reduced effectiveness on unseen tenants. This demonstrates the importance of tenant embeddings and motivating future research on adaptive mechanisms. We also integrated SHAP-based interpretability analysis to improve the transparency of the system and provide insights into feature importance. Our work takes initial steps toward developing practical and explainable IDS solutions for adaptive, multi-tenant SaaS environments.</div></div>","PeriodicalId":48638,"journal":{"name":"Journal of Information Security and Applications","volume":"94 ","pages":"Article 104251"},"PeriodicalIF":3.7,"publicationDate":"2025-10-03","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"145219531","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 0
PrivNN: A private and efficient framework for spatial nearest neighbor query processing PrivNN:一个私有且高效的空间最近邻查询处理框架
IF 3.7 2区 计算机科学
Journal of Information Security and Applications Pub Date : 2025-09-27 DOI: 10.1016/j.jisa.2025.104244
Zechun Cao, Brian Kishiyama, Jeong Yang
{"title":"PrivNN: A private and efficient framework for spatial nearest neighbor query processing","authors":"Zechun Cao,&nbsp;Brian Kishiyama,&nbsp;Jeong Yang","doi":"10.1016/j.jisa.2025.104244","DOIUrl":"10.1016/j.jisa.2025.104244","url":null,"abstract":"<div><div>A common query type in location-based services (LBS) is finding the nearest neighbor (NN) of a given query object. However, the exact location of the query object is often sensitive information, posing significant privacy risks if the LBS server is untrusted or compromised. In this paper, we propose PrivNN, a novel spatial NN query processing framework that allows users to perform exact NN queries without revealing their location. Our framework introduces a novel spatial NN search algorithm, Dynamic Hierarchical Voronoi Overlay (DHVO), which efficiently finds the nearest neighbor by iteratively refining the search region using multi-granular Voronoi diagrams. We also present a client–server communication protocol that enables the server to respond to encrypted spatial NN queries by employing homomorphic encryption. We rigorously prove the correctness of our algorithm, analyze the theoretical properties of our framework, and demonstrate its strong security and robust privacy bounds. We implement and evaluate PrivNN on real-world spatial datasets, showing that it substantially reduces computational and communication overhead while remaining practical for private NN search in LBS applications.</div></div>","PeriodicalId":48638,"journal":{"name":"Journal of Information Security and Applications","volume":"94 ","pages":"Article 104244"},"PeriodicalIF":3.7,"publicationDate":"2025-09-27","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"145158207","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 0
Victimization in DDoS attacks: The role of popularity and industry sector 受害在DDoS攻击中的作用:受欢迎程度和行业部门
IF 3.7 2区 计算机科学
Journal of Information Security and Applications Pub Date : 2025-09-27 DOI: 10.1016/j.jisa.2025.104242
Muhammad Yasir Muzayan Haq , Antonia Affinito , Alessio Botta , Anna Sperotto , Lambert J.M. Nieuwenhuis , Mattijs Jonker , Abhishta Abhishta
{"title":"Victimization in DDoS attacks: The role of popularity and industry sector","authors":"Muhammad Yasir Muzayan Haq ,&nbsp;Antonia Affinito ,&nbsp;Alessio Botta ,&nbsp;Anna Sperotto ,&nbsp;Lambert J.M. Nieuwenhuis ,&nbsp;Mattijs Jonker ,&nbsp;Abhishta Abhishta","doi":"10.1016/j.jisa.2025.104242","DOIUrl":"10.1016/j.jisa.2025.104242","url":null,"abstract":"<div><div>Distributed denial-of-service (DDoS) attacks may be driven not only by economic motives such as extortion, but also by social or political goals, including hacktivism and state-sponsored operations. Therefore, the monetary value of a target alone does not fully explain why some organizations are more frequently victimized. While cloud providers deploy advanced defenses — such as Anycast routing, traffic scrubbing, and filtering — they also concentrate many potential targets within a shared infrastructure, increasing their exposure to DDoS attacks.</div><div>This study aims to understand what makes organizations more suitable DDoS targets by examining two key attributes: visibility and perceived value, represented by website popularity and industry sector. We also investigate how the customer portfolio of cloud and data center providers influences the DDoS threat to their infrastructure.</div></div><div><h3>Research Questions:</h3><div>• How do organizational characteristics related to value and visibility — specifically, popularity and industry sector — correlate with the threat of DDoS attacks?</div><div>• How does the diversity of customer business sectors hosted by a cloud or data center provider influence the DDoS threat to its infrastructure?</div></div><div><h3>Methodology:</h3><div>We conducted a large-scale analysis of DDoS incidents inferred from network telescope data spanning five years. We estimated target visibility and value using Alexa ranks and Cisco Umbrella content categories. We also analyzed the relationship between customer sector composition and DDoS threat at the provider level.</div></div><div><h3>Key Findings:</h3><div>• Popular websites are more frequently attacked, though this pattern weakened during the COVID-19 pandemic.</div><div>• Certain industry sectors face significantly higher and repeated DDoS threats.</div><div>• Cloud providers serving a higher proportion of high-risk sectors are more likely to face frequent DDoS attacks.</div></div>","PeriodicalId":48638,"journal":{"name":"Journal of Information Security and Applications","volume":"94 ","pages":"Article 104242"},"PeriodicalIF":3.7,"publicationDate":"2025-09-27","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"145158209","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 0
Anti-traceable backdoor: Blaming malicious poisoning on innocents in non-IID federated learning 反溯源后门:指责非iid联合学习中无辜者的恶意中毒
IF 3.7 2区 计算机科学
Journal of Information Security and Applications Pub Date : 2025-09-26 DOI: 10.1016/j.jisa.2025.104240
Bei Chen , Gaolei Li , Haochen Mei , Jianhua Li , Mingzhe Chen , Mérouane Debbah
{"title":"Anti-traceable backdoor: Blaming malicious poisoning on innocents in non-IID federated learning","authors":"Bei Chen ,&nbsp;Gaolei Li ,&nbsp;Haochen Mei ,&nbsp;Jianhua Li ,&nbsp;Mingzhe Chen ,&nbsp;Mérouane Debbah","doi":"10.1016/j.jisa.2025.104240","DOIUrl":"10.1016/j.jisa.2025.104240","url":null,"abstract":"<div><div>Backdoor attacks pose an extremely serious threat to federated learning (FL), where victim models are susceptible to specific triggers. To counter the defense, a smart attacker will forcefully and actively camouflage its behavior profiles (i.e., trigger invisibility and malicious collusion). However, in a more practical scenario where the label distribution on each client is heterogeneous, such camouflage is not highly deceptive and durable, and also malicious clients can be precisely identified by a blanket benchmark comparison. In this paper, we introduce an attack vector that blames innocent clients for malicious poisoning in backdoor tracing and motivates a novel Anti-Traceable Backdoor Attack (ATBA) framework. First, we devise a <em>progressive generative adversarial data inference</em> scheme to compensate missing classes for malicious clients, progressively improving the quality of inferred data through fictitious poisoning. Subsequently, we present a <em>trigger-enhanced specific backdoor learning</em> mechanism, selectively specifying vulnerable classes from benign clients to resist backdoor tracing and adaptively optimizing triggers to adjust specific backdoor behaviors. Additionally, we also design a <em>meta-detection-and-filtering defense</em> strategy, which aims to distinguish fictitiously-poisoned updates. Extensive experiments over three benchmark datasets validate the proposed ATBA’s attack effectiveness, anti-traceability, robustness, and the feasibility of the corresponding defense method.</div></div>","PeriodicalId":48638,"journal":{"name":"Journal of Information Security and Applications","volume":"94 ","pages":"Article 104240"},"PeriodicalIF":3.7,"publicationDate":"2025-09-26","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"145158208","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 0
Security analysis of digital image watermarking using deep learning inspired LSB and chaotic S-Box in cyber security 网络安全中基于深度学习的LSB和混沌S-Box数字图像水印安全性分析
IF 3.7 2区 计算机科学
Journal of Information Security and Applications Pub Date : 2025-09-25 DOI: 10.1016/j.jisa.2025.104209
Muhammad Zubair Shoukat , Zhaofeng Su , Jehad Ali
{"title":"Security analysis of digital image watermarking using deep learning inspired LSB and chaotic S-Box in cyber security","authors":"Muhammad Zubair Shoukat ,&nbsp;Zhaofeng Su ,&nbsp;Jehad Ali","doi":"10.1016/j.jisa.2025.104209","DOIUrl":"10.1016/j.jisa.2025.104209","url":null,"abstract":"<div><div>Information Technology (IT) has experienced remarkable advancements, this revolutionized the way of living, working and talking. One most momentous innovation is the social media communication and data sharing. The increasing prevalence of vast data sharing in the modern digital landscape has raised significant concerns regarding data privacy. Cryptography and image watermarking are essential components in the domain of security, specifically in providing services for multimedia protection. These technologies play crucial roles in opposing the integrity, confidentiality, and ownership of digital multimedia assets such as images, videos, and audio files. This research combines Least Significant Bit (LSB) and Holistically Nested Edge (HED) with chaos-based Substitution Box (S-Box) to enhance the strength of digital data security. The proposed technique summarizes the benefits of suitable positions by HED and high capacity and robustness against image processing attacks by LSB and encryption services by chaotic S-Box. The performance metric of proposed technique is calculated on Lena, Baboon and Pepper images. whereas to analyze the robustness Bit Error Ratio (BER) is calculated against different attacks i.e., speckle, gaussian, salt and pepper noise and cropping attacks on different images. The outcome shows that proposed technique opposing most of the attacks and legitimize it is effectiveness. The average value of Peak Signal to Noise Ratio (PSNR) and Structure Similarity Index (SSIM) are 53.15 dB and 0.9 which indicates invisibility of watermark signal in carrier image. The average value of Normalized Correlation (NC) is 0.9 which indicates proposed technique has strong robustness.</div></div>","PeriodicalId":48638,"journal":{"name":"Journal of Information Security and Applications","volume":"94 ","pages":"Article 104209"},"PeriodicalIF":3.7,"publicationDate":"2025-09-25","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"145158305","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 0
Protecting metadata privacy in blockchain-based EHR systems: A group addressing structure 在基于区块链的EHR系统中保护元数据隐私:一种组寻址结构
IF 3.7 2区 计算机科学
Journal of Information Security and Applications Pub Date : 2025-09-25 DOI: 10.1016/j.jisa.2025.104236
Saeid Tousi Saeidi, Hamid Reza Shahriari, Mahdi Nikooghadam
{"title":"Protecting metadata privacy in blockchain-based EHR systems: A group addressing structure","authors":"Saeid Tousi Saeidi,&nbsp;Hamid Reza Shahriari,&nbsp;Mahdi Nikooghadam","doi":"10.1016/j.jisa.2025.104236","DOIUrl":"10.1016/j.jisa.2025.104236","url":null,"abstract":"<div><div>With the rapid advancement of Healthcare Information Technology (HIT), the volume of medical data has increased exponentially, creating a critical need for secure and accurate storage and transmission solutions. A serious challenge in this area is ensuring robust privacy protection. While numerous studies have explored the use of blockchain technology for securely sharing electronic health records (EHR), most have focused solely on safeguarding the content of EHRs. However, the privacy of metadata associated with EHRs stored on blockchain has largely been overlooked. In this paper, first, we examine how exposing EHR metadata on the blockchain can lead to privacy breaches. We analyze this vulnerability through a review of various studies, highlighting the risks associated with publicly accessible metadata in decentralized networks. Second, we propose a solution by introducing modifications to the blockchain address structure and implementing group addressing to enhance metadata privacy. To achieve this, we present a group signature protocol designed to facilitate secure group addressing in blockchain networks. Finally, the proposed group signature is evaluated against six existing models, demonstrating its effectiveness in mitigating privacy risks while maintaining the core functionalities of blockchain systems.</div></div>","PeriodicalId":48638,"journal":{"name":"Journal of Information Security and Applications","volume":"94 ","pages":"Article 104236"},"PeriodicalIF":3.7,"publicationDate":"2025-09-25","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"145158307","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 0
Attribute-based encryption and zk-SNARK authentication scheme for healthcare systems 医疗保健系统的基于属性的加密和zk-SNARK认证方案
IF 3.7 2区 计算机科学
Journal of Information Security and Applications Pub Date : 2025-09-25 DOI: 10.1016/j.jisa.2025.104241
Shangping Wang, Xiaoling Xie, Ting Wang, Juanjuan Ma
{"title":"Attribute-based encryption and zk-SNARK authentication scheme for healthcare systems","authors":"Shangping Wang,&nbsp;Xiaoling Xie,&nbsp;Ting Wang,&nbsp;Juanjuan Ma","doi":"10.1016/j.jisa.2025.104241","DOIUrl":"10.1016/j.jisa.2025.104241","url":null,"abstract":"<div><div>In recent years, the widespread adoption of electronic medical systems has improved the efficiency of diagnosis and treatment. However, the security of physician identity authentication and the protection of patient privacy face serious challenges. Existing biometric-based authentication schemes pose risks of privacy leaks, while attribute-based schemes that support fine-grained access control often lack efficient user revocation and tracking mechanisms. To address this critical need, this paper proposes an innovative authentication protocol that integrates attribute-based encryption (ABE) with zk-SNARK zero-knowledge proofs. This scheme achieves zero-knowledge identity verification to protect biometric privacy, supports efficient fine-grained access control and dynamic attribute revocation through ABE, and integrates malicious user tracking capabilities to ensure accountability. Through security analysis and performance evaluation, we have verified that the protocol possesses traceability, resistance to collusion attacks, anonymity, unforgeability and correctness. It provides a secure, privacy-first and practical solution for healthcare systems, with potential applicability to other sensitive domains such as finance and e-government.</div></div>","PeriodicalId":48638,"journal":{"name":"Journal of Information Security and Applications","volume":"94 ","pages":"Article 104241"},"PeriodicalIF":3.7,"publicationDate":"2025-09-25","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"145158309","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 0
An asymmetric multi-level image privacy protection scheme based on 2-D compressive sensing and chaotic system 一种基于二维压缩感知和混沌系统的非对称多级图像隐私保护方案
IF 3.7 2区 计算机科学
Journal of Information Security and Applications Pub Date : 2025-09-24 DOI: 10.1016/j.jisa.2025.104239
Xiaofei He , Lixiang Li , Haipeng Peng , Fenghua Tong , Zhongkai Dang
{"title":"An asymmetric multi-level image privacy protection scheme based on 2-D compressive sensing and chaotic system","authors":"Xiaofei He ,&nbsp;Lixiang Li ,&nbsp;Haipeng Peng ,&nbsp;Fenghua Tong ,&nbsp;Zhongkai Dang","doi":"10.1016/j.jisa.2025.104239","DOIUrl":"10.1016/j.jisa.2025.104239","url":null,"abstract":"<div><div>In the current digital and network era, digital images play a crucial role across various domains, such as social media, healthcare and security surveillance. However, these images typically contain sensitive personal information, and if appropriate security measures are not taken during collection, transmission, or processing, there may be a serious risk of privacy breaches. To solve these problems, we propose an asymmetric multi-level image privacy protection scheme based on 2-D compressive sensing and chaotic systems. The proposed solution exhibits significant advantages compared with the existing methods in several aspects. Firstly, the image data is compressed and sampled using the public-key sampling matrix instead of the private-key sampling matrix, and asymmetric encryption is applied, to ensure the broad applicability of the proposed solution in various scenarios. Secondly, by combining 2-D CS with the iterative gradient projection reconstruction algorithm accompanied by sensitive region decryption (IGPRA-ASRD), it effectively addresses the single privacy protection needs in digital images while demonstrating excellent scalability, thus making it applicable for solving the challenges of multi-tiered privacy protection. Lastly, the introduced shared key mechanism effectively addresses key management issues, ensuring the secure distribution of keys. Experimental results and comparative analyses demonstrate that the proposed scheme exhibits excellent effectiveness, compressibility and security. The approach not only protects privacy at a single level but also provides a robust solution for hierarchical protection of multiple privacies in the context of digital image security.</div></div>","PeriodicalId":48638,"journal":{"name":"Journal of Information Security and Applications","volume":"94 ","pages":"Article 104239"},"PeriodicalIF":3.7,"publicationDate":"2025-09-24","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"145158306","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 0
Evaluating the Unpredictability of Multi-Bit Strong PUF Classes 评估多位强PUF类的不可预测性
IF 3.7 2区 计算机科学
Journal of Information Security and Applications Pub Date : 2025-09-23 DOI: 10.1016/j.jisa.2025.104234
Ahmed Bendary , Wendson A.S. Barbosa , Andrew Pomerance , C. Emre Koksal
{"title":"Evaluating the Unpredictability of Multi-Bit Strong PUF Classes","authors":"Ahmed Bendary ,&nbsp;Wendson A.S. Barbosa ,&nbsp;Andrew Pomerance ,&nbsp;C. Emre Koksal","doi":"10.1016/j.jisa.2025.104234","DOIUrl":"10.1016/j.jisa.2025.104234","url":null,"abstract":"<div><div>With advances in machine learning (ML), cybersecurity solutions and security primitives are becoming increasingly vulnerable to successful attacks. Strong Physical Unclonable Functions (PUFs) emerge as a potential countermeasure that offers high resistance to such attacks. In this paper, we introduce a generalized attack model that leverages the collective responses of multiple PUF chips within the same class to improve the prediction accuracy of responses for unobserved challenges, in contrast to traditional single-chip approaches. Furthermore, we propose an information-theoretic framework for assessing the unpredictability of multi-bit strong PUF classes, demonstrating that the Entropy Rate is a pivotal metric for evaluating their resilience against ML attacks. Our proposed entropy rate estimation serves as a model-agnostic, information-theoretic lower bound on the unpredictability that holds regardless of the attack strategy used, including ML-based ones. We argue that the Uniqueness measure, defined in terms of entropy, provides a more precise and consistent evaluation compared to traditional metrics based on Hamming distance. Additionally, we present a computationally efficient method for calculating the finite-order Entropy Rate of the hybrid Boolean network (HBN) PUF, addressing the challenges posed by high dimensionality. The experimental results validate the high unpredictability and resistance of the HBN PUF class against ML attacks.</div></div>","PeriodicalId":48638,"journal":{"name":"Journal of Information Security and Applications","volume":"94 ","pages":"Article 104234"},"PeriodicalIF":3.7,"publicationDate":"2025-09-23","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"145118607","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 0
DAVE-CC: A decentralized, access-controlled, verifiable ecosystem for cross-chain academic credential management DAVE-CC:一个分散的、访问控制的、可验证的生态系统,用于跨链学术证书管理
IF 3.7 2区 计算机科学
Journal of Information Security and Applications Pub Date : 2025-09-21 DOI: 10.1016/j.jisa.2025.104238
Tuan-Dung Tran , Huynh Phan Gia Bao , Nguyen Tan Cam , Van-Hau Pham
{"title":"DAVE-CC: A decentralized, access-controlled, verifiable ecosystem for cross-chain academic credential management","authors":"Tuan-Dung Tran ,&nbsp;Huynh Phan Gia Bao ,&nbsp;Nguyen Tan Cam ,&nbsp;Van-Hau Pham","doi":"10.1016/j.jisa.2025.104238","DOIUrl":"10.1016/j.jisa.2025.104238","url":null,"abstract":"<div><div>The verification of academic credentials is facing mounting challenges in an era of global digital transformation. The proliferation of fake degrees, identity fraud, and large-scale data breaches has severely eroded trust in traditional, centralized verification systems. These systems often operate in institutional silos, lack transparency, and are not equipped to function across national or organizational boundaries, making them increasingly inadequate for today’s interconnected, adversarial digital landscape. There is a growing urgency for secure, interoperable, and privacy-preserving mechanisms that can establish decentralized trust at scale. We introduce DAVE-CC, a cross-chain credential verification framework built atop the cross-chain architecture. The primary scientific contribution of DAVE-CC is a novel, holistically decentralized trust architecture for cross-chain credentialing. Unlike prior systems that retain centralized anchors for key management or policy enforcement, our framework synergistically integrates advanced cryptographic primitives to distribute all trust-bearing functions, including credential authorization and attribute-based key generation, across a threshold of independent authorities, thus provably eliminating single points of failure. Our implementation demonstrates low end-to-end latency (2.41 s), compact cryptographic payloads, and resilience under network stress. Scalability tests show throughput improvements from 35 to 140 transactions per second, and latency reduction from 600 ms to 171.4 ms with 30 workers. These results validate the practicality of our trust-distributed architecture for real-world deployment across academic, governmental, and cross-border environments, offering a robust foundation for future-proof credential ecosystems.</div></div>","PeriodicalId":48638,"journal":{"name":"Journal of Information Security and Applications","volume":"94 ","pages":"Article 104238"},"PeriodicalIF":3.7,"publicationDate":"2025-09-21","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"145095807","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 0
0
×
引用
GB/T 7714-2015
复制
MLA
复制
APA
复制
导出至
BibTeX EndNote RefMan NoteFirst NoteExpress
×
提示
您的信息不完整,为了账户安全,请先补充。
现在去补充
×
提示
您因"违规操作"
具体请查看互助需知
我知道了
×
提示
确定
请完成安全验证×
相关产品
×
本文献相关产品
联系我们:info@booksci.cn Book学术提供免费学术资源搜索服务,方便国内外学者检索中英文文献。致力于提供最便捷和优质的服务体验。 Copyright © 2023 布克学术 All rights reserved.
京ICP备2023020795号-1
ghs 京公网安备 11010802042870号
Book学术文献互助
Book学术文献互助群
群 号:604180095
Book学术官方微信