Journal of Information Security and Applications最新文献_第4页

Quantum secure protocols for multiparty computations 多方计算的量子安全协议

IF 3.8 2区计算机科学

Journal of Information Security and Applications Pub Date : 2025-03-20 DOI: 10.1016/j.jisa.2025.104033

Tapaswini Mohanty , Vikas Srivastava , Sumit Kumar Debnath , Pantelimon Stănică

引用次数: 0

PypiGuard: A novel meta-learning approach for enhanced malicious package detection in PyPI through static-dynamic feature fusion pypguard：一种新的元学习方法，通过静态动态特征融合增强了PyPI中的恶意包检测

IF 3.8 2区计算机科学

Journal of Information Security and Applications Pub Date : 2025-03-19 DOI: 10.1016/j.jisa.2025.104032

Tahir Iqbal , Guowei Wu , Zahid Iqbal , Muhammad Bilal Mahmood , Amreen Shafique , Wenbo Guo

{"title":"PypiGuard: A novel meta-learning approach for enhanced malicious package detection in PyPI through static-dynamic feature fusion","authors":"Tahir Iqbal , Guowei Wu , Zahid Iqbal , Muhammad Bilal Mahmood , Amreen Shafique , Wenbo Guo","doi":"10.1016/j.jisa.2025.104032","DOIUrl":"10.1016/j.jisa.2025.104032","url":null,"abstract":"<div><div>The increasing reliance on open-source software repositories, especially the Python Package Index (PyPi), has introduced serious security vulnerabilities as malicious actors embed malware into widely adopted packages, threatening the integrity of the software supply chain. Traditional detection methods, often based on static analysis, struggle to capture the complex and obfuscated behaviors characteristic of modern malware. Addressing these limitations, we present <strong>PypiGuard</strong>, an advanced hybrid ensemble meta-model for malicious package detection that integrates both static metadata and dynamic Application Programming Interface (API) call behaviors, enhancing detection accuracy and reducing error rates. Leveraging the <strong>MalwareBench</strong> dataset, our approach utilizes an innovative preprocessing pipeline that fuses metadata features with categorized API behaviors. The <strong>PypiGuard</strong> model employs a hybrid ensemble structure composed of Random Forest (RF), Gradient Boosting (GB), Decision Tree (DT), K-Nearest Neighbors (KNN), LightGBM, and an Artificial Neural Network (ANN), assembled through dynamically optimized stacking-based meta-learning framework that adapts to model-specific prediction strengths. Compared to Deep Learning (DL) baselines like Long-Short Term Memory (LSTM) and Convolutional Neural Network (CNN), <strong>PypiGuard</strong> achieves significant improvements in accuracy and False Positive Rate (FPR), with a detection accuracy of 98.43% and a markedly low FPR, confirming its enhanced effectiveness in accurately identifying malicious packages.</div></div>","PeriodicalId":48638,"journal":{"name":"Journal of Information Security and Applications","volume":"90 ","pages":"Article 104032"},"PeriodicalIF":3.8,"publicationDate":"2025-03-19","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"143681406","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

引用次数: 0

Subject Data Auditing via Source Inference Attack in Cross-Silo Federated Learning 跨竖井联邦学习中基于源推理攻击的主题数据审计

IF 3.8 2区计算机科学

Journal of Information Security and Applications Pub Date : 2025-03-18 DOI: 10.1016/j.jisa.2025.104034

Jiaxin Li , Marco Arazzi , Antonino Nocera , Mauro Conti

{"title":"Subject Data Auditing via Source Inference Attack in Cross-Silo Federated Learning","authors":"Jiaxin Li , Marco Arazzi , Antonino Nocera , Mauro Conti","doi":"10.1016/j.jisa.2025.104034","DOIUrl":"10.1016/j.jisa.2025.104034","url":null,"abstract":"<div><div>Source Inference Attack (SIA) in Federated Learning (FL) aims to identify which client used a target data point for local model training. It allows the central server to audit clients’ data usage. In cross-silo FL, a client (silo) collects data from multiple subjects (e.g., individuals, writers, or devices), posing a risk of subject information leakage. Subject Membership Inference Attack (SMIA) targets this scenario and attempts to infer whether any client utilizes data points from a target subject in cross-silo FL. However, existing results on SMIA are limited and based on strong assumptions on the attack scenario. Therefore, we propose a Subject-Level Source Inference Attack (SLSIA) by removing critical constraints that only one client can use a target data point in SIA and imprecise detection of clients utilizing target subject data in SMIA. The attacker, positioned on the server side, controls a target data source and aims to detect all clients using data points from the target subject. Our strategy leverages a binary attack classifier to predict whether the embeddings returned by a local model on test data from the target subject include unique patterns that indicate a client trains the model with data from that subject. To achieve this, the attacker locally pre-trains models using data derived from the target subject and then leverages them to build a training set for the binary attack classifier. Our SLSIA significantly outperforms previous methods on four datasets. Specifically, SLSIA achieves a maximum average accuracy of 0.88 over 50 target subjects. Analyzing embedding distribution and input feature distance shows that datasets with sparse subjects are more susceptible to our attack. Finally, we propose to defend our SLSIA using item-level and subject-level differential privacy mechanisms. The attack accuracy decreases by 36% with a utility loss of 20%, using a subject-level differential privacy budget of 22.</div></div>","PeriodicalId":48638,"journal":{"name":"Journal of Information Security and Applications","volume":"90 ","pages":"Article 104034"},"PeriodicalIF":3.8,"publicationDate":"2025-03-18","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"143644822","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

引用次数: 0

A novel lightweight authentication protocol for WBAN based on Stern–Brocot tree 一种基于Stern-Brocot树的WBAN轻量级认证协议

IF 3.8 2区计算机科学

Journal of Information Security and Applications Pub Date : 2025-03-15 DOI: 10.1016/j.jisa.2025.104031

Yuxuan Zhao, Junfeng Tian

{"title":"A novel lightweight authentication protocol for WBAN based on Stern–Brocot tree","authors":"Yuxuan Zhao, Junfeng Tian","doi":"10.1016/j.jisa.2025.104031","DOIUrl":"10.1016/j.jisa.2025.104031","url":null,"abstract":"<div><div>Wireless body area network (WBAN) is important in monitoring patients’ physiological data in real time and making prompt communication with medical centers. Given the importance and privacy of medical data and disease symptoms, establishing secure and reliable connection is critical. However, the resource constraints of sensor nodes make it difficult to support computationally intensive security protocols, necessitating a delicate balance between privacy security and resource efficiency. To address this challenge, a lightweight authentication and key agreement protocol SB_Auth is proposed. The protocol designs the sensor node authentication process based on the Stern–Brocot tree, instead of using complex encryption algorithms. Formal security analysis based on BAN logic validates the robustness and security of the protocol, while non-formal security assessment further demonstrates the protocol’s resilience to various attacks and upholds security, privacy, anonymity and forward confidentiality. Compared with other protocols, SB_Auth keeps the least computation and communication cost on the sensor node side.</div></div>","PeriodicalId":48638,"journal":{"name":"Journal of Information Security and Applications","volume":"90 ","pages":"Article 104031"},"PeriodicalIF":3.8,"publicationDate":"2025-03-15","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"143629513","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

引用次数: 0

Three-factor authentication and key agreement protocol with collusion resistance in VANETs VANETs中抗合谋的三因素认证与密钥协商协议

IF 3.8 2区计算机科学

Journal of Information Security and Applications Pub Date : 2025-03-11 DOI: 10.1016/j.jisa.2025.104029

Guanlin Pan , Haowen Tan , Wenying Zheng , P. Vijayakumar , Q.M. Jonathan Wu , Audithan Sivaraman

{"title":"Three-factor authentication and key agreement protocol with collusion resistance in VANETs","authors":"Guanlin Pan , Haowen Tan , Wenying Zheng , P. Vijayakumar , Q.M. Jonathan Wu , Audithan Sivaraman","doi":"10.1016/j.jisa.2025.104029","DOIUrl":"10.1016/j.jisa.2025.104029","url":null,"abstract":"<div><div>In vehicular ad hoc networks (VANETs), vehicles possess the capability to interact efficiently with a diverse array of services and applications provided by edge vehicular infrastructures. Concurrently, the ongoing interactions among vehicles facilitate the real-time acquisition of crucial road information. However, these vehicular communications primarily occur over unsecured public channels, rendering confidential data susceptible to illegal access by malicious entities. To address this security concern, numerous cryptographic schemes, including the widespread adoption of multi-factor authentication techniques, have been introduced. Despite these efforts, the existing authentication methods are limited, as they solely focus on verifying the legitimacy of individual users, resulting in restricted functionality and diminished security capabilities. So, three-factor authentication and key agreement protocol with collusion resistance in VANETs (TFA-CR) in this paper is developed, which also ensures resistance against collusion attacks. In the proposed design, we leverage hybrid characteristics that encompass both vehicle and user attributes, such as user identity, user-defined parameters, and vehicular verification codes. These attributes are efficiently extracted and utilized throughout the subsequent authentication process, creating a distinctive authentication mechanism tailored for real-world multi-vehicle scenarios. This enables seamless network access for individual users across different vehicles using only a single smart card. A thorough performance evaluation reveals that the protocol effectively reduces both communication overhead and computational complexity when compared to existing authentication techniques.</div></div>","PeriodicalId":48638,"journal":{"name":"Journal of Information Security and Applications","volume":"90 ","pages":"Article 104029"},"PeriodicalIF":3.8,"publicationDate":"2025-03-11","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"143593078","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

引用次数: 0

Robust zero-watermarking method for multiple medical images using wavelet fusion and DTCWT-QR 基于小波融合和dtwt - qr的多医学图像鲁棒零水印方法

IF 3.8 2区计算机科学

Journal of Information Security and Applications Pub Date : 2025-03-11 DOI: 10.1016/j.jisa.2025.104028

Guangyun Yang , Xinhui Lu , Yu Lu , Junlin Tang , Xiangguang Xiong

{"title":"Robust zero-watermarking method for multiple medical images using wavelet fusion and DTCWT-QR","authors":"Guangyun Yang , Xinhui Lu , Yu Lu , Junlin Tang , Xiangguang Xiong","doi":"10.1016/j.jisa.2025.104028","DOIUrl":"10.1016/j.jisa.2025.104028","url":null,"abstract":"<div><div>Following smart healthcare’s radical progression, medical images face security concerns, such as information leakage and malicious tampering. To enable copyright protection and cost reduction for multiple medical images, we propose a zero-watermarking method for multiple medical images with joint dual-tree complex wavelet transform (DTCWT), QR decomposition, and discrete cosine transform (DCT). First, numerous medical images are fused using a wavelet-transform-based fusion method to reduce costs. Next, the generated image is subjected to the DTCWT, which divides the resulting low-frequency sub-bands into blocks, after which each block is subjected to DCT and QR decomposition, generating a significant binary image using the magnitude of the relationship between the value of the two-norm of the first row of each block and the overall mean value. Lastly, a method based on improved Hénon mapping image encryption is presented for encrypting a copyrighted image. An XOR operation is performed on the encrypted copyrighted image with a binary image to yield a zero-watermarking image. Numerous results show that our method can withstand different types of attacks with the normalized correlation coefficients remaining higher than 0.96. Moreover, the proposed method achieves superior robustness with an average performance improvement of approximately 3.3% compared with the latest and similar methods. These results demonstrate the superiority of our method, which can be applied in copyright protection applications for medical images.</div></div>","PeriodicalId":48638,"journal":{"name":"Journal of Information Security and Applications","volume":"90 ","pages":"Article 104028"},"PeriodicalIF":3.8,"publicationDate":"2025-03-11","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"143593077","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

引用次数: 0

Deep GraphSAGE enhancements for intrusion detection: Analyzing attention mechanisms and GCN integration 用于入侵检测的深度GraphSAGE增强：分析注意机制和GCN集成

IF 3.8 2区计算机科学

Journal of Information Security and Applications Pub Date : 2025-03-11 DOI: 10.1016/j.jisa.2025.104013

Samia Saidane , Francesco Telch , Kussai Shahin , Fabrizio Granelli

{"title":"Deep GraphSAGE enhancements for intrusion detection: Analyzing attention mechanisms and GCN integration","authors":"Samia Saidane , Francesco Telch , Kussai Shahin , Fabrizio Granelli","doi":"10.1016/j.jisa.2025.104013","DOIUrl":"10.1016/j.jisa.2025.104013","url":null,"abstract":"<div><div>Intrusion Detection Systems (IDSs) are evolving to utilize machine learning techniques more frequently, in order to effectively and reliably identify even attacks with small footprints on the network traffic. This paper presents a detailed evaluation of two advanced graph neural network models, D-GSAGE-MARC and GFN-GA, for intrusion detection across a diverse range of IoT and cybersecurity datasets, including CIC-ToN-IoT, NF-UQ-NIDS, WUSTL-IIOT-2021, InSDN, etc. By integrating multi-head attention mechanisms and Graph Attention Network (GAT) layers into the D-GSAGE-MARC model, we effectively capture complex relationships within graph-structured data while leveraging residual connections to enhance performance. Our comprehensive analysis employs multiple performance metrics to assess both models in multi-class and binary classification scenarios, highlighting their capabilities and shortcomings in identifying different types of cyber-attacks. The results show that the D-GSAGE-MARC model achieves remarkable performance, achieving an accuracy of 99.97% recall of 99.97%, and an F1 score of 99.97% on the WUSTL-IIOT-2021 dataset, establishing it as a highly effective solution for intrusion detection. Meanwhile, GFN-GA excels in detecting frequent threats. Additionally, we visualize the learned embeddings using Uniform Manifold Approximation and Projection (UMAP) techniques to elucidate feature representations utilized during classification. The results highlight the models’ stability and adaptability across different datasets, particularly in addressing imbalanced data and rare attack detection.</div></div>","PeriodicalId":48638,"journal":{"name":"Journal of Information Security and Applications","volume":"90 ","pages":"Article 104013"},"PeriodicalIF":3.8,"publicationDate":"2025-03-11","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"143593079","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"OA","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

引用次数: 0

Group-Capability-Based Access Control with Ring Signature 基于组能力的环签名访问控制

IF 3.8 2区计算机科学

Journal of Information Security and Applications Pub Date : 2025-03-11 DOI: 10.1016/j.jisa.2025.104014

Xiaoying Zhu , Shihong Zou , Guoai Xu , Jinwen Xi

{"title":"Group-Capability-Based Access Control with Ring Signature","authors":"Xiaoying Zhu , Shihong Zou , Guoai Xu , Jinwen Xi","doi":"10.1016/j.jisa.2025.104014","DOIUrl":"10.1016/j.jisa.2025.104014","url":null,"abstract":"<div><div>With the rapid development of Internet of Things (IoT) technology, the number of connected devices is expected to reach 75 billion worldwide by 2025. loT devices are particularly susceptible to security breaches, making robust access control mechanisms crucial for safeguarding legitimate resource access. Traditional access control systems, however, struggle to manage the scale of loT environments effectively. This paper introduces a novel access control scheme, Group-Capability-Based Access Control with Ring Signature (G-CapBAC), designed and proposed to enhance the scalability of Smart Campus IoT. G-CapBAC leverages blockchain technology as a trust anchor to enforce access policies for loT devices, without requiring these resource-constrained devices to participate directly in the blockchain network, this approach significantly reduces the computational and storage demands on loT devices. In addition, the proposed scheme manages capability tokens by group utilizing the ring signature, which not only reduces storage requirements but also facilitates access policy management. Our security analysis substantiates the robustness of the G-CapBAC scheme. Experimental results indicate superior storage efficiency and expedited access request processing when compared to traditional Capability-Based Access Control (CapBAC).</div></div>","PeriodicalId":48638,"journal":{"name":"Journal of Information Security and Applications","volume":"90 ","pages":"Article 104014"},"PeriodicalIF":3.8,"publicationDate":"2025-03-11","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"143593076","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

引用次数: 0

IDHG-ECC-integrated Diffie Hellman Galois–elliptic-curve cryptography for enhancing EHR data security 集成了idhg - ecc的Diffie Hellman伽罗瓦椭圆曲线加密技术，增强了电子病历数据的安全性

IF 3.8 2区计算机科学

Journal of Information Security and Applications Pub Date : 2025-03-11 DOI: 10.1016/j.jisa.2025.104024

Jyothy S T , Mrinal Sarvagya

{"title":"IDHG-ECC-integrated Diffie Hellman Galois–elliptic-curve cryptography for enhancing EHR data security","authors":"Jyothy S T , Mrinal Sarvagya","doi":"10.1016/j.jisa.2025.104024","DOIUrl":"10.1016/j.jisa.2025.104024","url":null,"abstract":"<div><div>Electronic Health Records (EHRs), which are used in modern healthcare systems, store private medical histories for a large number of people. A strong security architecture is required to guarantee patient privacy within EHR databases due to the importance of preserving this personal data. Improving data security and patient privacy during the transfer of sensitive information across healthcare providers for diagnostic purposes is the main emphasis of this work. To enhance the security of electronic health record data, this article proposes a new approach that combines a decentralized, secure blockchain paradigm with a lightweight cryptosystem. The proposed workflow starts with gathering electronic health record data from databases and initializing user transaction information to facilitate communication across various nodes. Public and private keys are produced via an elliptic scheme to enhance the security of health data. Then, medical data is encrypted and decrypted using Integrated Diffie-Hellman Galois-Elliptic-curve Cryptography (IDHG-ECC). The encrypted data is further strengthened by using a consensus process known as Affinity-Propagation encased Practical Byzantine Fault Tolerance (AP-PBFT). Extra security is provided by storing the encrypted data on the off-chain Inter Planetary File System (OIPFS) blockchain. In the evaluation, the proposed model attains efficient encryption and decryption times of 7.88 s and 1.80 s, respectively, with a quick uploading time of 0 .09s. It achieves high transaction throughput (78,288 TPS) with low latency (0.71 s), while read throughput is 137.54 MB/s with minimal latency (0.01 s). CPU utilization is moderate at 20.70%, and memory utilization is 54.00%, ensuring balanced resource management for optimal performance.</div></div>","PeriodicalId":48638,"journal":{"name":"Journal of Information Security and Applications","volume":"90 ","pages":"Article 104024"},"PeriodicalIF":3.8,"publicationDate":"2025-03-11","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"143593245","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

引用次数: 0

A cost-effective solution leveraging public blockchain for massively sharing malware signatures 利用公共区块链大规模共享恶意软件签名的经济有效的解决方案

IF 3.8 2区计算机科学

Journal of Information Security and Applications Pub Date : 2025-03-10 DOI: 10.1016/j.jisa.2025.104017

Aurelio Loris Canino, Gianluca Lax

{"title":"A cost-effective solution leveraging public blockchain for massively sharing malware signatures","authors":"Aurelio Loris Canino, Gianluca Lax","doi":"10.1016/j.jisa.2025.104017","DOIUrl":"10.1016/j.jisa.2025.104017","url":null,"abstract":"<div><div>In recent years, the proliferation of malware has reached unprecedented levels, leading to escalating cybercrime costs. Signatures extracted by static analysis of files have been widely adopted for malware detection: vendors maintain databases of known malware signatures that are shared with registered users. The recent literature has proposed the use of private and consortium (thus, permissioned) blockchains for spreading signatures among blockchain users. These approaches require controlled access to enhance trust and accountability but restrict the widespread sharing of up-to-date signatures because users must be registered. In this paper, we present a novel technique that leverages a public blockchain to enable the massive dissemination of malware signatures among any users since a public blockchain is permissionless. On the other hand, the use of a public blockchain introduces new challenges related to security and data privacy, which our solution solves. The main benefit and outcome of our solution is that any users can securely access and verify malware signatures facilitating real-time detection of malicious files. We implemented our solution in Ethereum and exploited a smart contract written in Solidity to demonstrate that our approach is highly cost-effective.</div></div>","PeriodicalId":48638,"journal":{"name":"Journal of Information Security and Applications","volume":"90 ","pages":"Article 104017"},"PeriodicalIF":3.8,"publicationDate":"2025-03-10","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"143578895","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"OA","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

引用次数: 0