Journal of Information Security and Applications最新文献

筛选
英文 中文
SQL injection attack: Detection, prioritization & prevention SQL 注入攻击:检测、优先级排序和预防
IF 3.8 2区 计算机科学
Journal of Information Security and Applications Pub Date : 2024-09-01 DOI: 10.1016/j.jisa.2024.103871
Alan Paul, Vishal Sharma, Oluwafemi Olukoya
{"title":"SQL injection attack: Detection, prioritization & prevention","authors":"Alan Paul,&nbsp;Vishal Sharma,&nbsp;Oluwafemi Olukoya","doi":"10.1016/j.jisa.2024.103871","DOIUrl":"10.1016/j.jisa.2024.103871","url":null,"abstract":"<div><p>Web applications have become central in the digital landscape, providing users instant access to information and allowing businesses to expand their reach. Injection attacks, such as SQL injection (SQLi), are prominent attacks on web applications, given that most web applications integrate a database system. While there have been solutions proposed in the literature for SQLi attack detection using learning-based frameworks, the problem is often formulated as a binary, single-attack vector problem without considering the prioritization and prevention component of the attack. In this work, we propose a holistic solution, SQLR34P3R, that formulates the SQLi attack as a multi-class, multi-attack vector, prioritization, and prevention problem. For attack detection and classification, we gathered 457,233 samples of benign and malicious network traffic, as well as 70,023 samples that had SQLi and benign payloads. After evaluating several machine-learning-based algorithms, the hybrid CNN-LSTM models achieve an average F1-Score of 97% in web and network traffic filtering. Furthermore, by using CVEs of SQLi vulnerabilities, SQLR34P3R incorporates a novel risk analysis approach which reduces additional effort while maintaining reasonable coverage to assist businesses in allocating resources effectively by focusing on patching vulnerabilities with high exploitability. We also present an in-the-wild evaluation of the proposed solution by integrating SQLR34P3R into the pipeline of known vulnerable web applications such as Damn Vulnerable Web Application (DVWA) and Vulnado and via network traffic captured using Wireshark from SQLi DNS exfiltration conducted with SQLMap for real-time detection. Finally, we provide a comparative analysis with state-of-the-art SQLi attack detection and risk ratings solutions.</p></div>","PeriodicalId":48638,"journal":{"name":"Journal of Information Security and Applications","volume":"85 ","pages":"Article 103871"},"PeriodicalIF":3.8,"publicationDate":"2024-09-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"https://www.sciencedirect.com/science/article/pii/S221421262400173X/pdfft?md5=876619c18c5e77543023637cfa5180d8&pid=1-s2.0-S221421262400173X-main.pdf","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"142096959","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"OA","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 0
Post-quantum identity-based traitor tracing 基于后量子身份的叛徒追踪
IF 3.8 2区 计算机科学
Journal of Information Security and Applications Pub Date : 2024-09-01 DOI: 10.1016/j.jisa.2024.103870
Zhichao Yang , Debiao He , Rongmao Chen , Shixiong Wang , Jianqiao Xu
{"title":"Post-quantum identity-based traitor tracing","authors":"Zhichao Yang ,&nbsp;Debiao He ,&nbsp;Rongmao Chen ,&nbsp;Shixiong Wang ,&nbsp;Jianqiao Xu","doi":"10.1016/j.jisa.2024.103870","DOIUrl":"10.1016/j.jisa.2024.103870","url":null,"abstract":"<div><p>In the distribution of digital content, users may collude and utilize their secret keys to create pirate decoders which enable illegally users to receive the same service. As a useful countermeasure, the notion of identity-based traitor tracing (IBTT) scheme was introduced for the data owner to trace down pirates and simplify certificate management process. As far as we know, various IBTT schemes have been proposed in the literature and all of them are designed on classical hardness assumptions, which are believed to become broken in the coming post-quantum era. To address this issue, we propose the first post-quantum IBTT scheme in this work. The new IBTT scheme is proved to be secure in the quantum security model, assuming the quantum-resistant hardness of the underlying learning with errors problem. Notably, compared with other IBTT schemes, our construction has the minimal size increasing to make the underlying encryption scheme traitor tracing.</p></div>","PeriodicalId":48638,"journal":{"name":"Journal of Information Security and Applications","volume":"85 ","pages":"Article 103870"},"PeriodicalIF":3.8,"publicationDate":"2024-09-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"142096242","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 0
Corrigendum to “Blockchain-based public key encryption with keyword search for medical data sharing in cloud environment” [Journal of Information Security and Applications 78 (2023) 103626] 基于区块链的公钥加密与关键字搜索用于云环境中的医疗数据共享》[《信息安全与应用杂志》78 (2023) 103626]更正
IF 3.8 2区 计算机科学
Journal of Information Security and Applications Pub Date : 2024-09-01 DOI: 10.1016/j.jisa.2024.103853
Mandira Banik , Sanjay Kumar
{"title":"Corrigendum to “Blockchain-based public key encryption with keyword search for medical data sharing in cloud environment” [Journal of Information Security and Applications 78 (2023) 103626]","authors":"Mandira Banik ,&nbsp;Sanjay Kumar","doi":"10.1016/j.jisa.2024.103853","DOIUrl":"10.1016/j.jisa.2024.103853","url":null,"abstract":"","PeriodicalId":48638,"journal":{"name":"Journal of Information Security and Applications","volume":"85 ","pages":"Article 103853"},"PeriodicalIF":3.8,"publicationDate":"2024-09-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"https://www.sciencedirect.com/science/article/pii/S2214212624001558/pdfft?md5=54cae618db46ed7d2ee93f35c1783ce8&pid=1-s2.0-S2214212624001558-main.pdf","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"142148658","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"OA","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 0
Enhancing the performance of convolutional neural network image-based steganalysis in spatial domain using Spatial Rich Model and 2D Gabor filters 利用空间富模型和二维 Gabor 滤波器增强基于卷积神经网络的空间域图像隐匿分析性能
IF 3.8 2区 计算机科学
Journal of Information Security and Applications Pub Date : 2024-08-28 DOI: 10.1016/j.jisa.2024.103864
Alaaldin Dwaik, Yassine Belkhouche
{"title":"Enhancing the performance of convolutional neural network image-based steganalysis in spatial domain using Spatial Rich Model and 2D Gabor filters","authors":"Alaaldin Dwaik,&nbsp;Yassine Belkhouche","doi":"10.1016/j.jisa.2024.103864","DOIUrl":"10.1016/j.jisa.2024.103864","url":null,"abstract":"<div><p>Image-based steganalysis problem has attracted many researchers, and several solutions have been proposed. Deep learning-based methods are the most promising as they provide superior performance. Convolutional Neural network(CNN) based steganalysis methods are designed to improve the detection rate. Unlike traditional CNN models, CNN-based steganalysis requires careful design of preprocessing layers with filter initialization to obtain a good performance. In this paper, we established a CNN model that consists of two convolution layers for preprocessing and feature extraction, and four fully connected layers for classification. The preprocessing layer uses a set of efficient filter banks consisting of SRM and 2D Gabor filters. We conducted experiments using grayscale cover images from a popular and publicly available BOSSbase_1.01 database and Alask_v2 database with consideration for two different image sizes. The results showed that the proposed CNN model outperforms many state-of-the-art studies in two out of three well-known adaptive spatial domain steganography algorithms (S-UNIWARD, HUGO) and provides a close result for (WOW) algorithm when using the database with 512 × 512 images. On the other hand, the proposed model outperforms many state-of-the-art studies in the three algorithms when using the database with the original image size (256 × 256). Using image size 256, and the S-UNIWARD algorithm, the proposed model improved the detection accuracy rate by 13%, and 4.25% payloads of 0.2 and 0.4 bpp respectively compared to the previously best-known model (GBRAS-Net). The proposed model achieved 7.4% and 6.27% improvement in the detection accuracy for both payloads 0.2 and 0.4 bpp respectively using the HUGO algorithm compared with the previously best-known model (GBRAS-Net). For the WOW algorithm, the proposed model is slightly behind the best model (GBRAS-Net) but was able to obtain a close result for both payloads of 0.2 and 0.4 bpp, respectively. Using an image size of 512, the proposed model achieved 31.26%, 21.51%, 6.84%, 4.22%, and 1.96% improvement in the detection rate for the five payloads 0.1, 0.2, 0.3, 0.4, and 0.5 bpp respectively over S-UNIWARD algorithm compared to the previously best-known model (H-CNN). In addition, the proposed model achieved 27.60%, 23.69%, 12.66%, 5.27%, and 6.23% improved detection accuracy for the five payloads 0.1, 0.2, 0.3, 0.4, and 0.5 bpp respectively over HUGO algorithm compared with the previously best-known model (H-CNN). Finally, the proposed model provided 57.81%, 46.84%, 28.29%, 20.34%, and 13.79% improvement in the detection rate for the five payloads 0.1, 0.2, 0.3, 0.4, and 0.5 bpp respectively over WOW algorithm compared to the previously best-known model (H-CNN).</p></div>","PeriodicalId":48638,"journal":{"name":"Journal of Information Security and Applications","volume":"85 ","pages":"Article 103864"},"PeriodicalIF":3.8,"publicationDate":"2024-08-28","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"142088278","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 0
Achieving lightweight, efficient, privacy-preserving user recruitment in mobile crowdsensing 在移动人群感应中实现轻量级、高效、保护隐私的用户招募
IF 3.8 2区 计算机科学
Journal of Information Security and Applications Pub Date : 2024-08-26 DOI: 10.1016/j.jisa.2024.103854
Ruonan Lin , Yikun Huang , Yuanyuan Zhang , Renwan Bi , Jinbo Xiong
{"title":"Achieving lightweight, efficient, privacy-preserving user recruitment in mobile crowdsensing","authors":"Ruonan Lin ,&nbsp;Yikun Huang ,&nbsp;Yuanyuan Zhang ,&nbsp;Renwan Bi ,&nbsp;Jinbo Xiong","doi":"10.1016/j.jisa.2024.103854","DOIUrl":"10.1016/j.jisa.2024.103854","url":null,"abstract":"<div><p>The emergence of mobile crowdsensing (MCS) has revolutionized data collection method. As an important means of guaranteeing data quality, user recruitment is critical to sensing task completion. Aiming at the problem of user privacy disclosure in user recruitment, particularly when sensing platforms lack prior knowledge of user quality, we propose a Privacy-Preserving User Recruitment scheme (PPUR) which can maximize sensing quality in a lightweight and efficient manner. We design multiple secure protocols for both user quality calculation and user recruitment based on additive secret sharing (ASS). Specifically, we propose Secure user Quality Calculation (SQC) protocol to assess user quality instead of requiring user interaction in the case of unknown ground truth. Combinatorial multi-armed bandit (CMAB) based Secure User Recruitment (SUR) protocol, effectively tackles the challenge of recruiting multiple users without prior knowledge and user interactivity while adhering to budget and time limitations. Theoretical analysis confirms lightweight overhead of the PPUR scheme and its multi-class data security. Experimental results show that SQC has superior performance in both computational cost and communication overhead. The regret indicator’s findings demonstrate that SUR can effectively utilize budget and time to achieve optimal user recruitment decision.</p></div>","PeriodicalId":48638,"journal":{"name":"Journal of Information Security and Applications","volume":"85 ","pages":"Article 103854"},"PeriodicalIF":3.8,"publicationDate":"2024-08-26","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"142077457","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 0
A DNN robust video watermarking method in dual-tree complex wavelet transform domain 双树复小波变换域中的 DNN 鲁棒视频水印方法
IF 3.8 2区 计算机科学
Journal of Information Security and Applications Pub Date : 2024-08-24 DOI: 10.1016/j.jisa.2024.103868
Xuanming Chang , Beijing Chen , Weiping Ding , Xin Liao
{"title":"A DNN robust video watermarking method in dual-tree complex wavelet transform domain","authors":"Xuanming Chang ,&nbsp;Beijing Chen ,&nbsp;Weiping Ding ,&nbsp;Xin Liao","doi":"10.1016/j.jisa.2024.103868","DOIUrl":"10.1016/j.jisa.2024.103868","url":null,"abstract":"<div><p>Deep learning is increasingly being applied in the field of robust watermarking. However, the existing deep learning-based video watermarking methods only uses spatial domain information as the input and the robustness against attacks such as H.264/AVC compression is still not strong. Therefore, this paper proposes a deep learning-based robust video watermarking method in dual-tree complex wavelet transform (DT-CWT) domain. The video frames are transformed into the DT-CWT domain and the suitable high-pass subbands are selected as candidate embedding positions. Then, the 2D and 3D convolutions are combined to extract both intra-frame spatial features and inter-frame temporal features for finding the stable and imperceptible coefficients for watermark embedding in the candidate positions. The convolutional attention module (CBAM) is used to further adjust the embedding coefficients and strengths. In addition, the attack layer, where a differentiable proxy is specially designed in this paper for the simulation of non-differentiable H.264/AVC compression, is introduced to generate distorted watermarked videos for improving the robustness against different attacks. Experimental results show that our method is superior to both the existing deep learning-based methods and traditional methods in the robustness against both spatial and temporal attacks while preserving high video quality. The source code is available at <span><span>https://github.com/imagecbj/A-DNN-Robust-Video-Watermarking-Method-in-DT-CWT-Domain</span><svg><path></path></svg></span>.</p></div>","PeriodicalId":48638,"journal":{"name":"Journal of Information Security and Applications","volume":"85 ","pages":"Article 103868"},"PeriodicalIF":3.8,"publicationDate":"2024-08-24","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"142050348","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 0
Towards accountable and privacy-preserving blockchain-based access control for data sharing 为数据共享实现基于区块链的可问责和隐私保护访问控制
IF 3.8 2区 计算机科学
Journal of Information Security and Applications Pub Date : 2024-08-24 DOI: 10.1016/j.jisa.2024.103866
Qiwei Hu , Chenyu Huang , Guoqiang Zhang , Lingyi Cai , Tao Jiang
{"title":"Towards accountable and privacy-preserving blockchain-based access control for data sharing","authors":"Qiwei Hu ,&nbsp;Chenyu Huang ,&nbsp;Guoqiang Zhang ,&nbsp;Lingyi Cai ,&nbsp;Tao Jiang","doi":"10.1016/j.jisa.2024.103866","DOIUrl":"10.1016/j.jisa.2024.103866","url":null,"abstract":"<div><p>The integration of blockchain technology with Access Control (AC) systems presents novel opportunities for enhancing data security within decentralized architectures, which is drawing increasing attention in Data Sharing (DS) applications. However, existing works reveal a gap in achieving accountability for anonymous access in the absence of a centralized trusted authority. To address this issue, this paper introduces InvisiReveal, a novel Blockchain-Based AC (BBAC) framework that achieves permission invisibility, access anonymity, and accountability without extra trust assumptions. Users in InvisiReveal generate anonymous credentials to authenticate their requests using Zero Knowledge Proof. To enable accountability, a novel blockchain-oriented verifiable commitment (BC-VC) protocol is designed that allows a user to commit a confidential traceable tag to the blockchain. The system could unveil a malicious requester’s identity by opening the tag commitment under collaboration with the victim user and blockchain. We implement a prototype of InvisiReveal to evaluate its practicality, where an access request is verified within 5 ms.</p></div>","PeriodicalId":48638,"journal":{"name":"Journal of Information Security and Applications","volume":"85 ","pages":"Article 103866"},"PeriodicalIF":3.8,"publicationDate":"2024-08-24","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"142048679","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 0
Efficient detection of intra/inter-frame video copy-move forgery: A hierarchical coarse-to-fine method 高效检测帧内/帧间视频复制移动伪造:从粗到细的分层方法
IF 3.8 2区 计算机科学
Journal of Information Security and Applications Pub Date : 2024-08-24 DOI: 10.1016/j.jisa.2024.103863
Jun-Liu Zhong , Yan-Fen Gan , Ji-Xiang Yang
{"title":"Efficient detection of intra/inter-frame video copy-move forgery: A hierarchical coarse-to-fine method","authors":"Jun-Liu Zhong ,&nbsp;Yan-Fen Gan ,&nbsp;Ji-Xiang Yang","doi":"10.1016/j.jisa.2024.103863","DOIUrl":"10.1016/j.jisa.2024.103863","url":null,"abstract":"<div><p>With a simple forgery technique but a realistic result, video copy-move forgery has currently become one of the most popular tampering manners. In the last couple of years, various new techniques deriving from machine intelligence and pattern recognition have been widely proposed for image forensics. However, it still faces a very challenging task in the field of video copy-move forgery for four reasons: i) Low <em>F</em><sub>1</sub> score and high <em>false-alarm</em>; ii) Lack of a synthesis processing framework; iii) Weak detection robustness and accuracy; iv) Low efficiency. A novel Hierarchical Coarse-to-Fine framework for effective video copy-move forgery detection is proposed to overcome these challenges: i) In the coarse forgery frame-pair matching, the <em>coarse copy-move frame-pairs matching</em> algorithm with the newly proposed <em>two-pass filters</em> can locate real forgery frame-pairs (FFP) and also reduce <em>false-alarm</em>. ii) Through further analysis of the actual FFP, the detection of intra-frame and inter-frame copy-move forgeries can be accurately and simultaneously determined. iii) In the fine keypoint-pairs matching, our newly designed <em>two-hierarchical keypoint-pair filtering</em> can accurately localize the forgery region at pixel level under various adverse conditions. iv) The novel <em>Hierarchical Coarse-to-Fine framework</em> (together with the newly designed algorithms above) considers only the real FFP and true keypoint-pairs for computation, resulting in higher efficiency and accuracy. Finally, Delaunay Triangulation-based region filling is employed to indicate the forgery regions. Compared to the latest methods, our algorithm has been tested extensively and found to be the best at detecting forgeries, with a top score of <em>F</em><sub>1</sub>=0.77 and no <em>false-alarms</em>, even under different types of attacks, as validated by the well-known GRIP dataset.</p></div>","PeriodicalId":48638,"journal":{"name":"Journal of Information Security and Applications","volume":"85 ","pages":"Article 103863"},"PeriodicalIF":3.8,"publicationDate":"2024-08-24","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"142050347","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 0
A different base approach for better efficiency on range proofs 采用不同的基础方法,提高范围证明的效率
IF 3.8 2区 计算机科学
Journal of Information Security and Applications Pub Date : 2024-08-22 DOI: 10.1016/j.jisa.2024.103860
Esra Günsay , Cansu Betin Onur , Murat Cenk
{"title":"A different base approach for better efficiency on range proofs","authors":"Esra Günsay ,&nbsp;Cansu Betin Onur ,&nbsp;Murat Cenk","doi":"10.1016/j.jisa.2024.103860","DOIUrl":"10.1016/j.jisa.2024.103860","url":null,"abstract":"<div><p>Zero-knowledge range proofs (ZKRPs) are commonly used to prove the validation of a secret integer lies in an interval to some other party in a secret way. In many ZKRPs, the secret is represented in binary and then committed via a suitable commitment scheme or represented as an appropriate encryption scheme. This paper is an extended version of the conference paper presented at the 14th IEEE International Conference on Security of Information and Networks. To this end, after summarizing the conference paper, we first analyze the proof proposed by Mao in 1998 in the elliptic-curve setting. Mao’s proof contains a bit commitment scheme with an OR construction as a sub-protocol. We have extended Mao’s range proof to base-<span><math><mi>u</mi></math></span> with a modified OR-proof. We investigate and compare the efficiency of different base approaches on Mao’s range proof with both Pedersen commitment and ElGamal encryption. Later, we analyze the range proof proposed by Bootle et al. in both finite fields and elliptic-curve settings. This proof contains polynomial commitment with matrix row operations. We take the number of computations in modulo exponentiation and the cost of the number of exchanged integers between parties. Then, we generalize these costs for <span><math><mi>u</mi></math></span>-based construction. We show that compared with the base-2 representation, different base approach provides efficiency in communication cost or computation cost, or both.</p></div>","PeriodicalId":48638,"journal":{"name":"Journal of Information Security and Applications","volume":"85 ","pages":"Article 103860"},"PeriodicalIF":3.8,"publicationDate":"2024-08-22","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"142041037","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 0
Comprehensively enhancing the security of control with combined homomorphic encryption 利用组合同态加密全面提升控制安全性
IF 3.8 2区 计算机科学
Journal of Information Security and Applications Pub Date : 2024-08-20 DOI: 10.1016/j.jisa.2024.103862
Tongtong Sui , Jizhi Wang , Wen Liu , Lizhen Wang , Lingrui Kong , Yue Zhao
{"title":"Comprehensively enhancing the security of control with combined homomorphic encryption","authors":"Tongtong Sui ,&nbsp;Jizhi Wang ,&nbsp;Wen Liu ,&nbsp;Lizhen Wang ,&nbsp;Lingrui Kong ,&nbsp;Yue Zhao","doi":"10.1016/j.jisa.2024.103862","DOIUrl":"10.1016/j.jisa.2024.103862","url":null,"abstract":"<div><p>Homomorphic encryption is an effective way to address the privacy and security issues of Networked Control Systems (NCSs). Since the control function needs to be redesigned according to the homomorphism to complete encrypted computing, the practical implementation of a perfectly secure and highly efficient NCS is challenging. Previously proposed NCSs based on homomorphic encryption are still subject to the risk of eavesdropping attacks. In this paper, a combined homomorphic encryption scheme is designed to build a secure environment for NCSs. This scheme comprehensively enhances the security of NCSs by eliminating potential security hazards. The risk of eavesdropping attacks on information in the controller and communication channel is avoided. More specifically, the entire control scheme is encrypted and privacy computing within the controller is performed on this basis. Data protection is provided for all transmission channels, including the transmission of the intermediate result and controller state. In particular, the computational efficiency of the encrypted control system is fast and feasible for real-time control. The performance and stability of the closed-loop system are maintained.</p></div>","PeriodicalId":48638,"journal":{"name":"Journal of Information Security and Applications","volume":"85 ","pages":"Article 103862"},"PeriodicalIF":3.8,"publicationDate":"2024-08-20","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"142012121","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 0
0
×
引用
GB/T 7714-2015
复制
MLA
复制
APA
复制
导出至
BibTeX EndNote RefMan NoteFirst NoteExpress
×
提示
您的信息不完整,为了账户安全,请先补充。
现在去补充
×
提示
您因"违规操作"
具体请查看互助需知
我知道了
×
提示
确定
请完成安全验证×
相关产品
×
本文献相关产品
联系我们:info@booksci.cn Book学术提供免费学术资源搜索服务,方便国内外学者检索中英文文献。致力于提供最便捷和优质的服务体验。 Copyright © 2023 布克学术 All rights reserved.
京ICP备2023020795号-1
ghs 京公网安备 11010802042870号
Book学术文献互助
Book学术文献互助群
群 号:481959085
Book学术官方微信