Journal of Information Security and Applications最新文献_第5页

RPCP-PURI: A robust and precise computational predictor for Phishing Uniform Resource Identification

IF 3.8 2区计算机科学

Journal of Information Security and Applications Pub Date : 2024-12-31 DOI: 10.1016/j.jisa.2024.103953

Tayyaba Asif , Faiza Mehmood , Syed Ahmed Mazhar Gillani , Muhammad Nabeel Asim , Muhammad Usman Ghani , Waqar Mahmood , Andreas Dengel

{"title":"RPCP-PURI: A robust and precise computational predictor for Phishing Uniform Resource Identification","authors":"Tayyaba Asif , Faiza Mehmood , Syed Ahmed Mazhar Gillani , Muhammad Nabeel Asim , Muhammad Usman Ghani , Waqar Mahmood , Andreas Dengel","doi":"10.1016/j.jisa.2024.103953","DOIUrl":"10.1016/j.jisa.2024.103953","url":null,"abstract":"<div><div>The widespread growth of internet services has led to a substantial increase in traffic across multifarious online applications such as shopping, transportation, e-commerce, and banking. Cyber-criminals are stealing internet users credentials through Phishing Uniform Resource Locator (PURL). To make sure safe usage of web services, researchers have developed several AI-supported PURL predictors. Prime motivation behind development of each new predictor was to extract comprehensive features from URLS and more accurately discriminate benign and phishing URLs. Different predictors are enriched with diverse types of feature extraction strategies and deep potential exploration of these strategies remain unexplored. With an aim to develop more powerful PURL predictor, contributions of this manuscript are manifold: It brings different sets of feature extraction strategies at single platform and explores their individual as well as combine potential. It evaluates and compare the effectiveness of BERT language model for detection of phishing URLs (PURLs). It presents a novel LSTM and CNN-based hybrid predictor, which utilizes DeepWalk-generated URL embeddings to effectively discriminate between phishing and benign URLs. Extensive experimentation across three public benchmark datasets (EBBU2017, phishing sites URLs and Phishing and benign webpages) demonstrates that proposed hybrid predictor surpasses the performance of existing predictors by 0.2%, 1.9% and 1.2% respectively.</div></div>","PeriodicalId":48638,"journal":{"name":"Journal of Information Security and Applications","volume":"89 ","pages":"Article 103953"},"PeriodicalIF":3.8,"publicationDate":"2024-12-31","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"143170746","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

引用次数: 0

Crypto-space reversible data hiding for 3D mesh models with k-Degree neighbor diffusion

IF 3.8 2区计算机科学

Journal of Information Security and Applications Pub Date : 2024-12-27 DOI: 10.1016/j.jisa.2024.103957

Kai Gao , Ji-Hwei Horng , Ching-Chun Chang , Chin-Chen Chang

引用次数: 0

Hiding speech in music files

IF 3.8 2区计算机科学

Journal of Information Security and Applications Pub Date : 2024-12-24 DOI: 10.1016/j.jisa.2024.103951

Xiaohong Zhang, Shijun Xiang, Hongbin Huang

{"title":"Hiding speech in music files","authors":"Xiaohong Zhang, Shijun Xiang, Hongbin Huang","doi":"10.1016/j.jisa.2024.103951","DOIUrl":"10.1016/j.jisa.2024.103951","url":null,"abstract":"<div><div>In large-capacity audio steganography, how to reduce distortion of the steganographic audio and reconstruct the high-quality secret audio are two crucial issues. In this paper, we propose a new invertible audio steganography network, InvASNet, to conceal secret speech in music files. Firstly, we adopt an orthogonal module to decompose the audio into uncorrelated components. In such a way, we can constrain the embedding of the secret audio into the less perceptible high-frequency subband of the host audio, thereby minimizing potential distortion in the low-frequency subband. Secondly, we consider the concealment and recovery processes as a pair of reversible operations, and then introduce the forward and inverse processes of the invertible neural networks (INNs) to model them, respectively. Compared with existing methods based on convolutional neural networks, our approach possesses a highly reversible structure and can leverage the lost information effectively. Furthermore, to enhance the capability of reversible audio, we develop a feature fitting module to learn more adaptive weights and biases of mappings in INNs. Extensive experimental results show that the proposed InvASNet achieves superior imperceptibility and competitive security in large-capacity steganography.</div></div>","PeriodicalId":48638,"journal":{"name":"Journal of Information Security and Applications","volume":"89 ","pages":"Article 103951"},"PeriodicalIF":3.8,"publicationDate":"2024-12-24","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"143170747","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

引用次数: 0

Efficient and privacy-preserving butterfly counting on encrypted bipartite graphs

IF 3.8 2区计算机科学

Journal of Information Security and Applications Pub Date : 2024-12-22 DOI: 10.1016/j.jisa.2024.103952

Xin Pang , Lanxiang Chen

{"title":"Efficient and privacy-preserving butterfly counting on encrypted bipartite graphs","authors":"Xin Pang , Lanxiang Chen","doi":"10.1016/j.jisa.2024.103952","DOIUrl":"10.1016/j.jisa.2024.103952","url":null,"abstract":"<div><div>Bipartite graphs have numerous real-world applications, with the butterfly motif serving as a key higher-order structure that models cohesion within these graphs. Analyzing butterflies is crucial for a comprehensive understanding of networks, making butterfly counting a significant focus for researchers. In recent years, various efficient methods for exact butterfly counting, along with sampling-based approximate schemes, have been proposed for plaintext bipartite graphs. However, these methods often overlook data privacy concerns, which are critical in real-world scenarios such as doctor–patient and user–item relationships. Additionally, traditional encryption methods do not work due to the nature of graph structures. To tackle these challenges, we propose two schemes for exact <u>b</u>utter<u>f</u>ly <u>c</u>ounting on <u>e</u>ncrypted <u>b</u>ipartite graphs (EB-BFC), enabling butterfly counting for specific vertices or edges to protect privacy of butterfly counting. Firstly, we demonstrate how structured encryption techniques could be used to encrypt the bipartite graph and construct a secure index, resulting in the efficient, privacy-preserving scheme EB-BFC<sub>1</sub>. Secondly, to ensure vertex data privacy, we propose a butterfly counting scheme based on Private Set Intersection, EB-BFC<sub>2</sub>. Finally, we demonstrate the security and efficiency of our proposed schemes through theoretical proofs and experiments on real-world datasets.</div></div>","PeriodicalId":48638,"journal":{"name":"Journal of Information Security and Applications","volume":"89 ","pages":"Article 103952"},"PeriodicalIF":3.8,"publicationDate":"2024-12-22","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"143171135","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

引用次数: 0

PhotonKey: A key pairing system for IoT resource and input constrained devices using light sensors

IF 3.8 2区计算机科学

Journal of Information Security and Applications Pub Date : 2024-12-18 DOI: 10.1016/j.jisa.2024.103926

Danté Gray, Maryam Mehrnezhad

{"title":"PhotonKey: A key pairing system for IoT resource and input constrained devices using light sensors","authors":"Danté Gray, Maryam Mehrnezhad","doi":"10.1016/j.jisa.2024.103926","DOIUrl":"10.1016/j.jisa.2024.103926","url":null,"abstract":"<div><div>IoT environments are in need of key pairing protocols capable of operating within the unique constraints present, namely <em>storage</em>, <em>processing</em>, <em>input</em>, and <em>power</em>. In this paper, we present <em>PhotonKey</em>, a system designed to facilitate the generation of identical cryptographic keys for two resource and input-constrained IoT devices. These keys are derived from the devices’ individual observations of a public light event. Our contributions also extend to a custom, cost-effective hardware solution termed a ‘Synchronisation Machine’, which introduces synchronous rotation patterns to the light-sensing-capable devices during data collection with mechanical precision. This hardware solution serves the dual purpose of facilitating data collection and reducing adversarial capabilities. We evaluate the performance of our system using a large dataset comprising over 1000 samples, far surpassing the scale seen in related works. Finally, we demonstrate PhotonKey’s ability to produce statistically random bit-streams and achieve 0% equal error rates, even in the face of an ‘impossibly well-performing’ adversary.</div></div>","PeriodicalId":48638,"journal":{"name":"Journal of Information Security and Applications","volume":"89 ","pages":"Article 103926"},"PeriodicalIF":3.8,"publicationDate":"2024-12-18","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"143171134","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"OA","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

引用次数: 0

Revisiting boomerang attacks on lightweight ARX and AND-RX ciphers with applications to KATAN, SIMON and CHAM

IF 3.8 2区计算机科学

Journal of Information Security and Applications Pub Date : 2024-12-16 DOI: 10.1016/j.jisa.2024.103950

Li Yu , Je Sen Teh

{"title":"Revisiting boomerang attacks on lightweight ARX and AND-RX ciphers with applications to KATAN, SIMON and CHAM","authors":"Li Yu , Je Sen Teh","doi":"10.1016/j.jisa.2024.103950","DOIUrl":"10.1016/j.jisa.2024.103950","url":null,"abstract":"<div><div>In this paper, we investigate the security of lightweight block ciphers, focusing on those that utilize the <span>ADD</span>-Rotate-XOR (ARX) and <span>AND</span>-Rotate-XOR (<span>AND</span>-RX) design paradigms. More specifically, we examine their resilience against boomerang-style attacks. First, we propose an automated search strategy that leverages the boomerang connectivity table (<span>BCT</span>) for <span>AND</span> operations (<span><math><mrow><mo>∧</mo><mi>B</mi><mi>C</mi><mi>T</mi></mrow></math></span>) to conduct a complete search for boomerang and rectangle distinguishers for <span>AND</span>-RX ciphers. The proposed search strategy automatically considers all possible <span><math><mrow><mo>∧</mo><mi>B</mi><mi>C</mi><mi>T</mi></mrow></math></span> switches in the middle of the boomerang to optimize distinguishing probability. The correctness of the search strategy was verified experimentally. We were able to find the best boomerang and rectangle distinguishers to date in the single-key model for lightweight block ciphers <span>KATAN</span>32/48/64 and <span>SIMON</span>32/48. Next, we investigated <span>BCT</span> properties of ARX ciphers and discovered that a truncated boomerang switch could be formulated for the lightweight ARX cipher, <span>CHAM</span>. We were able to find the best single-key and related-key rectangle distinguishers to date for <span>CHAM</span>. Our findings provide more accurate security margins of these lightweight ciphers against boomerang-style attacks.</div></div>","PeriodicalId":48638,"journal":{"name":"Journal of Information Security and Applications","volume":"89 ","pages":"Article 103950"},"PeriodicalIF":3.8,"publicationDate":"2024-12-16","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"143171133","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"OA","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

引用次数: 0

Robust zero-watermarking algorithm via multi-scale feature analysis for medical images

IF 3.8 2区计算机科学

Journal of Information Security and Applications Pub Date : 2024-12-11 DOI: 10.1016/j.jisa.2024.103937

Xiaochao Wang , Qianqian Du , Ling Du , Huayan Zhang , Jianping Hu

{"title":"Robust zero-watermarking algorithm via multi-scale feature analysis for medical images","authors":"Xiaochao Wang , Qianqian Du , Ling Du , Huayan Zhang , Jianping Hu","doi":"10.1016/j.jisa.2024.103937","DOIUrl":"10.1016/j.jisa.2024.103937","url":null,"abstract":"<div><div>With the rapid growth of information technology, the development and implementation of copyright protection for medical images has become crucial. In this paper, we develop a distinguishable zero-watermarking algorithm via multi-scale feature analysis for medical images. We first detect the global features of the image with speeded-up robust features (SURF) and select the feature regions from the image through texture analysis. Then, we adopt local binary pattern (LBP) to detect the local texture features of these feature areas, and perform singular value decomposition (SVD) to extract the scale features and the detail features; these features are fused to form the feature matrix, and the average hash (aHash) algorithm is applied to the feature matrix to generate the binary feature map. Finally, we perform exclusive-or (XOR) operation between the feature images and the watermark image to generate zero-watermarks, which will be stored in the copyright protection center for further copyright authentication. Experimental results show that the average NC value of the proposed algorithm reaches 0.99 under most attacks, and the average BER of similar image extraction watermark keep below 0.27, which outperforms the current state-of-the-art (SOTA) watermarking algorithms.</div></div>","PeriodicalId":48638,"journal":{"name":"Journal of Information Security and Applications","volume":"89 ","pages":"Article 103937"},"PeriodicalIF":3.8,"publicationDate":"2024-12-11","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"143171132","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

引用次数: 0

A novel PVO-based RDH scheme utilizes an interleaved data embedding technique using dual-pixels

IF 3.8 2区计算机科学

Journal of Information Security and Applications Pub Date : 2024-12-10 DOI: 10.1016/j.jisa.2024.103939

Tuan Duc Nguyen , Thanh Tinh Dao

引用次数: 0

Detection of identity swapping attacks in low-resolution image settings

IF 3.8 2区计算机科学

Journal of Information Security and Applications Pub Date : 2024-12-09 DOI: 10.1016/j.jisa.2024.103911

Akshay Agarwal, Nalini Ratha

{"title":"Detection of identity swapping attacks in low-resolution image settings","authors":"Akshay Agarwal, Nalini Ratha","doi":"10.1016/j.jisa.2024.103911","DOIUrl":"10.1016/j.jisa.2024.103911","url":null,"abstract":"<div><div>While significant advances have been made in high-resolution and well-controlled face images/videos, low-resolution face analytics is a much more complicated and yet unsolved problem. On top of that, if the face images occurring in the low-resolution videos are fake (especially deepfake), then detecting the authenticity of those faces becomes exceptionally challenging. In the literature, several works have been proposed for deepfake detection on high-resolution images. However, no studies tackle the vital aspect of <em>low resolution</em>. In this research, we address this issue and propose a <em>first-ever low-resolution identity swap attack detection algorithm</em>. We assert that due to less information content, even a complex architecture might not be able to learn an effective decision space. Therefore, a novel artifacts amplification and classification algorithm is proposed to handle the lack of information content. We report our results using extensive evaluations using multiple databases, resolution settings ranging from very low-resolution face images of size (<span><math><mrow><mn>16</mn><mo>×</mo><mn>16</mn></mrow></math></span>) to medium resolution (<span><math><mrow><mn>128</mn><mo>×</mo><mn>128</mn></mrow></math></span>), and attack types. These extensive experiments demonstrate the strength of the proposed algorithm and its effectiveness in making it ready for in-the-wild settings. Our results show the novel findings and the superiority of the proposed algorithm compared to existing state-of-the-art works.</div></div>","PeriodicalId":48638,"journal":{"name":"Journal of Information Security and Applications","volume":"89 ","pages":"Article 103911"},"PeriodicalIF":3.8,"publicationDate":"2024-12-09","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"143170752","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

引用次数: 0

TPE-DNA: Approximate thumbnail preserving encryption based on difference expansion and DNA encoding

IF 3.8 2区计算机科学

Journal of Information Security and Applications Pub Date : 2024-12-09 DOI: 10.1016/j.jisa.2024.103938

Dongming Huo , Hanwen Wang , Guangxiang Ji , Chang Cheng , Xiaoqing Song , Lisheng Wei , Chuanzhao Zhang , Chao Han , Xin Zhou

{"title":"TPE-DNA: Approximate thumbnail preserving encryption based on difference expansion and DNA encoding","authors":"Dongming Huo , Hanwen Wang , Guangxiang Ji , Chang Cheng , Xiaoqing Song , Lisheng Wei , Chuanzhao Zhang , Chao Han , Xin Zhou","doi":"10.1016/j.jisa.2024.103938","DOIUrl":"10.1016/j.jisa.2024.103938","url":null,"abstract":"<div><div>As cloud storage technology evolves, a growing user base is uploading client-acquired images to the cloud. However, the storage of unencrypted images on these platforms raises concerns regarding unauthorized data mining and the potential for theft by malicious third parties. Thumbnail preservation encryption (TPE) has been introduced to address the balance between privacy and usability of images stored in the cloud. Existing approximate TPE methods, however, are prone to more information leakage from cipher images and often fail to achieve perfect reconstruction of the plain images. This paper introduces an enhanced approximate TPE strategy that integrates DNA encoding with differential expansion, ensuring that the information exposed by the cipher image is limited exclusively to the thumbnail of the plain image, without compromising additional details. The DNA encoding rules, along with its associated operations and decoding rules, are governed by a piecewise linear chaotic map, with the encryption key derived from the hash value of the plain image to bolster system security. The application of differential expansion facilitates reversible data hiding, enabling the decryption algorithm to accurately reconstruct the plain image without loss. Simulation outcomes confirm the efficacy and reliability of the proposed approximate TPE scheme.</div></div>","PeriodicalId":48638,"journal":{"name":"Journal of Information Security and Applications","volume":"89 ","pages":"Article 103938"},"PeriodicalIF":3.8,"publicationDate":"2024-12-09","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"143171130","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

引用次数: 0